|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- [$] Unpacking for Python comprehensions
Unpacking Python iterables of various sorts, such as dictionaries or lists,is useful in a number of contexts, including for function arguments, butthere has long been a call for extending that capability to comprehensions. PEP 798 ("Unpacking inComprehensions") was first proposed in June 2025 to fill that gap. In earlyNovember, the steering council acceptedthe PEP, which means that the feature will be coming to Python 3.15 inOctober 2026. It may be something of a niche feature, but it is aninconsistency that has been apparent for a while—to the point that some Python programmersassume that it is already present in the language.
- PHP 8.5.0 released
Version8.5.0 of the PHP language has been released. Changes include a new"|>" operator that, for some reason, makes these two linesequivalent:
$result = strlen("Hello world"); $result = "Hello world" |> strlen(...);
Other changes include a new function attribute, "#[\NoDiscard]" toindicate that the return value should be used, attributes on constants, andmore; see themigration guide for details.
- Security updates for Friday
Security updates have been issued by AlmaLinux (delve and golang), Debian (webkit2gtk), Oracle (expat and thunderbird), Red Hat (kernel), Slackware (openvpn), SUSE (chromium, grub2, and kernel), and Ubuntu (cups-filters, imagemagick, and libcupsfilters).
- Racing karts on a Rust GPU kernel driver (Collabora blog)
In July, Collabora announcedthe Rust-based TyrGPU driver for Arm MaliGPUs. Daniel Almeida has posted an updateon progress with a prototype of the driver running on a Rock 5B boardwith the Rockchip RK3588 system-on-chip:
The Tyr prototype has progressed from basic GPU job execution torunning GNOME, Weston, and full-screen 3D games like SuperTuxKart,demonstrating a functional, high-performance Rust driver that matchesC-driver performance and paves the way for eventual upstreamintegration! [...]
Tyr is not ready to be used as a daily-driver, and it will stilltake time to replicate this upstream, although it is now clear that wewill surely get there. And as a mere prototype, it has a lot ofshortcuts that we would not have in an upstream version, even thoughit can run on top of an unmodified (i.e., upstream) version ofMesa.
That said, this prototype can serve as an experimental driver andas a testbed for all the Rust abstraction work taking placeupstream. It will let us experiment with different design decisionsand gather data on what truly contributes to the project'sobjective.
There is also a video onYouTube of the prototype in action.
- [$] BPF and io_uring, two different ways
BPF allows programs uploaded from user space to be run, safely, within thekernel. The io_uring subsystem, too, can be thought of as a way of loadingprograms in the kernel, though the programs in question are mostly asequence of I/O-related system calls. It has sometimes seemed inevitablethat io_uring would, like many other parts of the kernel, gain BPFcapabilities as a way of providing more flexibility to user space. Thathas not yet happened, but there are currently two patch sets underconsideration that take different approaches to the problem.
- Security updates for Thursday
Security updates have been issued by AlmaLinux (bind, bind9.18, container-tools:rhel8, expat, grub2, haproxy, idm:DL1, kernel, kernel-rt, lasso, libsoup, libssh, libtiff, pcs, podman, python-kdcproxy, qt5-qt3d, redis, redis:7, runc, shadow-utils, sqlite, squid, vim, webkit2gtk3, xorg-x11-server, xorg-x11-server-Xwayland, and zziplib), Debian (chromium), Oracle (lasso and postgresql), SUSE (erlang27, ghostscript, grub2, kernel, libIex-3_4-33, python312, and sbctl), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux-aws-6.8, linux-fips, linux-aws-fips, linux-gcp-fips, linux-oracle, and mysql-8.0, mysql-8.4).
- [$] LWN.net Weekly Edition for November 20, 2025
Inside this week's LWN.net Weekly Edition:
Front: Hardware architectures; Fedora Flatpaks; Debian hardware support; sockaddr structure; NUMA nodes; Homebrew. Briefs: LightDM security; Debian Libre Live; Xubuntu postmortem; Blender 5.0; Git 2.52.0; Rust in Android; Thunderbird 145; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- Postmortem of the Xubuntu.org download site compromise
In mid-October, the Xubuntudownload site was compromised and had directed users to a maliciouszip file instead of the Torrent file that users expected. ElizabethK. Joseph has publisheda postmortem of the incident, along with plans to avoid such a breachin the future:
To be perfectly clear: this only impacted our website, and the torrentlinks provided there.
If you downloaded or opened a file named "Xubuntu-Safe-Download.zip"from the Xubuntu downloads page during this period, you should assumeit was malicious. We strongly recommend scanning your computer with atrusted antivirus or anti-malware solution and deleting the fileimmediately.
Nothing on cdimages.ubuntu.com or any of the other official Ubunturepositories was impacted, and our mirrors remained safe as long asthey were also mirroring from official resources.
None of the build systems, packages, or other components of Xubuntuitself were impacted.
- GStreamer Conference 2025 video recordings now available
Recordings from the GStreamerConference 2025, held in London in late October, are nowavailable on the GStreamer Conferences Archive site. Includes theGStreamerState of the Union talk by Tim-Philipp Müller, Stateof MPEG 2 Transport Stream (MPEG-TS) by Edward Hervey, and manyothers.
- Sovereign Tech Fund Hiring A New Leader For Driving Open-Source Funding
Germany's Sovereign Tech Fund / Sovereign Tech Agency has been a godsend the past few years for the open-source community. This funding from the German government has led to significant funding for dozens of prominent open-source infrastructure projects to provide more resources for enhancing security, enabling new features, and more. As the Sovereign Tech Fund prepares for the next phase of growth, they are hiring a new head to lead the efforts...
- Linux 6.19 Slated To Land "mm/cid" Rewrite That Has Very Positive Performance Potential
A set of Linux kernel patches posted back in October for rewriting the kernel's memory-mapped concurrency ID code for some nice performance wins looks like it will land for Linux 6.19. This is the code that prominent Intel engineer Thomas Gleixner found to yield up to an 18% improvement for the PostgreSQL database. My testing of this "mm/cid" code has also shown some nice performance wins too...
- LILYGO Expands T-Beam Series With New 1W LoRa GPS Board
LILYGO has introduced the T-Beam 1W, an ESP32-S3 development board that combines LoRa connectivity, GNSS positioning, an OLED display, and SD card storage. It follows the familiar T-Beam layout while adding a higher-power LoRa front end for long-range communication tasks. The system is built around the ESP32-S3FN8, a dual-core Tensilica LX7 processor with 16 MB […]
- Intel Preps Linux KVM For Diamond Rapids' AVX10.2 & Expanded AMX
The latest feature enablement work happening by Intel for the Linux kernel with next-generation Diamond Rapids server processors are the adjustments to the Kernel-based Virtual Machine (KVM) for readying the new CPU ISA capabilities for a virtualized world...
- Updated Steam Runtime Switches To Debian 13 Libraries, SDL2 Using Compatibility Layer
An updated version of the Steam Linux Runtime 4 branch was rolled out that has now shifted from Debian 11 to Debian 13 libraries for some significant upgrades. In the process more libraries have gone x86_64 only in foregoing the i386 builds. In addition, the SDL 2 library support for the Steam Runtime is now provided by sdl2-compat as the compatibility layer for SDL2 atop SDL3...
- Google Must Double AI Serving Capacity Every 6 Months To Meet Demand
Google's AI infrastructure chief told employees the company must double its AI serving capacity every six months in order to meet demand. In a presentation earlier this month, Amin Vahdat, a vice president at Google Cloud, gave a presentation titled "AI Infrastructure." It included a slide on "AI compute demand" that said: "Now we must double every 6 months.... the next 1000x in 4-5 years." CNBC reports: The presentation was delivered a week after Alphabet reported better-than-expected third-quarter results and raised its capital expenditures forecast for the second time this year, to a range of $91 billion to $93 billion, followed by a "significant increase" in 2026. Hyperscaler peers Microsoft, Amazon and Meta also boosted their capex guidance, and the four companies now expect to collectively spend more than $380 billion this year. Google's "job is of course to build this infrastructure but it's not to outspend the competition, necessarily," Vahdat said. "We're going to spend a lot," he said, adding that the real goal is to provide infrastructure that is far "more reliable, more performant and more scalable than what's available anywhere else." In addition to infrastructure build-outs, Vahdat said Google bolsters capacity with more efficient models and through its custom silicon. Last week, Google announced the public launch of its seventh generation Tensor Processing Unit called Ironwood, which the company says is nearly 30 times more power efficient than its first Cloud TPU from 2018. Vahdat said the company has a big advantage with DeepMind, which has research on what AI models can look like in future years. Google needs to "be able to deliver 1,000 times more capability, compute, storage networking for essentially the same cost and increasingly, the same power, the same energy level," Vahdat said. "It won't be easy but through collaboration and co-design, we're going to get there."
 
Read more of this story at Slashdot.
- Tech Company CTO and Others Indicted For Exporting Nvidia Chips To China
An anonymous reader quotes a report from Ars Technica: The US crackdown on chip exports to China has continued with the arrests of four people accused of a conspiracy to illegally export Nvidia chips. Two US citizens and two nationals of the People's Republic of China (PRC), all of whom live in the US, were charged in an indictment (PDF) unsealed on Wednesday in US District Court for the Middle District of Florida. The indictment alleges a scheme to send Nvidia "GPUs to China by falsifying paperwork, creating fake contracts, and misleading US authorities," John Eisenberg, assistant attorney general for the Justice Department's National Security Division, said in a press release yesterday. The four arrestees are Hon Ning Ho (aka Mathew Ho), a US citizen who was born in Hong Kong and lives in Tampa, Florida; Brian Curtis Raymond, a US citizen who lives in Huntsville, Alabama; Cham Li (aka Tony Li), a PRC national who lives in San Leandro, California; and Jing Chen (aka Harry Chen), a PRC national who lives in Tampa on an F-1 non-immigrant student visa. The suspects face a raft of charges for conspiracy to violate the Export Control Reform Act of 2018, smuggling, and money laundering. They could serve many decades in prison if convicted and given the maximum sentences and forfeit their financial gains. The indictment says that Chinese companies paid the conspirators nearly $3.9 million. One of the suspects was briefly the CTO of Corvex, a Virginia-based AI cloud computing company that is planning to go public. Corvex told CNBC yesterday that it "had no part in the activities cited in the Department of Justice's indictment," and that "the person in question is not an employee of Corvex. Previously a consultant to the company, he was transitioning into an employee role but that offer has been rescinded."
Read more of this story at Slashdot.
- British Army Will Use Call of Duty To Train Soldiers
British soldiers are using computer games such as Call of Duty to sharpen their "war-fighting readiness," an Army chief has said. From a report: General Sir Tom Copinger-Symes, the deputy commander of Cyber and Specialist Operations Command, said the war in Ukraine, where remote-operated drones have become crucial on the battlefield, proved the worth of having soldiers skilled in video gaming. The Ministry of Defence on Friday announced the launch of the International Defence Esports Games (IDEG), a video gaming tournament that will pit the best of Britain's "future cyber warriors" against military teams from 40 other countries.
Read more of this story at Slashdot.
- Japan Says World's Largest Nuclear Plant To Restart
The Japanese government said that the world's biggest nuclear plant would restart operations. Semafor: The Kashiwazaki-Kariwa site closed in 2012, as Japan -- which previously generated 30% of its electricity from nuclear power -- shuttered most of its fleet in the wake of the Fukushima meltdown. But like much of the world, it is looking once again to nuclear power for reliable, low-carbon energy, especially in the face of high gas and oil prices following Russia's invasion of Ukraine. It has restarted 14 out of 54 plants and announced plans for a first new reactor since the disaster.
Read more of this story at Slashdot.
- Google Says Hackers Stole Data From Over 200 Companies Following Gainsight Breach
Google confirmed in a statement Friday that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. TechCrunch reports: On Thursday, Salesforce disclosed a breach of "certain customers' Salesforce data" -- without naming affected companies -- that was stolen via apps published by Gainsight, which provides a customer support platform to other companies. In a statement, Austin Larsen, the principal threat analyst of Google Threat Intelligence Group, said that the company "is aware of more than 200 potentially affected Salesforce instances." After Salesforce announced the breach, the notorious and somewhat-nebulous hacking group known as Scattered Lapsus$ Hunters, which includes the ShinyHunters gang, claimed responsibility for the hacks in a Telegram channel, which TechCrunch has seen.
Read more of this story at Slashdot.
- Microsoft Finally Admits Almost All Major Windows 11 Core Features Are Broken
Microsoft has acknowledged in a support article that major Windows 11 core features including the Start Menu, Taskbar, File Explorer and System Settings break after applying monthly cumulative updates released on or after July 2025. The problems stem from XAML component issues that affect updates beginning with July's Patch Tuesday release (KB5062553). The failures occur during first-time user logins after cumulative updates are applied and on non-persistent OS installations like virtual desktop infrastructure setups. Microsoft lists Explorer.exe crashes, shellhost.exe crashes, StartMenuExperienceHost failures and System Settings that silently refuse to launch among the symptoms. The company provided PowerShell commands and batch scripts as temporary workarounds that re-register the affected packages. Both Windows 11 versions 24H2 and 25H2 share the same codebase and are affected. Microsoft said it is working on a fix but did not provide a timeline.
Read more of this story at Slashdot.
- Thunderbird Pro Enters Production Testing Ahead of $9/Month Launch
Thunderbird Pro has moved its Thundermail email service into production testing as the open-source email client's subscription bundle of additional services prepares for an Early Bird beta launch at $9 per month that will include email hosting, encrypted file sharing through Send, and scheduling via Appointment. Internal team members are now testing Thundermail accounts and the new Thunderbird Pro add-on automatically adds Thundermail accounts for users who sign up through it. The project migrated its data hosting from the Americas to Germany and the EU. Appointment received a major visual redesign being applied across all three services while Send completed an external security review and moved from its standalone add-on into the unified Thunderbird Pro add-on. The new website at tb.pro is live for signups and account management.
Read more of this story at Slashdot.
- How Two Janitors Made One of the Year's Most Charming RPGs
Adam Marshall spent more than a decade developing Kingdoms of the Dump while working as a custodian at a school in suburban Philadelphia, cleaning floors and hauling trash bags from 3 PM to 11 PM before coming home to work on his turn-based role-playing game until 5 or 6 AM. The game, which Bloomberg has called "one of the year's most charming RPGs," came out on Tuesday after Marshall and his childhood friend Matt Loiseau -- also a janitor -- built it using RPG Maker alongside a small team of hobbyists who mostly worked for free. The pair launched a Kickstarter campaign in 2019 that raised $76,560, but the pandemic disrupted their plans and forced them to lose contractors and rethink their approach. Marshall maintained this schedule for five years straight before quitting his custodial job last year to finish the game full-time. Kingdoms of the Dump has sold about 7,000 copies since its release. The game stars a walking trashcan named Dustin Binsley who adventures through landfills and sewers in a world made entirely of garbage.
Read more of this story at Slashdot.
- AI Nutrition Tracking Stinks
AI nutrition tracking features in popular fitness apps are producing wildly inaccurate calorie and macro counts despite promises to simplify food logging through automated photo analysis. The Verge tested AI-powered nutrition tools in Ladder, Oura Advisor, January and MyFitnessPal. Ladder's AI estimated the outlet's carefully measured 355-calorie breakfast at 780 calories and got the macro breakdown wrong even after the reviewer manually edited entries to include exact brands and amounts. Oura Advisor routinely mistook matcha protein shakes for green smoothies. January misidentified barbecue sauce as teriyaki sauce and failed to detect mushrooms in a chicken dish. None of the apps could identify healthier ingredient swaps or accurately log ethnic foods. Oura classified a mix of edamame, quinoa and brown rice as mashed potatoes and white rice. Ladder logged dal makhani curry as chicken soup. The AI features require extensive manual corrections that negate any time savings from automated logging, the publication concluded in its scathing review.
Read more of this story at Slashdot.
- Amazon Cut Thousands of Engineers in Its Record Layoffs, Despite Saying It Needs To Innovate Faster
Amazon's 14,000-plus layoffs announced last month touched almost every piece of the company's sprawling business, from cloud computing and devices to advertising, retail and grocery stores. But one job category bore the brunt of cuts more than others: engineers. CNBC: Documents filed in New York, California, New Jersey and Amazon's home state of Washington showed that nearly 40% of the more than 4,700 job cuts in those states were engineering roles. The data was reported by Amazon in Worker Adjustment and Retraining Notification, or WARN, filings to state agencies. The figures represent a segment of the total layoffs announced in October. Not all data was immediately available because of differences in state WARN reporting requirements.
Read more of this story at Slashdot.
- Self-destructing thumb drive can brick itself and wipe your secret files away
Catch: you have to plug it into a computer first
If you’ve ever watched Mission Impossible, where Jim Phelps gets instructions from an audio tape that catches fire after five seconds, TeamGroup has an external SSD with your name on it. The T-Create Expert P35S is a portable USB-powered SSD that comes with a self-destruct button, which wipes all your data and physically renders the device useless.…
- Researchers get inside the mind of bots, find out what texts they trained on
RECAP agent overcomes model alignment efforts to hide memorized proprietary content
If you've ever wondered whether that chatbot you're using knows the entire text of a particular book, answers are on the way. Computer scientists have developed a more effective way to coax memorized content from large language models, a development that may address regulatory concerns while helping to clarify copyright infringement claims arising from AI model training and inference.…
- Makers slam Qualcomm for tightening the clamps on Arduino
But the Wiring folks were disenchanted even before Qualcomm swallowed Arduino
Qualcomm quietly rewrote the terms of service for its newest acquisition, programmable microcontroller and SBC maker Arduino, drawing intense fire from the maker community for grabbing additional rights to user-generated content on its platform and prohibiting reverse-engineering of what was once very open software.…
- Pentagon pumps $29.9M into bid to turn waste into critical minerals
It's unclear how much scandium and gallium ElementUSA will contribute to the supply chain, or when
The US Department of Defense is asserting its desire to be an integral part of the American rare earths and critical minerals supply chain with a deal to establish a domestic pipeline of gallium and scandium production.…
- Google's AI is eating your email by default. Here's how to shut its mouth
Want out of those new 'smart features'? We’ve got you covered
Google's "don't be evil" ethos is so 2015. These days, the Chocolate Factory is all about integrating users with bots, whether they like it or not. Now, it's rolling out Workspace "smart features" that process personal content with AI, and many users are finding the settings enabled by default.…
- SpaceX loses debut V3 Super Heavy in ground test mishap
Redesigned booster ruptures during early checks, delaying latest Starship iteration
SpaceX has responded to Blue Origin's announcement of a heftier version of its New Glenn rocket in the only way it knows how – by accidentally destroying a Starship booster.…
- Four charged over alleged plot to smuggle Nvidia AI chips into China
Prosecutors say front companies, falsified paperwork, and overseas drop points used to dodge US export rules
Four people have been charged in the US with plotting to funnel restricted Nvidia AI chips into China, allegedly relying on shell firms, fake invoices, and covert routing to slip cutting-edge GPUs past American export controls.…
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
- Xen 4.19 is released
Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
The post Xen 4.19 is released appeared first on Linux.com.
- Advancing Xen on RISC-V: key updates
At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]
The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.
- Steam Frame Using Mesa9s Turnip Vulkan Open-Source Driver
In addition to Valve contributing to the open-source Radeon Vulkan driver for enhancing the Linux gaming experience and their AMD-powered Steam Deck, the upcoming Steam Frame VR headset is making use of Mesa's open-source "Turnip" Vulkan driver for Qualcomm Adreno graphics...
- TUXEDO Computers Drops Snapdragon X1 Elite Linux Laptop Plans
Back in mid-2024, the Bavarian Linux PC vendor TUXEDO Computers teased plans for developing a Snapdragon X Elite Linux laptop. Initially they hoped to have it out by Christmas 2024. That didn't happen and now approaching Christmas 2025 they confirmed they have stopped their plans for shipping a Snapdragon X1 Elite laptop for Linux customers...
- Clang 21 Delivering Nice Performance Gains On AMD EPYC Zen 4 With HBM3
One of the areas I9ve been meaning to run more benchmarks on this season has been for the recently released Clang 21 compiler. Back in September when LLVM Clang 21 was debuting I ran some initial benchmarks and found it to deliver some nice performance gains on AMD EPYC Zen 5 but then have been busy with other benchmarks/articles for expanding that testing. Recently with having some spare cycles and gratis access still to the Microsoft Azure HBv5 instance for AMD EPYC Zen 4 with HBM3, I ran some Clang 20 vs. Clang 21 performance benchmarks there for those wondering about any performance benefits of this new compiler release on Zen 4.
- Sovereign Tech Fund Hiring A New Leader For Driving Open-Source Funding
Germany's Sovereign Tech Fund / Sovereign Tech Agency has been a godsend the past few years for the open-source community. This funding from the German government has led to significant funding for dozens of prominent open-source infrastructure projects to provide more resources for enhancing security, enabling new features, and more. As the Sovereign Tech Fund prepares for the next phase of growth, they are hiring a new head to lead the efforts...
- Intel Linux Driver Working To Enable "CMTG" Feature For Lunar Lake Onwards
With Lunar Lake and newer Intel graphics there is a new feature called the Common Mode Timing Generator (CMTG) that so far hasn't been enabled by the open-source Intel Linux graphics driver. But patches being worked on are enabling this CMTG feature that will unlock other functionality moving forward...
- Intel Continues Working On Dynamic PAMT To Reduce Memory Overhead For TDX
One of the improvements that Intel software engineers have been working on for the Linux kernel around their Trust Domain Extensions (TDX) functionality for confidential computing VMs is reducing the memory use. That work is under the Dynamic PAMT umbrella and this week brought the latest iteration of patches to help lower RAM use when engaging TDX for confidential VMs...
- ASUS Armoury Driver Set To Be Introduced In Linux 6.19
Expected to be introduced in the upcoming Linux 6.19 kernel cycle is the ASUS Armoury "asus-armoury" driver for enhancing support for the ASUS ROG Ally gaming handhelds and other ASUS enthusiast/gaming devices under Linux...
- Servo Announces Sponsorship Tiers To Get More Organizations Backing This Browser Engine
The Servo open-source web browser engine has been making good progress in recent times. Long outside the confines of Mozilla and working as a Linux Foundation Europe project, Servo has been advancing thanks to Igalia and other open-source developers while getting by on around ~$5.7k USD per month thanks mostly to donations from individuals. Servo has now announced sponsorship tiers in hopefully to solicit more donations from larger organizations...
- LionsOS: an adaptable OS based on the seL4 microkernel
LionsOS is an operating system based on the seL4 microkernel with the goal of making the achievements of seL4 accessible. That is, to provide performance, security, and reliability. It is not a conventional operating system, but contains composable components for creating custom operating systems that are specific to a particular task. Components are joined together using the Microkit tool. ↫ LionsOS website The project is under active research and development, led by the Trustworthy Systems research group at UNSW Sydney in Australia. The source code is available on GitHub.
- HP, Dell quietly disable HEVC on certain laptops over minute license fee increase
Inter-corporation bullshit screwing over consumers � a tale as old as time. Major laptop vendors have quietly removed hardware decode support for the H.265/HEVC codec in several business and entry-level models, a decision apparently driven by rising licensing fees. Users working with H.265 content may face reduced performance unless they verify codec support or rely on software workarounds. ↫ Hilbert Hagedoornn at The Guru of 3D You may want to know how much these licensing fees are, and by how much they�re increasing next year, making these laptop OEMs remove features to avoid the costs. The HEVC licensing fee is $0.20 per device, and in 2026 it�s increasing to $0.24. Yes, a $0.04 increase per device is forcing! these giant companies to screw over their consumers. Nobody�s coming out a winner here, and everyone loses. We took a wrong turn, but nobody seems to know when and where.
- The why of LisaGUI
LisaGUI is an amazing project that recreates the entire user interface of the Apple Lisa in the browser, using nothing but CSS, a bit of HTML, and SVG files, and it�s an absolute joy to use and experience. Its creator, Andrew Yaros, has published a blog post diving into the why and how of LisaGUI. I had been trying to think of a good project to add to my programming portfolio, which was lacking. Finding an idea I was willing and able to execute on proved harder than expected. Good ideas are born from necessity and enthusiasm; trying to create a project for its own sake tends to be an uphill battle. I was also hoping to think of a specific project idea that hasn�t really been tried before. As you may have guessed by the title of this post, LisaGUI ended up being that project, although I didn�t really set out to make it as much as I stumbled into it while trying to accomplish something else. ↫ Andrew Yaros I�m someone who prefers to run the real thing on real hardware, but in a lot of cases, that�s just not realistic anymore. Hardware like the Apple Lisa are not only hard to find and expensive, they also require considerable knowledge and skill to maintain and possibly repair, which not everyone can do. For these types of machines, virtualisation, emulation, and recreation are much better, more accessible options, especially if it involves hardware and software you�re not interested enough in to spend time and money on them.
- Fixing! the broken Solaris Management Console Oracle won�t fix
In my detailed article about the Sun Microsystems ecosystem of the late 2000s, I mentioned an issue I ran into with the latest (leaked) patchset for Solaris 10, the one from 2020, available on Archive.org. Sun does not make Solaris 10 patches and patchsets from 2014 and later freely available online, restricting them to big enterprise customers with expensive support contracts. The same restrictions apply to mere support documents for Solaris 10, so that issues documented by Oracle, including causes and possible solutions, are only accessible to those with support contracts. The specific issue I ran into is that after installing the 2020 patchset, the Solaris Management Console, a GUI application written in Java with which you can manage certain aspects of your system, would no longer work. It would start up, but any settings panel you tried to load would throw up an RMI_ERR: error unmarshalling return, rendering the SMC effectively non-functional. This problem is documented in Oracle Doc ID 1559490.1, but of course, the Cause and Solution sections are hidden. I like weird commercial UNIX configuration GUIs, so even though you can do all of the SMC�s tasks with command-line tools, I still want it to work. Judging by the error and the countless references to Java updates, it�s easy to figure out that the root cause is an updated version of Java installed by the patchset that the SMC doesn�t like. You�d think uninstalling any relevant patches would solve the problem, but I tried that and it didn�t make a difference, so I was hoping Oracle perhaps had a later patch to fix the issue, or perhaps a proper workaround to get the SMC working again. Well, a screenshot of the remainder of that Oracle Doc ID mysteriously materialised on my Ultra 45 this morning, and it turns out that Oracle just0 Doesn�t care. Honestly, I can�t blame them. Solaris 10 is old, outdated, pure legacy, and the very small number of organisations still using it are probably using it in Solaris Zones on servers anyway, and definitely not as a workstation/desktop operating system. There is zero incentive for Oracle to waste any time trying to fix this issue that, let�s be honest, really only affects one person in the entire world: me. Still, I wanted it fixed, and so I brute-forced a solution. It�s pretty straightforward: just change your default Java version back to one that the Solaris Management Console can work with. While I have Java 1.6.0 and 1.8.0 installed on the Ultra 45, with 1.6.0 being the default, the SMC will only work when 1.5.0 is set as your default Java version. There�s a wide variety of ways to do this, ranging from hatchets to scalpels, but considering nothing else on Solaris 10/SPARC on the Ultra 45 relies on 1.6.0 or later (as far as I can tell, at least), I took a hatchet approach and just changed the /usr/java symlink so that it pointed to 1.5.0 again. It�s that simple. Like I said, there are far more elegant ways of doing this, down to various scripts and other things to force only the SMC to use this specific Java version, but it�s not worth the effort to figure that out, and this works just as well. So, just in case there�s ever going to be a second person looking to fix this problem, here you are. You weird, weird person.
- Microsoft warns its new AI! agents in Windows can install malware
Microsoft has just announced a whole slew of new AI! features for Windows, and this time, they�ll be living in your taskbar. Microsoft is trying to transform Windows into a “canvas for AI,” with new AI agents integrated into the Windows 11 taskbar. These new taskbar capabilities are designed to make AI agents feel like an assistant in Windows that can go off and control your PC and do tasks for you at the click of a button. It’s part of a broader overhaul of Windows to turn the operating system into an “agentic OS.” Microsoft is integrating a variety of AI agents directly into the Windows 11 taskbar, including its own Microsoft 365 Copilot and third-party options. “This integration isn’t just about adding agents; it’s about making them part of the OS experience,” says Windows chief Pavan Davuluri. ↫ Tom Warren at The Verge These AI! agents will control your computer, applications, and files for you, which may make some of you a little apprehensive, and for good reason. AI! tools don�t have a great track record when it comes to privacy � Windows Recall comes to mind � and as such, Microsoft claims this time, it�ll be different. These new AI! agents will run in what are essentially dedicated Windows accounts acting as sandboxes, to ensure they can only access certain resources. While I find the addition of these AI! tools to Windows insufferable and dumb, I�m at least glad Microsoft is taking privacy and security seriously this time, and I doubt Microsoft would repeat the same mistakes they made with the entirely botched rollout of Windows Recall. in addition, after the Cloudstrike fiasco, Microsoft made clear commitments to improve its security practices, which further adds to the confidence we should all have these new AI! tools are safe, secure, and private. But wait, what�s this? Additionally, agentic AI applications introduce novel security risks, such as cross-prompt injection (XPIA), where malicious content embedded in UI elements or documents can override agent instructions, leading to unintended actions like data exfiltration or malware installation. ↫ Microsoft support document about the new AI! features Microsoft�s new AI! features can go out and install malware without your consent, because these features possess the access and privileges to do so. The mere idea that some application � which is essentially what these AI! features really are � can go out onto the web and download and install whatever it wants, including malware, on your behalf!, in the background, is so utterly dystopian to me I just can�t imagine any serious developer looking at this and thinking yeah, ship it!. I�m living in an insane asylum.
- Run old versions of UNIX for PDP-11 and x86 on modern hardware
The contents of this repository allow older versions of UNIX (ancient UNIX) to run easily on modern Unix-like systems (Linux, FreeBSD, macOS, among others). ↫ Run ancient UNIX GitHub page With the guides in this repository, you can easily run Versions 1/5/7 UNIX and 2.11BSD UNIX for the PDP-11 and Version 7 UNIX for x86 (ported to x86 by Robert Nordier in 1999, with patches in 2006-2007). That�s it.
- Living my best Sun Microsystems ecosystem life in 2025
In my lifetime, there�s been one ecosystem I deeply regret having missed out on: the Sun Microsystems ecosystem of the late 2000s. At that time, the company offered a variety of products that, when used together, formed a comprehensive ecosystem that was a fascinating, albeit expensive alternative to Microsoft and Apple. While not really intended for home use, I�ve always believed that Sun�s approach to computing would�ve made for an excellent computing environment in the home. Since I was but a wee university student in the late 2000s living in a small apartment, I did not have the financial means nor the space to really test this hypothesis. Now, though, Sun�s products from that era are decidedly retro, and a lot more approachable � especially if you have incredibly generous readers. So sit down and buckle up, because we�ve got a long one today. If you wish to support OSNews and longform content like this, consider becoming a Patreon or donating to our Ko-Fi. Note that absolutely zero generative AI! was used in the writing of this article. No AI! writing aids, no AI! summaries, no ChatGPT, no Gemini search nonsense, nothing. I take pride in doing research and writing properly, without the aid! of digital parrots with brain damage, and if there�s any errors, they�re mine and mine alone. Take pride in your work and reject AI!. The Ultra 45: the central hub In the early 2000s, it had already become obvious that the future of workstations lied not with custom architectures, bespoke processors, and commercial UNIX variants, but with standard x86, off-the-shelf Intel and AMD processors, and Windows and Linux. The writing was on the wall, everyone knew it, and the ensuing consolidation on x86 turned into a veritable bloodbath. In the �80s and �90s, many of these ISAs were touted as vastly superior x86 killers, but fast-forward a decade or two, and x86 had bested them all in both price and performance, leaving behind a trail of dead ISAs. Never bet against x86. Virtually none of the commercial UNIX variants survived the one-two punch of losing the ISA they were married to and the rising popularity of Linux in the workstation space. HP-UX was tied to HP�s PA-RISC, and both died. SGI�s IRIX was tied to MIPS, and both died. Tru64 was tied to Alpha, and both died. The two exceptions are IBM�s AIX and Sun�s Solaris. AIX workstations were phased out, but AIX is still nominally in development for POWER servers, but wholly inaccessible to anyone who doesn�t wear a suit and has a massive corporate spending budget. Solaris, meanwhile, which had long been available on x86, saw its own! ISA SPARC live on in the server space until roughly 2017 or so, and was even briefly available as open source until Oracle did its thing. As a result, Solaris and its derivative Illumos are still nominally in active development, but in the grand scheme of things they�re barely even a blip on the radar in 2025. Never bet against Linux. During these tumultuous times, the various commercial UNIX vendors all pushed out systems that would become the final hurrahs of their respective UNIX workstation lines. DEC, then owned by HP, released its AlphaStation ES47 in 2003, marking the end of the road for Alpha and Tru64 UNIX. HP�s own PA-RISC architecture and HP-UX met their end with the HP c8000 (which I own), an all-out PA-RISC monster with two dual-core processors running at 1.1GHz. SGI gave its MIPS line of machines running IRIX a massive send-off with the enigmatic and rare Tezro in 2003. In 2005, IBM tried one last time with the IntelliStation POWER 285, followed a few months later by the heavily cut-down 185, the final AIX workstation. And Sun unveiled the Ultra 45, its final SPARC workstation, in 2006. Sun was already in the middle of its transition to x86 with machines like the Sun Java Desktop System and its successors, the Ultra 20 and 40, and then surprised everyone by reviving their UltraSPARC workstation line with the Ultra 25 and 45, which shared most � all? � of their enclosures with their x86 brethren. They were beautiful, all-aluminium machines with gorgeous interior layouts, and a striking full-grill front, somewhat inspired by the PowerMac G5 of that era. And ever since the Ultra 45 was rumoured in late 2005 and then became available in early 2006, I�ve been utterly obsessed with it. It�s taken almost two decades, but thanks to an unfathomably generous donation from KDE e.V. board member and FreeBSD contributor Adriaan de Groot, a very unique and storied Sun Ultra 45 and a whole slew of accessories showed up at my doorstep only a few weeks ago. Let�s look back upon this piece of history that is but a footnote to most, but a whole book to me � and experience Sun�s ecosystem from around 2006, today. First and foremost, I want to express my deep gratitude to Adriaan de Groot. Without him, none of this would have been possible, and I can�t put into words how grateful I am. He donated this Ultra 45 to me at no cost � not even the cost of shipping � and he also shipped another box to me containing a few Sun Ray thin clients, completing the late 2000s Sun ecosystem I now own. Since the Ultra 45 was technically owned by KDE e.V. � more on that below � I�d also like to thank the KDE e.V. Board for giving Adriaan permission for the donation. I�d also like to thank Volker A. Brandt, who sent me a Sun Ray 3, a few Ultra 45 hard drive brackets, and some other Sun goodies. The Sun Ultra 45 De Groot sent me was a base model with an upgraded GPU. It had a single UltraSPARC IIIi 1.6Ghz processor, 1GB of RAM, and the most powerful GPU Sun ever released for its SPARC workstation line, the Sun XVR-2500, a rebadged 3Dlabs Wildcat Realizm with
- Using Rust in Android speeds up development considerably
Google has been using Rust in Android more and more for its memory safety characteristics, and the results on that front were quite positive. It turns out, however, that not only does using Rust reduce the number memory safety issues, it�s also apparently a lot faster to code in Rust than C or C++. We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code. But the biggest surprise was Rust�s impact on software delivery. With Rust changes having a 4x lower rollback rate and spending 25% less time in code review, the safer path is now also the faster one. ↫ Jeff Vander Stoep at the Google Security Blog When you think about it, it actually makes sense. If you have fewer errors of a certain type, you�ll spend less time fixing those issues, time which you can then spend developing new code. Of course, it�s not that simple and there�s a ton more factors to consider, but on a base level, it definitely makes sense. Spellcheck in word processors means you have to spend less time detecting and fixing spelling errors, so you have more time to spend on actually writing. I�m sure we�ll all be very civil about this, and nobody will be weird about Rust at all.
- Haiku gets new guarded heap for the kernel
Another month, another Haiku activity report, and this time we�ve got a major change under the hood: a brand new guarded heap. The old guarded heap was suboptimal and had started to lag behind, so the new one attempts to rectify some of these shortcomings. So, to rectify these limitations, I rewrote the kernel guarded heap more or less from scratch, taking the old code into account where it made sense but otherwise creating entirely new bookkeeping structures, interacting directly with the page table and virtual memory systems, and more. This new guarded heap implementation frees physical pages when not in use, meaning that the “virtual memory reuse disabled” mode now runs for quite long periods of time (indeed, I could successfully boot to the desktop and run compile jobs.) It also prints more diagnostics when kernel panics due to memory faults inside the heap happen, which the old kernel guarded heap didn’t (but the userland one has always done). ↫ Haiku�s activity report for October The new guarded heap is optional for now, but Haiku is planning on releasing some pre-built test builds so users can start testing it out. Of course, this isn�t the only change or improvement from this past month � the list of changes is long, but there�s no real tentpole features here. Haiku�s development pace is still very much on track.
- Google cancels plans to require Android application certification outside of the Play Store
Only a few months ago, Google announced it was going to require that all Android applications � even those installed outside of the Play Store � had to be verified. This led to a massive backlash, and it seems our protests and complaints have had effect: the company announced a change in plans today, and will, in fact, not require certification for installing applications outside of the Play Store. Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn�t verified. We are designing this flow specifically to resist coercion, ensuring that users aren�t tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands. We are gathering early feedback on the design of this feature now and will share more details in the coming months. ↫ Matthew Forsythe Director at the Android Developers Blog While this is great news, I�m still concerned this is only temporary. Companies like Google have a tendency to announce some draconian measure to test the waters, walk it back in response to backlash, only to then reintroduce it through some sneaky backdoor a year later when nobody�s looking. Installing whatever we want on the devices we own should be a protected right, not something graciously afforded to us by our corporate overlords. If you think this is the end of this story, you�re a fool.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- KDE Unleashes Plasma 6.5
The Plasma 6.5 desktop environment is now available with new features, improvements, and the usual bug fixes.
- LMDE 7 Now Available
Linux Mint Debian Edition, version 7, has been officially released and is based on upstream Debian.
|
