|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- [$] LWN.net Weekly Edition for July 10, 2025
Inside this week's LWN.net Weekly Edition:
Front: Python packaging; Kernel API specification; Kselftests and KUnit; niri; pedalboard. Briefs: Git security fixes; Amarok 3.3; Bash 5.3; Thunderbird 140; tmux-rs; U-Boot 2025.07; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- Amarok 3.3 released
Version3.3 of the Amarok musicplayer has been released. This is the first release of Amarok based onKDE Frameworks 6and Qt 6. Amarok 3.3also includes a major rework of its audio engine to use GStreamer for audioplayback.
The reworked audio engine provides unified feature set for all usersand should provide a solid and future-proof sonic experience for yearsto come. Notable improvements have also landed to the database system:improved character set support helps with e.g. emojis in podcastdescriptions and other very exotic symbols, date handling has beenimproved ('year 2038 problem'), and various other potential and actualdatabase-related issues have been fixed.
- New upgrade paths for ELevate
The AlmaLinux project has announcednew upgrade paths for its ELevate utility, whichallows users to upgrade between major versions of Red Hat EnterpriseLinux derivatives. The new paths include upgrades from AlmaLinux 9to AlmaLinux 10 and CentOS Stream 9 toCentOS Stream 10, with support for EPEL, Docker CE, andPostgreSQL third-party package repositories. LWN covered ELevate lastyear.
- [$] Reinventing the Python wheel
It is no secret that the Python packaging world is at something of acrossroads; there have been debates and discussions about the packaginglandscape that started long before our 2023series describing some of the difficulties. There has been progresssince then—and incremental improvements all along, in truth—but a newinitiative is looking to overhaul packaging for the language. At PyCon US 2025, Barry Warsaw andJonathan Dekhtiar gave a presentation on the WheelNext project, which is a communityeffort that aims improve the experience for users and providers of Pythonpackages while also working with toolmakers and other parts of theecosystem to "reinvent the wheel". While the project's name refersto Python's wheelbinary distribution format, its goals stretch much further than simply theformat.
- Security updates for Wednesday
Security updates have been issued by AlmaLinux (container-tools:rhel8, jq, kernel, podman, python-setuptools, socat, and thunderbird), Gentoo (Chromium, Google Chrome, Microsoft Edge. Opera, ClamAV, Git, NTP, REXML, and strongSwan), Oracle (buildah, gnome-remote-desktop, ipa, jq, kernel, podman, python-setuptools, ruby:3.3, socat, uek-kernel, and xorg-x11-server-Xwayland), SUSE (kernel), and Ubuntu (freerdp3, git, gnupg2, linux-aws, linux-oracle, linux-azure, linux-azure, linux-azure-6.11, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux-ibm-5.15, linux-intel-iotg, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-kvm, linux-lowlatency, linux-oem-6.11, and onionshare).
- A set of Git security-fix releases
Versions v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1 andv2.50.1 of the Git source-code management system have been released."This is a set of coordinated security fix releases. Please update atyour earliest convenience". See the announcement for details;many of the vulnerabilities have to do with tricks buried in untrustedrepositories.
- Thunderbird 140 released
Version140 of the Thunderbird mail client has been released. Notablefeatures include "dark message mode" to adapt message contentto dark mode, the ability to easily transfer desktopsettings to the mobile Thunderbird client, experimental support forMicrosoft Exchange, as well as global controls for message threadingand sort order.
Thunderbird 140 is an extended-supportrelease (ESR) which will be supported for 12 months. However, theThunderbird project is trying to encourage users to adopt the Releasechannel for monthly updates instead. The project is staggeringupgrades to 140 for existing Thunderbird users in order to catch anysignificant bugs before they are widely deployed, but users canupgrade manually via the Help > Aboutmenu. See the releasenotes for a full list of changes.
- [$] Toward the unification of kselftests and KUnit
The kernel project, for many years, lacked a formal testing setup; it wasoften joked that testing was the project's main reason for keeping usersaround. While many types of kernel testing can only be done in thepresence of specific hardware, there are other parts of the kernelthat could be more widely tested. Over time, though, the kernel has gainedtwo separate testing frameworks and a growing body of automated tests to gowith them. These two frameworks — kselftests and KUnit — take differentapproaches to the testing problem; now thispatch series from Thomas Weißschuh aims to bring them together.
- Security updates for Tuesday
Security updates have been issued by Debian (djvulibre and slurm-wlm), Red Hat (apache-commons-vfs, container-tools:rhel8, kernel, kernel-rt, podman, python3, rsync, socat, and sudo), SUSE (apache2, helm-mirror, incus, kernel, openssl-3, python-Django, and systemd), and Ubuntu (dcmtk, File::Find::Rule, ghostscript, jquery, and libssh).
- U-Boot v2025.07 released
The U-Boot universal bootloader projecthas announced the release of version 2025.07. It has multiple new featuresincluding "uthreads" (inspired by the "bthreads" coroutines in the barebox bootloader), exFAT support,new architecture and SoC support and improvements to existing platforms,cleanups, better testing, and more. Project leader Tom Rini took theopportunity to mention his effortstoward getting some help with the project and more formal governance:As this is a full release, and not just a release candidate I'm hopingfor a few more people to read this and then read what I'm linking to aswell. For the overall health of the project, and the community, I'mhoping to find a few people within the community that can help withoverall organization and management. I would like to long term be ableto move us to being under the Software Freedom Conservancy umbrella andthat in turn means having a organizational structure that's not just asingle person.
He also noted that there is a community meeting on July 8th, 2025 at 9am (GMT -06:00) onGoogle Meet.
- Bash-5.3-release available
The GNU project's Bourne AgainSHell (Bash) has released version 5.3, with some significant newfeatures, including some from the associated Readline 8.3 release, which providescommand-line editing and other features for Bash and lots of otherprograms. Bash 5.3 has a "new form of command substitution that executes the command inthe current shell execution context", pathname-completion sortingwill be handled based on the GLOBSORT shell variable, generatedcompletions can go to a shell variable instead of to stdout, the sourcecode has been updated to C23, and more. Meanwhile:Readline has new features as well. There is a new option that allowscase-insensitive searching, a new command that executes a named readlinecommand, and a new command that exports possible word completions in aspecified format for consumption by another process.
- [$] A tour of the niri scrolling-tiling Wayland compositor
Niriis a relatively new Rust-based compositorfor Wayland with a different take on tiling window management: windowsare placed onscreen in an "infinite" row that can expand beyond thebounds of the visible workspace. It is not a full-blown desktopenvironment, but niri may be a suitable option for Linux users whowant tiling features and the minimalism of a window manager forWayland.
- Security updates for Monday
Security updates have been issued by Debian (thunderbird and xmedcon), Fedora (darktable, mbedtls, sudo, and yarnpkg), Mageia (catdoc and php), Red Hat (java-1.8.0-ibm, kernel, python-setuptools, python3, python3.11, python3.12, python3.9, socat, sudo, tigervnc, webkit2gtk3, webkitgtk4, xorg-x11-server, and xorg-x11-server-Xwayland), SUSE (alloy, apache-commons-fileupload, apache2-mod_security2, assimp-devel, chromedriver, clamav, clustershell, corepack22, ctdb, curl, dpkg, erlang-rabbitmq-client, ffmpeg-4, firefox, firefox-esr, flake-pilot, fractal, gdm, ggml-devel-5699, gio-branding-upstream, git-lfs, glib2, glibc, go1.23, go1.24, govulncheck-vulndb, gpg2, grafana, grype, helm, himmelblau, icu, jgit, jq, jupyter-bqplot-jupyterlab, jupyter-jupyterlab-templates, jupyter-matplotlib, jupyter-nbclassic, jupyter-nbdime, jupyter-panel, jupyter-plotly, keylime-ima-policy, kubernetes1.30-apiserver, kubernetes1.31-apiserver, kubernetes1.32-apiserver, libbd_btrfs-devel, libetebase-devel, libmozjs-128-0, libprotobuf-lite31_1_0, libQt5Bootstrap-devel-static-32bit, libsoup, libsoup-2_4-1, libsoup-3_0-0, libspdlog1_15, libssh, libssh-config, libsystemd0, libtpms-devel, libwireshark18, libwx_gtk2u_adv-suse16_0_0, mirrorsorcerer, moarvm, nix, nodejs-electron, nova, oci-cli, opa, openbao, ovmf-202505, pam, pam_pkcs11, perl, perl-32bit, perl-CryptX, perl-File-Find-Rule, perl-YAML-LibYAML, podman, polaris, postgresql-jdbc, pure-ftpd, python-furo-doc, python-requests, python310, python311, python311-Django, python311-Django4, python311-jupyter-core, python311-Pillow, python311-pydata-sphinx-theme, python311-requests, python311-salt, python311-urllib3, python312, python313, python314, python39, radare2, redis, samba, SDL, SDL2, sudo, teleport, thunderbird, tomcat, tomcat10, tomcat11, traefik, traefik2, valkey, velociraptor, vim, xorg-x11-server, and xwayland), and Ubuntu (linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-6.11, and linux-oem-6.14).
- Kernel prepatch 6.16-rc5
The 6.16-rc5 kernel prepatch has beenreleased. Quoth Linus: "Please keep testing, but this all feels fairlyregular for this phase of the release".
- Red Hat Announces No-Cost RHEL For Business Developers
Red Hat this morning went public with RHEL for Business Developers, an expansion of their RHEL Developer Program to make it easier for business developers to make use of Red Hat Enterprise Linux at no-cost for their development efforts...
- Collabora Advances Rust-for-Linux with New Tyr DRM Driver for Mali GPUs
Collabora has introduced Tyr, a new Rust-based Direct Rendering Manager (DRM) driver for CSF-based Arm Mali GPUs. This step strengthens Rust integration within the Linux kernel community. Tyr is a port of Panthor, a mature C driver for the same hardware, and is developed through a collaboration between Collabora, Arm, and Google to modernize GPU […]
- Radxa CM5 Gets Adapted for Use with uConsole Pocket Terminal
The ClockworkPi uConsole is designed for Raspberry Pi CM4 or CM5 modules, but a growing group of users has been working to run the Radxa CM5 inside this pocket terminal. By using the Radxa CM5, they gain higher RAM capacity, more storage options, and a faster GPU for processing tasks. The Radxa CM5 was originally […]
- Max Changed Back To HBO Max
"Max" has officially reverted back to "HBO Max," two years after Warner Bros. Discovery dropped the HBO branding. Variety reports: The switch had been anticipated to take place sometime this summer, but Warner Bros. Discovery hadn't revealed an exact day for the reversal until now. The timing is key: Execs wanted to restore the "HBO Max" name prior to next week's Emmy nominations announcement on July 15. The decision to turn "Max" back into "HBO Max" was first announced in May, timed to Warner Bros. Discovery's upfronts presentation. At the time, WBD said in a press release that "returning the HBO brand into HBO Max will further drive the service forward and amplify the uniqueness that subscribers can expect from the offering. It is also a testament to WBD's willingness to keep boldly iterating its strategy and approach -- leaning heavily on consumer data and insights -- to best position itself for success." The streamer launched as HBO Max in 2020, but then WBD opted to excise HBO from the streamer's name in 2023, changing it to just "Max." (HBO and Max continued to compete under one "HBO/Max" label for industry awards; for next week's Emmy noms, they can once again just be called "HBO Max.") The streaming giant put out a marketing spot announcing that the change was done.
Read more of this story at Slashdot.
- Browser Extensions Turn Nearly 1 Million Browsers Into Website-Scraping Bots
Over 240 browser extensions with nearly a million total installs have been covertly turning users' browsers into web-scraping bots. "The extensions serve a wide range of purposes, including managing bookmarks and clipboards, boosting speaker volumes, and generating random numbers," reports Ars Technica. "The common thread among all of them: They incorporate MellowTel-js, an open source JavaScript library that allows developers to monetize their extensions." Ars Technica reports: Some of the data swept up in the collection free-for-all included surveillance videos hosted on Nest, tax returns, billing invoices, business documents, and presentation slides posted to, or hosted on, Microsoft OneDrive and Intuit.com, vehicle identification numbers of recently bought automobiles along with the names and addresses of the buyers, patient names and the doctors they saw, travel itineraries hosted on Priceline, Booking.com, and airline websites, Facebook Messenger attachments and Facebook photos, even when the photos were set to be private. The dragnet also collected proprietary information belonging to Tesla, Blue Origin, Amgen, Merck, Pfizer, Roche, and dozens of other companies. Tuckner said in an email Wednesday that the most recent status of the affected extensions is: - Of 45 known Chrome extensions, 12 are now inactive. Some of the extensions were removed for malware explicitly. Others have removed the library.- Of 129 Edge extensions incorporating the library, eight are now inactive.- Of 71 affected Firefox extensions, two are now inactive. Some of the inactive extensions were removed for malware explicitly. Others have removed the library in more recent updates. A complete list of extensions found by Tuckner is here.
Read more of this story at Slashdot.
- Soundslice Adds ASCII Tab Support After ChatGPT Hallucinates Feature
After discovering that ChatGPT was falsely telling users that Soundslice could convert ASCII tablature into playable music, founder Adrian Holovaty decided to actually build the feature -- even though the app was never designed to support that format. TechCrunch reports: Soundslice is an app for teaching music, used by students and teachers. It's known for its video player synchronized to the music notations that guide users on how the notes should be played. It also offers a feature called "sheet music scanner" that allows users to upload an image of paper sheet music and, using AI, will automatically turn that into an interactive sheet, complete with notations. [Adrian Holovaty, founder of music-teaching platform Soundslice] carefully watches this feature's error logs to see what problems occur, where to add improvements, he said. That's where he started seeing the uploaded ChatGPT sessions. They were creating a bunch of error logs. Instead of images of sheet music, these were images of words and a box of symbols known as ASCII tablature. That's a basic text-based system used for guitar notations that uses a regular keyboard. (There's no treble key, for instance, on your standard QWERTY keyboard.) The volume of these ChatGPT session images was not so onerous that it was costing his company money to store them and crushing his app's bandwidth, Holovaty said. He was baffled, he wrote in a blog post about the situation. "Our scanning system wasn't intended to support this style of notation. Why, then, were we being bombarded with so many ASCII tab ChatGPT screenshots? I was mystified for weeks -- until I messed around with ChatGPT myself." That's how he saw ChatGPT telling people they could hear this music by opening a Soundslice account and uploading the image of the chat session. Only, they couldn't. Uploading those images wouldn't translate the ASCII tab into audio notes. He was struck with a new problem. "The main cost was reputational: New Soundslice users were going in with a false expectation. They'd been confidently told we would do something that we don't actually do," he described to TechCrunch. He and his team discussed their options: Slap disclaimers all over the site about it -- "No, we can't turn a ChatGPT session into hearable music" -- or build that feature into the scanner, even though he had never before considered supporting that offbeat musical notation system. He opted to build the feature. "My feelings on this are conflicted. I'm happy to add a tool that helps people. But I feel like our hand was forced in a weird way. Should we really be developing features in response to misinformation?" he wrote.
Read more of this story at Slashdot.
- Hugging Face Launches $299 Robot That Could Disrupt Entire Robotics Industry
An anonymous reader quotes a report from VentureBeat: Hugging Face, the $4.5 billion artificial intelligence platform that has become the GitHub of machine learning, announced Tuesday the launch of Reachy Mini, a $299 desktop robot designed to bring AI-powered robotics to millions of developers worldwide. The 11-inch humanoid companion represents the company's boldest move yet to democratize robotics development and challenge the industry's traditional closed-source, high-cost model. The announcement comes as Hugging Face crosses a significant milestone of 10 million AI builders using its platform, with CEO Clement Delangue revealing in an exclusive interview that "more and more of them are building in relation to robotics." The compact robot, which can sit on any desk next to a laptop, addresses what Delangue calls a fundamental barrier in robotics development: accessibility. "One of the challenges with robotics is that you know you can't just build on your laptop. You need to have some sort of robotics partner to help in your building, and most people won't be able to buy $70,000 robots," Delangue explained, referring to traditional industrial robotics systems and even newer humanoid robots like Tesla's Optimus, which is expected to cost $20,000-$30,000. Reachy Mini emerges from Hugging Face's April acquisition of French robotics startup Pollen Robotics, marking the company's most significant hardware expansion since its founding. The robot represents the first consumer product to integrate natively with the Hugging Face Hub, allowing developers to access thousands of pre-built AI models and share robotics applications through the platform's "Spaces" feature. [...] Reachy Mini packs sophisticated capabilities into its compact form factor. The robot features six degrees of freedom in its moving head, full body rotation, animated antennas, a wide-angle camera, multiple microphones, and a 5-watt speaker. The wireless version includes a Raspberry Pi 5 computer and battery, making it fully autonomous. The robot ships as a DIY kit and can be programmed in Python, with JavaScript and Scratch support planned. Pre-installed demonstration applications include face and hand tracking, smart companion features, and dancing moves. Developers can create and share new applications through Hugging Face's Spaces platform, potentially creating what Delangue envisions as "thousands, tens of thousands, millions of apps." Reachy Mini's $299 price point could significantly transform robotics education and research. "Universities, coding bootcamps, and individual learners could use the platform to explore robotics concepts without requiring expensive laboratory equipment," reports VentureBeat. "The open-source nature enables educational institutions to modify hardware and software to suit specific curricula. Students could progress from basic programming exercises to sophisticated AI applications using the same platform, potentially accelerating robotics education and workforce development." "... For the first time, a major AI platform is betting that the future of robotics belongs not in corporate research labs, but in the hands of millions of individual developers armed with affordable, open-source tools."
Read more of this story at Slashdot.
- IKEA Ditches Zigbee For Thread Going All In On Matter Smart Homes
IKEA is relaunching its smart home line with over 20 new Matter-over-Thread devices that will work across ecosystems such as Apple Home and Amazon Alexa, with or without IKEA's own hub. This marks a major shift toward openness, affordability, and interoperability, and positions IKEA as one of the first major retailers to bring Matter to the mainstream while maintaining backward compatibility with Zigbee products. The Verge reports: We don't have a lot of details on the over 20 new devices coming next year, but [David Granath of IKEA of Sweden] confirmed that they are replacing existing functions. So, new smart bulbs, plugs, sensors, remotes, buttons, and air-quality devices, including temperature and humidity monitors. They will also come with a new design. Although "not necessarily what's been leaked," says Granath, referring to images of the Bilresa Dual Button that appeared earlier this year. He did confirm that some new product categories will arrive in January, with more to follow in April and beyond, including potentially Matter-over-Wi-Fi products. Pricing will be comparable to or lower than that of previous products, which start under $10. "Affordability remains a key priority for us.""The premium to make a product smart is not that high anymore, so you can expect new product types and form factors coming," he says. "Matter unlocks interoperability, ease of use, and affordability for us. The standardization process means more companies are sharing the workload of developing for this." Despite the move away from Zigbee, IKEA is keeping Zigbee's Touchlink functionality. This point-to-point protocol allows devices to be paired directly to each other and work together out of the box, without an app or hub -- such as the bulb and remote bundles IKEA sells. This means older Zigbee remotes can control the newer Thread bulbs and vice versa, retaining backward compatibility with its Tradfri line. "Touchlink and Matter will coexist in new products," says Granath. "It's still very important for IKEA -- not everyone wants an app or hub." Interestingly, IKEA's new Matter-over-Thread products will also work without the IKEA hub or app, as they can be set up directly in any compatible Matter smart home ecosystem, such as Apple Home, Amazon Alexa, Google Home, Samsung SmartThings, Home Assistant, and others.
Read more of this story at Slashdot.
- UK Full-Fiber Broadband Coverage Jumps From 12% to 78% in Five Years
The UK has transformed its broadband infrastructure in five years -- with full-fiber coverage jumping from 12% of properties in January 2020 to more than 78% by 2025, according to communications regulator Ofcom and ThinkBroadband data. Northern Ireland leads with 96% of premises in postcodes served with full-fiber connections. The rollout accelerated after Ofcom's May 2021 regulatory framework gave other providers access to BT's Openreach ducts and poles while promising the company regulatory certainty through a "fair bet" approach that avoided price caps. The framework sparked investment from alternative networks, or "altnets," which increased homes passed from 8.2 million in 2022 to 16.4 million by 2025.
Read more of this story at Slashdot.
- Samsung Launches Three New Foldable Smartphones As It Fends Off Chinese Rivals
Samsung on Wednesday unveiled three new foldable smartphones at a time when the company is facing increased competition from Chinese rivals such as Honor and Oppo, reports CNBC. The company's share of the global foldable phone market slipped to 45% in 2024, down from 54% a year earlier. Today's new devices include the ultra-thin Galaxy Z Fold 7, the clamshell-style Galaxy Z Flip 7, and the more affordable Flip 7 FE. Here's a breakdown of each: The Galaxy Z Fold 7 is super thin at a thickness of 8.9 millimeters (0.35 inches) closed and only 4.2 millimeters open. It's also much lighter than its predecessor, weighing 215 grams (7.62 ounces). These stats put the phone on par with both Honor's Magic V5 and the Oppo Find N5. The new Fold device has a 6.5-inch cover screen and an 8-inch main display when opened, making it bigger than its predecessor. It's also decked out with premium new cameras, featuring a 200-megapixel main lens, as well as a 10-megapixel telephoto sensor, 12-megapixel ultra-wide and two 10-megapixel front cameras on both the cover screen and on the main display. Samsung's new Fold generation is, nevertheless, much more limited than other devices in the market when it comes to battery capacity. The Galaxy Z Fold 7 has a 4,400 milliampere-hour (mAh) battery -- far less than the 6,100 mAh power pack in Honor's Magic V5's or the Oppo Find N5's 5,600 mAh battery. Samsung says its device is capable of 24 hours of video playback. Samsung's Galaxy Z Flip 7 is also thinner than its predecessor, coming in at 6.5 millimeters when opened flat. By contrast, the Galaxy Z Flip 6 has a depth of 6.9 millimeters when unfolded. The new phone has a 4.1-inch cover screen and a 6.9-inch main display. It comes with a 50-megapixel main camera and 12-megapixel ultra-wide sensor on the back and a 10-megapixel lens on the main display. It also has a bigger 4,300 mAh battery, which Samsung says supports 31 hours of video playtime on a single charge. In addition to Flip 7, Samsung is also introducing a cheaper version of the phone, called the Galaxy Z Flip 7 FE, which is slightly smaller and thicker than its more premium counterpart. What about the AI features, you ask? They all include various AI-driven camera tools that can identify and suggest removal of unwanted people or objects in photos, and an audio eraser that filters out background noise in videos. The Galaxy Z Flip 7 also integrates Gemini Live, allowing users to overlay the AI assistant during live video recordings -- for instance, to receive real-time outfit suggestions. The Z Fold 7 starts at $1,999, and the Z Flip 7 starts at $1,099. Meanwhile, the Flip 7 FE is priced at $899.
Read more of this story at Slashdot.
- McDonald's AI Hiring Bot Exposed Millions of Applicants' Data To Hackers
An anonymous reader quotes a report from Wired: If you want a job at McDonald's today, there's a good chance you'll have to talk to Olivia. Olivia is not, in fact, a human being, but instead an AI chatbot that screens applicants, asks for their contact information and resume, directs them to a personality test, and occasionally makes them "go insane" by repeatedly misunderstanding their most basic questions. Until last week, the platform that runs the Olivia chatbot, built by artificial intelligence software firm Paradox.ai, also suffered from absurdly basic security flaws. As a result, virtually any hacker could have accessed the records of every chat Olivia had ever had with McDonald's applicants -- including all the personal information they shared in those conversations -- with tricks as straightforward as guessing the username and password "123456." On Wednesday, security researchers Ian Carroll and Sam Curryrevealedthat they found simple methods to hack into the backend of the AI chatbot platform on McHire.com, McDonald's website that many of its franchisees use to handle job applications. Carroll and Curry, hackers with along track record of independent security testing, discovered that simple web-based vulnerabilities -- including guessing one laughably weak password -- allowed them to access a Paradox.ai account and query the company's databases that held every McHire user's chats with Olivia. The data appears to include as many as 64 million records, including applicants' names, email addresses, and phone numbers. Carroll says he only discovered that appalling lack of security around applicants' information because he was intrigued by McDonald's decision to subject potential new hires to an AI chatbot screener and personality test. "I just thought it was pretty uniquely dystopian compared to a normal hiring process, right? And that's what made me want to look into it more," says Carroll. "So I started applying for a job, and then after 30 minutes, we had full access to virtually every application that's ever been made to McDonald's going back years." Paradox.ai confirmed the security findings, acknowledging that only a small portion of the accessed records contained personal data. The company stated that the weak-password account ("123456") was only accessed by the researchers and no one else. To prevent future issues, Paradox is launching a bug bounty program. "We do not take this matter lightly, even though it was resolved swiftly and effectively," Paradox.ai's chief legal officer, Stephanie King, told WIRED in an interview. "We own this." In a statement to WIRED, McDonald's agreed that Paradox.ai was to blame. "We're disappointed by this unacceptable vulnerability from a third-party provider, Paradox.ai. As soon as we learned of the issue, we mandated Paradox.ai to remediate the issue immediately, and it was resolved on the same day it was reported to us," the statement reads. "We take our commitment to cyber security seriously and will continue to hold our third-party providers accountable to meeting our standards of data protection."
Read more of this story at Slashdot.
- AMD Warns of New Meltdown, Spectre-like Bugs Affecting CPUs
AMD is warning users of a newly discovered form of side-channel attack affecting a broad range of its chips that could lead to information disclosure. Register: Akin to Meltdown and Spectre, the Transient Scheduler Attack (TSA) comprises four vulnerabilities that AMD said it discovered while looking into a Microsoft report about microarchitectural leaks. The four bugs do not appear too venomous at face value -- two have medium-severity ratings while the other two are rated "low." However, the low-level nature of the exploit's impact has nonetheless led Trend Micro and CrowdStrike to assess the threat as "critical." The reasons for the low severity scores are the high degree of complexity involved in a successful attack -- AMD said it could only be carried out by an attacker able to run arbitrary code on a target machine. It affects AMD processors (desktop, mobile and datacenter models), including 3rd gen and 4th gen EPYC chips -- the full list is here.
Read more of this story at Slashdot.
- Microsoft Touts $500 Million in AI Savings While Slashing Jobs
Microsoft is keen to show employees how much AI is transforming its own workplace, even as the company terminates thousands of personnel. From a report: During a presentation this week, Chief Commercial Officer Judson Althoff said artificial intelligence tools are boosting productivity in everything from sales and customer service to software engineering, according to a person familiar with his remarks. Althoff said AI saved Microsoft more than $500 million last year in its call centers alone and increased both employee and customer satisfaction, according to the person, who requested anonymity to discuss an internal matter. The company is also starting to use AI to handle interactions with smaller customers, Althoff said. This effort is nascent, but already generating tens of millions of dollars, he said.
Read more of this story at Slashdot.
- Western Europe Sees Hottest June on Record Amid Extreme Heatwaves
Western Europe sweltered through its hottest June on record last month, as "extreme" temperatures blasted the region in punishing back-to-back heatwaves, the EU climate monitor Copernicus said Wednesday. From a report: Globally, this past June was the third warmest on record, continuing a blistering heat streak in recent years as the planet warms as a result of humanity's emissions of greenhouse gases. The previous hottest June was in 2024 and the second hottest was in 2023, the Copernicus Climate Change Service (C3S) said. Sweltering extremes were particularly pronounced in Europe, which is warming several times faster than the global average.
Read more of this story at Slashdot.
- OpenAI To Release AI Web Browser in Challenge To Chrome
OpenAI is close to releasing an AI-powered web browser that will challenge market-dominating Google Chrome, Reuters reported Wednesday. From the report: The browser is slated to launch in the coming weeks, three of the people said, and aims to use artificial intelligence to fundamentally change how consumers browse the web. It will give OpenAI more direct access to a cornerstone of Google's success: user data.
Read more of this story at Slashdot.
- Apple Working on Updated Vision Pro With M4 Chip as Early as 2025
Apple plans to release its first Vision Pro upgrade as early as this year, according to Bloomberg. The updated $3,499 headset will feature an M4 processor, replacing the current M2 chip, and components designed to better handle AI tasks. The company is also developing new straps to reduce neck strain and head pain from the 1.4-pound device. The Vision Pro launched in February 2024 but has sold only hundreds of thousands of units. Apple is working on a significantly lighter redesigned model for 2027, the report added.
Read more of this story at Slashdot.
- Microsoft Pledges $4 Billion for AI Education Training Programs
Microsoft has pledged more than $4 billion in cash and technology services to train millions of people in AI use, targeting schools, community colleges, technical colleges and nonprofits. The company said it will launch Microsoft Elevate Academy to help 20 million people earn AI certificates. Microsoft President Brad Smith said the company would "serve as an advocate to ensure that students in every school across the country have access to A.I. education." The announcement follows Tuesday's news that the American Federation of Teachers received $23 million from Microsoft, OpenAI and Anthropic for a national AI training center. Last week, dozens of companies including Amazon, Apple, Google, Meta, Microsoft, Nvidia and OpenAI signed a White House pledge promising schools funding, technology and training materials for AI education.
Read more of this story at Slashdot.
- Animal Diseases Leapt To Humans When We Started Keeping Livestock
Researchers analyzing DNA from 1,313 ancient humans across Eurasia found that zoonotic pathogens first appeared in human populations around 6,500 years ago, coinciding with the transition from hunter-gatherer societies to livestock farming. The genomic study, published in Nature, identified 5,486 DNA sequences from bacteria, viruses and parasites in blood remnants from bones and teeth spanning 37,000 years. Zoonotic pathogens were detected only in remains 6,500 years old or younger, peaking around 5,000 years ago when pastoralist communities from the Steppe region migrated into Europe with large herds. The plague bacterium Yersinia pestis first appears in the dataset between 5,700-5,300 years ago.
Read more of this story at Slashdot.
- Eggheads hold science fair on Capitol Hill to decry funding cuts
'The Things We’ll Never Know' show highlights what we'll be missing
President Trump's budget slashes funding for science and led to the cancellation or reduction of thousands of research programs, so scientists have staged a series of presentations to show legislators innovations that America will miss out on in the future.…
- Court cancels FTC click-to-cancel rule on a technicality
Welcome back to the age of dark patterns
The US was supposed to celebrate the enforcement date for an FTC rule requiring companies to offer simple, clear, one-click subscription cancellations next Monday, but a panel of appeals court judges has decided otherwise.…
- US sanctions alleged North Korean IT sweatshop leader
Turns out outsourcing coders to bankroll Kim’s nukes doesn’t jibe with Uncle Sam
The US Treasury has imposed sanctions on 38-year-old Song Kum Hyok, a North Korean accused of attempting to hack the Treasury Department and posing as an IT worker to collect revenue and secret data for Pyongyang.…
- AMD warns of new Meltdown, Spectre-like bugs affecting CPUs
Low-severity bugs but infosec pros claim they are a 'critical' overall threat – patch accordingly
AMD is warning users of a newly discovered form of side-channel attack affecting a broad range of its chips that could lead to information disclosure.…
- Shiny object syndrome spells doom for many AI projects, warns EPA CIO
Chasing the hype without a clear use case? You may crash and burn
US Environmental Protection Agency CIO Carter Farmer has a blunt message for AI hype-chasers: Shiny-object syndrome too often drives teams to leap into AI without defining a clear use case or vetting their data, leaving them to wonder why it doesn't work.…
- Anubis guards gates against hordes of LLM bot crawlers
Using proof of work to block the web-crawlers of 'AI' companies
Anubis is a sort of CAPTCHA test, but flipped: instead of checking visitors are human, it aims to make web crawling prohibitively expensive for companies trying to feed their hungry LLM bots.…
- Europe's exascale dreams inch closer as SiPearl finally tapes out Rhea1 chip
Design sent to TSMC as startup wraps €130M funding round and targets 2026 silicon
Euro chip designer SiPearl has finally taped out its Rhea1 processor destined for Jupiter, the first European exascale supercomputer, just as its Series A financing round ends with an injection of cash from a new investor.…
- Iranian ransomware crew reemerges, promises big bucks for attacks on US or Israel
Tells would-be affiliates they don't need to worry because cyberattacks don't violate a cease fire
An Iranian ransomware-as-a-service operation with ties to a government-backed cyber crew has reemerged after a nearly five-year hiatus, and is offering would-be cybercriminals cash to infect organizations in the US and Israel.…
- Tim Cook's Tim Cook stepping down from Apple
Operations king Jeff Williams abdicates – just don't give him a watch
Apple Chief Operating Officer Jeff Williams is stepping down from his role next month and leaving the company later this year to spend more time with friends and family.…
- IBM boasts new Power11 chips are stingy on power usage
More efficient cores plus an optional energy saver mode in Big Blue's latest CPUs
In case you'd forgotten, IBM is still blazing its own trail with regard to silicon. And in terms of speeds and feeds, Big Blue's latest crop of Power chips boasts up to 55 percent faster cores than its Power9 chips.…
- Massive browser hijacking campaign infects 2.3M Chrome, Edge users
These extensions weren't malware-laced from the start, researcher says
A Chrome and Edge extension with more than 100,000 downloads that displays Google's verified badge does what it purports to do: It delivers a color picker to users. Unfortunately, it also hijacks every browser session, tracks activities across websites, and backdoors victims' web browsers, according to Koi Security researchers.…
- Trump's budget bill opens wide swath of spectrum for sale
Including frequencies that overlap with Wi-Fi 6E and private mobile networking
updated A provision in the new US budget bill opens a wide swath of spectrum for sale, including some that overlaps with frequencies currently allotted for private mobile networks and Wi-Fi 6E. …
- Semiconductor industry could short out as copper runs dry
Climate risks threaten to fry the supply chain for essential chipmaking metal
Climate change could pose a threat to the technology industry as copper production is vulnerable to drought, while demand may grow to outstrip supply anyway.…
- Post Office and Fujitsu execs 'should have known' Horizon IT system was flawed
First volume of inquiry report focuses on the UKscandal's human impact
Senior Post Office staff in the UK – and those working for suppliers Fujitsu and ICL – knew or should have known about the defects causing errors in the Horizon system that contributed to the wrongful prosecution of hundreds of branch workers, 13 of whom committed suicide, most probably as a result, according to the first volume of a report submitted by the independent public inquiry into the computer scandal.…
- Britain's 5G experience 'among the worst in Europe' says MedUX
Official figures for network performance don't play out in user's reality, says monitoring biz
The UK's 5G networks are among the worst in Europe when it comes to measurements such as download speed, upload speed, latency, and packet loss, according to a report published today.…
- Firefox is fine. The people running it are not
Mozilla's management is a bug, not a feature
Opinion Dominance does not equal importance, nor is dominance the same as relevance. The snag at Mozilla is a management layer that doesn't appear to understand what works for its product nor which parts of it matter most to users.…
- Suspected Scattered Spider domains target everyone from manufacturers to Chipotle
Plus: Qantas makes contact with 'potential cyber criminal'
While the aviation industry has borne the brunt of Scattered Spider's latest round of social engineering attacks, the criminals aim to catch manufacturing and medical tech companies — and even Chipotle Mexican Grill — in their web, as evidenced by hundreds of domains that security researchers say look a lot like phishing websites used by the criminal crews.…
- Nuclear reactors smaller than a semi truck to be tested in Idaho
Forget small modular reactors. Microreactors are the new hotness
The new nuclear age of small modular reactors may not have materialized yet, but that's not stopping the US Department of Energy from getting to work on even smaller, more modular reactors with a couple of new commercial partners. …
- CoreWeave's $9B Core Scientific acquisition is a bid for more power
All the GPUs in the world aren't worth much if you don't have a place to put them
CoreWeave just added 1.3 gigawatts of datacenter capacity to its rent-a-GPU scheme with the $9 billion acquisition of crypto-mining outfit Core Scientific, the companies announced Monday.…
- Apple tries get €500M EU fine tossed
The iMaker's fight with European regulators continues
Apple is on the hook for a €500 million (US $587 million) anti-steering fine in the EU, so it's reportedly doing what any profit-driven enterprise in such a position would do: Appealing.…
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
- Xen 4.19 is released
Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
The post Xen 4.19 is released appeared first on Linux.com.
- Advancing Xen on RISC-V: key updates
At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]
The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.
- AI Produces Data-driven OpenFOAM Speedup (HPC Wire)
Researchers from TU Darmstadt, TU Dresden, Hewlett Packard Enterprise (HPE), and Intel have developed advanced applications that combine HPC simulations with AI techniques using the open-source computational fluid dynamics solver OpenFOAM and the HPE-led SmartSim AI/ML library. These applications show promise for improving the accuracy and capabilities of traditional scientific and engineering modelling with data-driven [0]
The post AI Produces Data-driven OpenFOAM Speedup (HPC Wire) appeared first on Linux.com.
- Wayback Is Now Hosted On FreeDesktop.org
Wayback began recently as an experimental X11 compatibility layer for non-Wayland desktop environments to leverage Wayland components. While still in early form, the project has already taken off from being a personal GitHub project to now being hosted on FreeDesktop.org alongside other projects such as Wayland and the X.Org Server itself plus other prominent software like Mesa and GStreamer and much more...
- AMD9s Epic Performance Gains From The Original EPYC 7601 To EPYC 9755 / EPYC 9965
Last week I published fresh benchmarks showing how AMD9s EPYC 4005 series for budget servers can outperform the original EPYC 7601 flagship processor when EPYC first launched during the Zen 1 period. Even with lower core counts and fewer memory channels, the modern EPYC 4005 "Grado" processors were able to outpace that original EPYC "Naples" flagship processor from 2017. With carrying out the fresh re-testing of the AMD EPYC 7601 on a modern 2025 Linux software stack, in today9s article is a look at how the EPYC 7601 Zen 1 performance compares to the EPYC 9005 "Turin" series with today9s flagship EPYC 9755 and EPYC 9965 processors.
- Red Hat Announces No-Cost RHEL For Business Developers
Red Hat this morning went public with RHEL for Business Developers, an expansion of their RHEL Developer Program to make it easier for business developers to make use of Red Hat Enterprise Linux at no-cost for their development efforts...
- Intel SR-IOV Support Ready For Panther Lake Graphics But Some Current Platforms Left Behind
Intel discontinued Graphics Virtualization Technology (GVT-G) support several generations ago in favor of supporting SR-IOV for graphics virtualization with Iris Xe and newer integrated/discrete graphics hardware. But with the transition as well from the Linux i915 to Xe kernel graphics drivers, the official SR-IOV support state on Intel graphics is in a bit of an awkward state...
- PowerVR Vulkan Driver Enhancements Merged Ahead Of Mesa 25.2
The Mesa 25.2 code is expected to be branched next week to kick off the release process for this quarter's iteration of open-source OpenGL and Vulkan drivers. As such, there's going to be a mad dash over the next week to land lingering features and other improvements for Mesa 25.2. Making it into Mesa Git today was a big set of 42 patches for the Imagination PowerVR Vulkan driver...
- GlobalFoundries Acquiring MIPS
Here's an unexpected company match... GlobalFoundries announced today they have entered into a definitive agreement to acquire MIPS. Yes, the company formerly part of Wave Computing and before that Imagination and Silicon Graphics during its long history. MIPS in recent years hasn't been focused on its namesake CPU architecture but rather RISC-V core designs...
- Framework 12 Platform Tuning For Better Performance Or Power Efficiency
Last month the Framework Laptop 12 began shipping as an upgrade-friendly, convertible 2-in-1 laptop that is friendly with Linux as we9ve come to expect out of Framework Computer devices. The launch-day Linux testing at Phoronix of the Framework 12 was done out-of-the-box on Ubuntu Linux with the defaults on it and the other comparison laptops tested. But as we9ve shown with recent Intel and AMD laptops, ACPI Platform Profile adjustments can make a significant impact on bettering the performance or extending battery life with more power efficient operation. For those wondering about the impact of the platform profiles on Framework Laptop 12, here are some power and performance benchmarks.
- AMD Hardware Feedback Driver Destined For Linux 6.17 To Benefit Heterogeneous CPUs
The AMD Hardware Feedback Driver has been queued up via a TIP branch for expected merging during the upcoming Linux 6.17 kernel cycle. This new open-source AMD driver is designed to help make the kernel's scheduler make better decisions around task placement for heterogeneous processor designs with a mix of the "classic" and "dense" cores...
- Fan Control Firmware Updated For Intel Battlemage Graphics Cards On Linux
In addition to Intel upstreaming the Xe3 graphics firmware needed for upcoming Panther Lake SoCs to linux-firmware.git so those firmware binaries can get picked up by Linux distributions ahead of Panther Lake laptops shipping, Intel also upstreamed fan control firmware as a first for their graphics card efforts...
- OBS Studio 31.1 Released With Explicit Sync For PipeWire Screen Capture
OBS Studio 31.1 is now available for those using this cross-platform free software for screencasting and other screen recording purposes. OBS Studio 31.1 is another great step forward for this open-source software that has a devoted following and user-base across Windows, macOS, and Linux...
- AMD openSIL PoC Still Being Worked On For Phoenix SoCs, Turin Code Published
One topic we haven't heard AMD talk too much about publicly this year has been their openSIL effort that was announced back in 2023 as their eventual replacement to AGESA and being an open-source CPU silicon initialization effort. They still appear to be working toward making openSIL production-ready for next-generation Zen 6 platforms but some of their proof-of-concept milestones have been running behind schedule. Meanwhile their EPYC 9005 "Turin" proof-of-concept code was recently published...
- Lenovo WMI Gaming Series Drivers Expected To Debut In Linux 6.17
Being worked on for a number of months now has been the Lenovo Gaming Series WMI Drivers for Linux to expose additional power/performance settings for Lenovo gaming series hardware like the Lenovo Legion Go S gaming handheld with Steam OS. With the upcoming Linux 6.17 kernel, the Lenovo WMI Gaming Series Drivers are expected to be finally upstreamed...
- LibreOffice Begins Landing Markdown File Import Support
While coming a few weeks too late for making it into the LibreOffice 25.8 open-source office suite release, merged today to LibreOffice Git for next year's LibreOffice 26.2 is adding initial support for importing Markdown files into the LibreOffice Writer word processor...
- Systemd has been a complete, utter, unmitigated success
The year is 2013 and I am`hopping mad. systemd`is replacing my plaintext logs with a binary format and pumping steroids into`init`and it is`laughing`at me. The unix philosophy cries out: is this the end of Linux (or, as many are calling it, GNU plus Linux)? The year is 2025 and I’m here to repent. Not only is`systemd`a worthy successor to traditional`init, but I think that it deserves a defense for what it’s done for the landscape – especially given the hostile reception it initially received (and somehow continues to receive? for some reason?). No software is perfect – except forTempleOS`– but I think that systemd has largely been a success story and proven many dire forecasts wrong (including my own). I was wrong! ↫ Tyler Langlois The article goes into detail on a number of awesome features, niceties, and clever things systemd has, and they�re legion. Even as a mere user, I like systemd, as every time I have had to or wanted to interact with it, it�s been a joy to use, with excellent documentation making it remarkably easy even for someone like me to get into it without doing any damage or breaking anything. Every time I read up on system�d more advanced features, I�m surprised by how well thought out and implemented it all seems to be. I�ve experienced several major leaps forward in the Linux world that made using Linux on my computers easier and more reliable, and the adoption of systemd stands among them as one of the biggest leaps forward desktop Linux has ever made. The idea of going back to a random piles of non-standardized init scripts with nebulous dependencies from varying sources and wildly different levels of quality seems like a complete nightmare to me. There�s a lot of charm in doing things �the old way�, and I�m not saying you�re wrong for wanting an init system that tries to do less, or that�s easier to read and parse for you, or whatever, but that doesn�t mean systemd is bad, evil, or part of a Red Hat conspiracy to kill Linux.
- Introducing Skia Graphite: Chrome�s rasterization backend for the future
In Chrome, Skia is used to render paint commands from Blink and the browser UI into pixels on your screen, a process called rasterization. Skia has powered Chrome Graphics`since the very beginning. Skia eventually ran into performance issues as the web evolved and became more complex, which led Chrome and Skia to invest in a GPU accelerated rasterization backend called Ganesh. Over the years, Ganesh matured into a solid highly performant rasterization backend and GPU rasterization launched on all platforms in Chrome on top of GL (via ANGLE on Windows D3D9/11). However, Ganesh always had a GL-centric design with too many specialized code paths and the team was hitting a wall when trying to implement optimizations that took advantage of modern graphics APIs in a principled manner. This set the stage for the team to rethink GPU rasterization from the ground up in the form of a new rasterization backend, Graphite. Graphite was developed from the start to be principled by having fewer and more comprehensible code paths. This forward looking design helps take advantage of modern graphics APIs like Metal, Vulkan and D3D12 and paradigms like compute based path rasterization, and is multithreaded by default. ↫ Michael Ludwig and Sunny Sachanandani at the Chromium Blog The level of complexity in browsers and their rendering engines blows my mind every time I read about it. When I first got access to the internet, it consisted of static pages with text and still images, but now browser engines are almost as complex as entire operating systems. Not all of that progress has been good � boy has a lot of it not been good � but we�re stuck with it now, and thus people making browsers have to deal with stuff like this. If you ever wonder why there really only are two browser engines in the world � Google�s Blink and Apple�s WebKit � this is your answer. Who in their right mind wants to develop something like this from scratch and compete with Google and Apple?
- GlobalFoundries acquires MIPS
GlobalFoundries today announced a definitive agreement to acquire MIPS, a leading supplier of AI and processor IP. This strategic acquisition will expand GF’s portfolio of customizable IP offerings, allowing it to further differentiate its process technologies with IP and software capabilities. ↫ Press release about the acquisition MIPS has a long and storied history, most recently as it abandoned its namesake instruction set architecture in favour of RISC-V. MIPS processors are still found in a ton of devices though, but usually not in high-profile devices like smartphones or whatever. Their new RISC-V cores haven�t yet seen a lot of uptake, but that�s a problem all across the RISC-V ecosystem.
- IBM launches Power11, vague rumblings about new Raptor workstations while IBM continues to not care about Power workstations
Ah, Power. The architecture that has so much going for it, but despite concerted efforts from very dedicated people, IBM seems to be hellbent on preventing anyone from expanding Power beyond expensive enterprise servers. We had Raptor Computing Systems achieving some niche success with their POWER9 workstations � I have two, and reviewed one of them � but that�s about it. When IBM moved to Power10, the new processors required closed-source, proprietary firmware in a few areas of the design, which made them unsuitable for Raptor to develop a successor to the Talos II and Blackbird POWER9 workstations. I admire Raptor for sticking firmly to their convictions of only producing fully open source hardware, down to the firmware level. The requirement for proprietary firmware was never addressed by IBM during the Power10 lifecycle, so Raptor obviously never jumped aboard the IBM Power10 train, and as far as I can tell, neither did anyone else. As such, the only Power10 hardware we have comes from IBM, and the offering consist entirely of enterprise servers, which are unsuitable and unaffordable for home use, whether as server or workstation. Raptor did make a joint announcement with Solid Silicon, with rumours suggesting Solid Silicon was working on a Power10-based chip that didn�t require any proprietary firmware, but that was late 2023, and it�s been silence ever since. But Power10 is old news now, since IBM just officially launched Power11. IBM made the date official: Power11 launches July 25, with the 32 AI-core Spyre Accelerator expected to follow in the fourth quarter. IBM�s launch products will be the full-rack Power E1180 with up to up to 256 SMT-8 Power11 cores with 2MB L2 each and up to 128GB of shared L3 (8GB per core) with 64TB of DDR5 memory, the midrange 4U Power E1150 with up to 120 Power11 cores and 16TB of DDR5, the junior 4U Power S1124 with up to 60 Power11 cores and 8TB of DDR5, and the low-end! 2U Power S1122 with up to 60 Power11 cores and 4TB of DDR5. The processors come in 16, 24 or 30-core versions; the E systems have four sockets (with up to four nodes in the E1180) and the S systems have two. All four systems can run AIX and Linux, and all systems except for the E1150 can run IBM i. As is usual for IBM�s initial offerings, internally they look like straight-up implementations of the Blueridge reference platform and should be expected to scale accordingly. And if you have to ask how much they are, well0 ↫ Cameron Kaiser Sadly, there�s no word on whether or not IBM�s Power11 processors still require proprietary firmware, so it�s impossible to tell if they will show up in any possible Raptor workstations. There�s also zero indication of anyone else joining the fray, and IBM itself obviously isn�t going to focus on end-user workstations because the world is bleak and joyless. That being said, we�ve got some solid rumours from Cameron Kaiser, who is generally well-informed on these topics. I have been advised by an anonymous individual with knowledge of the situation that a new Raptor announcement on products under development is scheduled for Q1 2026 0 which would be six to twelve months after! as predicted. Open firmware! is specifically mentioned and absolutely planned. It�s worth pointing out that both Raptor and SolidSilicon are now listed as top-tier Platinum members for OpenPOWER parallel with IBM itself. That implies SolidSilicon is still in the mix and IBM is still backing OpenPOWER. They stressed this is not an official announcement, so you take it for what it�s worth. ↫ Cameron Kaiser It�s something, but not much. I would love to be able to upgrade the POWER9 machines in my office to something newer, even if they perform quite well to this day. I simply have a soft spot for Power, and I want the ISA to succeed beyond enterprise servers. The architecture has what it takes to do so, but IBM seems to have zero interest in making it happen, making life quite hard for anyone else in the ecosystem trying their hardest. All we�re asking for is a single or dual socket Power11 workstation in a nice case, IBM. Just flip one of those servers 90°, disable the enterprise stuff, and optionally ship it with AIX. It won�t bite. I promise.
- Two weeks of Wayback: first alpha release in a few weeks
Alpine Linux maintainer Ariadne Conill only started working on Wayback a few weeks ago, but in a blog post today they dive into a few more details about how much progress has already been achieved. To refresh your memory, Wayback allows you to run a legacy X11-based desktop environment on top of Wayland by running a stub Wayland compositor in front of Xwayland, capable of serving as a full X server. This way, the transition to Wayland and the removal of X.org from popular distributions won�t mean you can�t run X11-based desktop environments anymore. Within just a few weeks, the project has made serious progress. There’s a lot still left to do before we can confidently say that Wayback is ready for distributions to switch to. This work is across the stack: Wayback still needs to expose surfaces that Xwayland can use, Xwayland needs to implement a few new features such as cursor warping and some X extensions inside Xwayland itself need to be properly plumbed (such as Xinerama being able to make use of the Wayland output layout data). Longer term goals aside, we are at most a few weeks away from the first alpha-quality release of Wayback. The main focus of this release is to get to a point where enough is working that users with basic setups and requirements can be reasonably served by Wayback in place of the X.org server, to allow for further testing. It’s already to a point where I am daily driving it. ↫ Ariadne Conill Of course, there�s still tons of bugs to figure out and missing functionality to implement, but the fact that they�re just weeks away from a first alpha release is honestly impressive. I really hope Wayback picks up even more and gets adopted by other distributions as well, since it�s such an elegant and future-proof solution to a very real problem. It�s important that desktop environments that will not or cannot transition to Wayland remain available to Linux users regardless of their choice of Wayland or X11. When facing the slow sunsetting of a windowing system, some people go off on deranged neofascist conspiracy rants against the woke illuminati, while others sit down and develop real forward-looking solutions. I�m glad virtually every Linux distribution that matters trusts the latter over the former.
- Windows 11 finally overtakes Windows 10�s user share
As of today, Stat Counter reports that Windows 11 now has 50.88% of the Windows market, with Windows 10 dropping to 46.2%, giving it a comfortable lead over its predecessor. Windows 11 has been on the market since 2021 but had only amassed less than 10% of the market by 2022. It�s been a slow but steady climb since then, growing from 18% to 28% in 2023, with similar growth to 36% in 2024. It�s this year where Windows 11 really started taking off, likely aided by the fact that Microsoft is now pushing`Windows 10�s end of support`hard. ↫ Zac Bowden at Windows Central Up to 50% of all Windows users, mere months before Windows 10 is no longer supported, and it took them 4 years to get here. Windows users really don�t like Windows 11, do they?
- Microsoft broke Windows Update on Windows 7 (again)
The developers of Legacy Update, the tool that allows users of older Windows versions to keep downloading updates from Microsoft, recently discovered that users of the tool on Windows 7 were having issues. After doing some debugging they figured out it was DNS it was an expired Microsoft certificate. This certificate was set to expire on 1 July 2025, and when it did, nobody at Microsoft bothered to correct it until a few days later. As you can see from 8lt;ExpiryDateb, it definitely stopped working because the expiry date lapsed. As seems to happen too often in our industry, apparently nobody set a reminder to make sure it would be updated in advance of the date. You might notice that it has an 8lt;IssuedDateb of 2017-12-01. That’s fairly recent! After digging further, we learned that this already happened once! On the 4th of that month, Bleeping Computer covered an error Windows 7 users were receiving when checking for updates. That error is 80248015 � pretty familiar, right? Microsoft allowed this file to expire, not on the 1st but rather on the 4th (more specifically, 35 seconds before midnight in US Pacific time, or 8:00 PM UTC), and did not manage to upload a new file until the 6th at 10:02 AM Pacific (6:02 PM UTC). This left Microsoft Update broken for 3 days. ↫ Adam Demasi Microsoft moved the expiry date up to 2033, thereby fixing the problem. Legacy Update�s developer Adam Demasi expected that once 2033 comes around, Legacy Update will probably have to add Widnows 7 to its proxy server that it�s already using for older versions, as improvements in TLS and ciphers will probably lock Windows 7 out of Windows Update definitively. But hey, 2033 is decades away. Right?
- WinUAE 6.0.0 released
WinUAE has released version 6.0.0 of the Windows version of the UAE Amiga emulator, packing a truly terrifying number of changes, improvements, and fixes. Major update to custom chipset emulation. Internally almost everything in main chipset emulation has been rewritten. Fastest possible/JIT mode chipset timing/sync had major changes which can cause side-effects. Bugs are very possible, especially in very rarely used features. ↫ WinUAE website Going through the changelog is dizzying, ranging from an almost complete rewrite of the main chipset emulation for internal cycle accuracy, to running the emulation of the Denise/Lisa chips in a separate thread for better performance, to a ton of fixes and smaller updates.
- MacOS� icons keep getting worse every time Apple touches them
With macOS 26, Apple has announced a dramatically new look to their UI: Liquid Glass. Solid material icon elements give way to softer, shinier, glassier icons. The rounded rectangle became slightly more rounded, and Apple eliminated the ability for icon elements to extend beyond the icon rectangle (as seen in the current icons for GarageBand, Photo Booth, Dictionary, etc.). With this release being one of the most dramatic visual overhauls of macOS�s design, I wanted to begin a collection chronicling the evolution of the system icons over the years. I�ve been rolling these out on social media over the past week and will continue to add to and update this collection slowly over the summer. Enjoy! ↫ BasicAppleGuy Every single one of these icons is getting progressively worse with almost every design change. They go from beautifully crafted, easily readable and supremely distinguishable icons to generic, repetitive blobs of colour, void of any personality, artistry, or usability considerations. Also, Apple�s new icon design language makes the icons look fuzzy, like they�re not being rendered properly. It�s very unnerving. The one exception is probably the generic folder icon, which looks fine in all of its incarnations. Then there�s the classic Platinum, pixelated version from Mac OS 9 and earlier, which, together with icons from Windows and BeOS from the same time period, are a whole different style that I don�t think most people would accept anymore these days, but that I absolutely adore. Mostly I�m just sad that the craft of making exquisite icons for operating systems is dying, replaced by what almost look like AI! generated blobs of indeterminate meaning, that rely more on preexisting knowledge of the operating system and its applications in question than on being recognisable and decipherable by anyone. I truly hope Windows and the various open source desktops don�t follow in Apple�s footsteps here.
- Tone-deaf Xbox executive urges laid off employees to talk to Copilot for emotional support
A couple of days ago, Microsoft announced 9,000 layoffs across its global workforce, impacting its engineering, Xbox, sales, and management teams. This move also affected various initiatives, resulting in the cancellation of at least three Xbox games, job cuts across various studios, and even the shuttering of one game studio, The Initiative. In the wake of this dark day in the the tech industry, a tone-deaf Microsoft executive urged laid off workers to turn to AI tools for emotional support. ↫ Usama Jawad at Neowin These corporations are raking in massive amounts of profit, they�re doing better than ever, the cup of money runneth over, and yet, they keep laying off thousands and thousands of people almost every few months. The incentives in modern-day capitalism clearly aren�t working out for the vast majority of people, and then to give that final kick when you�re already down, some asshat manager tells you to talk to! sparkly autocomplete for emotional support. Fuck this guy.
- NVIDIA is full of shit
Since the disastrous launch of the RTX 50 series, NVIDIA has been unable to escape negative headlines: scalper bots are snatching GPUs away from consumers before official sales even begin, power connectors continue to melt, with no fix in sight, marketing is becoming increasingly deceptive, GPUs are missing processing units when they leave the factory, and the drivers, for which NVIDIA has always been praised, are currently falling apart. And to top it all off, NVIDIA is becoming increasingly insistent that media push a certain narrative when reporting on their hardware. ↫ Sebin Nyshkim Out of all the issues listed here � and there are many, and each is bad enough on their own � it�s the frame generation and related pressure campaigns on reviewers that really get on my nerves the most. Technologies like DLSS (rendering at a lower internal resolution scaling that up) and frame generation (injecting fake AI! frames to jack up the frame rate) can be fine technologies when used at the consumer�s discretion to find a balance between improved perceived performance in exchange for blurry image quality and artefacting, but we�ve now reached a point where NVIDIA will only boast about performance figures with these technologies enabled, downsides be damned. If that wasn�t misleading enough, the company is also pressuring reviewers who don�t enable these technologies, and focus on real frames, real resolutions, and this, real performance. If you don�t comply, you�re not getting the next crop of GPUs in early access. It�s the kind of shit Apple pulls all the time, and we need less of it, not more. Just don�t buy NVIDIA. They�re already a terrible choice if you�re running anything other than Windows, but the company�s recent behaviour and serious missteps have made the choice for AMD or Intel only more obvious.
- Redox gets network booting, work on UNIX domain sockets continues
Redox continues to make progress, and as another month has passed us by, it�s time for another monthly update. This past month, the focus has been on UNIX domain sockets, which are needed for Redox� goal of running Wayland. As we continue to move forward with our plans for Wayland, a key technology for Wayland support is the ability to send file descriptors over Unix Domain Sockets. File descriptor sending is also an important part of many other OS features, including Capability-based Security. Our Redox Summer of Code project to implement that ability has been progressing very well. Ibuki, a new member of the Redox team, has jumped right into the deep end, and implemented the sendmg and recvmsg functionality, and continues to move forward with work on UDS. ↫ Ribbon and Ron Williams You can read more about the UNIX domain sockets progress in a detailed post on the Redox website. Redox now also supports network booting through PXE, but for now, only UEFI is supported. Of course, all of this work is topped off with the usual slew of fixes in relibc, RedoxFS, various drivers, and more, as well updated ports across the board.
- Is an Intel N100 a better value than a Raspberry Pi?
All of this to say: value is complicated. The Pi 5 is`much`more compact and slightly more power efficient (especially at idle) compared to the cheapest N1XX Intel systems. The Intel systems are better suited for a desktop use case. The Pi 5 can be run off PoE power, for easier one-cable networking + power. The Intel systems are more compatible with a wider range of software (not the least of which is`anything requiring Windows). ↫ Jeff Geerling Intel�s N100 and N150 are vastly underappreciated. The mini laptop I reviewed over a year ago is built around the N100, and I still use it every day for watching YouTube, writing OSNews posts, and so on. I never run into performance issues, battery life is excellent, and I don�t have to deal with the annoyances of using ARM. The catch is that you�re going to want to use Linux � I use Fedora KDE � because Windows� performance on the N100 is dreadful. I don�t think the jump from the N100 to the N150 is worthwhile enough to buy the new version of my mini laptop, so I�ll stick with what I have. I do hope Intel continues the Nxxx line or processors, because it offers something no other x86 chip offers: more than reasonable performance at low power usage for an incredibly low price.
- Ubuntu 25.10 to drop support for effectively all existing RISC-V hardware, focuses on future RISC-V hardware instead
A recent bug report filed against Ubuntu’s upgrading tool confirmed a major change with regards to the RISC-V requirements for the upcoming Ubuntu 25.10 release — most existing RISC-V devices will`not`be able to run Ubuntu 25.10. How come? ↫ Joey Sneddon at omgubuntu.co.uk RISC-V just isn�t delivering. That�s the cold and harsh truth more and more people are having to deal with, such as Chimera Linux dropping RISC-V support because the ecosystem is simply lacking the kind of powerful and available hardware to sustain itself (Chimera got lucky, though, and gained access to a Milk-V Pioneer through Adélie Linux). The number of systems and boards that are both powerful and available is close enough to zero that it might as well be zero, and if neither users nor developers can buy RISC-V hardware, what�s the point in supporting it? The issue for Ubuntu specifically is that version 25.10 of the distribution intends to target only the RVA23 baseline RISC-V profile, while currently Ubuntu supports RVA20 as the baseline. This higher baseline profile requires a number of extensions to the instruction set that no existing hardware yet supports, making 25.10 effectively a clean break for all existing RISC-V hardware. In other words, if you�re running Ubuntu on RISC-V hardware today, you won�t be able to upgrade to 25.10 or higher. RISC-V really needs vastly improved hardware availability, because right now it�s just not delivering on the years of promises.
- The Amiga 3000 UNIX and Sun Microsystems: deal or no deal?
Amiga lore is full of exciting tales. Many of them are retold to demonstrate how the incompetence of Commodore�s management destroyed a platform that, by rights, was destined for success.`Coulda, shoulda,`and the Amiga`woulda`risen as rightful ruler of all other computer platforms, forever and ever. Amen. One of those stories is about how Sun Microsystems allegedly showed interest in the Amiga 3000 during the early 1990s. It�s a classic Amiga anecdote, usually recounted without much reflection, and one`I�ve certainly helped perpetuate. Alas, the more I think about it, the less it adds up. Fact or factoid? Let�s speculate! ↫ Carl Svensson Great speculation with some solid reasoning and sourcing. Considering that had been some minor joint marketing between Sun and Commodore, my money is on the talks around that deal birthing rumours about more extensive Sun involvement in the Amiga 3000. At this point in time, however, decades after the fact and with several conflicting account, it�s unlikely we�ll ever get a solid answer.
- AI note takers are flooding Zoom calls as workers opt to skip meetings
Clifton Sellers attended a Zoom meeting last month where robots outnumbered humans. He counted six people on the call including himself, Sellers recounted in an interview. The 10 others attending were note-taking apps powered by artificial intelligence that had joined to record, transcribe and summarize the meeting. ↫ Lisa Bonos and Danielle Abril at The Bezos Post Management strongly encourages � mandates � that everyone use AI! to improve productivity, but then gets all uppity when people actually do. Welcome to finding out!.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- Fedora Continues 32-Bit Support
In a move that should come as a relief to some portions of the Linux community, Fedora will continue supporting 32-bit architecture.
- ONLYOFFICE v9 Embraces AI
Like nearly all office suites on the market (except LibreOffice), ONLYOFFICE has decided to go the AI route.
- KaOS 2025.05 Officially Qt5 Free
If you're a fan of independent Linux distributions, the team behind KaOS is proud to announce the latest iteration that includes kernel 6.14 and KDE's Plasma 6.3.5.
- openSUSE Joins End of 10
openSUSE has decided to not only join the End of 10 movement but it also will no longer support the Deepin Desktop Environment.
|
