|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All)
(Two Column)
- Fedora 43 Python-Cryptography Addresses Major DNS SAN Security Flaw
Update to v46.0.6 This includes a single fix for security issue: * **SECURITY ISSUE**: Fixed a bug where name constraints were not applied to peer names during verification when the leaf certificate contains a wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug,
- Kernel prepatch 7.0-rc6
The 7.0-rc6 kernel prepatch is out fortesting.
Anyway, exactly because it's just "more than usual" rather than feeling *worse* than usual, I don't currently feel this merits extending the release, and I still hope that next weekend will be the last rc. But it's just a bit unnerving how this release doesn't want to calm down, so no promises.
- [$] The many failures leading to the LiteLLM compromise
LiteLLMis a gateway library providing access to a number of large language models(LLMs); it is popular and widely used. On March 24, the word went outthat the version of LiteLLM found in the PythonPackage Index (PyPI) repository had beencompromised with information-stealing malware and downloaded thousands oftimes, sparking concern across the net. This may look like just anothersupply-chain attack — and it is — but the way it came about reveals justhow many weak links there are in the software supply chains that we alldepend on.
- The telnyx packages on PyPI have been compromised
The SafeDep blog reportsthat compromised versions of the telnyx package have been found in the PyPIrepository:
Two versions of telnyx (4.87.1 and 4.87.2) published to PyPI on March 27, 2026 contain malicious code injected into telnyx/_client.py. The telnyx package averages over 1 million downloads per month (~30,000/day), making this a high-impact supply chain compromise. The payload downloads a second-stage binary hidden inside WAV audio files from a remote server, then either drops a persistent executable on Windows or harvests credentials on Linux/macOS.
- Security updates for Friday
Security updates have been issued by AlmaLinux (389-ds:1.4, gnutls, mysql:8.0, mysql:8.4, nginx, nginx:1.24, opencryptoki, python3, vim, and virt:rhel and virt-devel:rhel), Debian (firefox-esr, ruby-rack, and thunderbird), Fedora (fontforge, headscale, kryoptic, libopenmpt, pyOpenSSL, python-cryptography, rubygem-json, rust-asn1, rust-asn1_derive, rust-cryptoki, rust-cryptoki-sys, rust-wycheproof, vim, and vtk), Oracle (freerdp, golang, mysql:8.0, and ncurses), Red Hat (osbuild-composer), Slackware (libpng and tigervnc), SUSE (chromium, frr, kea, kernel, nghttp2, pgvector, python-deepdiff, python-pyasn1, python-tornado6, python-urllib3, python3, python310, ruby2.5, salt, sqlite3, systemd, tomcat, vim, and xen), and Ubuntu (libcryptx-perl).
- The forge is our new home (Fedora Community Blog)
Tomáš Hrčka has announcedthat the Forgejo-based Fedora Forge is now afully operational collaborative-development platform; it is ready foruse by the larger Fedora community, which means the homegrown Pagure platform's days are numbered:
While pagure.io has been a vital part of our community for manyyears, the time has come to retire our homegrown forge and transitionto this powerful new tool.
The final cutover is planned for Flock to Fedora 2026. We stronglyencourage teams to migrate their projects well before the conferenceto ensure a smooth transition. The pagure.io migration is only thefirst step in a broader infrastructure modernization effort. By the2027 Fedora 46 release, we plan to retire all remaining Pagureinstances across the project, including the package sourcerepositories on src.fedoraproject.org. Getting familiar with FedoraForge now will help ensure your team is ready as the rest of theFedora ecosystem transitions.
There is a migrationguide for Fedora community members that own projects hosted onPagure and need to move to the new forge.
- [$] Vibe-coded ext4 for OpenBSD
A number of projects have been struggling with the question of whichsubmissions created by large language models (LLMs), if any, should beaccepted into their code base. This discussion has been further muddied byefforts to use LLM-driven reimplemention as a way to remove copyleftrestrictions from a body of existing code, as recently happened with the Python chardet module. Inthis context, an attempt to introduce an LLM-generated implementation ofthe Linux ext4 filesystem into OpenBSD was always going to create somefireworks, but that project has its own, clearly defined reasons forlooking askance at such submissions.
- Security updates for Thursday
Security updates have been issued by Debian (awstats, firefox-esr, and nss), Fedora (chromium, dotnet10.0, dotnet8.0, dotnet9.0, freerdp, and wireshark), Mageia (graphicsmagick and xen), Oracle (mysql:8.4 and nginx), Red Hat (podman), Slackware (bind and tigervnc), SUSE (azure-storage-azcopy, firefox-esr, giflib, glances-common, govulncheck-vulndb, grafana, kernel, libpng16, libsoup, mumble, net-snmp, perl-Crypt-URandom, pgvector-devel, pnpm, postgresql17, Prometheus, protobuf, python-cbor2, python-Jinja2, python-simpleeval, python311-dynaconf, python311-pydicom, python313-PyMuPDF, salt, snpguest, systemd, and vim), and Ubuntu (bind9, linux-azure, linux-azure, linux-azure-6.17, linux-azure-6.8, and mbedtls).
- [$] LWN.net Weekly Edition for March 26, 2026
Inside this week's LWN.net Weekly Edition:
Front: Security collaboration; Manjaro governance; kernel development tools; PHP licensing; kernel direct map patches; sleepable BPF. Briefs: LiteLLM compromise; Tor in Taiwan; b4 v0.15.0; 24-hour sideloading; Agama 19; Firefox 149.0; GNOME 50; Krita 5.3.0 and 6.0.0; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- [$] Collaboration for battling security incidents
The keynote for Sun Security Con2026 (SunSecCon) was given by Farzan Karimi on how incident handlingcan go awry because of a lack of collaboration between the "goodguys"—which stands in contrast to how attackers collaboratively operate.He provided some "war stories" where security incident handling hadbenefited from collaboration and others where it was hampered by its lack.SunSecCon was held in conjunction with SCALE 23x in Pasadenain early March.
- Setting up a Tor Relay at National Taiwan Normal University (Tor Blog)
The Tor Blog has an interesting articleabout the non-technical side of setting up a Tor Relay. It documents how acomputer science student at National Taiwan Normal University worked with theuniversity system to set up a relay and provides a template for futureattempts:
In Taiwan, anonymous networks do not lack technical documentation orideological support. The real scarcity is experience from actually workingthrough the real institutional system once. Especially in an environment whereacademic networks are highly centralized and outbound connectivity is tightlycontrolled, distributed anonymous infrastructure like Tor Relays is inherentlydifficult to sustain.
This implementation at National Taiwan Normal University was not meant toprovide a final answer for anonymous networks. It was a concrete attempt madewithin real-world institutions. It may not immediately improve the performanceor security of anonymous networks, and it was not intended to become a directlyreproducible standard process. What it did achieve was leaving behind a clearlyvisible path of practice—one that can be understood, referenced, and builtupon.
- LibreQoS v2.0 released
Version2.0 of the LibreQoS traffic-management and network operationsplatform has been released.
This release makes LibreQoS easier to operate, easier to understand,and much more useful for day-to-day network work. Now users can seemore of what is happening across the network, troubleshoot subscriberissues with better tools, and work from a much stronger localWebUI.
This release includes many capabilities that reflect ideas anddirection long championed by our late colleague, Dave Täht.
Dave's work helped shape the understanding of bufferbloat and theimportance of latency under load across the networking community. Hisinfluence continues to guide both LibreQoS and the broader effort toimprove Internet quality.
The project has also announcedthe release of the LibreQoS Bufferbloat Testv2, also dedicated to Täht. It runs in a user's browser to look at"latency under load, jitter, loss, and what those things mean forthe kinds of traffic people actually care about: browsing, streaming,video calls, audio calls, backups, and gaming".
- [$] More efficient removal of pages from the direct map
The kernel's direct map provides code running in kernel mode with directaccess to all physical memory installed in the system — on 64-bit systems,at least. It obviously makes life easier for kernel developers, but thedirect map also brings some problems of its own, most of which aresecurity-related. Interest in removing at least some pages from the directmap has been simmering for years; a couple of patch sets under discussion show some use cases for memory that has been removed from thedirect map, and how such memory might be efficiently managed.
- Security updates for Wednesday
Security updates have been issued by Debian (chromium), Fedora (chromium, containernetworking-plugins, musescore, and python-multipart), Mageia (perl-XML-Parser, roundcubemail, trilead-ssh2, vim, and webkit2), Oracle (389-ds:1.4, gimp:2.8, glibc, gnutls, kernel, libarchive, nginx:1.24, opencryptoki, python3, uek-kernel, vim, yggdrasil, and yggdrasil-worker-package-manager), Red Hat (delve, osbuild-composer, and skopeo), Slackware (mozilla), SUSE (dpkg, go1.26-openssl, gstreamer-plugins-ugly, kernel, libssh, ovmf, python-pyasn1, python-tornado6, python311, salt, sqlite3, and systemd), and Ubuntu (linux-aws-fips, linux-azure, linux-azure-fips, linux-fips, linux-gcp-fips, linux-iot, linux-kvm, pjproject, and redis).
- Pine64 FOSDEM 2026 Update Details PineNote and PineTab2 Progress
Pine64 has published a community update following FOSDEM 2026, outlining recent development activity, hardware demonstrations, and production challenges affecting its device lineup. The update highlights progress on PineNote and PineTab2 software, early work on PineTime Pro, and the impact of the ongoing DRAM shortage on several products. The FOSDEM 2026 event provided an opportunity for […]
- Beginners Guide for Env Command on Linux
The env command is an advanced version of printenv with a few more features to tweak your environment variables, like setting new environment variables, printing all environment variables, or executing a command in a modified environment.
- Linux 7.0-rc6 Bringing A Lot Of Audio Quirks / Fixes
The Linux 7.0-rc6 kernel due for release tomorrow has a lot of audio fixes/quirks to correct a wide variety of different hardware issues, mostly different problematic laptops for their speakers and/or microphone behavior under Linux...
- KDE Plasma 6.6 Showing Frequent Performance Advantage Over GNOME 50 With NVIDIA R595 Driver
Earlier this week I provided benchmarks looking at KDE Plasma 6.6's performance advantage over GNOME 50 for Linux gaming with AMD Radeon graphics. That raised the question if the same was true when using NVIDIA graphics with their official Linux graphics driver stack. Here are such benchmarks looking at the KDE Plasma 6.6 and GNOME 50 performance on Ubuntu 26.04 beta while using the new NVIDIA 595.58.03 Linux driver.
- Google is to journalism what Vikings were to monks. Now their man will run the BBC
Canny planning or dangerous compromise? Matt Brittin takes the hotseat at a pivotal moment
Opinion The BBC has a new head honcho in waiting, the Director-General designate Matt Brittin. His job: helming one of the world's most famous and oldest international media brands, one with a vast and sensitive domestic position. His last job: President of EMEA Business and Operations at Google. You can imagine a greater culture clash, but you'll have to work at it.…
- Security contractor blew the whistle on support crew's viral indifference
Career-limiting stupidity and rudeness exposed, with terminal consequences
Who, Me? The week before Easter may be a short one for many in the Reg-reading world, but that won't stop us from opening it with a fresh installment of Who, Me? It's the reader-contributed column in which you share stories of things you did at work that had interesting consequences.…
- US foreign router ban criticized for being ‘industrial policy disguised as cybersecurity’
Public policy professor says it will make America less secure but hits Netgear’s lobbying goals
The United States’ ban on foreign-made SOHO routers won’t improve security, and only makes sense as “industrial policy disguised as cybersecurity,” according to Milton Mueller, Professor at the University of Georgia’s School of Public Policy and founder of its Internet Governance Project.…
- The first thing vibe coding builds is confidence it will help you succeed
And developers should be confident it won't kill the craft
Secret CEO In 1991, when I was 16, a Norwegian Exchange student gave an inspirational performance of the Three Billy Goats Gruff, in the original Norwegian, at my high school talent night. She delivered this performance with such gusto that every word of her performance stuck in my mind and, to this day, I can recite the Three Billy Goats Gruff in Norwegian.…
- Senators want datacenters to come clean on power consumption
Ratepayer Protection Pledge is unenforceable without hard numbers, Warren and Hawley argue
US senators are pushing to require datacenters and other large energy customers to report consumption, arguing the data is essential to hold them accountable to local communities.…
- AFC Ajax drops ball as flaws let hackers play admin with tickets and bans
Vulns in Dutch football club's systems didn't just expose data – they let outsiders play with accounts, and even lift stadium bans
Dutch football giant AFC Ajax has admitted to a data breach after an attacker gained access to its internal systems, in an incident that looks less like a stray pass and more like the gates left wide open.…
- Lloyds app glitch turned transactions into shared experience for 447k users
A botched update mixed up transaction data across accounts, with thousands now receiving goodwill payouts
A botched overnight software update at Lloyds Banking Group left up to 447,000 customers briefly seeing other people's transactions in its mobile apps, with the bank now acknowledging the scale of the incident and compensating affected users.…
- UK government admits Capita pension portal was crapita at launch
PAC grilling reveals £239M bought a system that couldn't handle the work, the volumes, or placeholder text
A UK government official has admitted Capita did not reach the expected level of performance following the disastrous launch of the Civil Service Pension Scheme (CSPS) web portal late last year.…
- Engineer sabotaged hardware then complained when it didn't work
The 600 km drive to fix the mess was a special treat
On Call Every week is special in its own way, and The Register celebrates that fact by using Friday mornings to deliver a fresh installment of On Call, our weekly reader-contributed column that shares your memories of managing IT messes someone else made.…
- AI companies lick their chops as FCC proposes forcing call center onshoring
You actually think companies are going to pay Americans to take customer service calls in the AI age?
Uncle Sam is trying to make American call centers great again. The question is whether they will be great because they're filled with local workers or whether this will provide yet another excuse for companies to turn customer service jobs over to AI.…
- AWS would prefer to forget March ever happened in its UAE region
Cloud giant waives an entire month of charges, then erases the billing data. There is literally nothing to see here.
I received an email / billing notification from AWS this week that may be the most diplomatically crafted communication in the history of cloud computing. Here it is, stripped of the usual boilerplate around it:…
- AMD's new desktop CPU oozes cache out of all 16 cores
Turns out massive caches are good for more than games. House of Zen boasts 5-13% perf boost over prior-gen part
AMD aims to extend its lead in desktop gaming with a new CPU, dubbed the Ryzen 9 9950X3D2 Dual Edition. This top-of-the-line part has 16 cores fed by an absolutely massive 208 MB pool of cache, with memory spread across both CCDs.…
- Apple signs meaningless deal to make some less-important parts in America
Maybe that's why Tim didn't get an invitation to the President's tech bro club?
Apple's American Manufacturing Program (AMP) is expanding, with new suppliers signed on to produce iPhone components - though those parts will still be shipped overseas for final assembly. Tim Apple may continue avoiding tariffs but he probably won't win a lot of brownie points with President Trump.…
- Staff too scared of the AI axe to pick it up, Forrester finds
Your AI rollout isn't failing – your employees just hate it
If your company isn't seeing great returns from its investment in AI, you might want to look at the humans tasked with deploying it and how you can motivate them. Right now, many employees fear AI-driven job losses and aren't well trained to use the tech, according to Forrester.…
- AI bug reports went from junk to legit overnight, says Linux kernel czar
Greg Kroah-Hartman can't explain the inflection point, but it's not slowing down or going away
Interview I was at a press luncheon at KubeCon Europe this week when, to my surprise, who should sit down next to me but long-term Linux kernel maintainer Greg Kroah-Hartman. Greg, who lives in the Netherlands these days, was there to briefly comment on AI, Linux, and security. We spoke about how, over the last month, AI-driven activity around Linux security and code review has "really jumped" in a way no one in the open source world saw coming.…
- Brit lawmaker targeted by AI deepfake fails to get answers from US Big Tech
Appearing before Parliament, Meta, Google and X struggle to explain how fake political video circulated for so long
A member of the UK Parliament's lower house who was the victim of a deepfake AI campaign this week had a rare chance to confront the Big Tech executives who helped spread it. Their answers disappointed.…
- Datacenter batteries are selling years in advance, because AI, says Panasonic
Shifting production from automotive to compute and working on supercapacitors as another way to protect workloads
Major memory makers have already sold all the kit they can make this year, creating shortages and price increases. Datacenter infrastructure buyers may soon face the same issues when trying to get their hands on backup batteries.…
- Scammers have virtual smartphones on speed dial for fraud
They cleverly mimic most traits of a real phone
Smartphones have fast become the basis of our digital identities, securing payment systems and bank accounts. Now virtual devices that pretend to be real handsets have become a key tool for financial scammers, according to one company. …
- Only Trump can decide when cyberwar turns into real war
Four former NSA bosses walk onto the stage at RSAC…
rsac 2026 There's a theoretical red line with cyber warfare. Cross it, and the US will respond with a physical attack like missile strikes. And that line "is whatever the President says it is," according to former NSA boss retired General Paul Nakasone.…
- Oracle: AI agents can reason, decide and act - liability question remains
Fusion Agentic Applications promise autonomous enterprise decisions. Gartner urges caution
Oracle says it's building a suite of AI agents into its cloud-based enterprise applications, claiming they can make and execute decisions autonmomously within business processes. But analysts are urging caution given unresolved questions around data integration and liability.…
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]
- Things Linux OS Can Do That Other OS Can�t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter [0]
- Running a Plan 9 network on OpenBSD
This guide describes how you can install a Plan 9 network on an OpenBSD machine (it will probably work on any unix machine though). The authentication service (called authsrv! on Plan 9) is provided by a unix version: authsrv9. The file service is provided by a program called u9fs!. It comes with Plan 9. Both run from inetd. The (diskless) cpu server is provided by running qemu, booted from only a floppy (so without local storage). Finally, the terminal is provided by the program drawterm. The nice thing about this approach is that you can use all your familiar unix tools to get started with Plan 9 (e.g. you can edit the Plan 9 files with your favorite unix editor). I�m assuming you have read at least something about Plan 9, for example the introduction paper Plan 9 from Bell Labs. ↫ Mechiel Lukkien If you�re running OpenBSD, you�re already doing something better than everyone else, and if you want to ascend to the next level, this is a great place to start. Of course, the final level, where you leave your earthly roots behind and become a being of pure enlightened energy, is running Plan 9 on real hardware as the universe intended, but let�s not put the cart before the horse. One day, all of humanity will just be an endless collection of interconnected cosmic Plan 9 servers, more plentiful than the stars in the known universe.
- Will AI! chatbots be the tobacco of the future?
Towards the end of 2024, Dennis Biesma decided to check out ChatGPT. The Amsterdam-based IT consultant had just ended a contract early. “I had some time, so I thought: let’s have a look at this new technology everyone is talking about,” he says. “Very quickly, I became fascinated.” Biesma has asked himself why he was vulnerable to what came next. He was nearing 50. His adult daughter had left home, his wife went out to work and, in his field, the shift since Covid to working from home had left him feeling “a`little isolated”. He smoked a bit of cannabis some evenings to “chill”, but had done so for years with no ill effects. He had never experienced a mental illness. Yet within months of downloading ChatGPT, Biesma had sunk €100,000 (about £83,000) into a business startup based on a delusion, been hospitalised three times and tried to kill himself. ↫ Anna Moore at The Guardian These stories are absolutely heart-wrenching, and it doesn�t just happen to people who have had a history of mental illness or other things you might associate with priming someone for falling for! an AI! chatbot. Just a few years in, and it�s already clear that these tools pose a real danger to a group of people of indeterminate size, and proper research into the causes is absolutely warranted and needed. On top of that, if there�s any evidence of wrongdoing from the companies behind these chatbots � intentionally making them more addictive, luring people in, ignoring established dangers, covering up addiction cases, etc. � lawsuits and regulation are definitely in order. Only yesterday, Facebook and Google lost a landmark trial in the US, ruling the companies intentionally made social media as addictive as possible, thereby destroying a person�s life in the process. Countless similar lawsuits are underway all over the world, and I have a feeling that in a few years to decades, we�ll look at unregulated, rampant social media the same way we look at tobacco now. Perhaps AI! chatbots will join their ranks, too.
- Microsoft removes trust for drivers signed with the cross-signed driver program
Today, we’re excited to announce a significant step forward in our ongoing commitment to Windows security and system reliability: the removal of trust for all kernel drivers signed by the deprecated cross-signed root program. This update will help protect our customers by ensuring that only kernel drivers that the Windows Hardware Compatibility Program (WHCP) have passed and been signed can be loaded by default. To raise the bar for platform security, Microsoft will maintain an explicit allow list of reputable drivers signed by the cross-signed program. The allow list ensures a secure and compatible experience for a limited number of widely used, and reputable cross-signed drivers. This new kernel trust policy applies to systems running Windows 11 24H2, Windows 11 25H2, Windows 11 26H1, and Windows Server 2025 in the April 2026 Windows update. All future versions of Windows 11 and Windows Server will enforce the new kernel trust policy. ↫ Peter Waxman at the Windows IT Pro Blog The cross-signed root program was discontinued in 2021, and ran since the early 2000s, so I think it�s fair to no longer automatically assume such possibly old and outdated drivers are still to be trusted.
- Windows 95 defenses against installers that overwrite a file with an older version
I�ll never grow tired of reading about the crazy tricks the Windows 95 development team employed to make the user experience as seamless as they could given the constraints they were dealing with. During the 16bit Windows days, application installers could replace system components with newer versions if such was necessary. Installers were supposed to do a version check, but many of them didn�t follow this guidance. When moving to Windows 95, this meant installers ended up replacing Windows 95 system components with Windows 3.x versions, which wasn�t exactly a goods thing. So, they came up with a solution. Windows 95 worked around this by keeping a backup copy of commonly-overwritten files in a hidden C:\Windows\SYSBCKUP directory. Whenever an installer finished, Windows went and checked whether any of these commonly-overwritten files had indeed been overwritten. If so, and the replacement has a higher version number than the one in the SYSBCKUP directory, then the replacement was copied into the SYSBCKUP directory for safekeeping. Conversely, if the replacement has a lower version number than the one in the SYSBCKUP directory, then the copy from SYSBCKUP was copied on top of the rogue replacement. ↫ Raymond Chen All of this happened entirely silently, and neither the installers nor the user had any idea this was happening. The Windows 95 team tried other solutions, like just making it impossible to replace system components with older versions entirely, but that caused many installers to break. Some installers apparently even went rogue and would create a batch file that would replace the system components upon a reboot, before Windows 95 could perform its silent fixes. Wild. I used Windows 95 extensively, and had no idea this was a thing.
- US regulator bans imports of new foreign-made routers, citing security concerns
The U.S. Federal Communications Commission said on Monday it was banning the import of all new foreign-made consumer routers, the latest crackdown on Chinese-made electronic gear over security concerns. China is estimated to control at least 60% of the U.S. market for home routers, boxes that connect computers, phones, and smart devices to the internet. ↫ David Shepardson at Reuters I�m sure the American public will be thrilled to find out yet another necessity has drastically increased in price.
- Apple discontinues the Mac Pro with no plans for future hardware
It’s the end of an era: Apple has confirmed to 9to5Mac that the Mac Pro is being discontinued. It has been removed from Apple’s website as of Thursday afternoon. The “buy” page on Apple’s website for the Mac Pro now redirects to the Mac’s homepage, where all references have been removed. Apple has also confirmed to 9to5Mac that it has no plans to offer future Mac Pro hardware. ↫ Chance Miller at 9To5Mac If a Mac Pro falls in the back of the Apple Store and there�s no one around to hear it, does it make a sound?
- The reports of age verification in Linux are greatly exaggerated, for now
Several US states, the country of Brazil, and I�m sure other places in the world have enacted or are planning to enact laws that would place the burden of age verification of users on the shoulders of operating system makers. The legal landscape is quite fragmented at this point, and there�s no way to tell which way these laws will go, with tons of uncertainties around to whom these laws would apply, if it targets accounts for application store access or the operating system as a whole, what constitutes an operating system in the first place, and many more. Still, these laws are already forcing major players like Apple to implement sharing self-reported age brackets with application developers (at least in iOS), so there�s definitely something happening here. In recent weeks, the open source world has also been confronted with the first consequences of these laws, as both systemd and xdg-desktop-portal have responded to operating system-level age verification laws in, among other places, California and Colorado, by adding birthDate to userdb (on systemd�s side) and developing an age verification portal (on xdg-desktop-portal�s side) for use by Flatpaks. The age verification portal would then use the value set in usrdb�s birthDate as its data source. The value in birthDate would only be modifiable by an administrator, but can be read by users, applications, and so on. Crucially, this field is entirely optional, and distributions, desktop environments, and users are under zero obligation to use it or to enter a truthful value. In fact, contrary to countless news items and comments about these additions, nothing about this even remotely constitutes as age verification!, as nothing � not the government, not the distribution or desktop environments, not the user � has to or even can verify anything. If these changes make it to your distribution, you don�t have to suddenly show your government ID, scan your face, or link your computer to some government-run verification service, or even enter anything anywhere in the first place. Furthermore, while the xdg-desktop-portal�s proposals are still fluid and subject to change, consensus seems to be to only share age brackets with applications, instead of full birth dates or specific ages � assuming anything has even been entered in the birthDate field in the first place. Even if your Linux distribution and/or desktop environment implements everything needed to support these changes and expose them to you in a nice user interface, everything about it is optional and under your full control. The field is of the same type as the existing fields emailAddress, realName, and location, which are similarly entirely optional and can be left empty if desired. Taken in isolation, then, as it currently stands, there�s really not much meat to these changes at all. The primary reason to implement these changes is to minimally comply with the new laws in California, Colorado, Brazil, and other places, and it�s understandable why the people involved would want to do so. If they do not, they could face lawsuits, fines, or worse, and I don�t know about you, but I wouldn�t want to be on the receiving end of the western world�s most incompetent justice system. Aside from that, these changes make it possible to build robust parental controls, which isn�t mentioned in the original commits to systemd, but is clearly the main focal point of xdg-desktop-portal�s proposal. This all seems well and good, but given today�s political climate in the United States, as well as the course of history, that as it currently stands! is doing a lot of heavy lifting. Rightfully so, a lot of people are worried about where this could lead. Sure, today these are just inconsequential, optional changes in response to what seems to be misguided legislation, but what happens once these laws are tightened, become more demanding, and start requiring a lot more than just a self-reported age bracket? In Texas, for instance, H.B. 1131 requires any commercial entity, including websites, that contains more than one-third sexual material harmful to minors! to implement age verification tools using things like government-issued IDs or bank transaction data to verify visitors� ages before allowing them in. The UK has a similar law on the books, too. It�s not difficult to imagine how some other law will eventually shift this much stricter, actual age verification from websites and applications into operating systems instead. What will systemd�s and xdg-desktop-portal�s developers do, then? Will they comply as readily then as they do now? This is a genuine worry, especially if you already belong to a group targeted by the current US administration, or were face-scanned by ICE at a protest. Large groups of especially religious extremists consider anything that�s LGBTQ+ to be sexual material harmful to minors!, even if it�s just something normal like a gay character in a TV show. It�s not hard to imagine how age verification laws, especially if they force age verification at the operating system level, can become weaponised to target the LGBTQ+ community, other minorities, and people protesting the Trump regime. You may think this won�t affect you, since you�re using an open source operating system like desktop Linux or one of the BSDs, and surely they are principled enough to ignore such dangerous laws and simply not comply at all, right? Sadly, here�s where the idealism and principles of the open source world are going to meet the harsh boot of reality; while open source software has a picturesque image of talented youngsters hacking away in their bedrooms, the reality is that most of the popular open source operating systems are actually hugely complex operations that require a ton of funding, and that funding is often managed by foundations. And guess where most popular Linux distributions� and BSD variants� foundations are located? Developers from all over the world may contribute to Debian, but all of its financials and trademarks are managed by Software in the Public Interest, domiciled in New York State. Fedora is part of Red Hat, owned by IBM, and
- Windows native application development is a mess
Usually, when developers or programmers write articles about their experiences developing for a platform they have little to no experience with, the end result usually comes down to they do things differently, therefor it is bad actually!, which is deeply unhelpful. This article, though, is from a longtime Windows user and developer, but one who hasn�t had to work on native Windows development for a long time now. When he decided to write his own native Windows application to scratch a personal itch, it wasn�t a great experience. While I followed the Windows development ecosystem from the sidelines, my professional work never involved writing native Windows apps. (Chromium is technically a native app, but is more like its own operating system.) And for my hobby projects, the web was always a better choice. But, spurred on by fond childhood memories, I thought writing a fun little Windows utility program might be a good retirement project. Well. I am here to report that the scene is a complete mess. I totally understand why nobody writes native Windows applications these days, and instead people turn to Electron. ↫ Domenic Denicola Denicola decided to try and use the latest technologies and best practices from Microsoft regarding Windows development, and basically came away aghast at just how shot of an experience it really is. I�m not a developer, but you don�t need to be to grasp the severity of the situation after following his development timeline and reading about his struggles. If this is truly representative of the Windows application development experience, it�s really no surprise just how few new, quality Windows applications there are, and why even Microsoft�s own Windows developers resort to things like React for the Start menu to enabler faster and easier iteration. This is a complete dumpster fire.
- Java Sun SPOTs (Small Programable Object Technology)
These were Sun microcontrollers that run Squawk Java ME directly on metal with gc and all the bells and whistles, created by Sun Microsystems in 2005. The feature mesh networking and tcp/ip and multitasking. Even the drivers are java just like Java OS. They run a command and control server by default and there’s graphical network builders and deployment managers (Solarium) they also do some more esoteric stuff like process migration. ↫ Penny I have no use for these but I want them. They would�ve made an excellent addition to my Sun article. There�s still a detailed tutorial and informational website up about these things, too.
- The OpenBSD init system and boot process
In recent weeks, systemd has both embraced slopcoding and laid the groundwork for age verification built right into systemd-based Linux distributions, there�s definitely been an uptick in people talking about alternative init systems. If you want to gain understanding in a rather classic init system, OpenBSD�s is a great place to start. OpenBSD has a delightfully traditional init system, which makes it a great place to start learning about init systems. It�s simple and effective. There�s a bit of a counter movement in the IT and FOSS worlds rebelling against hyperscaler solutions pushing down into everyone�s practices. One of the rallying cries I�ve been seeing is to remind people that You Can Just Do Things" on the computer. The BSD init system, and especially OpenBSD�s is something of a godparent to this movement. init(8) just runs a shell script to start the computer, and You Can Just Do Things" in the script to get them to happen on boot. ↫ Overeducated-Redneck.net My main laptop is currently in for warranty repairs, but once it returns, I intend to set it up with either OpenBSD or a Linux distribution without systemd (most likely Void) to see how many systems I can distance from systemd without giving myself too much of a headache (I�m guessing my gaming machine will remain on systemd-based Fedora). I�m not particularly keen on slopcoding and government-mandated age verification inside my operating systems, and I�m definitely feeling a bit of a slippery slope underneath my feet. I have my limits.
- Microsoft finally makes a few concrete promises about Windows 11 improvements
Earlier this year, Microsoft openly acknowledged the sorry state of Windows 11, and made vague promises about possible improvements somewhere in the near future, but stayed away from making any concrete promises. Today, the company published a blog post with some more details, including some actual concrete, tangible changes it�s going to implement over the coming two months. In coming builds, you�ll be able to move the taskbar to any side of the screen, instead of it being locked to the bottom, thereby reintroducing a feature present since Windows 95. They�re also scaling back their obsession with ramming AI! in every corner of Windows, and will be removing Copilot integrations from Snipping Tool, Photos, Widgets, and Notepad. Furthermore, and this is a big one among Windows users I�m sure, Windows Update will be placed under user control once again, allowing them to ignore updates, postpone them indefinitely, reboot without applying updates, and so on. These are the tangible improvements we�ll be able to point to and say the company kept their word, and they all feel like welcome changes. There�s also a few promises that feel far more vague and less tangible, like the ever-present, long-running promise to improve File Explorer!. I feel like Microsoft�s been promising to fix their horrible file manager for years now, without much to show for it, so I hope this time will be different. The company also wants to improve Widgets, the Windows Insider Program, and the Feedback Hub application. These all feel less tangible, and will be harder to quantify and benchmark. Beyond these first round of improvements that we�re supposed to be seeing over the coming two months, Microsoft also promises to implement wider improvements across the board, with the usual suspects like better performance, quicker application launches, improved reliability, lower memory usage, and so on. They also promise to move more core Windows user interface components to WinUI 3, including the Start menu, which is currently written in React. Windows Search is another common pain point among Windows users, and here, Microsoft promises to improve its performance and clearly separate local from online results (but no word on making search exclusively local). There�s some more details in the blog post, but overall, it sounds great. However, words without actions are about as meaningful as a White House statement on the war with Iran, so seeing is believing.
- Google to introduce overly onerous hoops to prevent sideloading!
When Google said they were going to require verification from every single Android developer that would end the ability to install applications from outside of the Play Store (commonly wrongfully referred to as sideloading!), it caused quite a backlash. The company then backtracked a little bit, and said they would come up with an advanced flow! to make sure installing applications from outside of the Play Store remained possible. Well, Google has detailed this advanced flow!, and as everyone expected, it�s such a massive list of onerous hoops to jump through they might as well just lock Android down to the Play Store and get it over with. First, if a developer is verified, you can download their applications to your device and install them the same way you can do now. Second, developers with limited distribution accounts!, such as students or hobby projects, can share their applications with up to 20 devices without verification. Third, and this is where the fun starts, we have unverified developers � basically what all Android developers sharing applications outside of the Play Store are now. Here�s the full advanced flow! as described by Google to allow you to install an application from an unverified developer: Setting aside the fact that developer verification is, in and of itself, a massive problem, I�m kind of okay with a few scary warnings, a disclaimer, and perhaps a single reboot to enable installing applications outside of the Play Store � a few things to make normal people shrug their shoulders and not bother. However, adding enabling developer mode and a goddamn 24-hour waiting period is batshit insanity, and clearly has the intention of discouraging everyone, effectively locking Android to the Play Store. Android is already basically an entirely locked-down, closed-source platform, and once this advanced flow! comes into force, there�s virtually no difference between iOS and Android, especially for us Europeans who get similarly onerous anti-user nonsense when trying to install alternative application stores on iOS. I see no reason to buy Android over iOS at this point � might as well get the faster phone with better update support.
- You can make Linux syscalls in a Windows application, apparently
What happens if you make a Linux syscall in a Windows application? So yeah, you can make Linux syscalls from Windows programs, as long as they�re running under Wine. Totally useless, but the fact that such a Frankenstein monster of a program could exist is funny to me. ↫ nicebyte at gpfault.net The fact that this works is both surprising and unsurprising at the same time.
- GNOME 50 released
The GNOME team has released GNOME 50, the latest version of what is probably the most popular open source desktop environment. It brings fine-grained parental controls, and the groundwork for web filtering so that in future releases, parents and guardians can set content filters for children. Our own kids are still way too young to have access to computers and the internet, but I�m not sure I�ll ever resort to these kinds of tools when the time comes. I didn�t have any such controls imposed upon me as a child on the early internet, but then, you can�t really compare the �90s internet to that of today. The Orca screen reader received a lot of attention in GNOME 50, with a new preference window, both global and per-application settings, and much more. There�s also a brand new reduced motion setting, which will tame the animations in the user interface. Document annotation has been overhauled and modernised, and the file manager has been optimised across the board for better performance and lower memory usage. Remote Desktop also saw a lot of work in GNOME 50. It�s now hardware-accelerated using VA-API and Vulkan, and thanks to HiDPI support, the session will properly adapt to the screen being used. Kerberos Authentication support has been added, and you can now use the remote webcam locally. There�s way more here, like improved support for variable-refresh rates and fractional scaling, HDR screen sharing, fixes for weird NVIDIA driver nonsense, and much, much more. As always, GNOME 50 will find its way to your distribution soon enough.
- Introducing Duranium: an immutable variant of postmarketOS
PosrtmarketOS, the Linux �distribution� for mobile devices, now also has an immutable variant, called Duranium. Duranium is an immutable variant of postmarketOS, built around the idea that your device should just work, and keep working. You shouldn�t need to know what a terminal is to keep your device running. Immutable! means the core operating system is read-only and can�t be modified while it�s running. System updates are applied as complete, verified images rather than individual packages. Either the new image works, or the system falls back to the previous one automatically. No partially-applied state. No debugging audio when you need to make a phone call and no fussing with a broken web browser when you just want to doomscroll cat photos. It also means developers can reproduce the exact state of a user�s device, making it much easier to track down and fix issues. ↫ Clayton Craft on the postmarketOS blog Duranium is built around the various functionalities and tooling provided by systemd, meaning the project didn�t have to reinvent the wheel. It works similarly to other immutable distributions, in that images for the base are downloaded and installed as a whole, with the preferred application installation method being Flatpak. Security-wise, Duranium uses dm-verity to protect /usr, cryptographically verifying data as it�s read. The image simply won�t boot if anything�s been tampered with. LUKS2 is used to encrypt mutable user and operating system data and configuration on the root file system. Duranium is still under heavy development, but it makes sense to implement something like this now, since in the world of mobile devices, this has become the norm. I�m glad postmarketOS is taking these steps, and I sincerely hope I�ll eventually be able to use a postmarketOS device with KDE�s Plasma mobile shell at some point in the near future in my day-to-day life. This requires both postmarketOS to improve as well as for the regulatory landscape to break the duopoly on banking and government applications held by Android and iOS, and with the state of the US government as it is, this might actually be something Europe�s interested in achieving.
- Sudo ported to DOS
DOS didn�t have sudo yet. This gross oversight has been addressed. SUDO examines the environment for the COMSPEC variable to find the default command interpreter, falling back to C:\COMMAND.COM if not set. The interpreter is then executed in unprotected real mode for full privileges. ↫ SUDO for DOS� Codeberg page A vital tool, for sure.
- From Linux to Blockchain: The Infrastructure Behind Modern Financial Systems
by George Whittaker
The modern internet is built on open systems. From the Linux kernel powering servers worldwide to the protocols that govern data exchange, much of today’s digital infrastructure is rooted in transparency, collaboration, and decentralization. These same principles are now influencing a new frontier: financial systems built on blockchain technology.
For developers and system architects familiar with Linux and open-source ecosystems, the rise of cryptocurrency is not just a financial trend, it is an extension of ideas that have been evolving for decades.
Open-Source Foundations and Financial Innovation
Linux has long demonstrated the power of decentralized development. Instead of relying on a single authority, it thrives through distributed contributions, peer review, and community-driven improvement.
Blockchain technology follows a similar model. Networks like Bitcoin operate on open protocols, where consensus is achieved through distributed nodes rather than centralized control. Every transaction is verified, recorded, and made transparent through cryptographic mechanisms.
For those who have spent years working within Linux environments, this architecture feels familiar. It reflects a shift away from trust-based systems toward verification-based systems.
Understanding the Stack: Nodes, Protocols, and Interfaces
At a technical level, cryptocurrency systems are composed of multiple layers. Full nodes maintain the blockchain, validating transactions and ensuring network integrity. Lightweight clients provide access to users without requiring full data replication. On top of this, exchanges and platforms act as interfaces that connect users to the underlying network.
For developers, interacting with these systems often involves APIs, command-line tools, and automation scripts, tools that are already integral to Linux workflows. Managing wallets, verifying transactions, and monitoring network activity can all be integrated into existing development environments.
Go to Full Article
- Firefox 149 Arrives with Built-In VPN, Split View, and Smarter Browsing Tools
by George Whittaker
Mozilla has officially released Firefox 149.0, bringing a mix of new productivity features, privacy enhancements, and interface improvements. Released on March 24, 2026, this update continues Firefox’s steady push toward a more modern and user-focused browsing experience.
Rather than focusing on a single headline feature, Firefox 149 introduces several practical tools designed to improve how users multitask, stay secure, and interact with the web.
Built-In VPN Comes to Firefox
One of the most notable additions in Firefox 149 is the introduction of a built-in VPN feature. This optional tool provides users with an added layer of privacy while browsing, helping mask IP addresses and secure connections on public networks.
In some configurations, Mozilla is offering a free usage tier with limited monthly data, giving users a simple way to enhance privacy without installing separate software.
This move aligns with Mozilla’s long-standing emphasis on user privacy and security.
Split View for Better Multitasking
Firefox 149 introduces a Split View mode, allowing users to display two web pages side by side within a single browser window. This feature is especially useful for:
Comparing documents or products Copying information between pages Research and multitasking workflows
Instead of juggling multiple tabs and windows, users can now work more efficiently in a single, organized view.
Tab Notes: A New Productivity Tool
Another standout feature is Tab Notes, available through Firefox Labs. This tool allows users to attach notes directly to individual tabs, making it easier to:
Keep track of research Save reminders tied to specific pages Organize ongoing tasks
This feature reflects a growing trend toward integrating lightweight productivity tools directly into the browser experience.
Smarter Browsing with Optional AI Features
Firefox 149 also expands its experimental AI-powered features, including tools that can assist with summarizing content, providing quick explanations, or helping users interact with web pages more efficiently.
Importantly, Mozilla is keeping these features optional and user-controlled, maintaining its focus on transparency and privacy.
Developer and Platform Updates
For developers, Firefox 149 includes updates to web standards and APIs. One example is improved support for HTML features like enhanced popover behavior, which helps developers build more interactive web interfaces.
As always, these under-the-hood changes help ensure Firefox remains competitive and standards-compliant.
Go to Full Article
- Blender 5.1 Released: Faster Workflows, Smarter Tools, and Major Performance Gains
by german.suarez
The Blender Foundation has officially released Blender 5.1, the latest update to its powerful open-source 3D creation suite. This version focuses heavily on performance improvements, workflow refinements, and stability, while also introducing a handful of new features that expand what artists and developers can achieve.
Rather than reinventing the platform, Blender 5.1 is all about making existing tools faster, smoother, and more reliable — a release that benefits both professionals and hobbyists alike.
A Release Focused on Refinement
Blender 5.1 emphasizes polish over disruption, with developers addressing hundreds of issues and improving the overall production pipeline. The update includes widespread optimizations across rendering, animation, modeling, and the viewport, resulting in a more responsive and efficient experience.
Many of Blender’s internal libraries have also been updated to align with modern standards like VFX Platform 2026, ensuring better long-term compatibility and performance.
Performance Gains Across the Board
One of the standout aspects of Blender 5.1 is its performance boost:
Faster animation playback and shape key evaluation Improved rendering speeds for both GPU and CPU Reduced memory overhead and smoother viewport interaction Optimized internal systems for better responsiveness
In some scenarios, animation and editing performance improvements can be dramatic, especially with complex scenes.
New Raycast Node for Advanced Shading
A major feature addition in Blender 5.1 is the Raycast shader node, which opens the door to advanced rendering techniques.
This node allows artists to trace rays within a scene and extract data from surfaces, enabling:
Non-photorealistic rendering (NPR) effects Custom shading techniques Decal projection and X-ray-style visuals
It’s a flexible tool that expands Blender’s shading capabilities, especially for stylized workflows.
Grease Pencil Gets a Big Upgrade
Blender’s 2D animation tool, Grease Pencil, sees meaningful improvements:
New fill workflow with support for holes in shapes Better handling of imported SVG and PDF files More intuitive drawing and editing behavior
These updates make Grease Pencil far more practical for hybrid 2D/3D workflows and animation pipelines.
Geometry Nodes and Modeling Improvements
Geometry Nodes continue to evolve with expanded functionality:
Go to Full Article
- The Need for Cloud Security in a Modern Business Environment
by George Whittaker
Cloud systems are an emergent standard in business, but migration efforts and other directional shifts have introduced vulnerabilities. Where some attack patterns are mitigated, cloud platforms leave businesses open to new threats and vectors. The dynamic nature of these environments cannot be addressed by traditional security systems, necessitating robust cloud security for contemporary organizations.
Just as businesses have come to acknowledge the value of cloud operations, so too have cyber attackers. Protecting sensitive assets and maintaining regulatory compliance, while simultaneously ensuring business continuity against cloud attacks, requires a modern strategy. When any window could be an opportunity for infiltration, a comprehensive approach serves to limit exploitation.
Unlike traditional on-premise infrastructure, cloud environments dramatically expand an organization’s threat surface. Resources are distributed across regions, heavily dependent on APIs, and frequently created or decommissioned in minutes. This constant change makes it difficult to maintain a fixed security perimeter and increases the likelihood that misconfigurations or exposed services go unnoticed, creating opportunities for exploitation.
The Vulnerabilities of Cloud Security Services
Any misconfiguration, insecure application programming interface (API), or identity management solution may become an invitation for cyberattacks. Amid the rise of artificial intelligence (AI) technology, it is possible for even inexperienced individuals to exploit such weaknesses in cloud systems. Cloud environments are designed for accessibility, a benefit that can be taken advantage of.
“Unlike traditional software, AI systems can be manipulated through language and indirect instructions,” Lee Chong Ming wrote for Business Insider. “[AI expert Sander] Schulhoff said people with experience in both AI security and cybersecurity would know what to do if an AI model is tricked into generating malicious code.”
At the same time that many businesses are migrating to cloud platforms and implementing cloud security features, they are adopting AI technology in order to accelerate workflows and other processes. These systems may have their advantages for certain industries, but their presence can create its own vulnerabilities. Addressing the shortcomings of cloud systems and AI at the same time compounds the security challenges of today.
Go to Full Article
- Google Brings Chrome to ARM Linux: A Long-Awaited Step for Modern Linux Devices
by George Whittaker
Google has officially announced that Chrome is coming to ARM64 Linux systems, marking a major milestone for both the Linux and ARM ecosystems. The native browser is expected to launch in Q2 2026, finally closing a long-standing gap for users running Linux on ARM-based hardware.
For years, ARM Linux users have relied on Chromium builds or workarounds to access a Chrome-like experience. That’s about to change.
Why This Announcement Matters
Until now, Google Chrome on Linux was limited to x86_64 systems, leaving ARM-based devices without an official build.
That meant users had to:
Use Chromium instead of Chrome
Run emulated versions of Chrome
Miss out on proprietary features like sync, DRM support, and Google services
With this new release, ARM Linux users will finally get the full Chrome experience, including seamless integration with Google’s ecosystem.
What Users Can Expect
The upcoming ARM64 version of Chrome will bring the same features users expect on other platforms:
Google account sync (bookmarks, history, tabs)
Access to the Chrome Web Store and extensions
Built-in features like translation, autofill, and security protections
Support for DRM services and media playback
This brings ARM Linux closer to feature parity with macOS (ARM support since 2020) and Windows on ARM (since 2024).
The Rise of ARM on Linux
The timing of this move reflects a broader shift in computing. ARM-based hardware is rapidly gaining traction across:
Laptops powered by Snapdragon and future ARM chips
Developer boards like Raspberry Pi
High-performance systems such as NVIDIA’s ARM-based AI desktops
Google itself highlighted growing demand for Chrome on these systems, especially as ARM expands beyond mobile devices into mainstream computing.
Partnerships and Deployment
Google is also working with hardware vendors to streamline adoption. Notably, Chrome will be integrated into NVIDIA’s Linux-on-ARM DGX Spark systems, making installation easier for high-performance AI workstations.
For general users, Chrome will be available for download directly from Google once released.
Why This Took So Long
Interestingly, this move comes years after Chrome was already available on ARM-based platforms like Apple Silicon Macs and Windows devices.
Go to Full Article
- CrackArmor Exposed: Critical Flaws in AppArmor Put Millions of Linux Systems at Risk
by George Whittaker
A newly disclosed set of vulnerabilities has sent shockwaves through the Linux security community. Dubbed “CrackArmor,” these flaws affect AppArmor, one of the most widely used security modules in Linux, potentially exposing millions of systems to serious compromise.
Discovered by the Qualys Threat Research Unit, the vulnerabilities highlight a concerning reality: even core security mechanisms can harbor weaknesses that go unnoticed for years.
What Is CrackArmor?
“CrackArmor” refers to a group of nine critical vulnerabilities found in the Linux kernel’s AppArmor module. AppArmor is a mandatory access control (MAC) system designed to restrict what applications can do, helping contain attacks and enforce system policies.
These flaws stem from a class of issues known as “confused deputy” vulnerabilities, where a lower-privileged user can trick trusted processes into performing actions on their behalf.
Why These Vulnerabilities Are Serious
The impact of CrackArmor is significant because it undermines one of Linux’s core security layers. Researchers found that attackers could:
Escalate privileges to root from an unprivileged account
Bypass AppArmor protections entirely
Break container isolation, affecting Kubernetes and cloud workloads
Execute arbitrary code in the kernel
Trigger denial-of-service (DoS) conditions
In some demonstrations, attackers were able to gain full root access in seconds under controlled conditions.
How Widespread Is the Risk?
The scope of the issue is massive. AppArmor is enabled by default in major distributions such as:
Ubuntu
Debian
SUSE
Because of this, researchers estimate that over 12.6 million Linux systems could be affected.
These systems span:
Enterprise servers
Cloud infrastructure
Containers and Kubernetes clusters
IoT and edge devices
This widespread deployment significantly amplifies the potential impact.
A Long-Standing Problem
One of the most concerning aspects of CrackArmor is how long the vulnerabilities have existed. According to researchers, the flaws date back to around 2017 (Linux kernel 4.11) and remained undiscovered in production environments for years.
This long exposure window increases the risk that similar weaknesses may exist elsewhere in critical system components.
Go to Full Article
- Intel Expands Linux Graphics Team to Boost Drivers and Gaming Support
by George Whittaker
Intel is once again investing in Linux development. The company has recently posted several job openings aimed at strengthening its Linux graphics driver and GPU software teams, signaling continued interest in improving Intel hardware support on the open-source platform.
For Linux users, especially gamers and developers, this could mean faster improvements to Intel’s graphics stack and stronger support for modern workloads.
New Roles Focused on Linux Graphics
Intel has listed multiple GPU Software Development Engineer positions, many of which specifically focus on Linux graphics technologies. These roles involve working on the full graphics stack, including firmware, kernel drivers, and user-space components used by applications and games.
The responsibilities for these positions include:
Developing and optimizing Intel GPU drivers for Linux
Improving the Linux graphics stack, including kernel DRM drivers and Mesa components
Working with graphics APIs and tools used by modern applications
Ensuring compatibility across desktop, workstation, and data-center hardware
The job listings also emphasize experience with C/C++ development and the Linux kernel graphics ecosystem, highlighting the technical depth required for these roles.
Linux Gaming Is Part of the Plan
One of the more notable details from the job postings is the mention of Linux gaming technologies such as Wine and Proton. These compatibility layers allow Windows games to run on Linux, making them central to platforms like SteamOS and the Steam Deck.
Intel’s focus on these tools suggests the company wants its GPUs to perform well not just in enterprise workloads but also in gaming environments. That aligns with the growing popularity of Linux gaming driven by:
Valve’s Proton compatibility layer
Vulkan-based graphics APIs
The success of devices like the Steam Deck
Beyond Gaming: HPC and Data Center Work
While gaming support is part of the focus, the hiring effort isn’t limited to consumer graphics. Intel is also recruiting engineers for areas such as:
High-performance computing (HPC)
AI and machine-learning workloads
Middleware development for supercomputing systems
Cloud and data-center GPU optimization
These roles indicate Intel’s broader strategy to strengthen Linux across multiple sectors, from desktops and laptops to supercomputers and cloud infrastructure.
Go to Full Article
- AerynOS 2026.02 Alpha Released: Advancing a Modern Atomic Linux Vision
by George Whittaker
The developers behind AerynOS have released AerynOS 2026.02 Alpha, the latest development snapshot of the independent Linux distribution previously known as Serpent OS. This new release continues the project’s rapid evolution, bringing updated packages, improved build tools, and new installation options while the system remains in an early testing stage.
Although still labeled as an alpha-quality release, the new ISO gives enthusiasts and developers a chance to explore the direction AerynOS is taking as it builds a modern Linux platform from scratch.
A Modern Atomic Approach
AerynOS aims to rethink how Linux distributions handle updates and package management. The project focuses on atomic-style updates, meaning system changes are applied as a complete transaction rather than individual package installs. This approach helps reduce the risk of partially completed updates leaving a system in a broken state.
Unlike some atomic distributions, however, AerynOS does not rely on an immutable filesystem, allowing users to retain flexibility and customization while still benefiting from safer update behavior.
Updated Desktop Environments
The 2026.02 alpha release ships with several modern desktop environment options:
GNOME 49.4 as the default desktop
COSMIC 1.0.8, System76’s emerging desktop environment
KDE Plasma 6.6.1 available as an alternative session
These updates provide users with multiple modern desktop choices while ensuring compatibility with the latest frameworks and desktop technologies.
New Core Software and Components
AerynOS 2026.02 also brings a large batch of software updates across the system stack. Some of the notable versions included in the release are:
Linux kernel 6.18.15 LTS
Firefox 148
PipeWire 1.6
Wine 11.3
Waybar 0.15
Mesa/Nesa graphics drivers 26.x
Together, these updates ensure that the development snapshot reflects a modern Linux software ecosystem while improving compatibility with newer hardware.
Improved Development Tooling
A significant portion of the February development cycle focused on improving the distribution’s internal tooling:
Moss, the package manager, has been optimized for faster performance.
Boulder, the package build system, now automates more recipe creation and version handling.
Go to Full Article
- Armbian 26.02 Arrives with Linux 6.18 LTS and Expanded Board Support
by George Whittaker
The Armbian project has released Armbian 26.02, the latest update to the lightweight Linux distribution designed specifically for ARM and RISC-V single-board computers (SBCs). Known for its stability and hardware optimization, Armbian continues to evolve with improved hardware support, new desktop options, and updated core components in this release.
A Linux Distribution Tailored for SBCs
Armbian is built on top of Debian or Ubuntu, providing optimized system images for single-board computers such as Orange Pi, Banana Pi, and ODROID devices. The project focuses on stability, performance, and long-term maintenance for embedded and development boards.
With the 26.02 release, the developers continue that mission by refining support for modern hardware platforms and improving the overall software stack.
Powered by Linux 6.18 LTS
One of the biggest upgrades in Armbian 26.02 is the transition to Linux kernel 6.18 LTS, which brings improved driver support, performance enhancements, and better compatibility for newer SBC hardware.
The newer kernel helps ensure that Armbian remains compatible with evolving chipsets while maintaining stability across its supported devices.
New Board Support
This release expands Armbian’s hardware ecosystem with support for several new boards, including:
SpacemiT MusePi Pro
Radxa Rock 4D
Orange Pi RV2
ODROID M2
These additions reflect Armbian’s ongoing focus on supporting emerging ARM and RISC-V development boards used by hobbyists, developers, and embedded system builders.
Desktop Improvements
Armbian 26.02 also introduces expanded desktop options:
RISC-V XFCE desktop images for supported RISC-V systems
Restored KDE Neon desktop builds
Updated desktop targets based on Ubuntu 24.04 LTS
These changes give users more flexibility when choosing between lightweight environments or more full-featured desktop setups.
Enhancements to Armbian Tools
The Armbian ecosystem itself has also received improvements. The Armbian Imager utility, used to flash OS images to SBC storage devices, now features:
Faster image decompression
Code signing for improved security on macOS and Windows
AI-assisted translation support
A new settings panel with additional developer options
Go to Full Article
- Linux 7.0 Is Coming: What to Expect from the Next Major Kernel Release
by George Whittaker
Excitement in the open-source world is rising as the Linux kernel project moves toward the next major release: Linux kernel 7.0. While a major version number might sound like a dramatic overhaul, the reality is a lot more steady progress, and that’s part of what makes the Linux kernel so reliable and trusted. The first release candidate (RC1) for Linux 7.0 has already been published, and developers are entering the final stretch toward a stable release expected around mid-April 2026.
An Evolution, Not a Revolution
Linus Torvalds, the creator and lead maintainer of the Linux kernel, officially confirmed that the next version after Linux 6.19 will be dubbed Linux 7.0. In the announcement, he made clear that the jump to “7.0” isn’t tied to any monumental architectural upheaval, it’s a practical naming decision made partly to keep version numbers manageable.
That tradition continues a long-standing pattern: kernel series are often numbered until they reach higher minor versions (like 6.19), and then the major number increments, even if the changes are incremental and largely additive rather than breaking.
Inside the 7.0 Development Cycle
The Linux 7.0 cycle opened with the merge window, during which new code from contributors around the world is accepted. With the release candidate phase now underway, the focus has turned toward stabilization and testing.
The 7.0-rc1 announcement notes that this cycle saw a “smooth” merge window with relatively few major boot failures reported on the lead developer’s own test machines, a good sign for the kernel’s broad hardware support.
Expected Improvements
While the final changelog for the stable 7.0 kernel will only be known when it ships, several themes stand out from early previews and reporting:
1. Broad Hardware Enablement
Driver updates make up a significant portion of the changes so far, helping Linux support the latest CPUs and SoCs from vendors like Intel, AMD, and Qualcomm. Early testing indicates enablement for new families such as Intel Nova Lake and AMD Zen 6, which will be important for next-generation laptops, desktops, and servers.
2. Performance and Responsiveness
Kernel maintainers and community reports suggest that performance improvements are part of the 7.0 trend. Although specifics are still emerging, the kernel’s scheduler and memory management subsystems tend to see ongoing optimization as workloads diversify.
Go to Full Article
|
