All the News that Matters

• Python: The Documentary
  Attendees at EuroPython had the chance to preview part ofPython: The Documentary during akeynote panel. The full film, created by CultRepo, is now available on YouTube:
  
  This is the story of the world's most beloved programming language:Python. What began as a side project in Amsterdam during the 1990sbecame the software powering artificial intelligence, data science andsome of the world's biggest companies. But Python's future wasn'tcertain; at one point it almost disappeared.
  
  This 90-minute documentary features Guido van Rossum, TravisOliphant, Barry Warsaw, and many more, and they tell the story ofPython's rise, its community-driven evolution, the conflicts thatalmost tore it apart, and the language's impact on... well...everything.
  
  The videoof the keynote is also available.
  
  
  

• Seven stable kernels for Thursday
  Greg Kroah-Hartman has announced the release of the 6.16.4, 6.12.44, 6.6.103, 6.1.149, 5.15.190, 5.10.241, and 5.4.297 stable Linux kernels. Each onecontains important fixes.
  
  
  

• [$] Changing GNOME technical governance?
  The GNOME project, which recently celebrated its28th birthday, has never had a formal technical governance; progresshas been driven by individuals and groups that advocated for—and workedtoward—a particular goal in an ad hoc fashion. Longtime GNOME contributorEmmanuele Bassi would like to see that change by adding cross-project teamsand a steering committee for the project; to that end, he gave a talk (YouTubevideo) at GUADEC 2025in late July on his idea to establish some technical governance for theproject. He also put together a blogpost with his notes from the talk. The audience reaction wasfavorable, so he has followed up on the GNOME discussion forum with an RFC ongovernance to try to move the effort along.

• Security updates for Thursday
  Security updates have been issued by AlmaLinux (aide, firefox, kernel, and mod_http2), Debian (chromium and unbound), Fedora (mod_auth_openidc), Oracle (fence-agents and kernel), SUSE (ignition, jetty-minimal, kernel, libmozjs-128-0, matrix-synapse, postgresql13, postgresql15, postgresql16, and postgresql17), and Ubuntu (kernel).

• [$] LWN.net Weekly Edition for August 28, 2025
  Inside this week's LWN.net Weekly Edition:
  Front: Groklaw takeover; CRL cache sharing; browsers and XSLT; Microdot; restartable sequences; shadow-stack control Briefs: Android restrictions; Arch services; GhostBSD 25.02; FFmpeg 8.0; PyCon videos; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.

• Rosenzweig: Dissecting the Apple M1 GPU, the end
  Alyssa Rosenzweig has written a blog postabout her work to help ship a "great driver" for the Apple M1GPU that supports OpenGL, Vulkan, and enables gaming with Proton.
  
  We've succeeded beyond my dreams. The challenges I chased, I havetackled. The drivers are fully upstream in Mesa. Performance isn't toobad. With the Vulkan on Apple myth busted, conformant Vulkan is nowcoming to macOS via LunarG'sKosmicKrisp project building on my work.
  
  Satisfied, I am now stepping away from the Apple ecosystem. Myfriends in the Asahi Linux orbit will carry the torch from here.
  
  Rosenzweig indicates her next project will be working on Intel'scovered her talk on AppleM1/M2 GPU drivers in October 2024.
  
  
  

• [$] The tangled web of XSLT browser support
  The ExtensibleStylesheet Language Transformations (XSLT) language is used by webbrowsers to style XML content to make it easily readable; XSLT is part of theHTML livingstandard that is maintained by the Web Hypertext Application TechnologyWorking Group (WHATWG). Only a small fraction of web sites servecontent that requires web browsers to support XSLT, in part becausemajor browser implementations have neglected the technology over the past 25years. Now, it seems, they would like to rid themselves of itentirely. A planto disable XSLT in Blink (Chrome's rendering engine) and a pull request bya Google Chrome developer to remove mentions of the specification fromthe HTML standard have been met with opposition, but arguments infavor of XSLT have proven ineffective.
  

• GhostBSD 25.02 released
  The GhostBSD project has released version 25.02 of theFreeBSD-based desktop operating system. This release brings GhostBSDup to date with FreeBSD 14.3,includes enhancements for the Software Station package managementapplication, and introduces an "OS X-like" desktop environmentbased on GNUstep called Gershwin:
  
  This early preview includes:
  GNUstep-based desktop environment with familiar OS X-styleinterfaceSeamless integration with GhostBSD tools through wrappers forinstaller, Software Station, Backup Station, and Update StationSupport for running non-GNUstep applications alongside GNUstepappsSeveral included GNUstep applications to get you started
  LWN covered GhostBSDin June 2024.
  

• [$] The need to reliably preserve our community history
  The Internet is a wonderful thing; it allows anybody to look upinformation of interest. Included in all of that is the history of thefree-software development community; how we got to where we are says a lotabout why things are the way they are and what might come next. So thetakeover of Groklaw rings a loud alarm; we have been reminded that historystored on the Internet is an ephemeral thing and cannot be expected toremain available forever.

• Security updates for Wednesday
  Security updates have been issued by Debian (node-cipher-base), Fedora (keylime-agent-rust and libtiff), Oracle (aide, kernel, mod_http2, pam, pki-deps:10.6, python-cryptography, python3, python3.12, and thunderbird), SUSE (cheat, ffmpeg, firebird, govulncheck-vulndb, postgresql17, tomcat, tomcat10, tomcat11, ucode-intel-20250812, and v2ray-core), and Ubuntu (binutils, gst-plugins-base1.0, gst-plugins-good1.0, and linux-raspi-realtime).

Linux Insider"LinuxInsider"

• TuxCare’s In-Memory CVE Scanner Enhances Linux Security With Radar
  TuxCare Radar is an in-memory CVE scanner that reduces false positives, speeds compliance, and delivers real-time Linux vulnerability detection. The post TuxCare’s In-Memory CVE Scanner Enhances Linux Security With Radar appeared first on LinuxInsider.

• Linux Patch Blind Spot Exposes Critical Cybersecurity Risks
  Linux patch delays leave enterprises exposed to long-standing vulnerabilities. Experts warn automation and consistent management are essential to closing this critical security gap. The post Linux Patch Blind Spot Exposes Critical Cybersecurity Risks appeared first on LinuxInsider.

• The Year of the Linux Desktop? This Time, the Data Says Yes
  Linux is making real gains on the desktop. New data shows its market share passing 5% in the U.S., signaling a long-awaited breakthrough. The post The Year of the Linux Desktop? This Time, the Data Says Yes appeared first on LinuxInsider.

• From Kernel to Cloud: Open Source Takes On Security Trade-Offs
  Open-source systems are adopting live patching and isolation technologies to support always-on security and meet enterprise compliance demands in the cloud. The post From Kernel to Cloud: Open Source Takes On Security Trade-Offs appeared first on LinuxInsider.

• Kubernetes Cost Optimization May Be Doing More Harm Than Good
  Slashing Kubernetes costs sounds smart — until it backfires. Here’s how to reduce spend safely while improving platform stability and speed. The post Kubernetes Cost Optimization May Be Doing More Harm Than Good appeared first on LinuxInsider.

• Is a Security Baseline Enough for Open-Source Software?
  The OpenSSF’s new baseline sets minimum security expectations for open-source projects — but not all developers agree it’s practical, scalable, or sufficient. The post Is a Security Baseline Enough for Open-Source Software? appeared first on LinuxInsider.

• DOD Raises Software Security Expectations With SWFT Initiative
  Open-source software may be in the crosshairs of military and government agencies as the U.S. Department of Defense evaluates the risks of both free and proprietary software. The post DOD Raises Software Security Expectations With SWFT Initiative appeared first on LinuxInsider.

• Edera and CIQ Advance Linux Security With Hardened Tools
  With Edera Protect and CIQ's RLC-H, open-source innovators are redefining Linux security through stronger isolation and proactive threat defense. The post Edera and CIQ Advance Linux Security With Hardened Tools appeared first on LinuxInsider.

• Powerful Mini-PCs Provide Efficient Replacement for Desktop Computers
  I’d been curious about the performance of mini-PCs, so I finally bit the bullet and replaced an aging laptop and failing desktop with much smaller units. The post Powerful Mini-PCs Provide Efficient Replacement for Desktop Computers appeared first on LinuxInsider.

• Open Source Security at Risk From Poor Oversight
  As attacks grow more sophisticated, the open-source community is racing to close critical security gaps and stop malicious code before it spreads. The post Open Source Security at Risk From Poor Oversight appeared first on LinuxInsider.

• Techie fooled a panicked daemon and manipulated time itself to get servers in sync
  Network Time Protocol sometimes needs help from a temporal cops
  On Call Why, look at the time! 7:30 AM on Friday morning, the moment at which The Register regularly runs a fresh instalment of On Call, the reader-contributed column that shares your finest tech support stories.…
  

• China turns on giant neutrino detector that took a decade to build
  700 meters under a mountain, a 20,000-tonne detector and a giant sphere await elusive particles
  More than a decade after construction began, China has commenced operation of what it claims is the world’s most sensitive neutrino detector.…
  

• China’s KylinOS Linux takes a great leap forward to v11 and kernel 6.6
  Supports several Chinese chips and GPUs – and of course it has AI inside
  China’s KylinSoft has delivered a major update to its flagship Linux, which Beijing hailed as a great leap forward for the nation’s ambition to develop operating systems that match and exceed the capabilities of western products.…
  

• FBI cyber cop: Salt Typhoon pwned 'nearly every American'
  Plus millions of other people across 80+ countries
  China's Salt Typhoon cyberspies hoovered up information belonging to millions of people in the United States over the course of the years-long intrusion into telecommunications networks, according to a top FBI cyber official.…
  

• Older developers are down with the vibe coding vibe
  They use AI more but also check it more
  For those who thought AI vibe coding was just for the youngsters, newly published research shows that developers with over 10 years of experience are more than twice as likely to do it.…
  

• Microsoft unveils home-made ML models amid OpenAI negotiations
  Microsoft AI honcho insists partnership with Sam Altman's brainbox behemoth is alive and well
  Microsoft has introduced two home-grown machine learning models, potentially complicating negotiations with its current favored model supplier, OpenAI.…
  

• Five years – that's how long Anthropic will store Claude chats unless you opt out
  My brain hurts a lot
  Claude creator Anthropic has given customers using its Free, Pro, and Max plans one month to prevent the engine from storing their chats for five years by default and using them for training.…
  

• DOGE delayed deals, says Nutanix
  But private cloud contender sees upside in its modernization mission
  Donald Trump's DOGE cost-cutting unit has made it harder to do business with the US federal government, according to private cloud contender Nutanix.…
  

• vSphere upgrades are not near the top of VMware's to-do list
  Nor is its Arm port
  When VMware delivered its Cloud Foundation 9 suite in June, it marked the end of a two-year push to integrate its compute, storage, and networking products. What’s next for the Broadcom business unit? At the VMware Explore conference this week, The Register sniffed out a few other items on its to-do list.…
  

• DHS says it needs $100M worth of counter-drone tech to protect America
  Our drones are OK, but those other drones?
  The US Department of Homeland Security has revealed plans to spend more than $100 million on systems designed to take out hostile drones.  …
  

• Armbian 25.8.1 Brings Expanded Board Support, Linux 6.16 Option For Many Boards
  Armbian 25.8.1 is now available as a significant update over the Armbian 25.5 release for this Debian-based Linux distribution focused on offering broad support for ARM64 and RISC-V single board computers as well as other devices...

• OBS Studio 32 Beta Introduces A Plugin Manager, Hybrid MOV Support
  Released overnight in beta form is OBS Studio 32.0, the next feature release for this widely-used, open-source and cross-platform application for desktop streaming/recording...

• Linux 6.17 Showing Off Some Nice Gains For 5th Gen AMD EPYC "Turin" Performance
  Earlier this week I provided benchmarks looking at the Linux 5.15 LTS through Linux 6.17 Git kernel performance using the latest stable and development kernels compared to the Long Term Support (LTS) kernels over the past four years. For having hardware support back to Linux 5.15 I was using an AMD EPYC Milan-X server. In those benchmarks there were some nice gains and even from Linux 6.16 to 6.17 Git was around a 3% geo mean improvement. So I was curious to run some benchmarks on the latest-generation AMD EPYC 9005 "Turin" processors to see if there was similar uplift there...

• TrueNAS 25.10 Beta Brings Installation Improvements, NVIDIA Blackwell Support
  The engineers over at iXsystems announced today the beta release of TrueNAS 25.10 "Goldeneye" as the latest iteration of this formerly BSD-based OS that has transitioned to making use of the Linux kernel while unifying both the TrueNAS CORE and SCALE offerings...

• Apple M2 Pro / Max / Ultra Device Trees Under Review For The Linux Kernel
  While the Asahi Linux project has faced some setbacks, such as most recently with Alyssa Rosenzweig leaving the project and still working to bring-up M3/M4 support, the upstreaming effort by Asahi Linux developers to get their changes to the upstream Linux kernel continues...

• AMD ISP4 Driver Updated As It Nears The Mainline Linux Kernel
  Posted today to the Linux kernel mailing list was the patch series for introducing the AMD ISP4 driver to the mainline kernel. This supports the image signal processor IP that to date is found with HP's Strix Halo powered ZBook Ultra G1a laptop. With time, future AMD Ryzen laptops will also likely be leveraging this ISP technology for offloading more webcamera work from the CPU, but for now the HP ZBook Ultra G1a is the main beneficiary of this open-source driver...

• Ubuntu 25.10 Questing Snapshot 4 Released For Monthly Testing
  The newest monthly snapshot of Ubuntu 25.10 is now available for testing and is the final planned monthly snapshot prior to the October release of the Questing Quokka...

• Mesa9s LLVMpipe Driver Adds Support For 8x MSAA
  The newest feature addition for Mesa 25.3 is enabling support 8x multi-sample anti-aliasing (MSAA) within the LLVMpipe software rasterizer...

• Linux Patches To Unconditionally Enable Architecture-Optimized BLAKE2s Support
  While Linus Torvalds doesn't too often like new kernel options being enabled by default, one area where it has proven beneficial and otherwise an oversight by those configuring their own kernel builds is the architecture-optimized crypto algorithm implementations. Some will enable support for different kernel crypto algorithms only to forget or be unaware that there are CPU architecture specific implementations that can also typically be enabled for much better performance over the common code. Google engineer Eric Biggers has been cleaning this up and BLAKE2s is the latest receiving treatment...

• Agama 17 OS Installer Preps For SUSE Linux Enterprise 16.0
  Ahead of the upcoming SUSE Linux Enterprise 16.0 release, SUSE engineers are busy finishing up work on their new "Agama" operating system installer. Agama 17 is now available as what will be the installer powering SUSE Linux Enterprise 16 installations or a version very similar to this latest milestone...

• Genode OS Framework 25.08 released
  Genode 25.08 is ripe with deeply technical topics that have been cooking since the beginning of the year or even longer. In particular our new kernel scheduler as the flagship feature of this release has been in the works since February 2024. Section`Kernel scheduling for fairness and low latency`tells its background story and explains the approach taken. Another culmination of a long-term endeavor is the introduction of an alternative to XML syntax, specifically designed for the usage patterns of Genode and Sculpt OS. Section`Consideration of a lean alternative to XML`kicks off the practical evaluation of an idea that gradually evolved over more than two years. Also the holistic storage optimizations presented in Section`Block-storage stack renovations`are the result of careful long-term analysis, planning, and execution. ↫ Genode 25.08 release notes While these are the three tentpole features for this release, theres a whole lot more here, as well. Genodes Linux-based PC device drivers have all been updated to Linux 6.12, there are a ton of fixes related to USB, optional EFI boot support in VirtualBox 6, and tons more.

• The EU needs a corporate open source contribution tax! to fund open source maintainers
  Open source, the thing that drives the world, the thing Harvard says has an economic value of 8.8 trillion dollars (also a big number). Most of it is one person. And I can promise you not one of those single person projects have the proper amount of resources they need. If you want to talk about possible risks to your supply chain, a single maintainer that’s grossly underpaid and overworked. That’s the risk. The country they are from is irrelevant. ↫ Josh Bressers If the massive corporations that exploit the open source world for massive personal profit dont want to contribute back, perhaps its time we start making them. I envision an European Economic Area-wide open source contribution tax!, levied against any technology corporation operating within the European Economic Area, whether they actually make use of open source code or not, not entirely unlike how insurance works  you pay into it even if you dont make any claims. Such tax could be based on revenue, number of users, or any combination thereof or other factors. The revenue from this open source contribution tax is put into an EEA-wide fund and redistributed to EEA-based open source maintainers in the form of a monetary subsidy. Such types of taxes and money redistribution frameworks already exist in virtually every country for a whole wide variety of purposes and in a wide variety of forms, both in non-commercial and commercial settings. While it may seem complicated at first, it really isnt. The most difficult aspect is definitely figuring out who, exactly, would be eligible to receive the subsidy and how much, but that, too, is a question both governments and commercial entities answer every single day. No, it will never be perfect, and some people will receive a subsidy who shouldnt, and some who should receive it will not, but if thats a valid reason not to implement a tax like this, no tax or insurance should be implemented. The benefits are legion. Of course, there is the primary benefit of alleviating the thousands of open source maintainers who form the backbone of pretty much out entire digital infrastructure, which in and of itself should be reason enough. On top of that, it would also strengthen the open source world  on which, I wish to reiterate, our entire digital infrastructure is built  against the kind of infiltration we saw with XZ Utils. And to put another top on top of that, it would cement Europe, or the EEA more specifically, as the hub for open source development, innovation, and leadership, and would surely attract countless open source maintainers to relocate to Europe. In other words, it would serve the grander European ambition to become less dependent on the criminal behaviour US tech giants and the erratic behaviour of the US government. We can either wait indefinitely for those who exploit the free labour of open source maintainers to contribute, or we make them.

• In-application browsers: the worst erosion of user choice you havent heard of
  A long, long time ago, Android treated browser tabs in a very unique way. Individual tabs were were seen as applications, and would appear interspersed with the recent applications list as if they were, indeed, applications. This used to be one of my favourite Android features, as it made websites feel very well integrated into the overall user experience, and gave them a sense of place within your workflows. Eventually, though, Google decided to remove this unique approach, as we cant have nice things and everything must be bland, boring, and the same, and now finding a website you have open requires going to your browser and finding the correct tab. More approachable to most people, Id wager, but a reduction in usability, for me. I still mourn this loss. Similarly, weve seen a huge increase in the use of in-application browsers, a feature designed to trap users inside applications, instead of letting them freely explore the web the moment they click on a link inside an application. Application developers dont want you leaving their application, so almost all of them, by default, will now open a webview inside the application when you click on an outbound link. For advertising companies, like Google and Facebook, this has the additional benefit of circumventing any and all privacy protections you may have set up in your browser, since those wont apply to the webview the application opens. This sucks. I hate in-application browsers with a passion. Decades of internet use have taught me that clicking on a link means Im opening a website in my browser. Thats what I want, thats what I expect, and thats how it should be. In-application webviews entirely break this normal chain of events; not because it improves the user experience, but because it benefits the bottom line of others. Its also a massive security risk. Worst of all, this switch grants these apps the ability to spy and manipulate third-party websites. Popular apps like Instagram, Facebook Messenger and Facebook have all been caught injecting JavaScript via their in-app browsers into third party websites. TikTok was running commands that were essentially a keylogger. While we have no proof that this data was used or exfiltrated from the device, the mere presence of JavaScript code collecting this data combined with no plausible explanation is extremely concerning. ↫ Open Web Advocacy Open Web Advocacy has submitted a detailed and expansive report to the European Commission detailing the various issues with these in-application browsers, and suggests a number of remedies to strengthen security, improve privacy, and preserve browser choice. I hope this gets picked up, because in-application browsers are just another way in which were losing control over our devices.

• Word to save new files on Microsofts servers by default
  You already need custom scripts and third-party applications that make custom Windows ISOs to make installing Windows somewhat bearable  unless you enjoy spending hours manually disabling all the anti-user settings in Windows  and now theres another setting to add to the massive, growing list of stuff you have to fix after setting up a new Windows installation. Microsoft has announced that Word will start saving every new file to OneDrive (or another provider if youve installed one) by default. We are modernizing the way files are created and stored in Word for Windows! Now you don’t have to worry about saving your documents: Anything new you create will be saved automatically to OneDrive or your preferred cloud destination. ↫ Raul Munoz on the Microsoft 365 Insider Blog Theres the usual spiel of how this is safer and supposedly more convenient, but I suspect the real reason Microsoft is doing this is listed right there at the end of the list of supposed benefits: this enables the use of Copilots AI! features right from the beginning. In other words, by automatically saving your new Word documents to OneDrive by default, youre giving Microsoft access to whatever you write for AI! training purposes. The setting can be changed, but defaults matter and few people change them. Its also possible to set another provider than OneDrive as your online storage, but again  defaults matter. In fact, I wouldnt be surprised if few people will even realise their Word documents will be stored not on their local PC, but on Microsofts servers.

• Dick Picks unique database operating system
  We usually at least recognize old computer hardware and software names. But Asianmoetry taught us a new one: Pick OS. This 1960s-era system was sort of a database and sort of an operating system for big iron used by the Army. The request was for an English-like query language, and TRW assigned two guys, Don Nelson and Dick Pick, to the job. The planned query language would allow for things like “list the title, author, and abstract of every transportation system reference with the principal city ‘Los Angeles’.” This was GIM or generalized information management, and, in a forward-looking choice, it ran in a virtual machine. ↫ Al Williams at Hackaday The linked article is a short summary of a YouTube video by the YouTube channel Asianometry, which goes into a lot more detail about Pick OS, where it came from, what it can do, who the people involved were, and where Pick OS eventually ended up. I had never heard of this system before, and its easy to see why  not only was it used almost exclusively in vertically integrated complete solutions, it was also whitelabeled, so it existed under countless different names. Regardless, it seems the people who actually had to use it were incredibly enthusiastic about it, and to this day you can read new comments from people fondly remembering how easy to use it was. It has always been proprietary, and still is to this day, apparently owned by a company called Rocket Software, who dont seem to actually be doing anything with it.

• Guix gets a new Rust packaging model
  While Nix and NixOS get all the attention when it comes to declarative package management, there are other, competing implementations of the same general idea. Guix, developed as part of the GNU Project, was originally based on Nix, but grew into its own thing. The project recently announced a major change to how it packages Rust and its countless dependencies and optional crates. We have changed to a simplified Rust packaging model that is easier to automate and allows for modification, replacement and deletion of dependencies at the same time. The new model will significantly reduce our Rust packaging time and will help us to improve both package availability and quality. ↫ Hilton Chain at the Guix blog I hear people talk about Nix and NixOS all the time  I tried it myself, too, but I felt I was using an IBM z17 mainframe to watch a YouTube video  and in fact, Nix has kind of become a meme in and of itself, but you never hear people talk about Guix. With this being OSNews, Im assuming theres going to be people here using it, and Im incredibly curious about your experiences. What are the features and benefits that make you use it? If youre curious  the best way to try Guix is probably to install the GNU Guix System, the Linux distribution built around Guix and Shepard, GNUs alternative init system. Its available for i686, x86_64, ARMv7, and AArch64, and can be virtualised too, of course.

• The size of Adobe Reader installers through the years
  The following chart shows how the Adobe Reader installer has grown in size over the years. When possible, 64-bit versions of installers were used. ↫ Alexander Gromnitsky Disk space is cheap, sure, but this is insanity.

• My OpenBSD home network setup!
  I recently moved to an area with more internet provider options, all of which were not satellite-based. This change allowed me leave my current provider (Starlink) and also freed my network from being locked behind CGNAT. The jump from ~150Mbps to 1Gbps has been fantastic, but the real benefit in this switch has been the ability to overhaul my home network setup. ↫ Bradley Taunt OpenBSD is generally the way to go for custom router setups, it seems, and if it wasnt for my own full Ubiquiti setup, Id definitely consider this too.

• Google to require developer certification to install Android applications, even outside of the Play Store
  Googles grip on Android keeps tightening. In what will certainly be another step that we will look back upon as just another nail in the coffin, Google is going to require every Android developer to register with Google, even if they dont publish anything in the Play Store. In other words, even if you develop Android applications ad only make them available through F-Droid or GitHub, youll still have to register with Google and hand over a bunch of personal information and a small fee of $25. Google is effectively recreating Apples Gatekeeper for macOS, but on Android. It wont come as a surprise to you that Google is doing this in the name of security and protecting users. The company claims that its own analysis found over 50 times more malware from internet-sideloaded sources than on apps available through Google Play!, and the main reason is that malware developers can hide behind anonymity. As such, Googles solution is to simply deanonymise every single Android developer. Starting next year, Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices. This creates crucial accountability, making it much harder for malicious actors to quickly distribute another harmful app after we take the first one down. Think of it like an ID check at the airport, which confirms a travelers identity but is separate from the security screening of their bags; we will be confirming who the developer is, not reviewing the content of their app or where it came from. This change will start in a few select countries specifically impacted by these forms of fraudulent app scams, often from repeat perpetrators. ↫ Suzanne Frey at the Android Developer Blog This new policy will only apply to certified Android devices!, which means Android devices that ship with Google Play Services and all related Google stuff preinstalled. How this policy will affect devices running de-Googled Android ROMs like GrapheneOS where the user has opted to install the Play Store and Google Play Services is unclear. Google does claim the personal information you hand over as part of your registration will remain entirely private and not be shown to anyone, but thats not going to reassure anyone. To its small credit, Google intends to create an Android Developer Console explicitly for developers who only operate outside of the Play Store, and a special workflow for students and hobbyists that waives the $25 fee. First tests will start in October of this year, with an official rollout in a number of countries later in 2026, which will then expand to cover the whole world. The first countries seeing the official rollout will be countries hit especially hard by scams (according to Googles research, at least): Brazil, Indonesia, Singapore, and Thailand. Google has been trying to claw back control over Android for years now, and it seems the pace is accelerating lately. None of these steps should surprise you, but they should highlight just how crucially important it is that we somehow managed to come to a viable third way, something not controlled by either Apple or Google.

• I revived pkgsrc on AIX!
  Earlier this year, I was trying to get actual daily work done on HP-UX 11.11 (11i v1) running on HPs last and greatest PA-RISC workstation, the HP c8000. After weeks of frustration caused first by outdated software no longer working properly with the modern web, and then by modern software no longer compiling on HP-UX 11.11, I decided to play the ace up my sleeve: NetBSDs pkgsrc has support for HP-UX. Sadly, HP-UX is obviously not a main platform or even a point of interest for pkgsrc developers  as it should be, nobody uses this combination  so various incompatibilities and more modern requirements had snuck into pkgsrc, and I couldnt get it to bootstrap. I made some minor progress here and there with the help of people far smarter than I, but in the end I just lacked the skills to progress any further. This story will make it to OSNews in a more complete form, I promise. Anyway, in May of this year, it seems Brian Robert Callahan was working on a very similar problem: getting pkgsrc to work properly on IBMs AIX. The state of packages on AIX genuinely surprises me. IBM hosts a`repository`of open source software for AIX. But it seems pretty sparse compared to what you`could`get with pkgsrc. Another`website`offering AIX packages seems quite old. I think pkgsrc would be a great way to bring modern packages to AIX. I am not the first to think this. There are AIX 7.2 pkgsrc packages available at`this repository, however all the packages are compiled as 32-bit RISC System/6000 objects. I would greatly prefer to have everything be 64-bit XCOFF objects, as we could do more with 64-bit programs. There also arent too many packages in that repository, so I think starting fresh is in our best interest. As we shall see, this was not as straightforward as I would have hoped. ↫ Brian Robert Callahan Reading through his journey getting pkgsrc to work properly on AIX, I cant help but feel a bit better about myself not being to get it to work on HP-UX 11.11. Callahan was working with AIX 7.2 TL4, which was released in November 2019 and still actively supported by IBM on a maintained architecture, while I was working with HP-UX 11.11 (or 11i v1), which last got some updates in and around 2005, running on an architecture thats well dead and buried. Looking at what Callahan still had to figure out and do, its not surprising someone with my lack of skill in this area couldnt get it working. Im still hoping someone far smarter than I stumbles upon a HP c8000 and dives into getting pkgsrc to work on HP-UX, because I feel pkgsrc could turn an otherwise incredibly powerful HP c8000 from a strictly retro machine into something borderline usable in the modern world. HP-UX is much harder to virtualise  if its even possible at all  so real hardware is probably going to be required. The NetBSD people on Mastodon suggested I could possibly give remote access to my machine so someone could dive into this, which is something Ill keep under consideration.

• AUR Repository Still Under DDoS Attack
  Arch User Repository continues to be under a DDoS attack that has been going on for two weeks.
  

• RingReaper Malware Poses Danger to Linux Systems
  A new kind of malware exploits modern Linux kernels for I/O operations.
  

• Happy Birthday, Linux
  On August 25, Linux officially turns 34.
  

• VirtualBox 7.2 Has Arrived
  With early support for Linux kernel 6.17 and other new additions, VirtualBox 7.2 is a must-update for users.
  

• Linux Mint 22.2 Beta Available for Testing
  Some interesting new additions and improvements are coming to Linux Mint. Check out the Linux Mint 22.2 Beta to give it a test run.
  

• Debian 13.0 Officially Released
  After two years of development, the latest iteration of Debian is now available with plenty of under-the-hood improvements.
  

• Upcoming Changes for MXLinux
  MXLinux 25 has plenty in store to please all types of users.
  

• A New Linux AI Assistant in Town
  Newelle, a Linux AI assistant, works with different LLMs and includes document parsing and profiles.
  

• Linux Kernel 6.16 Released with Minor Fixes
  The latest Linux kernel doesn't really include any big-ticket features, just a lot of lines of code.
  

• EU Sovereign Tech Fund Gains Traction
  OpenForum Europe recently released a report regarding a sovereign tech fund with backing from several significant entities.