|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- Git 2.55.0 released
Git maintainer Junio Hamano has announcedGit 2.55.0, which has non-merge commits from 100 people; 33 ofthose are first-time contributors to the project. LWN recently covered some ofthe noteworthy changes in 2.55, including new features for theexperimental "git history" command, addition of the Git fsmonitordaemon for Linux systems, and more.
- [$] The rest of the 7.2 merge window
Linus Torvalds released 7.2-rc1and closed the 7.2 merge window on June 28; by that time, 13,412non-merge commits had found their way into the mainline. That makes thisthe busiest merge window since the 6.7 development cycle in 2024 (15,418commits, including 2,800 for the entire bcachefs development history).Just under half of those commits arrived after LWN's summary of the first half of the mergewindow was written. As usual, the commits in the latter part of themerge window were more heavily focused on fixes, but there were still a lotof new features and significant changes merged as well.
- [$] Xsnow "protestware" in Debian
The xsnowapplication, which generates an animated snowfall effect (and otherpleasant diversions) for X11 desktops, does not seem like an obviouschannel for political statements. Nevertheless, xsnow's maintainerseems to have included a political protest in the program: anEaster egg that is triggered when the program's language is set to Russia("ru"). One user has complained that this functionality should beremoved from the Debian xsnowpackage, but Debian does not seem to have any rules that forbidsuch a feature outright.
- Open source maintainership in the age of AI (Kubernetes blog)
The Kubernetes project has published a blogpost explaining its AIpolicy:
The main problem is that AI has made generating code fast but therehas been very little improvement in maintaining code bases. In thispost, we will highlight the ways the Kubernetes community is adaptingto the world of AI assisted coding.
The first step of this journey was to develop an AI policy. Thisseems mundane and bureaucratic but there were many PRs that derailedinto discussions around AI usage. The AI policy helps steer theconversation around the project's stance on AI and provides a clearsignal to contributors on how to use these tools responsibly.
Of note, the project requires disclosure when AI tools have beenused to assist in the creation of a contribution but forbids the useof listing AI as a co-author or including "assisted-by" or"co-developed" trailers to attribute work to an LLM tool.
- Mageia 10 released
Mageia 10 has beenreleased with the 6.18 Linux kernel, DNF 5.4.0, RPM 4.20.1,and an increase in hardware requirements for x86 32-bit systems; users nowneed a CPU with SSE2 features. See the releasenotes for a full list of updates, and the errata pagefor known problems.
- Security updates for Monday
Security updates have been issued by AlmaLinux (containernetworking-plugins, golang, kernel, libpng, libpng15, nginx, opencryptoki, perl-IO-Compress, thunderbird, and tigervnc), Debian (chromium, gdcm, incus, libhtml-parser-perl, lxd, openvpn, tor, and xorg-server), Fedora (chromium, docker-buildkit, docker-buildx, dotnet10.0, dotnet8.0, dotnet9.0, krita, ldns, libssh2, liferea, lighttpd, mariadb10.11, mariadb11.8, moby-engine, nginx, nginx-mod-brotli, nginx-mod-fancyindex, nginx-mod-headers-more, nginx-mod-js-challenge, nginx-mod-modsecurity, nginx-mod-naxsi, nginx-mod-vts, openbao, pacemaker, pgadmin4, podman-tui, prometheus-podman-exporter, python-jupyter-server, python-mistune, python-postorius, python-pydantic-settings, python3-docs, python3.14, thunderbird, tigervnc, tinyproxy, and util-linux), Mageia (krb5), Oracle (.NET 10.0, .NET 8.0, .NET 9.0, bind, dracut, fence-agents, firefox, frr, frr10, glib2, glibc, gnutls, golang, kernel, libpng, libpng15, libreoffice, libxml2, libxslt, mod_http2, mysql:8.4, nginx:1.26, openssl, php:8.3, podman, postgresql-jdbc, python3.14, redis, rsync, thunderbird, tomcat, valkey, and vim), Red Hat (osbuild-composer), and SUSE (agama-web-ui, asn1c, assimp, assimp-devel, aws-iam-authenticator, calibre, clamav, corepack24, dovecot22, exiv2, frr, giflib, glances-common, google-osconfig-agent, GraphicsMagick, gvim, haproxy, hydra, ImageMagick, jupyter-nbclassic, kernel, libsoup, libsoup2, libssh2-1, nano, NetworkManager-applet-openvpn, nodejs22, openbabel, opensc, openssl-3, pacemaker, python, python-base, python-doc, python311-pdm, python311-py7zr, python311-pypdf, python36, tar, trivy, util-linux, xen, and xtrabackup).
- Kernel prepatch 7.2-rc1
The 7.2-rc1 kernel prepatch is out fortesting. Linus said: "So two weeks have passed, and the merge window isclosed. Things look reasonably normal for this release (knock wood)."
- [$] Reports from OSPM 2026, day three
The Power Managementand Scheduling in the Linux Kernel Summit, which still goes by thehistorical acronym OSPM, was held in Cambridge, UK, in mid-April. As hasbecome traditional, the presenters at that event have since writtensummaries of their sessions, and this work has kindly been made availableto LWN for publication. The third day's sessions covered a wide range oftopics, including GPU affinity, profile-guided scheduling,paravirtualization scheduling, quality of service, and more.
- [$] Initiating writeback earlier
Writeback is the process of ensuring that dirty pages or folios in the pagecache are flushed to the disk, so that changes to those files are madepersistent. In a filesystem-track session at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, Jeff Layton wanted todiscuss whether the writeback operation should be initiated earlier than itis today. The consensus seemed to be that it should be done earlier, butthe path toward making that happen was less clear.
- Ex-Governors, Big Tech Launch Coalition To Help Workers 'Navigate the AI Economy'
"Amid growing public anger over A.I. and a debate over how to regulate it, a group of employers, state governors and foundations has raised $500 million to try to answer some of those questions themselves," reports the New York Times. "Just how many jobs will AI upend?" asks the Wall Street Journal, reporting that the new coalition says it's time to ready the U.S. workforce for a "major" disruption — no matter how large it turns out to be. The coalition "has so far raised more than $500 million — about half of its multiyear goal — from companies and nonprofit groups. It will initially work with state governments in Arkansas, Maryland, Utah and Connecticut. OpenAI and Anthropic are also involved, and academics including MIT economist David Autor sit on an advisory board."[The new "RAISE US" coalition] will be led by former Commerce Secretary Gina Raimondo, who served under former President Joe Biden, and former Indiana Gov. Eric Holcomb, a Republican. Its mandate, they said, isn't just to build retraining programs but also to reconsider decades-old policies such as unemployment insurance and act as a working lab for testing the most effective ways to transition workers to new fields. The group will explore corporate incentives for employers to hold on to workers whose jobs are disrupted by AI and prep them for new roles... The mission of the group is to "pull all the levers at once," Raimondo said. That means teaming up with employers to find ways to help workers gain skills or new roles and joining with educators to roll out different types of training. It also plans to propose policy changes such as tweaking unemployment benefits to let displaced workers continue to get them while they, for instance, start new businesses with AI... In Maryland, the group plans to expand a service-year option in the state to help people gain exposure to such growing fields as healthcare. An effort in Arkansas will focus on supporting "an AI-powered career navigation platform." More from New York Times:The organization will work primarily with governors... The theory: States generally control their community college systems, which can translate work force policy through course offerings and industry partnerships. The bulk of the budget will fund pilot programs overseen by about 15 staff members and consultants. For example, Maryland will expand a "service year" for recent high school graduates to provide experience in fields where there are shortages, such as health care. In other states, Raise Us hopes to offer "wage insurance" for workers who take lower-paying jobs rather than dropping out of the work force entirely. The group plans to furnish technical assistance for companies that want to retain workers as A.I. changes their roles, rather than eliminating them. Microsoft, one of the companies backing the organization, said it had already found a promising model: cross-training its entry-level lawyers in different parts of the organization and equipping them with A.I. skills in order for them to be repositioned as technology evolves. "You can think of doing that with almost any job we have," said Brad Smith, vice chair and president at Microsoft. "It creates an opportunity to transfer people from jobs that are being eliminated to jobs that are being created...." Ms. Raimondo and her colleagues are not fans of a universal basic income, an idea that has gained popularity in Silicon Valley as an answer to job disruption. They emphasize that work provides more than just wages, and plan to focus on helping people find pathways to new jobs. But it's unclear whether A.I. will create jobs at the rate that it will destroy them. Jack Malde studied work force policy for the Bipartisan Policy Center and is now going to work for the Windfall Trust, another A.I.-focused think tank. He said long-term income support might be necessary, even if better models for transitioning workers were found. "The truth is, there's still a lot of uncertainty," Mr. Malde said. "What we think is resilient now might not be resilient later. We're not going to get everything right, so we're going to need those strong safety-net programs." Long-time Slashdot reader theodp writes:If you think you've seen this movie before, prior to "partnering with governors, employers, and training partners to help the American workforce make a successful transition to an AI economy" with RAISE US, Raimondo and Holcomb partnered with governors, employers and training partners to help U.S. K-12 students make a successful transition to a CS economy with the Governors for Computer Science coalition.
 
Read more of this story at Slashdot.
- IBM Says It Can Fit Nearly 100 Billion Transistors On a Chip
IBM has unveiled "what it says is the world's first sub-1-nanometer chip technology," reports ZDNet, "designed to pack nearly 100 billion transistors on a fingernail-size die, roughly doubling the density of IBM's earlier 2-nm test chip, first shown in 2021... Today, the smallest, most powerful chips top out at about 80 billion transistors."At the heart of the announcement is NanoStack. This is a three-dimensional, nanosheet-based transistor design that scales vertically, or along the z-axis, by stacking and staggering CMOS devices. Unlike today's nanosheet architectures, which IBM also pioneered and which are being adopted by leading foundries at 3 nm and 2 nm, NanoStack bonds two nanosheet transistors into a single vertical structure, with each tier optimized independently and contacted from opposite sides. Each transistor in the demonstrated structure uses three sub-5 nm-thick nanosheets, about "15 silicon atoms" across, separated by roughly 9 nm spacers. Two such devices are then bonded vertically using an ultra-thin dielectric process IBM describes as a key innovation. Because the top and bottom devices can use different channel materials, dielectrics, and metals, IBM argues NanoStack is less a single trick and more a transistor platform that can be extended through multiple generations: 7 angstrom (Å), 5 Å, 3 Å, and potentially down to 1 Å in its internal roadmap. An angstrom, by the by, is one ten-billionth of a meter. In terms of chips, an angstrom is a tenth of a nanometer. "This is the world's first sub-1 nanometer chip technology with a new transistor architecture," said Jay Gambetta, Director of IBM Research and IBM Fellow, during a press briefing. "We're not just making smaller transistors, we're reinventing how chips are built to deliver dramatically more power and energy efficiency...." Based on internal benchmarking against its 2 nm node, the company said its new chips will deliver up to 50% higher performance at the same power, or up to 70% lower power for the same performance. Big Blue also highlighted a 40% improvement in the scaling of static random-access memory (SRAM) cell area relative to its 2 nm technology. This is a change IBM described as a "step the industry hasn't seen in over a decade" and one that could be particularly important for AI accelerators that live or die on on-chip memory bandwidth... According to Huiming Bu, IBM's VP of silicon technology R&D, NanoStack is a new paradigm. It's moving chips to scaling fully into three dimensions and giving the industry at least "another decade" of logic advances as it crosses from nanometers into angstroms... The 40% SRAM density bump could also help architects push caches and on-die memory closer to compute units, cutting data movement overhead in training and inference workloads. IBM sees a path to production use "in as early as the next 5 years", according to the article, and "expects NanoStack to eventually underpin CPUs, GPUs, mobile SoCs, and SRAM arrays." IBM's VP of silicon technology R&D says the new innovation "can improve performance by 50% compared to the best available chip today, and at the same time can reduce power by 70%."
Read more of this story at Slashdot.
- Scientists Think Neptune and Uranus May Not Be the Ice Giants We Imagined
The planets Neptune and Uranus may be better described as "magma-ocean giants" rather than "ice giants," according to a team of researchers from the University of California. Gizmodo reports:While the Voyager flyby confirmed the planets' classification as ice giants... [a]s the least explored planets in the solar system, the two planets have never been thoroughly investigated. Therefore, scientists aren't sure where the planets originally formed in the early solar system or the reason for their wildly chaotic magnetic fields. A long-standing hypothesis suggests that both worlds have a hydrogen/helium atmosphere that covers a vast mantle of ices, made primarily of water, ammonia, and methane, with a rocky core. The new study, however, notes that the three-layer model of an ice giant's interior structure is not the only way to explain the properties of the two planets. The researchers also point out that objects found in the Kuiper Belt, which are thought to preserve evidence of the material in the outer Solar System where Uranus and Neptune formed, are primarily composed of rock rather than ice. For the recent study, the researchers simulated different models for the interior processes and composition of Uranus and Neptune. The model that best fits Uranus's and Neptune's different properties suggests the two planets have a well-mixed magma ocean with dissolved hydrogen at the bottom and a hydrogen-dominated envelope at the top. The model suggests that at high pressures, hydrogen gas can dissolve into magma, forming a well-mixed fluid. This mixing might help explain Uranus's and Neptune's density, which has traditionally been interpreted as evidence for an ice-rich interior. The article notes that the theory "could also help scientists understand the interior structure of sub-Neptune planets in the Milky Way, which have thus far remained a mystery."
Read more of this story at Slashdot.
- Trump-Shuttered Climate Change Site Now Back Online In Nonprofit Hands
Donald Trump shuttered the web site Climate.gov in 2025, cutting off public access to climate information from America's National Oceanic and Atmospheric Administration (NOAA). But "former members of the site's team have brought much of it back at a new domain," reports The Register:"Trusted climate information should not disappear when politics change," Climate.us managing director Rebecca Lindsey said of the new platform in a press release. Lindsey, who previously served as the Climate.gov program manager and lead editor, told The Register in an email that she and one of the web developers responsible for the site were the first to be caught up in government purges when DOGE swept through the department in late February 2025... Created in cooperation with sustainability nonprofit accelerator Multiplier, Climate.us aims to be an independent alternative to its old .gov, and many of the former NOAA crew behind the previous website have teamed up for the new initiative to "keep climate information accurate, accessible, scientifically rigorous, and useful for the people who rely on it." Climate.gov, which now redirects to a NOAA page about climate but which hosts none of the data the shuttered site used to contain, was taken offline in July 2025 following a Trump executive order prioritizing "gold standard science...." arguing that prior climate science models relied on worst-case scenarios, which somehow meant the public availability of 15 years of climate data and reporting ought to change... All of the content that was purged from the .gov is now back, along with blogs from experts, climate status reports, maps and data pathways, and national assessments of climate change as well.Lindsey told us that rapidly changing political winds have led her to believe that the government isn't the right place for that mission to continue, and that she would have concerns about returning the site to federal management if a future administration changed its position on climate change... Lindsey said that the Climate.us team will continue with the same mission it had before the Trump administration attempted to quash it: Getting climate science in front of the public in a manner that's understandable so they can make their own decisions about how to respond.
Read more of this story at Slashdot.
- Microsoft Slammed for Building Copyright-Infringing Supercomputer for OpenAI in New Court Filing
The New York Times alleges Microsoft actively encouraged OpenAI to steal its copyrighted work, reports Ars Technica, citing a new (and heavily redacted) court filing Thursday:NYT's motion comes after the [U.S.] Supreme Court sided with Cox Communications in a case where Sony tried and failed to claim that Cox was contributing to music piracy as an Internet service provider, which set a new standard for contributory infringement. Moving forward, plaintiffs will have to prove that parties intentionally acted to induce illegal conduct. Recognizing that the legal precedent has changed, the NYT now wants to amend its complaint to align its contributory infringement claim against Microsoft with that new standard... A Microsoft spokesperson told Ars that the company views the amended complaint as "a last-ditch effort by the plaintiff to save its claim from unfavorable precedent set in other recent rulings..." The updated complaint seeks to specify that [Microsoft's] supercomputer was tailor-made to help OpenAI infringe and allege that it was built for the explicit purpose of training AI on copyrighted works without permission. And as the NYT alleged, its articles were more heavily weighted by this system, as both firms hoped to train models on the highest-quality journalism possible, so that level of writing could be confidently mimicked in outputs. By building this "unusually complex" machine, Microsoft not only helped select the works that were infringed but also provided a means to seize copyrighted works without permission, the NYT alleged. "Microsoft specifically designed it for the purpose of using essentially the whole Internet — curated to disproportionately feature Times Works — to train the most capable LLM in history," the NYT alleged... Similarly as problematic for the NYT are hallucinations where Microsoft and OpenAI models falsely cite the NYT for content that they never published... "Users who ask a search engine what The Times has written on a subject should be provided with neither an unauthorized copy nor an inaccurate forgery of a Times article, but a link to the article itself," the NYT alleged... In a statement provided to Ars, OpenAI spokesperson Drew Pusateri reiterated the AI firm's often-repeated claims that AI training on copyrighted works is indisputably fair use... OpenAI has argued that "ChatGPT is not a substitute for a Times subscription," the NYT reported, partly because "they transformed the material for a different use." An OpenAI spokesperson told Ars Technica that OpenAI's models "empower innovation," while a New York Times spokesperson insisted that Microsoft "actively encouraged OpenAI to steal our copyrighted works... [O]ur core claims remain the same from the day we filed this lawsuit — that Microsoft and OpenAI stole millions of The Times's copyrighted works to compete with our products and illegally enrich themselves." The article speculates that the case's most extreme outcome "could require OpenAI and Microsoft to wipe models and start over. The NYT has also asked for permanent injunctive relief to prevent future infringement, as well as extensive damages..."
Read more of this story at Slashdot.
- Spain-Backed Fund Joins FOSSA's Sovereign Satellite Communications Push
Spanish startup FOSSA Systems "has raised about $10.5 million to expand its connectivity constellation," reports Space News, noting some funding is backed by Spain's government:The support from the Spanish Society for Technological Transformation (SETT) comes a year after the fund injected 14 million euros into Spain's Sateliot , which is also developing a satellite connectivity network with security and defense applications. Spanish private investment firm Kibo Ventures led FOSSA's funding round, the six-year-old venture announced June 24, bringing its total raised to date to nearly 20 million euros. The proceeds will help fuel FOSSA's push beyond the tiny picosatellites it once used to connect low-power monitoring devices toward larger cubesats in low Earth orbit, enabling additional sovereign communications and space-based intelligence capabilities... The company's funding round follows a wave of investments this year in European ventures planning to develop sovereign space capabilities, including Austrian propulsion startup Gate Space, which secured 6.3 million euros earlier this month from a European Commission-backed accelerator program. "Our goal is to establish FOSSA as a European benchmark in sovereign space infrastructure," said Julián Fernández, FOSSA's CEO and cofounder.
Read more of this story at Slashdot.
- China's AI Matches Anthropic in Cybersecurity, Causing Worry Over US Restrictions
Chinese AI systems "have matched the performance of Anthropic's powerful model Mythos in some cybersecurity scenarios," reports the Wall Street Journal. They call it "a development poised to reset the global tech race and pressure the White House in its overhaul of U.S. AI policy."Security researchers said that a new AI model, released this month by China's Zhipu AI, also known as Z.ai, can match the latest U.S. models when it comes to finding security bugs, although it still lags behind Anthropic's and OpenAI's products in other tasks. Overall, the capability gap between top U.S. models and those built by Chinese companies has narrowed significantly, and use of Chinese AI systems has surged as businesses seek to rein in runaway costs. A host of companies, including Microsoft, are weighing how they can offer Chinese models on their platforms, a development that is set to alter the balance of power among tech companies... Unlike models from Anthropic or OpenAI, Zhipu's GLM-5.2 is open-weight. That means it can be downloaded and run on hardware operated by anybody and can be modified and used without supervision. Open-weight models are ideal for users who want unfettered access to systems they control, but they are also ideal for hackers, who can run them in the shadows. GLM-5.2 has ranked as one of the 10 most-used AI models, according to data from OpenRouter, a company that provides access to more than 400 AI models. In some benchmarking tests, according to the cybersecurity company Semgrep, GLM-5.2 bested Anthropic's Claude Opus 4.8 model, which was released in May. When given further instructions, Opus 4.8 and GLM-5.2 can match Mythos in bug-finding ability, according to researchers... "Banning Fable while selling chips China needs to develop its own version is a gift to China," said Saif Khan, a distinguished technology fellow at the Institute for Progress think tank who worked on export restrictions in the Biden administration. The U.S. needs to maximize the use of Mythos and comparable models to harden its cyber defenses while it can, he added. Among the Mythos 5 and Fable 5 users that had lost access before Friday's decision to restore Mythos 5 access for some trusted entities: the National Security Agency, which had been testing the tools and found them impressive in trials, according to people familiar with the matter... "It is incentivizing companies across the globe to use cheaper but very capable Chinese open-weight models, while at the same time undermining the U.S. AI industry," said Niels Provos, a researcher who led security teams at Google and Stripe. "I don't understand it." Thanks to long-time Slashdot reader schwit1 for sharing the article.
Read more of this story at Slashdot.
- Are Checks Sent Through the Mail Vulnerable to Theft?
The New York Times tells the story of a 63-year-old retiree who wrote a check for several thousand dollaras to pay her taxes. But she discovered much later that her taxes were never paid because that check had been intercepted and then altered to be payable to someone else:In some cases, thieves may pilfer one or more checks from local mailboxes. Adam Rust, director of financial services for the Consumer Federation of America, said thieves sometimes "fish" for checks at free-standing drop boxes, using long tools with sticky pads on the ends to grab letters. In other cases, more sophisticated criminals may steal large batches of checks, copy them and then sell them on the internet. Often, the purloined checks are chemically altered in what's known as "check washing" to remove the name of the recipient. The thief replaces it with a fraudulent name, and often increases the amount of the check, before cashing or depositing it. The 63-year-old retiree's bank told her she'd waited too long to recover the funds:Schwab's "security guarantee," outlined on its website , says that "Schwab will cover losses in any of your Schwab accounts due to unauthorized activity." But fine print at the bottom of the page notes that reimbursement "requires your timely reporting of unauthorized activity to Schwab," and that Schwab "will not be liable for additional or increased losses resulting from a failure to report unauthorized activity in a timely manner." It notes that more details are available in account agreements... Notify your bank as soon as possible, said Scott Anchin, senior vice president of strategic initiatives and policy at the independent bankers association. Banks generally allow at least 30 days and sometimes up to 90 days from the time your statement is made available to you to report suspected check fraud, he said. So how can you avoid check fraud? Adam Rust, director of financial services for the Consumer Federation of America, just suggests that "No one should ever mail a check."If you must write a check, he said, try to deliver it in person or take it inside a post office to mail rather than relying on your own mailbox or public drop boxes. The American Bankers Association recommends using permanent "gel" ink pens when you do write checks to reduce the risk of tampering... And if you don't already, consider using your bank's online bill payment service. The article notes that even the U.S. federal government "has been moving away from paper checks for things like benefit payments and income tax refunds, saying digital payment methods are more secure."
Read more of this story at Slashdot.
- US Agency Cancels Contract For Warrantless Tracking of Mobile Devices
America's Bureau of Alcohol, Tobacco, Firearms and Explosives has "canceled its contract for a surveillance tool that enables warrantless tracking of mobile devices," reports the Associated Press. They note the move comes "after lawmakers, a prosecutor and a judge raised concerns about the legality of the tool in criminal investigations."ATF, the federal agency responsible for enforcing the nation's gun laws, told The Associated Press that it discontinued what it called a "pilot" program using a tool called Webloc after Rep. Michael Cloud, a Republican from Texas, and Sen. Ron Wyden, a Democrat from Oregon, expressed reservations about the agency's use of bulk commercial location data. Webloc, which is made by a vendor called Penlink, sources data from consumer apps and advertising networks, which collect the location of mobile devices from consumers who download apps or browse the web... The U.S. Supreme Court ruled in 2018 that police needed a warrant to obtain historic movement data from cellphone companies on a criminal suspect. But it has never addressed the growing practice of commercially acquired data. Other users of Webloc include the U.S. military and U.S. Immigration and Customs Enforcement but also local law enforcement agencies such as police in places like Elk Grove, Calif. and Durham, N.C. The technology has also expanded around the world, with the national police in El Salvador and Hungarian intelligence agencies as customers, according to a report from earlier this year from Citizen Lab, a group of researchers at the University of Toronto who investigate digital threats to civil society. The article notes that other U.S. law enforcement agencies continue to buy commercial geolocation data, "including the FBI and the Department of Homeland Security."
Read more of this story at Slashdot.
- Students Around the World are Using AI-Powered Smart Glasses to Cheat on Tests
Students are using AI-powered smart glasses to cheat on tests, reports CNN. "And in East Asia's test-obsessed societies, where a single exam could impact the trajectory of a student's future career and social status, educators are scrambling to get ahead of the problem."Already, countries are stepping up inspections for test-takers. For China's grueling annual college entrance exam earlier this month — which more than 10 million hopefuls take each year — authorities required screening of all glasses. In the United Kingdom, the head of England's exam watchdog warned earlier this month that AI glasses and smart devices like earpieces could worsen cheating in exams... [T]wo incidents in South Korea were the country's first reported cases of cheating with AI glasses... In Taiwan, the university where a prospective student was caught cheating is now reviewing rules and standard operating procedures for AI eyewears during examinations. But experts worry these individual cases point to a more widespread issue. "If we're seeing a few cases being reported, we're seeing a lot more cases not being reported," said Thomas Corbin, lecturer at Deakin University in Australia, who has conducted research around the usage of AI-powered glasses and other smart devices in academic assessment. With the rapid development of AI technology, however, smart glasses are becoming slimmer, less noticeable, while integrating AI models that can operate independently with connectivity, raising concerns not only about exam integrity, but also about broader privacy risks... "Wearable AI is as much of a challenge to exams as ChatGPT was to essays in 2022 and I just don't think there is any real way that we can reliably have exam practices moving forward," Corbin said.
Read more of this story at Slashdot.
- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
- Next Bcachefs Release Aims To Include Rust Code In The Kernel Module
The Bcachefs file-system already makes use of the Rust programming language in the user-space tools for this CoW file-system and they have been planning to make use of Rust within the kernel module too. Beginning in the next Bcachefs release, v1.38.7, they are looking at beginning to include Rust code now in their kernel driver...
- Infinity Scheduler Aims To Be A Better Linux Scheduler
The Infinity Scheduler is another attempt at improving the CPU scheduling behavior under Linux and created by the developer behind the existing "scx_flow" sched_ext scheduler. But Infinity Scheduler isn't taking the approach of using sched_ext and is rather patched into the Linux kernel in modifying CFS and RT behavior...
- AMD Linux Patches Introduce New "Low Power" CPU Core Type
A new Linux kernel patch series posted to the kernel mailing list minutes ago is introducing a new "Low Power" CPU core type for AMD heterogeneous processors. The x86 topology code in the Linux kernel already supports the notion of Performance and Efficiency type cores while now a new "Low Power" core type is being introduced for AMD heterogeneous platforms...
- ZLUDA v6 Gets PhysX Running Well On AMD GPUs But Loses Commercial Funding
ZLUDA as a reminder is the open-source project that began as drop-in CUDA support for Intel graphics hardware and then was quietly funded by AMD for years as a drop-in CUDA replacement on AMD GPUs that went open-source after losing funding. That was then taken down and since late 2024 ZLUDA then began focusing on multi-GPU CUDA focused on AI after beginning to receive funding from an unspecified party. Now, unfortunately, funding has once again been cut from that unnamed party but in turn ZLUDA is focusing on PhysX and better Windows support...
- Astral is a hobby operating system with X.org, Minecraft, and now Wine
Astral is a hobby operating system written in C for 64bit architectures, with a collection of ported software like X.org, fvwm, the xbps package manager, and tons more. I think it�s quite a neat system � the code�s on GitHub � made even neater by the fact it can run not only Minecraft, but now also has a working port of Wine that can run a few games. A few months ago, I posted about Astral, a hobby OS I have been working on over the years, running Minecraft. Since then, others have gotten modern versions of Minecraft to run as well as Factorio (using a glibc compatible libc). However, while these games are made or packaged in a way that makes it easier to get them to run under a new OS, most games are not. A lot of games are closed source and compiled for Windows, which makes something like Wine a necessity for playing them. One of my favorite games, Cogmind, falls under that umbrella. It is a 32-bit Windows only roguelike, and it became my goal to run it under Astral. While there was already an existing Wine port, it was extremely incomplete, as not even notepad.exe worked properly. To run Cogmind, the Wine port had to be finished, which also meant adding the ability to run 32-bit code on an otherwise 64-bit-only OS. ↫ Blog post on the Astral website This process obviously is quite involved, but in the end, they managed to get it working. Quite impressive.
- The ‘papers, please’ era of the internet will decimate your privacy
Imagine your favorite team just scored an incredible, last-second goal at the World Cup. So you log online to celebrate with other fans. But, using data it’s already collected on you, the social media platform you like to post on wrongly guesses that you’re under 16 so it forces you to go to a third-party verification app and provide images of your face or your government-issued ID. You don’t really know much about the verification app, what country it’s based out of, what happens with your information, and whether you’re protected from hackers or data breaches. You’re not happy about it, but you hand over a photo of your passport and hope it doesn’t come back to haunt you. Now imagine that instead of posting about sports, you’re criticizing a powerful politician, or talking about your experiences with abuse or addiction, or discussing embarrassing medical issues you’re facing. Suddenly this “papers, please” approach to the internet sounds even more invasive, right? Unfortunately, that’s the direction we’re all headed — even here in the United States — and we have good reason to be wary of the global rush to sacrifice user privacy on the altar of age verification. ↫ Sarah McLaughlin at Expression The insane push for age verification on the internet is the biggest threat to whatever�s left of the free internet. I have two young children � 3 and 5, currently � and I�m diametrically opposed to any kind of creepy verification processes that they claim are designed to keep kids like mine safe!. Not only is their safety not predicated on giving up their privacy, my children are also not my or anyone else�s property; they have rights, and the right to privacy is one of them. Nobody mentioned in the Epstein files has been charged, by the way.
- Microsoft capitulates again, extends Windows 10 support by another year
It�s been quiet for a few days since I�ve been sick, but I�m feeling a bit better since today marks the official end of my one month of using Windows 11 that you people donated for. An article about my experience is definitely upcoming, including whether or not I�ll actually stick with Windows 11 on my laptop or go back to Linux, but before we get there, let�s talk about Microsoft once again capitulating to the reality that a lot of people really don�t want to let go of Windows 10. In a surprising move, Microsoft has quietly confirmed that it’s extending Windows 10 support until October 12, 2027, which is one full year beyond the October 2026 cutoff that home users had been planning around. ↫ Abhijith M B at Windows Latest Hundreds of millions of people are still using Windows 10, and with the AI! techbros buying up all the RAM and other chips for their pachinko machines � making this whole thing a bit of an own goal for prime AI! booster Microsoft � buying new PCs that are actually compatible with Windows 11 isn�t exactly a fun prospect for the vast majority of us normal folk dealing with the cost-of-living crisis. As such, Microsoft really doesn�t have any other choice but to keep extending support for Windows 10. It ain�t much, but I�ll take any morsel of justice I can get. While everyone else has to pay for getting access to these Windows 10 updates, users in the European Union get them entirely for free thanks to the Digital Markets Act. This additional year, too, can be partially attributed to the DMA, as the very same consumer rights organisations who pressured Microsoft into giving EU users truly free access to the Extended Security Updates also put pressure on the company to offer these for more than just one year. Basic consumer protection legislation works.
- In memory of the man who put red and green squiggles under words
Every little thing in a graphical user interface that we take for granted today, no matter how small, was thought up by someone, at some point. Case in point: the little red squiggly lines underneath misspelled words. In one form or another, these are everywhere now, and have just become a regular staple of every single text editing field we encounter every single day and don�t stop to think about. Still, they were invented by someone, and we happen to know exactly who that was: Tony Krueger. In early versions of Word, the Spell Check feature was something that you explicitly invoked, and then you had to sit and wait while the program looked for all your potentially-misspelled words, and then showed them to you one at a time for a decision on what to do for each one. Word did introduce an Auto Spell Check feature to run spell check when the user was idle, so that when you hit the Spell Check button, the results were ready to go. However, the Auto Spell Check was still a blocking operation. As a result, a lot of users turned it off because it always seemed to decide “Now would be a good time to spell-check the document” just as you wanted to do something, forcing you to wait for the spell check pass to complete before you could, say, save and exit. Tony made the spell checker much more unobtrusive so that it didn’t interfere with your foreground work. And when it found a problem, instead of waiting for you to trigger a spell check, it immediately drew red squiggles under potentially-misspelled words (and later green squiggles under potential grammatical errors). ↫ Raymond Chen at The Old New Thing Tony Krueger passed away recently, after, among other things, having worked on an dizzying number of Microsoft Word releases. Imagine coming up with something that seems to basic and elementary to us now, and seeing it spread pretty much everywhere. I wonder what it must feel like to have invented something that seems so simple, most people don�t even realise they use it every single day.
- KDE is going to fix network shares
I�ve had my share of issues with network shares on any operating system, but since I mostly use KDE these days I found this deep dive into how, exactly, network shares work in KDE quite interesting. It turns out that while network shares in KDE�s Dolphin mostly work, it does involves a few layers that sometimes don�t interact well with each other, leading to really curious and annoying problems with mounted shares not appearing, permission issues, and so on. The biggest cause of problems is when using a non-KDE application in KDE that also happens to use a non-KDE save/open dialog. Such a non-KDE save/open dialog won�t be able to see any network shared mounted by KDE, and sadly, quite a few applications you�re likely to use on a KDE installation use non-KDE open/save dialogs, like Blender, GIMP, LibreOffice, OnlyOffice, Inkscape, Audacity, DaVinci Resolve, and more. That�s one hell of a list of applications to offer inconsistent or outright broken access to network shares you�ve set up and mounted in KDE. Luckily, this issue seems to be getting a ton of attention soon. All is not lost. Happily, KDE just received an investment of over €1.2 million from the Sovereign Tech Fund, and it includes funding for improvements to KDE’s network share handling! ↫ Nate Graham The project is in the planning phases at the moment, but they�re considering a whole slew of possible changes, fixes, and workarounds to make this stupid and annoying problem just go away. In 2026, nobody should be dealing with manually editing /etc/fstab or getting frustrated over supposedly disappearing network shares.
- Xfce�s new Wayland compositor sees first alpha release
The developer working on Xfwl4, the Wayland compositor for Xfce, has published the new compositor�s very first alpha release. Considering it�s only been six months or so of work, it�s impressive to see the effort reach this state already. The end goal of xfwl4 is to behave as closely as possible to an Xfce desktop running on an X server. Ideally a user could switch between the two without even knowing there’s a difference. In reality, of course, it won’t be quite that seamless, and there’s still more work to be done to get as close as possible to that ideal. This is a first solid cut at it, at the very least. ↫ Brian Tarricone Being the very first alpha release, it won�t surprise you there�s a few things missing or broken at this point. Still, if you�re brave, you can download and build the release and try it out.
- Valve opens Steam Machine waitlist
Valve officially made the Steam Machine available (sort of but not really) today, and if you were hoping for the president of the Yacht Collectors� Club to have found a loophole through the RAM and storage crisis, I�ll be the bearer of bad news: the base Steam Machine model with 512GB of storage and no controller costs $1049 or €1039. It�s clear that this price is significantly higher than Valve had originally anticipated, as the company dedicates the first part of its press announcement to this sticker shock. Steam Machine,`like our other hardware products, is made up of many components that we source from manufacturers around the world. The price at which we sell our hardware is a direct result of the cost of these components. We felt like we had a good understanding of how those costs might change over time when we first started sourcing them for Steam Machine back in 2023. That understanding was born from the many years of data we all have about the evolution of PC hardware prices – primarily, that it tends to get cheaper over time as new technology arrives. Over the past year or so, that has changed quickly and significantly, most visibly for RAM and storage components. There are a variety of reasons, all of which are affecting hardware products everywhere. The overall effect is that our original goal for the price of Steam Machine is no longer viable. So the prices we�re sharing today reflect the state of the world for manufacturing; or, more accurately, it reflects the price of the components as we�ve secured them over the past 6 months. Price wasn�t the only thing impacted by all of this: availability was as well. There were periods where we found we couldn�t source some of our components at all, at any price. More than anything else, this has impacted the number of units we�ve been able to produce for launch. ↫ Valve press announcement As Valve mentions, availability is also going to be an issue, and thus they�ve had to settle on a complex reservation and lottery system. Between now and 25 June, you can sign up for a model, after which the entire pool of reservations will be randomised to determine a waitlist order. As machines become available, they will simply go down the list from first to last as determined by that randomisation. In other words, you can�t just go out and buy one right away. At this price and for the hardware the Steam Machine contains � an AMD Zen 4 CPU with 6c/12t up to 4.8 Ghz, a custom RDNA3 GPU, and 16GB of DDR5 RAM and 8GB of DDR6 video RAM � you�re probably better off sticking with what you already have. Until the AI! bubble pops and prices come down again, that is. Thanks, AI! techbros. Everybody despises you.
- A tale of two path separators
In macOS, you can apparently create files and directories in the Finder with names that include slashes. If you then go into the terminal and take a look with ls, you�ll see that the slashes are actually colons. I don’t understand all the nuances, but I know this is a side-effect of the fact that macOS has not one but`two`path separators: the slash (/) and the colon (:). The two separators are used in different contexts, and the system will translate between them as needed. These two separators reflect the two parent systems of modern macOS:`classic Mac OS`and the`Unix-like NeXTSTEP. When they were joined together, Apple’s engineers had to build a file system that was compatible with both the classic Mac’s file system (the Mac OS Extended File System, aka HFS+), and with NeXTSTEP’s file system (the Unix file system, aka UFS). Among other differences, these systems had different path separators: HFS+ used a colon, while UFS used a slash. ↫ Alex Chan (article from 2021) I had no idea macOS worked this way, but it makes sense considering the platform�s dual history. What�s interesting is that when Apple moved to APFS almost a decade ago, this duality in path separators remained, most likely for backwards compatibility reasons. In a sense, this is somewhat similar to Windows supporting both backward and forward slashes, with the former being a leftover from DOS, and the latter an addition (to Windows) from the UNIX world. None of that beats Windows when using the Japanese or Korean locale, though. Because Japanese and Korean Windows use different codepages than Windows in the Americas and Western Europe, these versions of Windows render the backslash as the yen sign (¥) and and won (₩) sign respectively. As such, something like the Program Files directory actually renders like C:¥Program Files¥ and C:₩Program Files₩. Similar issues occurred in other Windows locales as well, but the impact of this in Japan and South Korea were so widespread that people just expect it to be that way, even if it�s easily fixed today. I can�t find if Windows 11 still uses ¥/₩ in Japan/South Korea, since the last references of it I can quickly uncover all point to Windows 10.
- Apple internals: Swift in the kernel
Apple�s Swift has become the de-facto language for Apple�s own developers for a while now, and it seems that with the new operating system releases from the company unveiled during WWDC, Switch is now also being used in the kernel. Naturally I dropped what I was doing and went grepping through the iOS 27 kernelcache. Alas, nothing came of it. All is not lost though: I found the Embedded Swift runtime in macOS 27, sitting in`com.apple.kec.pthread`of all places. Then I went poking around the root filesystem and it turns out Apple gave the whole effort a name: KernelKit. Let�s dissect it. ↫ Josh Maine It�s still quite limited at this time, which makes sense � you don�t want to be too crazy with the core of the operating system that runs on god knows how many PCs, smartphones, and other devices. It�s also entirely contained within a few kexts as embedded runtimes, and the XNU kernel itself remains entirely C and C++.
- I stored a website in a favicon!
Every website has a favicon. It�s that little icon in your browser tab. Usually you upload it once and then never think about it again. But. A favicon is just an image. An image is just pixels. And pixels are just bytes. So of course I wondered if I could store something inside one. ↫ Tim Wehrle I love it when people do something useless just for fun.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- KDE Linux Drops AUR
KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.
|
