|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All)
(Two Column)
- Mastodon 4.5 released
Version4.5 of the Mastodondecentralized social-media platform has been released. Notablefeatures in this release include quoteposts, native emoji support, as well as enhanced moderation andblocking features for server administrators. The project also has a postdetailing new features in 4.5 for developers of clients and othersoftware that interacts with Mastodon.
- Freedesktop.org now hosts the Filesystem Hierarchy Standard
The future of the Filesystem Hierarchy Standard (FHS) has been under discussion for some time; now,Neal Gompa has announcedthat the FHS is "hosted and stewarded" by Freedesktop.org.
For those who are unaware, the Filesystem Hierarchy Standard (FHS) is the definition for POSIX operating systems to organize system and user data. It is broadly adopted by Linux, BSD, and other operating systems that follow POSIX-like conventions.
See thispage for the specification's new home.
- [$] Toward fast, containerized, user-space filesystems
Filesystems are complex and performance-sensitive beasts. They can alsopresent security concerns. Microkernel-based systems have long pushedfilesystems into separate processes in order to contain any vulnerabilitiesthat may be found there. Linux can do the same with the Filesystem inUserspace (FUSE) subsystem, but using FUSE brings a significantperformance penalty. Darrick Wong is working on ways to eliminate thatpenalty, and he has a massive patchset showing how ext4 filesystems can be safely implemented in user space byunprivileged processes with good performance. This work has the potentialto radically change how filesystems are managed on Linux systems.
- Security updates for Thursday
Security updates have been issued by Debian (unbound), Fedora (deepin-qt5integration, deepin-qt5platform-plugins, dtkcore, dtkgui, dtklog, dtkwidget, fcitx-qt5, fcitx5-qt, fontforge, gammaray, golang-github-openprinting-ipp-usb, kddockwidgets, keepassxc, kf5-akonadi-server, kf5-frameworkintegration, kf5-kwayland, plasma-integration, python-qt5, qadwaitadecorations, qt5, qt5-qt3d, qt5-qtbase, qt5-qtcharts, qt5-qtconnectivity, qt5-qtdatavis3d, qt5-qtdeclarative, qt5-qtdoc, qt5-qtgamepad, qt5-qtgraphicaleffects, qt5-qtimageformats, qt5-qtlocation, qt5-qtmultimedia, qt5-qtnetworkauth, qt5-qtquickcontrols, qt5-qtquickcontrols2, qt5-qtremoteobjects, qt5-qtscript, qt5-qtscxml, qt5-qtsensors, qt5-qtserialbus, qt5-qtserialport, qt5-qtspeech, qt5-qtsvg, qt5-qttools, qt5-qttranslations, qt5-qtvirtualkeyboard, qt5-qtwayland, qt5-qtwebchannel, qt5-qtwebengine, qt5-qtwebkit, qt5-qtwebsockets, qt5-qtwebview, qt5-qtx11extras, qt5-qtxmlpatterns, qt5ct, and xorg-x11-server), Mageia (binutils, gstreamer1.0-plugins-bad, libsoup, libsoup3, mediawiki, net-tools, and tigervnc, x11-server, and x11-server-xwayland), Red Hat (tigervnc), SUSE (aws-efs-utils, fetchmail, flake-pilot, ImageMagick, java-1_8_0-ibm, java-1_8_0-openjdk, kernel-devel, kubecolor, OpenSMTPD, sccache, tiff, and zellij), and Ubuntu (linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oem-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime, linux, linux-aws, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-lowlatency, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-oracle-6.8, linux-realtime-6.14, poppler, python-django, and various linux-* packages).
- [$] LWN.net Weekly Edition for November 6, 2025
Inside this week's LWN.net Weekly Edition:
Front: Python thread safety; Namespace reference counting; Merigraf; Speeding up short reads; Julia 1.12; systemd security. Briefs: CHERIoT 1.0; Chromium XSLT; Arm KASLR; Bazzite; Devuan 6.0; Incus 6.18; LXQt 2.3.0; Rust 1.91.0; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- Removing XSLT from Chromium
Mason Freed and Dominik Röttsches have published a documentwith a timeline and plans for removing Extensible Stylesheet LanguageTransformations (XSLT) from the Chromium project and Chromebrowser:
Chromium has officially deprecated XSLT, including the XSLTProcessorJavaScript API and the XML stylesheet processing instruction. Weintend to remove support from version 155 (November 17, 2026). TheFirefox and WebKit projects have also indicated plans to remove XSLTfrom their browser engines. This document provides some history andcontext, explains how we are removing XSLT to make Chrome safer, andprovides a path for migrating before these features are removed fromthe browser.
LWN covered the WebHypertext Application Technology Working Group (WHATWG) discussionabout XSLT in August.
- LXQt 2.3.0 released
Version2.3.0 of the Lightweight Qt Desktop Environment (LXQt) has beenreleased. The highlight of this release is continued improvement inWayland support across LXQt components. Rather than offering its owncompositor, the LXQt project takes a modular approach and works withseveral Wayland compositors, such as KWin, labwc, and niri.
- [$] A security model for systemd
Linux has many security features and tools that have evolved overthe years to address threats as they emerge and security gaps as theyare discovered. Linux security is all, as Lennart Poettering observed at the All Systems Go! conference heldin Berlin, somewhat random and not a "clean"design. To many observers, that may also appear to be the case forsystemd; however, Poettering said that he does have a vision for howall of the security-related pieces of systemd are meant to fittogether. He wanted to use his talk to explain "how the individualsecurity-related parts of systemd actually fit together and why theyexist in the first place".
- OCI Runtime Specification 1.3 adds FreeBSD
Version1.3 of the Open Container Initiative (OCI) RuntimeSpecification has been released. The specification covers theconfiguration, execution environment, and lifecycle of containers. Themost notable change in 1.3 is the addition of FreeBSD to thespecification, which the FreeBSD Foundation calls"a watershed moment for FreeBSD":
The addition of cloud-native container support complements FreeBSD'salready robust virtualization capabilities, particularly the powerfulFreeBSD jails technology that has been a cornerstone of the operatingsystem for over two decades. In fact, OCI containers on FreeBSD areimplemented using jails as the underlying isolation mechanism,bringing together the security and resource management benefits ofjails with the portability and ecosystem advantages of OCI-compliantcontainers.
- Security updates for Wednesday
Security updates have been issued by Debian (bind9 and gimp), Fedora (chromium, fastapi-cli, fastapi-cloud-cli, gherkin, libnbd, maturin, openapi-python-client, python-annotated-doc, python-cron-converter, python-fastapi, python-inline-snapshot, python-jiter, python-openapi-core, python-platformio, python-pydantic, python-pydantic-core, python-pydantic-extra-types, python-rignore, python-starlette, python-typer, python-typing-inspection, python-uv-build, ruff, rust-astral-tokio-tar, rust-attribute-derive, rust-attribute-derive-macro, rust-collection_literals, rust-get-size-derive2, rust-get-size2, rust-interpolator, rust-jiter, rust-manyhow, rust-manyhow-macros, rust-proc-macro-utils, rust-quote-use, rust-quote-use-macros, rust-regex, rust-regex-automata, rust-reqsign, rust-reqsign-aws-v4, rust-reqsign-command-execute-tokio, rust-reqsign-core, rust-reqsign-file-read-tokio, rust-reqsign-http-send-reqwest, rust-serde_json, rust-speedate, rust-tikv-jemalloc-sys, rust-tikv-jemallocator, and uv), Mageia (golang and libavif), Red Hat (bind9.16, pcs, and qt6-qtsvg), SUSE (colord, ffmpeg, govulncheck-vulndb, jasper, openjpeg, poppler, qatengine, qatlib, runc, sccache, and tiff), and Ubuntu (keystone, libssh, linux-hwe-6.14, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-raspi, runc-app, runc-stable, squid, squid3, and unbound).
- Incus 6.18 released
Version6.18 of the Incus container and virtual-machine management systemhas been released. Notable changes in this release include newconfiguration keys for providing credentials to systemd, BPF tokendelegation, VirtIO support for sound cards, the ability to export ISOvolumes, improvements to the IncusOS command-line utility, and more.
- [$] Julia 1.12 brings progress on standalone binaries and more
Julia is a modern programminglanguage that is of particular interest to scientists due to its highperformance combined with language features such as Lisp-style macros, anadvanced type system, and multiple dispatch. We last looked at Julia in January on the occasion ofits 1.11 release. Early in October Julia 1.12appeared, bringing a handful of quality-of-life improvements for Juliaprogrammers, most notably support, though still experimental and limited,for the creation of binaries.
- Security updates for Tuesday
Security updates have been issued by Debian (dcmtk, geographiclib, gimp, pure-ftpd, and ruby-rack), Fedora (dotnet9.0), Oracle (expat, kernel, tigervnc, xorg-x11-server, and xorg-x11-server-Xwayland), Red Hat (git, mariadb:10.5, multiple packages, osbuild-composer, pcs, sssd, and tigervnc), SUSE (kernel and redis), and Ubuntu (google-guest-agent).
- CHERIoT 1.0 released
Version1.0 of the Capability Hardware Extension to RISC-V for IoT(CHERIoT) specification has been released. CHERIoT is ahardware-software system for secure embedded devices, and thespecification provides a full description of the ISA and its intendeduse by CHERIoTRTOS. David Chisnall has written a blogpost about the release that explains its significance as well as plansfor CHERIoT 2.0 and beyond:
The last change that we made to the ISA was in December 2024, so weare confident that this is a stable release that we can support inhardware for a long time. This specification was implemented by the1.0 release of CHERIoT Ibex and by CHERIoT Kudu (which has not yet hadan official release). These two implementations demonstrate that theISA scales from three-stage single-issue pipelines to six-stagedual-issue pipelines, roughly the same range of microarchitecturessupported by Arm's M profile.
We at SCI have the first of our ICENI chips, which use the CHERIoTIbex core, on the way back from the fab now and will be scaling up tomass production in the new year. I am not allowed to speak for otherfolks building CHERIoT silicon, but I expect 2026 to be an excitingyear for the CHERIoT project!
- Defeating KASLR by Doing Nothing at All (Project Zero)
The Project Zero blog explainsthat, on 64-bit Arm systems, the kernel's direct map is always placed atthe same virtual location, regardless of whether kernel address-spacelayout randomization (KASLR) is enabled.
While it remains true that KASLR should not be trusted to prevent exploitation, particularly in local contexts, it is regrettable that the attitude around Linux KASLR is so fatalistic that putting in the engineering effort to preserve its remaining integrity is not considered to be worthwhile. The joint effect of these two issues dramatically simplified what might otherwise have been a more complicated and likely less reliable exploit.
- Grinn GenioBoard Offers MediaTek Genio 700 SoM, Dual M.2 Expansion, and CRA-Ready Security
Grinn has unveiled the GenioBoard, a compact single-board computer aimed at accelerating development of embedded and AI-enabled systems. It integrates the company’s GenioSOM-510 and GenioSOM-700 modules built on MediaTek’s Genio processor family, combining multiple Arm Cortex-A cores with an integrated GPU and NPU for edge inference applications. Powered by the MediaTek Genio 700, which integrates […]
- NVIDIA Preparing For Hopper & Blackwell GPU Support With Open-Source Nova Driver
NVIDIA engineers continue working a lot on the open-source and upstream Nova driver for the Linux kernel. This modern, Rust-written open-source NVIDIA driver is still taking shape as an alternative to NVIDIA's official downstream open-source driver and the aging and reverse-engineered Nouveau driver. Out on the horizon for Nova is Hopper and Blackwell GPU support...
- Intel Xeon 6 Performance Feature Benchmarks: Latency Optimized Mode
A new feature of Intel Xeon 6 "Birch Stream" platforms is the "Latency Optimized Mode" performance setting. The Intel Latency Optimized Mode will keep the uncore clock frequencies higher for more consistent performance but at the cost of increased power use. For those wondering about the performance and power impact, here are some comparison benchmarks of engaging this Latency Optimized Mode with Intel Xeon 6980P "Granite Rapids" server processors.
- Linux 6.19 To Support Additional Arm Mali & Vivante Graphics Hardware
Sent out today to DRM-Next was the latest weekly batch of drm-misc-next patches for enhancing the various smaller Direct Rendering Manager drivers within the kernel. Included with this week's update is supporting some additional Mali and Vivante hardware as well as continuing to enhance the in-kernel accelerator "accel" drivers...
- How to Use Blur in Kdenlive: Full, Partial, and Tracking Effects
Learn how to apply blur effects in Kdenlive, including fullscreen blur, partial blur using alpha mask, manual keyframed blur, and motion tracking blur. This video shows how each method works and compares their results. While motion tracking offers speed and automation, manual tracking provides better precision when the object moves unpredictably making it ideal for creators who need to hide faces, license plates, or sensitive details directly in Kdenlive.
- Google imagines out of this world AI - running on orbital datacenters
Chocolate Factory's latest moonshot aims to put AI supercomputing cluster in sun-sychronous orbitGoogle on Tuesday announced a new moonshot – launching constellations of solar-powered satellites packed to the gills with its home-grown tensor processing units (TPUs) to form orbital AI datacenters.…
- The Most Critical Linux Kernel Breaches of 2025 So Far
The Linux kernel, foundational for servers, desktops, embedded systems, and cloud infrastructure, has been under heightened scrutiny. Several vulnerabilities have been exploited in real-world attacks, targeting critical subsystems and isolation layers. In this article, we’ll walk through major examples, explain their significance, and offer actionable guidance for defenders.
- Benchmarking The AMD EPYC 9V64H: Azure HBv5's Custom AMD CPU With HBM3
Nearly one year ago Microsoft announced the HBv5 virtual machines powered by a custom-designed AMD 4th Gen EPYC processor with high bandwidth memory (HBM3). Finally today the Azure HBv5 series is reaching general availability for those with memory-intensive HPC applications and other workloads. Microsoft kindly provided Phoronix with HBv5 access in advance to begin testing these new VMs with the AMD EPYC 9V64H CPUs featuring HBM memory, so here are some of the first independent benchmarks of these exciting processors powering Azure's new HPC VM instances.
- Trump AI Czar Says 'No Federal Bailout For AI' After OpenAI CFO's Comments
Venture capitalist David Sacks, who is serving as President Donald Trump's AI and crypto czar, said Thursday that there will be "no federal bailout for AI." From a report: "The U.S. has at least 5 major frontier model companies. If one fails, others will take its place," Sacks wrote in a post on X. Sacks' comments came after OpenAI CFO Sarah Friar said Wednesday that the startup wants to establish an ecosystem of private equity, banks and a federal "backstop" or "guarantee" that could help the company finance its infrastructure investments. She softened her stance later in a LinkedIn post and said OpenAI is not seeking a government backstop for its infrastructure commitments. She said her use of the word "backstop" clouded her point. [...] Sacks said the Trump administration does want to make permitting and power generation easier, and that the goal is to facilitate rapid infrastructure buildouts without raising residential electricity rates. "To give benefit of the doubt, I don't think anyone was actually asking for a bailout. (That would be ridiculous.)," he wrote.
Read more of this story at Slashdot.
- A New White-Collar Gig Economy: Training AI To Take Over
AI labs are paying skilled professionals hundreds of dollars per hour to train their models in specialized fields. Companies like Mercor, Surge AI, Scale AI and Turing recruit bankers, lawyers, engineers and doctors to improve the accuracy of AI systems in professional settings. Mercor advertises roles for medical secretaries, movie directors and private detectives at rates ranging from $20 to $185 per hour for contract work and up to $200,000 for full-time positions. Surge AI offers as much as $1,000 per hour for expertise from startup CEOs and venture capital partners. Mercor pays out over $1.5 million daily to professionals it hires for clients including OpenAI and Anthropic. Some contractors are former employees of Goldman Sachs and McKinsey. Others moonlight in this work while keeping their regular jobs. Brendan Foody, Mercor's 22-year-old CEO, acknowledged at a conference last week that trade secrets could potentially be compromised given the volume of work submitted. Uber CEO Dara Khosrowshahi said on this week's earnings call that some AI training gigs on its platform require PhDs.
Read more of this story at Slashdot.
- Why Manufacturing's Last Boom Will Be Hard To Repeat
American manufacturing's postwar boom from the 1940s through the 1970s resulted from conditions that cannot be recreated, a story on WSJ argues. Global competitors had been destroyed by war. Energy was cheap. Unions could demand concessions without fearing job losses to foreign rivals. Strikes were frequent in steel, auto, trucking, rubber and coal mining. That relentless pressure from an organized working class raised real wages and created fringe benefits including health insurance and retirement pay. Government support for unions kept executive salaries at just a few times median income. Stock buybacks were illegal or frowned upon. President Eisenhower declared at the 1956 dedication of the AFL-CIO national headquarters that "Labor is the United States." The system began unraveling by the mid-1960s. The Vietnam War drained federal coffers. Inflation accelerated as government deficits exploded. Nixon abandoned the gold standard in 1971, unleashing currency volatility. The 1973 OPEC oil embargo quadrupled energy prices. Foreign competition returned from Japan, Korea and West Germany. American companies carried mounting legacy costs like pensions that discouraged investment in upgrades and research. Milton Friedman declared in a 1970 New York Times essay that the social responsibility of business is to increase its profits. Clinton signed NAFTA in 1993 and championed the World Trade Organization in 1995. Bethlehem Steel employed around 150,000 people in the mid-1950s. The company filed for bankruptcy in 2001. Its former hometown plant in Bethlehem, Pa., is now a casino.
Read more of this story at Slashdot.
- Automattic Inc. Claims It Owns the Word 'Automatic'
An anonymous reader shares a report: Automattic, the company that owns WordPress.com, is asking Automatic.CSS -- a company that provides a CSS framework for WordPress page builders -- to change its name amid public spats between Automattic founder Matt Mullenweg and Automatic.CSS creator Kevin Geary. Automattic has two T's as a nod to Matt. "As you know, our client owns and operates a wide range of software brands and services, including the very popular web building and hosting platform WordPress.com," Jim Davis, an intellectual property attorney representing Automattic, wrote in a letter dated Oct. 30. "Automattic is also well-known for its longtime and extensive contributions to the WordPress system. Our client owns many trademark registrations for its Automattic mark covering those types of services and software," Davis continued. "As we hope you can appreciate, our client is concerned about your use of a nearly identical name and trademark to provide closely related WordPress services. Automattic and Automatic differ by only one letter, are phonetically identical, and are marketed to many of the same people. This all enhances the potential for consumer confusion and dilution of our client's Automattic mark."
Read more of this story at Slashdot.
- OpenAI CFO Says Company Isn't Seeking Government Backstop, Clarifying Prior Comment
OpenAI CFO Sarah Friar said late Wednesday that the AI startup is not seeking a government backstop for its infrastructure commitments, clarifying previous comments she made on stage during the Wall Street Journal's Tech Live event. From a report: At the event, Friar said OpenAI is looking to create an ecosystem of banks, private equity and a federal "backstop" or "guarantee" that could help the company finance its investments in cutting-edge chips. But in a LinkedIn post late Wednesday, Friar softened her stance. "I used the word 'backstop' and it muddied the point," Friar wrote. "As the full clip of my answer shows, I was making the point that American strength in technology will come from building real industrial capacity which requires the private sector and government playing their part." OpenAI has inked more than $1.4 trillion of infrastructure deals in recent months to try and build out the data centers it says are needed to meet soaring demand. The agreements have raised questions around how the company can afford to make such massive commitments.
Read more of this story at Slashdot.
- US Software Firm SAS Exits China After 25 Years
An anonymous reader shares a report: US software company SAS Institute has withdrawn from mainland China and dismissed its local staff, according to a Beijing-based employee affected by the move, as the analytics specialist ended more than two decades of operations amid intense domestic competition and geopolitical tensions. The company on Thursday announced the lay-offs via an email and hosted a short video call, in which executives thanked local employees for their contribution and cited "organisational optimisation" for the exit, according to the employee. "SAS is ceasing direct business operations in China," an SAS spokeswoman said on Friday in response to the Post's inquiry. "This decision reflects a broader shift in how we operate globally, optimising our footprint and ensuring long-term sustainability." The company would continue having a presence on the mainland via third-party partners, according to the spokeswoman.
Read more of this story at Slashdot.
- Thousands of Flights in Danger of Cancellation as FAA Announces Major Cuts
The government shutdown-spurred airport chaos is about to get a whole lot worse. From a report: The Federal Aviation Administration said Wednesday it will reduce flight volumes by 10 percent across 40 major airports in response, a move that could threaten 3,000 to 4,500 flights daily. The cuts will affect "high volume" markets, including in Atlanta, Dallas, New York City and Los Angeles, according to CBS. The FAA has not formally announced which airports will have their capacity cut. "I'm not aware in my 35-year history in the aviation market where we've had a situation where we're taking these kinds of measures," FAA Administrator Bryan Bedford said at a news conference, according to the AP. The government shutdown, which is now the longest in US history, has already been causing thousands of delays each day, as well as long waits at airport security. Some major airports have even been forced to operate without air traffic control for hours at a time.
Read more of this story at Slashdot.
- 'Grand Theft Auto' Studio Says Fired Employees Were Leaking Information
Rockstar Games, the company behind the hit Grand Theft Auto franchise, said that the dozens of employees it fired last week were leaking company secrets, disputing allegations by labor leaders that it was disrupting workers' attempt to unionize. From a report: The employees had been sharing company information in a forum that included non-employees, a Rockstar spokesperson said in a statement to Bloomberg on Wednesday. "Last week, we took action against a small number of individuals who were found to be distributing and discussing confidential information in a public forum, a violation of our company policies," the spokesperson said. "This was in no way related to people's right to join a union or engage in union activities."The company, part of Take-Two Interactive Software, fired between 30 and 40 employees across offices in the UK and Canada for what it said was "gross misconduct." The Independent Workers' Union of Great Britain, the first to organize video-game workers in the UK, told Bloomberg that the employees had all been involved with union efforts at Rockstar, calling the firings "one of the most blatant and ruthless acts of union busting in the history of the games industry."
Read more of this story at Slashdot.
- Nvidia's Jensen Huang Says China 'Will Win' AI Race With US
Nvidia chief executive Jensen Huang has warned that China will beat the US in the AI race, thanks to lower energy costs and looser regulations. From a report: In the starkest comments yet from the head of the world's most valuable company, Huang told the FT: "China is going to win the AI race." Huang's remarks come after the Trump administration maintained a ban on California-based Nvidia selling its most advanced chips to Beijing following a meeting between US President Donald Trump and Chinese leader Xi Jinping last week. The Nvidia chief said that the west, including the US and UK, was being held back by "cynicism." "We need more optimism," Huang said on Wednesday on the sidelines of the Financial Times' Future of AI Summit. Huang singled out new rules on AI by US states that could result in "50 new regulations." He contrasted that approach with Chinese energy subsidies that made it more affordable for local tech companies to run Chinese alternatives to Nvidia's AI chips. "Power is free," he said.
Read more of this story at Slashdot.
- Manufacturer Bricks Smart Vacuum After Engineer Blocks It From Collecting Data
A curious engineer discovered that his iLife A11 smart vacuum was remotely "killed" after he blocked it from sending data to the manufacturer's servers. By reverse-engineering it with custom hardware and Python scripts, he managed to revive the device to run fully offline. Tom's Hardware reports: An engineer got curious about how his iLife A11 smart vacuum worked and monitored the network traffic coming from the device. That's when he noticed it was constantly sending logs and telemetry data to the manufacturer -- something he hadn't consented to. The user, Harishankar, decided to block the telemetry servers' IP addresses on his network, while keeping the firmware and OTA servers open. While his smart gadget worked for a while, it just refused to turn on soon after. After a lengthy investigation, he discovered that a remote kill command had been issued to his device. He sent it to the service center multiple times, wherein the technicians would turn it on and see nothing wrong with the vacuum. When they returned it to him, it would work for a few days and then fail to boot again. After several rounds of back-and-forth, the service center probably got tired and just stopped accepting it, saying it was out of warranty. Because of this, he decided to disassemble the thing to determine what killed it and to see if he could get it working again. [...] So, why did the A11 work at the service center but refuse to run in his home? The technicians would reset the firmware on the smart vacuum, thus removing the kill code, and then connect it to an open network, making it run normally. But once it connected again to the network that had its telemetry servers blocked, it was bricked remotely because it couldn't communicate with the manufacturer's servers. Since he blocked the appliance's data collection capabilities, its maker decided to just kill it altogether. "Someone -- or something -- had remotely issued a kill command," says Harishankar. "Whether it was intentional punishment or automated enforcement of 'compliance,' the result was the same: a consumer device had turned on its owner." In the end, the owner was able to run his vacuum fully locally without manufacturer control after all the tweaks he made. This helped him retake control of his data and make use of his $300 software-bricked smart device on his own terms. As for the rest of us who don't have the technical knowledge and time to follow his accomplishments, his advice is to "Never use your primary WiFi network for IoT devices" and to "Treat them as strangers in your home."
Read more of this story at Slashdot.
- China Delays Shenzhou-20 Crew Return After Suspected Space Debris Impact
China has delayed the return of its Shenzhou-20 crewed spacecraft after it was suspected to have been struck by space debris while docked at the Tiangong space station. "The Shenzhou-20 crewed spacecraft is suspected of being struck by a small piece of space debris, and impact analysis and risk assessment are underway," the China Manned Space Engineering Office (CMSEO) statement Nov. 5 read. "To ensure the safety and health of the astronauts and the complete success of the mission, it has been decided that the Shenzhou-20 return mission, originally scheduled for Nov. 5, will be postponed." SpaceNews reports: CMSEO did not specify the location of the suspected strike, the extent of any damage, or the data that indicated an impact. No potential dates were noted for a return to Earth. The Shenzhou-20 spacecraft launched April 24, carrying three astronauts -- commander Chen Dong and crewmates Chen Zhongrui and Wang Jie -- to the Tiangong space station. The spacecraft docked at the radial port of Tiangong's Tianhe core module. The crew have completed their six-month-long mission in orbit, and had handed over control of the space station to the newly-arrived Shenzhou-21 crew Nov. 4. Checks on the Shenzhou-20 spacecraft could include telemetry and leak tests, verifying guidance and propulsion systems, and screening for impacts in accelerometer and acoustic sensor data. A key concern would be potential damage to the spacecraft's thermal protection system or parachute deployment structures, both critical for safe atmospheric reentry and landing. Tiangong features a 10-meter-long robotic arm, capable of crawling, and a smaller, more precise arm. These could be employed to position cameras and provide closeup imagery of a potential impact. Crews may be able to conduct an extravehicular activity (EVA) to assess the situation. Tiangong crews have recently added debris shields during a number of EVAs; the same procedures, tools, and arm support can be adapted for a Shenzhou inspection.
Read more of this story at Slashdot.
- Universe Expansion May Be Slowing, Not Accelerating, Study Suggests
A new study challenges the Nobel-winning theory that the universe's expansion is accelerating, suggesting instead that it may be slowing down as dark energy weakens -- potentially leading to a future "big crunch" where the cosmos collapses back in on itself. "Our study shows that the universe has already entered a phase of decelerated expansion at the present epoch and that dark energy evolves with time much more rapidly than previously thought," said Prof Young-Wook Lee, of Yonsei University in South Korea, who led the work. "If these results are confirmed, it would mark a major paradigm shift in cosmology since the discovery of dark energy 27 years ago." The Guardian reports: The latest work focuses on the reliability of observations of distant supernovae (exploding stars) that led to the discovery of dark energy, work that was awarded the 2011 Nobel prize in physics. [...] By estimating the ages of 300 host galaxies using a different method, the team concluded that there are simply variations in the properties of stars in the early universe that mean they produce, on average, fainter supernovae. Correcting for this systematic bias still results in an expanding universe, but suggests that the expansion has slowed down and that dark energy is waning, the analysis concluded. If dark energy keeps decreasing to the point where it becomes negative, the universe is theoretically predicted to end in a big crunch. The findings are published in Monthly Notices of the Royal Astronomical Society.
Read more of this story at Slashdot.
- A New Ion-Based Quantum Computer Makes Error Correction Simpler
An anonymous reader quotes a report from MIT Technology Review: The US- and UK-based company Quantinuum today unveiled Helios, its third-generation quantum computer, which includes expanded computing power and error correction capability. Like all other existing quantum computers, Helios is not powerful enough to execute the industry's dream money-making algorithms, such as those that would be useful for materials discovery or financial modeling. But Quantinuum's machines, which use individual ions as qubits, could be easier to scale up than quantum computers that use superconducting circuits as qubits, such as Google's and IBM's. "Helios is an important proof point in our road map about how we'll scale to larger physical systems," says Jennifer Strabley, vice president at Quantinuum, which formed in 2021 from the merger of Honeywell Quantum Solutions and Cambridge Quantum. Honeywell remains Quantinuum's majority owner. Located at Quantinuum's facility in Colorado, Helios comprises a myriad of components, including mirrors, lasers, and optical fiber. Its core is a thumbnail-size chip containing the barium ions that serve as the qubits, which perform the actual computing. Helios computes with 98 barium ions at a time; its predecessor, H2, used 56 ytterbium qubits. The barium ions are an upgrade, as they have proven easier to control than ytterbium. These components all sit within a chamber that is cooled to about 15 Kelvin (-432.67 ), on top of an optical table. Users can access the computer by logging in remotely over the cloud. [...] Helios is noteworthy for its qubits' precision, says Rajibul Islam, a physicist at the University of Waterloo in Canada, who is not affiliated with Quantinuum. The computer's qubit error rates are low to begin with, which means it doesn't need to devote as much of its hardware to error correction. Quantinuum had pairs of qubits interact in an operation known as entanglement and found that they behaved as expected 99.921% of the time. "To the best of my knowledge, no other platform is at this level," says Islam. [...] Besides increasing the number of qubits on its chip, another notable achievement for Quantinuum is that it demonstrated error correction "on the fly," says David Hayes, the company's director of computational theory and design, That's a new capability for its machines. Nvidia GPUs were used to identify errors in the qubits in parallel. Hayes thinks that GPUs are more effective for error correction than chips known as FPGAs, also used in the industry. Quantinuum has used its computers to investigate the basic physics of magnetism and superconductivity. Earlier this year, it reported simulating a magnet on H2, Quantinuum's predecessor, with the claim that it "rivals the best classical approaches in expanding our understanding of magnetism." Along with announcing the introduction of Helios, the company has used the machine to simulate the behavior of electrons in a high-temperature superconductor. Quantinuum is expanding its Helios line with a new system in Minnesota. It's also started developing its fourth-generation quantum computer, Sol, set for 2027 with 192 qubits. Then, a fifth-generation system, Apollo, is expected in 2029 with thousands of qubits and full fault tolerance.
Read more of this story at Slashdot.
- The Louvre's Video Surveillance Password Was 'Louvre'
A bungled October 18 heist that saw $102 million of crown jewels stolen from the Louvre in broad daylight has exposed years of lax security at the national art museum. From trivial passwords like 'LOUVRE' to decades-old, unsupported systems and easy rooftop access, the job was made surprisingly easy. PC Gamer reports: As Rogue cofounder and former Polygon arch-jester Cass Marshall notes on Bluesky, we owe a lot of videogame designers an apology. We've spent years dunking on the emptyheadedness of game characters leaving their crucial security codes and vault combinations in the open for anyone to read, all while the Louvre has been using the password "Louvre" for its video surveillance servers. That's not an exaggeration. Confidential documents reviewed by Liberation detail a long history of Louvre security vulnerabilities, dating back to a 2014 cybersecurity audit performed by the French Cybersecurity Agency (ANSSI) at the museum's request. ANSSI experts were able to infiltrate the Louvre's security network to manipulate video surveillance and modify badge access. "How did the experts manage to infiltrate the network? Primarily due to the weakness of certain passwords which the French National Cybersecurity Agency (ANSSI) politely describes as 'trivial,'" writes Liberation's Brice Le Borgne via machine translation. "Type 'LOUVRE' to access a server managing the museum's video surveillance, or 'THALES' to access one of the software programs published by... Thales." The museum sought another audit from France's National Institute for Advanced Studies in Security and Justice in 2015. Concluded two years later, the audit's 40 pages of recommendations described "serious shortcomings," "poorly managed" visitor flow, rooftops that are easily accessible during construction work, and outdated and malfunctioning security systems. Later documents indicate that, in 2025, the Louvre was still using security software purchased in 2003 that is no longer supported by its developer, running on hardware using Windows Server 2003.
Read more of this story at Slashdot.
- 72% of Game Developers Say Steam Is Effectively a PC Gaming Monopoly
A new survey of over 300 US and UK gaming executives found that 72% view Steam as a monopoly. "Furthermore, 88% said that at least three-quarters of their revenue came from Steam, while 37% reported that the platform accounted for 90% of their total revenue," adds Techspot. From the report: Atomik Research conducted the recent survey on behalf of Rokky, a company that helps game publishers minimize the impact of grey market key resellers on prices. In addition to opinions on Steam, developers also answered questions about the PC market's biggest challenges. The increasing popularity of free-to-play games such as Fortnite, DOTA 2, Counter-Strike 2, Call of Duty: Warzone, and Roblox topped the list of concerns for 40% of respondents. Approximately a third mentioned market saturation and discoverability, echoing data that suggests there aren't enough players for the thousands of new titles released on Steam each year. A similar portion of survey respondents also expressed concerns regarding subscription services.
Read more of this story at Slashdot.
- OpenAI CFO says can keep afloat without federal bailout
Money-losing biz says it does not need government help to meet massive infrastructure commitments
OpenAI CFO Sarah Friar says that her company is not seeking federal loan guarantees after suggesting the opposite in an on-stage interview at a Wall Street Journal event.…
- Agents of misfortune: The world isn't ready for autonomous software
Amazon's spat with Perplexity shows that technology is not the only blocker for the agentic era
Opinion The agentic era remains a fantasy world. Software agents, the notional next frontier for generative AI services, cannot escape the gravity of their contradictions, legal ambiguities, and competitive pressures. Not everyone, especially not competing businesses, wants a bot representing the customer.…
- Lenovo puts the 'cloud' in cloud computing, proposes mid-air datacenters
Sustainable vision? Who knows
Lenovo says that traditional datacenters are not fit for purpose, and must evolve to future-proof businesses across EMEA. This is based on research, but the PC and server biz has come up with some wacky possible designs, including one that is almost literally in the clouds.…
- Microsoft: Don't let AI agents near your credit card yet
Shopping bots pick first option and are 'vulnerable to manipulation', Magentic Marketplace trial finds
Ready to have your agent talk to my agent and arrange a sale? Microsoft has published a simulated marketplace to put AI agents through their paces and answer a question for the new age: Would you trust AI with your credit card?…
- You'll never guess what the most common passwords are. Oh, wait, yes you will
Most of you still can't do better than 123456?
123456. admin. password. For years, the IT world has been reminding users not to rely on such predictable passwords. And yet here we are with another study finding that those sorts of quickly-guessable, universally-held-to-be-bad passwords are still the most popular ones.…
- Malware-pwned laptop gifts cybercriminals Nikkei's Slack
Stolen creds let miscreants waltz into 17K employees' chats, spilling info on staff and partners
Japanese media behemoth Nikkei has admitted to a data breach after miscreants slipped into its internal Slack workspace, exposing the personal details of more than 17,000 employees and business partners.…
- UK space sector 'lacks strategic direction,' Lords warn
Parliamentary report calls for sovereign launch capability and reduced dependence on US services
The UK's House of Lords UK Engagement with Space Committee has published a scathing report, "The Space Economy: Act Now or Lose Out," declaring that the 2021 National Space Strategy has "failed to turn its ambitions into reality."…
- Sony rolls out a standard way to measure bias in how AI describes what it 'sees'
Images in the test dataset were all sourced with consent
AI models are filled to the brim with bias, whether that's showing you a certain race of person when you ask for a pic of a criminal or assuming that a woman can't possibly be involved in a particular career when you ask for a firefighter. To deal with these issues, Sony AI has released a new dataset for testing the fairness of computer vision models, one that its makers claim was compiled in a fair and ethical way.…
- Gorge on Microsoft Store apps with 16-at-once installer
For now it works only with the web version of the Microsoft Store
hands on Normally, when you install an application in Windows, it comes either from a direct download or as a single choice from the Microsoft Store. But what if you could install several different apps at the same time by creating a custom group?…
- Black Hawk chown: DARPA takes helicopter pilots out of the air for $6M
An hour’s tablet training and a soldier was sending the bird on autonomous errands
Who needs a drone when you can fly a Black Hawk from a tablet? DARPA's $6 million award to Sikorsky paid off when a National Guard soldier, trained in under an hour, used a handheld tablet to command an optionally piloted Black Hawk through multiple autonomous missions. …
- Uncle Sam lets Google take Wiz for $32B
Second time's the charm for after Wiz rejected Google's $23B offer last year
Google's second attempt to acquire cloud security firm Wiz is going a lot better than the first, with the Department of Justice clearing the $32 billion deal, which ranks as Google's largest-ever acquisition.…
- AMD taking AI fight to Nvidia with Helios rack-scale system
CEO Lisa Su says next-gen MI400 GPUs and architecture gaining traction with hyperscalers
AMD plans to launch its Helios rack-scale architecture in 2026 as a direct challenge to Nvidia in the AI infrastructure market, pending successful integration of its next-gen GPUs and processors.…
- Rust Foundation tries to stop maintainers corroding
Memory safety costs money: Maintainers Fund to directly pay developers for their work
The Rust Foundation has launched a Maintainers Fund to support developers sustaining the language, addressing a long-standing challenge in open source software.…
- Google imagines out of this world AI - running on orbital datacenters
Chocolate Factory's latest moonshot aims to put AI supercomputing cluster in sun-sychronous orbit
Google on Tuesday announced a new moonshot – launching constellations of solar-powered satellites packed to the gills with its home-grown tensor processing units (TPUs) to form orbital AI datacenters.…
- Uncle Sam wants to scan your iris and collect your DNA, citizen or not
DHS rule would expand biometric collection to immigrants and some citizens linked to them
If you're filing an immigration form - or helping someone who is - the Feds may soon want to look in your eyes, swab your cheek, and scan your face. The US Department of Homeland Security wants to greatly expand biometric data collection for immigration applications, covering immigrants and even some US citizens tied to those cases.…
- Copilot can replace Search in latest Windows 11 test builds, but it's not a good idea
When you opt in, your taskbar becomes an extension of the Copilot app, but with some search added in
hands on With Microsoft cramming Copilot into every nook and cranny of its software, it’s no surprise that everyone’s favorite AI assistant is now set to take over the search box. As of the latest Windows Insider Dev and Beta builds, the "Ask Copilot anything" box is available if you know how to switch it on.…
- UK judge delivers a 'damp squib' in Getty AI training case, no clear precedent set
Experts disagree about what the ruling means for AI training on copyrighted material
London's High Court has dismissed the major portions of Getty Images' lawsuit against generative AI firm Stability AI for training its image-generation model on copyrighted images, which some legal experts say could weaken intellectual property laws. However, others saw daylight for trademark and copyright protection in the judge's ruling.…
- Russian spies pack custom malware into hidden VMs on Windows machines
Curly COMrades strike again
Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving the spies long-term network access to snoop and deploy malware.…
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]
- Things Linux OS Can Do That Other OS Can�t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter [0]
- There is no such thing as a 3.5 inch floppy disc
Wait, what? The term`3.5 inch floppy disc`is in fact a misnomer. Whilst the specification for 5.25 inch floppy discs employs Imperial units, the later specification for the smaller floppy discs employs metric units. The standards for these discs are all of which specify the measurements in metric, and only metric. These standards explicitly give the dimensions as 90.0mm by 94.0mm. It�s in clause 6 of all three. ↫ Jonathan de Boyne Pollard Even the applicable standard in the US, ANSI X3.171-1989, specifies the size in metric. We could�ve been referring to these things using proper measurements instead of archaic ones based on the size of a monk�s left testicle at dawn at room temperature in 1375 or whatever nonsense imperial or customary used to be based on. I feel dirty for thinking I had to use inches! for this. If we ever need to talk about these discs on OSNews from here on out, I�ll be using proper units of measurement.
- Servo ported to Redox
Redox keeps improving every month, and this past one is certainly a banger. The big news this past month is that Servo, the browser engine written in Rust, has been ported to Redox. It�s extremely spartan at the moment, and crashes when a second website is loaded, but it�s a promising start. It also just makes sense to have the premier Rust browser engine running on the premier Rust operating system. Htop and bottom have been ported to Redox for much improved system monitoring, and they�re joined by a port of GoAccess. The version of Rust has been updated which fixed some issues, and keyboard layout configuration has been greatly improved. Instead of a few hardcoded layouts, they can now be configured dynamically for users of PS/2 keyboards, with USB keyboards receiving this functionality soon as well. There�s more, of course, as well as the usual slew of low-level changes and improvements to drivers, the kernel relibc, and more.
- MacOS 26’s new icons are a step backwards
On the new MacOS 26 (Tahoe), Apple has mandated that all application icons fit into their prescribed squircle. No longer can icons have distinct shapes, nor even any fun frame-breaking accessories. Should an icon be so foolish as to try to have a bit of personality, it will find itself stuffed into a dingy gray icon jail. ↫ Paul Kafasis The downgraded icons listed in this article are just0 Sad. While there�s no accounting for tastes, Apple�s new glassy icons are just plain bad, void of any whimsy, and lacking in artistry. Considering where Apple came from back when it made beautifully crafted icons that set the bar for the entire industry. Almost seems like a metaphor for tech in general.
- A lost IBM PC/AT model? Analyzing a newfound old BIOS
Some people not only have a very particular set of skills, but also a very particular set of interests that happen to align with those skills perfectly. When several unidentified and mysterious IBM PC ROM chips from the 1980s were discovered on eBay, two particular chips� dumped contents posed particularly troublesome to identify. In 1985, the FCh model byte could only mean the 5170 (PC/AT), and the even/odd byte interleaving does point at a 16-bit bus. But there are three known versions of the PC/AT BIOS released during the 5170 family�s lifetime, corresponding to the three AT motherboard types. This one here is clearly not one of them: its date stamps and part numbers don�t match, and the actual contents are substantially different besides. My first thought was that this may have come from one of those more shadowy members of the 5170 family: perhaps the AT/370, the 3270 AT/G(X), or the rack-mounted 7532 Industrial AT. But known examples of those carry the same firmware sets as the plain old 5170, so their BIOS extensions (if any) came in the shape of extra adapter ROMs. Whatever`this`thing was � some other 5170-type machine, a prototype, or even just a custom patch � it seemed I�d have to inquire within for any further clues. ↫ VileR at the int10h.org blog I�ll be honest and state that most of the in-depth analysis of the code dumped from the ROM chips is far too complex for me to follow, but that doesn�t make the story it tells any less interesting. There�s no definitive, 100% conclusive answer at the end, but the available evidence collected by VileR does make a very strong case for a very specific, mysterious variant of the IBM PC being the likely source of the ROMs. If you�re interested in some very deep IBM lore, here�s your serving.
- The Microsoft SoftCard for the Apple II: getting two processors to share the same memory
We talked about the Z80 SoftCard, Microsoft�s first hardware product, back in 2023, but thanks to Raymond Chen and Nicole Branagan, we�ve got some more insights. The Microsoft Z-80 SoftCard was a plug-in expansion card for the Apple II that added the ability to run CP/M software. According to Wikipedia, it was Microsoft’s first hardware product and in 1980 was the single largest revenue source for the company. ↫ Raymond Chen at The Old New Thing And Chen links to an article by Branagan from 2020, which goes into even more detail. So there I was, very happy with my Apple ][plus. But then I saw someone on the internet post, and it seems that my Apple is an overpriced box with a toy microcontroller for a CPU, while real computers use an Intel 8080, 8085 or Zilog Z80 to run something called “CP/M”… but I’ve already spent so much money on the Apple, so can I turn it into a real computer? ↫ Nicole Branagan I have a soft spot for this particular subgenre of hardware � add-in cards that allow you to run an entirely different architecture inside your computer � and soon, I�ll be diving into a particularly capable example here on OSNews.
- bluetui and restterm: two beautiful TUI applications
There�s something incredibly enticing and retrofuturistic about a well-designed TUI, or text-based user interface. There�s an endless list number of these, but two crossed my path these past few days, and I found them particularly appealing. First, we�ve got bluetui, an application for managing Bluetooth connections on Linux systems with bluez installed. The second is resterm. Resterm is a terminal-first client for working with`HTTP,GraphQL, and`gRPC`services. No cloud sync, no signups, no heavy desktop app. Simple, yet feature rich, terminal client for .http/.rest files. It pairs a Vim-like-style editor with a workspace explorer, response diff, history, profiler and scripting so you can iterate on requests without leaving the keyboard. ↫ restterm GitHub page I don�t use TUIs or the command line in general all that much, but these are two excellent examples of just how beautiful and user-friendly a good text-based user interface can really be. The command line is about a lot more than just archaic, cryptic incantations designed in the 1960s.
- Sculpt OS 25.10 released
In the light of this year�s roadmap focus on rigidity, clarity, performance!, Sculpt OS 25.10 looks the same as the version 25.04 but might feel different as it includes countless under-the-hood improvements of the two preceding framework releases 25.05 and 25.08. User interaction on performance-starved platforms like the PinePhone has become visibly smoother thanks our recent CPU scheduling advances. The streamlined block-storage stack combined with various refinements of the package-installation mechanism make the on-target installation of 3rd-party components a bliss. Regarding supported hardware, we steadily follow the tireless work of the Linux kernel community. All PC driver components using Linux kernel code are now consistently based on kernel version 6.12. ↫ Sculpt OS 25.10 release announcement There�s also an optional brand new configuration format, which optionally replaces Scultp�s use of XML for this purpose. Norman Feske, one of the co-founders of Genode Labs, published an article detailing how to test this new format, which also goes much deeper into how it works. For Sculpt OS� 25.10 release, Alexander Böttcher has also released an experimental image with five different kernel to choose from. The image is for PC, and works as a live system so there�s no need to install it to explore Sculpt OS. Speaking of Alexander Böttcher, he also published an article about improvements and changes to Sculpt OS� lockscreen component. This component has existed for a very long time, and has been improved considerably over the years, and Böttcher�s article details how to install it, configure it, and use it.
- Debian to add hard Rust dependency to APT
It seems like a number of Debian ports are going to face difficult times over the coming months. Debian developer Julian Andres Klode has sent a message to the Debian mailing lists that APT will very soon start requiring Rust. I plan to introduce hard Rust dependencies and Rust code into APT, no earlier than May 2026. This extends at first to the Rust compiler and standard library, and the Sequoia ecosystem. In particular, our code to parse .deb, .ar, .tar, and the HTTP signature verification code would strongly benefit from memory safe languages and a stronger approach to unit testing. ↫ Julian Andres Klode The problem for a lot of architectures that Debian supports, in one way or another, is that Rust and its toolchain simply aren�t available for them. As such, Julian Andres Klode states, rather directly, that these architectures have about six months to get themselves a full Rust toolchain, or sunset their Debian ports. The Debian PA-RISC (hppa) and Alpha ports, for instance, do not have a Rust toolchain port, and most likely won�t be getting one either, especially not within six months. The reasoning for moving towards a hard Rust dependency for APT is the same as it is in every other similar case: Debian�s and APT�s developers want to be able to make use of modern tools and technologies, even if that means dead architectures get left behind. As much as I am a massive fan of retro-architectures like PA-RISC, I really don�t want otherwise modern Linux distributions to eschew modern tools and technologies just because they�re not available for an architecture that died in 2005. I own and use the last and most powerful PA-RISC workstation running HP-UX as a retro platform, so I definitely care � but I really don�t expect Debian or Fedora or whatever to waste any resources on supporting them if that means holding the distributions back for everyone else using it on actually modern platforms. If there�s a large enough community of people around such architectures, they�ll keep the Linux train running. If not, well, that�s life.
- Microsoft breaks Task Manager in Windows 11, hard
Let�s take a look at how things are going at Microsoft, whose CEO claimed a few months ago that 30% of their code was generated by AI!. After installing Windows Updates released on or after October 28, 2025 (KB5067036), you might encounter an issue where closing Task Manager using the Close (X) button does not fully terminate the process. When you reopen Task Manager, the previous instance continues running in the background even though no window is visible. This results in multiple lingering instances of taskmgr.exe, consuming system resources and potentially degrading device performance. Additional instances appear as “Task Manager” in the Processes tab and as “Taskmgr.exe” in the Details tab. Although the impact is less if Task Manager is opened and closed a few times, many instances accumulated over time can cause noticeable slowdowns in other applications. ↫ The Windows Health Dashboard Well okay then.
- Configuring cwm on OpenBSD
For those unfamiliar, cwm is the Calm Window Manager. It’s part of the OpenBSD base distribution as one of the native window managers, along with an old version of fvwm and the venerable twm. It’s pretty simple but surprisingly powerful, a floating window manager with some basic manual tiling. It’s keyboard-centric, has an application launcher and highly configurable menus. It uses groups rather than workspaces which provides a lot of flexibility. My configuration isn’t particularly groundbreaking, but it’s comfy and suits me well. I can happily live in it indefinitely, though I do split my time between cwm and Xfce with occasional forays into other window managers or Wayland compositors. This has nothing to do with cwm limitations and everything to do with me being curious and craving novelty. It’s cwm that I return to, because it’s entirely unsurprising and very capable, and also because it’s part of OpenBSD’s base so I know I’m dealing with software that’s been refined and audited and refined again. ↫ Antony Fox-Bramwell If you opt for a default installation of something like OpenBSD, without any additional desktop environments like Xfce, when you start X, you�ll be served with the default OpenBSD window manager: cwm, or the calm window manager. At first glance, it looks incredibly basic and, to most people, archaic and unusable, but what it lacks in sparkles and boondoggles it more than makes up for in flexibility and configurability. The problem, however, is that it�s not exactly intuitive to mold cwm into something that works for you. Articles like this one, by Antony Fox-Bramwell, function as great springboards into the world of configuring cwm. If you do an internet search for similar articles, you�ll find tons of other examples that can help you become more capable at configuring cwm. Most of us are probably just fine accepting something like KDE or Xfce, but if those just don�t scratch your itch, diving into cwm could be just what you�re looking for.
- V7 pwd, converted to modern POSIX systems
This is a conversion of the original V7 pwd program for use on POSIX systems (tested primarily on Linux). This is mostly of historical interest � modern systems have a library routine or system call for getting the current directory, and don�t need this. I�ve attempted to make the minimum set of logic/functionality changes needed to make the program work, preserving the core of the original logic. I�ve made slightly more aesthetic changes, to make reading easier for a post-standardization C speaker. ↫ Cliff L. Biffle Over on Fedi, Cliff L. Biffle provides more details as to why he undertook this project.
- AMD to enter ARM market with new Sound Wave! APU
AMD is expanding its processor portfolio beyond the x86 architecture with its first ARM-based APU, internally known as “Sound Wave.” The chip’s existence was uncovered through customs import records, confirming several details about its design and purpose. Built with a BGA-1074 package measuring 32 mm × 27 mm, the processor fits within standard mobile SoC dimensions, making it suitable for thin and light computing platforms. It employs a 0.8 mm pitch and FF5 interface, replacing the FF3 socket previously used in Valve’s Steam handheld devices, further hinting at a new generation of compact AMD-powered hardware. ↫ Hilbert Hagedoorn at The Guru of 3D It only makes sense for AMD to enter the market for ARM SoCs, as it�s a whole section of the processor market they�re not tapping into. Even if they don�t manage to compete with the best ARM processors out there, they can still serve the mid and lower end just fine.
- Removing obfuscation in Minecraft: Java Edition
Gaming isn�t something we talk about very often here on OSNews, but I think this piece of news is actually a rare piece of good, welcome news from this industry. Mojang, the Microsoft-owned company behind Minecraft, has announced it�s going to stop obfuscating the code behind the Java edition of Minecraft. A refresher: the Java edition of Minecraft is the original version of the game, which exists alongside the Bedrock Edition, which is written in C++. Both variants are kept more or less in sync with each other. The Java edition has historically been far more moddable, and comes with far fewer restrictions than the Bedrock Edition, which Microsoft maintains far tighter control over. Still, the modding scene around the Java Edition sprung up in spite of Mojang and Microsoft, not because of them, but over the years the modding scene has been embraced more and more by these two companies. The final step in this embrace comes today as Mojang will no longer obfuscate the code behind th Java Edition. Minecraft: Java Edition has been obfuscated since its release. This obfuscation meant that people couldn’t see our source code. Instead, everything was scrambled – and those who wanted to mod Java Edition had to try and piece together what every class and function in the code did.` But we encourage people to get creative both in Minecraft and with Minecraft – so in 2019 we tried to make this tedious process a little easier by releasing “obfuscation mappings”. These mappings were essentially a long list that allowed people to match the obfuscated terms to un-obfuscated terms. This alleviated the issue a little, as modders didn’t need to puzzle out what everything did, or what it should be called anymore. But why stop there? ↫ Minecraft website This is excellent news for the game, the wider modding community, and players. Minecraft is still a massively popular game, and making modding easier is very welcome, as for a lot of people, mods are what make Minecraft actually interesting. It�s also rare to see a massive force in gaming making a positive step like this, so they deserve the few kudos.
- How did the Windows 95 user interface code get brought to the Windows NT code base?
After the release of Windows 95, with its brand new and incredibly influential graphical user interface, it was only a matter of time before this new taskbar, Start menu, and everything else would make its way to Microsoft�s other operating system line, Windows NT. The development of Windows 95 more or less lined up with that of Windows NT 3.5, but it wouldn�t be until Windows NT 4.0, released a little less than a year after Windows 95, that NT, too, would have the brand new user interface. Raymond Chen has published a blog post detailing the cooperation and interplay between the Windows 95 and Windows NT teams, and, as always with Chen, it�s a joy to read. Members of the Windows 95 user interface team`met regularly with members of the Windows NT user interface team`to keep them aware of what was going on and even get their input on some ideas that the Windows 95 team were considering. The Windows NT user interface team were focused on shipping Windows NT, but they appreciated being kept in the loop. During the late phases of the development of Windows 95, the Windows NT side of the house took a more active role in bringing the Windows 95 user interface to Windows NT. ↫ Raymond Chen at The Old New Thing Chen details there was a lot of code-sharing, to the point where the Windows 95 version of the GUI contained NT-specific code, and vice versa. This code-sharing was quite a lot less elegant than today with tools like git, since Microsoft�s own internal source code system called SLM (pronounced �slime�) did not support branches, so they had to regularly perform three-way merges manually. It was a different time, for sure. Anyway, it�s amazing how much of this ancient Microsoft lore could�ve been lost to time, or shrouded in mystery, if it wasn�t for someone like Raymond Chen regularly sharing the stories from Microsoft�s past.
- OpenIndiana 2025.10 released
OpenIndiana, the Illumos distribution for general use, has released its latest snapshot release, and there�s some really interesting things in there. To refresh your memory: Illumos is a fork of the final OpenSolaris release, based on Solaris 11, before Oracle closed Solaris back up. It�s been in development ever since that fateful day back in 2010, and several Illumos distributions with unique identities have sprung up around the project. OpenIndiana is one of them, and functions like a rolling release with a snapshot release every six months. OpenIndiana 2025.10 was released today, and this snapshot�s changelog covers changes over the past six months. It comes with all the latest open source packages you would expect, like the latest or at least very recent versions of Firefox, Thunderbird, LibreOffice, and much more, but the GNOME version (44.4 from 2023) is definitely a bit outdated. There�s a ton new utilities written in Rust, and the usual bug and security fixes as well, like for crucial utilities such as OpenSSL and OpenSSH, and things like Python versions 3.14 3.13, 3.12, and 3.9. A particularly interesting bullet point is maintenance work and improvements for Sun Ray support, and the changelog notes that these little thin clients are still popular among their users. I�m very deep into the world of Sun Rays at the moment, so reading that you can still use them through OpenIndiana is amazingly cool. There�s a Sun Ray metapackage that installs the necessary base components, allowing you to install Sun�s/Oracle�s original Sun Ray Server software on OpenIndiana. Even though MATE is the default desktop for OpenIndiana, the Sun Ray Server software does depend on a few GNOME components, so those will be pulled in. I�ve definitely put this on my list, once I�m done with my current Sun Ray deep dive on Solaris 10. If you�re interested in SPARC support, there�s quite a few machines that do work with the SPARC version of OpenIndiana, and recently, there�s been a lot of progress on this front. Running the SPARC version on various servers can work, but desktop use, say, on a Sun Ultra 45, is a bit more problematic due to boot issues and a lack of graphics drivers. The work is ongoing, though, and there�s been a ton of renewed interest.
- Windows to automatically suggest a memory scan after a blue screen
Microsoft is introducing a new feature in Windows to better deal with blue screens of death. In the release notes for Windows 11 Insider Preview Build 26220.6982 (Dev Channel), the company detailed that after a user experiences a blue screen, Windows will automatically perform a memory scan. We’re introducing a new feature that helps improve system reliability. If your PC experiences a bugcheck (unexpected restart), you may see a notification when signing in suggesting a quick memory scan. If you choose to run it, the system will schedule a Windows Memory Diagnostic scan to run during your next reboot (taking 5 minutes or less on average) and then continue to Windows. If a memory issue is found and mitigated, you will see a notification post-reboot. ↫ Amanda Langowski at the Windows Blogs In its current iteration, this memory scan will trigger after every single error code to collect as much data as possible, but Microsoft states it will refine and narrow the number of error codes in the future. In addition, this feature will not be available on Arm64 and systems with Administrator Protection and/or BitLocker without Secure Boot. Let�s hope this feature won�t be a nuisance, but an actually useful feature that helps people uncover memory problems that otherwise remain undiagnosed.
- The Most Critical Linux Kernel Breaches of 2025 So Far
by George Whittaker
The Linux kernel, foundational for servers, desktops, embedded systems, and cloud infrastructure, has been under heightened scrutiny. Several vulnerabilities have been exploited in real-world attacks, targeting critical subsystems and isolation layers. In this article, we’ll walk through major examples, explain their significance, and offer actionable guidance for defenders.
CVE-2025-21756 – Use-After-Free in the vsock Subsystem
One of the most alarming flaws this year involves a use-after-free vulnerability in the Linux kernel’s vsock implementation (Virtual Socket), which enables communication between virtual machines and their hosts.
How the exploit works:A malicious actor inside a VM (or other privileged context) manipulates reference counters when a vsock transport is reassigned. The code ends up freeing a socket object while it’s still in use, enabling memory corruption and potentially root-level access.
Why it matters:Since vsock is used for VM-to-host and inter-VM communication, this flaw breaks a key isolation barrier. In multi-tenant cloud environments or container hosts that expose vsock endpoints, the impact can be severe.
Mitigation:Kernel maintainers have released patches. If your systems run hosts, hypervisors, or other environments where vsock is present, make sure the kernel is updated and virtualization subsystems are patched.
CVE-2025-38236 – Out-of-Bounds / Sandbox Escape via UNIX Domain Sockets
Another high-impact vulnerability involves the UNIX domain socket interface and the MSG_OOB flag. The bug was publicly detailed in August 2025 and is already in active discussion.
Attack scenario:A process running inside a sandbox (for example a browser renderer) can exploit MSG_OOB operations on a UNIX domain socket to trigger a use-after-free or out-of-bounds read/write. That allows leaking kernel pointers or memory and then chaining to full kernel privilege escalation.
Why it matters:This vulnerability is especially dangerous because it bridges from a low-privilege sandboxed process to kernel-level compromise. Many systems assume sandboxed code is safe; this attack undermines that assumption.
Mitigation:Distributions and vendors (like browser teams) have disabled or restricted MSG_OOB usage for sandboxed contexts. Kernel patches are available. Systems that run browser sandboxes or other sandboxed processes need to apply these updates immediately.
CVE-2025-38352 – TOCTOU Race Condition in POSIX CPU Timers
In September 2025, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
Go to Full Article
- Steam Deck 2 Rumors Ignite a New Era for Linux Gaming
by George Whittaker
The speculation around a successor to the Steam Deck has stirred renewed excitement, not just for a new handheld, but for what it signals in Linux-based gaming. With whispers of next-gen specs, deeper integration of SteamOS, and an evolving handheld PC ecosystem, these rumors are fueling broader hopes that Linux gaming is entering a more mature age. In this article we look at the existing rumors, how they tie into the Linux gaming landscape, why this matters, and what to watch.
What the Rumours Suggest
Although Valve has kept things quiet, multiple credible outlets report about the Steam Deck 2 being in development and potentially arriving well after 2026. Some of the key tid-bits:
Editorials note that Valve isn’t planning a mere spec refresh; it wants a “generational leap in compute without sacrificing battery life”.
A leaked hardware slide pointed to an AMD “Magnus”-class APU built on Zen 6 architecture being tied to next-gen handhelds, including speculation about the Steam Deck 2.
One hardware leaker (KeplerL2) cited a possible 2028 launch window for the Steam Deck 2, which would make it roughly 6 years after the original.
Valve’s own design leads have publicly stated that a refresh with only 20-30% more performance is “not meaningful enough”, implying they’re waiting for a more substantial upgrade.
In short: while nothing is official yet, there’s strong evidence that Valve is working on the next iteration and wants it to be a noteworthy jump, not just a minor update.
Why This Matters for Linux Gaming
The rumoured arrival of the Steam Deck 2 isn’t just about hardware, it reflects and could accelerate key inflection points for Linux & gaming:
Validation of SteamOS & Linux Gaming
The original Steam Deck, running SteamOS (a Linux-based OS), helped prove that PC gaming doesn’t always require Windows. A well-received successor would further validate Linux as a first-class gaming platform, not a niche alternative but a mainstream choice.
Handheld PC Ecosystem Momentum
Since the first Deck, many Windows-based handhelds have entered the market (such as the ROG Ally, Lenovo Legion Go). Rumours of the Deck 2 keep spotlight on the form factor and raise expectations for Linux-native handhelds. This momentum helps encourage driver, compatibility and OS investments from the broader community.
Go to Full Article
- Kali Linux 2025.3 Lands: Enhanced Wireless Capabilities, Ten New Tools & Infrastructure Refresh
by George Whittaker Introduction
The popular penetration-testing distribution Kali Linux has dropped its latest quarterly snapshot: version 2025.3. This release continues the tradition of the rolling-release model used by the project, offering users and security professionals a refreshed toolkit, broader hardware support (especially wireless), and infrastructure enhancements under the hood. With this update, the distribution aims to streamline lab setups, bolster wireless hacking capabilities (particularly on Raspberry Pi devices), and integrate modern workflows including automated VMs and LLM-based tooling.
In this article, we’ll walk through the key highlights of Kali Linux 2025.3, how the changes affect users (both old and new), the upgrade path, and what to keep in mind for real-world deployment.
What’s New in Kali Linux 2025.3
This snapshot from the Kali team brings several categories of improvements: tooling, wireless/hardware support, architecture changes, virtualization/image workflows, UI and plugin tweaks. Below is a breakdown of the major updates.
Tooling Additions: Ten Fresh Packages
One of the headline items is the addition of ten new security tools to the Kali repositories. These tools reflect shifts in the field, toward AI-augmented recon, advanced wireless simulation and pivoting, and updated attack surface coverage. Among the additions are:
Caido and Caido-cli – a client-server web-security auditing toolkit (graphical client + backend).
Detect It Easy (DiE) – a utility for identifying file types, a useful tool in reverse engineering workflows.
Gemini CLI – an open-source AI agent that integrates Google’s Gemini (or similar LLM) capabilities into the terminal environment.
krbrelayx – a toolkit focused on Kerberos relaying/unconstrained delegation attacks.
ligolo-mp – a multiplayer pivoting solution for network-lateral movement.
llm-tools-nmap – allows large-language-model workflows to drive Nmap scans (automated/discovery).
mcp-kali-server – configuration tooling to connect an AI agent to Kali infrastructure.
patchleaks – a tool that detects security-fix patches and provides detailed descriptions (useful both for defenders and auditors).
vwifi-dkms – enables creation of “dummy” Wi-Fi networks (virtual wireless interfaces) for advanced wireless testing and hacking exercises.
Go to Full Article
- VMScape: Cracking VM-Host Isolation in the Speculative Execution Age & How Linux Patches Respond
by George Whittaker Introduction
In the world of modern CPUs, speculative execution, where a processor guesses ahead on branches and executes instructions before the actual code path is confirmed, has long been recognized as a performance booster. However, it has also given rise to a class of vulnerabilities collectively known as “Spectre” attacks, where microarchitectural side states (such as the branch target buffer, caches, or predictor state) are mis-exploited to leak sensitive data.
Now, a new attack variant, dubbed VMScape, exposes a previously under-appreciated weakness: the isolation between a guest virtual machine and its host (or hypervisor) in the branch predictor domain. In simpler terms: a malicious VM can influence the CPU’s branch predictor in such a way that when control returns to the host, secrets in the host or hypervisor can be exposed. This has major implications for cloud security, virtualization environments, and kernel/hypervisor protections.
In this article we’ll walk through how VMScape works, the CPUs and environments it affects, how the Linux kernel and hypervisors are mitigating it, and what users, cloud operators and admins should know (and do).
What VMScape Is & Why It MattersThe Basics of Speculative Side-Channels
Speculative execution vulnerabilities like Spectre exploit the gap between architectural state (what the software sees as completed instructions) and microarchitectural state (what the CPU has done internally, such as cache loads, branch predictor updates, etc). Even when speculative paths are rolled back architecturally, side-effects in the microarchitecture can remain and be probed by attackers.
One of the original variants, Spectre-BTI (Branch Target Injection, also called Spectre v2) leveraged the Branch Target Buffer (BTB) / predictor to redirect speculative execution along attacker-controlled paths. Over time, hardware and software mitigations (IBRS, eIBRS, IBPB, STIBP) have been introduced. But VMScape shows that when virtualization enters the picture, the isolation assumptions break down.
VMScape: Guest to Host via Branch Predictor
VMScape (tracked as CVE‑2025‑40300) is described by researchers from ETH Zürich as “the first Spectre-based end-to-end exploit in which a malicious guest VM can leak arbitrary sensitive information from the host domain/hypervisor, without requiring host code modifications and in default configuration.”
Here are the key elements making VMScape significant:
The attack is cross-virtualization: a guest VM influences the host’s branch predictor state (not just within the guest).
Go to Full Article
- Self-Tuning Linux Kernels: How LLM-Driven Agents Are Reinventing Scheduler Policies
by George Whittaker Introduction
Modern computing systems rely heavily on operating-system schedulers to allocate CPU time fairly and efficiently. Yet many of these schedulers operate blindly with respect to the meaning of workloads: they cannot distinguish, for example, whether a task is latency-sensitive or batch-oriented. This mismatch, between application semantics and scheduler heuristics, is often referred to as the semantic gap.
A recent research framework called SchedCP aims to close that gap. By using autonomous LLM‐based agents, the system analyzes workload characteristics, selects or synthesizes custom scheduling policies, and safely deploys them into the kernel, without human intervention. This represents a meaningful step toward self-optimizing, application-aware kernels.
In this article we will explore what SchedCP is, how it works under the hood, the evidence of its effectiveness, real-world implications, and what caveats remain.
Why the Problem Matters
At the heart of the issue is that general-purpose schedulers (for example the Linux kernel’s default policy) assume broad fairness, rather than tailoring scheduling to what your application cares about. For instance:
A video-streaming service may care most about minimal tail latency.
A CI/CD build system may care most about throughput and job completion time.
A cloud analytics job may prefer maximum utilisation of cores with less concern for interactive responsiveness.
Traditional schedulers treat all tasks mostly the same, tuning knobs generically. As a result, systems often sacrifice optimisation opportunities. Some prior efforts have used reinforcement-learning techniques to tune scheduler parameters, but these approaches have limitations: slow convergence, limited generalisation, and weak reasoning about why a workload behaves as it does.
SchedCP starts from the observation that large language models can reason semantically about workloads (expressed in plain language or structured summaries), propose new scheduling strategies, and generate code via eBPF that is loaded into the kernel via the sched_ext interface. Thus, a custom scheduler (or modified policy) can be developed specifically for a given workload scenario, and in a self-service, automated way.
Architecture & Key Components
SchedCP comprises two primary subsystems: a control-plane framework and an agent loop that interacts with it. The framework decouples “what to optimise” (reasoning) from “how to act” (execution) in order to preserve kernel stability while enabling powerful optimisations.
Here are the major components:
Go to Full Article
- Bcachefs Ousted from Mainline Kernel: The Move to DKMS and What It Means
by George Whittaker Introduction
After years of debate and development, bcachefs—a modern copy-on-write filesystem once merged into the Linux kernel—is being removed from mainline. As of kernel 6.17, the in-kernel implementation has been excised, and future use is expected via an out-of-tree DKMS module. This marks a turning point for the bcachefs project, raising questions about its stability, adoption, and relationship with the kernel development community.
In this article, we’ll explore the background of bcachefs, the sequence of events leading to its removal, the technical and community dynamics involved, and implications for users, distributions, and the filesystem’s future.
What Is Bcachefs?
Before diving into the removal, let’s recap what bcachefs is and why it attracted attention.
Origin & goals: Developed by Kent Overstreet, bcachefs emerged from ideas in the earlier bcache project (a block-device caching layer). It aimed to build a full-featured, general-purpose filesystem combining performance, reliability, and modern features (snapshots, compression, encryption) in a coherent design.
Mainline inclusion: Bcachefs was merged into the mainline kernel in version 6.7 (released January 2024) after a lengthy review and incubation period.
“Experimental” classification: Even after being part of the kernel, bcachefs always carried disclaimers about its maturity and stability—they were not necessarily recommends for production use by all users.
Its presence in mainline gave distributions a path to ship it more casually, and users had easier access without building external modules—an important convenience for adoption.
What Led to the Removal
The excision of bcachefs from the kernel was not sudden but the culmination of tension over development practices, patch acceptance timing, and upstream policy norms.
“Externally Maintained” status in 6.17
In kernel 6.17’s preparation, maintainers marked bcachefs as “externally maintained.” Though the code remained present, the change signified that upstream would no longer accept new patches or updates within the kernel tree.
This move allowed a transitional period. The code was “frozen” inside the tree to avoid breaking existing systems immediately, while preparation was made for future removal.
Go to Full Article
- Linux Mint 22.2 ‘Zara’ Released: Polished, Modern, and Built for Longevity
by George Whittaker Introduction
The Linux Mint team has officially unveiled Linux Mint 22.2, codenamed “Zara”, on September 4, 2025. As a Long-Term Support (LTS) release, Zara will receive updates through 2029, promising users stability, incremental improvements, and a comfortable desktop experience.
This version is not about flashy overhauls; rather, it’s about refinement — applying polish to existing features, smoothing rough edges, weaving in new conveniences (like fingerprint login), and improving compatibility with modern hardware. Below, we’ll delve into what’s new in Zara, what users should know before upgrading, and how it continues Mint’s philosophy of combining usability, reliability, and elegance.
What’s New in Linux Mint 22.2 “Zara”
Here’s a breakdown of key changes, refinements, and enhancements in Zara.
Base, Support & Kernel Stack
Ubuntu 24.04 (Noble) base: Zara continues to use Ubuntu 24.04 as its upstream base, ensuring broad package compatibility and long-term security support.
Kernel 6.14 (HWE): The default kernel for new installations is 6.14, bringing support for newer hardware.
However — for existing systems upgraded from Mint 22 or 22.1 — the older kernel (6.8 LTS) remains the default, because 6.14’s support window is shorter.
Zara is an LTS edition, with security updates and maintenance promised through 2029.
Major Features & EnhancementsFingerprint Authentication via Fingwit
Zara introduces a first-party tool called Fingwit to manage fingerprint-based authentication. With compatible hardware and support via the libfprint framework, users can:
Enroll fingerprints
Use fingerprint login for the screensaver
Authenticate sudo commands
Launch administrative tools via pkexec using the fingerprint
In some cases, bypass password entry at login (unless home directory encryption or keyring constraints force password fallback)
It is important to note that fingerprint login on the actual login screen may be disabled or limited depending on encryption or keyring usage; in those cases, the system falls back to password entry.
UI & Theming Refinements
Sticky Notes app now sports rounded corners, improved Wayland compatibility, and a companion Android app named StyncyNotes (available via F-Droid) to sync notes across devices.
Go to Full Article
- Ubuntu Update Backlog: How a Brief Canonical Outage Cascaded into Multi-Day Delays
by George Whittaker Introduction
In early September 2025, Ubuntu users globally experienced disruptive delays in installing updates and new packages. What seemed like a fleeting outage—only about 36 minutes of server downtime—triggered a cascade of effects: mirrors lagging, queued requests overflowing, and installations hanging for days. The incident exposed how fragile parts of Ubuntu’s update infrastructure can be under sudden load.
In this article, we’ll walk through what happened, why the fallout was so severe, how Canonical responded, and lessons for users and infrastructure architects alike.
What Happened: Outage & Immediate Impact
On September 5, 2025, Canonical’s archive servers—specifically archive.ubuntu.com and security.ubuntu.com—suffered an unplanned outage. The status page for Canonical showed the incident lasting roughly 36 minutes, after which operations were declared “resolved.”
However, that brief disruption set off a domino effect. Because the archives and security servers serve as the central hubs for Ubuntu’s package ecosystem, any downtime causes massive backlog among mirror servers and client requests. Mirrors found themselves out of sync, processing queues piled up, and users attempting updates or new installs encountered failed downloads, hung operations, or “404 / package not found” errors.
On Ubuntu’s community forums, Canonical acknowledged that while the server outage was short, the upload / processing queue for security and repository updates had become “obscenely” backlogged. Users were urged to be patient, as there was no immediate workaround.
Throughout September 5–7, users continued reporting incomplete or failed updates, slow mirror responses, and installations freezing mid-process. Even newly provisioning systems faced broken repos due to inconsistent mirror states.
By September 8, the situation largely stabilized: mirrors caught up, package availability resumed, and normal update flows returned. But the extended period of degraded service had already left many users frustrated.
Why a Short Outage Turned into Days of Disruption
At first blush, 36 minutes seems trivial. Why did it have such prolonged consequences? Several factors contributed:
Centralized repository backplane Ubuntu’s infrastructure is architected around central canonical repositories (archive, security) which then propagate to mirrors worldwide. When the central system is unavailable, mirrors stop receiving updates and become stale.
Go to Full Article
- Bringing Desktop Linux GUIs to Android: The Next Step in Graphical App Support
by George Whittaker Introduction
Android has long been focused on running mobile apps, but in recent years, features aimed at developers and power users have begun pushing its boundaries. One exciting frontier: running full Linux graphical (GUI) applications on Android devices. What was once a novelty is now gradually becoming more viable, and recent developments point toward much smoother, GPU-accelerated Linux GUI experiences on Android.
In this article, we’ll trace how Linux apps have run on Android so far, explain the new architecture changes enabling GPU rendering, showcase early demonstrations, discuss remaining hurdles, and look at where this capability is headed.
The State of Linux on Android TodayThe Linux Terminal App
Google’s Linux Terminal app is the core interface for running Linux environments on Android. It spins up a virtual machine (VM), often booting Debian or similar, and lets users enter a shell, install packages, run command-line tools, etc.
Initially, the app was limited purely to text / terminal-based Linux programs; graphical apps were not supported meaningfully. More recently, Google introduced support for launching GUI Linux applications in experimental channels.
Limitations: Rendering & Performance
Even now, most GUI Linux apps on Android are rendered in software, that is, all drawing happens on the CPU (via a software renderer) rather than using the device’s GPU. This leads to sluggish UI, high CPU usage, more thermal stress, and shorter battery life.
Because of these limitations, running heavy GUI apps (graphics editors, games, desktop-level toolkits) has been more experimental than practical.
What’s Changing: GPU-Accelerated Rendering
The big leap forward is moving from CPU rendering to GPU-accelerated rendering, letting the device’s graphics hardware do the heavy lifting.
Lavapipe (Current Baseline)
At present, the Linux VM uses Lavapipe (a Mesa software rasterizer) to interpret GPU API calls on the CPU. This works, but is inefficient, especially for complex GUIs or animations.
Introducing gfxstream
Google is planning to integrate gfxstream into the Linux Terminal app. gfxstream is a GPU virtualization / forwarding technology: rather than reinterpreting graphics calls in software, it forwards them from the guest (Linux VM) to the host’s GPU directly. This avoids CPU overhead and enables near-native rendering speeds.
Go to Full Article
- Fedora 43 Beta Released: A Preview of What's Ahead
by George Whittaker Introduction
Fedora’s beta releases offer one of the earliest glimpses into the next major version of the distribution — letting users and developers poke, test, and report issues before the final version ships. With Fedora 43 Beta, released on September 16, 2025, the community begins the final stretch toward the stable Fedora 43.
This beta is largely feature-complete: developers hope it will closely match what the final release looks like (barring last-minute fixes). The goal is to surface regression bugs, UX issues, and compatibility problems before Fedora 43 is broadly adopted.
Release & Availability
The Fedora Project published the beta across multiple editions and media — Workstation, KDE Plasma, Server, IoT, Cloud, and spins/labs where applicable. ISO images are available for download from the official Fedora servers.
Users already running Fedora 42 can upgrade via the DNF system-upgrade mechanism. Some spins (e.g. Mate or i3) are not fully available across all architectures yet.
Because it’s a beta, users should be ready to encounter bugs. Fedora encourages testers to file issues via the QA mailing list or Fedora’s issue tracking infrastructure.
Major New Features & Changes
Fedora 43 Beta brings many updates under the hood — some in visible user features, others in core tooling and system behavior.
Kernel, Desktop & Session Updates
Fedora 43 Beta is built on Linux kernel 6.17.
The Workstation edition features GNOME 49.
In a bold shift, Fedora removes GNOME X11 packages for the Workstation, making Wayland-only the default and only session for GNOME. Existing users are migrated to Wayland.
On KDE, Fedora 43 Beta ships with KDE Plasma 6.4 in the Plasma edition.
Installer & Package Management
Fedora’s Anaconda installer gets a WebUI by default for all Spins, providing a more unified and modern install experience across desktop variants.
The installer now uses DNF5 internally, phasing out DNF4 which is now in maintenance mode.
Auto-updates are enabled by default in Fedora Kinoite, ensuring that systems apply updates seamlessly in the background with minimal user intervention.
Programming & Core Tooling Updates
The Python version in Fedora 43 Beta moves to 3.14, an early adoption to catch bugs before the upstream release.
Go to Full Article
|
