|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- [$] Open-source security is not a solo activity
Over time, many open-source maintainers face the same problem: theylack the time to do all of the work that their project needs, and noone else is stepping up to provide adequate help. Maintainers, though,are often reluctant to throw in the towel. The result is suboptimalall around; the maintainer is stressed out, project quality suffers,and users face security risks that they may not be fully aware of. Atthe 2026 OpenSource Summit North America, Robin Bender Ginn spoke about thisproblem, when it might be time for maintainers to pass the torch, andthe responsibilities of users.
- [$] BPF in the agentic era
Alexei Starovoitov gave "less of a presentation, more of a scream ofrealization" at the BPF track of the 2026Linux Storage, Filesystem,Memory-Management, and BPF Summit. He shared a set of ideas for how BPF couldchange to avoid being swept away by the sea-change in programming represented by modernlarge language models (LLMs) and the coding agents based on them.In a follow-up session, the discussion coveredmore problems with how coding agents use tools like bpftrace, and the current deluge ofpatches in need of review in the BPF subsystem.
- Tridgell: rsync and outrage
Andrew Tridgell has written a blogpost responding to complaints that he has begun using LLM tools inhis work maintaining rsync:
Like many developers of open source packages I've been hit by aflood of security reports lately in my role as the rsyncmaintainer. Many of those reports are AI generated (not all though,there are some notable ones with very careful and high quality manualanalysis).
As this flood started to get more intense I realised I needed toraise the defences on rsync a lot — we needed much more thorough testsuites, code coverage analysis, CI testing on a lot more platforms,deliberate and thorough scanning for possible security issues (so Ifind at least some of them before other people!) and the addition of awhole lot of defence-in-depth hardening techniques.
[...] Now to the future, because we're not done yet by a longshot. The security reports keep rolling in. I'm working on a bunch ofCVEs right now. Luckily I've been joined by some other very gooddevelopers with great systems development skills and securityknowledge. Some of these people came to my attention partly because ofall the rage happening at the moment, so I get some rage storm cloudshave silver linings. Watch out for some credits for some great newrsync developers in the next release.
- Security updates for Wednesday
Security updates have been issued by Debian (php-twig), Fedora (hplip, python-wsgidav, roundcubemail, and xorg-x11-server), Oracle (compat-openssl10, httpd:2.4, and kernel), Red Hat (osbuild-composer), SUSE (busybox, cloudflared, cockpit, cups, ffmpeg-4, gnutls, google-osconfig-agent, helm, hplip, kernel, kubelogin, libjxl, libsoup, libunbound8, LibVNCServer-devel, mapserver, nvidia-open-driver-G06-signed, nvidia-open-driver-G07-signed, openssh, python-idna, qemu, rqlite, shadowsocks-v2ray-plugin, ucode-intel, unbound, vim, vorbis-tools, and xorg-x11-server), and Ubuntu (age, dovecot, editorconfig-core, gobgp, libapache-mod-jk, libcommons-lang-java, libcommons-lang3-java, libeconf, linux, linux-aws, linux-aws-6.8, linux-aws-fips, linux-azure, linux-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-nvidia-tegra, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8, linux, linux-aws, linux-azure, linux-azure-6.17, linux-hwe-6.17, linux-nvidia-6.17, linux-oem-6.17, linux-oracle, linux-oracle-6.17, linux-raspi, linux-realtime, linux-realtime-6.17, linux, linux-aws, linux-gcp, linux-ibm, linux-nvidia, linux-oracle, linux-raspi, linux-realtime, linux-aws-6.17, linux-gcp, linux-gcp-6.17, luanti, mysql-8.0, mysql-8.4, node-tar-fs, and unbound).
- [$] Caching for extended attributes
Extendedattributes (xattrs) provide a way to attach key/value metadata toinodes—files, directories, and the like—in a filesystem. As with manyLinux filesystems, the FUSE filesystemsupports xattrs. In a filesystem-track session at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, FUSE maintainer MiklosSzeredi led a discussion about caching xattrs in kernel memory; he wouldlike to create some common infrastructure that could be used by FUSE andshared with other filesystems.
- [$] Trying to make sense of package-manager metadata
Package managers for operating systems and programming languages have beenaround for decades. Each package manager, and its accompanying packaging format,has been shaped by the needs of its respective ecosystem, but there is a growingneed to make use of package metadata for more than software management: forexample, in vulnerability scans, software bills of materials (SBOMs), and more. OnMay 19, Damián Vicino spoke at the Open Source Summit North America 2026about his experiences in the past year trying to make sense of the variedmetadata provided by more than 20 package managers.
- Vim Classic 8.3 released
Version8.3 of Vim Classic has beenreleased. This is the first release of the Vim fork since the projectwas announcedin March.
This release is based on Vim 8.2.0148, with a number of bug fixesand patches conservatively backported from future versions of Vimupstream. We elected to clean up this version of Vim, prepare it for arelease, and imagine an alternate history where Vim 8.3 was releasedwithout Vim9 script. The result is Vim Classic 8.3. We chose to takethis approach in order to reduce the long-term maintenance burden ofVim Classic, acknowledging that our fork lacks the resources andinstitutional knowledge available to Vim upstream. However, aconsequence is that there are some Vim plugins which are notcompatible with Vim Classic.
We have made a special effort to assess patches from Vim upstreamwhich mitigate some of the many CVEs affecting Vim which werediscovered and fixed between versions 8.2 and modern-day Vim, but wecan't be sure we've got all of the security patches which areapplicable to Vim Classic (and practically exploitable). This versionof Vim Classic is therefore recommended for early adopters who arecomfortable adopting a security posture which accounts for the factthat we may have overlooked some bugs.
LWN covered VimClassic and another Vim fork, EVi, in April.
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (php:8.2 and php:8.3), Debian (gst-plugins-good1.0, symfony, and yelp), Fedora (dovecot, freeipa, hplip, libpng, perl-Catalyst-Plugin-Authentication, postfix, samba, unbound, and vim), Mageia (assimp, libcaca, sdl2_sound, and tar), Slackware (kernel), SUSE (alloy, apache-commons-lang3, apache-commons-text,, apache2, bubblewrap, busybox, chromium, cups, docker-stable, ffmpeg-8, google-osconfig-agent, gsasl, ignition, java-26-openjdk, kernel, libsolv-demo, libsoup, libzypp, localsearch, openjpeg2, postgresql-jdbc, putty, python-mistune, python-Pillow, python-python-multipart, python-Twisted, python3-Twisted, re, roundcubemail, vim, wireshark, and xz), and Ubuntu (evolution-data-server, exim4, gsasl, haveged, lcms2, libreoffice, linux-aws, linux-lts-xenial, linux-lowlatency, linux-nvidia-tegra, nginx, nncp, qtdeclarative-opensource-src, sslh, sssd, and xz-utils).
- Ombredanne: An AI agent ported our codebase from Python to Rust
Over on the AboutCode blog, leadmaintainer Philippe Ombredanne writesabout an agentic LLM system porting the ScanCodeToolkit to Rust. In the process, the LLM (or the people behind it)infringed the ScanCode trademark, stripped copyright and license notices,"and started an outreach campaign, without ever engaging the AboutCodecommunity". Ironically, the toolkit is used to scan source code and binaries inorder to figure out licensing and copyright information; it also reports onpackagedependencies, vulnerabilities, and more.This is worth repeating: A comprehensive test suite, decent documentation, and curated datasets is what makes automated porting possible. It is also what makes a codebase easier to replicate without understanding it.
The agent's initial approach, using an existing Rust license-detection library, failed to match ScanCode's output quality. The agent then did what any translator would do when a loose paraphrase fails: it copied the original more closely. The final port reproduces ScanCode's core algorithms, code organization, and data-driven architecture in Rust, not because the agent understood them, but because it had enough training data and test feedback to converge on equivalent code.
- [$] Representing the true signatures of kernel functions
Optimizing compilers can, under some circumstances, infer when a parameter to afunction is not needed, and remove it. This is all well and good until thekernel's tracing or BPF subsystems need information on how to call the functionor where its arguments are stored.Alan Maguire and Yonghong Song spoke at the 2026LinuxStorage, Filesystem, Memory-Management, and BPF Summit about their work onrecording information regarding changed function signatures in the kernel's BTF debugginginformation, to better support tracing such functions.
- (Updated) Orange Pi Unveils AI Station with Ascend 310 and 176 TOPS Compute
Orange Pi closes the year by unveiling new details about the Orange Pi AI Station, a compact board-level edge computing platform built around the Ascend 310 series processor. The system targets high-density inference workloads with large memory options, NVMe storage support, and extensive I/O in a small footprint. The AI Station is powered by an […]
- #Commit History: Tell Us About Your First Commit
Maybe it was a one-line typo fix in the docs. Perhaps it was a package you’d been maintaining in secret for months before you finally submitted it. Maybe it was completely terrifying, or maybe it just felt like the most natural thing in the world. Whatever it was we want to hear about it. Ahead […]
- From Antarctica to FPL : Jef Spaleta on Leading Fedora Into Its Next Chapter
Flock to Fedora is more than a conference – it’s where the Fedora community comes alive. As part of the “CommitHistory” campaign, we sat down with confirmed Flock 2026 speakers to hear their stories: what brought them to Fedora, what Flock means to them personally, and what they’re hoping for in Prague this June. This […]
- Canonical Now Considers Their Steam Snap For ARM64 To Be Stable
At the beginning of the year Canonical announced a Steam Snap package for Ubuntu ARM64 that leverages the FEX emulator for running x86/x86_64 games on ARM64. After months of testing and improvements, they now consider their Steam Snap for ARM64 to be stable...
- EU Plots To Abandon US Tech
Ancient Slashdot reader whitroth shares a report from Politico, with the caption: "shutting down Microsoft Office for the International Criminal Court (ICC) was clearly a wake-up call." From the report: The EU is moving to counter American dominance in technology by reaching for one of the oldest tools in its arsenal: industrial strategy. As the European Commission unveiled a plan Wednesday to reduce Europe's reliance on the foreign technology providers that underpin the modern economy, it was careful to stress that it was not picking a fight with U.S. digital giants. Instead, the tech sovereignty package -- motivated in no small part by U.S. President Donald Trump's weaponization of Europe's dependence on American firms -- takes a longer-term view: boost the continent's players so they can eventually challenge their U.S. rivals. [...] If adopted, the package will direct public money toward products that contribute to Europe's economy and independence from foreign firms; cut red tape for data centers; beef up research and innovation through "leadership initiatives"; incentivize countries to share digital capacities in a new "Eurocloud" forum; and require EU governments to come up with national strategies to boost the adoption of cutting-edge tech, including AI. The package will also seek to ramp up the bloc's demand for advanced chips -- a response to criticism by the industry -- with a series of industrial initiatives to revise a 2023 chips law. [...] As part of its proposal to keep a list of trustworthy countries, the Commission would require EU governments to run a so-called "sovereignty risk assessment" for every digital service they rely on, measuring foreign control, potential access to sensitive data and the risk of operational disruption. Within a year, they would have to determine the appropriate level of protection for each public sector and procure digital services accordingly -- unless they can prove doing so would come at a "disproportionate cost," the proposal reads. However, the Commission reserves the right to overrule their assessment in future legislation if it believes they downplayed the risks. The Commission estimated that just one percent of Europe's public services are so sensitive that they would be required under the proposed certification scheme to rely on the strict level that totally excludes foreign technology. "We cannot afford to depend on others for the technologies that keep our hospitals running, our energy grids stable and our services secure," Commission President Ursula von der Leyen said in a statement. "This is about protecting our citizens, defending our interests and making our own choices."
 
Read more of this story at Slashdot.
- MacBook Neo is So Popular That Apple Reportedly Doubled Production
According to supply chain analyst Ming-Chi Kuo, Apple has reportedly doubled 2026 MacBook Neo production from 5 million to 10 million units after stronger-than-expected demand for its $599 budget laptop. MacRumors reports: On an earnings call in late April, Apple's CEO Tim Cook said that customer response to the MacBook Neo was "off the charts," and the popularity of the laptop has reportedly led the company to significantly boost production. [...] Apple was very optimistic about the MacBook Neo before announcing it, but the company still "undercalled" the level of enthusiasm that the laptop would generate, according to Cook. He said that MacBook Neo demand exceeded Apple's expectations and helped to drive a record number of first-time Mac buyers last quarter. New figures from market research firm IDC support Apple's claim that the MacBook Neo is selling well, and the Windows PC industry has taken notice. For example, Dell recently introduced a redesigned XPS 13 laptop from $699 and said it has features "you won't find on a MacBook Neo," such as a touch screen and a backlit keyboard. "Apple's MacBook Neo is a capable machine, and its arrival confirms that there's real appetite for premium quality at accessible prices," admitted Dell.
Read more of this story at Slashdot.
- Google Launches 'Gemma 4 12B' AI Model That Can Run On Your Laptop
Google has launched Gemma 4 12B, a 12-billion-parameter open AI model designed to run locally on your laptop without depending entirely on cloud infrastructure. WION reports: According to Google, the new model delivers performance close to much larger AI systems while requiring significantly less memory. The company says Gemma 4 12B can run locally on devices equipped with just 16GB of VRAM, making advanced AI more accessible to developers, researchers and businesses. The launch highlights a growing trend across the AI industry: bringing powerful AI models directly to personal computers instead of relying solely on remote data centers. Gemma is Google's family of open AI models built using technology and research from its Gemini program. The new Gemma 4 12B model contains 12 billion parameters and has been designed to handle multiple types of information, including text, images and audio. Unlike traditional AI systems that focus only on text, Gemma 4 12B can understand visual content, process audio inputs and perform advanced reasoning tasks. This makes it suitable for a wider range of applications, from software development and content creation to research and automation. Google says the model is available under the Apache 2.0 licence, allowing developers and organizations to use, modify and deploy it with relatively few restrictions. [...] One of the most significant technical changes in Gemma 4 12B is its new unified architecture. Traditionally, multimodal AI systems use separate components known as encoders to process images, audio and text before combining the information. Google says Gemma 4 12B removes the need for separate multimodal encoders. Instead, the model processes different types of information through a unified architecture. According to the company, this helps improve efficiency while reducing memory requirements and computational overhead. The result is a model that can deliver advanced multimodal capabilities while remaining small enough to run locally on modern hardware.
Read more of this story at Slashdot.
- Google Shares Fitbit Air Blueprints So Anyone Can 3D-Print Accessories
Google has released (PDF) technical specs and 2D CAD drawings for the Fitbit Air to encourage users to make their own accessories. "These CAD drawings include crucial mating dimensions, tolerances, and mating force specifications -- including attach and detach force -- to help you build a high-quality accessory band," Google says on a store page listing. 9to5Google reports: Noting how the "community has already come up with innovative and creative new ideas to make the Fitbit Air [their] own" since launch last month, Google is "officially releasing the hardware specifications and accessory design guidelines for the Fitbit Air tracker to the public." For example, owners have already found their own bicep band solutions. This information would typically just be available for third-party accessory companies, but Google wants to open things up to "independent designers and artisan makers." The Google Store page also lists other things developers should keep in mind, such as sensor clearance, sensor pressure, secure retention, and skin-friendly materials.
Read more of this story at Slashdot.
- Microsoft Plans Linux Tools, RTX Spark Desktop For Windows Devs
An anonymous reader quotes a report from Ars Technica: Microsoft's Build developer conference kicked off today, and as with almost everything the company has done in the last few years, Microsoft's opening keynote focused overwhelmingly on AI and other closely related technologies. [...] On the hardware front, we didn't get any updates for existing Surface devices (not counting yesterday's Surface Laptop Ultra announcement), but we did get something new: the Surface RTX Spark Dev Box is "a compact developer PC" built around Nvidia's new RTX Spark chip with up to 128GB of built-in memory. The Dev Box looks a little like a cartoon anvil or piano fell onto an Xbox Series X and flattened it. Its aluminum casing was designed "to double as a heatsink," and its preloaded version of Windows 11 Pro will include a "purposeful" set of developer-centric default settings and preinstalled tools. This is a follow-up of sorts to the Windows Dev Kit 2023, also known as "Project Volterra." This Qualcomm Snapdragon 8cx Gen 3-powered PC was essentially the system board from a Surface Pro tablet stuffed into a plastic box, and it was introduced alongside Arm-native versions of several Microsoft developer tools. It helped to set the stage for the Arm-based flagship Surface devices that launched the next year, which benefitted from a better and faster x86-to-Arm code translation technology called Prism and a greater number of Arm-native third-party apps that didn't need to be translated in the first place. Microsoft didn't announce pricing or specific specs for the RTX Spark Dev Box, but you can probably expect it to cost quite a bit more than the $600 that Project Volterra did. Hopefully, Microsoft can keep the price at least somewhat lower than the $4,699 asking price for Nvidia's similarly specced DGX Spark box. On the software side, several developer-centric changes are coming to Windows 11, particularly for users of the Windows Subsystem for Linux (WSL). Microsoft is introducing a Windows-native version of the coreutils command line tools, so that commands or scripts made for Linux work within Windows and the other way around; the ability to run WSL inside of containers, said to be arriving in "the coming months"; and something called Windows Developer Configurations that uses the WinGet tool to quickly set up "a distraction-free dev environment with VS Code, GitHub Copilot, WSL, PowerShell 7 and developer-optimized settings with one command on any Windows 11 device." Microsoft also introduced Microsoft Execution Containers (MXC), as "enterprise-grade sandboxed environments" that let AI agents like OpenClaw operate on Windows without getting unrestricted access to the whole system. In theory, MXC could let organizations enforce agent-specific limits, such as blocking access to personal accounts, separating work and personal data, or requiring permission before deleting files. The MXC GitHub repo also notes support for "multiple containment backends," meaning the same sandboxing concept could apply beyond AI agents to other plugins, tools, and workloads. Further reading: Microsoft Unveils Scout, an Autonomous AI Agent Built On OpenClaw
Read more of this story at Slashdot.
- Meta Workers Can Opt Out of Workplace Tracking for Up to 30 Minutes
Meta is scaling back parts of its employee tracking initiative after staff objected to software that collected mouse movements, clicks, keystrokes, and other actions for AI training data. According to Reuters, the company will now let workers pause collection for up to 30 minutes and request exemptions. Reuters reports: [Stephane Kasriel, a vice president in Meta's AI model-building Superintelligence Labs unit] said the team behind the software had also introduced "several optimizations" to reduce its impact on computer battery life, after employees complained it was consuming so much data it was causing their home internet usage to spike. "While we remain confident in the privacy protections we put in place at launch, which went through several layers of risk review, we have heard your concerns about personal data on work devices, battery life, and wanting more control over when capturing happens," Kasriel said in the memo.
Read more of this story at Slashdot.
- Microsoft Claims New Quantum Chip 1,000 Times Better Than Before
Microsoft says its new Majorana 2 quantum chip is 1,000 times more reliable than its predecessor, with qubits lasting about 20 seconds instead of milliseconds, and claims it could have a commercially useful quantum machine by 2029. The BBC reports: "We will have a quantum machine in 2029 that can solve commercially viable, reasonable problems," said Zulfi Alam, corporate vice president of Microsoft Quantum. That would still require huge further advances as such a device would require millions of qubits - the current chip, Alam said, has 12. Assessing the firm's claims are difficult because it does not release the full details of what it has discovered publicly, citing commercial confidentiality. Microsoft has spent 20 years pursuing an approach to quantum computing known as "topological." The firm's approach to this is based on exploiting the properties of a so-called quasi-particle, which had existed only in theory, since it was first predicted in the 1930s by Italian physicist Ettore Majorana. To do this it had to exploit a novel state of matter - different from the three familiar states of liquid, solid or gas. Paul Stevenson, a physics professor at the University of Surrey, said the tech giant's timeline sounded plausible - if its research lived up to its claims. "Microsoft appears to have made a leap in their attempt to produce viable topological qubits," he said. "If they succeed, they will leap from being a player with no production quantum computer, to being a serious player in the race to make the next generation of fault-tolerant machines."
Read more of this story at Slashdot.
- Android Gets Fake Call Detection That Uses RCS
An anonymous reader quotes a report from 9to5Google: Phone by Google wants to combat the "growing threat of impersonation scams" and protect Android users against "sophisticated, AI-powered deepfake attacks" with fake call detection. [...] Fake call detection requires that both parties are on Android and use the Phone by Google app, while Google Messages and Google Contacts also have to be installed. When a contact calls, their phone "sends a silent confirmation signal in real time to your device to verify the call is legitimate and truly coming from the contact's device." This digital handshake uses end-to-end encrypted RCS (Rich Communication Services). If you're being scammed by an impersonator, your phone will notice that the "initial confirmation signal will be missing," and ping the contact's real device to double-check. If their real device says, "I'm not making a call right now," you'll get a warning on your screen advising you to hang up immediately. This feature will be available globally on Android 12+ phones starting with Pixel devices this month. Fake call detection is enabled by default but can be turned off at any time. Google says it's "possible for other apps and device manufacturers to adopt this technology" given the RCS underpinnings. You can learn more about fake call detection in Google's blog post.
Read more of this story at Slashdot.
- Thanks To Robots, Ukraine Is Now Talking About Winning, Not Just Surviving
fjo3 shares a report from Defense One: A small but growing number of European officials and analysts are saying what four years ago was unthinkable: Ukraine isn't just surviving its grueling war with Russia, it is in some ways thriving and may even be on a path to victory. This isn't yet captured in headlines -- for example, about last weekend's barrage of Russian drones and missiles around Ukraine -- but in the details, like how some 90 percent were intercepted. Several long-term trends have shifted in Ukraine's favor, and the core reason is its fierce focus on AI and robotics. In the crucible of war, Ukraine has developed drones and ground robots that can hold territory -- even take it back. Some are fully controlled by humans, like supply robots and medical-evacuation vehicles. But an increasing number are controlled in at least some aspects by dozens of AI products, from guidance packages on aerial drones to decision aids at the highest levels. [...] Just as important as the tech are the new tactics. Given unusual latitude to experiment, Ukrainian fighters began to develop robot-forward infantry concepts, like combined-arms attacks by airborne and ground systems, "more than a year ago. Right now, we're massively starting to implement this," said Davyd Aloian, deputy secretary of the National Security and Defence Council of Ukraine, the coordinating body on domestic and international security, in an interview. Ukraine and its partners are also steaming ahead on new concepts for highly autonomous defenses against Russian drones, combining ISR sensors and AI to detect and identify enemy drones in less time and with more certainty. "All of the systems are being linked with each other and with people" to create a distributed network with interceptor drones at various locations to be activated when needed, Aloian said. "One day we will have only like 10 guys who are just going to be responsible for approving interception. And it will automatically go direct to the target." The human operators will be dispersed as well. "Everything can be controlled from Kyiv, Lviv, from cities in other countries," he said. "It's not what happened to Ukraine" (referencing Russia's barrage of Shahed drones) that "should scare us in Europe," said Swarmer CEO Serhii Kupriienko. It's how quickly Ukraine's "middling" military evolved to counter Russia's invasion. "We are behind by literally 10 years or 20 years" in some defense-technology areas, such as satellite imagery, Kupriienko said, and yet his country has climbed a capability curve that just two years ago seemed insurmountable. So could others, he said. "The answer is always AI solutions and integrating the AI into even the daily routine work within the bureaucracy," he said. "We have evolved since 2022, the industry has and our defense has as well. Right now we are able to provide not only [large quantities of drone] assets but everything what is needed to build out the ecosystem," including parts and production, training, modification, etc. Aloian said.
Read more of this story at Slashdot.
- Trump Administration to Dismantle Ocean Monitoring System
The Trump administration is moving to dismantle the National Science Foundation's $368 million Ocean Observatories Initiative, a network of more than 900 deep-sea instruments used to monitor ocean currents, marine ecosystems, carbon absorption, heat waves, fisheries, coastal flooding, and climate change. The NSF said it would send ships in June to begin the removal of the instruments anchored off Oregon, Washington, Alaska, North Carolina, and an area between Greenland and Iceland known as the Irminger Sea. The New York Times reports: The ocean observation system began operating in 2016 and was expected to continue for 25 years. Jim Edson, a marine meteorologist who led the Ocean Observatories Initiative, called it "the world's most advanced continuously operating ocean observing systems." When it was first proposed, the science foundation said it was important to have a long-term presence at scientifically important sites in the Atlantic and Pacific oceans. Removing the instruments could take 15 months. Seismic instruments positioned around an active underwater volcano off Oregon will continue operating until 2028. Each observation station consists of several moorings that secure long arrays of devices connected to wires. The devices measure ocean currents as well as chemical and biological conditions from the water's surface down thousands of feet. The instruments were hardened to resist the pressure of the deep ocean, corrosive seawater as well as marine plants and animals that can foul electronics. Remotely controlled robotic vehicles and gliders around the moorings collect and transmit data to research laboratories. It cost $48 million annually to operate the network. The Trump administration repeatedly tried to shutter it, proposing to cut its funding by 80 percent in both 2025 and again in 2026. Congress pushed back, restoring the money. To try to reduce costs, managers turned off some of the instruments and collected less data, according to a December 2025 presentation about the observatories at the annual meeting of the American Geophysical Union, a nonprofit organization of scientists. Still, the science foundation moved ahead to decommission the observatory network.
Read more of this story at Slashdot.
- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
- AMD EPYC 8635P "Sorano" Benchmarks: Significant Upgrade Opportunity For EPYC 8004 Servers
After announcing the AMD EPYC 8005 "Sorano" series back in February, AMD recently began shipping these Zen 5 successors to the EPYC 8004 "Siena" line-up. With the EPYC 8005 product stack ranging from 8 to 84 cores and being drop-in upgrades for EPYC 8004 servers after a BIOS update, these are quite some interesting processors for those after a single socket, performant server. Up today are benchmarks of the EPYC 8635P as the flagship 84 core Sorano CPU.
- Intel Preps GCC Function Multi-Versioning To Support APX & AVX10.2
Along with some GCC compiler tuning for Nova Lake and Diamond Rapids to deal with some new APX capabilities not proving beneficial for performance, new patch activity today is preparing GCC for function multi-versioning (FMV) for the AVX10.2 and APX instruction set extensions...
- Ubuntu To Ship Newer AMD ROCm Updates Via SRUs
As noted back in April, with Ubuntu 26.04 LTS it's now possible to simply "apt install rocm" on Ubuntu Linux for installing AMD's open-source GPU compute stack. But as prominently noted there, what's shipped right now in Ubuntu 26.04 LTS is already months out of date compared to upstream ROCm. Fortunately, Canonical shared today that moving forward they plan to ship newer ROCm versions as stable release updates (SRUs)...
- NVIDIA Hopper & Blackwell GPU Support Moves Closer For Open-Source Nova Driver
While the upstream, open-source Nouveau driver already supports NVIDIA's Hopper and Blackwell graphics processors with the GPU System Processor (GSP) code path, the bring-up of the Rust-written Nova driver remains ongoing. Out this week is the 12th iteration of the Hopper and Blackwell enablement for this future open-source NVIDIA Linux driver...
- Microsoft Announces Coreutils For Windows: Derived From Rust Coreutils
As another interesting takeaway from this week's Microsoft Build 2026 conference beyond their open-source Intelligent Terminal project is Coreutils for Windows. Microsoft is maintaining a fork of Rust Coreutils for Windows to ease the developer experience across Windows / WSL / macOS / Linux...
- Canonical Now Considers Their Steam Snap For ARM64 To Be Stable
At the beginning of the year Canonical announced a Steam Snap package for Ubuntu ARM64 that leverages the FEX emulator for running x86/x86_64 games on ARM64. After months of testing and improvements, they now consider their Steam Snap for ARM64 to be stable...
- Marek Olšák Scores Up To 100% Pixel Throughput Optimization For RADV Driver
Marek Olšák who had been a longtime AMD Linux driver engineer specializing in the RadeonSI Gallium3D driver, recently began working for Valve on their Linux graphics driver team. His focus has understandably shifted to working on the RADV Vulkan driver and one of his early optimizations now with the Valve hat on is up to a 100% pixel throughput optimization for the RADV driver, which is already quite well optimized thanks to years of investment from Valve, Red Hat, and others...
- Microsoft brings coreutils to Windows
At its Build conference, Microsoft announced coreutils for Windows. Coreutils for Windows is a Microsoft-maintained set of UNIX-style command-line utilities that run natively on Windows — the same commands and pipelines you use on Linux, macOS, and WSL. It ships as a single multi-call binary that exposes each utility under its standard name (cat.exe, grep.exe, find.exe, and so on), giving you the everyday tools developers already use on other platforms to script, automate, and process text. For the full list, see Commands. The goal is to remove friction when moving between Linux, macOS, WSL, containers, and Windows. The same commands, flags, and pipelines work the same way, so existing scripts and habits carry over without translation. Each command supports the standard --help flag for full syntax and options. ↫ Windows Developer Tools website It�s a port of the Rust-based rewrite of the GNU coreutils, findutils, and grep. There are a few caveats though, since these ports have to deal with a number of Windows-isms. The first thing that comes to mind for most of us are path separators; these ports will handle both the correct and incorrect Windows/DOS one, but since some tools may output only the incorrect one this may affect piping. You should also take into account things like Windows� ACLs vs. POSIX permission bits, the lack of /dev/null, and a few other oddities. Furthermore, there are a bunch of commands that rely on POSIX-only concepts, so those aren�t included, and a few other commands that aren�t useful on Windows are excluded as well. Since a number of commands conflict with built-in commands from cmd.exe and PowerShell, which commands run will depend on the shell, the PATH order, and PowerShell�s alias table. Everything�s in preview, and installable through WinGet.
- Basic multicore support for DOS demo uncovered
On the Vogon forums, user MarkDastedt posted an interesting bit of source code he discovered on an old company DVD: a very basic, very rudimentary implementation of multicore support for DOS. Another user, dartfrog, took a closer look and had this to say: Interesting stuff nonetheless. A worker core is running with no interrupt handlers, no page tables, no memory protection, and no OS. That�s about as close to bare metal as you can get, meanwhile the other core is still running DOS. Fascinating. ↫ MarkDastedt at the Vogon forums It�s effectively a simple demo, but according to other users in the thread, it fits in neatly with sporadic other attempts to bring some form of SMP or multicore-awareness to DOS. For instance, Michael Chourdakis worked on something similar to this demo for a series of articles now only available on the Wayback Machine. It makes for a cool demo, but moving from this to something robust and usable in DOS is not an easy task. Still, the possibilities are definitely there, even if you don�t implement full, modern SMP or multicore support. You could have specific DOS applications offloading dedicated tasks to different cores, but as others in the same thread note, individual cores are already stupidly powerful for anything DOS can do, making the use case for additional cores rather moot.
- Serena OS: a modern operating system for classic Amigas
A hobby operating system, not written in Rust, not targeting Qemu, not targeting a Raspberry Pi. Yes, it still happens. Serena OS is what you get when modern operating system design and implementation meets vintage hardware like the Amiga computers. It is based on dispatch queues rather than threads, supports multiple users, is inspired by POSIX, yet retains its own character, is strongly object-oriented in terms of design and implementation and prepared for a cross platform future. ↫ Serena OS GitHub page Serena OS supports most (all?) of the classic Amigas, but the 500, 600, and 2000 need at least 1MB of RAM and a 68020 accelerator. It has code privilege separation between kernel and userspace, basic memory management, its own custom file system, drivers for input devices and graphics, an interactive console with VT52 and VT100 support, and much more. It also comes with a C99-compatible libc, and has its own shell. Note that AI! chatbot Claude is listed as a contributor to the project.
- Rsync opens the slopgates, regressions and bugs ensue
Andrew Tridgell, developer of rsync, has published a blog post addressing the massive surge in AI! code submissions and the string of regressions supposedly caused by them. He explains rsync was flooded with AI!-generated security reports, and he couldn�t handle the volumes anymore. As this flood started to get more intense I realised I needed to raise the defences on rsync a lot — we needed much more thorough test suites, code coverage analysis, CI testing on a lot more platforms, deliberate and thorough scanning for possible security issues (so I find at least some of them before other people!) and the addition of a whole lot of defence-in-depth hardening techniques. This is all a huge amount of work. I’m retired (though my wife may dispute that!) and I’d rather be out sailing than working on rsync security issues, so I have reached for several AI tools to help with what needs to be done. I have absolutely no regrets about doing that, although from the storm of anti-AI rage it’s clear that many people think I should be hung up by my toe nails and flogged for even considering doing this. ↫ Andrew Tridgell The entire rsync codebase is around 65k lines, and the recent flood of AI!-generated submissions amount to +16k/-6k lines of code within a few weeks. That�s an absolutely insane amount of changes in a really short time to a project that most people deemed stable and done!. If you take a look at the activity graph, it�s clear that a project that was silently and carefully doing its job is seeing a massive amount of changes, almost exclusively generated by AI!, all in recent weeks. It�s no surprise, then, that people get annoyed when something they deemed done! and stable is suddenly causing issues for them because its maintainer decided to open the slopgates. Tridgell is, of course, an incredibly accomplished and capable programmer, but so is Kent Overstreet and he thinks his AI! girlfriend is sentient and conscious, he reprogrammed it after someone convinced his AI! girlfriend was lesbian and trans, and he thinks that he gave his AI! girlfriend an orgasm, so being an accomplished and capable programmer doesn�t mean you�re immune from AI!-hyperbole, or worse, AI!-induced psychosis. Tridgell�s blog post already has all the usual talking points from AI! techbros about how the tools sucked last but they�re good now, trust me I know how these tools work, humans are actually the same as these AI! tools, really what is intelligence anyway, and yeah we got a whole slew of new issues caused by the AI! code but more AI! code will surely fix that, and so on. There�s some red flags that give me the ick, because I�ve seen them all before from people entirely losing themselves in AI! hype. Tridgell also takes pot shots at openrsync, a reimplmentation of rsync developed by the OpenBSD team, also shipped by default on macOS. Openrsync has nothing to do with any of the current issues rsync is facing, as the project was started way back in 2018 or so. Taking pot shots at this project in this particular blog post feels childish and unnecessary, and reeks of insecurity; focus on the issues your own project is facing before attacking some other project. This feels like another red flag. Quite a few people have experienced regressions with rsync in recent weeks, but it seems like more are going to come as the slopgates will remain open, and will probably be opened even further. For such a cornerstone open source project, that raises a lot of questions, and I�m sure there�s quite a few people pondering if they should, perhaps, switch to openrsync � just like Apple did.
- WinUtils: shell-powered CLI tools for Windows 95
WinUtils started in 1996-1997 as a way to build my programming chops. I was poking around the Windows 95 shell APIs, found the file operation functions, and thought it would be cool to have CLI tools that called them instead of doing raw file I/O. The payoff was practical: because the operations went through the shell, the same confirmation prompts, progress dialogs, and Recycle Bin behavior you got from Windows Explorer came along for free. ↫ Code Naked Code Naked � their alias, not mine � recently dug these old executables and code back up, and published them on GitHub. Back then, though, there were no centralised distribution platforms, so they just uploaded them to various download and shareware websites and kept track of the download tickers. Very neat little tools, and fun to have them immortalised.
- Google offers opt-out of AI! search results for websites, promises it won�t affect regular search rankings
Google is adding a switch to allow website owners to opt out of being featured in their AI! overviews and related slopsearch results. With this new toggle in Search Console, website owners can decide if they want their site to appear in and help ground responses in our generative AI Search features (like AI Overviews, AI Mode or AI Overviews in Discover). Sites that opt out will not receive traffic or impressions from our generative AI features. This control will not be used as a ranking signal for search results outside of these generative AI Search features. This work builds on our long history of designing tools, like snippet controls and Google-Extended, that give websites more choice. ↫ Mrinalini Loew at Google�s The Keyword blog While it�s nice of Google to offer such an opt-out to website owners, their claim that opting out won�t effect your regular search ranking rings hollow to me. I simply just do not trust Google in any way, shape, or form to not weaponise their AI! against anyone who doesn�t want to be sucked up, regurgitated, and spat out in one of their slopsearch tools. On top of that, regular Google Search is dead anyway, so even if they keep their promise, it�s moot because Google users are going to be force-fed the slopsearch tools instead of the regular Google Search. I honestly have no idea how much traffic OSNews gets from Google at this point, and while I can look it up, I just don�t really care, and think it�s probably not that much. I could opt us out, but the real problem is that such an opt-out won�t stop Google�s slopbots � or anyone else�s slopbots � from taking our writing and training their AI! tools on it, so what�s the point of going through the effort? I doubt Google is relevant enough for us.
- Preparing for KDE Plasma’s last X11-supported release
With KDE Plasma 6.7 almost ready for release, developers have moved on to working on 6.8, and with that release comes probably one of the biggest deprecations in KDE�s history: as of today, the X11 session is gone from KDE. Of course, this change won�t make it to people�s computers until 6.8 actually releases, but as far the code goes, the X11 session is gone. Once 6.8 is actually released, you will only be able to log into a Wayland KDE session. This won�t affect KDE applications running in other X11 desktop environments, and of course, X11 applications will keep working in KDE as well thanks to XWayland. It�s also important to note that this won�t affect anyone sticking to older versions of KDE Plasma; it�s not like X11 session support will be yanked retroactively. From here on out, a lot of X11 code will be removed from KDE, and developers will be able to focus on just one code path, instead of accommodating the lowest common denominator in X11. Our internal metrics within KDE show that over 95% of users of Plasma 6.6 are on Wayland, with a gradual increase every release. The metrics also show that basically no one is testing or developing Plasma on X11 anymore. The platform was already, for all intents and purposes, abandoned by KDE contributors. ↫ David Edmundson The transition from legacy X11 to Wayland has been a long, painful journey, but I�m glad we�re finally reaching the destination. If you�re still having issues with KDE on Wayland, be sure you�re using an up-to-date distribution � not an LTS one � and see how that goes for you.
- The newest Instagram exploit! is the goofiest I�ve seen!
Yesterday, a slew of Instagram accounts, including some high profile ones like the Obama White House account, seemingly got hacked. Look, I’m no spring chicken. I’ve spent almost a decade and a half identifying vulnerabilities and exploits at unicorn scale, but this is hands down the most unserious, almost too stupid to be true! of them all. ↫ Sid at 0xsid.com 0it�s AI! isn�t it? All the attacker needs to kick this off is your account username. Then, they hop on a VPN or proxy close to your city so Instagram�s security algorithms don�t suspect a thing. (You can quite easily get this from your public profile or About! section or a hundred other ways.) Once it looks like the request is coming from the correct region, they tell the Meta support AI that the account is hacked and ask it to send the verification codes to an arbitrary email address they control. ↫ Sid at 0xsid.com It�s AI!. Yes, all that you need to do to gain control over big, massively popular Instagram accounts is ask Facebook�s AI! to send the verification codes to whatever email address you desire. That�s it. There�s no other steps, no other checks, no other verification. And the worst part is that this isn�t even a hack; this is AI! working entirely as intended. And these tools are now coding the Linux kernel, LLVM, systemd, PulseAudio, rsync, your browser, and so much more. What could possibly go wrong?
- Microsoft is intentionally bricking all Office for Mac 2019/2021 installations
You�re a smart cookie, so you opted to buy a copy of Microsoft Office for macOS back in 2019 or 2021, eschewing the Office 365 subscription, so you could keep on using Office 2019/2021 forever if you wanted to. Just like in the old days. I�ve got some bad news. Microsoft Office 2019 and 2021 for Mac view-only conversion (2026) is a scheduled remote degradation of perpetually-licensed Microsoft Office software for macOS and iOS, set for July 13, 2026 when a license-validation certificate used by the Office apps expires. After Office 2019 for Mac reached end of support in October 2023, Microsoft assured customers their installed apps would continue to function.! The July 13, 2026 conversion instead drops the apps into a Microsoft-defined reduced functionality mode,! in which files can be opened and viewed but not edited or saved. By May 30, 2026, the original 2023 end-of-support page had been re-dated and rewritten on Microsoft�s site; the continue to function! clause was removed. ↫ Consumer Rights Wiki Microsoft�s advice to the users they�re stealing from is to keep using the applications as mere viewers, switch to the free Office 365 web applications, pay for a 365 subscription, or buy a brand new regular copy of Office 2024. None of these make any sense, and clearly, all of this should be illegal, but it�s not because the software industry is a clown show. Proprietary software is unethical.
- NVIDIA unveils RTX Spark chip for laptops and desktop PCs
It was an open secret that NVIDIA was working on an ARM-based system-on-a-chip for laptops and desktops, and today at Computex 2026 the company unveiled what it�s been working on. It�s surely a beast, and unsurprisingly, it�s lathered in AI! buzzwords. At full strength, this chip offers up to 20 Arm CPU cores, a Blackwell GPU with 6,144 CUDA cores, 128GB of LPDDR5X RAM, and up to 300 GB/s of memory bandwidth. That powerful CPU and GPU, connected over NVLink C2C, and the large memory pool give AI agents and 120-billion-parameter models plenty of power and space for long-running tasks with context lengths stretching to a million tokens, according to Nvidia. RTX Spark will power high-end laptops from partners including Dell, HP, Lenovo, Asus, and MSI � and notably, a new Surface Ultra laptop from Microsoft. Nvidia says it’s worked with those partners to create “the most extraordinary laptops ever built,” with tandem OLED G-Sync displays, “all-day” battery life, premium aluminum chassis with large glass touchpads. ↫ Jeffrey Kampman at Tom�s Hardware I couldn�t care less about the AI! nonsense, but the chip itself seems like an absolute monster for laptops and mini PCs. With that much power and a solid NVIDIA GPU, these are also great for gaming and creative tasks, making them feel like the first true competition in the PC space to Apple�s M series of chips. They�re planned for late 2026, and tellingly, there�s no pricing information just yet.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
|
