|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)

- OpenSSH 10.4 released
OpenSSH 10.4 has been released. In addition to a number of securityand bug fixes, there are a few notable changes; this release addsexperimental support for a composite post-quantum signature schemecombining ML-DSA 44 and Ed25519 as described in thisIETF draft. With 10.4, if OpenSSH is compiled with sandbox supportit will fail on Linux systems that have not enabled SECCOMPor NO_NEW_PRIVS; prior to this release, sshd would log an errorbut continue operation. See the release notes fora full list of changes.
- [$] The kernel's iomap layer
Conversations about the kernel's filesystem implementations often involve alayer called "iomap", but relatively few people can reliably say what iomapactually is. That is just the kind of gap that LWN exists to fill. Inshort, iomap handles the mapping between data in the filesystem space(identified by a file of interest, and an offset within that file) and inthe storage space (which may be a memory location, or a set of blocks on astorage device). Using that mapping, iomap handles a long list of common,filesystem-related tasks, allowing a lot of boilerplate code to be removedfrom individual filesystem implementations.
- Security updates for Monday
Security updates have been issued by AlmaLinux (container-tools:rhel8, grafana, grafana-pcp, kernel, ruby:2.5, and ruby:3.3), Debian (bird3, chromium, kernel, linux-6.1, mediawiki, nginx, openvpn, php-phpseclib, php8.2, php8.4, and sympa), Fedora (7zip, buildah, chromium, clamav, freerdp, leptonica, mariadb10.11, mariadb11.8, nextcloud, nsd, openqa, openvpn, os-autoinst, pdns, pdns-recursor, perl-Crypt-ScryptKDF, podman, python-jupyter-server, and python-streamlink), Mageia (mariadb and yt-dlp), Slackware (libevent, libseccomp, mozilla, mutt, and php82), SUSE (apache2, containerd, dnsmasq, docker, dracut, firewalld-legacy, gimp, glibc, golang-github-docker-libnetwork, google-guest-agent, gstreamer-plugins-bad, helm, kernel, kernel-devel, keybase-client, kitty, krb5, libarchive, libnfs, libslirp, nilfs-utils, openCryptoki, openQA, openssl-3, pacemaker, pcr-oracle, perl-DBI, perl-List-SomeUtils-XS, podman, python-pip, python-pydata-sphinx-theme, python-tornado6, python3-lxml, python311-mistune, python313-joserfc, rmt-server, sg3_utils, systemd, tracker-miners, and xdg-dbus-proxy), and Ubuntu (cifs-utils, linux-nvidia, linux-nvidia-6.17, linux-raspi-realtime, and ncurses).
- Kernel prepatch 7.2-rc2
The 7.2-rc2 kernel prepatch is out fortesting. Linus said: "It's Sunday afternoon, and rc2 is out. Thingslook very normal - it's not a small rc2, but it's in line with recentreleases, and slightly smaller than rc2 was in 7.1. Let's see how that allcontinues, but so far so good."
- Seven stable kernels for Saturday including two security fixes
Greg Kroah-Hartman has announced the release of the 7.1.3, 6.18.38, 6.12.95, 6.6.144, 6.1.177, 5.15.211, and 5.10.260 stable kernels. Several kernelsin this batch include afix for a vulnerability introduced in the 6.0 kernel in IPv6 (CVE-2026-53362),which couldallow an attacker to escape a container and gain root access.
There is also afix for a use-after-free bug in KVM (CVE-2026-53359)that was introduced in the 2.6.36 kernel. As usual, each stable kernel includesa number of fixes throughout the tree. Users are advised toupgrade.
- Four vulnerabilities in Guix
The GNU Guix project has announcedthree vulnerabilities in the guix substitute utility as wellas a fourth that affects the guix pull and guixtime-machine commands. The impact of the vulnerabilities ranges from remote privilegeescalation to local disclosure of sensitive files.
The remote exploitation of guix substitute only requires that thevulnerable system attempt to download a binary substitute. Anyconfigured substitute server, including ones discovered usingguix-daemon's --discover option, can exploit this, and so can aman-in-the-middle (MITM), regardless of whether https is used in thesubstitute server urls.
The local exploitation of guix substitute only requiresthe ability to connect to guix-daemon's socket, which by default anyuser can do.
Separately, another security issue (CVE ID pending) was identifiedin guix pull and guix time-machine, which enables anyone who cancontrol the channels file used by these commands to cause a file to becreated or overwritten wherever the user running the command inquestion has permission to create them.
The project is recommending that all users upgrade guixand guix-daemon immediately. See the announcement forinstructions, how to test for the vulnerabilities, the disclosuretimeline, and more.
- [$] Limiting negative dentries
A number of problems related to negative directory entries (dentries) werethe topic of a filesystem-track session atthe 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit. Negative dentries areused to indicate that a file of a given name does not exist in a directory;it is an optimization that short-circuits the lookup of the file name whenthe answer is already known.Miklos Szeredi led asession that discussedsome problems that come from having too many negative dentries for adirectory.
- Security updates for Friday
Security updates have been issued by AlmaLinux (389-ds-base, bind9.18, evince, fence-agents, freerdp, frr, frr10, gimp, gnutls, hplip, jmc, mariadb:11.8, mysql:8.4, php:7.4, postgresql-jdbc, postgresql:15, postgresql:16, valkey, xorg-x11-server, and xorg-x11-server-Xwayland), Debian (fastnetmon), Fedora (7zip, apptainer, cpp-httplib, mysql8.4, and nmap), Oracle (freerdp, giflib, glib2, glibc, kernel, libreoffice, libvirt, mariadb:10.11, postgresql, python3.11, python3.12, rrdtool, and thunderbird), Red Hat (buildah, podman, and skopeo), SUSE (alloy, apache2, buildah, c3p0, containerd, crun, cups, dhcpcd, dnsmasq, docker-stable, dracut, editorconfig-core-c, ffmpeg-7, fontforge, google-guest-agent, google-osconfig-agent, graphicsmagick, gstreamer-plugins-bad, gstreamer-plugins-good, helm, jackson-annotations, jackson-core, jackson-databind, jline3, kernel, kubectl-cnpg, lcms2, libslirp, libssh2_org, libxreaderdocument3, openbabel, openssl-3, pacemaker, perl-CGI-Session, perl-list-someutils-xs, python-lxml, python-tornado, python-tornado6, python3-onionshare, python311-python-engineio, sg3_utils, thunderbird, transmission, and trivy), and Ubuntu (cifs-utils, kernel, libvncserver, linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia-tegra, linux-oracle-5.15, linux-raspi, linux-xilinx, nghttp2, nginx, perl, and vim).
- CalyxOS is back
In August 2025, the CalyxOS privacy-focusedAndroid distribution announcedthat it was pausing all releases while it reworked itsrelease process, security protocols, and changed its signing keysfollowing the departure of one of its founders. The project has now announcedthat it is "officially back from the hiatus" with the7.2.2.0 release.
CalyxOS 7.2.2.0 is signed by us using a newHSM-based, open-source signing solution we designed to enhance thesecurity of the entire signing process, ensure redundancy, and removesingle points of failure. You can verify CalyxOS 7.2.2.0 and futurebuilds following theseinstructions. For anyone who is interested, the security auditreport of the HSM provisioning ceremony script can be found here.
In addition, we also went through significant infrastructureimprovements. In particular, we have set up a cleaner server structureto streamline each release. In response to Google's less frequent AOSPsource code releases, our team developed scripts to reduce theoverhead in applying monthly patches and updates. Please keep in mind,additional manual steps are still needed to compensate for AOSPchanges, such as requesting and storing kernel sources with eachupdate. Currently, our lead engineer is continuing the maintenance ofthe base device trees for both LineageOS and CalyxOS to bridge the gapcreated by the absence of Google Pixel device trees.
- Kernel archive /pub tree restoring
A few astute observers have noticed that somecontent on kernel.org had disappeared and were understandablyconcerned. Konstantin Ryabitsev has provided an update viasocial.kernel.org: There was an unfortunate error while changing the kernel.orgprimary/secondary mirroring infrastructure, which resulted in the /pubtree suddenly becoming empty. No data was lost, just public mirrorcopies. Everything is now being restored, but deletes are fast andrestores are slow, so thank you for your patience! The incident isbeing tracked on the Linux Foundation's IT status page.

- Ryzen AI Developer Platform: AMD's Own Linux Distribution Built Atop Debian
With the AMD Ryzen AI Halo developer platform there is the option of ordering this Ryzen AI Max+ mini PC with either Microsoft Windows 11 or "Linux OS". When receiving a AMD Ryzen AI Halo review sample last month, I fully expected it to just be an Ubuntu LTS install with ROCm preloaded. I was quite surprised when powering it up to find that it's an OS called the AMD Ryzen AI Developer Platform 1 "Rex" and is based on Debian Linux.
- 9to5Linux Weekly Roundup: July 5th, 2026
The 299th installment of the 9to5Linux Weekly Roundup is here for the week ending July 5th, 2026, keeping you updated on the most important developments in the Linux world.

- Small AI Models Gain Traction Around the World
locater16 shares a report from IEEE Spectrum: One morning in 2019, Adebayo Alonge was in a Cape Town hotel room, preparing to demonstrate his startup's AI answer to a serious problem in African health care: counterfeit medication, which kills thousands of people across the continent every year. The RxScanner is a handheld spectrometer that scans a pill with infrared light, then sends the item's molecular profile to an AI model equipped with a pharmaceutical database. In seconds, the AI identifies the medication from its molecular profile -- or reports that it's phony. Pharmacies were using the system in more than a dozen countries, including Ghana, Kenya, Myanmar, and Alonge's native Nigeria. But that morning in South Africa, it didn't work. "I was shocked," Alonge says... So Alonge immediately asked his engineers to shrink the AI model down to a smaller, low-power, unconnected version that could run entirely on his Android phone. They produced it 2 hours later, and that saved the demo. More importantly, the work birthed a new version of his device, which can authenticate a pill in places without broadband, computers, or even reliable electricity. It also turned Alonge into an advocate for this kind of "small AI." "The article goes on to detail other immediately useful 'small' AI applications without any subscription or billion dollar data centers needed," writes locator16. For example, Bala Murugan and colleagues at Vellore Institute of Technology in India developed a drone-based system that photographs cashew plants and identifies disease-indicating splotches on the plants. The key advantage is that all processing happens on the drone itself, so farmers do not need a computer, broadband connection, or cloud server access. In a Uruguayan vineyard, researchers developed small-AI systems to identify ant infestations. The article doesn't go deep into the deployment details, but it presents this as another example of a narrow, localized model trained to recognize a specific agricultural threat. Small AI has also been used to detect the presence of malaria-carrying mosquitoes in multiple countries. This is especially useful in regions where public-health teams may lack reliable network access or expensive lab infrastructure, but still need fast, local detection. In parts of Brazil without access to more complex medical equipment, researchers have used small AI to run electrocardiograms from an Arduino device. The article also describes Marcelo Jose Rovai's work on a TinyML model that generates electrocardiograms in a patient simulator lab. Rovai also describes a newer experiment using an Arduino UNO Q with a Qualcomm chipset. The device runs a language model locally, collects sensor data, and analyzes it to detect tiny pools of water where mosquitoes might breed -- while using only about 3 watts of power.
 
Read more of this story at Slashdot.
- Supreme Court Allows Texas To Require Age Verification For Mobile Apps
The Supreme Court allowed Texas to enforce a law requiring app stores to verify users' ages and obtain parental consent before minors can download apps. Tech industry groups argue the law broadly restricts young people's access to digital speech, but the court let a 5th Circuit order stand without explanation or noted dissents. CNN notes that the Supreme Court's decision "doesn't resolve the case but rather will allow Texas to enforce the law while the litigation continues to play out." From the report: "A minor child who downloads a software application from an app store agrees to contractual terms of service, including whether the child's location will be tracked, whether the child's privacy will be protected, whether information from the child's phone can be sold by the developer, and whether the child waives the right to sue," Texas told the Supreme Court in urging the court to allow its law to take effect. But the Computer & Communications Industry Association, a trade group whose members include Apple and Google, said the law would effectively bar young people from accessing a wide range of content, "be it a book by Ernest Hemingway or J.K. Rowling, a Taylor Swift album, or a subscription to National Geographic." Allowing the law to take effect, the group said, would have "profound consequences for the protection of digital speech." [...] In the new case, involving Texas' age verification for apps, a federal district court blocked the law's enforcement in December -- days before it was set to take effect. But a three-judge panel of the conservative 5th US Circuit Court of Appeals put that decision on hold in early June, allowing the state to enforce it. By declining to take up the emergency appeal from the computer and student groups, the Supreme Court has left the 5th Circuit's decision in place.
 
Read more of this story at Slashdot.
- South Korea's SK Hynix Launching $28 Billion US Listing To Ride Global AI Wave
SK Hynix is launching a Nasdaq listing expected to raise about $28 billion, giving US investors easier access to one of the biggest beneficiaries of the AI memory-chip boom. Reuters reports: The company will sell 17.79 million new shares in the depository receipt listing on the Nasdaq. Ten ADRs will represent one common share and the stock will be sold in a price range that is due to be revealed on Monday, based on SK Hynix's Seoul trading price. SK Hynix's share price was down 4% at 2,327,000 won each on Monday, but the stock is up about 273% this year, as it rides surging global investor demand for AI stocks. Korea's KOSPI was down 2.2% on Monday. [...] SK Hynix has been among the world's largest beneficiaries of the AI boom as it outperformed its major rivals Samsung and Micron. "This is more than a liquidity event," said Dave Mazza, the chief executive officer of Roundhill Investments in New York, which manages an exchange-traded fund tracking DRAM manufacturers, which is one of the most popular ways for U.S. investors to trade SK Hynix's stock. "SK Hynix has been one of the most important companies in the world that most U.S. institutions could not easily own." "The listing removes an accessibility discount, not a quality discount." [...] SK Hynix said the proceeds from the listing of the American Depositary Receipts will be used to build chip factories in South Korea and buy chipmaking equipment including an extreme ultraviolet scanner made by Dutch equipment maker ASML. The final price of the New York listing is due to be set on Thursday, ahead of the stock starting trade on Friday, regulatory filings showed. The company's management will meet global investors on a roadshow this week. The deal is expected to be the second-biggest share sale after a record $85.7 billion initial public offering by SpaceX last month, surpassing Saudi Aramco's $25.6 billion IPO in 2019 and Alibaba's similar-sized offering in 2014.
 
Read more of this story at Slashdot.
- Zombie 'Who Owns Unix?' Lawsuit Comes Alive Again
The long-running SCO/IBM Unix and Linux ownership dispute has resurfaced yet again, this time through SCO successor Xinuos, which is trying to pursue old license and copyright claims tied to Project Monterey. "The core issue seems to be whether Xinuos even has the right to litigate the matter, or if some ancient legalese in the original agreements means the window for legal argument has long since expired," reports The Register. From the report: [T]he roots of the case are the 1998 alliance between IBM and a company called the Santa Cruz Operation which sold a version of UNIX for x86 CPUs. Those two companies, plus Intel and Sequent, created "Project Monterey" -- an effort to create a unified version of UNIX that could run on multiple processors. By 2001, Project Monterey was close to delivering a unified UNIX, an achievement made possible by blending code from IBM and SCO. By then, a little project called "Linux" already ran on multiple processors. Big Blue decided Linux was the future and bailed from Project Monterey -- then allegedly contributed some Monterey code to the open-source project and to its own AIX and Z operating systems. SCO felt it owned some of that code, so sued IBM. SCO and its successors struggled to survive, but interested parties kept the lawsuit alive because the chance to emerge as owner of parts of the Linux codebase, and IBM's code, had the potential to turn into a colossal payday. The case and its successors ended in 2021, with a settlement that saw litigants agree to end the matter without IBM admitting fault. But by then, SCO had sold its software to a biz called Xinuos that decided to fight on. The Xinuos case has burbled along quietly since, and on June 22nd reached the milestone of a hearing. The matter has become a little more modern, if only because this hearing was held online and the presiding judge appeared to unwittingly be on mute at one point. But the arguments otherwise seemed to revisit Project Monterey, debated the relevance of past litigation, contested who owned what, when they owned it, and how they could prove it. Xinuos argued IBM never had a license for SCO code. Big Blue argued that it did nothing wrong.
 
Read more of this story at Slashdot.
- Secret Claude Tracker Shocks Users After Anthropic's Anti-Surveillance Stance
An anonymous reader quotes a report from Ars Technica: Anthropic quickly removed a tracker secretly monitoring Claude Code users in China after a security researcher exposed the hidden code and condemned the spyware-like tracking as a "serious breach of user trust." Last week, a web developer known as "Thereallo" was researching privacy issues in Claude Code and was shocked to find that the AI firm was using "prompt steganography" to hide code that tracks Chinese users "in plain sight." This code wasn't malicious, but it was sending information to Anthropic that most users wouldn't detect, relying on shorthand markers to quietly flag users' timezone, proxy, and potential connection to Chinese AI labs that Anthropic has accused of distillation attacks. On X, Anthropic engineer Thariq Shihipar confirmed that the tracker was added to Claude Code as an "experiment" in March. According to Shihipar, the code "was meant to prevent account abuse from unauthorized resellers and protect against distillation." Regarding the former, The Washington Post found unauthorized retailers have sold access to free models for $1 a month, and pro subscriptions that can cost $100 monthly sell for "as little as $12." Supposedly, Anthropic has "actually been meaning to take this down for a while," Shihipar said of the hidden code, because engineers have "landed stronger mitigations since then." Privacy advocates were not happy with the explanation, though, warning that the code is evidence that Anthropic is willing to cross lines to surveil users. That's perhaps especially surprising, considering that Anthropic riled the Trump administration by refusing to allow the US government to use Claude to surveil US users. The AI firm has since sued the White House over the clash. The Post suggested that the tracker incident is a sign that US firms like Anthropic are taking "increasingly aggressive measures" to block Chinese AI firms from copying their models. A more defensive stance has apparently become critical. In the past year, Chinese firms have "consistently matched" US firms' model capabilities "within months," the Post reported. Most recently, "a new, free AI model from Chinese company Zhipu AI was better at finding computer vulnerabilities than Anthropic's Claude Opus 4.8 model, which was released in May," the Post reported.
 
Read more of this story at Slashdot.
- Microsoft Lays Off Nearly 5,000 Employees Across Xbox, Commercial Sales
Microsoft is laying off about 4,800 employees, including 1,600 from Xbox, as it restructures around AI investments and tries to reset its struggling gaming business. "Our business is changing because the world around it is changing. The way technology is built, deployed, and used is transforming faster than at any point in my time here," said Amy Coleman, EVP and chief people officer at Microsoft. "Our customers' needs are shifting, the business models that serve them are shifting, and that means the work itself -- what we do, where we focus, and how we're organized -- has to transform too." She continued: "Companies don't get to choose whether their industry changes; they only get to choose whether they change with it. That means we will need to adjust resources and roles and shift how we operate so we can have the greatest impact for our customers." TechCrunch reports: Coleman stressed that the roles being eliminated today "are not being replaced by AI," but noted, "what is true is that AI is changing how work gets done." "Some of the tasks we do every day can now be automated, and that means we all need to keep learning, keep building new skills, and keep adapting as the work evolves," Coleman wrote. [...] Speaking about the Xbox layoffs, Coleman said little: "We are restructuring to position the business for long-term success. Engineering teams across the company will also evolve their structure and priorities to meet customer needs and innovate for the future." Of today's 4,800 layoffs at Microsoft, 1,600 will hit Xbox, with about 3,200 cuts in total expected through fiscal year 2027, according to Asha Sharma, CEO of Xbox. In an email she sent to employees on Monday, Sharma called this "the most significant restructure in Xbox history." "Our business today is not healthy," Sharma wrote. "We are operating at margins that are 3-10x lower than comparable platform and publishing businesses." She added that Xbox made bets like its monthly subscription service Game Pass, alongside moves to grow its portfolio of content and invest in multi-platform, among other attempts to breathe life into the business. None of those strategies grew at the expected pace, leading to the core business weakening even as Xbox added more teams and investment. "And now the industry is facing the most severe hardware crisis in its history," Sharma said. "We must reset Xbox." As part of the shift, Microsoft will transition four of its gaming studios to operate under new management, ensuring preservation of intellectual property and ongoing projects. Specifically Compulsion Games and Double Fine Productions will return to independent studios, according to Sharma. Ninja Theory and Undead Labs are coming under new ownership with funding to complete and grow some of their more popular games. According to Sharma's memo, Xbox is also flattening management hard, cutting the current 14 management layers to no more than five, but ideally three. As part of this major organization redesign, Xbox is making longtime executive Helen Chiang chief operating officer with end-to-end profit and loss authority across content, hardware, platform, and services. Xbox's restructuring plan centers around narrowing focus by dropping sprawling creative bets that don't produce platform-scale returns, and instead homing in on core strategic pillars like Mojang and King, the businesses behind Minecraft and Candy Crush.
 
Read more of this story at Slashdot.
- Nintendo Switch 2 Is Getting a Replaceable Battery in Europe
Nintendo will stop selling the original Switch in Europe in mid-February 2027, nearly 10 years after the console's launch. In its place, the company will release updated versions of the Switch 2 and several controllers with user-replaceable batteries to comply with new EU regulations. The Verge reports: The news comes as Nintendo is making a bunch of changes to the rest of its lineup due to EU regulations requiring user-replaceable batteries. Starting this summer, the company says it will start introducing updated versions of various devices on "a rolling basis," ahead of the regulations coming into effect on February 18th, 2027. "There is no difference in functionality between current products and revised products containing user-replaceable batteries," Nintendo says. The Switch 2 is the most notable product being updated -- the new version is expected to start rolling out in the fall -- but there will also be versions of the Joy-Con controllers, Joy-Con 2, Switch 2 Pro Controller, and N64 and GameCube Switch controllers with user-replaceable batteries. "Due to a variety of factors, revised products may not become available in all European countries simultaneously," Nintendo notes.
 
Read more of this story at Slashdot.
- Americans of All Ages Are Spending Less Time Socializing
Americans now spend an average of 35 minutes a day socializing, down from 45 minutes two decades ago, according to American Time Use Survey data. The decline spans all age groups but is sharpest among 15- to 24-year-olds, whose daily socializing has fallen from about an hour to 35 minutes. Axios reports: Sociologists and psychologists point to several trends driving this phenomenon, which Substack writer Derek Thompson dubbed "The Anti-Social Century" in the Atlantic last year. We're all on our smartphones, often interacting through screens instead of face to face -- even though social media is no substitute for spending time together in person. Teens, in particular, spend an average of 4.8 hours a day on apps like TikTok, Instagram and Snapchat, according to Gallup. The shift to remote work -- and life -- during the pandemic has persisted, keeping more of us homebound. Longer-term trends are reshaping daily life in ways that make isolation easier. Homes are bigger and more comfortable, with larger TVs. Virtually every restaurant is on a food delivery app, making it easier than ever to stay in. Also contributing to the trend is the decline of gathering spaces, Axios' Avery Lotz writes. A 2025 report from CU Boulder researchers uncovered widespread closures of all kinds of hangout spots -- from libraries to coffee shops to museums -- in the last decade or so. Churches are also shuttering at unprecedented rates, Axios' Russell Contreras reports.
 
Read more of this story at Slashdot.
- Fines Doubled As Teens Outsmart Australia's Social Media Ban
Australia plans to double fines for social media platforms that fail to keep under-16s off restricted services, after regulators found 70% of children with accounts remained active three months after the ban took effect. The government says the changes will also give the eSafety Commissioner more power to demand information from platforms and age-assurance providers as teens continue finding ways around the law. Euronews reports: The government said Sunday it would introduce draft legislation this week doubling the maximum penalty to 99 million Australian dollars (63 million euros) for platforms -- including Facebook, Instagram, Snapchat and TikTok -- that do not take reasonable steps to comply with the ban, which became law on 10 December. Communications Minister Anika Wells blamed the platforms directly. "We can all agree we would like the scheme to work better than it is currently, but that is on Big Tech taking the Mickey," she said, speaking to the Australian Broadcasting Corp on Monday. Wells added that she had received monthly updates from the online safety regulator since March and "we are not seeing improvements." The amendments would also expand the powers of eSafety Commissioner Julie Inman Grant to demand information and documents from platforms -- and from third parties such as age assurance technology providers -- to test claims made by companies about how under-16s continued to circumvent the ban. The government had initially reported more than 5 million children had accounts removed, deactivated or restricted after the legislation passed. But eSafety found in March that 70% of children who held accounts on restricted platforms on the day the ban took effect remained active on Facebook, Instagram, Snapchat and TikTok. Inman Grant said in April she was considering court action against those platforms and YouTube, alleging they were not taking reasonable steps to exclude children. She said she was satisfied with progress made by the remaining restricted platforms: X, Kick, Reddit, Threads and Twitch. Senior opposition lawmaker Jane Hume said her party would consider supporting the reforms, but pinned blame on the original legislation. "The legislation was clearly undercooked in the first place. The eSafety Commissioner wasn't given the powers to be able to pursue these Big Tech companies," she said.
 
Read more of this story at Slashdot.
- Google Ordered to Pay $2 Billion For Anti-Competitive Practices By Swedish Court
Google was ordered to pay almost $2 billion this week to Pricerunner, reports Bloomberg:The Patent and Market Court in Stockholm, which issued the judgment on Wednesday, dismissed most parts of the claim in which Pricerunner sought 80 billion Swedish kronor, or roughly $8.2 billion, in the wake of a European Union antitrust crackdown... The Swedish price-comparison website argued that Google has been abusing its dominant position as a search engine by favoring its own comparison shopping service over competing portals for more than a decade. Wednesday's award compensates for lost revenue caused by Google's preferential treatment of its own comparison-shopping service over independent price-comparison services, conduct that also drives up costs for consumers, [Pricerunner owner] Klarna said in a statement after the judgment... A Google spokesperson said the company doesn't agree with the court's decision and will consider its legal options. [The ruling can be appealed.] Changes implemented in 2017 to Google's platform are working and generating growth and jobs for hundreds of comparison shopping services operating more than 1500 websites across Europe, according to the statement. The litigation is linked to a 2017 decision by the European Commission to fine Google €2.4 billion for illegally leveraging its search dominance to give its own shopping service an edge. The EU decision unleashed a wave of so-called follow-on suits, which were delayed for years as Google appealed the EU fine. Two years ago the EU's top tribunal confirmed that the company did violate antitrust laws — meaning EU-based plaintiffs no longer have to prove that in court. A Berlin court last year ordered the tech giant to pay €573 million in damages to two German price-comparison websites, a ruling Google appealed. Similar cases are pending across Europe.
 
Read more of this story at Slashdot.

- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.

- Vulkan Video H.264/H.265 Encode Now Working For Intel Alchemist GPUs On Linux
Earlier this year Vulkan Video encode was disabled on newer generations of Intel graphics hardware due to insufficient testing with the Intel ANV open-source driver. That impacted Gen12.5 graphics and newer - basically Alchemist and anything newer. Now at least Gen12.5 graphics with the likes of the Arc A-Series is seeing H.264 and H.265 encoding re-enabled...
- Ryzen AI Developer Platform: AMD9s Own Linux Distribution Built Atop Debian
With the AMD Ryzen AI Halo developer platform there is the option of ordering this Ryzen AI Max+ mini PC with either Microsoft Windows 11 or "Linux OS". When receiving a AMD Ryzen AI Halo review sample last month, I fully expected it to just be an Ubuntu LTS install with ROCm preloaded. I was quite surprised when powering it up to find that it9s an OS called the AMD Ryzen AI Developer Platform 1 "Rex" and is based on Debian Linux.
- Intel i915 Driver Nearly Ready To "Work Well" With RT Linux Kernel Sans Display Support
When it comes to the real-time "RT" patches carried outside of the Linux kernel, a number of them pertain to adjustments around the Intel i915 kernel DRM graphics driver. The mainline Linux kernel and its RT support depend upon not building "PREEMPT_RT" for the i915 driver support while patches have been worked on recently for making this Intel kernel graphics driver code play nicely with real-time Linux...
- Pioneer DJM-S11 Professional DJ Mixer To Be Supported By Linux 7.3
The Pioneer DJM-S11 is a professional scratch style 2-channel DJ mixer that retails for $2,269 USD. But if currently connecting this expensive piece of kit to Linux, it does nothing and is unusable. With 87 new lines of code, it will begin to work with the Linux 7.3 kernel later this year...
- Uniwill Laptop Driver Preparing A Number Of Features For Linux 7.3
The Unwill laptop driver on Linux for supporting various device-specific features by that major OEM/ODM will be seeing several new features with the Linux 7.3 cycle later this year. One of the most notable users of the Unwill driver is Bavarian Linux PC vendor TUXEDO Computers...

- Review: iodéOS offers a frictionless de-Googled Android experience
Wherever in the world you go, the smartphone landscape is dominated by Android and iOS, and while this has always been problematic, recent events have made the dependency on two American tech giants for what is probably our most personal computing device even more problematic than it already was. We use our smartphones to keep our secrets, do our banking, interact with our governments, share our deepest thoughts with our friends and family, and a whole lot more. Having this invaluable tool the vast majority of us depend on tied entirely to Google and Apple is not just bad for the market, its also a downright threat to the national security of anyone not living in the US. Here in Europe, theres been an awakening lately, with governments, companies, and people alike finally realising that having our entire digital infrastructure controlled by foreign, adversarial interests is a terrible idea. Sadly, breaking free from our Android and iOS chains is not so easy. The most ideal solution would be a truly open source alternative smartphone operating system, but thats a hard sell for 99.9% of smartphone users who need the applications required to do their finances, talk to their friends, or interact with their governments. The cold and harsh truth is that with very few exceptions, these applications simply do not (yet) exist for smartphone operating systems that arent Android or iOS. The only viable alternative at this point in time is to take whatevers left of the Android Open Source Project, remove anything that ties it to Google and its services, fill in the gaps with alternative services and applications, and sell it as a Google-free or de-Googled Android platform. Theres several projects in this space, and with Europe drunkenly stumbling out of the technological hole it dug itself into, its no surprise that two of the more popular alternatives to Apple or Google-controlled smartphones come from Europe (and from the same country, no less). Today, were taking a look at one of these: iodéOS. Iodé is a company based in Toulouse, France, which focuses on offering a Google-free Android called iodéOS, either preinstalled on phones you can buy, or as a ROM you can install yourself on supported devices. As a company, iodé makes its money through selling devices with iodéOS preinstalled, through an optional premium subscription (that I didnt take a look at), and through donations, and all of their code is published as open source on their Gitlab instance hosted in France. Iodé loaned me a Fairphone 6 with iodéOS preinstalled, one of he many smartphones and tablets they sell through their online store for review. This isnt going to be an Android review; you already know what Android is like, and theres no need for me to rehash any of that. Instead, I want to focus on the things that make using de-Googled Android different from using Google Android. Dont be afraid of microG There are various ways to go about making a de-Googled Android variant, and iodéOS chose the LineageOS route, with microG installed on top. For those unaware, microG is a project which aims to replace the various proprietary parts of Google Play Services, required by many Android applications, with open source reimplementations. While it doesnt offer 100% compatibility, it works exceptionally well, and youll be hard-pressed to find applications just dont work at all with microG. IodéOS updates its microG installation through a dedicated F-Droid repository thats obviously enabled by default, so you dont have to do anything yourself. Using microG instead of Google Play Services doesnt mean you have to rely solely on whatevers available in F-Droid, since there are a variety of alternative Play Store frontends available. IodéOS ships with the Aurora Store, which is an open-source frontend to the Play Store that can be used with or without a Google account. If you use it with your Google account, youll gain access to whatever applications you already own, including paid ones, but you wont be able to buy applications inside Aurora. You can, however, buy an application on the Play Store website, after which it will show up in Aurora as well, assuming youre logged in with the same account. Aurora also comes with something something called FakeStore, which is sadly an important part of the puzzle; its a stub application that has the same package name as the real Play Store. Some applications check whether the Play Store is available before working properly, so this is sadly needed to ensure maximum compatibility. The only issue I sometimes ran into with Aurora is that it would load up its listings, but then any application I tapped on said it was unavailable. When this happened, reloading the Aurora application always fixed the issue. Annoying, but not gamebreaking. A few things did not work for me when using microG on iodéOS, and theyre exactly the things youd expect not to work. If you have a WearOS device, youre out of luck; WearOS devices simply do not work when using microG, but there is a bounty to add support for it. If you want to use a smartwatch with iodéOS, there are various options available, such as Garmin devices, which is what I used during my testing and it worked flawlessly. Another feature from regular! Android that simply wont work is RCS. Theres only one RCS client available on Android, Google Messages, and as you can imagine, Google is in no rush to allow devices without Google Play Services to register for and use RCS messaging. Tying to register with Google Messages will fail, and there are no other RCS clients available (save for a few China and India-specific clients). Theres a microG bounty for this, too, but no luck so far. Of course, there are countless messaging platforms that work just fine on iodéOS regular SMS, WhatsApp, Facebook Messenger, Signal, and so on and especially if youre European, its unlikely RCS support matters to you at all. I just dont
- Improved DEC Alpha emulator runs Windows 2000 for Alpha and OpenVMS and Tru64 with X11
Colour me positively surprised, as I had no idea Alpha emulation had progressed this much. As you might know, Im involved a bit in the OpenVMS community and the Alpha emulation side via AXPBox. AXPBox (github) is a fork of the es40 alpha emulator by Camiel Vanderhoeven (who is now Chief Architect at VSI, the company that makes OpenVMS, for x86 nowdays). There have been many forks of es40 in the past and recently a new one has popped up with some great new features. Like speedups via a JIT compiler, S3 graphics port from MAME and ARC support, resulting in the ability to run Windows 2000 for the DEC Alpha. ↫ Remy van Elst Not only can you run the unreleased Alpha version of Windows 2000 on this forked emulator, its also capable of running OpenVMS and Tru64 UNIX. In fact, both OpenVMS and Tru64 can run their full X11 CDE desktops on the emulator as well, which is incredibly cool and a huge milestone. As the name of the original emulator implies, its emulating an AlphaServer Es40 from the turn of the century, which should be fast enough for enthusiast use. The last AlphaStation ever made, the ES47, is still very high on my list of computers I desperately want but will never have they are incredibly rare, and whenever they do come up for sale, incredibly expensive. If you have one, consider yourself lucky, and please, write about it! Tell the world!
- LineageOS and Androids upcoming developer verification: what it is, and how it affects you
LineageOS, the de-Googled Android ROM that serves as the backbone for pretty much the entire custom Android ROM community, has published an article about what the Android developer verification changes mean for them. I really like the factual tone of their article, especially this part: Critics such as F-Droid, EFF, and “Keep Android Open” point out that this also happens to route every install path through Google-controlled infrastructure, hands Google a kill switch over any app or developer worldwide, and arrives shortly after Google’s antitrust lawsuits. Both things can be true at once: real fraud is a problem and the restriction of developers is a convenient side effect of solving it this way and we’re not in a position to pretend we know Google’s internal reasoning. We’re just telling you what they’ve said and what it changes; you can weigh the “why” yourself. ↫ Nolen Johnson on the LineageOS website For LineageOS, these new verification measures dont really mean much, as they dont affect the projects work or software. The developer verification infrastructure is a separate application that is part of Google Mobile Services, and LineageOS does not ship GMS nor does it ever intend to. As such, they dont have to do anything, as this wont be an issue unless LineageOS users choose to install a GApps package that happens to include the developer verification infrastructure. If Google were to move the developer verification infrastructure into Play Services in the future, LineageOS makes it clear theyll disable it globally, as they have done with a number of other annoying Play Services-provided over-the-air update implementations . There really isnt much more they can do; the rest is up to users and projects that use LineageOS as their base.
- Composite video on the NES: whys it so wobbly?
The Nintendo Entertainment System. Is it the platonic ideal of an 8-bit video game system? Well, only because it’s so prominent and successful– it’s actually kind of an oddball in its expandability and design. But there’s something else about it. The picture is a bit… wobbly. Well, over composite video anyway. Let’s dig in and learn a little big more about the nitty-gritty of composite video. ↫ Nicole Branagan As usual, the information density in this article by Branagan is kind of remarkable, especially when you consider it never overwhelms you. Such a great read.
- ReactOS implements very first NT6 system call
A fairly big moment for the ReactOS project: it has just received its very first system call from NT6. The system call that has been added is NtGetCurrentProcessorNumberEx, which is used for returning the processor number of the logical processor that a caller is running on. It’s unclear how long it will take ReactOS to become compatible with Windows Vista software, but it took Microsoft around half a decade to develop Vista after the release of XP and marked a major upgrade, even if it didn’t land well with users at the time. ↫ Paul Hill at Neowin Its a milestone for sure, but not one thats going to make a huge difference for ReactOS at this moment in time. Still, its a sign of things to come, even if the very nature of the ReactOS project means that whatever things are coming tend to take a while to arrive.
- Microsoft settles centuries of religious debate by providing clearest definition of hell to date: Windows with a website-based shell running only Copilot
For how often people invoke it, the concept of hell! in Christianity is remarkably vague and nebulous, as both the Old and New Testament barely go into detail about the concept. As such, Im glad Microsoft has now given us a clear vision of hell and what, exactly, it looks like, ending centuries of denominational disagreements. Microsoft is currently selling the idea of Windows and Copilot as two separate things: an OS and an assistant riding along on top of it. However, a leaked video shows Project Aion, an internal prototype where Copilot doesnt just sit inside Windows, it becomes Windows, swallowing the Start menu, the taskbar, and three decades of desktop conventions in the process. The footage is reportedly two years old, so Aion is most likely dead by now. But its the clearest look yet at how far Microsoft was willing to take its agentic AI ambitions. ↫ Alfonso Maruccia at Techspot Everything about this is dreadful. Obviously replacing the entire shell with AI! nonsense is the main crime against usability here, but on top of that, this new shell is all just websites, all the way down, so everything is slow and stuttery. Since this runs on something called Win3!, which appears to be a very minimal, stripped-down version of Windows intended to only run the Edge browser engine, you cant run Win32 applications. If you do try to run a Win32 application, it will load the application in a remote virtual machine running in the cloud, which I;m sure does wonder for performance, responsiveness, and latency. We can all thank the lord this project is two years old and most likely cancelled by now, but we have no way of knowing if Microsoft is still intending for this to be the future direction of Windows. Since people dont want to use AI! of their own volition, it only makes sense in the technology industrys sick, twisted mind to force people into using AI! with efforts like this. Consent has never been Silicon Valleys strength, after all. At the time of writing, Microsoft is 225 billion dollars in the red on AI!, so I wouldnt be surprised if attempts to replace the regular Explorer shell with something AI!-based is still very much on the table in Redmond.
- Vulkan-netbsd brings Vulkan to NetBSD
NetBSD is the only BSD without a Vulkan stack (Mesa and Lavapipe), but thats about to change. The effort to bring Vulkan to NetBSD is now in beta, with prebuilt binaries coming soon. Mesa configures, compiles, links, installs, and registers the Lavapipe software Vulkan driver on NetBSD 10.1 amd64, against LLVM 19.1.7. The driver (libvulkan_lvp.so, ~17 MB) installs into /usr/pkg/lib, and its ICD manifest (advertising Vulkan API 1.4) installs into /usr/pkg/share/vulkan/icd.d/, so a Vulkan loader on the system can discover it. ldd resolves every dependency cleanly. The entire process — environment setup, dependency builds, the Mesa build, and installation — is automated end to end and reproducible on a fresh install. ↫ vulkan-netbsd GitHub page Its important to note that the next step in the process is to port the Vulkan loader, which is required to actually run Vulkan applications. This entire effort is still ongoing and seems to be handled mostly by Dean Howell alone, so expect breakage and incomplete documentation as development progresses. Still, this is a hugely important effort, and seeing it this far along is great news.
- EveryMac celebrates 30th birthday
EveryMac turned 30. On July 2, 1996, EveryMac.com launched. Thirty years is a long time and a great deal has changed since then but what has not changed is that EveryMac.com has been there to provide you with detailed info on every Mac from the original 128k to the current line. Thank you very much for your support through the years. ↫ EveryMac news item I thought OSNews was pretty unique with its founding in 1997, so its great to see another enthusiasts website as old as ours. Amazing company to be in, too EveryMac is an indispensable, tirelessly maintained, and stupidly accurate resource that I use countless times each year. Heres to another 30 years.
- Android is almost dead
The clock is ticking for Android as a (somewhat) open platform. If you are running Android 8 or higher, a virus has been installed on your device and is silently awaiting remote activation. Over the past few months, devices around the world have been infected with this novel strain, with as many as 4 billion Android handsets and tablets estimated to have already been contaminated, meaning that around half of all humanity may be at risk from this threat. Disguising itself as the innocuously-titled “Android Developer Verifier” (ADV) process, this trojan horse runs surreptitiously in the background as a system service with full root privileges, quietly awaiting an activation signal. The service cannot be blocked, disabled, or removed. Unlike a commonplace bit of malware, this extraordinary strain won’t be detected and neutralized by Play Protect (the malware scanning and remediation service that is installed on all Android Certified devices). In fact, Play Protect is itself the vector through which this virus is transmitted and installed. That is because it is Google themselves who is propagating ADV. And once activated, this malevolent process has exactly one goal: to block you from running software by developers who haven’t been approved centrally by Google. ↫ The F-Droid news website If nobody steps up, if no regulator takes on Google in this matter, we could very well be looking at the end of F-Droid and similar open source application repositories on Android. I use F-Droid, and in fact, one of the most important and most-used application on my Pixel 10 Pro comes from F-Droid: Fennec. This Firefox fork is not available through any Google-sanctioned means, and I could just wake up one day and have the browser on what is supposed to be my phone stop working. Age verification, tying crucial services to iOS and Google Android, killing the ability to install your own software on your phone, purposefully making people hopelessly addicted to and dependent on AI!, and so much more were facing a multi-pronged attack designed to beat us into submission and give up on the idea of Free computing. I have to admit Ive lost all hope well be able to win this battle, as the combined interests of technology megacorporations and our own governments are just too powerful to fight. I feel like were living in the computing end times.
- WinPE as a stateless harness for Windows driver testing and fuzzing
What if you need to do very low-level testing involving the very guts of Windows NT, but dont need most of the userland that sits on top? In fact, what if that userland only slows you down and complicates the work youre trying to do? The solution is Windows PE (Windows Preinstallation Environment). It is an official, stripped-down environment distributed with every Windows ISO image. It runs entirely in RAM, requires as little as 512 MB of memory, and lacks support for DirectX, the PowerShell subsystem, or the standard graphical shell (Explorer). Booting by default with NT AUTHORITY\\SYSTEM privileges makes it an ideal test harness for both of these tasks. The following analysis focuses on the low-level mechanisms of WinPE, as well as BCD and QEMU modifications that allow transforming this system into an ultra-fast, idempotent testing environment. ↫ Piotr Bednarski Now, the kind of work Bednarski does isnt the most common of tasks, but Ive often wondered just how far you can get by bolting on whatever WinPE will allow you to. There were various unofficial third-party tools that built Windows live CDs based on WinPE, but I think most of those have died out by now. If you look hard enough, you can also find some other utilities people made for WinPE, including even some rudimentary web browsers. Regarding web browsers, modern efforts seem to run into issues. WinPE is not really meant for any advanced functionality, but I really do wonder how capable you can make it without turning it into regular Windows.

- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem. What Is EU OS? EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments. The Vision Behind EU OS The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty. Conclusion EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here. Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1: 1. Linux ARM IDE Support Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started. 2. Web Drag and Drop One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required! 3. Direct App Store Publishing Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process. 4. New Desktop and Mobile Features This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection. 5. Performance and IDE Enhancements Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced. What Does This Mean for Developers? Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution. How to Get Started Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com. Final Thoughts With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you. Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem. Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca. Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers. kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement: Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring. ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners. LibreOffice

- Kubuntu Focus Goes Ultra
The Kubuntu Focus team has upped the performance ante of its M2 and Zr laptops with the latest, greatest CPUs from Intel.
- KDE Linux Drops AUR
KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.
|