Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

NEXT MEETING

What's New

Introducing Ubuntu Phone

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All) (Two Column)

LinuxSecurity - Security Advisories







LWN.net

  • Security updates for Thursday
    Security updates have been issued by Debian (expat, fig2dev, firefox-esr, golang-github-gorilla-csrf, jinja2, libxml2, nagvis, qemu, request-tracker4, request-tracker5, u-boot, and vips), Fedora (firefox, giflib, and thunderbird), Mageia (imagemagick), Red Hat (thunderbird), SUSE (amber-cli, libjxl, and redis), and Ubuntu (h2o, poppler, and postgresql-10).


  • [$] LWN.net Weekly Edition for May 1, 2025
    Inside this week's LWN.net Weekly Edition:
    Front: Mailman 2 vulnerabilities; AI in Debian; __nonstring__; Cache-aware scheduling; Freezing filesystems; Socket-level storage; Debugging information; LWN in 2025. Briefs: Debian election; Kali Linux key; OpenBSD 7.7; Firefox 138.0; GCC 15.1; Meson 1.8.0; Valgrind 3.25.0; FSF review; OSI retrospective; Mastodon; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.


  • Albertson: Future of OSL in Jeopardy
    Lance Albertson writesthat the Oregon State University Open Source Lab, the home of manyprominent free-software projects over the years, has run into financialtrouble:
    I am writing to inform you about a critical and time-sensitive situation facing the Open Source Lab. Over the past several years, we have been operating at a deficit due to a decline in corporate donations. While OSU's College of Engineering (CoE) has generously filled this gap, recent changes in university funding have led to a significant reduction in CoE's budget. As a result, our current funding model is no longer sustainable and CoE needs to find ways to cut programs.
    Earlier this week, I was informed that unless we secure $250,000 in committed funds, the OSL will be forced to shut down later this year.


  • [$] The mystery of the Mailman 2 CVEs
    Many eyebrows were raised recently when three vulnerabilities were announcedthat allegedly impact GNU Mailman 2.1,since many folks assumed that it was no longer being supported. That'snot quite the case. Even though version 3 ofthe GNU Mailman mailing-list manager has been availablesince 2015, and version 2 was declared (mostly) end of life(EOL) in 2020, there are still plenty of users and projects stillusing version 2.1.x. There is, as it turns out, a big difference betweenmostly EOL and actually EOL. For example: WebPros, the company behind the cPanel server and web-site-managementplatform, still maintains a port ofMailman 2.1.x to Python 3 for its customers and wasquick to respond to reports of vulnerabilities. However, thecompany and upstream Mailman project dispute that the CVEs arevalid.


  • [$] Better debugging information for inlined kernel functions
    Modern compilers perform a lot of optimizations, which can complicate debugging.Song Liu and Thierry Treyer spoke about a potential improvement toBPF Type Format (BTF) debugging information that could partially combat thatproblem at the 2025 Linux Storage, Filesystem,Memory-Management, and BPF Summit.They want to add information on selectively inlined functions to BTF in order tobetter support tracing tools.Treyer participated remotely.


  • The conclusion of the FSF board review
    The Free Software Foundation has announcedthe completion of the review of its board of directors; the processresulted in the reconfirmation of all five sitting board members.
    The review examined board members Ian Kelling, Geoffrey Knauth, Henry Poole, Richard Stallman, and Gerald Sussman. The process generated detailed philosophical and policy discussions between board members and the FSF's global associate members on topics ranging from the firmness of the Free Software Definition, developments in machine learning, to the board's president position.


  • How LWN is faring in 2025
    Just over six months ago, The Economist described the US economy as "the envy of theworld". That headline would be unlikely to appear now. The economicboom referenced in that article feels like a distant memory, markets arefalling, and uncertainty is at an all-time high. Like everybody else, LWNis affected by the current turbulence in the political and economicspheres; we expect to get through this period, but there will be somechallenges.


  • Security updates for Wednesday
    Security updates have been issued by Debian (glibc and libraw), Fedora (digikam, icecat, mingw-LibRaw, perl, perl-Devel-Cover, and perl-PAR-Packer), Red Hat (ghostscript, kernel, and kernel-rt), Slackware (mozilla), SUSE (augeas, firefox, and java-11-openjdk), and Ubuntu (binutils, libxml2, and nodejs).


  • LWN's Mastodon migration
    The LWN.net fediverse (Mastodon) feed has moved; we are now known as @LWN@lwn.net. The migration magic hasshifted many of our followers over automatically but, if you follow thatstream, you might want to make sure that you have shifted to the newsource.


  • Meson 1.8.0 released
    Version 1.8.0of the Meson build system hasbeen released. Notable changes in this release include the ability torun rustdoc for Rust projects, support for the c2y and gnu2ycompiler options, and a new argument (android_exe_type) thatmakes it possible to use the same meson.build file forAndroid and non-Android systems.



  • Firefox 138.0 released
    Version138.0 of the Firefox web browser has been released. Changes includesome profile-management improvements, the ability to get weather-relatedsuggestions in the address bar (US only), and some security fixes.


  • Barnes: Parallel ./configure
    Tavian Barnes takes onthe tedious process of waiting for configure scripts to run.
    I paid good money for my 24 CPU cores, but ./configure can only manage to use 69% of one of them. As a result, this random project takes about 13.5× longer to configure the build than it does to actually do the build.
    The purpose of a ./configure script is basically to run the compiler a bunch of times and check which runs succeeded. In this way it can test whether particular headers, functions, struct fields, etc. exist, which lets people write portable software. This is an embarrassingly parallel problem, but Autoconf can't parallelize it, and neither can CMake, neither can Meson, etc., etc.
    (Thanks to Paul Wise).


  • [$] Cache awareness for the CPU scheduler
    The kernel's CPU scheduler has to balance a wide range of objectives. Thetasks in the system must be scheduled fairly, with latency for any giventask kept within bounds. All of the CPUs in the system should be kept busyif there is enough work to do, but unneeded CPUs should be shut down toreduce power consumption. A task should also run on the CPU that is mostlikely to have cached the memory that task is using. This patchseries from Chen Yu aims to improve how the scheduler handles cachelocality for multi-threaded processes.


  • Signing key change for Kali Linux
    The Kali Linux distribution has announcedthat software updates will soon start failing for all users:
    This is not only you, this is for everyone, and this is entirely our fault. We lost access to the signing key of the repository, so we had to create a new one. At the same time, we froze the repository (you might have noticed that there was no update since Friday 18th), so nobody was impacted yet. But we're going to unfreeze the repository this week, and it's now signed with the new key.
    The announcement includes instructions for how to recover from the problem.


  • Security updates for Tuesday
    Security updates have been issued by AlmaLinux (glibc, php:8.1, and thunderbird), Debian (libreoffice), Fedora (caddy), Mageia (chromium-browser-stable), Red Hat (php:8.1), SUSE (glow), and Ubuntu (kicad, linux-aws-5.15, linux-azure-nvidia, linux-gcp-5.15, mistral, python-mistral-lib, tomcat8, and trafficserver).


LXer Linux News

  • Setting Up a Secure Mail Server with Dovecot on Ubuntu Server
    Email remains a cornerstone of modern communication. From business notifications to personal messages, having a robust and reliable mail server is essential. While cloud-based solutions dominate the mainstream, self-hosting a mail server offers control, customization, and learning opportunities that managed services can't match.



  • Intel Makes "AI Flame Graphs" Open-Source
    Intel's AI Flame Graphs software is now open-source. This is a project that started for Intel's Tiber AI Cloud to provide more insight into AI accelerator/GPU usage and hardware profilining of the full software stack. After being an internal/customer-only software project for some months, AI Flame Graphs is now open-source...







  • Firefox 139 Beta Delivers Faster HTTP/3 Upload Performance
    Firefox 138 was released yesterday and wasn't particularly exciting besides enhanced profile management and Tab Groups support... Aside from that it was a pretty basic release. In turn Firefox 139 is now in beta and that release does bring some items worth mentioning like faster HTTP/3 upload performance...







  • Using Custom Charge Thresholds with GNOME’s Preserve Battery Health Feature
    GNOME is probably the most used desktop environment on Linux; its latest iteration (codename “Bengaluru”), ships with many performance improvements and some new features, as the ability to limit the battery charge straight from the “control center”, in order to preserve its health and increase its lifespan. By default, when this feature is active, a battery will start charging only when under 75% of its capacity, and will stop charging when it reaches 80%. In this tutorial, we learn how to replace those values with custom ones.





  • Is Free/Open Source Software Sustainable?
    The co-founder of the open-source company Nextcloud reminds us that the free software philosophy that’s the foundation of open source is much more than a software development model.



Slashdot

  • Study Accuses LM Arena of Helping Top AI Labs Game Its Benchmark
    An anonymous reader shares a report: A new paper from AI lab Cohere, Stanford, MIT, and Ai2 accuses LM Arena, the organization behind the popular crowdsourced AI benchmark Chatbot Arena, of helping a select group of AI companies achieve better leaderboard scores at the expense of rivals. According to the authors, LM Arena allowed some industry-leading AI companies like Meta, OpenAI, Google, and Amazon to privately test several variants of AI models, then not publish the scores of the lowest performers. This made it easier for these companies to achieve a top spot on the platform's leaderboard, though the opportunity was not afforded to every firm, the authors say. "Only a handful of [companies] were told that this private testing was available, and the amount of private testing that some [companies] received is just so much more than others," said Cohere's VP of AI research and co-author of the study, Sara Hooker, in an interview with TechCrunch. "This is gamification." Further reading: Meta Got Caught Gaming AI Benchmarks.


    Read more of this story at Slashdot.


  • Starting July 1, Academic Publishers Can't Paywall NIH-Funded Research
    An anonymous reader writes: NIH Director Dr. Jay Bhattacharya has announced that the NIH Public Access Policy, originally slated to go into effect on December 31, 2025, will now be effective as of July 1. From Bhattacharya's announcement: NIH is the crown jewel of the American biomedical research system. However, a recent Pew Research Center study shows that only about 25% of Americans have a "great deal of confidence" that scientists are working for the public good. Earlier implementation of the Public Access Policy will help increase public confidence in the research we fund while also ensuring that the investments made by taxpayers produce replicable, reproducible, and generalizable results that benefit all Americans. Providing speedy public access to NIH-funded results is just one of the ways we are working to earn back the trust of the American people. Trust in science is an essential element in Making America Healthy Again. As such, NIH and its research partners will continue to promote maximum transparency in all that we do.


    Read more of this story at Slashdot.


  • Duolingo Doubles Its Language Courses Thanks To AI
    Just a day after announcing its shift to an "AI-first" strategy -- which includes phasing out contract workers in favor of automation -- Duolingo revealed it is more than doubling its course offerings by launching 148 new language courses. The Verge reports: The company said today that it's launching 148 new language courses. "This launch makes Duolingo's seven most popular non-English languages -- Spanish, French, German, Italian, Japanese, Korean, and Mandarin -- available to all 28 supported user interface (UI) languages, dramatically expanding learning options for over a billion potential learners worldwide," the company writes. Duolingo says that building one new course historically has taken "years," but the company was able to build this new suite of courses more quickly "through advances in generative AI, shared content systems, and internal tooling." The new approach is internally called "shared content," and the company says it allows employees to make a base course and quickly customize it for "dozens" of different languages. "Now, by using generative AI to create and validate content, we're able to focus our expertise where it's most impactful, ensuring every course meets Duolingo's rigorous quality standards," Duolingo's senior director of learning design, Jessie Becker, says in a statement.


    Read more of this story at Slashdot.


  • Satellite Launches On Mission To 'Weigh' World's 1.5 Trillion Trees
    The European Space Agency has launched the Biomass satellite to study the world's forests using the first space-based P-band synthetic aperture radar, aiming to accurately measure carbon storage and improve understanding of the global carbon cycle. CBS News reports: Forests on Earth collectively absorb and store about 8 billion tons of carbon dioxide annually, the ESA said. That regulates the planet's temperature. Deforestation and degradation, especially in tropical regions, means that stored carbon is being released back into the atmosphere, the ESA said, which can contribute to climate change. There's a lack of accurate data on how much carbon the planet's estimated 1.5 trillion trees store and how much human activity can impact that storage, the ESA said. To "weigh" the planet's trees and determine their carbon dioxide capacity, Biomass will use a P-band synthetic aperture radar. It's the first such piece of technology in space. The radar can penetrate forest canopies and measure woody biomass, including trunks, branches and stems, the ESA said. Most forest carbon is stored in these parts of the trees. Those measurements will act as a proxy for carbon storage, the ESA said. [...] Once the radar takes the measurements, the data will be received by the large mesh reflector. It will then be sent to the ESA's mission control center.


    Read more of this story at Slashdot.


  • Apple Must Halt Non-App Store Sales Commissions, Judge Says
    Apple violated a court order requiring it to open up the App Store to third-party payment options and must stop charging commissions on purchases outside its software marketplace, a federal judge said in a blistering ruling that referred the company to prosecutors for a possible criminal probe. From a report: U.S. District Judge Yvonne Gonzalez Rogers sided Wednesday with "Fortnite" maker Epic Games over its allegation that the iPhone maker failed to comply with an order she issued in 2021 after finding the company engaged in anticompetitive conduct in violation of California law. Gonzalez Rogers also referred the case to federal prosecutors to investigate whether Apple committed criminal contempt of court for flouting her 2021 ruling. The U.S. attorney's office in San Francisco declined to comment. The changes the company must now make could put a sizable dent in the double-digit billions of dollars in revenue the App Store generates each year. The judge's order [PDF]: Apple willfully chose not to comply with this Court's Injunction. It did so with the express intent to create new anticompetitive barriers which would, by design and in effect, maintain a valued revenue stream; a revenue stream previously found to be anticompetitive. That it thought this Court would tolerate such insubordination was a gross miscalculation. As always, the cover-up made it worse. For this Court, there is no second bite at the apple. It Is So Ordered.


    Read more of this story at Slashdot.


  • Why Windows 7 Took Forever To Load If You Had a Solid Background
    An anonymous reader quotes a report from PCWorld: Windows 7 came onto the market in 2009 and put Microsoft back on the road to success after Windows Vista's annoying failures. But Windows 7 was not without its faults, as this curious story proves. Some users apparently encountered a vexing problem at the time: if they set a single-color image as the background, their Windows 7 PC always took 30 seconds to start the operating system and switch from the welcome screen to the desktop. In a recent blog post, Microsoft veteran Raymond Chen explains the exact reason for this. According to him, a simple programming error meant that users had to wait longer for the system to boot. After logging in, Windows 7 first set up the desktop piece by piece, i.e. the taskbar, the desktop window, icons for applications, and even the background image. The system waited patiently for all components to finish loading and received feedback from each individual component. Or, it switched from the welcome screen to the desktop after 30 seconds if it didn't receive any feedback. The problem here: The code for the message that the background image is ready was located within the background image bitmap code, which means that the message never appeared if you did not have a real background image bitmap. And a single color is not such a bitmap. The result: the logon system waited in vain for the message that the background has finished loading, so Windows 7 never started until the 30 second fallback activated and sent users to the desktop. The problem could also occur if users had activated the "Hide desktop icons" group policy. This was due to the fact that such policies were only added after the main code had been written and called by an If statement. However, Windows 7 was also unable to recognize this at first and therefore took longer to load.


    Read more of this story at Slashdot.


  • Alleged 'Scattered Spider' Member Extradited to US
    Investigative journalist and cybersecurity expert Brian Krebs reports: A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States and abroad, and that he personally controlled more than $26 million stolen from victims. Scattered Spider is a loosely affiliated criminal hacking group whose members have broken into and stolen data from some of the world's largest technology companies. Buchanan was arrested in Spain last year on a warrant from the FBI, which wanted him in connection with a series of SMS-based phishing attacks in the summer of 2022 that led to intrusions at Twilio, LastPass, DoorDash, Mailchimp, and many other tech firms. The complain against Buchanan is available here (PDF).


    Read more of this story at Slashdot.


  • Republicans In Congress Want a Flat $200 Annual EV Tax
    New submitter LDA6502 writes: The Republican chairman of the House Transportation and Infrastructure Committee is proposing a new annual federal vehicle registration fee of $200 for full EVs, $100 for hybrid EVs, and $20 for combustion vehicles. The tax would be tied to inflation, would be collected by the states, and would expire in 2035. Critics of the proposal note that it could result in low mileage EVs paying a far higher tax rate than heavy ICE trucks and SUVs. Ars Technica notes that the bill "exempts commercial vehicles, which should see a rush from tax avoiders to register their vehicles under their businesses [...]." Farm vehicles will also be exempt from the tax. "The Eno Center for Transportation calculates that this new tax will contribute an extra $110 billion to the highway Trust Fund by 2035 but that cuts to other taxes and more spending mean that the fund will still be $222 billion short of its commitments -- assuming that this added fee doesn't further dampen EV adoption in the U.S., that is."


    Read more of this story at Slashdot.


  • Microsoft Puts Brakes on AI Spending as Profit Increases 18%
    After 10 consecutive quarters of rising AI-related investment, Microsoft has put on the brakes, spending over $1 billion less than the previous quarter (source paywalled; alternative source). Despite the slight slowdown, Microsoft posted stronger-than-expected results with $70 billion in revenue and $25.8 billion in profit. The New York Times reports: In the first three months of 2025, Microsoft spent $21.4 billion on capital expenses, down more than $1 billion from the previous quarter. The company is still on track to spend more than $80 billion on capital expenses in the current fiscal year, which ends in June. But the pullback, though slight, is an indication that the tech industry's appetite for spending on A.I. is not limitless. Overall, Microsoft's results showed unexpected strength in its business. Sales surpassed $70 billion, up 13 percent from the same period a year earlier. Profit rose to $25.8 billion, up 18 percent. The results far surpassed Wall Street's expectations. "Cloud and A.I. are the essential inputs for every business to expand output, reduce costs, and accelerate growth," Satya Nadella, Microsoft's chief executive, said in a statement.


    Read more of this story at Slashdot.


  • Apple Notifies New Victims of Spyware Attacks Across the World
    An anonymous reader quotes a report from TechCrunch: Apple sent notifications this week to several people who the company believes were targeted with government spyware, according to two of the alleged targets. In the past, Apple has sent similar notifications to targets and victims of spyware, and directed them to contact a nonprofit that specializes in investigating such cyberattacks. Other tech companies, like Google and WhatsApp, have in recent years also periodically sent such notifications to their users. As of Wednesday, only two people appear to have come forward to reveal they were among those who received the notifications from Apple this week. One is Ciro Pellegrino, an Italian journalist who works for online news outlet Fanpage. Pellegrino wrote in an article that he received an email and a text message from Apple on Tuesday notifying him that he was targeted with spyware. The message, according to Pellegrino, also said he wasn't the only person targeted. "Today's notification is being sent to affected users in 100 countries," the message read, according to Pellegrino's article. "Did this really happen? Yes, it is not a joke," Pellegrino wrote. The second person to receive an Apple notification is Eva Vlaardingerbroek, a Dutch right-wing activist, who posted on X on Wednesday. "Apple detected a targeted mercenary spyware attack against your iPhone," the Apple alert said, according to a screenshot shown in a video that Vlaardingerbroek posted on X. "This attack is likely targeting you specifically because of who you are or what you do. Although it's never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning -- please take it seriously." Reacting to the notification, Vlaardingerbroek said that this was an "attempt to intimidate me, an attempt to silence me, obviously."


    Read more of this story at Slashdot.


  • Millions of AirPlay Devices Can Be Hacked Over Wi-Fi
    A newly revealed set of vulnerabilities dubbed AirBorne in Apple's AirPlay SDK could allow attackers on the same Wi-Fi network to hijack tens of millions of third-party devices like smart TVs and speakers. While Apple has patched its own products, many third-party devices remain at risk, with the most severe (though unproven) threat being potential microphone access. 9to5Mac reports: Wired reports that a vulnerability in Apple's software development kit (SDK) means that tens of millions of those devices could be compromised by an attacker: "On Tuesday, researchers from the cybersecurity firm Oligo revealed what they're calling AirBorne, a collection of vulnerabilities affecting AirPlay, Apple's proprietary radio-based protocol for local wireless communication. Bugs in Apple's AirPlay software development kit (SDK) for third-party devices would allow hackers to hijack gadgets like speakers, receivers, set-top boxes, or smart TVs if they're on the same Wi-Fi network as the hacker's machine [...] Oligo's chief technology officer and cofounder, Gal Elbaz, estimates that potentially vulnerable third-party AirPlay-enabled devices number in the tens of millions. 'Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch -- or they will never be patched,' Elbaz says. 'And it's all because of vulnerabilities in one piece of software that affects everything.'" For consumers, an attacker would first need to gain access to your home Wi-Fi network. The risk of this depends on the security of your router: millions of wireless routers also have serious security flaws, but access would be limited to the range of your Wi-Fi. AirPlay devices on public networks, like those used everywhere from coffee shops to airports, would allow direct access. The researchers say the worst-case scenario would be an attacker gaining access to the microphones in an AirPlay device, such as those in smart speakers. However, they have not demonstrated this capability, meaning it remains theoretical for now.


    Read more of this story at Slashdot.


  • Google Funding Electrician Training As AI Power Crunch Intensifies
    Google is investing in training over 100,000 new U.S. electricians through a $10 million grant, aiming to address a critical labor shortage driven by AI-fueled data center growth and rising electricity demands. Reuters reports: A lack of access to power supplies has become the biggest problem for giant technology companies racing to develop artificial intelligence in energy-intensive data centers, which are driving up U.S. electricity demand after nearly 20 years of stagnation. The situation has led President Donald Trump to declare a national energy emergency aimed at speeding up permitting for generation and transmission projects. Google's funding, which includes a $10 million grant for electrical worker nonprofits, is the latest in a series of recent moves by giant technology companies to alleviate power project backlogs and electricity shortfalls across the United States. [...] The Google grant will be used for electrician apprenticeship programs and the training of existing workforce through organizations, including the Electrical Training Alliance, International Brotherhood of Electrical Workers and the National Electrical Contractors Association. It could increase the pipeline of electrical workers by 70% by the end of the decade, the company said. "This initiative with Google and our partners at NECA and the Electrical Training Alliance will bring more than 100,000 sorely needed electricians into the trade to meet the demands of an AI-driven surge in data centers and power generation," said Kenneth Cooper, international president of the IBEW labor union.


    Read more of this story at Slashdot.


  • Raspberry Pi Cuts Product Returns By 50% By Changing Up Its Pin Soldering
    An anonymous reader quotes a report from Ars Technica: Raspberry Pi boards have a combination of surface-mount devices (SMDs) and through-hole bits. SMDs allow for far more tiny chips, resistors, and other bits to be attached to boards by their tiny pins, flat contacts, solder balls, or other connections. For those things that are bigger, or subject to rough forces like clumsy human hands, through-hole soldering is still required, with leads poked through a connective hole and solder applied to connect and join them securely. The Raspberry Pi board has a 40-pin GPIO header on it that needs through-hole soldering, along with bits like the Ethernet and USB ports. These require robust solder joints, which can't be done the same way as with SMT (surface-mount technology) tools. "In the early days of Raspberry Pi, these parts were inserted by hand, and later by robotic placement," writes Roger Thornton, director of applications for Raspberry Pi, in a blog post. The boards then had to go through a follow-up wave soldering step. Now Pi boards have their tiny bits and bigger pieces soldered at the same time through an intrusive reflow soldering process undertaken with Raspberry Pi's UK manufacturing partner, Sony. After adjusting component placement, the solder stencil, and the connectors, the board makers could then place and secure all their components in the same stage. Intrusive reflow soldering this way involves putting solder paste on both the pads for SMD bits and into the through-hole pins. The through-hole parts are pushed onto the paste, and the whole board then goes into a reflow oven, where the solder paste melts, the connectors fall in more fully, and joints are formed for all the SMD and through-hole parts at once. You can watch the process up close in this mesmerizing video from Surface Mount Process. Intrusive reflow soldering is not a brand-new process, but what it did for the Raspberry Pi is notable, according to Thornton. The company saw "a massive 50% reduction in product returns," and it sped up production by 15 percent by eliminating the break between the two soldering stages. By removing the distinct soldering bath from its production line, the company also reduced its carbon dioxide output by 43 tonnes per year (or 47.4 US tons).


    Read more of this story at Slashdot.


  • New Atomic Fountain Clock Joins Elite Group That Keeps the World on Time
    NIST: Clocks on Earth are ticking a bit more regularly thanks to NIST-F4, a new atomic clock at the National Institute of Standards and Technology (NIST) campus in Boulder, Colorado. This month, NIST researchers published a journal article establishing NIST-F4 as one of the world's most accurate timekeepers. NIST has also submitted the clock for acceptance as a primary frequency standard by the International Bureau of Weights and Measures (BIPM), the body that oversees the world's time. NIST-F4 measures an unchanging frequency in the heart of cesium atoms, the internationally agreed-upon basis for defining the second since 1967. The clock is based on a "fountain" design that represents the gold standard of accuracy in timekeeping. NIST-F4 ticks at such a steady rate that if it had started running 100 million years ago, when dinosaurs roamed, it would be off by less than a second today. By joining a small group of similarly elite time pieces run by just 10 countries around the world, NIST-F4 makes the foundation of global time more stable and secure. At the same time, it is helping to steer the clocks NIST uses to keep official U.S. time. Distributed via radio and the internet, official U.S. time is critical for telecommunications and transportation systems, financial trading platforms, data center operations and more.


    Read more of this story at Slashdot.


  • Microsoft CEO Says Up To 30% of the Company's Code Was Written by AI
    Microsoft CEO Satya Nadella said that 20%-30% of code inside the company's repositories was "written by software" -- meaning AI -- during a fireside chat with Meta CEO Mark Zuckerberg at Meta's LlamaCon conference on Tuesday. From a report: Nadella gave the figure after Zuckerberg asked roughly how much of Microsoft's code is AI-generated today. The Microsoft CEO said the company was seeing mixed results in AI-generated code across different languages, with more progress in Python and less in C++.


    Read more of this story at Slashdot.


The Register

  • Chris Krebs loses Global Entry membership amid Trump feud
    President's campaign continues against man he claims covered up evidence of electoral fraud in 2020
    Chris Krebs, former CISA director and current political punching bag for the US President, says his Global Entry membership was revoked.…














  • Musk’s DOGE probed by top watchdog after poking around Uncle Sam's systems
    Oligarch's crew makes audits harder, US comptroller general tells Congress
    The US Government Accountability Office has confirmed it launched audits of Elon Musk's Trump-blessed cost-trimming DOGE unit amid concerns that its access to agency systems may be complicating oversight and involving sensitive data.…



  • Ex-CISA chief decries cuts as Trump demands loyalty above all else
    Cybersecurity is national security, says Jen Easterly
    RSAC America's top cyber-defense agency is "being undermined" by personnel and budget cuts under the Trump administration, some of which are being driven by an expectation of perfect loyalty to the President rather than the nation.…



  • Your graphics card's so fat, it's got its own gravity alert
    Asus implements droop detector for PCIe slots as GPUs now so heavy they risk toppling out
    Graphics cards are now getting so bulky and heavy that device maker Asus has decided customers need a way to detect any sagging or movement of the GPU in its PCIe slot.…


  • Thunderbird joins Firefox on the monthly treadmill
    We'll see if messaging client can keep up with sibling browser
    Mozilla has lobbed out Firefox 138, and subsidiary MZLA's Thunderbird 138 isn't far behind. The venerable messaging client is picking up the pace and finally syncing its stride with the browser that spawned it.…


  • FBI steps in amid rash of politically charged swattings
    No specific law against it yet, but that's set to change
    A spate of high-profile swatting incidents in the US recently forced the FBI into action with its latest awareness campaign about the occasionally deadly practice.…



  • Microsoft gets twitchy over talk of Europe's tech independence
    Brad Smith commits org to facing off with US govt in court to protect them
    Microsoft is responding to mounting "geopolitical and trade volatility" between the US administration and governments in Europe by pledging privacy safeguards for customers worried about using American hyperscalers, and vowing to fight the US government in court to protect Euro customers' data if needed.…






  • Does UK's Online Safety Act cover misinformation? Well, that depends
    Minister, platform providers disagree on whether law would have helped avoid last summer's riots
    MPs heard a range of interpretations of UK law when it comes to the spread of misinformation online, a critical factor in the riots across England and Northern Ireland sparked by inaccurate social media posts about the fatal stabbings at a children's dance class on 29 July last year.…










  • Meta bets you want a sprinkle of social in your chatbot
    Sharing is caring when your entire business is built on it
    Meta is scrambling to grab some of that ChatGPT and Grok buzz with the launch of its own standalone AI app. Built on its Llama 4 LLM, the assistant touts personalization and smoother voice chats, but the most visible feature is a Discover feed showing off how other users interact with it, and even that feels more like a gimmick than a game-changer.…


  • TAKE IT DOWN Act? Yes, take the act down before it's too late for online speech
    Good intentions, terrible wording – and Trump can't wait to use it because 'nobody gets treated worse than I do'
    Federal legislation that would protect people from having explicit images of themselves posted and shared online without their consent is set to become law in the USA after passing the House on Monday.…



  • Duolingo jumps aboard the 'AI-first' train, will phase out contractors
    Luis von Ahn says small quality hits are a price worth paying to ride the wave
    Duolingo has become the latest tech outfit to attempt to declare itself 'AI-first,' with CEO Luis von Ahn telling staff the biz hopes to gradually phase out contractors for work neural networks can take over.…



  • Backblaze denies 'sham accounting' claims as short sellers circle
    Cloud storage biz says 'baseless allegations' are attempts by analysts to profit
    Cloud storage and backup provider Backblaze has denied accusations made by financial analysts of "sham accounting" and "insider dumping," as well as claims it inflated cash flow forecasts to hide its real performance.…







  • 808 lines of BBC BASIC and a dream: Arm architecture turns 40
    We thought it was a really obvious way to build a processor and everybody would be doing it
    It is 40 years since the first Arm processor was powered up, and the UK's Centre for Computing History (CCH) celebrated in style, with speakers to mark the event, hardware on show, and a countdown to the anniversary.…




  • Generative AI is not replacing jobs or hurting wages at all, economists claim
    When we look at the outcomes, it really has not moved the needle
    Instead of depressing wages or taking jobs, generative AI chatbots like ChatGPT, Claude, and Gemini have had almost no significant wage or labor impact so far – a finding that calls into question the huge capital expenditures required to create and run AI models.…


Polish Linux

  • Security: Why Linux Is Better Than Windows Or Mac OS
    Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]


  • Essential Software That Are Not Available On Linux OS
    An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]


  • Things You Never Knew About Your Operating System
    The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]


  • How To Fully Optimize Your Operating System
    Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]


  • The Top Problems With Major Operating Systems
    There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]


  • 8 Benefits Of Linux OS
    Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]


  • Things Linux OS Can Do That Other OS Cant
    What Is Linux OS?  Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]


  • Packagekit Interview
    Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]


  • What’s New in Ubuntu?
    What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]


  • Ext3 Reiserfs Xfs In Windows With Regards To Colinux
    The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the  official site or from the  sourceforge site. Edit the connection to “TAP Win32 Adapter [0]


OSnews

  • Sculpt OS 25.04 released
    Sculpt OS 25.04 has been released, and with it come a number of very welcome and important improvements. What most users will care about the most is the updated version of the Falkon web browser, built atop Qt 6.2.2 and its accompanying qtwebengine release, which in turn is using version 112 of the Chromium engine. Aside from this major improvement, theres two other things that stand out: Usability-wise, the new version comes with two highly anticipated features. First, building upon the multi-monitor support added with the previous release, the new version takes multi-monitor awareness to the window management level, allowing for the flexible assignment of virtual desktops to physical displays, adding new window-manipulation conveniences, and supporting rotated displays. Second, a new directory browser allows the user to interactively assign arbitrary directories as file systems to components, vastly easing the fine-grained sandboxing of subsystems. ↫ Sculpt OS 25.04 release announcement Sculpt OS 25.04 also inherits the improvements of recent Genode Framework releases, such as support for Intels Meteor-Lake hardware. Sculpt OS is available for PC, the PinePhone, and the MNT Reform laptop.


  • Why did Windows 7, for a few months, log on slower if you have a solid color background?
    Time for another story from Raymond Chen, about why, in Windows 7, logging in took 30 seconds if you had set a solid colour as your background. Windows 7s logon system needs to wait for a number of tasks to be completed, like creating the taskbar, populating the desktop with icons, and setting the background. If all of those tasks are completed or 30 seconds have passed, the welcome screen goes away. As you can guess by the initial report mentioning having to wait for 30 seconds, one of the tasks that need to be completed isnt reporting in, so the welcome screen is displayed for the full 30 seconds. In the case of this bug, that task is obviously setting the background. The code to report that the wallpaper is ready was inside the wallpaper bitmap code, which means that if you don’t have a wallpaper bitmap, the report is never made, and the logon system waits in vain for a report that will never arrive. ↫ Raymond Chen It turns out that people who enabled the setting the hide desktop icons were experiencing the same delay, and that, too, was caused by the lack of a report from, in this case, the desktop icons. Interestingly, it seems especially settings changed through group policies can cause issues like this. Group policies are susceptible to this problem because they tend to be bolted on after the main code is written. When you have to add a group policy, you find the code that does the thing, and you put a giant “if policy allows” around it. Oops, the scope of the “if” block extended past the report call, so if the policy is enabled, the icons are never reported as ready, and the logon system stays on the Welcome screen for the full 30 seconds. ↫ Raymond Chen These issues were fixed very quickly after the release of Windows 7, and they disappear from the radar within a few months after the release of everyones favourite Windows version.


  • Google is working on a big UI overhaul for Android
    When Google released the fourth beta of Android 16 this month, many users were disappointed by the lack of major UI changes. As Beta 4 is the final beta, it’s likely the stable Android 16 release won’t look much different than last year’s release. However, that might not hold true for subsequent updates. Google recently confirmed it will unveil a new version of its Material Design theme at its upcoming developer conference, and we’ve already caught glimpses of these design changes in Android—including a notable increase in background blur effects. Ahead of I/O next month, here’s an early look at Google’s upcoming Android redesign. ↫ Mishaal Rahman at Android Authority With Android, its hard to really care about changes like these because it will take forever and a day for the Android ecosystem to catch up, and in general in mobile computing, most people use applications that have zero respect for platform integration anyway, preferring their own shit branding and UI design! over that of the platform theyre running on. In other words, most people will never really encounter many of these changes, unless theyre Pixel users. That being said, these changes seem to basically replace a lot of window! backgrounds with a blur, which makes everything feel more airy and brighter  so much so that in screenshots purporting to show dark mode, it looks like light mode. This doesnt really seem like the big UI overhaul! the linked article claims it to be, but there might be more changes on the way we havent seen yet. Instead of UI changes, Im much more concerned about how much worse Google will be making Android by shoving Clippy into every corner of the operating system.


  • PATH isnt real on Linux
    I have no idea how much relevance this short but informative rundown of how PATH works in Linux has in the real world, but I found it incredibly interesting and enlightening. The basic gist  and I might be wrong, theres code involved and Im not very smart  is that Linux itself needs absolute paths to binaries, while shells and programming languages do not. In other words, the Linux kernel does not know about PATH, and any lookup youre doing comes from either the shell or the programming language youre using. In practice this doesnt matter, but its still interesting to know.


  • I use zip bombs to protect my server!
    The majority of the traffic on the web is from bots. For the most part, these bots are used to discover new content. These are RSS Feed readers, search engines crawling your content, or nowadays AI bots crawling content to power LLMs. But then there are the malicious bots. These are from spammers, content scrapers or hackers. At my old employer, a bot discovered a wordpress vulnerability and inserted a malicious script into our server. It then turned the machine into a botnet used for DDOS. One of my first websites was yanked off of Google search entirely due to bots generating spam. At some point, I had to find a way to protect myself from these bots. Thats when I started using zip bombs. ↫ Ibrahim Diallo I mean, when malicious bots harm your website, isnt combating them with something like zip bombs simply just self-defense?


  • Garmin Pay: yes, you can do NFC tap-to-pay in stores without big tech
    Late last year, I went on a long journey to rid myself of as much of my remaining ties to the big technology giants as I could. This journey is still ongoing, with only a few thin ties remaining, but theres one big one I can scratch off the list: mobile in-store payments with NFC tap-to-pay. I used Google Pay and a WearOS smartwatch for this, but neither of those work on de-Googled Android  I opted for GrapheneOS  and it seemed like I was just going to have to accept the loss of this functionality. That is, until I stumbled upon a few forum posts here and there suggesting a solution: Garmin, maker of fitness trackers and smartwatches with a strong focus on sports, health, and the outdoor lifestyle, has its own mobile NFC tap-to-pay service that supposedly worked just fine on any Android device, de-Googled or not. In fact, people claimed you could even remove the companion Garmin application from your phone entirely after setting up the payment functionality, and it would still keep working. This seemed like something I should look into, because the lack of NFC tap-to-pay is a recurring concern for many people intending to switch to de-Googled Android. So, late last year, many of you chipped in, allowing me to buy a Garmin smartwatch to try this functionality out, for which Im incredibly grateful, of course. Heres how all of this works, and if its a good alternative for Google Pay. The Garmin Instinct 2S Solar First, lets dive into which watch I chose to buy. Garmin has a wide variety of fitness trackers and smartwatches in its line-up, from basic trackers, to Apple Watch/WearOS-like devices, to outdoor-focused rugged devices. I opted for one of the outdoor-focused rugged devices, because not only would it give me the Garmin Pay functionality, but also a few other advantages and unique features I figured OSNews readers would be interested in: a simple black-and-white transflective memory-in-pixel display, a battery life measured in weeks (!), a solar panel built into the display glass, and a case constructed out of lightweight but durable plastics instead of heavy, scratch-prone metal. The specific model I opted for was the Instinct 2S Solar in Mist Grey. I wasnt intending for this to become a review of the watch as a whole, but I figured I might as well share some notes about my experiences with this particular watch model. Its important to note though that Garmin offers a wide variety of smartwatches, from models that look and feel mostly like an Apple Watch or wearOS device, to mechanical models with invisible OLED displays on the dial, to ruggedised, button-only watches for hardcore outdoor people. If youre interested in a Garmin device, theres most likely a type that fits your wishes. The Instinct 2S is definitely not the most beautiful or attractive watch Ive ever had on my wrist. It has that rugged! look some people are really into, but for me, I definitely had to get used to it. I do really like the colour combination I opted for, though, as it complements the black/white transflective memory-in-pixel display really well. Ive grown to0 Appreciate the look over time. The case and bezel of the watch are made out of what Garmin calls fiber-reinforced polymer!, which is probably just a form of fiber-reinforced plastic. Regardless of the buzzwords, it feels nice and sturdy, with a great texture, and not at all plasticy or cheap. Using a material like this over the metals the Apple Watch and most WearOS devices are made of has several advantages; first, it makes the device much lighter and thus more pleasant to wear, and its a lot sturdier and resilient than metals. Ive banged this watch into door sills and countertops a few times now, and theres not a scratch, dent, or discoloration on it  a far cry from the various metal Apple Watches and WearOS devices I own, which accumulated dings and scratches within weeks of buying them. The case material is one of the many ways in which this watch chooses function over form. Sure, metals might feel premium, but a high-quality plastic is cheaper to make, lasts longer, is more resilient, and also happens to be lighter  its simply the objectively better choice for something you wear on wrist every day, exposed to the elements. I understand why people want their smartwatch to be made out of metal, but much like how the orange-red plastic of the Nexus 5 is still the best smartphone material Ive ever experienced (the white and black models uses inferior plastics), this Garmin tops all of the metal watches I own. The strap is made of silicone, and has an absurd amount of tightly-spaced adjustment holes, which makes it very easy to adjust to changing circumstances, like a bit of extra slack for when youre working out. It also has a nice touch in that the second loop has a little peg that slots into an adjustment hole, keeping it in place. Ingenious. Other than that, its just a silicone band with the clasp made out of the same sturdy, pleasant fiber-reinforced polymer! as the case. The lens over the display is made out of something Garmin calls Power Glass™!, and I have no idea what that means. It just feels like a watch lens to me  solid, glassy, and0 I dont know, round? The unique aspect of the display glass is, of course, the built-in solar panel. Its hard for me to tell what kind of impact  if any  the solar panel has on the battery life of the device. What quite obviously does not help is that I live in the Arctic where sun hours come at a bit of a premium, so its been impossible for me to stand outside and hold out my arm for a while to see if it had an effect on the charge level. Theres a software


  • Trinity Desktop Environment R14.1.4 released
    The Trinity Desktop Environment, the modern-day continuation of the KDE 3.x series, has released version R14.1.4. This maintenance release brings new vector wallpapers and colour schemes, support for Unicode surrogate characters and planes above zero (for emoji, among other things), tabs in kpdf, transparency and other new visual effects for Dekorator, and much more. TDE R14.1.4 is already available for a variety of Linux distributions, and can be installed straight from TDEs own repositories if needed.


  • OpenBSD 7.7 released
    Another six months have passed, so its time for a new OpenBSD release: OpenBSD 7.7 to be exact. Browsing through the long, detailed list of changes, a few important bits jump out. First, OpenBSD 7.7 adds support for Ryzen AI 300 (Strix Point, Strix Halo, Krackan Point), Radeon RX 9070 (Navi 48), and Intels Arrow Lake, adding support for the latest x86 processors to OpenBSD. There seems to be quite a few entries in the list related to power management, from work on hibernation and suspend, to more fine-grained control over performance profiles when on battery or plugged in. Theres also the usual long list of driver improvements, new drivers, and tons and tons of other fixes and changes. OpenBSD 7.7 also ships with the latest GNOME and KDE releases, and contains fixes and improvements for a whole slew of obscure and outdated architectures.


  • Crucial Wii homebrew library contains code stolen from Nintendo, RTEMS
    The Wii homebrew community has been dealt a pretty serious blow, as developers of The Homebrew Channel for the Wii have discovered that not only does an important library most Wii homebrew software rely on use code stolen straight from Nintendo, that same library also uses code taken from an open source real-time operating system without giving proper attribution. Most Wii homebrew software is built atop a library called libogc. This library apparently contains code stolen from Nintendos SDK as well as from games using this SDK, decompiled and cleaned. This has been known for a while, but it was believed that large, important parts of libogc were at least original, but that, too, turns out to be untrue. Recently it has been discovered that libogcs threading/OS implementation has been stolen from RTEMS, an open source real-time operating system. The developers of libogc have indicated that they do not care, intend to do nothing about it, and deleted any issues reporting the stolen code. Whats wild about the code stolen from RTEMS is that its an open source operating system with a nice, permissive license; there was no need to steal the code at all, and all it would take to address it is proper attribution. As such, the fail0verflow group, which develops The Homebrew Channel for the Wii, has ceased all development on The Homebrew Channel, and archived the code repository. The Wii homebrew community was all built on top of a pile of lies and copyright infringement, and its all thanks to shagkur (who did the stealing) and the rest of the team (who enabled it and did nothing when it was discovered). Together, the developers deceived everyone into believing their work was original. Please demand that the leaders and major contributors to console or other proprietary device SDKs and toolkits that you use and work with do things legally, and do not tolerate this kind of behavior. ↫ The Homebrew Channel GitHub page Considering Nintendo is on a crusade to shutdown emulators, stuff like this is really not helping anyone trying to argue that consoles should be open devices, that emulators play an important role in preservation, and that people have a right to play the games they own on a device other than the console its intended for. Im sure this isnt the last well hear about this development.


  • 9front “CLAUSE 15 COMMON ELEMENTS OF MAUS AND STAR TYPE” released
    Few things in life make me happier than a new 9front release. This new release, 9front “CLAUSE 15 COMMON ELEMENTS OF MAUS AND STAR TYPE”, comes with a variety of fixes and new features, such as temperature sensor support for Ryzen processors, a new Intel i225 2.5 GbE driver, a number of low-level kernel improvements, and so, so many more small fixes and changes. If you use 9front, you already know all of this, and youre too cool to read OSNews anyway. If youre new to 9front and want to join the cool people club, you can download images for PC, Raspberry Pi, MNT Reform, and QEMU.


  • RetrOS-32: a 32bit hobby operating system with graphics, multitasking, and more
    RetrOS-32 is a 32bit operating system written from scratch, with graphics, multitasking and networking capabilities. The kernel is written in C and assembly, while the userspace applications are written in C++, using Make for compilation, all licensed under the MIT license. It runs on Qemu, of course, but a variety of real hardware is also supported, which is pretty cool and relatively unique for a small hobby project like this. The UI is delightfully retro  as the name obviously implies  and it comes with a set of basic applications, as well as games like Wolfenstein 3D.


  • The VTech Socratic method
    We’ve had a lot of fun with VTech’s computers in the past on this blog. Usually, they’re relatively spartan computers with limited functionality, but they did make something very interesting in the late 80s. The Socrates is their hybrid video game console/computer design from 1988, and today we’ll start tearing into it. ↫ Leaded Solder web log Now were in for the good stuff. A weird educational computer/game console/toy thing from the late 80s, by VTech. I have a massive soft spot for these toy-like devices, because theyre always kind of a surprise  will it be a stupidly simple hardcoded device with zero input/output, or a weirdly capable computer with tons of hidden I/O and a full BASIC ROM? You wont know until you crack it open and take a peek! VTech still makes things like this, and I still find them ever as fascinating.


  • Torvalds states the obvious: file systems should be case-sensitive
    Apparently, the Bcachefs people are having problems with case-folding, and Linus Torvalds himself is not happy about it. Torvalds holds the only right opinion in this matter, which is that filesystems should obviously be case-sensitive. Case-insensitive names are horribly wrong, and you shouldnt have done them at all. The problem wasnt the lack of testing, the problem was implementing it in the first place. Dammit. Case sensitivity is a BUG. The fact that filesystem people still think its a feature, I cannot understand. Its like they revere the old FAT filesystem so much that they have to recreate it  badly. ↫ Linus Torvalds on the LKML It boggles my mind that a modern operating system like macOS still defaults to being case-insensitive (but case-preserving), and opting to install macOS the correct way, i.e. with case-sensitivity, can still lead to issues and bugs because macOS isnt used to it. In 2025. Windows NTFS is at least case-sensitive, but apparently Win32 applications get all weird about it; if you have several files with identical names save for the case used, Win32 applications will only allow you to open one of them. Im not sure how up to date that information is, though. Regardless, the notion that Readme.txt is considered the same as readme.txt is absolutely insane, and should be one of those weird relics we got rid of back in the 90s.


  • Oddly, in defense of Google keeping Chrome
    As much as Im a fan of breaking up Google, Im not entirely sure carving Chrome out of Google without a further plan for what happens to the browser is a great idea. I mean, Google is bad, but things could be so, so much worse. OpenAI would be interested in buying Googles Chrome if antitrust enforcers are successful in forcing the Alphabet unit to sell the popular web browser as part of a bid to restore competition in search, an OpenAI executive testified on Tuesday at Googles antitrust trial in Washington. ↫ Jody Godoy at Reuters OpenAI is not the only AI! vulture circling the skies. Perplexity Chief Business Officer Dmitry Shevelenko said he didn’t want to testify in a trial about how to resolve Google’s search monopoly because he feared retribution from Google. But after being subpoenaed to appear in court, he seized the moment to pitch a business opportunity for his AI company: buying Chrome. ↫ Lauren Feiner at the Verge Or, you know, what about, I dont know, fucking Yahoo!? Legacy search brand Yahoo has been working on its own web browser prototype, and says it would like to buy Google’s Chrome if the company is forced by a court to sell it. ↫ Lauren Feiner at the Verge If the courts really want Google to divest Chrome, the least-worst position it could possibly end up is in some sort of open source foundation or similar legal construction, where no one company has total control over the worlds most popular browser. Of course, such a construction isnt exactly ideal either  it will become a battleground of corporate interests soaked with the blood of ordinary users  but anything, anything is better than cud peddlers like OpenAI or whatever the hell Yahoo! even is these days. As users, we really should not want Google to be forced to divest Chrome at this point in time. No matter the outcome, users are going to be screwed even harder than if it were to stay with Google. I hate to say this, but I dont see an option thats better than having Chrome remain part of Google. The big problem here is that there is no coherent strategy to deal with the big technology companies in the United States. Were looking at individual lawsuits where judges and medieval nonsense like juries try to deal with individual companies, which, even if, say, Google gets broken up, would do nothing but strengthen the other big technology companies. If, I dont know, Android suddenly had to make it on its own as a company, its not users who would benefit, but Apple. Is that the goal of antitrust? What you really need to deal with the inordinate power of the big technology companies is legislation that deals with the sector as a whole, instead of letting random courts and people forced to do jury duty decide what to do with Google or Amazon or whatever. The European Union is doing this to great success so far, getting all the major players to make sweeping changes to the benefit of users in the EU. If the United States is serious about dealing with the abusive behaviour of the big technology companies, its going to need to draft and pass legislation similar to the European Unions DMA and DSA. Of course, thats not going to happen. The United States Congress is broken beyond repair, the US president and his gaggle of incompetents are too busy destroying the US economy and infecting children with measles, and the big tech companies themselves are just bribing US politicians in broad daylight. The odds of the US being able to draft and pass effective big tech antitrust regulations is lower than zero. OpenAI Chrome. You feeling better yet about the open web?


  • Steam to highlight accessibility support for games on store pages
    The Steam store and desktop client will soon be able to help players find games that feature accessibility support. If your game has accessibility features, you can now enter that information in the Steamworks edit store section for your app. ↫ Steam announcements page I have a lot of criticism for the Steam client application  its a overly complex, unattractive, buggy, slow, top-heavy Chrome engine wrapped in an ugly user interface  but this is a great change and very welcome addition to Steam. Basically, with this, game developers can indicate which accessibility features their game has, allowing users to specifically search for those features, create filters, make sure they can play the game before buying, and so on. The client-side part of the feature is not yet available  it seems Valve is giving developers some time to fill in the necessary information  but once it is, youll be able to tell at a glance what accessibility a game has. Such information on the store page of games tends to be a great marketing tool, with reviews quickly pointing out if certain expected features are not present. Any game that lacks support for the Steam Deck or Proton, for instance, will often have a few reviews at the top mentioning as such, and games with invasive DRM cant get away with that either without reviews on Steam pointing it out. I wouldnt be surprised if these accessibility feature listings well quickly become another thing users will simply expect to be there. Regardless, this is great news for people who rely on such features, but even if you dont specifically  accessibility features are often just useful features, period.


  • A tour inside the IBM z17
    Welcome to a photo-driven tour of the IBM z17. Ive scoured the image library to pull dig deep inside these machines that most people dont get an opportunity to see inside, and Ill share some of the specifications gleaned from the announcement and related Redbooks. ↫ Elizabeth K. Joseph at the IBM community website These IBM mainframes dont have to be beautiful, but they always are. I wish I could see a z17 up close  hopefully IBM will release a detailed video walkthrough of one of these at some point, including taking one apart and putting it back together.


Linux Journal - The Original Magazine of the Linux Community

  • Setting Up a Secure Mail Server with Dovecot on Ubuntu Server
    by George Whittaker Introduction
    Email remains a cornerstone of modern communication. From business notifications to personal messages, having a robust and reliable mail server is essential. While cloud-based solutions dominate the mainstream, self-hosting a mail server offers control, customization, and learning opportunities that managed services can't match.

    In this guide, we will explore how to set up a secure and efficient mail server using Dovecot on an Ubuntu Server. Dovecot is a lightweight and high-performance IMAP and POP3 server that provides secure access to mailboxes. When paired with Postfix, it forms a powerful mail server stack capable of sending and receiving messages seamlessly.

    Whether you're a system administrator, a DevOps enthusiast, or simply curious about running your own mail infrastructure, this article provides a deep dive into configuring Dovecot on Ubuntu.
    Prerequisites
    Before we dive into configuration and deployment, ensure the following requirements are met:

    Ubuntu Server (20.04 or later recommended)

    Root or sudo access

    Static IP address assigned to your server

    Fully Qualified Domain Name (FQDN) pointing to your server

    Proper DNS records:

    A record pointing your domain to your server IP

    MX record pointing to your mail server’s FQDN

    Optional: SPF, DKIM, and DMARC for email authentication

    You should also ensure that your system is up-to-date:

    sudo apt update && sudo apt upgrade -y
    Understanding the Mail Server Stack
    A modern mail server is composed of several components:

    Postfix: SMTP server responsible for sending and routing outgoing mail.

    Dovecot: Handles retrieval of mail via IMAP/POP3 and secure authentication.

    SpamAssassin / ClamAV: For filtering spam and malware.

    TLS/SSL: Provides encrypted communication channels.

    Here's how they work together:

    Postfix receives email from external sources.

    It stores messages into local mailboxes.

    Dovecot lets users access their mail securely using IMAP or POP3.

    TLS/SSL encrypts the entire process, ensuring privacy.
    Step 1: Installing Postfix and DovecotInstall Postfix
    sudo apt install postfix -y

    During installation, you will be prompted to choose a configuration. Select:
    Go to Full Article


  • Debugging and Profiling Linux Applications with GDB and strace
    by George Whittaker
    Debugging and profiling are critical skills in a developer's toolbox, especially when working with low-level system applications. Whether you're tracking down a segmentation fault in a C program or understanding why a daemon fails silently, mastering tools like GDB (GNU Debugger) and strace can dramatically improve your efficiency and understanding of program behavior.

    In this guide, we’ll dive deep into these two powerful tools, exploring how they work, how to use them effectively, and how they complement each other in diagnosing and resolving complex issues.
    The Essence of Debugging and ProfilingWhat is Debugging?
    Debugging is the systematic process of identifying, isolating, and fixing bugs—errors or unexpected behaviors in your code. It’s an integral part of development that ensures software quality and stability. While high-level languages may offer interactive debuggers, compiled languages like C and C++ often require robust tools like GDB for line-by-line inspection.
    What is Profiling?
    Profiling, on the other hand, is about performance analysis. It helps you understand where your application spends time, which functions are called frequently, and how system resources are being utilized. While GDB can aid in debugging, strace provides a view of how a program interacts with the operating system, making it ideal for performance tuning and root cause analysis of runtime issues.
    Getting Hands-On with GDBWhat is GDB?
    GDB is the standard debugger for GNU systems. It allows you to inspect the internal state of a program while it’s running or after it crashes. With GDB, you can set breakpoints, step through code, inspect variables, view call stacks, and even modify program execution flow.
    Preparing Your Program
    To make your program debuggable with GDB, compile it with debug symbols using the -g flag:

    gcc -g -o myapp myapp.c

    This embeds symbol information like function names, variable types, and line numbers, which are essential for meaningful debugging.
    Basic GDB Commands
    Here are some fundamental commands you'll use frequently:

    gdb ./myapp # Start GDB with your program run # Start the program inside GDB break main # Set a breakpoint at the 'main' function break filename:line# Break at specific line next # Step over a function step # Step into a function continue # Resume program execution print varname # Inspect the value of a variable backtrace # Show the current function call stack quit # Exit GDB
    Go to Full Article


  • Debian Package Management: Aptitude vs. Apt-Get in Ubuntu
    by George Whittaker
    Package management is at the heart of every Linux system. It’s what makes installing, updating, and managing software on Linux-based distributions not just possible but streamlined and elegant. For users of Debian and its popular derivative Ubuntu, two powerful tools often stand at the center of debate: apt-get and aptitude. Though both are capable of managing packages effectively, they have unique characteristics that make them better suited to different use cases.

    This article provides a comparison of apt-get and aptitude, helping you understand their roles, differences, and when to use one over the other.
    Understanding the Debian Package Management Ecosystem
    Before diving into the specifics, it's helpful to understand the ecosystem in which both tools operate.
    What is a Package Manager?
    A package manager is software that automates the process of installing, upgrading, configuring, and removing software packages from a computer. In Debian-based systems, packages are distributed in .deb format.
    The APT System
    APT, or Advanced Package Tool, is the foundation of package management in Debian-based systems. It works with core components such as:

    dpkg – the base tool that installs and manages .deb files

    apt-get / apt – command-line front-ends for retrieving and managing packages from repositories

    apt-cache – used for searching and querying package information

    aptitude – a higher-level package manager that interacts with APT and dpkg under the hood
    What is apt-get?A Brief History
    apt-get has been a trusted part of Debian since the late 1990s. It was designed to provide a consistent command-line interface to the APT system and has been widely used in scripts and system automation.
    Core Features
    Handles package installation, upgrade, and removal

    Fetches and resolves dependencies automatically

    Interacts directly with APT repositories
    Common Commands
    Here are some frequently used apt-get commands:
    Go to Full Article


  • Ubuntu Unity vs. GNOME: Choosing the Right Ubuntu Experience for Your Workflow
    by George Whittaker
    Ubuntu is one of the most popular Linux distributions, renowned for its ease of use, extensive community support, and frequent updates. While the core of Ubuntu remains consistent, the desktop environment—what users interact with visually—can vary. Two prominent options for Ubuntu users are Unity and GNOME. Each offers a distinct experience with unique design philosophies, features, and workflows.

    Whether you're a seasoned Linux user or a curious newcomer, understanding the differences between Unity and GNOME can help you tailor your Ubuntu setup to better suit your needs. This article explores both environments to help you make an informed choice.
    A Tale of Two Desktops: History and EvolutionUnity: Canonical's Custom Vision
    Unity was first introduced by Canonical in 2010 with the release of Ubuntu 10.10 Netbook Edition. It was developed to create a consistent user experience across desktop and mobile devices, long before convergence became a buzzword.

    Unity became Ubuntu’s default desktop starting with Ubuntu 11.04. Its vertical launcher, global menu, and Dash search aimed to improve efficiency and streamline user interaction. However, despite its innovation, Unity had its critics. Performance issues on lower-end hardware and resistance to change from GNOME users caused friction in the community.

    In 2017, Canonical made the unexpected decision to abandon Unity development and return to GNOME, starting with Ubuntu 17.10. But Unity didn’t disappear—it was adopted by the open source community and lives on in the form of Ubuntu Unity, an official Ubuntu flavor.
    GNOME: The Linux Standard
    GNOME is one of the oldest and most respected desktop environments in the Linux ecosystem. Launched in 1999, it focuses on simplicity, accessibility, and ease of use. The release of GNOME 3 in 2011 marked a major redesign, introducing GNOME Shell, which departed from the traditional desktop metaphor in favor of a more modern and minimal interface.

    GNOME became the default Ubuntu desktop again in 2017 and has since seen continuous refinement. With support from major distributions like Fedora, Debian, and Ubuntu, GNOME enjoys a broad user base and robust development activity.
    Interface Design and User ExperienceUnity: Efficiency Meets Innovation
    Unity's interface is distinct and immediately recognizable. Here are some key components:

    Launcher (Dock): Positioned vertically on the left side, the Launcher holds pinned and running applications. It’s space-efficient and easily navigated via mouse or keyboard.
    Go to Full Article


  • The Power of Linux Shell Environment Variables
    by George Whittaker
    If you're working in a Linux environment, chances are you've encountered environment variables—even if you didn’t realize it at the time. They quietly power much of what goes on behind the scenes in your shell sessions, influencing everything from what shell prompt you see to which programs are available when you type a command. Whether you're an experienced sysadmin or a new Linux user, mastering environment variables is essential for customizing and controlling your shell experience.

    In this guide, we'll take a dive into environment variables in the Linux shell. By the end, you'll not only know how to view and set these variables, but also how to persist them, use them in scripts, and troubleshoot issues effectively.
    What Are Environment Variables?
    At a basic level, environment variables are dynamic named values that affect the behavior of running processes on your Linux system. Think of them as configuration settings that your shell (like Bash or Zsh) and applications refer to in order to understand how they should operate.

    For example:

    The PATH variable tells the shell where to look for executable files.

    The HOME variable stores the path to your home directory.

    The LANG variable defines your system’s language and character encoding.
    Environment Variables vs Shell Variables
    There is an important distinction between shell variables and environment variables:

    Shell variables are local to the shell session in which they are defined.

    Environment variables are shell variables that have been exported, meaning they are inherited by child processes spawned from the shell.
    Viewing Environment Variables
    Before you can modify or use environment variables, it's important to know how to inspect them.
    View All Environment Variables
    printenv

    or

    env

    Both commands list environment variables currently set for the session.
    View a Specific Variable
    echo $HOME

    This will display the current user's home directory.
    View All Shell Variables
    set

    This command displays all shell variables and functions. It's broader than printenv.
    Setting and Exporting Environment Variables
    You can define your own variables or temporarily change existing ones within your shell.
    Go to Full Article


  • Git on Linux: A Beginner’s Guide to Version Control and Project Management
    by George Whittaker
    Version control is a fundamental tool in modern software development, enabling teams and individuals to track, manage, and collaborate on projects with confidence. Whether you're working on a simple script or a large-scale application, keeping track of changes, collaborating with others, and rolling back to previous versions are essential aspects of development. Among various version control systems, Git has emerged as the most widely used and trusted tool — especially on Linux, where it integrates seamlessly with the system's workflow.

    This guide will walk you through the basics of Git on Linux, explaining what Git is, how to install it, and how to start using it to manage your projects efficiently. Whether you're a new developer or transitioning from another system, this comprehensive introduction will help you get started with Git the right way.
    What Is Git and Why Use It?
    Git is a distributed version control system (DVCS) originally created by Linus Torvalds in 2005 to support the development of the Linux kernel. It allows developers to keep track of every change made to their source code, collaborate with other developers, and manage different versions of their projects over time.
    Key Features of Git:
    Distributed Architecture: Every user has a full copy of the repository, including its history. This means you can work offline and still have full version control capabilities.

    Speed and Efficiency: Git is optimized for performance, handling large repositories and files with ease.

    Branching and Merging: Git makes it easy to create and manage branches, allowing for efficient parallel development and experimentation.

    Integrity and Security: Every change is checksummed and stored securely using SHA-1 hashing, ensuring that your project’s history cannot be tampered with.

    Compared to older systems like Subversion (SVN) or CVS, Git offers far greater flexibility and is better suited to both small personal projects and large collaborative efforts.
    Installing Git on Linux
    Installing Git on Linux is straightforward thanks to package managers available in every major distribution.
    For Ubuntu/Debian-based Systems:
    sudo apt update sudo apt install git
    For Fedora:
    sudo dnf install git
    For Arch Linux:
    sudo pacman -S git

    After installation, verify it with:

    git --version
    Go to Full Article


  • Mastering Linux File Permissions and Ownership
    by George Whittaker
    In the world of Linux, where multi-user systems and server security are foundational principles, understanding file permissions and ownership is crucial. Whether you're a beginner exploring your first Linux distribution or a seasoned system administrator managing critical servers, knowing how permissions work is key to ensuring the integrity, privacy, and functionality of your system.

    This guide will take you deep into the core of Linux file permissions and ownership—what they are, how they work, how to modify them, and why they matter.
    Why File Permissions and Ownership Matter in Linux
    Linux is built from the ground up as a multi-user operating system. This means:

    Multiple users can operate on the same system simultaneously.

    Different users have different levels of access and control.

    Without a permissions system, there would be no way to protect files from unauthorized access, modification, or deletion. File permissions and ownership form the first layer of defense against accidental or malicious activity.
    Linux Permission Basics: Read, Write, Execute
    Each file and directory in Linux has three basic types of permissions:

    Read (r) – Permission to view the contents of a file or list the contents of a directory.

    Write (w) – Permission to modify a file or create, rename, or delete files within a directory.

    Execute (x) – For files, allows execution as a program or script. For directories, allows entering the directory (cd).
    Permission Categories: User, Group, Others
    Permissions are assigned to three distinct sets of users:

    User (u) – The file's owner.

    Group (g) – A group associated with the file.

    Others (o) – Everyone else.

    So for every file or directory, Linux evaluates nine permission bits, forming three sets of rwx, like so:

    rwxr-xr--

    This breakdown means:

    rwx for the owner

    r-x for the group

    r-- for others
    Understanding the Permission String
    When you list files with ls -l, you’ll see something like this:

    -rwxr-xr-- 1 alice developers 4096 Apr 4 14:00 script.sh

    Let’s dissect it:
    Go to Full Article


  • How to List Groups in Linux Like a Pro
    by George Whittaker
    In Linux, groups play a central role in managing user permissions and access control. Whether you're an experienced system administrator or a curious new user, understanding how to list and analyze group information is a fundamental skill. This guide explores everything you need to know about listing groups in Linux, using a variety of tools and techniques to get exactly the information you need.
    What Are Groups in Linux and Why Do They Matter?
    Linux is a multi-user operating system, and one of its strengths lies in the fine-grained control it offers over who can do what. Groups are a way to organize users so that multiple people can share access to files, devices, or system privileges.

    Each group has:

    A group name

    A Group ID (GID)

    A list of users who are members of the group
    Types of Groups:
    Primary group: Each user has one primary group defined in /etc/passwd. Files the user creates are associated with this group by default.

    Secondary (or supplementary) groups: Users can belong to additional groups, which allow access to other resources.
    How to List All Groups on a Linux System
    To see every group that exists on the system, you can use the following methods:
    getent group
    getent group

    This is the preferred method on modern systems because it queries the system’s name service switch configuration (NSS). It includes local and possibly remote group sources (like LDAP or NIS).

    Example output:

    sudo:x:27: docker:x:999:user1,user2 developers:x:1001:user3
    cat /etc/group
    cat /etc/group

    This command prints the content of the /etc/group file, which is the local group database. It’s simple and fast, but it only shows local groups.

    Each line is formatted as:

    group_name:password_placeholder:GID:user1,user2,...
    compgen -g (Bash built-in)
    compgen -g

    This command outputs only the group names, which is helpful for scripting or cleaner views.
    How to List Groups for a Specific User
    You might want to know which groups a particular user belongs to. Here’s how:
    groups username
    groups john

    Outputs a space-separated list of groups that john belongs to. If no username is given, it shows groups for the current user.
    id username
    id alice
    Go to Full Article


  • EU OS: A Bold Step Toward Digital Sovereignty for Europe
    Image
    A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
    What Is EU OS?
    EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.

    Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
    The Vision Behind EU OS
    The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.

    Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.

    However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
    Conclusion
    EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.

    Source: It's FOSS
    European Union


  • Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.

    In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.

    On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.

    Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.

    The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.

    Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.

    You can download the latest kernel here.
    Linus Torvalds kernel


Page last modified on November 02, 2011, at 10:01 PM