|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All)
(Two Column)
- Kernel prepatch 6.19-rc1
Linus has released 6.19-rc1, perhaps a bitearlier than expected.
So it's Sunday afternoon in the part of the world where I am now, so if somebody was looking at trying to limbo under the merge window timing with one last pull request and is taken by surprise by the slightly unusual timing of the rc1 release, that failed.
Teaching moment, or random capricious acts? You be the judge.
- Conill: Rethinking sudo with object capabilities
Ariadne Conill isexploring a capability-based approach to privilege escalation on Linuxsystems.
Inspired by the object-capability model, I've been working on a project named capsudo. Instead of treating privilege escalation as a temporary change of identity, capsudo reframes it as a mediated interaction with a service called capsudod that holds specific authority, which may range from full root privileges to a narrowly scoped set of capabilities depending on how it is deployed.
- [$] The state of the kernel Rust experiment
The ability to write kernel code in Rust was explicitly added as anexperiment — if things did not go well, Rust would be removed again. Atthe 2025 Maintainers Summit, a session was held to evaluate the state ofthat experiment, and to decide whether the time had come to declare theresult to be a success. The (arguably unsurprising) conclusion was thatthe experiment is indeed a success, but there were some interesting pointsmade along the way.
- Three new stable kernels
Greg Kroah-Hartman has released the 6.18.1, 6.17.12, and 6.12.62 stablekernels. Each contains important fixes; users of those kernelsare advised to upgrade.
- [$] Best practices for linux-next
One of the key components in the kernel's development process is thelinux-next repository. Every day, a large number of branches, eachcontaining commits intended for the next kernel development cycle, ispulled into linux-next and integrated. If there are conflicts betweenbranches, the linux-next process will reveal them. In theory, many othertypes of problems can be found as well. Some developers feel thatlinux-next does not work as well as it could, though. At the 2025Maintainers Summit, Mark Brown, who helps to keep linux-next going, led asession on how it could be made to work more effectively.
- KDE Gear 25.12 released
KDE has announced therelease of KDE Gear 25.12. This release adds more"extractors" to the Itinerary travel-assistantapplication, improved Git support in the Kate text editor, better PDFexport in Konqueror, andmuch more. See the changelogfor all new features, improvements, and bug fixes.
- Security updates for Friday
Security updates have been issued by AlmaLinux (firefox, luksmeta, mysql, mysql:8.0, mysql:8.4, tomcat, and wireshark), Debian (chromium, kernel, and tzdata), Fedora (brotli, dr_libs, perl-Alien-Brotli, python-urllib3, singularity-ce, wireshark, and yarnpkg), Oracle (firefox, grafana, lasso, libsoup3, luksmeta, ruby, ruby:3.3, tomcat, and wireshark), Slackware (mozilla), SUSE (container-suseconnect, kubernetes-client, libpoppler-cpp2, postgresql14, postgresql15, and python3), and Ubuntu (c-ares, keystone, linux, linux-aws, linux-aws-5.15, linux-azure, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-oracle-5.15, linux-xilinx-zynqmp, linux-azure, linux-azure-4.15, linux-oracle,, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux-fips, linux-aws-fips, linux-gcp-fips, linux-hwe-6.8, linux-oracle-6.8, linux-raspi, linux-realtime, linux-intel-iot-realtime, and python-urllib3).
- Pop!_OS 24.04 LTS released
Version 24.04 LTS of the Ubuntu-based Pop!_OS distribution hasbeen released with the COSMIC Desktop Environment:
Today is special not only in that it's the culmination of overthree years of work, but even more so in that System76 has built acomplete desktop environment for the open source community. We'reproud of this contribution to the open source ecosystem. COSMIC isbuilt on the ethos that the best open source projects enable people tonot only use them, but to build with them. COSMIC is modular andcomposable. It's the flagship experience for Pop!_OS in its own way,and can be adapted by anyone that wants to build their own unique userexperience for Linux.
In addition to the COSMIC desktop environment, Pop!_OS is nowavailable for Arm computers with the 24.04 LTS release, and thedistribution has added hybrid graphics support for better batterylife. LWN covered analpha version of COSMIC in August 2024.
- Rust 1.92.0 released
Version1.92.0 of Rust has been released. This release includes a numberof stabilized APIs, emits unwind tables by default on Linux, validatesinput to #[macro_export], and much more. See the separaterelease notes for Rust,Cargo,and Clippy.
- [$] Toward a policy for machine-learning tools in kernel development
The first topic of discussion at the 2025 Maintainers Summit has been inthe air for a while: what role — if any — should machine-learning-basedtools have in the kernel development process? While there has been a fairamount of controversy around these tools, and concerns remain, it seemsthat the kernel community, or at least its high-level maintainership, iscomfortable with these tools becoming a significant part of the developmentprocess.
- Security updates for Thursday
Security updates have been issued by Debian (ffmpeg, firefox-esr, libsndfile, and rear), Fedora (httpd, perl-CGI-Simple, and tinyproxy), Oracle (firefox, kernel, libsoup, mysql8.4, tigervnc, tomcat, tomcat9, and uek-kernel), SUSE (alloy, curl, dovecot24, fontforge, glib2, himmelblau, java-17-openjdk, java-21-openjdk, kernel, krb5, lasso, libvirt, mozjs128, mysql-connector-java, nvidia-open-driver-G07-signed-check, openssh, poppler, postgresql17, postgresql18, python-cbor2, python-Django, python310, python311-Django, runc, strongswan, tomcat11, and xwayland), and Ubuntu (binutils, libpng1.6, linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-6.14, linux-gcp, linux-hwe-6.14, linux-raspi, linux, linux-aws, linux-gcp, linux-realtime, and qtbase-opensource-src).
- [$] LWN.net Weekly Edition for December 11, 2025
Inside this week's LWN.net Weekly Edition:
Front: Rust in CPython; Python frozendict; Bazzite; IETF post-quantum disagreement; Distrobox; 6.19 merge window; Leaving the TAB. Briefs: Let's Encrypt retrospective; PKI infrastructure; Rust in kernel to stay; CNA series; Alpine 3.23.0; cmocka 2.0; Firefox 146; 2024 Free Software Awards; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- 10 Years of Let's Encrypt Certificates
Let's Encrypt has publisheda retrospective that covers the decade since it published its firstpublicly trusted certificate in September 2015:
In March 2016, we issued our one millionth certificate. Just two yearslater, in September 2018, we were issuing a million certificates everyday. In 2020 we reached a billion total certificates issued and as oflate 2025 we're frequently issuing ten million certificates perday. We're now on track to reach a billion active sites, probablysometime in the coming year.
- Kroah-Hartman: Linux CVEs, more than you ever wanted to know
Greg Kroah-Hartman is writinga series of blog posts about Linux becoming a CertificateNumbering Authority (CNA):
It's been almost 2 full years since Linux became a CNA (CertificateNumbering Authority) which meant that we (i.e. the kernel.orgcommunity) are now responsible for issuing all CVEs for the Linuxkernel. During this time, we've become one of the largest creators ofCVEs by quantity, going from nothing to number 3 in 2024 to number 1in 2025. Naturally, this has caused some questions about how we areboth doing all of this work, and how people can keep track of it.
So far, Kroah-Hartman has published the introductory post, as wellas a detailedpost about kernel version numbers that is well worth reading.
- Linuxiac Weekly Wrap-Up: Week 50 (Dec 8 – 14, 2025)
Catch up on the latest Linux news: Pop!_OS 24.04 LTS launches with COSMIC 1.0, Kali Linux 2025.4, Manjaro 25.1 Preview, Cinnamon 6.6, Plasma 6.5.4, Firefox 146, GNOME to reject AI-generated Shell extensions, and more.
- Linux 6.19-rc1 Released From Japan
The Linux 6.19-rc1 kernel is out to cap off the Linux 6.19 merge window. The kernel release is coming the better part of a day earlier due to Linus Torvalds being in Japan for this past week's Linux Plumbers Conference and Linux Kernel Maintainer Summit...
- Jetson Thor industrial PC pairs 25GbE networking with optional GMSL2 camera support
FORECR has introduced the DSBOX-THRMAX, an industrial box PC based on NVIDIA’s Jetson Thor (T5000) module, targeting robotics, autonomous machines, and edge deployments that require high compute density, real-time processing, and multi-sensor support. The platform is based on the NVIDIA Jetson T5000 module, which is specified to deliver up to 2070 TFLOPS of AI performance […]
- HealthyPi 6 provides open-source biosignal acquisition for research and education
The HealthyPi 6 is an open-source biosignal acquisition platform available through Crowd Supply, targeting academic research, education, and digital health prototyping. The system supports standalone acquisition and visualization of physiological data without relying on a PC or cloud service. The platform is built around a tri-core processing architecture. The main controller is STMicroelectronics’ STM32H757, combining […]
- TrixiePup64 11.2 Released For Debian-Based Puppy Linux With Wayland & X11 Options
For those with fond memories of the original Puppy Linux as a lightweight Linux distribution that used to run well back in the day on systems with less than 1GB of RAM, TrixiePup64 is out with a new release of this Puppy Linux based distribution with Debian GNU/Linux components. The new TrixiePup64 11.2 release is based on the latest Debian Trixie sources while continuing to offer separate builds for either X11 or Wayland usage...
- RISC-V-based ESP32-P4 handheld integrates AMOLED display and LoRa
LILYGO has introduced the T-Display P4, a handheld development board built around Espressif’s ESP32-P4 application processor and a companion ESP32-C6 for wireless connectivity. The platform targets portable HMIs, sensor-equipped field devices, and edge systems that require a display, camera support, and multiple radios in a compact enclosure. Measuring about 63 × 109 × 22 mm, […]
- LoongArch32 Support Begins Taking Shape In Linux 6.19, GCC 16
The LoongArch CPU architecture changes have been merged for the Linux 6.19 merge window. This domestic Chinese CPU architecture inspired by MIPS and RISC-V began with 64-bit LoongArch64 but with Linux 6.19 the foundation is being laid for LoongArch32 as a 32-bit variant...
- Like Australia, Denmark Plans to Severely Restrict Social Media Use for Teenagers
"As Australia began enforcing a world-first social media ban for children under 16 years old this week, Denmark is planning to follow its lead," reports the Associated Press, "and severely restrict social media access for young people."The Danish government announced last month that it had secured an agreement by three governing coalition and two opposition parties in parliament to ban access to social media for anyone under the age of 15. Such a measure would be the most sweeping step yet by a European Union nation to limit use of social media among teens and children. The Danish government's plans could become law as soon as mid-2026. The proposed measure would give some parents the right to let their children access social media from age 13, local media reported, but the ministry has not yet fully shared the plans... [A] new "digital evidence" app, announced by the Digital Affairs Ministry last month and expected to launch next spring, will likely form the backbone of the Danish plans. The app will display an age certificate to ensure users comply with social media age limits, the ministry said. The article also notes Malaysia "is expected to ban social media accounts for people under the age of 16 starting at the beginning of next year, and Norway is also taking steps to restrict social media access for children and teens. "China — which manufacturers many of the world's digital devices — has set limits on online gaming time and smartphone time for kids."
Read more of this story at Slashdot.
- CEOS Plan to Spend More on AI in 2026 - Despite Spotty Returns
The Wall Street Journal reports that 68% of CEOs "plan to spend even more on AI in 2026, according to an annual survey of more than 350 public-company CEOs from advisory firm Teneo."And yet "less than half of current AI projects had generated more in returns than they had cost, respondents said." They reported the most success using AI in marketing and customer service and challenges using it in higher-risk areas such as security, legal and human resources. Teneo also surveyed about 400 institutional investors, of which 53% expect that AI initiatives would begin to deliver returns on investments within six months. That compares to the 84% of CEOs of large companies — those with revenue of $10 billion or more — who believe it will take more than six months. Surprisingly, 67% of CEOs believe AI will increase their entry-level head count, while 58% believe AI will increase senior leadership head count. All the surveyed CEOS were from public companies with revenue over $1 billion...
Read more of this story at Slashdot.
- 'Investors in Limbo'. Will the TikTok Deal's Deadline Be Extended Again?
An anonymous reader shared this report from the BBC:A billionaire investor keen on buying TikTok's US operations has told the BBC he has been left in limbo as the latest deadline for the app's sale looms. The US has repeatedly delayed the date by which the platform's Chinese owner, Bytedance, must sell or be blocked for American users. US President Donald Trump appears poised to extend the deadline for a fifth time on Tuesday. "We're just standing by and waiting to see what happens," investor Frank McCourt told BBC News... The president...said "sophisticated" US investors would acquire the app, including two of his allies: Oracle chairman Larry Ellison and Dell Technologies' Michael Dell. Members of the Trump administration had indicated the deal would be formalised in a meeting between Trump and Xi in October — however it concluded without an agreement being reached. Neither TikTok's Chinese owner ByteDance nor Beijing have since announced approval of a sale, despite Trump's claims. This time there are no such claims a deal is imminent, leading most analysts to conclude another extension is inevitable. Other investors besides McCourt include Reddit co-founder Alexis Ohanian and Shark Tank entrepreneur Kevin O'Leary.
Read more of this story at Slashdot.
- Podcast Industry Under Siege as AI Bots Flood Airways with Thousands of Programs
An anonymous reader shared this report from the Los Angeles Times:Popular podcast host Steven Bartlett has used an AI clone to launch a new kind of content aimed at the 13 million followers of his podcast "Diary of a CEO." On YouTube, his clone narrates "100 CEOs With Steven Bartlett," which adds AI-generated animation to Bartlett's cloned voice to tell the life stories of entrepreneurs such as Steve Jobs and Richard Branson. Erica Mandy, the Redondo Beach-based host of the daily news podcast called "The Newsworthy," let an AI voice fill in for her earlier this year after she lost her voice from laryngitis and her backup host bailed out... In podcasting, many listeners feel strong bonds to hosts they listen to regularly. The slow encroachment of AI voices for one-off episodes, canned ad reads, sentence replacement in postproduction or translation into multiple languages has sparked anger as well as curiosity from both creators and consumers of the content. Augmenting or replacing host reads with AI is perceived by many as a breach of trust and as trivializing the human connection listeners have with hosts, said Megan Lazovick, vice president of Edison Research, a podcast research company... Still, platforms such as YouTube and Spotify have introduced features for creators to clone their voice and translate their content into multiple languages to increase reach and revenue. A new generation of voice cloning companies, many with operations in California, offers better emotion, tone, pacing and overall voice quality... Some are using the tech to carpet-bomb the market with content. Los Angeles podcasting studio Inception Point AI has produced its 200,000 podcast episodes, in some weeks accounting for 1% of all podcasts published that week on the internet, according to CEO Jeanine Wright. The podcasts are so cheap to make that they can focus on tiny topics, like local weather, small sports teams, gardening and other niche subjects. Instead of a studio searching for a specific "hit" podcast idea, it takes just $1 to produce an episode so that they can be profitable with just 25 people listening... One of its popular synthetic hosts is Vivian Steele, an AI celebrity gossip columnist with a sassy voice and a sharp tongue... Inception Point has built a roster of more than 100 AI personalities whose characteristics, voices and likenesses are crafted for podcast audiences. Its AI hosts include Clare Delish, a cooking guidance expert, and garden enthusiastNigel Thistledown... Across Apple and Spotify, Inception Point podcasts have now garnered 400,000 subscribers.
Read more of this story at Slashdot.
- Entry-Level Tech Workers Confront an AI-Fueled Jobpocalypse
AI "has gutted entry-level roles in the tech industry," reports Rest of World. One student at a high-ranking engineering college in India tells them that among his 400 classmates, "fewer than 25% have secured job offers... there's a sense of panic on the campus."Students at engineering colleges in India, China, Dubai, and Kenya are facing a "jobpocalypse" as artificial intelligence replaces humans in entry-level roles. Tasks once assigned to fresh graduates, such as debugging, testing, and routine software maintenance, are now increasingly automated. Over the last three years, the number of fresh graduates hired by big tech companies globally has declined by more than 50%, according to a report published by SignalFire, a San Francisco-based venture capital firm. Even though hiring rebounded slightly in 2024, only 7% of new hires were recent graduates. As many as 37% of managers said they'd rather use AI than hire a Gen Z employee... Indian IT services companies have reduced entry-level roles by 20%-25% thanks to automation and AI, consulting firm EY said in a report last month. Job platforms like LinkedIn, Indeed, and Eures noted a 35% decline in junior tech positions across major EU countries during 2024... "Five years ago, there was a real war for [coders and developers]. There was bidding to hire," and 90% of the hires were for off-the-shelf technical roles, or positions that utilize ready-made technology products rather than requiring in-house development, said Vahid Haghzare, director at IT hiring firm Silicon Valley Associates Recruitment in Dubai. Since the rise of AI, "it has dropped dramatically," he said. "I don't even think it's touching 5%. It's almost completely vanished." The company headhunts workers from multiple countries including China, Singapore, and the U.K... The current system, where a student commits three to five years to learn computer science and then looks for a job, is "not sustainable," Haghzare said. Students are "falling down a hole, and they don't know how to get out of it."
Read more of this story at Slashdot.
- Polar Bears are Rewiring Their Own Genetics to Survive a Warming Climate
"Polar bears are still sadly expected to go extinct this century," with two-thirds of the population gone by 2050," says the lead researcher on a new study from the University of East Anglia in Britain. But their research also suggests polar bears "are rapidly rewiring their own genetics in a bid to survive," reports NBC News, in "the first documented case of rising temperatures driving genetic change in a mammal.""I believe our work really does offer a glimmer of hope — a window of opportunity for us to reduce our carbon emissions to slow down the rate of climate change and to give these bears more time to adapt to these stark changes in their habitats," [the lead author of the study told NBC News]. Building on earlier University of Washington research, [lead researcher] Godden's team analyzed blood samples from polar bears in northeastern and southeastern Greenland. In the slightly warmer south, they found that genes linked to heat stress, aging and metabolism behaved differently from those in northern bears. "Essentially this means that different groups of bears are having different sections of their DNA changed at different rates, and this activity seems linked to their specific environment and climate," Godden said in a university press release. She said this shows, for the first time, that a unique group of one species has been forced to "rewrite their own DNA," adding that this process can be considered "a desperate survival mechanism against melting sea ice...." Researchers say warming ocean temperatures have reduced vital sea ice platforms that the bears use to hunt seals, leading to isolation and food scarcity. This led to genetic changes as the animals' digestive system adapts to a diet of plants and low fats in the absence of prey, Godden told NBC News.
Read more of this story at Slashdot.
- America Adds 11.7 GW of New Solar Capacity in Q3 - Third Largest Quarter on Record
America's solar industry "just delivered another huge quarter," reports Electrek, "installing 11.7 gigawatts (GW) of new capacity in Q3 2025. That makes it the third-largest quarter on record and pushes total solar additions this year past 30 GW..."According to the new "US Solar Market Insight Q4 2025" report from Solar Energy Industries Association (SEIA) and Wood Mackenzie, 85% of all new power added to the grid during the first nine months of the Trump administration came from solar and storage. And here's the twist: Most of that growth — 73% — happened in red [Republican-leaning] states. Eight of the top 10 states for new installations fall into that category, including Texas, Indiana, Florida, Arizona, Ohio, Utah, Kentucky, and Arkansas... Two new solar module factories opened this year in Louisiana and South Carolina, adding a combined 4.7 GW of capacity. That brings the total new U.S. module manufacturing capacity added in 2025 to 17.7 GW. With a new wafer facility coming online in Michigan in Q3, the U.S. can now produce every major component of the solar module supply chain... SEIA also noted that, following an analysis of EIA data, it found that more than 73 GW of solar projects across the U.S. are stuck in permitting limbo and at risk of politically motivated delays or cancellations.
Read more of this story at Slashdot.
- Purdue University Approves New AI Requirement For All Undergrads
Nonprofit Code.org released its 2025 State of AI & Computer Science Education report this week with a state-by-state analysis of school policies complaining that "0 out of 50 states require AI+CS for graduation." But meanwhile, at the college level, "Purdue University will begin requiring that all of its undergraduate students demonstrate basic competency in AI," writes former college president Michael Nietzel, "starting with freshmen who enter the university in 2026."The new "AI working competency" graduation requirement was approved by the university's Board of Trustees at its meeting on December 12... The requirement will be embedded into every undergraduate program at Purdue, but it won't be done in a "one-size-fits-all" manner. Instead, the Board is delegating authority to the provost, who will work with the deans of all the academic colleges to develop discipline-specific criteria and proficiency standards for the new campus-wide requirement. [Purdue president] Chiang said students will have to demonstrate a working competence through projects that are tailored to the goals of individual programs. The intent is to not require students to take more credit hours, but to integrate the new AI expectation into existing academic requirements... While the news release claimed that Purdue may be the first school to establish such a requirement, at least one other university has introduced its own institution-wide expectation that all its graduates acquire basic AI skills. Earlier this year, The Ohio State University launched an AI Fluency initiative, infusing basic AI education into core undergraduate requirements and majors, with the goal of helping students understand and use AI tools — no matter their major. Purdue wants its new initiative to help graduates: — Understand and use the latest AI tools effectively in their chosen fields, including being able to identify the key strengths and limits of AI technologies; — Recognize and communicate clearly about AI, including developing and defending decisions informed by AI, as well as recognizing the influence and consequences of AI in decision-making; — Adapt to and work with future AI developments effectively.
Read more of this story at Slashdot.
- Repeal Section 230 and Its Platform Protections, Urges New Bipartisan US Bill
U.S. Senator Sheldon Whitehouse said Friday he was moving to file a bipartisan bill to repeal Section 230 of America's Communications Decency Act. "The law prevents most civil suits against users or services that are based on what others say," explains an EFF blog post."Experts argue that a repeal of Section 230 could kill free speech on the internet," writes LiveMint — though America's last two presidents both supported a repeal:During his first presidency, U.S. President Donald Trump called to repeal the law and signed an executive order attempting to curb some of its protections, though it was challenged in court.Subsequently, former President Joe Biden also voiced his opinion against the law. An EFF blog post explains the case for Section 230:Congress passed this bipartisan legislation because it recognized that promoting more user speech online outweighed potential harms. When harmful speech takes place, it's the speaker that should be held responsible, not the service that hosts the speech... Without Section 230, the Internet is different. In Canada and Australia, courts have allowed operators of online discussion groups to be punished for things their users have said. That has reduced the amount of user speech online, particularly on controversial subjects. In non-democratic countries, governments can directly censor the internet, controlling the speech of platforms and users. If the law makes us liable for the speech of others, the biggest platforms would likely become locked-down and heavily censored. The next great websites and apps won't even get started, because they'll face overwhelming legal risk to host users' speech. But "I strongly believe that Section 230 has long outlived its use," Senator Whitehouse said this week, saying Section 230 "a real vessel for evil that needs to come to an end.""The laws that Section 230 protect these big platforms from are very often laws that go back to the common law of England, that we inherited when this country was initially founded. I mean, these are long-lasting, well-tested, important legal constraints that have — they've met the test of time, not by the year or by the decade, but by the century. "And yet because of this crazy Section 230, these ancient and highly respected doctrines just don't reach these people. And it really makes no sense, that if you're an internet platform you get treated one way; you do the exact same thing and you're a publisher, you get treated a completely different way. "And so I think that the time has come.... It really makes no sense... [Testimony before the committee] shows how alone and stranded people are when they don't have the chance to even get justice. It's bad enough to have to live through the tragedy... But to be told by a law of Congress, you can't get justice because of the platform — not because the law is wrong, not because the rule is wrong, not because this is anything new — simply because the wrong type of entity created this harm."
Read more of this story at Slashdot.
- Time Magazine's 'Person of the Year': the Architects of AI
Time magazine used its 98th annual "Person of the Year" cover to "recognize a force that has dominated the year's headlines, for better or for worse. For delivering the age of thinking machines, for wowing and worrying humanity, for transforming the present and transcending the possible, the Architects of AI are TIME's 2025 Person of the Year." One cover illustration shows eight AI executives sitting precariously on a beam high above the city, while Time's 6,700-word article promises "the story of how AI changed our world in 2025, in new and exciting and sometimes frightening ways. It is the story of how [Nvidia CEO] Huang and other tech titans grabbed the wheel of history, developing technology and making decisions that are reshaping the information landscape, the climate, and our livelihoods." Time describes them betting on "one of the biggest physical infrastructure projects of all time," mentioning all the usual worries — datacenters' energy consumption, chatbot psychosis, predictions of "wiping out huge numbers of jobs" and the possibility of an AI stock market bubble. (Although "The drumbeat of warning that advanced AI could kill us all has mostly quieted"). But it also notes AI's potential to jumpstart innovation (and economic productivity)This year, the debate about how to wield AI responsibly gave way to a sprint to deploy it as fast as possible. "Every industry needs it, every company uses it, and every nation needs to build it," Huang tells TIME in a 75-minute interview in November, two days after announcing that Nvidia, the world's first $5 trillion company, had once again smashed Wall Street's earnings expectations. "This is the single most impactful technology of our time..." The risk-averse are no longer in the driver's seat. Thanks to Huang, Son, Altman, and other AI titans, humanity is now flying down the highway, all gas no brakes, toward a highly automated and highly uncertain future. Perhaps Trump said it best, speaking directly to Huang with a jovial laugh in the U.K. in September: "I don't know what you're doing here. I hope you're right."
Read more of this story at Slashdot.
- Trump Ban on Wind Energy Permits 'Unlawful', Court Rules
A January order blocking wind energy projects in America has now been vacated by a U.S. judge and declared unlawful, reports the Associated Press:[Judge Saris of the U.S. district court for the district of Massachusetts] ruled in favor of a coalition of state attorneys general from 17 states and Washington DC, led by Letitia James, New York's attorney general, that challenged President Trump's day one order that paused leasing and permitting for wind energy projects... The coalition that opposed Trump's order argued that Trump does not have the authority to halt project permitting, and that doing so jeopardizes the states' economies, energy mix, public health and climate goals. The coalition includes Arizona, California, Colorado, Connecticut, Delaware, Illinois, Maine, Maryland, Massachusetts, Michigan, Minnesota, New Jersey, New Mexico, New York, Oregon, Rhode Island, Washington state and Washington DC. They say they have invested hundreds of millions of dollars collectively to develop wind energy and even more on upgrading transmission lines to bring wind energy to the electrical grid... Wind is the United States' largest source of renewable energy, providing about 10% of the electricity generated in the nation, according to the American Clean Power Association. But the BBC quotes Timothy Fox, managing director at the Washington, DC-based research firm ClearView Energy Partners, as saying he doesn't expect the ruling to reinvigorate the industry: "It's more symbolic than substantive," he said. "All the court is saying is ... you need to go back to work and consider these applications. What does that really mean?" he said.Officials could still deny permits or bog applications down in lengthy reviews, he noted.
Read more of this story at Slashdot.
- New Rule Forbids GNOME Shell Extensions Made Using AI-Generated Code
An anonymous reader shared this report from Phoronix:Due to the growing number of GNOME Shell extensions looking to appear on extensions.gnome.org that were generated using AI, it's now prohibited. The new rule in their guidelines note that AI-generated code will be explicitly rejected: "Extensions must not be AI-generated While it is not prohibited to use AI as a learning aid or a development tool (i.e. code completions), extension developers should be able to justify and explain the code they submit, within reason. Submissions with large amounts of unnecessary code, inconsistent code style, imaginary API usage, comments serving as LLM prompts, or other indications of AI-generated output will be rejected." In a blog post, GNOME developer Javad Rahmatzadeh explains that"Some devs are using AI without understanding the code..."
Read more of this story at Slashdot.
- Is the R Programming Language Surging in Popularity?
The R programming language "is sometimes frowned upon by 'traditional' software engineers," says the CEO of software quality services vendor Tiobe, "due to its unconventional syntax and limited scalability for large production systems." But he says it "continues to thrive at universities and in research-driven industries, and "for domain experts, it remains a powerful and elegant tool." Yet it's now gaining more popularity as statistics and large-scale data visualization become important (a trend he also sees reflected in the rise of Wolfram/Mathematica). That's according to December's edition of his TIOBE Index, which attempts to rank the popularity of programming languages based on search-engine results for courses, third-party vendors, and skilled engineers. InfoWorld explains:In the December 2025 index, published December 7, R ranks 10th with a 1.96% rating. R has cracked the Tiobe index's top 10 before, such as in April 2020 and July 2020, but not in recent years. The rival Pypl Popularity of Programming Language Index, meanwhile, has R ranked fifth this month with a 5.84% share. "Programming language R is known for fitting statisticians and data scientists like a glove," said Paul Jansen, CEO of software quality services vendor Tiobe, in a bulletin accompanying the December index... Although data science rival Python has eclipsed R in terms of general adoption, Jansen said R has carved out a solid and enduring niche, excelling at rapid experimentation, statistical modeling, and exploratory data analysis. "We have seen many Tiobe index top 10 entrants rising and falling," Jansen wrote. "It will be interesting to see whether R can maintain its current position." "Python remains ahead at 23.64%," notes TechRepublic, "while the familiar chase group behind it holds steady for the moment. The real movement comes deeper in the list, where SQL edges upward, R rises to the top 10, and Delphi/Object Pascal slips away... SQLclimbs from tenth to eighth at 2.10%, adding a small +0.11% that's enough to move it upward in a tightly packed section of the table. Perl holds ninth at 1.97%, strengthened by a +1.33% gain that extends its late-year resurgence." It's interesting to see how TIOBE's ranking compare with PYPL's (which ranks languages based solely on how often language tutorials are searched on Google): TIOBE PYPL Python Python C C/C++ C++ Objective-C Java Java C# R JavaScript JavaScript Visual Basic Swift SQL C# Perl PHP R Rust Despite their different methodologies, both lists put Python at #1, Java at #5, and JavaScript at #7.
Read more of this story at Slashdot.
- System76 Launches First Stable Release of COSMIC Desktop and Pop!_OS 24.04 LTS
This week System76 launched the first stable release of its Rust-based COSMIC desktop environment. Announced in 2021, it's designed for all GNU/Linux distributions — and it shipping with Pop!_OS 24.04 LTS (based on Ubuntu 24.04 LTS). An anonymous reader shared this report from 9to5Linux:Previous Pop!_OS releases used a version of the COSMIC desktop that was based on the GNOME desktop environment. However, System76 wanted to create a new desktop environment from scratch while keeping the same familiar interface and user experience built for efficiency and fun. This means that some GNOME apps have been replaced by COSMIC apps, including COSMIC Files instead of Nautilus (Files), COSMIC Terminal instead of GNOME Terminal, COSMIC Text Editor instead of GNOME Text Editor, and COSMIC Media Player instead of Totem (Video Player). Also, the Pop!_Shop graphical package manager used in previous Pop!_OS releases has now been replaced by a new app called COSMIC Store. "If you're ambitious enough, or maybe just crazy enough, there eventually comes a time when you realize you've reached the limits of current potential, and must create something completely new if you're to go further..." explains System76 founder/CEO Carl Richell:For twenty years we have shipped Linux computers. For seven years we've built the Pop!_OS Linux distribution. Three years ago it became clear we had reached the limit of our current potential and had to create something new. Today, we break through that limit with the release of Pop!_OS 24.04 LTS with the COSMIC Desktop Environment.Today is special not only in that it's the culmination of over three years of work, but even more so in that System76 has built a complete desktop environment for the open source community...I hope you love what we've built for you. Now go out there and create. Push the limits, make incredible things, and have fun doing it!
Read more of this story at Slashdot.
- 'Free Software Awards' Winners Announced: Andy Wingo, Alx Sa, Govdirectory
This week the Free Software Foundation honored Andy Wingo, Alx Sa, and Govdirectory with this year's annual Free Software Awards (given to community members and groups making"significant" contributions to software freedom):Andy Wingo is one of the co-maintainers of GNU Guile,the official extension language of the GNU operating system and theScheme "backbone" of GNUGuix. Upon receiving the award, he stated: "Since I learnedabout free software, the vision of a world in which hackers freelyshare and build on each others' work has been a profound inspirationto me, and I am humbled by this recognition of my small efforts inthe context of the Guile Scheme implementation. I thank myco-maintainer, Ludovic Courtès, for his comradery over the years: weare just building on the work of the past maintainers of Guile, and Ihope that we live long enough to congratulate its many futuremaintainers." The 2024 Award forOutstanding New FreeSoftware Contributor went to Alx Sa for work on the GNUImage Manipulation Program (GIMP). When asked to comment, Alxresponded: "I am honored to receive this recognition! I startedcontributing to the GNU Image Manipulation Program as a way to returnthe favor because of all the cool things it's allowed me to do.Thanks to the help and mentorship of amazing people like Jehan Pagès,Jacob Boerema, Liam Quin, and so many others, I hope I've been ableto help other people do some cool new things, too." Govdirectory was presentedwith this year's Awardfor Projects of Social Benefit, given to a project or teamresponsible for applying free software, or the ideas of the freesoftware movement, to intentionally and significantly benefitsociety. Govdirectory provides a collaborative and fact-checkedlisting of government addresses, phone numbers, websites, and socialmedia accounts, all of which can be viewed with free software andunder a free license, allowing people to always reach theirrepresentatives in freedom... The FSF plans to further highlight the Free Software Award winnersin a series of events scheduled for the new year to celebrate theircontributions to free software.
Read more of this story at Slashdot.
- Honeypots can help defenders, or damn them if implemented badly
PLUS: Crims could burn your AI budgets thanks to weak defaults; CISA's top 25 vulns for 2025; And more
Infosec In Brief The UK's National Cyber Security Centre (NCSC) has found that cyber-deception tactics such as honeypots and decoy accounts designed to fool attackers can be useful if implemented very carefully.…
- British Airways fears a future where AI agents pick flights and brands get ghosted
CEO warns airlines that don’t learn to sell themselves to machines could soon be flying under the radar
British Airways' chief executive has warned that the airline industry is fast heading for a future where AI agents, not humans, decide which brands get booked – and carriers that fail to adapt are at risk of quietly disappearing from the digital shop window.…
- Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit
Exploit hasn't been picked up by any malware detection engines, CEO tells The Reg
A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager (RasMan) service now has a free, unofficial patch - with no word as to when Redmond plans to release an official one - along with a working exploit circulating online.…
- New React vulns leak secrets, invite DoS attacks
And the earlier React2Shell patch is vulnerable
If you're running React Server Components, you just can't catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to hang vulnerable servers and potentially leak Server Function source code, so anyone using RSC or frameworks that support it should patch quickly.…
- Trump gives state AI regulation the presidential middle finger
Executive order sidesteps Congress and sets up Litigation Task Force
President Trump and his patrons in big tech have long wanted to block states from implementing their own AI regulations. After failing twice to do so in Congress, the US president has issued an executive order that would attempt to punish states that try to restrain the bot business.…
- Workday project at Washington University hits $266M
Protests force disclosure of costs totaling $16,000 per student over 7 year rollout replacing 80 legacy systems
The total cost of a Workday implementation project at Washington University in St. Louis is set to hit almost $266 million, it was revealed after the project was the subject of protests from students.…
- The CRASH Clock is ticking as satellite congestion in low Earth orbit worsens
It's getting crowded up there
Earth's orbit is starting to look like an LA freeway, with more and more satellites being launched each year. If you're worried about collisions and space debris making the area unusable – and you should be – scientists have proposed a new metric to contribute to your anxiety: the CRASH Clock.…
- AI datacenter boom could end badly, Goldman Sachs warns
Bank sketches four scenarios in which monetization falters or demand swamps supply by 2030
Goldman Sachs warns that datacenter investments may fail to pay off if the industry is unable to monetize AI models, but hedges its bets by saying that demand could also overwhelm available capacity by 2030.…
- Microsoft promises more bug payouts, with or without a bounty program
Critical vulnerabilities found in third-party applications eligible for award under 'in scope by default' move
Microsoft is overhauling its bug bounty program to reward exploit hunters for finding vulnerabilities across all its products and services, even those without established bounty schemes.…
- UK watchdog urged to probe GDPR failures in Home Office eVisa rollout
Rights groups say digital-only record is leaking data and courting trouble
Civil society groups are urging the UK's data watchdog to investigate whether the Home Office's digital-only eVisa scheme is breaching GDPR, sounding the alarm about systemic data errors and design failures that are exposing sensitive personal information while leaving migrants unable to prove their lawful status.…
- Half of exposed React servers remain unpatched amid active exploitation
Wiz says React2Shell attacks accelerating, ranging from cryptominers to state-linked crews
Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters ranging from bargain-basement cryptominers to state-linked intrusion tooling.…
- Salesforce opts for seat-based AI licensing as customers demand predictability
Analysts say the shift offers stability, but embedded usage caps ensure vendors keep control
Salesforce CEO Marc Benioff last week came closer to answering a multibillion-dollar question when he said seat-based pricing – with some caveats – was becoming the norm for its AI agents after flirting with pricing based on consumption and per-conversation payments.…
- User insisted their screen was blank, until admitting it wasn't
Getting that confession took hours, during which L1 and L2 support gave up
On Call Welcome once more to On Call, the Friday column in which we share stories of tech support incidents that went pear-shaped until cunning Reg readers stepped in to save the day.…
- AI superintelligence is a Silicon Valley fantasy, Ai2 researcher says
The dream of electric sheep gets a reality check from Moore’s Law
You want artificial general intelligence (AGI)? Current-day processors aren't powerful enough to make it happen and our ability to scale up may soon be coming to an end, argues well-known researcher Tim Dettmers.…
- VMware kills vSphere Foundation in parts of EMEA
Broadcom told The Register that EMEA customers need to check with their local dealer to see if VVF remains on the menu
Exclusive Broadcom has recently killed off VMware vSphere Foundation in parts of EMEA, the company told The Register, dealing a blow to smaller customers, one of whom told us they would likely switch to a rival hypervisor as a result.…
- Disney turns to dark side, licenses IP to OpenAI for videos, images
Begun, these AI wars have
Amid controversy over its ability to generate content with copyrighted characters, OpenAI has struck a three-year deal with Disney to license more than 200 Disney, Pixar, Marvel, and Star Wars characters for use in Sora videos and ChatGPT Images.…
- European cloud trade group says EU should have blocked VMware-Broadcom merger
Org argues that the approval process was flawed and regulators should have known better
A trade group of European cloud providers has laid into the European Commission’s decision to allow the VMware-Broadcom merger to go ahead, alleging that it failed to assess the infrastructure and semiconductor company’s incentives to massively raise prices on customers.…
- Space-power startup claims it can beam energy to solar farms
So far, Overview Energy says it has only beamed power from a moving aircraft to standard solar panels
You can't generate solar power at night unless your panels are in space. A startup that wants to beam orbital sunlight straight into existing solar farms has just emerged from stealth, claiming a world-first power-beaming demo, but with a lot of critical information left unreported. …
- Google fixes super-secret 8th Chrome 0-day
No details, no CVE, update your browser now
Google issued an emergency fix for a Chrome vulnerability already under exploitation, which marks the world's most popular browser's eighth zero-day bug of 2025.…
- LastPass hammered with £1.2M fine for 2022 breach fiasco
UK data regulator says failures were unacceptable for a company managing the world's passwords
The UK's Information Commissioner's Office (ICO) says LastPass must cough up £1.2 million ($1.6 million) after its two-part 2022 data breach compromised information from up to 1.6 million UK users.…
- Trump's AI 'Genesis Mission' emerges from Land of Confusion
DOE lays out $320M plan for science platform linking national labs, industry, and academia
President Trump's "Genesis Mission" is taking shape with the award of more than $320 million from the Department of Energy (DOE) to advance AI in scientific research.…
- Microsoft research shows chatbots seeping into everyday life
Copilot – your cuddly companion for nighttime introspection
Microsoft analyzed 37.5 million de-identified Copilot conversations from January to September 2025, excluding commercial and educational accounts. The findings reveal distinct usage patterns based on device, time, and day.…
- 10K Docker images spray live cloud creds across the internet
Flare warns devs are unwittingly publishing production-level secrets
Docker Hub has quietly become a treasure trove of live cloud keys and credentials, with more than 10,000 public container images exposing sensitive secrets from over 100 companies, including a Fortune 500 firm and a major bank.…
- Airbus exec: Most CIOs in Europe will not finish SAP ECC6 migration by 2030
Aerospace giant faces 'massive work' to move legacy ERP systems to S/4HANA as support deadline looms
Exclusive Airbus is undertaking a major overhaul to migrate its sprawling SAP environment to S/4HANA – and potentially to the cloud – as the aerospace giant grapples with the same deadline pressures facing thousands of enterprise customers worldwide.…
- NASA loses contact with MAVEN Mars orbiter
Didn’t phone home as expected on December 6th and nobody knows why
Houston, we have a problem: NASA has lost contact with the Mars Atmosphere and Volatile EvolutioN (MAVEN) spacecraft.…
- Oracle raises AI spending estimate, spooks investors
But if you assume cloud IOUs will be fulfilled, business is booming
Oracle expects its FY 2026 capital expenditures will be $15 billion higher that previously predicted, as the cloudy database biz invests to accommodate AI workloads.…
- US teens not only love AI, but also let it rot their brains
Yeah, not shocking, but with other studies linking AI to weaker learning and mental-health risks, it’s a worry
Alongside TikTok and Instagram, teens have added ChatGPT to the mix. Pew says about two-thirds of US teenagers have tried an AI chatbot, with nearly a third using one every day. Negative mental-health warnings be damned!…
- Really Simple Licensing spec lets web publishers demand their due from AI scrapers
Publishers now have more comprehensive tools for managing automated content harvesting
Most big AI providers scrape the open web, hoovering up content to improve their chatbots, which then compete with publishers for the attention of internet users. However, more AI orgs might have to pay up soon, because the Really Simple Licensing (RSL) spec has reached version 1.0, providing guidance on how to set machine-readable rules for crawlers.…
- US extradites Ukrainian woman accused of hacking meat processing plant for Russia
The digital intrusion allegedly caused thousands of pounds of meat to spoil and triggered an ammonia leak in the facility
A Ukrainian woman accused of hacking US public drinking water systems and a meat processing facility on behalf of Kremlin-backed cyber groups was extradited to the US earlier this year and will stand trial in early 2026.…
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]
- Things Linux OS Can Do That Other OS Can�t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter [0]
- Haiku gets new Go port
There�s a new Haiku monthly activity report, and this one�s a true doozy. Let�s start with the biggest news. The most notable development in November was the introduction of a port of the Go programming language, version 1.18. This is still a few years old (from 2022; the current is Go 1.25), but it’s far newer than the previous Go port to Haiku (1.4 from 2014); and unlike the previous port which was never in the package repositories, this one is now already available there (for x86_64 at least) and can be installed via pkgman. ↫ Haiku activity report As the project notes, they�re still a few versions behind, but at least it�s a lot more modern of an implementation than they had before. Now that it�s in the repositories for Haiku, it might also attract more people to work on the port, potentially bringing even newer versions to the BeOS-inspired operating system. Welcome as it may be, this new Go port isn�t the only big ticket item this month. Haiku can now gracefully recover from an app_server crash, something it used to be able to do a long time ago, but which was broken for a long time. The app_server is Haiku�s display server and window manager, so the ability to restart it at runtime after a crash, and have it reconnect with still-running applications, is incredibly welcome. As far as I can tell, all modern operating systems can do this by now, so it�s great to have this functionality restored in Haiku. Of course, aside from these two big improvements, there�s the usual load of fixes and changes in applications, drivers, and other components of the operating system.
- Rethinking sudo with object capabilities
Alpine Linux maintainer Ariadne Conill has published a very interesting blog post about the shortcomings of both sudo and doas, and offers a potential different way of achieving the same goals as those tools. Systems built around identity-based access control tend to rely on ambient authority: policy is centralized and errors in the policy configuration or bugs in the policy engine can allow attackers to make full use of that ambient authority. In the case of a SUID binary like doas or sudo, that means an attacker can obtain root access in the event of a bug or misconfiguration. What if there was a better way? Instead of thinking about privilege escalation as becoming root for a moment, what if it meant being handed a narrowly scoped capability, one with just enough authority to perform a specific action and nothing more? Enter the object-capability model. ↫ Ariadne Conill To bring this approach to life, they created a tool called capsudo. Instead of temporarily changing your identity, capsudo can grant far more fine-grained capabilities that match the exact task you�re trying to accomplish. As an example, Conill details mounting and unmounting � with capsudo, you can not only grant the ability for a user to mount and unmount whatever device, but also allow the user to only mount or unmount just one specific device. Another example given is how capsudo can be used to give a service account user to only those resources the account needs to perform its tasks. Of course, Conill explains all of this way better than I ever could, with actual example commands and more details. Conill happens to be the same person who created Wayback, illustrating that they have a tendency to look at problems in a unique and interesting way. I�m not smart enough to determine if this approach makes sense compared to sudo or doas, but the way it�s described it does feel like a superior, more secure solution.
- One too many words on AT8T�s $2000 Korn shell and other Usenet topics
Unix has been enormously successful over the past 55 years. It started out as a small experiment to develop a time-sharing system (i.e., a multi-user operating system) at AT8T Bell Labs. The goal was to take a few core principles to their logical conclusion. The OS bundled many small tools that were easy to combine, as it was illustrated by a famous exchange between Donald Knuth and Douglas McIlroy in 1986. Today, Unix lives on mostly as a spiritual predecessor to Linux, Net/Free/OpenBSD, macOS, and arguably, ChromeOS and Android. Usenet tells us about the height of its early popularity. ↫ Gábor Nyéki There are so many amazing stories in this article, I honestly have no idea what to highlight. So first and foremost, I want you to read the whole thing yourself, as everyone�s bound to have their own personal favourite section that resonates the most. My personal favourite story from the article � which is just an aside, to illustrate that even the asides are great � is that when Australia joined Usenet in 1983, new posts to Usenet were delivered to the country by airmail. On magnetic tape. Once per week. The overarching theme here is that the early days of UNIX, as documented on Usenet, were a fascinating wild west of implementations, hacks, and personalities, which, yes, clashed with each other, but also spread untold amounts of information, knowledge, and experience to every corner of the world. I hope Nyéki will write more of these articles.
- COSMIC Desktop reaches first stable release
System76, creator of Pop!_OS and prominent Linux OEM, has just announced the release of Pop!_OS 24.04 LTS � normally not something I particularly care about, but in this case, it comes with the first stable release of COSMIC Desktop. COSMIC is a brand new desktop environment by System76, written in Rust, and after quite some time in development, it�s now out in the wild as a stable release. Today is special not only in that it’s the culmination of over three years of work, but even more so in that System76 has built a complete desktop environment for the open source community. We’re proud of this contribution to the open source ecosystem. COSMIC is built on the ethos that the best open source projects enable people to not only use them, but to build with them. COSMIC is modular and composable. It’s the flagship experience for Pop!_OS in its own way, and can be adapted by anyone that wants to build their own unique user experience for Linux. ↫ Carl Richell You don�t need to run Pop!_OS to try out COSMIC, as it�s already available on a variety of other distributions (although it may take a bit for this stable version to land in the respective repositories).
- Windows 3.1�s infamous Hot Dog Stand! colour scheme was not a joke
I�m sure most of us here are aware of the bright red-and-yellow colour scheme called Hot Dog Stand!, included in Windows 3.1. While it�s not the only truly garish colour scheme included in Windows 3.1, its name probably did a lot to make it stand out from the others. There�s been a ton of speculation about the origins of the colour scheme, and why it was included in Windows 3.1, but it seems nobody ever bothered to look for someone who actually worked on the Windows 3.1 user interface � until now. PC Gamer�s Wes Fenlon contacted Virginia Howlett, Microsoft�s first user interface designer who joined the company in 1985, and asked her about the infamous colour scheme. It turns out that the origin story for the infamous colour scheme is rather mundane. In Howlett�s own words: I do remember some discussion about whether we should include it, and some snarky laughter. But it was not intended as a joke. It was not inspired by any hot dog stands, and it was not included as an example of a bad interface—although it was one. It was just a garish choice, in case somebody out there liked ugly bright red and yellow. ↫ Virginia Howlett, quoted by Wes Fenlon in PC Gamer Howlett then lists a few other included colour schemes that were just as garish, or even more so, as examples to underline her point. Personally, I�m a huge proponent of allowing users to make their interfaces as ugly and garish as they want, as the only arbiter on what�s on your screen is you, and nobody else. Hot Dog Stand and similar garish themes need to make a comeback, because there�s bound to be some people out there whose vibes align with it.
- Using AI! to manage your Fedora system seems like a really bad idea
IBM owns Red Hat which in turn runs Fedora, the popular desktop Linux distribution. Sadly, shit rolls downhill, so we�re starting to see some worrying signs that Fedora is going to be used a means to push AI!. Case in point, this article in the Fedora Magazine: Generative AI systems are changing the way people interact with computers. MCP (model context protocol) is a way that enables generate AI systems to run commands and use tools to enable live, conversational interaction with systems. Using the new linux-mcp-server, let’s walk through how you can talk with your Fedora system for understanding your system and getting help troubleshooting it! ↫ Máirín Duffy and Brian Smith at Fedora Magazine This linux-mcp-server! tool is developed by IBM�s Red Hat, and of course, IBM has a vested interest in further increasing the size of the AI! bubble. As such, it makes sense from their perspective to start pushing AI! services and tools all the way down to the Fedora community, ending up with articles like this one. What�s sad is that even in this article, which surely uses the best possible examples, it�s hard to see how any of it could possibly be any faster than doing the example tasks without the help! of an AI!. In the first example, the AI! is supposed to figure out why the computer is having Wi-Fi connection issues, and while it does figure that out, the solutions it presents are really dumb and utterly wrong. Most notably, even though this is an article about running these tools on a Fedora system, written for Fedora Magazine, the AI! stubbornly insists on using apt for every solution, which is a basic, stupid mistake that doesn�t exactly instill confidence in any of its other findings being accurate. The second example involves asking the AI! to explain how much disk space the system is using, and why. The prompt! (the human-created question! the AI! is supposed to answer!) is bonkers long � it�s a 117 words long monstrosity, formatted into several individual questions � and the output is so verbose and it takes such a scattershot approach that following-up on everything is going to take a huge amount of time. Within that same time frame, it would�ve been not only much faster, but also much more user-friendly to just open Filelight (installed by default as part of KDE), which creates a nice diagram which instantly shows you what is taking up space, and why. The third example is about creating an update readiness report for upgrading from Fedora 42 to Fedora 43, and its prompt! is even longer at 190 words, and writing that up with all those individual questions must�ve taken more time than to just0 Do a simple dry-run of a dnf system upgrade which gets you like 90% of the way there. Here, too, the AI! blurts out so much information, much of which entirely useless, that going through it all takes more time than just manually checking up on a dnf dry run and peaking at your disk space usage. All this effort to set all of this up, and so much effort to carefully craft complex prompts!, only to end up with clearly wrong information, and way too much superfluous information that just ends up distracting you from the task you set out to accmplish. Is this really the kind of future of computing we�re supposed to be rooting for? Is this the kind of stuff Fedora�s new AI! policy is supposed to enable? If so, I�m afraid the disconnect between Fedora�s leadership and whatever its users actually use Fedora for is far, far wider than I imagined.
- FreeBSD debates sunsetting power64/power64le support
I have some potentially devastating news for POWER users interested in using FreeBSD, uncovered late last month by none other than Cameron Kaiser. FreeBSD is considering retiring powerpc64 prior to branching 16, which would make FreeBSD 15 the last stable version to support the architecture. (32-bit PowerPC is already dropped as of FreeBSD 14, though both OpenBSD and NetBSD generally serve this use case, and myself I have a Mac mini G4 running a custom NetBSD kernel with code from FreeBSD for automatic restart.) Although the message says powerpc64 and powerpc64le! it later on only makes specific reference to the big-endian port, whereas both endiannesses appear on the FreeBSD platform page and on the download server. ↫ Cameron Kaiser There�s two POWER9 systems in my office, so this obviously makes me quite sad. At the same time, though, it�s hard not to understand any possible decision to drop powerpc64/powerpc64le at this point in time. Raptor�s excellent POWER9 systems � the Blackbird, which I reviewed a few years ago, and the Talos II, which I also have � are very long in the tooth at this point and still quite expensive, and thanks to IBM royally screwing up POWER10, we never got any timely successors. There were rumblings about a possible POWER11-based successor from Raptor back in July 2025, but it�s been quiet on that front since. In other words, there are no modern powerpc64 and powerpc64le systems available. POWER10 and brand new POWER11 hardware are strictly IBM and incredibly expensive, so unless IBM makes some sort of generous donation to the FreeBSD Foundation, I honestly don�t know how FreeBSD is supposed to keep their powerpc64 and powerpc64le ports up-to-date with the latest generation of POWER hardware in the first place. It�s important to note that no final decision has been made yet, and since that initial report by Kaiser, several people have chimed in to argue the case that at least powerpc64le (the little endian variant) should remain properly supported. In fact, Timothy Pearson from Raptor Engineering stepped up the place, and stated he�s willing to take over maintainership of the port, as Raptor has been contributing to it for years anyway. Raptor remains committed to the architecture as a whole, and we have resources to assist with development. In fact, we sponsor several FreeBSD build machines already in our cloud environment, and have kernel developers working on expanding and maintaining the FreeBSD codebase. If there is any concern regarding hardware availability or developer resources, Raptor is willing and able to assist. ↫ Timothy Pearson Whatever decision the FreeBSD project makes, the Linux world will be fine for a while yet as IBM contributes to its development, and popular distributions still consider POWER a primary target. However, unless either IBM moves POWER hardware downmarket (extremely unlikely) or the rumours around Raptor have merit, I think at least the FreeBSD powerpc64 (big endian) port is done for, with the powerpc64le port hopefully being saved by people hearing these alarm bells.
- US government switches to Times New Roman because Calibri is woke!
Secretary of State Marco Rubio waded into the surprisingly fraught politics of typefaces on Tuesday with an order halting the State Department’s official use of Calibri, reversing a 2023 Biden-era directive that Mr. Rubio called a “wasteful” sop to diversity. While mostly framed as a matter of clarity and formality in presentation, Mr. Rubio’s directive to all diplomatic posts around the world blamed “radical” diversity, equity, inclusion and accessibility programs for what he said was a misguided and ineffective switch from the serif typeface Times New Roman to sans serif Calibri in official department paperwork. ↫ Michael Crowley and Hamed Aleaziz at The New York Times
- What do Linux kernel version numbers mean?
If you�re old enough, you no doubt remember that up until the 2.6.0 release of the Linux kernel, an odd number after the first version number indicated a pre-release, development version of the kernel. Even though this scheme was abandoned with the 2.6.0 release in 2003 and since then every single release has been a stable release, it seems the ghosts of this old versioning scheme still roam the halls, because prominent Linux kernel developer Greg Kroah-Hartman just published an explainer about Linux kernel versions. Despite having a stable release model and cadence since December 2003, Linux kernel version numbers seem to baffle and confuse those that run across them, causing numerous groups to mistakenly make versioning statements that are flat out false. So let’s go into how this all works in detail. ↫ Greg Kroah-Hartman I genuinely find it difficult to imagine what could possibly be unclear about Linux kernel version numbers. The Linux kernel uses a very generic major.minor scheme, but that�s not where the problems lie � it�s the actual development process of each of these numbered release that�s a bit more complex. This is where we have to talk about things like the roughly 10-week release cycle, containing a 2-week merge window, as well as Torvalds handing off the stable branch to the stable kernel maintainers. The other oddity is when the major version number gets incremented � the first number in the version number. There�s no real method to this, as Kroah-Hartman admits Torvalds increments this number whenever the remaining numbers get too high and unwieldy to deal with. Very practical, but it does mean that going from, say, 5.x to 6.x doesn�t really imply there�s any changes in there that are any bigger or more disruptive than when going from 6.8.x to 6.9.x or whatever. There�s a few more important details in here, of course, like where LTS releases come from, but that�s really it � nothing particularly groundbreaking or confusing.
- Microsoft will allow you to remove AI! actions from Windows 11�s context menus
With the current, rapidly deteriorating state of the Windows operating system, you have to take the small wins you can get: Microsoft is now offering the option of removing AI! actions from Windows 11�s context menus. buried deep in the Windows 11 Insider Preview Build 26220.7344 release notes, there�s this nugget: If there are no available or enabled AI Actions, this section will no longer show in the context menu. ↫ Windows Insider Preview release notes If you then go to Settings > Apps > Actions and uncheck all the AI! actions, the entire submenu in Windows 11�s context menus will vanish. While this is great news for those Windows users who don�t want to be bothered by all the AI! nonsense, I wish Microsoft would just give users a proper way to edit the context menu that doesn�t involve third party hackery. KDE�s Dolphin file manager gives me full control over what does and does not appear in its context menu, and I can�t imagine living without this functionality � there�s so many file-related operations I never use, and having them clutter up the context menu is annoying and just slows me down. There�s more substantial and important changes in this Insider Preview Build too, most notably the rollout of the Update Orchestration Platform, which should make downloading and installing application updates less cumbersome, but since it�s a new feature, application won�t support it right away. This release also brings the new Windows MIDI Services, and Microsoft hopes this will improve the experience for musicians using MIDI 1.0 or MIDI 2.0 on Windows. There�s a slew of smaller changes, too, of course. I�m not exactly sure when these new features will make their way to production installations � who does, honestly, with Microsoft�s convoluted release processes � but I hope it�s sooner rather than later.
- The anatomy of a macOS application
When Mac OS X was designed, it switched to the bundle structure inherited from NeXTSTEP. Instead of this multitude of resources, apps consisted of a hierarchy of directories containing files of executable code, and those with what had in Mac OS been supporting resources. Those app bundles came to adopt a standard form, shown below. ↫ Howard Oakley A short, but nonetheless informative overview of the structure of a macOS application. I�m sure most people on OSNews are aware that a macOS application is a bundle, which is effectively a glorified directory containing a variety of files and subdirectories that together make up the application. I haven�t used macOS in a while, but I think you can right-click on an application and open it as a folder to dig around inside of it. I�m trying to remember from my days as a Mac OS X user � 15-20 years ago � if there was ever a real need to do so, but I�m sure there were a few hacks you could do by messing around with the files inside of application bundles. These days, perhaps with all the code-signing, phoning-home to Apple, and other security trickery going on, such acts are quite frowned upon. Does making any otherwise harmless changes inside an application bundle set off a ton of alarm bells in macOs these days?
- Applets are officially gone, but Java in the browser is better than ever
The end of an era, perhaps. Applets are officially, completely removed from Java 26, coming in March of 2026. This brings to an official end the era of applets, which began in 1996. However, for years it has been possible to build modern, interactive web pages in Java without needing applets or plugins. TeaVM provides fast, performant, and lightweight tooling to transpile Java to run natively in the browser. And for a full front-end toolkit with templates, routing, components, and more, Flavour lets you build your modern single-page app using 100% Java. ↫ Andrew Oliver As consumers, we don�t really encounter Java that much anymore unless we play Minecraft, but that doesn�t mean Java no longer has a place in this world. In fact, it still consistently ranks in the top three of most popular programming languages, so any tools to make using Java easier, both for programmers and users, are welcome.
- OSNews needs your donations to survive
OSNews is funded entirely by you, our readers. There are no ads on OSNews, we are not part of a massive corporate publishing conglomerate like virtually every other technology news website, there are no wealthy (corporate) benefactors � it�s just whatever funds you, our readers, send our way. As such, I sometimes need to remind everyone about this, and December, the holiday month, seems as great a time as any to do this. If you want to support a truly independent technology news website, free from the corrupting influences of corporate interests, advertising companies, managers pushing AI!, and all the other nonsense destroying the web we once loved, you can do so by donating to keep OSNews alive. This gives me the time and means to write 9000 words about dead computer ecosystems, and I�m already working on an article about the next final UNIX workstation. Every single donation, large or small, is deeply appreciated and keeps the lights on around here. There aren�t many websites like OSNews left, especially not independent ones that answer to nobody. Your support keeps OSNews going, with June 2026 marking a special moment for me: it will mark twenty years since I took over this place. I�m not expecting a party � you�re paying me to work, not to party � but it is still a meaningful anniversary for me personally.
- Porting rePalm to Pixter devices
Some of you may be aware of rePalm, a project by Dmitry Grinberg to port the PalmOS to various devices it was never supposed to run on. We covered rePalm back in 2019 and again in 2023. His latest project involved porting PalmOS to a set of digital toys that were never intended to run PalmOS in any way. Fisher-Price (owned by Mattel) produced some toys in the early 2000 under the Pixter brand. They were touchscreen-based drawing toys, with cartridge-based extra games one could plug in. Pixter devices of the first three generations ( classic!, plus!, and 2.0!) featured 80�80 black-and-white screens, which makes them of no interest for rePalm. The last two generations of Pixter ( color! and multimedia!) featured 160�160 color displays. Now, this was more like it! Pixter was quite popular, as far as kids� toys go, in USA in the early 2000s. A friend brought it to my attention a year ago as a potential rePalm target. The screen resolution was right and looking inside a Pixter Color! showed an ARM SoC � a Sharp LH75411. The device had sound (games made noises), and touch panel was resistive. In theory � a viable rePalm target indeed. ↫ Dmitry Grinberg Considering the immensely limited ARMv7 implementation he had to deal with � no cache, no memory management unit, no memory protection unit � it�s a miracle Grinberg managed to succeed. To make matters even harder, the first revision boards of the color! model only had 1MB of flash, which is incredibly small even for PalmOS 5, so he had to rewrite parts of it to make it fit. Implementing communication over infrared was also a major difficulty, but that, too he managed to get working � on a device that doesn�t have IrDA SIR modulation. Wild. Grinberg went above and beyond, making sure the buttons on the devices work, developing and building a way to put PalmOS on a game! cartridge, reverse-engineering the display controller to make sure things like brightness adjustment works, adding screen type detection for that one small run of Pixter Color devices that came with a TFT instead of an STN screen, and so, so much more. Until you read the article, you have no idea how much work Grinberg put into this project. I continue to be in awe of Grinberg�s work every time I come across it.
- Haiku highlights interesting stalled commits you might want to adopt
Now this is a great initiative by the Haiku team: highlight a number of stale commits that�ve been without interaction for years, explain why they�ve stalled, and then hope renewed interest might grow (part 1 and part 2). Recently some discussions on the forum led to asking about the status of our Gerrit code review. There are a lot of changes there that have been inactive for several years, with no apparent interest from anyone. To be precise, there are currently 358 commits waiting for review (note that Gerrit, unlike Github and other popular code review tools, works on a commit-by-commit basis, so each commit from a multiple-commit change is counted separately). The oldest one has not seen any comments since 2018. Today, let’s have a look at some of these changes and see why they are stalled. Hopefully it will inspire someone to pick up the work and help finishing them up. ↫ Pulkomandy at the Haiku website Browsing through the highlighted stalled commits, there�s a few that seem quite interesting and relatively easy for a (new?) contributor to seek their teeth into. For instance, there�s a stalled commit to remove GCC from Haiku images built with clang/llvm, which stalled mostly because there are still other issues when building Haiku with clang/llvm. For a more complex problem, there�s the issue of how every menu in BeOS/Haiku is also a window, including its own thread, which means navigating deeply nested menus creates and destroys a lot of threads, that all need to be synchronised, too. If you want to get really ambitious, there�s the stalled commit to add initial 64bit PowerPC support. There�s more of these, of course, so if you have the skills and will to contribute to a project like Haiku, this might be a great place to start and get your feet wet. Now that these commits are back in the spotlight, there�s sure to be team members and regular contributors lined up to lend an extra hand, as well.
- Oracle Solaris 11.4 SRU 87 released
Oracle has released Solaris 11.4 SRU 87, which brings with it a whole slew of changes, updates, and fixes. Primarily, it upgrades Firefox and Thunderbird to their latest ESR 140.3.0 releases, and adds GCC 15, alongside a ton of updated other open source packages. On more Solaris 11-specific notes, useradd�s account activation options have been changed to address some issues caused by stricter enforcement introduced in SRU 78, there�s some preparations for the upgrade to BIND 9.20 in a future Solaris 11 release, a few virtualisation improvements, and much more. If you�re unclear about the relationship between this new release and the Common Build Environment or CBE release of Solaris 11.4 for enthusiasts, released earlier this year, the gist is that these SRU updates are only available to people with Oracle Solaris support contracts, while any updates to the CBE release are available to mere mortals like you and I. If you have a support contract and are using the CBE, you can upgrade from the CBE to the official SRU releases, but without such a contract, you�re out of luck. A new CBE release is in the works, and is planned to arrive in 2026 � which is great news, but I would love for the enthusiast variant of Solaris 11.4 to receive more regular updates. I don�t think making these SRU updates available to enthusiasts in a non-commercial, zero-warranty kind of way would pose any kind of threat to Oracle�s bottom line, but alas, I don�t run a business like Oracle so perhaps I�m wrong.
- What’s New in KDE Gear 25.12 — A Major Update for KDE Software
by George Whittaker Introduction
The KDE community has just published KDE Gear 25.12, the newest quarterly update to its suite of applications. This refresh brings a mix of enhancements, bug fixes, performance refinements, and new features across many popular KDE apps, from Dolphin file manager and Konsole terminal to Krita and Spectacle. With this release, KDE continues its tradition of incremental yet meaningful upgrades that make everyday use smoother and more productive.
KDE Gear updates are not limited to the KDE Plasma desktop; they also benefit users of other desktop environments who install KDE apps on their systems. Whether you’re running KDE on Linux, BSD, or even Windows via KDE Windows builds, Gear 25.12 delivers improvements worth checking out.
Highlights from KDE Gear 25.12Dolphin: Better File Browsing and Thumbnails
Dolphin, KDE’s file manager, receives several enhancements in this update:
Improved thumbnail generation for more file types, making previews quicker and more dependable.
UI polish in the sidebar for easier navigation between folders and mounted drives.
Better handling of network shares and remote locations, improving responsiveness and reducing hangs.
These changes combine to make everyday file exploration more responsive and visually informative.
Konsole: Productivity Boosts
The KDE terminal emulator, Konsole, gets attention too:
Search field improvements help you find text within long terminal scrollbacks faster and with fewer clicks.
Tab and session indicators are clearer, helping users manage multiple tabs or split views more easily.
Stability fixes reduce crashes in edge cases when closing multiple sessions at once.
For developers and power users who spend a lot of time in a terminal, these refinements are genuinely useful.
Krita: More Painting Power
Krita, KDE’s professional painting and illustration application, also benefits from this release:
Improvements to brush performance, reducing lag on large canvases and complex brush sets.
Better color management and palette handling, smoothing workflows for digital artists.
Fixes for certain configuration edge cases that previously caused settings not to persist across sessions.
Artists and digital illustrators should notice fewer interruptions and smoother performance when working on large projects.
Go to Full Article
- Linux Kernel 5.4 Reaches End-of-Life: Time to Retire a Workhorse
by George Whittaker
One of the most widely deployed Linux kernels has officially reached the end of its lifecycle. The maintainers of the Linux kernel have confirmed that Linux 5.4, once a cornerstone of countless servers, desktops, and embedded devices, is now end-of-life (EOL). After years of long-term support, the branch has been retired and will no longer receive upstream fixes or security updates.
A Kernel Release That Defined a Generation of Linux Systems
When Linux 5.4 debuted, it made headlines for bringing native exFAT support, broader hardware compatibility, and performance improvements that many distributions quickly embraced. It became the foundation for major OS releases, including Ubuntu LTS, certain ChromeOS versions, Android kernels, and numerous appliance and IoT devices.
Its long support window made it a favorite for organizations seeking stability over bleeding-edge features.
What End-of-Life Actually Means
With the EOL announcement, the upstream kernel maintainers are officially done with version 5.4. That means:
No more security patches
No more bug fixes or performance updates
No regressions or vulnerabilities will be addressed
Some enterprise vendors may continue backporting patches privately, but the public upstream branch is now frozen. For most users, that makes 5.4 effectively unsafe to run.
Why This Matters for Users and Organizations
Many devices, especially embedded systems, tend to run kernels for much longer than desktops or servers. If those systems continue using 5.4, they now risk exposure to unpatched vulnerabilities.
Running an unsupported kernel can also create compliance issues for companies operating under strict security guidelines or certifications. Even home users running older LTS distributions may unknowingly remain on a kernel that’s no longer protected.
Upgrading Is the Clear Next Step
With 5.4 retired, users should begin planning an upgrade to a supported kernel line. Today’s active long-term support kernels include more modern branches such as 6.1, 6.6, and 6.8, which provide:
Better CPU and GPU support
Significant security improvements
Enhanced performance and energy efficiency
Longer future support windows
Before upgrading, organizations should test workloads, custom drivers, and hardware, especially with specialized or embedded deployments.
Go to Full Article
- Linux Distros Designed for Former Windows Users Are Picking Up Steam
by George Whittaker
For years, Windows users frustrated with constant changes, aggressive updates, and growing system bloat have flirted with switching to Linux. But 2025 marks a noticeable shift: a new generation of Linux distributions built specifically for ex-Windows users is gaining real traction. One of the standout examples is Bazzite, a gaming-optimized Fedora-based distro that has quickly become a go-to choice for people abandoning Windows in favor of a cleaner, more customizable experience.
Why Many Windows Users Are Finally Jumping Ship
Microsoft’s ecosystem has been slowly pushing some users toward the exit. Hardware requirements for Windows 11 left millions of perfectly functional PCs behind. Ads on the Start menu and in system notifications have frustrated many. And for gamers, launcher problems, forced reboots and background processes that siphon resources have driven a search for alternatives.
Linux distributions have benefited from that frustration, especially those that focus on simplicity, performance and gaming readiness.
Gaming-First Distros Are Leading the Movement
Historically, switching to Linux meant sacrificing game compatibility. But with Valve’s Proton layer and Vulkan-based translation technologies, thousands of Windows games now run flawlessly, sometimes better than on Windows.
Distros targeting former Windows users are leaning into this new reality:
Seamless Steam integration
Automatic driver configuration for AMD, Intel and NVIDIA
Built-in performance overlays like MangoHUD
Proton GE and tools for modding or shader fixes
Support for HDR, VR and modern controller layouts
This means a new Linux user can install one of these distros and jump straight into gaming with almost no setup.
Bazzite: A Standout Alternative OS
Bazzite has become the poster child for this trend. Built on Fedora’s image-based system and the Universal Blue infrastructure, it offers an incredibly stable base that updates atomically, similar to SteamOS.
What makes Bazzite so attractive to Windows refugees?
Gaming-ready out of the box no tweaking, no driver hunts
Rock-solid performance thanks to an immutable system layout
Support for handheld PCs like the Steam Deck, ROG Ally and Legion Go
Friendly workflows that feel familiar to new Linux users
Customization without the risk of breaking the system
It’s no surprise that many “I switched to Linux!” posts now mention Bazzite as their distro of choice.
Go to Full Article
- Linux Kernel 6.18 Is Out: What’s New and Important
by George Whittaker
The stable release of Linux Kernel 6.18 was officially tagged on November 30, 2025.
It’s expected to become this year’s major long-term support (LTS) kernel, something many users and distributions care about.
Here’s a breakdown of the most significant changes and improvements in this release:
Core Improvements: Performance, Memory, Infrastructure
The kernel’s memory allocation subsystem gets a major upgrade with “sheaves”, a per-CPU caching layer for slab allocations. This reduces locking overhead and speeds up memory allocation and freeing, improving overall system responsiveness.
A new device-mapper target dm-pcache arrives, enabling use of persistent memory (e.g. NVDIMM/CXL) as a cache layer for block devices, useful for systems with fast non-volatile memory, SSDs, or hybrid storage.
Overall memory management and swapping performance have been improved, which should help under memory pressure or heavy workloads.
Networking & Security Enhancements
Networking gets a boost: support for Accurate Explicit Congestion Notification (AccECN) in TCP, which can provide better congestion signals and more efficient network behaviour under load.
A new option for PSP-encrypted TCP connections has been added, a fresh attempt to push more secure transport-layer encryption (like a more efficient alternative to IPsec/TLS for some workloads) under kernel control.
The kernel now supports cryptographically signed BPF programs (eBPF), so BPF bytecode loaded at runtime can be verified for integrity. This is a noteworthy security hardening step.
The overall security infrastructure and auditing path, including multi-LSM (Linux Security Modules) support, has been refined, improving compatibility for setups using SELinux, AppArmor, or similar simultaneously.
Hardware, Drivers & Architecture Coverage
Kernel 6.18 brings enhanced hardware support: updated and new drivers for many platforms across architectures (x86_64, ARM, RISC-V, MIPS, etc.), including improvements for GPUs, CPU power management, storage controllers, and more.
In particular, support for newer SoCs, chipsets, and embedded-board device trees has been extended, beneficial for people using SBCs, ARM-based laptops/boards, or niche hardware.
For gaming rigs, laptops, and desktops alike: improvements to drivers, power-state management, and performance tuning may lead to better overall hardware efficiency.
Go to Full Article
- Wine 10.19 Released: Game Changing Support for Windows Reparse Points on Linux
by George Whittaker Introduction
If you use Linux and occasionally run Windows applications, whether via native Wine or through gaming layers like Proton, you’ll appreciate what just dropped in Wine 10.19. Released November 14 2025, this version brings a major enhancement: official support for Windows reparse points, a filesystem feature many Windows apps rely on, and a host of other compatibility upgrades.
In simpler terms: Wine now understands more of the Windows filesystem semantics, which means fewer workarounds, better application compatibility, and smoother experiences for many games and tools previously finicky under Linux.
What Are Reparse Points & Why They MatterUnderstanding Reparse Points
On Windows, a reparse point is a filesystem object (file or directory) that carries additional data, often used for symbolic links, junctions, mount points, or other redirection features. When an application opens or queries a file, the OS may check the reparse tag to determine special behavior (for example “redirect this file open to this other path”).
Because many Windows apps, installers, games, DRM systems, file-managers, use reparse points for features like directory redirection, path abstractions, or filesystem overlays, lacking full support for them in Wine means those apps often misbehave.
What Wine 10.19 Adds
With Wine 10.19, support for these reparse point mechanisms has been implemented in key filesystem APIs: for example NtQueryDirectoryFile, GetFileInfo, file attribute tags, and DeleteFile/RemoveDirectory for reparse objects.
This means that in Wine 10.19:
Windows apps that create or manage symbolic links, directory junctions or mount-point style re-parsing will now function correctly in many more cases.
Installers or frameworks that rely on “when opening path X, redirect to path Y” will work with less tinkering.
Games or utilities that check for reparse tags or use directory redirections will have fewer “stuck” behaviors or missing files.
In effect, this is a step toward closer to native behavior for Windows file-system semantics under Linux.
Other Key Highlights in Wine 10.19
Beyond reparse points, the release brings several notable improvements:
Expanded support for WinRT exceptions (Windows Runtime error handling) meaning better compatibility for Universal Windows Platform (UWP) apps and newer Windows-based frameworks.
Refactoring of “Common Controls” (COMCTL32) following the version 5 vs version 6 split, which helps GUI applications that rely on older controls or expect mixed versions.
Go to Full Article
- Firefox 145: A Major Release with 32-Bit Linux Support Dropped
by George Whittaker Introduction
Mozilla has rolled out Firefox 145, a significant update that brings a range of usability, security and privacy enhancements, while marking a clear turning point by discontinuing official support for 32-bit Linux systems. For users on older hardware or legacy distros, this change means it’s time to consider moving to a 64-bit environment or opting for a supported version.
Here’s a detailed look at what’s new, what’s changed, and what you need to know.
Major Changes in Firefox 145End of 32-Bit Linux Builds
One of the headline items in this release is Mozilla’s decision to stop building and distributing Firefox for 32-bit x86 Linux. As per their announcement:
“32-bit Linux (on x86) is no longer widely supported by the vast majority of Linux distributions, and maintaining Firefox on this platform has become increasingly difficult and unreliable.”
From Firefox 145 onward, only 64-bit (x86_64) and relevant 64-bit architectures (such as ARM64) will be officially supported. For those still running 32-bit Linux builds, Mozilla recommends migrating to 64-bit or switching to the Extended Support Release (ESR) branch (Firefox 140 ESR) which still supports 32-bit for a limited period.
Usability & Interface Enhancements
Firefox 145 brings several improvements designed to make everyday web browsing smoother and more flexible:
PDF viewer enhancements: You can now add, edit, and delete comments in PDFs, and a comments sidebar helps you easily navigate your annotations.
Tab-group preview: When you hover over the name of a collapsed tab group, a thumbnail preview of the tabs inside appears, helpful for reorganizing or returning to work.
Access saved passwords from the sidebar, without needing to open a new tab or window.
“Open links from apps next to your active tab” setting: When enabled, links opened from external applications insert next to your current tab instead of at the end of the tab bar.
Slight UI refinements: Buttons, input fields, tabs and other elements get more rounded edges, horizontal tabs are redesigned to align with vertical-tab aesthetics.
Privacy, Security & Under-the-Hood Upgrades
Mozilla has also doubled down on privacy and risk reduction:
Fingerprinting defenses: Firefox 145 introduces new anti-fingerprinting techniques that Mozilla estimates reduce the number of users identified as unique by nearly half when Private Browsing mode or Enhanced Tracking Protection (strict) is used.
Go to Full Article
- MX Linux 25 ‘Infinity’ Arrives: Debian 13 ‘Trixie’ Base, Modern Tools & A Fresh Installer
by George Whittaker Introduction
The team behind MX Linux has just released version 25, carrying the codename “Infinity”, and it brings a significant upgrade by building upon the stable base of Debian 13 “Trixie”. Released on November 9, 2025, this edition doesn’t just refresh the desktop, it introduces modernized tooling, updated kernels, dual init-options, and installer enhancements aimed at both newcomers and long-time users.
In the sections that follow, we’ll walk through the key new features of MX Linux 25, what’s changed for each desktop edition, recommended upgrade or fresh-install paths, and why this release matters in the wider Linux-distribution ecosystem.
What’s New in MX Linux 25 “Infinity”
Here are the headline changes and improvements that define this release:
Debian 13 “Trixie” Base
By moving to Debian 13, Infinity inherits all the stability, security updates, and broader hardware support of the latest Debian stable release. The base system now aligns with Trixie’s libraries, kernels, and architecture support.
Kernel Choices & Hardware Support
The standard editions ship with the Linux 6.12 LTS kernel series, offering a solid baseline for most hardware.
For newer hardware or advanced users, the “AHS” (Advanced Hardware Support) variants and the KDE Plasma edition adopt a Liquorix-flavored Linux 6.16 (or 6.15 in some variants) kernel, maximizing performance and compatibility with cutting-edge setups.
Dual Init Option: systemd and SysVinit
Traditionally associated with lighter-weight init options, MX Linux now offers both systemd by default and SysVinit editions (particularly for Xfce and Fluxbox variants). This gives users the freedom to choose their init system preference without losing new features.
Updated Desktop Environments
Xfce edition: Ships with Xfce 4.20. Improvements include a revamped Whisker Menu, updated archive management tools (Engrampa replacing File Roller in some editions).
KDE Plasma edition: Uses KDE Plasma 6.3.6, defaults to Wayland for a modern session experience (with X11 still optionally available), adds root-actions and service menus to Dolphin, and switches TLP out for power-profiles-daemon to resolve power widget issues.
Fluxbox edition: Offers a more minimal, highly customizable environment: new panel layouts, updated “appfinder” configs for Rofi, toolbar changes and themes refined. Defaults the audio player to Audacious (instead of the older DeaDBeeF).
Go to Full Article
- Arch Linux November 2025 ISO: Fresh Snapshot, Smarter Installer (Archinstall 3.0.12) & Pacman 7.1
by George Whittaker
Arch Linux has shipped its November 2025 ISO snapshot (2025.11.01), and while Arch remains a rolling distribution, these monthly images are a big deal, especially for new installs, labs, and homelab deployments. This time, the ISO lands alongside two important pieces:
Archinstall 3.0.12 – a more polished, smarter TUI installer
Pacman 7.1 – a package manager update with stricter security and better tooling
If you’ve been thinking about spinning up a fresh Arch box, or you’re curious what changed under the hood, this release is a very nice jumping-on point.
Why Arch Still Ships Monthly ISOs in a Rolling World
Arch is famous for its “install once, update forever” model. Technically, you could install from a two-year-old image and just run:
sudo pacman -Syu
…but in practice, that’s painful:
Huge initial update downloads
Possible breakage jumping across many months of changes
Outdated installer tooling
That’s why the project publishes a monthly snapshot ISO: it rolls all current packages into a fresh image so you:
Start with a current kernel and userland
Spend less time updating right after install
Get the latest Archinstall baked in (or just a pacman -Sy archinstall away)
The 2025.11.01 ISO is exactly that: Arch as of early November 2025, ready to go.
What’s Inside the November 2025 ISO (2025.11.01)
The November snapshot doesn’t introduce new features by itself, it’s a frozen image of current Arch, but a few details are worth calling out:
Ships with a Linux 6.17.x kernel, including improved AMD/Intel GPU support and updated Btrfs bits.
Includes all the usual base packages plus current toolchains, drivers, and desktop stacks from the rolling repos.
The image is intended only for new installs; existing Arch systems should keep using pacman -Syu for upgrades.
You can download it from the official Arch Linux download page or via BitTorrent mirrors.
One small twist: the ISO itself still ships with Archinstall 3.0.11, but 3.0.12 was released the same day – so we’ll grab the newer version from the repos before running the installer.
Archinstall 3.0.12: What’s Actually New?
Archinstall has evolved from “nice experiment” to “pretty solid way to install Arch” if you don’t want to script everything yourself. Version 3.0.12 is a refinement release focused on stability, storage, and bootloader logic.
Go to Full Article
- AMD Confirms Zen 5 RNG Flaw: When ‘Random’ Isn’t Random Enough
by George Whittaker
AMD has officially confirmed a high-severity security vulnerability in its new Zen 5–based CPUs, and it’s a nasty one because it hits cryptography right at the source: the hardware random number generator.
Here’s a clear breakdown of what’s going on, how bad it really is, and what you should do if you’re running Zen 5.
What AMD Just Confirmed
AMD’s security bulletin AMD-SB-7055, now tracked as CVE-2025-62626, describes a bug in the RDSEED instruction on Zen 5 processors. Under certain conditions, the CPU can:
Return the value 0 from RDSEED far more often than true randomness would allow
Still signal “success” (carry flag CF=1), so software thinks it got a good random value
The issue affects the 16-bit and 32-bit forms of RDSEED on Zen 5; the 64-bit form is not affected.
Because RDSEED is used to feed cryptographically secure random number generators (CSPRNGs), a broken RDSEED can poison keys, tokens, and other security-critical values.
AMD classifies the impact as:
Loss of confidentiality and integrity (High severity).
How the Vulnerability Works (In Plain English)What RDSEED Is Supposed to Do
Modern CPUs expose hardware instructions like RDRAND and RDSEED:
RDRAND: Gives you pseudo-random values from a DRBG that’s already been seeded.
RDSEED: Gives you raw entropy samples suitable for seeding cryptographic PRNGs (it should be very close to truly random).
Software like TLS libraries, key generators, HSM emulators, and OS RNGs may rely directly or indirectly on RDSEED to bootstrap secure randomness.
What’s Going Wrong on Zen 5
On affected Zen 5 CPUs:
The 16-bit and 32-bit RDSEED variants sometimes return 0 much more often than a true random source should.
Even worse, they simultaneously report success (CF=1), so software assumes the value is fine rather than retrying.
In cryptographic terms, this means:
Entropy can be dramatically reduced (many key bits become predictable or even fixed).
Keys or nonces derived from those values can become partially or fully guessable.
Go to Full Article
- The Most Critical Linux Kernel Breaches of 2025 So Far
by George Whittaker
The Linux kernel, foundational for servers, desktops, embedded systems, and cloud infrastructure, has been under heightened scrutiny. Several vulnerabilities have been exploited in real-world attacks, targeting critical subsystems and isolation layers. In this article, we’ll walk through major examples, explain their significance, and offer actionable guidance for defenders.
CVE-2025-21756 – Use-After-Free in the vsock Subsystem
One of the most alarming flaws this year involves a use-after-free vulnerability in the Linux kernel’s vsock implementation (Virtual Socket), which enables communication between virtual machines and their hosts.
How the exploit works:A malicious actor inside a VM (or other privileged context) manipulates reference counters when a vsock transport is reassigned. The code ends up freeing a socket object while it’s still in use, enabling memory corruption and potentially root-level access.
Why it matters:Since vsock is used for VM-to-host and inter-VM communication, this flaw breaks a key isolation barrier. In multi-tenant cloud environments or container hosts that expose vsock endpoints, the impact can be severe.
Mitigation:Kernel maintainers have released patches. If your systems run hosts, hypervisors, or other environments where vsock is present, make sure the kernel is updated and virtualization subsystems are patched.
CVE-2025-38236 – Out-of-Bounds / Sandbox Escape via UNIX Domain Sockets
Another high-impact vulnerability involves the UNIX domain socket interface and the MSG_OOB flag. The bug was publicly detailed in August 2025 and is already in active discussion.
Attack scenario:A process running inside a sandbox (for example a browser renderer) can exploit MSG_OOB operations on a UNIX domain socket to trigger a use-after-free or out-of-bounds read/write. That allows leaking kernel pointers or memory and then chaining to full kernel privilege escalation.
Why it matters:This vulnerability is especially dangerous because it bridges from a low-privilege sandboxed process to kernel-level compromise. Many systems assume sandboxed code is safe; this attack undermines that assumption.
Mitigation:Distributions and vendors (like browser teams) have disabled or restricted MSG_OOB usage for sandboxed contexts. Kernel patches are available. Systems that run browser sandboxes or other sandboxed processes need to apply these updates immediately.
CVE-2025-38352 – TOCTOU Race Condition in POSIX CPU Timers
In September 2025, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
Go to Full Article
|
