|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All)
(Two Column)
- Debian Trixie: FFmpeg Critical Denial of Service and Code Exec DSA-6073-1
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. For the stable distribution (trixie), this problem has been fixed in version 7:7.1.3-0+deb13u1.
- Debian: libpng Critical DoS Update DLA-4396-1 CVE-2025-64505
Multiple vulnerabilties have been found in libpng, the official PNG reference library, allowing information disclosure via out-of-bounds read, denial of service via application crash, or heap corruption with potential for arbitrary code execution.
- [$] Disagreements over post-quantum encryption for TLS
TheInternet Engineering Task Force (IETF) is the standards body responsiblefor the TLS encryption standard — which your browser is using right nowto allow you to read LWN.net. As part of its work to keep TLS secure, the IETFhas been entertainingproposals to adopt "post-quantum" cryptography (that is,cryptography that is not known to be easily broken by a quantum computer) for TLSversion 1.3. Discussion of the proposal has exposed a large disagreement betweenparticipants who worried about weakened security and others who worried aboutweakened marketability.
- Addressing Linux's missing PKI infrastructure
Jon Seager, VP of engineering for Canonical, has announceda plan to develop a universal Public Key Infrastructure tool calledupki:
Earlier this year, LWN featured an excellent article titled"Linux's missing CRLinfrastructure". The article highlighted a numberof key issues surrounding traditional Public Key Infrastructure (PKI),but critically noted how even the available measures are effectivelyignored by the majority of system-level software on Linux.
One of the motivators for the discussion is that the OnlineCertificate Status Protocol (OCSP) will cease to be supported by Let'sEncrypt. The remaining alternative is to use Certificate RevocationLists (CRLs), yet there is little or no support for managing (or evenquerying) these lists in most Linux system utilities.
To solve this, I'm happy to share that in partnership with rustlsmaintainers Dirkjan Ochtmanand Joe Birr-Pixton, we're starting thedevelopment of upki: a universal PKI tool. This project initially aimsto close the revocation gap through the combination of a new systemutility and eventual library support for common TLS/SSL libraries suchas OpenSSL, GnuTLS and rustls.
No code is available as of yet, but the announcement indicates thatupki will be available as an opt-in preview forUbuntu 26.04 LTS. Thanks to Dirjan Ochtman for the tip.
- Security updates for Monday
Security updates have been issued by Debian (ffmpeg, krita, lasso, and libpng1.6), Fedora (abrt, cef, chromium, tinygltf, webkitgtk, and xkbcomp), Oracle (buildah, delve and golang, expat, python-kdcproxy, qt6-qtquick3d, qt6-qtsvg, sssd, thunderbird, and valkey), Red Hat (webkit2gtk3), and SUSE (git-bug, go1, and libpng12-0).
- [$] An open seat on the TAB
As has been recently announced,nominations are open for the 2025 Linux Foundation Technical Advisory Board(TAB) elections. I am one of the TAB members whose term is coming to anend, but I have decided that, after 18 years on the board, I will notbe seeking re-election; instead, I will step aside and make room for afresh voice. My time on the TAB has been rewarding, and I will be sad toleave; the TAB has an important role to play in the functioning of thekernel community.
- [$] Eventual Rust in CPython
Emma Smith and Kirill Podoprigora, two of Python's core developers, haveopened adiscussion about including Rust code in CPython, the reference implementation ofthe Python programming language. Initially, Rust would only be used for optionalextension modules, but they would like to see Rust become a required dependencyover time. The initial plan was to make Rust required by 2028, but Smith andPodoprigora indefinitely postponed that goal in response to concerns raised in the discussion.
- Security updates for Friday
Security updates have been issued by AlmaLinux (buildah, firefox, gimp:2.8, go-toolset:rhel8, ipa, kea, kernel, kernel-rt, pcs, qt6-qtquick3d, qt6-qtsvg, systemd, and valkey), Debian (chromium and unbound), Fedora (alexvsbus, CuraEngine, fcgi, libcoap, python-kdcproxy, texlive-base, timg, and xpdf), Mageia (digikam, darktable, libraw, gnutls, python-django, unbound, webkit2, and xkbcomp), Oracle (bind, firefox, gimp:2.8, haproxy, ipa, java-25-openjdk, kea, kernel, libsoup3, libssh, libtiff, openssl, podman, qt6-qtsvg, squid, systemd, vim, and xorg-x11-server-Xwayland), Slackware (httpd and libpng), SUSE (chromedriver, kernel, and python-mistralclient), and Ubuntu (cups, linux-azure, linux-gcp, linux-gcp, linux-gke, linux-gkeop, linux-ibm-6.8, linux-iot, and mame).
- Alpine Linux 3.23.0 released
Version 3.23.0 of Alpine Linux has been released. Notable changesin this release include an upgrade to version 3.0of the AlpinePackage Keeper (apk), and replacing the linux-edgepackage with linux-stable:
For years, linux-lts and linux-edge grew apart and developed theirown kernel configs, different architectures, etc.
Now linux-edge gets replaced with linux-stable which has theidentical configuration as linux-lts, but follows the stable releasesinstead of the long-term releases (see https://kernel.org/).
The /usrmerge planned for this release has been postponed; a new timelinefor the change will be published later. See the releasenotes for more information on this release.
- [$] The beginning of the 6.19 merge window
As of this writing, 4,124 non-merge commits have been pulled into themainline repository for the 6.19 kernel development cycle. That is arelatively small fraction of what can be expected this time around, but itcontains quite a bit of significant work, with changes to many core kernelsubsystems. Read on for a summary of the first part of the 6.19 mergewindow.
- [$] A "frozen" dictionary for Python
Dictionaries are ubiquitous in Python code; they are the data structure ofchoice for a wide variety of tasks. But dictionaries are mutable, whichmakes them problematic for sharing data in concurrent code. Python hasadded various concurrency features to the language over the last decade orso—async, free threading without the global interpreter lock(GIL), and independent subinterpretersbut users must work out their ownsolution for an immutable dictionary that can be safely shared byconcurrent code. There are existing modules that could be used, but a recent proposal, PEP 814 ("Add frozendictbuilt-in type"), looks to bring the feature to the language itself.
- cmocka 2.0 released
Andreas Schneider has announcedversion 2.0 of the cmockaunit-testing framework for C:
This release represents a major modernization effort, bringingcmocka firmly into the "modern" C99 era while maintaining thesimplicity and ease of use that users have come to expect.
One of the most significant changes in cmocka 2.0 is the migrationto C99 standard integer types. The LargestIntegralType typedef hasbeen replaced with intmax_t and uintmax_t fromstdint.h, providing better type safety and portability acrossdifferent platforms. Additionally, we've adopted the bool type whereappropriate, making the code more expressive and self-documenting.
Using intmax_t and uintmax_t also allows to printbetter error messages. So you can now finde.g. assert_int_equal and assert_uint_equal.
cmocka 2.0 introduces a comprehensive set of type-specificassertion macros, including `assert_uint_equal()`,`assert_float_equal()`, and enhanced pointer assertions. The mockingsystem has also been significantly improved with type-specific macroslike `will_return_int()` and `will_return_float()`. The same forparameter checking etc.
LWN covered theproject early in its development in 2013. See the full list of newfeatures, enhancements, and bug fixes in cmocka 2.0 in the changelog.
- Security updates for Thursday
Security updates have been issued by AlmaLinux (expat and libxml2), Debian (openvpn and webkit2gtk), Fedora (gi-loadouts, kf6-kcoreaddons, kf6-kguiaddons, kf6-kjobwidgets, kf6-knotifications, kf6-kstatusnotifieritem, kf6-kunitconversion, kf6-kwidgetsaddons, kf6-kxmlgui, nanovna-saver, persepolis, python-ezdxf, python-pyside6, sigil, stb, syncplay, tinyproxy, torbrowser-launcher, ubertooth, and usd), Mageia (cups), SUSE (cups, gegl, icinga2, mozjs128, and Security), and Ubuntu (ghostscript, kernel, linux, linux-aws, linux-aws-5.15, linux-gcp-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-oracle-5.15, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-hwe, linux-kvm, linux-oracle, linux-aws-fips, linux-fips, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure-fips, linux-gcp, linux-gcp-4.15, linux-hwe, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-gcp-6.14, linux-raspi, linux-gcp-fips, linux-intel-iot-realtime, linux-realtime, linux-raspi, linux-raspi-realtime, linux-xilinx, and postgresql-14, postgresql-16, postgresql-17).
- Cro provides commentary on LWN's Zig asynchronicity article
Loris Cro has publisheda detailed YouTube video talking about the terminology used to discuss asynchronicity, concurrency, and parallelism in our recent article about Zig's new Io interface. Our article is not completely clear because it uses the term "asynchronous I/O" to refer to what should really be called "non-blocking I/O", and sometimes confuses asynchronicity for concurrency, among other errors of terminology, he says. Readers interested in precise details about Zig's approach and some of the motivation behind the design may find Cro's video interesting.
- [$] LWN.net Weekly Edition for December 4, 2025
Inside this week's LWN.net Weekly Edition:
Front: Rust in Debian; Python comprehensions; asynchronous Zig; BPF and io_uring; C safety; 6.18 statistics; just. Briefs: Landlock; Let's Encrypt lifetimes; Last 5.4 kernel; TAB election; AlmaLinux 10.1; FreeBSD 15.0; NixOS 25.11; Django 6.0; Home Assistant 2025.12; PHP 8.5.0; Racket 9.0; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- Home Assistant 2025.12 released
Version2025.12 of the Home Assistant home-automation system has been released.
This month, we're unveiling Home Assistant Labs, a brand-new space where you can preview features before they go mainstream. And what better way to kick it off than with Winter mode? ❄️ Enable it and watch snowflakes drift across your dashboard. It's completely unnecessary, utterly delightful, and exactly the kind of thing we love to build. ❄️
But that's just the beginning. We've been working on making automations more intuitive over the past releases, and this release finally delivers purpose-specific triggers and conditions. Instead of thinking in (numeric) states, you can now simply say "When a light turns on" or "If the climate is heating". It's automation building the way our mind works, as it should be.
- Linux I3C Gains "HDR" Support For Faster Data Transfers
I2C in Linux 6.19 brought support for Rust-written I2C drivers. The newer I3C "Improved Inter-Integrated Circuit" interface changes have now been merged and the big feature there is HDR support. Not to be confused with the more common High Dynamic Range acronym usage for HDR, HDR in the I3C context is for the "High Data Rate" mode for facilitating faster data transfers...
- PSoC Edge E84-Based Handheld Runs RT-Thread for Local Machine Learning
RT-Thread has launched a Crowd Supply campaign for the Edgi-Talk, a handheld reference platform built for hardware-accelerated machine learning. Based on Infineon’s PSoC Edge E84 architecture, it targets smart home, wearable, and industrial interfaces that rely on local inference and responsive voice interaction. The core of the system is the Infineon PSoC Edge E84, which […]
- Flowblade Video Editor May Go Wayland-Only As Part Of GTK4 Port
Flowblade 2.24 released today as the newest version of this open-source, non-linear video editing application. Flowblade 2.24 brings a number of refinements while also interesting is their commentary concerning the future with Wayland and GTK4 porting...
- Palm-sized Mini PC NAS offers four M.2 bays and dual 2.5GbE ports
Youyeetoo has introduced the NestDisk, a compact mini-PC NAS built around Intel’s Alder Lake-N architecture. The system integrates four M.2 NVMe slots in a chassis similar to an external drive enclosure, targeting home lab, soft routing, and media server deployments. The device is powered by the Intel Processor N150, a quad-core CPU within the Alder […]
- Linux Distros Designed for Former Windows Users Are Picking Up Steam
For years, Windows users frustrated with constant changes, aggressive updates, and growing system bloat have flirted with switching to Linux. But 2025 marks a noticeable shift: a new generation of Linux distributions built specifically for ex-Windows users is gaining real traction. One of the standout examples is Bazzite, a gaming-optimized Fedora-based distro that has quickly become a go-to choice for people abandoning Windows in favor of a cleaner, more customizable experience.
- Toradex Introduces Coin-Sized Modules Powered with NXP i.MX 93 and i.MX 91 Processors
Toradex has unveiled the OSM and Lino Computer on Module families, incorporating NXP’s i.MX 93 and i.MX 91 processors. These ultra-compact modules target high-volume industrial automation and edge systems, offering a rugged, cost-effective solution for space-constrained environments. The new lineup includes the OSM iMX93, OSM iMX91, Lino iMX93, and Lino iMX91. These modules are powered […]
- Meta Pledge To Use Less Personal Data For Ads Gets EU Nod, Avoids Daily Fines
An anonymous reader quotes a report from Reuters: Meta's proposal to use less personal data for targeted advertising in its pay-or-consent model that will be rolled out next month won the approval of EU antitrust regulators on Monday, signaling the company will not face daily fines after all. [...] The U.S. tech giant has been locked in discussions with the European Commission after getting hit with a $233 million fine in April for breaching the Digital Markets Act aimed at reining in the power of Big Tech. The violation covered Facebook and Instagram in the period from November 2023 to November 2024, after which Meta tweaked its pay-or-consent model to use less personal data for targeted advertising. The EU executive has been examining the changes to see if they comply with the DMA, with Meta risking daily fines of as much as 5% of its average daily worldwide turnover if found to be still in breach of the law. The tweaks are in wording, design and transparency to remind users of the two options. Meta did not plan on any substantial changes to its November proposal despite the risk of EU fines, people with direct knowledge of the matter had told Reuters. The Commission, which acts as the EU competition enforcer, acknowledged Meta's November proposal, saying that it will monitor the new ad model and seek feedback, with no more talk of periodic fines. "Meta will give users the effective choice between consenting to share all their data and seeing fully personalized advertising, and opting to share less personal data for an experience with more limited personalized advertising," the Commission said in a statement.
Read more of this story at Slashdot.
- Lenovo's Next Gaming Laptop May Have a Rollable OLED Screen That Stretches Ultrawide
Lenovo may be preparing to unveil a gaming laptop that uses rollable OLED technology to expand horizontally into an ultrawide 21:9 display, according to a Windows Latest report suggesting the device could appear at CES 2026 in January. The Lenovo Legion Pro Rollable would differ from the company's existing ThinkBook Plus Gen 6, which expands its screen vertically. The new gaming-focused design would see the left and right edges of the display extend beyond the laptop's base chassis when unrolled. Specific details remain scarce. Windows Latest doesn't know the display resolution, refresh rate, screen dimensions in either state, pricing, or release timing -- though it does mention an Intel Core Ultra processor. The ThinkBook Plus Gen 6 currently sells for $3,500.
Read more of this story at Slashdot.
- Social Media's Relentless Shopping Machine Has Created an Army of Debt-Laden Buyers
The influencer economy that Goldman Sachs projects will reach nearly half a trillion dollars by 2027 depends on a less-examined population: the influenced, millions of people who find themselves accumulating debt and clutter after years of exposure to what amounts to a 24/7 digital infomercial. Antoinette Hocbo, a former marketing professional who knows the tricks brands use to chip away at willpower, bought a $199 Pilates program, an iPad, and an arsenal of makeup products after TikTok's algorithm served her a stream of aspirational content. The Pilates gear now sits unused. Elysia Berman accumulated over $50,000 in debt across four credit cards and four buy-now-pay-later services during the pandemic, purchasing items she never wore because influencers recommended them. A 2024 Pew Research Center survey found 62% of adults on TikTok use the platform to find product reviews and recommendations. Marketing expert Mara Einstein told The Verge that brands now need seven exposures to prompt consumer action, up from three in the pre-social media era. The vastness of the internet has allowed available products to bloat beyond imagination.
Read more of this story at Slashdot.
- China's Growth Is Coming at the Rest of the World's Expense
China has contributed less to global growth this year than the U.S. despite Beijing's frequent criticism of protectionism, according to a Wall Street Journal analysis citing new research from Goldman Sachs economists. U.S. imports are up 10% so far this year compared to a year earlier, while China's imports have fallen 3% in dollar terms. Goldman's economists found that the historical relationship between Chinese growth and global growth has turned negative; where 1% more Chinese output once raised world output by 0.2%, the bank now projects. China will grow about 0.6 percentage points faster annually over the next few years while reducing the rest of the world's growth by 0.1 point per year. China's current account surplus could reach 1% of world GDP by 2029, Goldman estimates, larger than any country's since the late 1940s. China now accounts for 17% of global GDP.
Read more of this story at Slashdot.
- Denmark Posts Its Last Letters as Hallowed National Mail Ends
Denmark's postal service, established by King Christian IV four centuries ago as one of Europe's first modern mail systems, will stop delivering letters on December 30, ending a tradition that once saw riders given a maximum of 45 minutes to cover each 10-kilometer stretch of routes running from Hamburg to Norway. PostNord, the postal service Denmark has shared with Sweden since 2009, started removing its 1,500 remaining red post boxes in June; a handful will go to museums. Letter volumes collapsed from nearly 1.5 billion in 2000 to 110 million last year. A standard stamp now costs 29 Danish kroner ($4.52). A private logistics firm called DAO will take over letter delivery. PostNord will continue handling parcels. The decision has rattled postal services elsewhere in Europe. Deutsche Post in Germany, still delivering 61 million letters daily, has warned it faces the same trends.
Read more of this story at Slashdot.
- How the Dollar-Store Industry Overcharges Cash-Strapped Customers While Promising Low Prices
Dollar General and Family Dollar stores have collectively failed more than 6,400 government price-accuracy inspections since January 2022, charging customers more at checkout than the prices displayed on shelves for everything from frozen pizzas to puppy food, according to an investigation by the Guardian. The review examined records from 45 states and more than 140 counties and cities. Dollar General stores failed over 4,300 inspections across 23 states, and Family Dollar failed more than 2,100 in 20 states. Error rates at the worst-performing locations reached staggering levels -- 76% at a Dollar General in Hamilton, Ohio and 68% at a Family Dollar in Bound Brook, New Jersey. A Family Dollar in Provo, Utah failed 28 consecutive inspections. Industry watchers, employees and lawsuits attribute the discrepancies to minimal staffing. Registers update automatically when prices change, but shelf labels require manual replacement, and workers often lack the time. State attorneys general have pursued settlements -- Arizona reached a $600,000 deal with Family Dollar in May, Colorado settled with Dollar General for $400,000 in October and Ohio secured $1 million from Dollar General after finding error rates as high as 88%. Both companies declined interview requests but said they remain committed to pricing accuracy.
Read more of this story at Slashdot.
- Google Says First AI Glasses With Gemini Will Arrive in 2026
Google said it's working to create two different categories of artificial intelligence-powered smart glasses to compete next year with existing models from Meta Platforms: one with screens, and another that's audio focused. From a report: The first AI glasses that Google is collaborating on will arrive sometime in 2026, it said in a blog post Monday. Samsung Electronics, Warby Parker and Gentle Monster are among its early hardware partners, but the companies have yet to show any final designs. Google also outlined several software improvements coming to Samsung's Galaxy XR headset, including a travel mode that will allow the mixed-reality device to be used in cars and on planes.
Read more of this story at Slashdot.
- Japan Issues Tsunami Warning After Magnitude 7.6 Earthquake
A powerful magnitude 7.6 earthquake has shaken Japan, prompting tsunami warnings and orders for residents to evacuate. From a report: A tsunami as high as 3 metres (10ft) could hit the country's north-eastern coast after the earthquake occurred offshore at 11.15pm local time (2.15pm GMT), the Japan Meteorological Agency (JMA) said. Tsunami warnings were issued for the prefectures of Hokkaido, Aomori and Iwate, and tsunamis from 20-50cm (7-18in) high were observed at several ports, JMA said. The epicentre of the quake was 50 miles (80km) off the coast of Aomori prefecture, at a depth of 30 miles, the agency added. On Japan's one-to-seven scale of seismic intensity, the tremor registered as an "upper six" in Aomori prefecture -- a quake strong enough to make it impossible to keep standing or move without crawling. In such tremors, most heavy furniture can collapse and wall tiles and windowpanes are damaged in many buildings.
Read more of this story at Slashdot.
- How a Cryptocurrency Helps Criminals Launder Money and Evade Sanctions
An investigation has revealed how stablecoins -- cryptocurrencies pegged to the US dollar that exist largely beyond traditional financial oversight -- have become a practical tool for criminals and sanctioned individuals to move funds across borders almost instantly and convert them back into spendable money, often without detection. A Chainalysis report from February estimated that up to $25 billion in illicit transactions involved stablecoins last year. A New York Times reporter tested the system by converting $40 cash at a crypto ATM in Weehawken, New Jersey, into stablecoins and then using a Telegram bot to generate a Visa payment card without any identity verification. The card-issuing service, WantToPay, is incorporated in Hong Kong and led by a Russian entrepreneur in Thailand; it advertises to Russians blocked by US sanctions. Britain last month arrested members of a billion-dollar money laundering network that had purchased a bank in Kyrgyzstan to convert proceeds from drug trafficking and human trafficking into Tether, the most popular stablecoin. Further reading: China's Central Bank Flags Money Laundering and Fraud Concerns With Stablecoins.
Read more of this story at Slashdot.
- The Accounting Uproar Over How Fast an AI Chip Depreciates
Tech giants including Meta, Alphabet, Microsoft and Amazon have all extended the estimated useful lives of their servers and AI equipment over the past five years, sparking a debate among investors about whether these accounting changes are artificially inflating profits. Meta this year increased its depreciation timeline for most servers and network assets to 5.5 years, up from four to five years previously and as little as three years in 2020. The company said the change reduced its depreciation expense by $2.3 billion for the first nine months of 2025. Alphabet and Microsoft now use six-year periods, up from three in 2020. Amazon extended to six years by 2024 but cut back to five years this year for some servers and networking equipment. Michael Burry, the investor portrayed in "The Big Short," called extending useful lives "one of the more common frauds of the modern era" in an article last month. Meta's total depreciation expense for the nine-month period was almost $13 billion against pretax profit exceeding $60 billion.
Read more of this story at Slashdot.
- Paramount Skydance Launches Hostile Bid For WBD After Netflix Wins Bidding War
Paramount Skydance is launching a hostile bid to buy Warner Bros. Discovery after it lost out to Netflix in a months-long bidding war for the legacy assets, the company said Monday. CNBC: Paramount will go straight to WBD shareholders with an all-cash, $30-per-share offer. That's the same bid WBD rejected last week, according to people familiar with the bid who asked not to be named because the details were private. The offer is backstopped with equity financing from the Ellison family and the private-equity firm RedBird Capital and $54 billion of debt commitments from Bank of America, Citi and Apollo Global Management. "We're really here to finish what we started," Ellison told CNBC's "Squawk on the Street" Monday. "We put the company in play." On Friday, Netflix announced a deal to acquire WBD's studio and streaming assets for $72 billion. David Ellison-run Paramount had been bidding for the entirety of Warner Bros. Discovery, including those assets and the company's TV networks like CNN and TNT Sports.
Read more of this story at Slashdot.
- Amazon Pitches AI Tools as Co-Workers While Axing Jobs
Amazon used its annual re:Invent cloud conference in Las Vegas to pitch a vision of the workplace where AI agents serve not as tools but as "co-workers" and "teammates," even as the company proceeds with eliminating roughly 14,000 corporate jobs in its second major workforce reduction in recent years. AWS CEO Matt Garman predicted on stage that autonomous "frontier agents" could represent 80 to 90% of enterprise AI value. Colleen Aubrey, senior vice president of applied AI solutions, described a future where companies manage "teams" of agents capable of working autonomously for hours or days while humans shift into supervisory roles. Amazon has already deployed agentic systems across tens of thousands of its own engineers to triage outages and propose fixes. The company calls these systems "teammates" rather than tools. CEO Andy Jassy has warned that AI would shrink Amazon's workforce, though a spokesperson attributed the current cuts to "reducing bureaucracy" and "removing layers" rather than AI deployment.
Read more of this story at Slashdot.
- Idaho Lab Produces World's First Molten Salt Fuel for Nuclear Reactors
America's Energy Department runs a research lab in Idaho — and this week announced successful results from a ground-breaking experiment. "This is the first time in history that chloride-based molten salt fuel has been produced for a fast reactor," says Bill Phillips, the lab's technical lead for salt synthesis. He calls it "a major milestone for American innovation and a clear signal of our national commitment to advanced nuclear energy."Unlike traditional reactors that use solid fuel rods and water as a coolant, most molten salt reactors rely on liquid fuel — a mixture of salts containing fissile material. This design allows for higher operating temperatures, better fuel efficiency, and enhanced safety. It also opens the door to new applications, including compact nuclear systems for ships and remote installations. "The Molten Chloride Fast Reactor represents a paradigm shift in the nuclear fuel cycle, and the Molten Chloride Reactor Experiment (MCRE) will directly inform the commercialization of that reactor," said Jeff Latkowski, senior vice president of TerraPower and program director for the Molten Chloride Fast Reactor. "Working with world-leading organizations such as INL to successfully synthesize this unique new fuel demonstrates how real progress in Gen IV nuclear is being made together." "The implications for the maritime industry are significant," said Don Wood, senior technical advisor for MCRE. "Molten salt reactors could provide ships with highly efficient, low-maintenance nuclear power, reducing emissions and enabling long-range, uninterrupted travel. The technology could spark the rise of a new nuclear sector — one that is mobile, scalable and globally transformative. More details from America's Energy Department:MCRE will require a total of 72 to 75 batches of fuel salt to go critical, making it the largest fuel production effort at INL since the operations of Experimental Breeder Reactor-II more than 30 years ago. The full-scale demonstration of the new fuel salt synthesis line for MCRE was made possible by a breakthrough in 2024. After years of testing, the team found the right recipe to convert 95 percent of uranium metal feedstock into 18 kilograms of uranium chloride fuel salt in only a few hours — a process that previously took more than a week to complete... After delivering the first batch of fuel salt this fall, the team anticipates delivering four additional batches by March of 2026. MCRE is anticipated to run in 2028 for approximately six months at INL in the Laboratory for Operation and Testing (LOTUS) in the United States test bed. "With the first batch of fuel salt successfully created at INL, researchers will now conduct testing to better understand the physics of the process, with a goal of moving the process to a commercial scale over the next decade," says Cowboy State Daily. Thanks to long-time Slashdot reader schwit1 for sharing the article.
Read more of this story at Slashdot.
- Was the Airbus A320 Recall Caused By Cosmic Rays?
What triggered that Airbus emergency software recall? The BBC reports that Airbus's initial investigation into an aircraft's sudden drop in altitude linked it "to a malfunction in one of the aircraft's computers that controls moving parts on the aircraft's wings and tail." But that malfunction "seems to have been triggered by cosmic radiation bombarding the Earth on the day of the flight..." The BBC believes radiation from space "could become a growing problem as ever more microchips run our lives."What Airbus says occurred on that JetBlue flight from Cancun to New Jersey was a phenomenon called a single-event upset, or bit flip. As the BBC has previously reported, these computer errors occur when high-speed subatomic particles from outer space, such as protons, smash into atoms in our planet's atmosphere. This can cause a cascade of particles to rain down through our atmosphere, like throwing marbles across a table. In rare cases, those fast-moving neutrons can strike computer electronics and disrupt tiny bits of data stored in the computer's memory, switching that bit — often represented as a 0 or 1 — from one state to another."That can cause your electronics to behave in ways you weren't expecting," says Matthew Owens, professor of space physics at the University of Reading in the UK. Satellites are particularly affected by this phenomenon, he says. "For space hardware we see this quite frequently." This is because the neutron flux — a measure of neutron radiation — rises the higher up in the atmosphere you go, increasing the chance of a strike hitting sensitive parts of the computer equipment on board. Aircraft are more vulnerable to this problem than computer equipment on the ground, although bit flips do occur at ground level, too. The increasing reliance of computers in fly-by-wire systems in aircraft, which use electronics rather than mechanical systems to control the plane in the air, also mean the risk posed by bit flips when they do occur is higher... Airbus told the BBC that it tested multiple scenarios when attempting to determine what happened to the 30 October 2025 JetBlue flight. In this case also, the company ruled out various possibilities except that of a bit flip. It is hard to attribute the incident to this for sure, however, because careering neutrons leave no trace of their activity behind, says Owens... [Airbus's software update] works by inducing "rapid refreshing of the corrupted parameter so it has no time to have effect on the flight controls", Airbus says. This is, in essence, a way of continually sanitising computer data on these aircraft to try and ensure that any errors don't end up actually impacting a flight... As computer chips have become smaller, they have also become more vulnerable to bit flips because the energy required to corrupt tiny packets of data has got lower over time. Plus, more and more microchips are being loaded into products and vehicles, potentially increasing the chance that a bit flip could cause havoc. If nothing else, the JetBlue incident will focus minds across many industries on the risk posed to our modern, microchip-dependent lives from cosmic radiation that originates far beyond our planet. Airbus said their analysis revealed "intense solar radiation" could corrupt data "critical to the functioning of flight control." But that explanation "has left some space weather scientists scratching their heads," adds the BBC. Space.com explains:Solar radiation levels on Oct. 30 were unremarkable and nowhere near levels that could affect aircraft electronics, Clive Dyer, a space weather and radiation expert at University of Surrey in the U.K., told Space.com. Instead, Dyer, who has studied effects of solar radiation on aircraft electronics for decades, thinks the onboard computer of the affected jet could have been struck by a cosmic ray, a stream of high-energy particles from a distant star explosion that may have travelled millions of years before reaching Earth. "[Cosmic rays] can interact with modern microelectronics and change the state of a circuit," Dyer said. "They can cause a simple bit flip, like a 0 to 1 or 1 to 0. They can mess up information and make things go wrong. But they can cause hardware failures too, when they induce a current in an electronic device and burn it out."
Read more of this story at Slashdot.
- All of Russia's Porsches Were Bricked By a Mysterious Satellite Outage
An anonymous reader shared this report from Autoblog:Imagine walking out to your car, pressing the start button, and getting absolutely nothing. No crank, no lights on the dash, nothing. That's exactly what happened to hundreds of Porsche owners in Russia last week. The issue is with the Vehicle Tracking System, a satellite-based security system that's supposed to protect against theft. Instead, it turned these Porsches into driveway ornaments. The issue was first reported at the end of November, with owners reporting identical symptoms of their cars refusing to start or shutting down soon after ignition. Russia's largest dealership group, Rolf, confirmed that the problem stems from a complete loss of satellite connectivity to the VTS. When it loses its connection, it interprets the outage as a potential theft attempt and automatically activates the engine immobilizer. The issue affects all models and engine types, meaning any Porsche equipped with the system could potentially disable itself without warning. The malfunction impacts Porsche models dating back to 2013 that have the factory VTS installed... When the VTS connection drops, the anti-theft protocol kicks in, cutting fuel delivery and locking down the engine completely.
Read more of this story at Slashdot.
- DJ Garman drops the ball instead of the bass in AWS re:Invent keynote
But the 25 announcements in the last 10 minutes included a few well worth waiting for
AWS CEO Matt Garman's annual re:Invent keynote was the best kind of keynote, in that you could have slept in for nearly all of it and still been thrilled to pieces, provided you caught the last ten minutes. He concluded what was otherwise an AI-palooza chock full of boring guest speakers with an Andy Jassy style "twenty-five releases in ten minutes," complete with a basketball-style ten-minute shot clock counting down the time.…
- Meta and Google turn to NextEra to feed insatiable datacenter power hunger
The Chocolate Factory will also put its AI to work inside one of America’s biggest utilities
NextEra Energy on Monday tightened its grip on hyperscaler power demand, adding 2.5 GW of new renewable projects for Meta while deepening its partnership with Google, which already covers about 3.5 GW of capacity.…
- ICE-tracking app developer sues Trump admin after Apple spikes the software
Suit argues forcing Apple to remove app, and threatening dev with legal action is a First Amendment violation
Does the first amendment allow citizens to track law enforcement activity? After publishing an iOS app that shows where ICE agents have deployed, ICEBlock developer Joshua Aaron saw the Trump admin pressure Apple into pulling the software and threaten him with prosecution. Now he's fighting back.…
- 193 cybercrims arrested, accused of plotting 'violence-as-a-service'
Minors groomed to kill and intimidate victims
Nearly 200 people, including minors accused of involvement in murder plots, have been arrested over the last six months as part of Europol's Operational Taskforce (OTF) GRIMM. The operation targets what cops call "violence-as-a-service" - crime crews recruiting kids and teens online to carry out contract killings and other real-world attacks.…
- Windows Insiders get a glimpse of Microsoft’s agentic future
Native MCP support lands in Insider Dev and Beta builds
Microsoft has begun rolling out a public preview of native support for the Model Context Protocol (MCP) in the latest Windows 11 Insider builds, edging its much-touted “agentic OS” vision closer to reality.…
- Classic MacOS for non-Apple PowerPC kit rediscovered
Unreleased variants that Jobs killed off found – 7.6 on a G4, anyone?
As well as the Mac clones, there were PC-style PowerPC machines – and a version of classic MacOS for them has just been rediscovered, enabling previously unimagined combinations.…
- IBM straps AI to Db2 console in bid to modernize the old warhorse
Intelligence Center features aim to unify management across on-prem, cloud, and containerized estates
IBM has topped an autumn flurry of Db2 updates with new features for its Intelligence Center console, promising to let users manage deployments of the 42-year-old database across on-prem, cloud, and containerized environments from a single place.…
- IBM drops $11B on Confluent to feed next-gen AI ambitions
Big Blue’s latest mega-buy hands it a real-time data-streaming powerhouse built on Kafka
IBM has cracked open its wallet again, agreeing to shell out $11 billion for Confluent in a bid to glue together the data sprawl underpinning the next wave of enterprise AI. …
- X shuts down European Commission ad account after €120M fine announcement
Brussels accused of using Ad Composer quirk to post link disguised as a video
X has terminated the European Commission's ad account after Brussels used it to post a video announcing the platform's €120 million Digital Services Act (DSA) fine – which was in fact just a link to the press release.…
- Kyocera claims 5.2 Gbps underwater laser data blast in lab tests
Japanese outfit aims to improve comms for aquatic drones
Kyocera has demonstrated underwater wireless optical communication (UWOC) technology that achieved 5.2 Gbps in lab tests, targeting video feeds and sensor data for ocean exploration and underwater robotics.…
- Barts Health seeks High Court block after Clop pillages NHS trust data
Body confirms patient and staff details siphoned via Oracle EBS flaw as gang threatens to leak haul
Barts Health NHS Trust has confirmed that patient and staff data was stolen in Clop's mass-exploitation of Oracle's E-Business Suite (EBS), and says it is now taking legal action in an effort to stop the gang publishing any of the snatched information.…
- Death in the dollhouse as Microsoft marketing reboots digital soap operas
Can’t take decades more synthetic case studies? Get those digital daggers out
These are hard times, even for the biggest brands. Facing existential crises, emergency board meetings are in full swing at multinationals Contoso, a huge marketing and sales outfit, and Fabrikam, the famous name in online fashion. Both are under threat from usurper Zava, a retailer so dazzlingly disruptive it is both a chain of DIY home improvement shops and flogger of intelligent athletic apparel.…
- China’s first reusable rocket explodes, but its onboard Ethernet network flew
PLUS: South Korea to strengthen security standards; Canon closes Chinese printer plant; APAC datacenter capacity to triple by 2029; And more
Asia In Brief Chinese rocketry outfit LandSpace last week flew what it hoped would be the country’s first reusable rocket, only to watch it explode while attempting to land.…
- Death to one-time text codes: Passkeys are the new hotness in MFA
Wanna know a secret?
Whether you're logging into your bank, health insurance, or even your email, most services today do not live by passwords alone. Now commonplace, multifactor authentication (MFA) requires users to enter a second or third proof of identity. However, not all forms of MFA are created equal, and the one-time passwords orgs send to your phone have holes so big you could drive a truck through them.…
- Cloudflare blames Friday outage on borked fix for React2shell vuln
Security community needs to rally and share more info faster, one researcher says
Amid new reports of attackers pummeling a maximum security hole (CVE-2025-55182) in the React JavaScript library, Cloudflare's technology chief said his company took down its own network, forcing a widespread outage early Friday, to patch React2Shell.…
- Tech leaders fill $1T AI bubble, insist it doesn't exist
Even as enterprises defer spending and analysts spot dotcom-era warning signs
Tech execs are adamant the AI craze is not a bubble, despite the vast sums of money being invested, overinflated valuations given to AI startups, and reports that many projects fail to make it past the pilot stage.…
- Beijing-linked hackers are hammering max-severity React bug, AWS warns
State-backed attackers started poking flaw as soon as it dropped – anyone still unpatched is on borrowed time
Amazon has warned that China-nexus hacking crews began hammering the critical React "React2Shell" vulnerability within hours of disclosure, turning a theoretical CVSS-10 hole into a live-fire incident almost immediately.…
- Salesforce finds new AI monetization knobs to twist
With seat and usage-based deals back on the table, CRM giant tells investors agent prices are going up
Salesforce has told investors it is upping prices for AI agent platforms, claiming customers will get between three and ten times the value from investment as it introduces new AI charging models.…
- UK pushes ahead with facial recognition expansion despite civil liberties backlash
Plan would create statutory powers for police use of biometrics, prompting warnings of mass surveillance
The UK government has kicked off plans to ramp up police use of facial recognition, undeterred by a mounting civil liberties backlash and fresh warnings that any expansion risks turning public spaces into biometric dragnets.…
- FreeBSD 15 trims legacy fat and revamps how OS is built
Project retires 32-bit ports, embraces pkgbase, and modernizes build process
The latest release of FreeBSD contains a lot of crucial under-the-hood changes – and drops 32-bit support on both x86 and POWER, although ARM-v7 survives.…
- Vendor's secret 'fix' made critical app unusable during business hours
Medical software maker also had a vastly unhealthy approach to security
On Call Welcome to another installment of On Call, The Register's Friday column that tries to improve the health of the tech support ecosystem by sharing readers' sickening stories of bringing broken tech back from the brink.…
- Amazon keeps the pressure on Intel, AMD with 192-core Graviton5 CPU
The homegrown chips now account for half of all new CPUs added to AWS over the past three years
re:invent Amazon on Thursday unveiled Graviton5, its densest, highest performance CPU yet, cramming 192 processor cores into a single socket and promising new levels of AWS performance.…
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]
- Things Linux OS Can Do That Other OS Can�t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter [0]
- Microsoft will allow you to remove AI! actions from Windows 11�s context menus
With the current, rapidly deteriorating state of the Windows operating system, you have to take the small wins you can get: Microsoft is now offering the option of removing AI! actions from Windows 11�s context menus. buried deep in the Windows 11 Insider Preview Build 26220.7344 release notes, there�s this nugget: If there are no available or enabled AI Actions, this section will no longer show in the context menu. ↫ Windows Insider Preview release notes If you then go to Settings > Apps > Actions and uncheck all the AI! actions, the entire submenu in Windows 11�s context menus will vanish. While this is great news for those Windows users who don�t want to be bothered by all the AI! nonsense, I wish Microsoft would just give users a proper way to edit the context menu that doesn�t involve third party hackery. KDE�s Dolphin file manager gives me full control over what does and does not appear in its context menu, and I can�t imagine living without this functionality � there�s so many file-related operations I never use, and having them clutter up the context menu is annoying and just slows me down. There�s more substantial and important changes in this Insider Preview Build too, most notably the rollout of the Update Orchestration Platform, which should make downloading and installing application updates less cumbersome, but since it�s a new feature, application won�t support it right away. This release also brings the new Windows MIDI Services, and Microsoft hopes this will improve the experience for musicians using MIDI 1.0 or MIDI 2.0 on Windows. There�s a slew of smaller changes, too, of course. I�m not exactly sure when these new features will make their way to production installations � who does, honestly, with Microsoft�s convoluted release processes � but I hope it�s sooner rather than later.
- The anatomy of a macOS application
When Mac OS X was designed, it switched to the bundle structure inherited from NeXTSTEP. Instead of this multitude of resources, apps consisted of a hierarchy of directories containing files of executable code, and those with what had in Mac OS been supporting resources. Those app bundles came to adopt a standard form, shown below. ↫ Howard Oakley A short, but nonetheless informative overview of the structure of a macOS application. I�m sure most people on OSNews are aware that a macOS application is a bundle, which is effectively a glorified directory containing a variety of files and subdirectories that together make up the application. I haven�t used macOS in a while, but I think you can right-click on an application and open it as a folder to dig around inside of it. I�m trying to remember from my days as a Mac OS X user � 15-20 years ago � if there was ever a real need to do so, but I�m sure there were a few hacks you could do by messing around with the files inside of application bundles. These days, perhaps with all the code-signing, phoning-home to Apple, and other security trickery going on, such acts are quite frowned upon. Does making any otherwise harmless changes inside an application bundle set off a ton of alarm bells in macOs these days?
- Applets are officially gone, but Java in the browser is better than ever
The end of an era, perhaps. Applets are officially, completely removed from Java 26, coming in March of 2026. This brings to an official end the era of applets, which began in 1996. However, for years it has been possible to build modern, interactive web pages in Java without needing applets or plugins. TeaVM provides fast, performant, and lightweight tooling to transpile Java to run natively in the browser. And for a full front-end toolkit with templates, routing, components, and more, Flavour lets you build your modern single-page app using 100% Java. ↫ Andrew Oliver As consumers, we don�t really encounter Java that much anymore unless we play Minecraft, but that doesn�t mean Java no longer has a place in this world. In fact, it still consistently ranks in the top three of most popular programming languages, so any tools to make using Java easier, both for programmers and users, are welcome.
- OSNews needs your donations to survive
OSNews is funded entirely by you, our readers. There are no ads on OSNews, we are not part of a massive corporate publishing conglomerate like virtually every other technology news website, there are no wealthy (corporate) benefactors � it�s just whatever funds you, our readers, send our way. As such, I sometimes need to remind everyone about this, and December, the holiday month, seems as great a time as any to do this. If you want to support a truly independent technology news website, free from the corrupting influences of corporate interests, advertising companies, managers pushing AI!, and all the other nonsense destroying the web we once loved, you can do so by donating to keep OSNews alive. This gives me the time and means to write 9000 words about dead computer ecosystems, and I�m already working on an article about the next final UNIX workstation. Every single donation, large or small, is deeply appreciated and keeps the lights on around here. There aren�t many websites like OSNews left, especially not independent ones that answer to nobody. Your support keeps OSNews going, with June 2026 marking a special moment for me: it will mark twenty years since I took over this place. I�m not expecting a party � you�re paying me to work, not to party � but it is still a meaningful anniversary for me personally.
- Porting rePalm to Pixter devices
Some of you may be aware of rePalm, a project by Dmitry Grinberg to port the PalmOS to various devices it was never supposed to run on. We covered rePalm back in 2019 and again in 2023. His latest project involved porting PalmOS to a set of digital toys that were never intended to run PalmOS in any way. Fisher-Price (owned by Mattel) produced some toys in the early 2000 under the Pixter brand. They were touchscreen-based drawing toys, with cartridge-based extra games one could plug in. Pixter devices of the first three generations ( classic!, plus!, and 2.0!) featured 80�80 black-and-white screens, which makes them of no interest for rePalm. The last two generations of Pixter ( color! and multimedia!) featured 160�160 color displays. Now, this was more like it! Pixter was quite popular, as far as kids� toys go, in USA in the early 2000s. A friend brought it to my attention a year ago as a potential rePalm target. The screen resolution was right and looking inside a Pixter Color! showed an ARM SoC � a Sharp LH75411. The device had sound (games made noises), and touch panel was resistive. In theory � a viable rePalm target indeed. ↫ Dmitry Grinberg Considering the immensely limited ARMv7 implementation he had to deal with � no cache, no memory management unit, no memory protection unit � it�s a miracle Grinberg managed to succeed. To make matters even harder, the first revision boards of the color! model only had 1MB of flash, which is incredibly small even for PalmOS 5, so he had to rewrite parts of it to make it fit. Implementing communication over infrared was also a major difficulty, but that, too he managed to get working � on a device that doesn�t have IrDA SIR modulation. Wild. Grinberg went above and beyond, making sure the buttons on the devices work, developing and building a way to put PalmOS on a game! cartridge, reverse-engineering the display controller to make sure things like brightness adjustment works, adding screen type detection for that one small run of Pixter Color devices that came with a TFT instead of an STN screen, and so, so much more. Until you read the article, you have no idea how much work Grinberg put into this project. I continue to be in awe of Grinberg�s work every time I come across it.
- Haiku highlights interesting stalled commits you might want to adopt
Now this is a great initiative by the Haiku team: highlight a number of stale commits that�ve been without interaction for years, explain why they�ve stalled, and then hope renewed interest might grow (part 1 and part 2). Recently some discussions on the forum led to asking about the status of our Gerrit code review. There are a lot of changes there that have been inactive for several years, with no apparent interest from anyone. To be precise, there are currently 358 commits waiting for review (note that Gerrit, unlike Github and other popular code review tools, works on a commit-by-commit basis, so each commit from a multiple-commit change is counted separately). The oldest one has not seen any comments since 2018. Today, let’s have a look at some of these changes and see why they are stalled. Hopefully it will inspire someone to pick up the work and help finishing them up. ↫ Pulkomandy at the Haiku website Browsing through the highlighted stalled commits, there�s a few that seem quite interesting and relatively easy for a (new?) contributor to seek their teeth into. For instance, there�s a stalled commit to remove GCC from Haiku images built with clang/llvm, which stalled mostly because there are still other issues when building Haiku with clang/llvm. For a more complex problem, there�s the issue of how every menu in BeOS/Haiku is also a window, including its own thread, which means navigating deeply nested menus creates and destroys a lot of threads, that all need to be synchronised, too. If you want to get really ambitious, there�s the stalled commit to add initial 64bit PowerPC support. There�s more of these, of course, so if you have the skills and will to contribute to a project like Haiku, this might be a great place to start and get your feet wet. Now that these commits are back in the spotlight, there�s sure to be team members and regular contributors lined up to lend an extra hand, as well.
- Oracle Solaris 11.4 SRU 87 released
Oracle has released Solaris 11.4 SRU 87, which brings with it a whole slew of changes, updates, and fixes. Primarily, it upgrades Firefox and Thunderbird to their latest ESR 140.3.0 releases, and adds GCC 15, alongside a ton of updated other open source packages. On more Solaris 11-specific notes, useradd�s account activation options have been changed to address some issues caused by stricter enforcement introduced in SRU 78, there�s some preparations for the upgrade to BIND 9.20 in a future Solaris 11 release, a few virtualisation improvements, and much more. If you�re unclear about the relationship between this new release and the Common Build Environment or CBE release of Solaris 11.4 for enthusiasts, released earlier this year, the gist is that these SRU updates are only available to people with Oracle Solaris support contracts, while any updates to the CBE release are available to mere mortals like you and I. If you have a support contract and are using the CBE, you can upgrade from the CBE to the official SRU releases, but without such a contract, you�re out of luck. A new CBE release is in the works, and is planned to arrive in 2026 � which is great news, but I would love for the enthusiast variant of Solaris 11.4 to receive more regular updates. I don�t think making these SRU updates available to enthusiasts in a non-commercial, zero-warranty kind of way would pose any kind of threat to Oracle�s bottom line, but alas, I don�t run a business like Oracle so perhaps I�m wrong.
- APL9: an APL for Plan 9
This is the website for APL9, which is an APL implementation written in C on and for Plan 9 (9front specifically, but the other versions should work as well). Work started in January 2022, when I wanted to do some APL programming on 9front, but no implementation existed. The focus has been on adding features and behaving (on most points) like`Dyalog APL. Speed is poor, since many primitives are implemented in terms of each other, which is not optimal, but it helped me implement stuff easier. ↫ APL9 website I honestly have no idea what to say.
- Microsoft drops AI sales targets in half after salespeople miss their quotas
Microsoft has lowered sales growth targets for its AI agent products after many salespeople missed their quotas in the fiscal year ending in June, according to a report Wednesday from The Information. The adjustment is reportedly unusual for Microsoft, and it comes after the company missed a number of ambitious sales goals for its AI offerings. ↫ Benj Edwards at Ars Technica I�m sure this is fine and not a sign of anything at all.
- On recreating the lost SDK for a 42-year-old operating system: VisiCorp VisiOn
I would think most of us here at OSNews are aware of VisiOn, the graphical multitasking operating system for the IBM PC which was one of the first operating systems with a graphical user interface, predating Windows, GEM, the Mac, and even the Apple Lisa. While VisiOn was technically an open! platform anybody could develop an application for, the operating system�s SDK cost $7000 at the time and required a VAX system. This, combined with VisiOn failing in the market, means nobody knows how to develop an application for it. Until now. Over the past few months, Nina Kalinina painstakingly unraveled VisiOn so that she she could recreate the SDK from scratch. In turn, this allowed developer Atsuko to develop a clean-room application for VisiOn � which is most likely the very first third-party application ever developed and released for VisiOn. I�ve been following along with the pains Kalinina had to go through for this endeavour over on Fedi, and it sure was a wild ride few would be willing (and capable) to undertake. It took me a month of working 1-2 hours a day to produce a specification that allowed Atsuko to implement a`clean-room`homebrew application for VisiOn that is capable of bitmap display, menus and mouse handling. If you�re wondering what it felt like: this project is the largest Sudoku puzzle! I have ever tried to solve. In this note, I have tried to explain the process of solving this puzzle, as well as noteworthy things about VisiOn and its internals. ↫ Nina Kalinina The article contains both a detailed look at VisiOn, as well as the full process of recreating its SDK and developing an application with it. Near the end of the article, after going over all the work that was required to get here, there�s a sobering clarification: This reverse-engineering project ended up being much bigger than I anticipated. We have a working application, yes, but so far I�ve documented less than 10% of all the VisiHost and VisiOp calls. We still don�t know how to implement keyboard input, or how to work with timers and background processes (if it is possible). ↫ Nina Kalinina I�d love for more people to be interested in helping this effort out, as it�s not just an extremely difficult challenge, but also a massive contribution to software preservation. VisiOn may not be more than a small footnote in computing history, but it still deserves to be remembered and understood, and Kalinina and Atsuko have done an amazing amount of legwork for whomever wants to pick this up, too.
- Google is experimentally replacing news headlines with AI clickbait nonsense
Did you know that BG3 players exploit children? Are you aware that Qi2 slows older Pixels? If we wrote those misleading headlines, readers would rip us a new one — but Google is experimentally beginning to replace the original headlines on stories it serves with AI nonsense like that. ↫ Sean Hollister at The Verge I�m a little teapot, short and stout. Here is my handle, here is my spout. When I get all steamed up, hear me shout. Tip me over and pour me out!
- Micron is ending its consumer RAM business because of AI!
You may have noticed that due to AI! companies buying up all literally all the RAM in the world, prices for consumer RAM and SSDs have gone completely batshit insane. Well, it�s only going to get worse, since Micron has announced it�s going to exit the market for consumer RAM and is, therefore, retiring its Crucial brand. The reason? You know the reason. “The AI-driven growth in the data center has led to a surge in demand for memory and storage. Micron has made the difficult decision to exit the Crucial consumer business in order to improve supply and support for our larger, strategic customers in faster-growing segments,” said Sumit Sadana, EVP and Chief Business Officer at Micron Technology. ↫ Micron�s press release First it was the crypto pyramid scheme, and now it�s the AI! pyramid scheme. These MLMs for unimpressive white males who couldn�t imagine themselves out of a wet paper bag are ruining not just the environment, software, and soon the world�s economy when the bubble pops, but are now also making it extraordinarily expensive to buy some RAM or a bit of storage. Literally nothing good is coming from these techbro equivalents of Harlequin romance novels, and yet, we�re forced to pretend they�re the next coming of the railroads every time some guy who was voted most likely to die a middle manager at Albertsons in Casper, Wyoming, farts his idea out on a napkin. I am so tired.
- Redox takes first baby steps towards a modesetting driver for Intel graphics
An exciting tidbit of news from Redox, the Rust-based operating system. Its founder and lead developer Jeremy Soller has merged the first changes for a modesetting driver for Intel graphics. After a few nights of reading through thousands of pages of PRMs I have finally implemented a modesetting driver for Intel HD graphics on Redox OS. There is much more to do, but there is now a clear path to native hardware accelerated graphics! ↫ Jeremy Soller Of course, all the usual disclaimers apply, but it�s an important first step, and once again underlines that Redox is turning into a very solid platform that might just be on the cusp of becoming something we can use every day.
- MacOS: losing confidence
It�s always a bit sad and a little awkward when reality starts hitting long-time fans and users of an operating system, isn�t it? I feel like I�m at least fifteen years ahead of everyone else when it comes to macOS, at least. Over the last few weeks I’ve been`discovering problems`that have been eroding confidence in macOS. From text files that simply won’t show up in Spotlight search, to Clock timers that are blank and don’t function, there’s one common feature: macOS encounters an error or fault, but doesn’t report that to the user, instead just burying it deep in the log. When you can spare the time, the next step is to contact Apple Support, who seem equally puzzled. You’re eventually advised to reinstall macOS or, in the worst case, to wipe a fairly new Apple silicon Mac and restore it in DFU mode, but have no reason to believe that will stop the problem from recurring. You know that Apple Support doesn’t understand what’s going wrong, and despite the involvement of support engineers, they seem as perplexed as you. ↫ Howard Oakley I remember when Mac OS X was so far ahead of the competition it was honestly a little tragic. Around the late PowerPC and very early Intel days, when the iPhone hadn�t yet had the impact on the company it has now, the Mac and its operating system were the star of the company�s show, and you felt it when you used it. Even though the late PowerPC hardware was being outpaced left, right, and centre by Intel and AMD hardware in virtually every sense, Mac OS X more than made up for it being being a carefully and lovingly crafted operating system designed and developed by people who clearly deeply cared. I used nothing but Macs as a result. These days, everything�s reversed. By all accounts, Macs are doing amazing hardware-wise, with efficient, powerful processors and solid design. The operating system, however, has become a complete and utter mess, showing us that no, merely having great hardware does not make up for shit software in the same way the reverse was true two decades ago. I�d rather use a slower, hotter laptop with great software than a faster, cooler laptop with terrible software. I�m not sure we�re going to see this trend reversed any time soon. Apple, too, is chasing the dragon, and everything the company does is designed around their cash cow, and I just don�t see how that�s going to change without a complete overhaul of the company�s leadership.
- Why is running Linux on a RiscPC so hard?
What if you have a Risc PC, but aside from RISC OS, you also want to run Linux? Well, then you have to jump through a lot of hoops, especially in 2025. Well, this was a mess. I don�t know why Potato is so crashy when I install it. I don�t know why the busybox binary in the Woody initrd is so broken. But I�ve got it installed, and now I can do circa-2004 UNIX things with a machine from 1994. ↫ Jonathan Pallant The journey is definitely the most rewarding experience here for us readers, but I�m fairly sure Pallant is just happy to have a working Linux installation on his Risc PC and wants to mostly forget about that journey. Still, reading about the Risc PC is very welcome, since it�s one of those platforms you just don�t hear about very often between everyone talking about classic Macs and Commodore 64s all the time.
- A vector graphics workstation from the 70s
OK I promised computers, so let’s move to the Tek 4051 I got! Released in 1975, this was based on the 4010 series of terminals, but with a Motorola 6800 computer inside. This machine ran, like so many at the time, BASIC, but with extra subroutines for drawing and manipulating vector graphics. 8KB RAM was standard, but up to 32KB RAM could be installed. Extra software was installed via ROM modules in the back, for example to add DSP routines. Data could be saved on tape, and via RS232 and GBIP external devices could be attached! All in all, a pretty capable machine, especially in 1975. BASIC computers where getting common, but graphics was pretty new. According to Tektronix the 4051 was ideal for researches, analysts and physicians, and this could be yours for the low low price of 6 grand, or around $36.000 in 2025. I could not find sales figures, but it seems that this was a decently successful machine. Tektronix also made the 4052, with a faster CPU, and the 4054, a 19″ 4K resolution behemoth! Tektronix continued making workstations until the 90s but like almost all workstations of the era, x86/Linux eventually took over the entire workstation market. ↫ Rik te Winkel at Just another electronics blog Now that�s a retro computer you don�t see very often.
- Linux Distros Designed for Former Windows Users Are Picking Up Steam
by George Whittaker
For years, Windows users frustrated with constant changes, aggressive updates, and growing system bloat have flirted with switching to Linux. But 2025 marks a noticeable shift: a new generation of Linux distributions built specifically for ex-Windows users is gaining real traction. One of the standout examples is Bazzite, a gaming-optimized Fedora-based distro that has quickly become a go-to choice for people abandoning Windows in favor of a cleaner, more customizable experience.
Why Many Windows Users Are Finally Jumping Ship
Microsoft’s ecosystem has been slowly pushing some users toward the exit. Hardware requirements for Windows 11 left millions of perfectly functional PCs behind. Ads on the Start menu and in system notifications have frustrated many. And for gamers, launcher problems, forced reboots and background processes that siphon resources have driven a search for alternatives.
Linux distributions have benefited from that frustration, especially those that focus on simplicity, performance and gaming readiness.
Gaming-First Distros Are Leading the Movement
Historically, switching to Linux meant sacrificing game compatibility. But with Valve’s Proton layer and Vulkan-based translation technologies, thousands of Windows games now run flawlessly, sometimes better than on Windows.
Distros targeting former Windows users are leaning into this new reality:
Seamless Steam integration
Automatic driver configuration for AMD, Intel and NVIDIA
Built-in performance overlays like MangoHUD
Proton GE and tools for modding or shader fixes
Support for HDR, VR and modern controller layouts
This means a new Linux user can install one of these distros and jump straight into gaming with almost no setup.
Bazzite: A Standout Alternative OS
Bazzite has become the poster child for this trend. Built on Fedora’s image-based system and the Universal Blue infrastructure, it offers an incredibly stable base that updates atomically, similar to SteamOS.
What makes Bazzite so attractive to Windows refugees?
Gaming-ready out of the box no tweaking, no driver hunts
Rock-solid performance thanks to an immutable system layout
Support for handheld PCs like the Steam Deck, ROG Ally and Legion Go
Friendly workflows that feel familiar to new Linux users
Customization without the risk of breaking the system
It’s no surprise that many “I switched to Linux!” posts now mention Bazzite as their distro of choice.
Go to Full Article
- Linux Kernel 6.18 Is Out: What’s New and Important
by George Whittaker
The stable release of Linux Kernel 6.18 was officially tagged on November 30, 2025.
It’s expected to become this year’s major long-term support (LTS) kernel, something many users and distributions care about.
Here’s a breakdown of the most significant changes and improvements in this release:
Core Improvements: Performance, Memory, Infrastructure
The kernel’s memory allocation subsystem gets a major upgrade with “sheaves”, a per-CPU caching layer for slab allocations. This reduces locking overhead and speeds up memory allocation and freeing, improving overall system responsiveness.
A new device-mapper target dm-pcache arrives, enabling use of persistent memory (e.g. NVDIMM/CXL) as a cache layer for block devices, useful for systems with fast non-volatile memory, SSDs, or hybrid storage.
Overall memory management and swapping performance have been improved, which should help under memory pressure or heavy workloads.
Networking & Security Enhancements
Networking gets a boost: support for Accurate Explicit Congestion Notification (AccECN) in TCP, which can provide better congestion signals and more efficient network behaviour under load.
A new option for PSP-encrypted TCP connections has been added, a fresh attempt to push more secure transport-layer encryption (like a more efficient alternative to IPsec/TLS for some workloads) under kernel control.
The kernel now supports cryptographically signed BPF programs (eBPF), so BPF bytecode loaded at runtime can be verified for integrity. This is a noteworthy security hardening step.
The overall security infrastructure and auditing path, including multi-LSM (Linux Security Modules) support, has been refined, improving compatibility for setups using SELinux, AppArmor, or similar simultaneously.
Hardware, Drivers & Architecture Coverage
Kernel 6.18 brings enhanced hardware support: updated and new drivers for many platforms across architectures (x86_64, ARM, RISC-V, MIPS, etc.), including improvements for GPUs, CPU power management, storage controllers, and more.
In particular, support for newer SoCs, chipsets, and embedded-board device trees has been extended, beneficial for people using SBCs, ARM-based laptops/boards, or niche hardware.
For gaming rigs, laptops, and desktops alike: improvements to drivers, power-state management, and performance tuning may lead to better overall hardware efficiency.
Go to Full Article
- Wine 10.19 Released: Game Changing Support for Windows Reparse Points on Linux
by George Whittaker Introduction
If you use Linux and occasionally run Windows applications, whether via native Wine or through gaming layers like Proton, you’ll appreciate what just dropped in Wine 10.19. Released November 14 2025, this version brings a major enhancement: official support for Windows reparse points, a filesystem feature many Windows apps rely on, and a host of other compatibility upgrades.
In simpler terms: Wine now understands more of the Windows filesystem semantics, which means fewer workarounds, better application compatibility, and smoother experiences for many games and tools previously finicky under Linux.
What Are Reparse Points & Why They MatterUnderstanding Reparse Points
On Windows, a reparse point is a filesystem object (file or directory) that carries additional data, often used for symbolic links, junctions, mount points, or other redirection features. When an application opens or queries a file, the OS may check the reparse tag to determine special behavior (for example “redirect this file open to this other path”).
Because many Windows apps, installers, games, DRM systems, file-managers, use reparse points for features like directory redirection, path abstractions, or filesystem overlays, lacking full support for them in Wine means those apps often misbehave.
What Wine 10.19 Adds
With Wine 10.19, support for these reparse point mechanisms has been implemented in key filesystem APIs: for example NtQueryDirectoryFile, GetFileInfo, file attribute tags, and DeleteFile/RemoveDirectory for reparse objects.
This means that in Wine 10.19:
Windows apps that create or manage symbolic links, directory junctions or mount-point style re-parsing will now function correctly in many more cases.
Installers or frameworks that rely on “when opening path X, redirect to path Y” will work with less tinkering.
Games or utilities that check for reparse tags or use directory redirections will have fewer “stuck” behaviors or missing files.
In effect, this is a step toward closer to native behavior for Windows file-system semantics under Linux.
Other Key Highlights in Wine 10.19
Beyond reparse points, the release brings several notable improvements:
Expanded support for WinRT exceptions (Windows Runtime error handling) meaning better compatibility for Universal Windows Platform (UWP) apps and newer Windows-based frameworks.
Refactoring of “Common Controls” (COMCTL32) following the version 5 vs version 6 split, which helps GUI applications that rely on older controls or expect mixed versions.
Go to Full Article
- Firefox 145: A Major Release with 32-Bit Linux Support Dropped
by George Whittaker Introduction
Mozilla has rolled out Firefox 145, a significant update that brings a range of usability, security and privacy enhancements, while marking a clear turning point by discontinuing official support for 32-bit Linux systems. For users on older hardware or legacy distros, this change means it’s time to consider moving to a 64-bit environment or opting for a supported version.
Here’s a detailed look at what’s new, what’s changed, and what you need to know.
Major Changes in Firefox 145End of 32-Bit Linux Builds
One of the headline items in this release is Mozilla’s decision to stop building and distributing Firefox for 32-bit x86 Linux. As per their announcement:
“32-bit Linux (on x86) is no longer widely supported by the vast majority of Linux distributions, and maintaining Firefox on this platform has become increasingly difficult and unreliable.”
From Firefox 145 onward, only 64-bit (x86_64) and relevant 64-bit architectures (such as ARM64) will be officially supported. For those still running 32-bit Linux builds, Mozilla recommends migrating to 64-bit or switching to the Extended Support Release (ESR) branch (Firefox 140 ESR) which still supports 32-bit for a limited period.
Usability & Interface Enhancements
Firefox 145 brings several improvements designed to make everyday web browsing smoother and more flexible:
PDF viewer enhancements: You can now add, edit, and delete comments in PDFs, and a comments sidebar helps you easily navigate your annotations.
Tab-group preview: When you hover over the name of a collapsed tab group, a thumbnail preview of the tabs inside appears, helpful for reorganizing or returning to work.
Access saved passwords from the sidebar, without needing to open a new tab or window.
“Open links from apps next to your active tab” setting: When enabled, links opened from external applications insert next to your current tab instead of at the end of the tab bar.
Slight UI refinements: Buttons, input fields, tabs and other elements get more rounded edges, horizontal tabs are redesigned to align with vertical-tab aesthetics.
Privacy, Security & Under-the-Hood Upgrades
Mozilla has also doubled down on privacy and risk reduction:
Fingerprinting defenses: Firefox 145 introduces new anti-fingerprinting techniques that Mozilla estimates reduce the number of users identified as unique by nearly half when Private Browsing mode or Enhanced Tracking Protection (strict) is used.
Go to Full Article
- MX Linux 25 ‘Infinity’ Arrives: Debian 13 ‘Trixie’ Base, Modern Tools & A Fresh Installer
by George Whittaker Introduction
The team behind MX Linux has just released version 25, carrying the codename “Infinity”, and it brings a significant upgrade by building upon the stable base of Debian 13 “Trixie”. Released on November 9, 2025, this edition doesn’t just refresh the desktop, it introduces modernized tooling, updated kernels, dual init-options, and installer enhancements aimed at both newcomers and long-time users.
In the sections that follow, we’ll walk through the key new features of MX Linux 25, what’s changed for each desktop edition, recommended upgrade or fresh-install paths, and why this release matters in the wider Linux-distribution ecosystem.
What’s New in MX Linux 25 “Infinity”
Here are the headline changes and improvements that define this release:
Debian 13 “Trixie” Base
By moving to Debian 13, Infinity inherits all the stability, security updates, and broader hardware support of the latest Debian stable release. The base system now aligns with Trixie’s libraries, kernels, and architecture support.
Kernel Choices & Hardware Support
The standard editions ship with the Linux 6.12 LTS kernel series, offering a solid baseline for most hardware.
For newer hardware or advanced users, the “AHS” (Advanced Hardware Support) variants and the KDE Plasma edition adopt a Liquorix-flavored Linux 6.16 (or 6.15 in some variants) kernel, maximizing performance and compatibility with cutting-edge setups.
Dual Init Option: systemd and SysVinit
Traditionally associated with lighter-weight init options, MX Linux now offers both systemd by default and SysVinit editions (particularly for Xfce and Fluxbox variants). This gives users the freedom to choose their init system preference without losing new features.
Updated Desktop Environments
Xfce edition: Ships with Xfce 4.20. Improvements include a revamped Whisker Menu, updated archive management tools (Engrampa replacing File Roller in some editions).
KDE Plasma edition: Uses KDE Plasma 6.3.6, defaults to Wayland for a modern session experience (with X11 still optionally available), adds root-actions and service menus to Dolphin, and switches TLP out for power-profiles-daemon to resolve power widget issues.
Fluxbox edition: Offers a more minimal, highly customizable environment: new panel layouts, updated “appfinder” configs for Rofi, toolbar changes and themes refined. Defaults the audio player to Audacious (instead of the older DeaDBeeF).
Go to Full Article
- Arch Linux November 2025 ISO: Fresh Snapshot, Smarter Installer (Archinstall 3.0.12) & Pacman 7.1
by George Whittaker
Arch Linux has shipped its November 2025 ISO snapshot (2025.11.01), and while Arch remains a rolling distribution, these monthly images are a big deal, especially for new installs, labs, and homelab deployments. This time, the ISO lands alongside two important pieces:
Archinstall 3.0.12 – a more polished, smarter TUI installer
Pacman 7.1 – a package manager update with stricter security and better tooling
If you’ve been thinking about spinning up a fresh Arch box, or you’re curious what changed under the hood, this release is a very nice jumping-on point.
Why Arch Still Ships Monthly ISOs in a Rolling World
Arch is famous for its “install once, update forever” model. Technically, you could install from a two-year-old image and just run:
sudo pacman -Syu
…but in practice, that’s painful:
Huge initial update downloads
Possible breakage jumping across many months of changes
Outdated installer tooling
That’s why the project publishes a monthly snapshot ISO: it rolls all current packages into a fresh image so you:
Start with a current kernel and userland
Spend less time updating right after install
Get the latest Archinstall baked in (or just a pacman -Sy archinstall away)
The 2025.11.01 ISO is exactly that: Arch as of early November 2025, ready to go.
What’s Inside the November 2025 ISO (2025.11.01)
The November snapshot doesn’t introduce new features by itself, it’s a frozen image of current Arch, but a few details are worth calling out:
Ships with a Linux 6.17.x kernel, including improved AMD/Intel GPU support and updated Btrfs bits.
Includes all the usual base packages plus current toolchains, drivers, and desktop stacks from the rolling repos.
The image is intended only for new installs; existing Arch systems should keep using pacman -Syu for upgrades.
You can download it from the official Arch Linux download page or via BitTorrent mirrors.
One small twist: the ISO itself still ships with Archinstall 3.0.11, but 3.0.12 was released the same day – so we’ll grab the newer version from the repos before running the installer.
Archinstall 3.0.12: What’s Actually New?
Archinstall has evolved from “nice experiment” to “pretty solid way to install Arch” if you don’t want to script everything yourself. Version 3.0.12 is a refinement release focused on stability, storage, and bootloader logic.
Go to Full Article
- AMD Confirms Zen 5 RNG Flaw: When ‘Random’ Isn’t Random Enough
by George Whittaker
AMD has officially confirmed a high-severity security vulnerability in its new Zen 5–based CPUs, and it’s a nasty one because it hits cryptography right at the source: the hardware random number generator.
Here’s a clear breakdown of what’s going on, how bad it really is, and what you should do if you’re running Zen 5.
What AMD Just Confirmed
AMD’s security bulletin AMD-SB-7055, now tracked as CVE-2025-62626, describes a bug in the RDSEED instruction on Zen 5 processors. Under certain conditions, the CPU can:
Return the value 0 from RDSEED far more often than true randomness would allow
Still signal “success” (carry flag CF=1), so software thinks it got a good random value
The issue affects the 16-bit and 32-bit forms of RDSEED on Zen 5; the 64-bit form is not affected.
Because RDSEED is used to feed cryptographically secure random number generators (CSPRNGs), a broken RDSEED can poison keys, tokens, and other security-critical values.
AMD classifies the impact as:
Loss of confidentiality and integrity (High severity).
How the Vulnerability Works (In Plain English)What RDSEED Is Supposed to Do
Modern CPUs expose hardware instructions like RDRAND and RDSEED:
RDRAND: Gives you pseudo-random values from a DRBG that’s already been seeded.
RDSEED: Gives you raw entropy samples suitable for seeding cryptographic PRNGs (it should be very close to truly random).
Software like TLS libraries, key generators, HSM emulators, and OS RNGs may rely directly or indirectly on RDSEED to bootstrap secure randomness.
What’s Going Wrong on Zen 5
On affected Zen 5 CPUs:
The 16-bit and 32-bit RDSEED variants sometimes return 0 much more often than a true random source should.
Even worse, they simultaneously report success (CF=1), so software assumes the value is fine rather than retrying.
In cryptographic terms, this means:
Entropy can be dramatically reduced (many key bits become predictable or even fixed).
Keys or nonces derived from those values can become partially or fully guessable.
Go to Full Article
- The Most Critical Linux Kernel Breaches of 2025 So Far
by George Whittaker
The Linux kernel, foundational for servers, desktops, embedded systems, and cloud infrastructure, has been under heightened scrutiny. Several vulnerabilities have been exploited in real-world attacks, targeting critical subsystems and isolation layers. In this article, we’ll walk through major examples, explain their significance, and offer actionable guidance for defenders.
CVE-2025-21756 – Use-After-Free in the vsock Subsystem
One of the most alarming flaws this year involves a use-after-free vulnerability in the Linux kernel’s vsock implementation (Virtual Socket), which enables communication between virtual machines and their hosts.
How the exploit works:A malicious actor inside a VM (or other privileged context) manipulates reference counters when a vsock transport is reassigned. The code ends up freeing a socket object while it’s still in use, enabling memory corruption and potentially root-level access.
Why it matters:Since vsock is used for VM-to-host and inter-VM communication, this flaw breaks a key isolation barrier. In multi-tenant cloud environments or container hosts that expose vsock endpoints, the impact can be severe.
Mitigation:Kernel maintainers have released patches. If your systems run hosts, hypervisors, or other environments where vsock is present, make sure the kernel is updated and virtualization subsystems are patched.
CVE-2025-38236 – Out-of-Bounds / Sandbox Escape via UNIX Domain Sockets
Another high-impact vulnerability involves the UNIX domain socket interface and the MSG_OOB flag. The bug was publicly detailed in August 2025 and is already in active discussion.
Attack scenario:A process running inside a sandbox (for example a browser renderer) can exploit MSG_OOB operations on a UNIX domain socket to trigger a use-after-free or out-of-bounds read/write. That allows leaking kernel pointers or memory and then chaining to full kernel privilege escalation.
Why it matters:This vulnerability is especially dangerous because it bridges from a low-privilege sandboxed process to kernel-level compromise. Many systems assume sandboxed code is safe; this attack undermines that assumption.
Mitigation:Distributions and vendors (like browser teams) have disabled or restricted MSG_OOB usage for sandboxed contexts. Kernel patches are available. Systems that run browser sandboxes or other sandboxed processes need to apply these updates immediately.
CVE-2025-38352 – TOCTOU Race Condition in POSIX CPU Timers
In September 2025, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
Go to Full Article
- Steam Deck 2 Rumors Ignite a New Era for Linux Gaming
by George Whittaker
The speculation around a successor to the Steam Deck has stirred renewed excitement, not just for a new handheld, but for what it signals in Linux-based gaming. With whispers of next-gen specs, deeper integration of SteamOS, and an evolving handheld PC ecosystem, these rumors are fueling broader hopes that Linux gaming is entering a more mature age. In this article we look at the existing rumors, how they tie into the Linux gaming landscape, why this matters, and what to watch.
What the Rumours Suggest
Although Valve has kept things quiet, multiple credible outlets report about the Steam Deck 2 being in development and potentially arriving well after 2026. Some of the key tid-bits:
Editorials note that Valve isn’t planning a mere spec refresh; it wants a “generational leap in compute without sacrificing battery life”.
A leaked hardware slide pointed to an AMD “Magnus”-class APU built on Zen 6 architecture being tied to next-gen handhelds, including speculation about the Steam Deck 2.
One hardware leaker (KeplerL2) cited a possible 2028 launch window for the Steam Deck 2, which would make it roughly 6 years after the original.
Valve’s own design leads have publicly stated that a refresh with only 20-30% more performance is “not meaningful enough”, implying they’re waiting for a more substantial upgrade.
In short: while nothing is official yet, there’s strong evidence that Valve is working on the next iteration and wants it to be a noteworthy jump, not just a minor update.
Why This Matters for Linux Gaming
The rumoured arrival of the Steam Deck 2 isn’t just about hardware, it reflects and could accelerate key inflection points for Linux & gaming:
Validation of SteamOS & Linux Gaming
The original Steam Deck, running SteamOS (a Linux-based OS), helped prove that PC gaming doesn’t always require Windows. A well-received successor would further validate Linux as a first-class gaming platform, not a niche alternative but a mainstream choice.
Handheld PC Ecosystem Momentum
Since the first Deck, many Windows-based handhelds have entered the market (such as the ROG Ally, Lenovo Legion Go). Rumours of the Deck 2 keep spotlight on the form factor and raise expectations for Linux-native handhelds. This momentum helps encourage driver, compatibility and OS investments from the broader community.
Go to Full Article
- Kali Linux 2025.3 Lands: Enhanced Wireless Capabilities, Ten New Tools & Infrastructure Refresh
by George Whittaker Introduction
The popular penetration-testing distribution Kali Linux has dropped its latest quarterly snapshot: version 2025.3. This release continues the tradition of the rolling-release model used by the project, offering users and security professionals a refreshed toolkit, broader hardware support (especially wireless), and infrastructure enhancements under the hood. With this update, the distribution aims to streamline lab setups, bolster wireless hacking capabilities (particularly on Raspberry Pi devices), and integrate modern workflows including automated VMs and LLM-based tooling.
In this article, we’ll walk through the key highlights of Kali Linux 2025.3, how the changes affect users (both old and new), the upgrade path, and what to keep in mind for real-world deployment.
What’s New in Kali Linux 2025.3
This snapshot from the Kali team brings several categories of improvements: tooling, wireless/hardware support, architecture changes, virtualization/image workflows, UI and plugin tweaks. Below is a breakdown of the major updates.
Tooling Additions: Ten Fresh Packages
One of the headline items is the addition of ten new security tools to the Kali repositories. These tools reflect shifts in the field, toward AI-augmented recon, advanced wireless simulation and pivoting, and updated attack surface coverage. Among the additions are:
Caido and Caido-cli – a client-server web-security auditing toolkit (graphical client + backend).
Detect It Easy (DiE) – a utility for identifying file types, a useful tool in reverse engineering workflows.
Gemini CLI – an open-source AI agent that integrates Google’s Gemini (or similar LLM) capabilities into the terminal environment.
krbrelayx – a toolkit focused on Kerberos relaying/unconstrained delegation attacks.
ligolo-mp – a multiplayer pivoting solution for network-lateral movement.
llm-tools-nmap – allows large-language-model workflows to drive Nmap scans (automated/discovery).
mcp-kali-server – configuration tooling to connect an AI agent to Kali infrastructure.
patchleaks – a tool that detects security-fix patches and provides detailed descriptions (useful both for defenders and auditors).
vwifi-dkms – enables creation of “dummy” Wi-Fi networks (virtual wireless interfaces) for advanced wireless testing and hacking exercises.
Go to Full Article
|
