|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All)
(Two Column)
- [$] Ripping CDs and converting audio with fre:ac
It has been a little while since LWN last surveyed tools for managing a digitalmusic collection. In the intervening decades, many Linux users have moved on tomusic streaming services, found them wanting, and are looking to curate their owncollection once again. There are plenty of choices when it comes toripping, managing, and playing digital audio; so many, in fact, that it can be abit daunting. After years of tinkering, I've found a few tools that work well formanaging my digital library: the first I'd like to cover is the fre:ac free audio encoder for ripping music fromCDs and converting between audio formats.
- [$] An API for handling arithmetic overflow
On March 31, Kees Cook shareda patch set that represents the culmination of more than a year of worktoward eliminating the possibility of silent, unintentional integer overflow inthe kernel. Linus Torvalds wasnot pleased with the approach, leading to a detailed discussion about themeaning of "safe" integer operations and the design of APIs for handling integeroverflows. Eventually, the developers involved reached a consensus for adifferent API that should make handling overflow errors in the kernel much lessof a hassle.
- Nix privilege escalation security advisory
The NixOS project has announceda critical vulnerability in many versions of the Nix packagemanager's daemon. The flaw was introduced as part of a fix for aprior vulnerability in 2024. According to the advisory,all default configurations of NixOS and systems building untrusted derivationsare impacted.
A bug in the fix for CVE-2024-27297allowed for arbitrary overwrites of files writable by the Nix processorchestrating the builds (typically the Nix daemon running as root inmulti-user installations) by following symlinks during fixed-outputderivation output registration. This affects sandboxed Linux builds -sandboxed macOS builds are unaffected. The location of the temporaryoutput used for the output copy was located inside the build chroot. Asymlink, pointing to an arbitrary location in the filesystem, could becreated by the derivation builder at that path. During outputregistration, the Nix process (running in the host mount namespace)would follow that symlink and overwrite the destination with thederivation's output contents.
In multi-user installations, this allows all users able to submitbuilds to the Nix daemon (allowed-users - defaulting to all users) togain root privileges by modifying sensitive files.
- Security updates for Wednesday
Security updates have been issued by Debian (openssl), Fedora (corosync, goose, kea, pspp, and rauc), Mageia (python-pygments, roundcubemail, and tigervnc), SUSE (bind, gimp, google-cloud-sap-agent, govulncheck-vulndb, ignition, ImageMagick, python, python-PyJWT, and python-pyOpenSSL), and Ubuntu (adsys, juju-core, lxd, python-django, and salt).
- [$] Sharing stories on Scuttlebutt
Not many people live on sailboats. Things may be better these days, butback in 2014 sailboat dwellers hadto contend with lag-prone,intermittent, low-bandwidth internet connections. Dominic Tarrdecidedto fix the problem of keeping up with his friends by developing a delay-tolerant,fully distributed social-media protocol calledScuttlebutt. Nearly twelveyears later, the protocol has gained a number of users who have their own,non-sailboat-related reasons to prefer a censorship-resistant,offline-first social-media system.
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (crun, kernel, and kernel-rt), Debian (dovecot), Fedora (calibre and nextcloud), Mageia (freerdp, polkit-122, python-nltk, python-pyasn1, vim, and xz), Red Hat (edk2 and openssl), SUSE (avahi, cockpit, python-pyOpenSSL, python311, and tar), and Ubuntu (lambdaisland-uri-clojure, linux-gcp, linux-gcp-4.15, linux-gcp-fips, linux-oem-6.17, and linux-realtime-6.17).
- Introducing the FreeBSD laptop integration testing project
Recently, the FreeBSD Foundation has been makingprogress on improving the operating system's support for modernlaptop hardware. The foundation is now looking to expand testing toencompass a wider range of hardware; it has announceda laptop integration testing project to allow the community to easilytest FreeBSD's compatibility with laptops and submit the results.
With limited access to testing systems, there's only so much we cando! We hope to work together with volunteers from the community whowant FreeBSD to work well on their laptops.
While we expect device hardware and software enumeration to be afully automated process, we feel that manually-submitted commentsabout personal experience with FreeBSD are equally valuable. We planto highlight this commentary on our "matrix of compatibility" webpagefor each tested laptop.
We are striving to make it as easy as possible to submit yourresults. You won't have to worry about environment setup, submissionformatting, or any repo-specific details!
See the projectrepository and testinginstructions for more.
- [$] Protecting against TPM interposer attacks
The TrustedPlatform Module (TPM) is a widely misunderstood piece of hardware (orfirmware) that lives in most x86-based computers. At SCALE 23x in Pasadena, California,James Bottomley gave a presentation on the TPM and the work that he andothers have done to enable the Linux kernel to work with it. Inparticular, he described the problems with interposer attacks, which targetthe communication between the TPM and the kernel, and what hasbeen added to the kernel to thwart them.
- 6.6.133 stable kernel released
Greg Kroah-Hartman has released the 6.6.133 stable kernel. This revertsa backporting mistake that removed file descriptor checks whichled to kernel panics if the fgetxattr, flistxattr,fremovexattr, or fsetxattr functions were calledfrom user space with a file descriptor that did not reference an openfile.
- Security updates for Monday
Security updates have been issued by AlmaLinux (freerdp, grafana, grafana-pcp, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free, kernel, libpng12, libpng15, perl-YAML-Syck, python3, and rsync), Debian (dovecot, libxml-parser-perl, pyasn1, python-tornado, roundcube, tor, trafficserver, and valkey), Fedora (bind9-next, chromium, cmake, domoticz, freerdp, giflib, gst-devtools, gst-editing-services, gstreamer1, gstreamer1-doc, gstreamer1-plugin-libav, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-rtsp-server, gstreamer1-vaapi, libgsasl, libinput, libopenmpt, mapserver, mingw-binutils, mingw-gstreamer1, mingw-gstreamer1-plugins-bad-free, mingw-gstreamer1-plugins-base, mingw-gstreamer1-plugins-good, mingw-libpng, mingw-python3, nginx-mod-modsecurity, openbao, python-gstreamer1, python3.12, python3.13, python3.14, python3.9, rust, rust-sccache, tcpflow, and vim), Red Hat (ncurses), Slackware (infozip and krita), SUSE (chromium, corosync, keybase-client, libinput-devel, osslsigncode, python-pillow, python311-Flask-Cors, python313, and python314), and Ubuntu (libarchive and spip).
- Foenix Labs A2560Me Brings MC68LC060 CPU, FPGA Graphics, and PCIe Expansion
Foenix Labs’ A2560Me is a Mini-ITX motherboard built around the Motorola MC68LC060 processor and designed as an updated version of the earlier A2560M platform. The system combines a legacy 68k CPU architecture with FPGA-based subsystems and more recent interfaces such as PCIe and DDR3 memory. The A2560Me uses a 32-bit MC68LC060RC66 processor alongside a Xilinx […]
- Stack Overflow abandons redesign after loyalists criticize it
Fabled Q&A site for devs struggles with its future as AI takes over its original purposeStack Overflow, the once-popular dev community, has abandoned a planned redesign that was meant to refocus the site more on discussions than the question-and-answer format that built its reputation.…
- Ubuntu 26.04 Provides More Performance For AMD Ryzen AI Max "Strix Halo"
Last week I provided benchmarks to quantify how the AMD Strix Halo graphics performance has evolved since launch one year ago, in today's article is a look at how the Zen 5 CPU performance with the flagship Ryzen AI Max+ 395 has evolved under Linux in the year since these exciting APUs began making their way to high-end laptops and desktops. Complementing the nice Radeon 8060S performance gains are also some nice CPU performance benefits quantified when using Ubuntu 26.04.
- Valve Releases Native Steam Link App For Apple's Vision Pro
Valve has released a native Steam Link beta for Apple Vision Pro, letting users stream their existing Steam games onto a large virtual screen in visionOS. It supports up to 4K resolution and will let you dynamically adjust the curve of the display. The Mac Observer reports: Steam Link does not support VR titles in this beta, and Valve clearly states that the app is limited to 2D game streaming, but this still opens up a large library of games that users can play on a massive virtual screen inside Vision Pro. At the same time, Vision Pro already handles 2D media very well, and this update builds on that strength by turning the headset into a portable gaming display that connects directly to your existing setup without needing extra hardware. You can join the Steam Link beta through TestFlight right now, and this early release shows how Apple Vision Pro continues to expand beyond media into more practical and everyday use cases like gaming.
Read more of this story at Slashdot.
- Apple and Lenovo Have the Least Repairable Laptops, Analysis Finds
An anonymous reader quotes a report from Ars Technica: Apple earned the lowest grades in a report on laptop and smartphone repairability released today by the consumer advocacy group Public Interest Research Group (PIRG) Education Fund. The report, which looks at how easy devices are to disassemble and how easy it is to find repairability information, gave Apple a C-minus in laptop repairability and a D-minus in cell phone repairability. For its "Failing the Fix (2026): Grading laptop and cell phone companies on the fixability of their products" report, PIRG analyzed the 10 newest laptops and phones that were available via manufacturers' French website in January. [...] Apple leads the list of laptop repairability losers, largely due to it having low disassembly scores. Apple, along with Dell and Samsung, also lost a full point for being members of TechNet and the CTA. Lenovo had the second-worst grade with a C-minus. Like Apple, Lenovo had low disassembly scores. It also lost 0.5 points for failing to properly post PDFs explaining the French repair scores for some of its newest laptops sold in the region, as required in France. This is especially noteworthy because Lenovo got an F in last year's report for missing this information on at least 12 laptops. At the time, Lenovo director of communications David Hamilton provided a statement to Ars saying that the missing information was "due to a backend web compatibility issue that temporarily prevented the display of repairability scores on our Lenovo France website" that was "widely resolved." However, it appears that over a year later, Lenovo still isn't providing sufficient information to meet France's requirements "While Lenovo has improved somewhat with their compliance with French consumer law by providing more repair score PDFs on their website, we urge the company to resolve this multi-year issue," this year's report says. PIRG's report concluded that "laptops are pretty stagnant in terms of repairability" across many of the eight most popular laptop brands in the US. However, Proctor noted to Ars that consumers' access to parts, tools, and information that vendors have has improved, but improvements around ease of disassembly "take longer to realize." He also praised vendors' efforts to release more repairable designs, such as Apple's MacBook Neo. For its repairability index, PIRG weighed physical ease of disassembly most heavily, while also considering the availability of repair documentation, spare parts, spare-parts affordability, and other product-specific criteria. It then adjusted company grades by deducting points for membership in trade groups that oppose right-to-repair laws and adding small bonuses for manufacturers that supported right-to-repair legislation. Acer stood out as the only laptop vendor that avoided the 0.5-point trade-group penalty, since it was not listed as a member of TechNet or the Consumer Technology Association.
Read more of this story at Slashdot.
- CIA Reportedly Used Secret Quantum Tool To Find Downed Airman in Iran
alternative_right quotes a report from the New York Post: The CIA used a futuristic new tool called "Ghost Murmur" to find and rescue the second American airman who was shot down in southern Iran, The Post has learned. The secret technology uses long-range quantum magnetometry to find the electromagnetic fingerprint of a human heartbeat and pairs the data with artificial intelligence software to isolate the signature from background noise, two sources close to the breakthrough said. It was the tool's first use in the field by the spy agency -- and was alluded to Monday afternoon by President Trump and CIA Director John Ratcliffe at a White House briefing. "It's like hearing a voice in a stadium, except the stadium is a thousand square miles of desert," a source briefed on the program told The Post. "In the right conditions, if your heart is beating, we will find you." The relatively barren landscape made for "an ideal first operational use" of Ghost Murmur, the first source noted. "Normally this signal is so weak that it can only be measured in a hospital setting with sensors pressed nearly against the chest," the source said. "But advances in a field known as quantum magnetometry -- specifically sensors built around microscopic defects in synthetic diamonds -- have apparently made it possible to detect these signals at dramatically greater distances." "The capability is not omniscient. It works best in remote, low-clutter environments and requires significant processing time," this person added.
Read more of this story at Slashdot.
- Planet Labs Tests AI-Powered Object Detection On Satellite
BrianFagioli writes: Artificial intelligence has now run directly on a satellite in orbit. A spacecraft about 500km above Earth captured an image of an airport and then immediately ran an onboard AI model to detect airplanes in the photo. Instead of acting like a simple camera in space that sends raw data back to Earth for later analysis, the satellite performed the computation itself while still in orbit. The system used an NVIDIA Jetson Orin module to run the object detection model moments after the image was taken. Traditionally, Earth observation satellites capture images and transmit large datasets to ground stations where computers process them hours later. Running AI directly on the satellite could reduce that delay dramatically, allowing spacecraft to analyze events like disasters, infrastructure changes, or aircraft activity almost immediately. "This success is a glimpse into the future of what we call Planetary Intelligence at scale," said Kiruthika Devaraj, VP of Avionics & Spacecraft Technology. "By running AI at the edge on the NVIDIA Jetson platform, we can help reduce the time between 'seeing' a change on Earth and a customer 'acting' on it, while simultaneously minimizing downlink latency and cost. This shift toward integrated AI at the edge is a technological leap that can help differentiate solutions like Planet's Global Monitoring Service (GMS), providing valuable insights for our customers and enabling rapid response times when it matters most."
Read more of this story at Slashdot.
- Russian Government Hackers Broke Into Thousands of Home Routers To Steal Passwords
An anonymous reader quotes a report from TechCrunch: A group of Russian government hackers have hijacked thousands of home and small business routers around the world as part of an ongoing campaign aimed at redirecting victim's internet traffic to steal their passwords and access tokens, security researchers and government authorities warned on Tuesday. [...] The hacking group targeted unpatched routers made by MikroTik and TP-Link using previously disclosed vulnerabilities according to the U.K. government's cybersecurity unit NCSC and Lumen's research arm Black Lotus Labs, which released new details of the campaign Tuesday. According to the researchers, the hackers were able to spy on large numbers of people over the course of several years by compromising their routers, many of which run outdated software, leaving them vulnerable to remote attacks without their owners' knowledge. The NCSC said that these operations are "likely opportunistic in nature, with the actor casting a wide net to reach many potential victims, before narrowing in on targets of intelligence interest as the attack develops." Per the researchers and government advisories, the Russian hackers hacked routers to modify the device's settings so that the victim's internet requests are surreptitiously passed to infrastructure run by the hackers. This allows the hackers to redirect victims to spoof websites under their control, then steal passwords and tokens that let the hackers log in to that victim's online accounts without needing their two-factor authentication codes. Black Lotus Labs said that Fancy Bear compromised at least 18,000 victims in around 120 countries, including government departments, law enforcement agencies, and email providers across North Africa, Central America, and Southeast Asia. Microsoft, which also released details of the campaign on Tuesday, said in a blog post that its researchers identified over 200 organizations and 5,000 consumer devices affected by these hacking operations, including at least three government organizations in Africa. The Justice Department said Tuesday it neutralized compromised routers in the U.S. under court authorization. As the DOJ put it, the FBI "developed a series of commands to send to compromised routers" to collect evidence, reset settings, and prevent hackers from breaking back in.
Read more of this story at Slashdot.
- Apple Faces 'Massive Dilemma' With Success of the MacBook Neo
Apple may have a supply problem on its hands with the MacBook Neo... The laptop reportedly relies on "binned" A18 Pro chips with one GPU core disabled, and demand is so strong that the supply of those cheaper leftover chips could run out before the next model is ready. That leaves Apple choosing between lower margins, shifting production plans, or changing the lineup to keep its $599 hit product in stock. MacRumors reports: The all-new MacBook Neo has been such a hit that Apple is facing a "massive dilemma," according to Taiwan-based tech columnist and former Bloomberg reporter Tim Culpan. [...] In the latest edition of his Culpium newsletter today, Culpan said the MacBook Neo is selling so well that Apple's supply of the binned A18 Pro chips with a 5-core GPU will "run out" before the company is able to fully satisfy demand for the laptop. Apple's initial plan was to have suppliers build around five to six million MacBook Neo units before ceasing production of the model with the A18 Pro chip, he said, but it sounds like demand is so strong that Apple might run out of A18 Pro chips to put in the MacBook Neo before the second-generation MacBook Neo with an A19 Pro chip is ready next year. Apple is unlikely to mark the MacBook Neo as temporarily sold out, so it may be forced to take action, but profit margins might be affected. A18 Pro chips are manufactured with TSMC's second-generation 3nm process, known as N3E, and Culpan said TSMC's N3E production lines are currently operating at maximum capacity. As a result, he said that Apple may have to pay a premium to restart A18 Pro chip production for the MacBook Neo, which would lower its profit margins. Apple would have to disable a GPU core on these chips to ensure that they have only a 5-core GPU, like all other MacBook Neo units sold to date. Alternatively, Culpan said that Apple could reallocate some of its chip production that was originally planned for other devices, but he said the cost would still be higher than what it paid for its initial batch of A18 Pro chips. Culpan speculated that Apple could also opt to discontinue the $599 model with 256GB of storage, leaving the $699 model with 512GB of storage and a Touch ID button as the only configuration available. This is unlikely to happen any time soon, in our view, given how heavily Apple has been promoting the MacBook Neo's affordability. Apple might also be able to move up the release of a MacBook Neo with the iPhone 17 Pro's A19 Pro chip, but that too would be a costlier option, at least until the company achieves a sufficient stockpile of binned A19 Pro chips with a 5-core GPU. In any case, Apple could opt to keep the starting price of current and future MacBook Neo models at $599 and simply accept lower profit margins on the laptop, especially given that it attracts customers to the macOS and broader Apple ecosystem.
Read more of this story at Slashdot.
- Anthropic Unveils 'Claude Mythos', Powerful AI With Major Cyber Implications
"Anthropic has unveiled Claude Mythos, a new AI model capable of discovering critical vulnerabilities at scale," writes Slashdot reader wiredmikey. "It's already powering Project Glasswing, a joint effort with major tech firms to secure critical software. But the same capabilities could also accelerate offensive cyber operations." SecurityWeek reports: Mythos is not an incremental improvement but a step change in performance over Anthropic's current range of frontier models: Haiku (smallest), Sonnet (middle ground), and Opus (most powerful). Mythos sits in a fourth tier named Copybara, and Anthropic describes it as superior to any other existing AI frontier model. It incorporates the current trend in the use of AI: the modern use of agentic AI. "The powerful cyber capabilities of Claude Mythos Preview are a result of its strong agentic coding and reasoning skills... the model has the highest scores of any model yet developed on a variety of software coding tasks," notes Anthropic in a blog titled Project Glasswing -- Securing critical software for the AI era. In the last few weeks, Mythos Preview has identified thousands of zero-day vulnerabilities with many classified as critical. Several are ten or 20 years old -- the oldest found so far is a 27-years old bug in OpenBSD. Elsewhere, a 16-years old vulnerability found in video software has survived five million hits from other automated testing tools without ever being discovered. And it autonomously found and chained together several in the Linux kernel allowing an attacker to escalate from ordinary user access to complete control of the machine. [...] Anthropic is concerned that Mythos' capabilities could unleash cyberattacks too fast and too sophisticated for defenders to block. It hopes that Mythos can be used to improve cybersecurity generally before malicious actors can get access to it. To this end, the firm has announced the next stage of this preparation as Project Glasswing, powered by Mythos Preview. Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. "Project Glasswing is a starting point. No one organization can solve these cybersecurity problems alone: frontier AI developers, other software companies, security researchers, open-source maintainers, and governments across the world all have essential roles to play." Claude Mythos Preview is described as a general-purpose, unreleased frontier model from Anthropic that has nevertheless completed its training phase. The firm does not plan to make Mythos Preview generally available. The implication is that 'Preview' is a term used solely to describe the current state of Mythos and the market's readiness to receive it, and will be dropped when the firm gets closer to general release.
Read more of this story at Slashdot.
- Chrome Is Finally Getting Vertical Tabs
Chrome is finally adding built-in vertical tabs, "which will move the tabs to the side of the browser window, making it easier to read full page titles and manage tab groups," reports TechCrunch. The company is also introducing an immersive reading mode for a distraction-free, text-focused experience. From the report: The company notes that the new vertical tabs can be enabled at any time by right-clicking on a Chrome window and selecting "Show Tabs Vertically." The company says there's no hard limit on the number of tabs that can be opened (beyond what would be limited already by the user's hardware). The vertical tabs work just as the horizontal tabs do, meaning you can have different Chrome windows with their own set of tabs or tab groups. [...] Alongside the launch of vertical tabs, Chrome is also rolling out a new Reading Mode experience, which will offer a full-page interface to make it even easier to reduce on-screen clutter to focus on the text. This will be the new default experience for Chrome users, and arrives at a time when web pages, particularly those on news sites, have become cluttered with ads and prompts to subscribe to newsletters.
Read more of this story at Slashdot.
- Supreme Court Wipes Piracy Liability Verdict Against Grande Communications
An anonymous reader quotes a report from TorrentFreak: Following on the heels of the landmark Cox v. Sony ruling, the Supreme Court has vacated the contributory copyright infringement verdict against ISP Grande Communications, ordering the Fifth Circuit to reconsider its decision in light of the new precedent. [...] The order (PDF) effectively removes the case from the Supreme Court docket, urging the Fifth Circuit Court of Appeals to take another look at its decision in light of the new ruling. Given the similarities between the two cases, it is no surprise that the Supreme Court came to this conclusion. It is now up to the Fifth Circuit to revisit whether Grande's conduct meets the intent threshold that was established in Cox. That is a significantly higher bar than the one applied in the original verdict, which found that continuing to provide service to known infringers was enough to establish material contribution. The music companies previously said they sent over a million copyright infringement notices, but that Grande failed to terminate even a single subscriber account in response. However, without proof of active inducement, these absolute numbers carry less weight now. Whether this translates into a win for Grande on remand remains to be seen. For now, however, the original $47 million verdict is further away than ever.
Read more of this story at Slashdot.
- Testing Suggests Google's AI Overviews Tells Millions of Lies Per Hour
A New York Times analysis found Google's AI Overviews now answer questions correctly about 90% of the time, which might sound impressive until you realize that roughly 1 in 10 answers is wrong. "[F]or Google, that means hundreds of thousands of lies going out every minute of the day," reports Ars Technica. From the report: The Times conducted this analysis with the help of a startup called Oumi, which itself is deeply involved in developing AI models. The company used AI tools to probe AI Overviews with the SimpleQA evaluation, a common test to rank the factuality of generative models like Gemini. Released by OpenAI in 2024, SimpleQA is essentially a list of more than 4,000 questions with verifiable answers that can be fed into an AI. Oumi began running its test last year when Gemini 2.5 was still the company's best model. At the time, the benchmark showed an 85 percent accuracy rate. When the test was rerun following the Gemini 3 update, AI Overviews answered 91 percent of the questions correctly. If you extrapolate this miss rate out to all Google searches, AI Overviews is generating tens of millions of incorrect answers per day. The report includes several examples of where AI Overviews went wrong. When asked for the date on which Bob Marley's former home became a museum, AI Overviews cited three pages, two of which didn't discuss the date at all. The final one, Wikipedia, listed two contradictory years, and AI Overviews confidently chose the wrong one. The benchmark also prompts models to produce the date on which Yo Yo Ma was inducted into the classical music hall of fame. While AI Overviews cited the organization's website that listed Ma's induction, it claimed there's no such thing as the Classical Music Hall of Fame. "This study has serious holes," said Google spokesperson Ned Adriance. "It doesn't reflect what people are actually searching on Google." The search giant likes to use a test called SimpleQA Verified, which uses a smaller set of questions that have been more thoroughly vetted.
Read more of this story at Slashdot.
- Microsoft calls time on ASP.NET Core 2.3 on .NET Framework
Tangled tale nears end as Redmond classifies it as a tool, not a library
Microsoft has set an end-of-support date of April 7, 2027, for ASP.NET Core 2.3, the only supported version on .NET Framework, even though .NET Framework (and the original ASP.NET) will continue to be supported.…
- Amazon rewards loyal Kindle devotees by closing the book on old e-readers
To 'minimize disruption,' Bezoscorp offers a 20% discount on new hardware you didn't want
Updated Amazon is rewarding long-time Kindle users by ditching support for aging devices, though it is trying to "minimize disruption" for existing customers by dangling a 20 percent discount for new models along with an eBook credit.…
- Investors are going nuclear to keep UK's AI datacenters fed
Market watcher says money is pouring into British atomic and fusion startups amid massive energy demand
Investors are backing nuclear power as a solution to fuel the UK's datacenter buildout, according to researchers tracking investment activity.…
- DXC lands Metropolitan Police outsourcing deal that could climb to £1B
Supplier will support the current Oracle E-Business Suite and lead migration to a new Oracle Fusion SaaS platform
The UK's largest police force has awarded DXC Technology a contract worth up to £1 billion to develop and run a host of business process outsourcing services – including building a new Oracle ERP system.…
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]
- Things Linux OS Can Do That Other OS Can�t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter [0]
- Plan 9 is a uniquely complete operating system
From 2024, but still accurate and interesting: Plan 9 is unique in this sense that everything the system needs is covered by the base install. This includes the compilers, graphical environment, window manager, text editors, ssh client, torrent client, web server, and the list goes on. Nearly everything a user can do with the system is available right from the get go. ↫ moody This is definitely something that sets Plan 9 apart from everything else, but as moody � 9front developer � notes, this also has a downside in that development isn�t as fast, and Plan 9 variants of tools lack features upstream has for a long time. He further adds that he think this is why Plan 9 has remained mostly a hobbyist curiosity, but I�m not entirely sure that�s the main reason. The cold and harsh truth is that Plan 9 is really weird, and while that weirdness is a huge part of its appeal and I hope it never loses it, it also means learning Plan 9 is really hard. I firmly believe Plan 9 has the potential to attract more users, but to get there, it�s going to need an onboarding process that�s more approachable than reading 9front�s frequently questioned answers, excellent though they are. After installing 9front and loading it up for the first time, you basically hit a brick wall that�s going to be rough to climb. It would be amazing if 9front could somehow add some climbing tools for first-time users, without actually giving up on its uniqueness. Sometimes, Plan 9 feels more like an experimental art project instead of the capable operating system that it is, and I feel like that chases people away. Which is a real shame.
- Anos: a hobby microkernel operating system written in C
Anos is a modern, opinionated, non-POSIX operating system (just a hobby, won�t be big and professional like GNU-Linux) for x86_64 PCs and RISC-V machines. Anos currently comprises the STAGE3 microkernel, SYSTEM user-mode supervisor, and a base set of servers implementing the base of the operating system. There is a (WIP) toolchain for Anos based on Binutils, GCC (16-experimental) and Newlib (with a custom libgloss). ↫ Anos GitHub page It�s written in C, runs on both x86-64 and RISC-V, and can run on real hardware too (but this hasn�t been tested on RISC-V just yet). For the x86 side of things, it�s strictly 64 bit, and requires a Haswell (4th Gen) chip or higher.
- The 499th patch for 2.11BSD released
This year sees 35 years since 2.11BSD was announced on March 14, 1991 � itself a slightly late celebration of 20 years of the PDP-11 � and January 2026 brought what looks to be the venerable 16-bit OS�s biggest ever patch! Much of the 1.3 MB size is due to Anders Magnusson, well-known for his work on NetBSD and the Portable C Compiler. Since 2.11BSD�s stdio was not ANSI compliant, he�s ported from 4.4BSD. ↫ BigSneakyDuck at Reddit There�s an incredible amount of work in here on this old variant of BSD, including fixes for old bugs and tons of other changes. This, the 499th patch for 2.11BSD, is so big, in fact, that vi on 2.11BSD can�t handle the size of the files, so you�re going to need to cut them up with sed, for which instructions are included. It�s quite unique to see such a big update on the 35th anniversary of an operating system.
- KDE is bringing back its classic Oxygen and Air themes
Anyone remember the KDE 4.0 themes Oxygen and Air? Well, several KDE developers have been working tirelessly to bring them back, which means they�re patching it up, fixing bugs, and generally making these classic themes work well in the current releases of KDE Plasma 6. The last post regarding work on fixing Oxygen was a month and a half ago. With all that’s happened in between, it feels like so much more time has actually passed. With this post, I’d like to do a sort of mid-term update summing up all of the improvements done so far. These improvements are not just my work, but also, as you’ll see, the work of the lead Oxygen designer Nuno Pinheiro, of several seasoned KDE developers, and of new contributors to Oxygen as well. ↫ Filip Fila The effort to bring these themes back go much beyond just making them nominally work; the developers and designers are also making sure the themes work properly with all the new features that have come to KDE since the 4.x and 5.x days, like adaptive and floating panels, various forms of blur, and a ton more � which includes making sure the themes are fully compatible with Wayland, which introduced a slew of new visual glitches and issues to these old themes in recent years. They are also working on improving, updating, and expanding the Oxygen icon set, which should surely bring back a ton of memories. This work involves not just designing new icons for applications and other things that didn�t exist back when Oxygen was current, but also fixing old icons that look blurry on modern setups, addressing cases where monochrome and colourful icons mismatch, and so on. They�re clearly taking this very seriously. It seems to be an organic effort more and more people got involved with as time passed, and they�re aiming to have these themes ready for Plasma 6.7, to be released in June of this year. You can already try the current versions today, but they do require the absolute latest version of KDE Plasma to work properly. More improvements are planned for the coming weeks. This whole thing brings a massive smile to my face, and is such a perfect illustration of why I love the KDE project and its approach and spirit. At this point in time, I personally can�t imagine using any other desktop environment.
- I used AI. It worked. I hated it.!
This is a great post, but obviously it hasn�t convinced me: The folks waving their arms and yelling about recent models� capabilities have a point: the thing works. This project finished in three weeks. Compare that to Ringspace, a similarly-sized project that took me about six months of nights and early mornings to complete, while not doing my day job or being Dad to an amazing, but demanding toddler. I simply could not have built this project as well or as quickly without help. And as other developers have noted, this is the help that�s showing up. I�m not entirely onboard with Mike Masnick�s optimistic view of this technology�s democratizing power. I don�t think it�s as easy to separate the tech from its provenance or corporate control. But CertGen, my certificate application, exists now. It didn�t and couldn�t without the help of a tool like Claude Code. Open source in particular needs to reckon with this, because the current situation of demanding developers starve and bleed themselves dry without support isn�t tenable. We need to grapple with this. I�m not yet sure how it all breaks down, and anyone who says they do is lying, foolish, or fanatical. ↫ Michael Taggart If you disregard that AI! models are trained on stolen data, that such data was prepared by exploited workers, that AI! data centres have a hugely negative impact on the environment, that AI! data centers are distorting the entire computing market, that AI! models they feed the endless firehose of intentional misinformation, that they are wreaking havoc in education, that they increase your reliance on American big tech companies, that you pay AI! companies for taking your work, that AI! models are a vital component in the technofascist wet dreams of their creators, that they are the cornerstone of politicians� dream of ending anonymity, and that they contribute to racist and abusive policing, then yes, sometimes, they produce code that works and isn�t total horseshit. It�s a deeply depressing reversed what have the Romans ever done for us?! that makes me sad, more than anything. I�ve seen so many otherwise smart, caring, and genuine people just shove all of these massive downsides aside for the mere novelty, the peer pressure, the occasional sense that their lines of code! metric is going up. It�s the digital equivalent of rolling coal.
- Adobe secretly modifies your hosts file for the stupidest reason
If you�re using Windows or macOS and have Adobe Creative Cloud installed, you may want to take a peek at your hosts file. It turns out Adobe adds a bunch of entries into the hosts file, for a very stupid reason. They�re using this to detect if you have Creative Cloud already installed when you visit on their website. When you visit https://www.adobe.com/home, they load this image using JavaScript:  If the DNS entry in your hosts file is present, your browser will therefore connect to their server, so they know you have Creative Cloud installed, otherwise the load fails, which they detect. They used to just hit http://localhost:`various portsb/cc.png which connected to your Creative Cloud app directly, but then Chrome started blocking Local Network Access, so they had to do this hosts file hack instead. ↫ thenickdude at Reddit At what point does a commercial software suite become malware?
- TinyOS: ultra-lightweight RTOS for IoT devices
An ultra-lightweight real-time operating system for resource-constrained IoT and embedded devices. Kernel footprint under 10 KB, 2 KB minimum RAM, preemptive priority-based scheduling. ↫ TinyOS GitHub page Written in C, open source, and supports ARM and RISC-V.
- Redox gets new CPU scheduler
Another major improvement in Redox: a brand new scheduler which improves performance under load considerably. We have replaced the legacy Round Robin scheduler with a Deficit Weighted Round Robin scheduler. Due to this, we finally have a way of assigning different priorities to our Process contexts. When running under light load, you may not notice any difference, but under heavy load the new scheduler outperforms the old one (eg. ~150 FPS gain in the pixelcannon 3D Redox demo, and ~1.5x gain in operations/sec for CPU bound tasks and a similar improvement in responsiveness too (measured through schedrs)). ↫ Akshit Gaur Work is far from over in this area, as they�re now moving on to replacing the static queue logic with the dynamic lag-calculations of full EEVDF .
- Open source office suites erupt in forking and licensing drama
You�d think if there was one corner of the open source world where you wouldn�t find drama it�d be open source office suites, but it turns out we could not have been more wrong. First, there�s The Document Foundation, stewards of LibreOffice, ejecting a ton of LibreOffice contributors. In the ongoing saga of The Document Foundation (TDF), their Membership Committee has decided to eject from membership all Collabora staff and partners. That includes over thirty people who have contributed faithfully to LibreOffice for many years. It is interesting to see a formal meritocracy eject so many, based on unproven legal concerns and guilt by association. This includes seven of the top ten core committers of all time (excluding release engineers) currently working for Collabora Productivity. The move is the culmination of TDF losing a large number of founders from membership over the last few years with: Thorsten Behrens, Jan ‘Kendy’ Holesovsky, Rene Engelhard, Caolan McNamara, Michael Meeks, Cor Nouws and Italo Vignoli no longer members. Of the remaining active founders, three of the last four are paid TDF staff (of whom none are programming on the core code). ↫ Micheal Meeks The end result seems to be that Collabora is effectively forking LibreOffice, which feels like we�re back where we were 15 years ago when LibreOffice forked from OpenOffice. There seems to be a ton of drama and infighting here that I�m not particularly interested in, but it�s sad to see such drama and infighting result in needless complications for developers, end users, and distributors alike. As if this wasn�t enough, there�s also forking drama in OnlyOffice land, the other open source office suite, licensed under the AGPL. This ope source office suite has been forked by Nextcloud and IONOS into Euro-Office, in pursuit of digital sovereignty in the EU. It�s also not an entirely unimportant detail that OnlyOffice is Russian, with most of its developers residing in Russia. Anyway, the OnlyOffice team has not taken this in stride, claiming there�s a violation of the AGPL license going on here, specifically because OnlyOffice adds contradictory attribution terms to the AGPL. It�s a complicated story, but it does seem most experts in this area seem to disagree with OnlyOffice�s interpretation. We�re in for another messy time.
- How Microsoft vaporized a trillion dollars
This is the first of a series of articles in which you will learn about what may be one of the silliest, most preventable, and most costly mishaps of the 21st century, where Microsoft all but lost OpenAI, its largest customer, and the trust of the US government. ↫ Axel Rietschin It won�t take long into this series of articles before you start wondering how anyone manages to ship anything at Microsoft. If even half of this is accurate, this company should be placed under some sort of external oversight.
- MX Linux Pushes Back Against Age Verification: A Stand for Privacy and Open Source Principles
by George Whittaker
The MX Linux project has taken a firm stance in a growing controversy across the Linux ecosystem: mandatory age-verification requirements at the operating system level. In a recent update, the team made it clear, they have no intention of implementing such measures, citing concerns over privacy, practicality, and the core philosophy of open-source software.
As governments begin introducing laws that could require operating systems to collect user age data, MX Linux is joining a group of projects resisting the shift.
What Sparked the Debate?
The discussion around age verification stems from new legislation, particularly in regions like the United States and Brazil, that aims to protect minors online. These laws may require operating systems to:
Collect user age or date of birth during setup Provide age-related data to applications Enable content filtering based on age categories
At the same time, underlying Linux components such as systemd have already begun exploring technical changes, including storing birthdate fields in user records to support such requirements.
MX Linux Says “No” to Age Verification
In response, the MX Linux team has clearly rejected the idea of integrating age verification into their distribution. Their reasoning is rooted in several key concerns:
User privacy: Collecting age data introduces sensitive personal information into systems that traditionally avoid such tracking Feasibility: Implementing consistent, secure age verification across a decentralized OS ecosystem is highly complex Philosophy: Open-source operating systems are not designed to act as data collectors or gatekeepers
The developers emphasized that they do not want to burden users with intrusive requirements and instead encouraged concerned individuals to direct their efforts toward policymakers rather than Linux projects.
A Broader Resistance in the Linux Community
MX Linux is not alone. The Linux world is divided on how, or whether, to respond to these regulations.
Some projects are exploring compliance, while others are pushing back entirely. In fact, age verification laws have sparked:
Strong debate among developers and maintainers Concerns about enforceability on open-source platforms New projects explicitly created to resist such requirements
In some extreme cases, distributions have even restricted access in certain regions to avoid legal complications.
Why This Matters
At its core, this issue goes beyond a single feature, it raises fundamental questions about what an operating system should be.
Linux has long stood for:
Go to Full Article
- LibreOffice Drives Europe’s Open Source Shift: A Growing Push for Digital Sovereignty
by George Whittaker
LibreOffice is increasingly at the center of Europe’s push toward open-source adoption and digital independence. Backed by The Document Foundation, the widely used office suite is playing a key role in helping governments, institutions, and organizations reduce reliance on proprietary software while strengthening control over their digital infrastructure.
Across the European Union, this shift is no longer experimental, it’s becoming policy.
A Broader Movement Toward Open Source
Europe has been steadily moving toward open-source technologies for years, but recent developments show clear acceleration. Governments and public institutions are actively transitioning away from proprietary platforms, often citing concerns about vendor lock-in, cost, and data control.
According to recent industry data, European organizations are adopting open source faster than their U.S. counterparts, with vendor lock-in concerns cited as a major driver.
LibreOffice sits at the center of this trend as a mature, fully open-source alternative to traditional office suites.
LibreOffice as a Strategic Tool
LibreOffice isn’t just another productivity application, it has become a strategic component in Europe’s digital policy framework.
The software:
Is fully open source and community-driven Supports open standards like OpenDocument Format (ODF) Allows governments to avoid dependency on specific vendors Enables long-term control over data and infrastructure
These characteristics align closely with the European Union’s broader strategy to promote interoperability and transparency through open standards.
Government Adoption Across Europe
LibreOffice adoption is already happening at scale across multiple countries and sectors.
Examples include:
Germany (Schleswig-Holstein): transitioning tens of thousands of government systems to Linux and LibreOffice Denmark: replacing Microsoft Office in public institutions as part of a broader digital sovereignty initiative France and Italy: deploying LibreOffice across ministries and defense organizations Spain and local governments: adopting LibreOffice to standardize workflows and reduce costs
In some cases, migrations involve hundreds of thousands of systems, demonstrating that open-source office software is viable at national scale.
Go to Full Article
- From Linux to Blockchain: The Infrastructure Behind Modern Financial Systems
by George Whittaker
The modern internet is built on open systems. From the Linux kernel powering servers worldwide to the protocols that govern data exchange, much of today’s digital infrastructure is rooted in transparency, collaboration, and decentralization. These same principles are now influencing a new frontier: financial systems built on blockchain technology.
For developers and system architects familiar with Linux and open-source ecosystems, the rise of cryptocurrency is not just a financial trend, it is an extension of ideas that have been evolving for decades.
Open-Source Foundations and Financial Innovation
Linux has long demonstrated the power of decentralized development. Instead of relying on a single authority, it thrives through distributed contributions, peer review, and community-driven improvement.
Blockchain technology follows a similar model. Networks like Bitcoin operate on open protocols, where consensus is achieved through distributed nodes rather than centralized control. Every transaction is verified, recorded, and made transparent through cryptographic mechanisms.
For those who have spent years working within Linux environments, this architecture feels familiar. It reflects a shift away from trust-based systems toward verification-based systems.
Understanding the Stack: Nodes, Protocols, and Interfaces
At a technical level, cryptocurrency systems are composed of multiple layers. Full nodes maintain the blockchain, validating transactions and ensuring network integrity. Lightweight clients provide access to users without requiring full data replication. On top of this, exchanges and platforms act as interfaces that connect users to the underlying network.
For developers, interacting with these systems often involves APIs, command-line tools, and automation scripts, tools that are already integral to Linux workflows. Managing wallets, verifying transactions, and monitoring network activity can all be integrated into existing development environments.
Go to Full Article
- Firefox 149 Arrives with Built-In VPN, Split View, and Smarter Browsing Tools
by George Whittaker
Mozilla has officially released Firefox 149.0, bringing a mix of new productivity features, privacy enhancements, and interface improvements. Released on March 24, 2026, this update continues Firefox’s steady push toward a more modern and user-focused browsing experience.
Rather than focusing on a single headline feature, Firefox 149 introduces several practical tools designed to improve how users multitask, stay secure, and interact with the web.
Built-In VPN Comes to Firefox
One of the most notable additions in Firefox 149 is the introduction of a built-in VPN feature. This optional tool provides users with an added layer of privacy while browsing, helping mask IP addresses and secure connections on public networks.
In some configurations, Mozilla is offering a free usage tier with limited monthly data, giving users a simple way to enhance privacy without installing separate software.
This move aligns with Mozilla’s long-standing emphasis on user privacy and security.
Split View for Better Multitasking
Firefox 149 introduces a Split View mode, allowing users to display two web pages side by side within a single browser window. This feature is especially useful for:
Comparing documents or products Copying information between pages Research and multitasking workflows
Instead of juggling multiple tabs and windows, users can now work more efficiently in a single, organized view.
Tab Notes: A New Productivity Tool
Another standout feature is Tab Notes, available through Firefox Labs. This tool allows users to attach notes directly to individual tabs, making it easier to:
Keep track of research Save reminders tied to specific pages Organize ongoing tasks
This feature reflects a growing trend toward integrating lightweight productivity tools directly into the browser experience.
Smarter Browsing with Optional AI Features
Firefox 149 also expands its experimental AI-powered features, including tools that can assist with summarizing content, providing quick explanations, or helping users interact with web pages more efficiently.
Importantly, Mozilla is keeping these features optional and user-controlled, maintaining its focus on transparency and privacy.
Developer and Platform Updates
For developers, Firefox 149 includes updates to web standards and APIs. One example is improved support for HTML features like enhanced popover behavior, which helps developers build more interactive web interfaces.
As always, these under-the-hood changes help ensure Firefox remains competitive and standards-compliant.
Go to Full Article
- Blender 5.1 Released: Faster Workflows, Smarter Tools, and Major Performance Gains
by german.suarez
The Blender Foundation has officially released Blender 5.1, the latest update to its powerful open-source 3D creation suite. This version focuses heavily on performance improvements, workflow refinements, and stability, while also introducing a handful of new features that expand what artists and developers can achieve.
Rather than reinventing the platform, Blender 5.1 is all about making existing tools faster, smoother, and more reliable — a release that benefits both professionals and hobbyists alike.
A Release Focused on Refinement
Blender 5.1 emphasizes polish over disruption, with developers addressing hundreds of issues and improving the overall production pipeline. The update includes widespread optimizations across rendering, animation, modeling, and the viewport, resulting in a more responsive and efficient experience.
Many of Blender’s internal libraries have also been updated to align with modern standards like VFX Platform 2026, ensuring better long-term compatibility and performance.
Performance Gains Across the Board
One of the standout aspects of Blender 5.1 is its performance boost:
Faster animation playback and shape key evaluation Improved rendering speeds for both GPU and CPU Reduced memory overhead and smoother viewport interaction Optimized internal systems for better responsiveness
In some scenarios, animation and editing performance improvements can be dramatic, especially with complex scenes.
New Raycast Node for Advanced Shading
A major feature addition in Blender 5.1 is the Raycast shader node, which opens the door to advanced rendering techniques.
This node allows artists to trace rays within a scene and extract data from surfaces, enabling:
Non-photorealistic rendering (NPR) effects Custom shading techniques Decal projection and X-ray-style visuals
It’s a flexible tool that expands Blender’s shading capabilities, especially for stylized workflows.
Grease Pencil Gets a Big Upgrade
Blender’s 2D animation tool, Grease Pencil, sees meaningful improvements:
New fill workflow with support for holes in shapes Better handling of imported SVG and PDF files More intuitive drawing and editing behavior
These updates make Grease Pencil far more practical for hybrid 2D/3D workflows and animation pipelines.
Geometry Nodes and Modeling Improvements
Geometry Nodes continue to evolve with expanded functionality:
Go to Full Article
- The Need for Cloud Security in a Modern Business Environment
by George Whittaker
Cloud systems are an emergent standard in business, but migration efforts and other directional shifts have introduced vulnerabilities. Where some attack patterns are mitigated, cloud platforms leave businesses open to new threats and vectors. The dynamic nature of these environments cannot be addressed by traditional security systems, necessitating robust cloud security for contemporary organizations.
Just as businesses have come to acknowledge the value of cloud operations, so too have cyber attackers. Protecting sensitive assets and maintaining regulatory compliance, while simultaneously ensuring business continuity against cloud attacks, requires a modern strategy. When any window could be an opportunity for infiltration, a comprehensive approach serves to limit exploitation.
Unlike traditional on-premise infrastructure, cloud environments dramatically expand an organization’s threat surface. Resources are distributed across regions, heavily dependent on APIs, and frequently created or decommissioned in minutes. This constant change makes it difficult to maintain a fixed security perimeter and increases the likelihood that misconfigurations or exposed services go unnoticed, creating opportunities for exploitation.
The Vulnerabilities of Cloud Security Services
Any misconfiguration, insecure application programming interface (API), or identity management solution may become an invitation for cyberattacks. Amid the rise of artificial intelligence (AI) technology, it is possible for even inexperienced individuals to exploit such weaknesses in cloud systems. Cloud environments are designed for accessibility, a benefit that can be taken advantage of.
“Unlike traditional software, AI systems can be manipulated through language and indirect instructions,” Lee Chong Ming wrote for Business Insider. “[AI expert Sander] Schulhoff said people with experience in both AI security and cybersecurity would know what to do if an AI model is tricked into generating malicious code.”
At the same time that many businesses are migrating to cloud platforms and implementing cloud security features, they are adopting AI technology in order to accelerate workflows and other processes. These systems may have their advantages for certain industries, but their presence can create its own vulnerabilities. Addressing the shortcomings of cloud systems and AI at the same time compounds the security challenges of today.
Go to Full Article
- Google Brings Chrome to ARM Linux: A Long-Awaited Step for Modern Linux Devices
by George Whittaker
Google has officially announced that Chrome is coming to ARM64 Linux systems, marking a major milestone for both the Linux and ARM ecosystems. The native browser is expected to launch in Q2 2026, finally closing a long-standing gap for users running Linux on ARM-based hardware.
For years, ARM Linux users have relied on Chromium builds or workarounds to access a Chrome-like experience. That’s about to change.
Why This Announcement Matters
Until now, Google Chrome on Linux was limited to x86_64 systems, leaving ARM-based devices without an official build.
That meant users had to:
Use Chromium instead of Chrome
Run emulated versions of Chrome
Miss out on proprietary features like sync, DRM support, and Google services
With this new release, ARM Linux users will finally get the full Chrome experience, including seamless integration with Google’s ecosystem.
What Users Can Expect
The upcoming ARM64 version of Chrome will bring the same features users expect on other platforms:
Google account sync (bookmarks, history, tabs)
Access to the Chrome Web Store and extensions
Built-in features like translation, autofill, and security protections
Support for DRM services and media playback
This brings ARM Linux closer to feature parity with macOS (ARM support since 2020) and Windows on ARM (since 2024).
The Rise of ARM on Linux
The timing of this move reflects a broader shift in computing. ARM-based hardware is rapidly gaining traction across:
Laptops powered by Snapdragon and future ARM chips
Developer boards like Raspberry Pi
High-performance systems such as NVIDIA’s ARM-based AI desktops
Google itself highlighted growing demand for Chrome on these systems, especially as ARM expands beyond mobile devices into mainstream computing.
Partnerships and Deployment
Google is also working with hardware vendors to streamline adoption. Notably, Chrome will be integrated into NVIDIA’s Linux-on-ARM DGX Spark systems, making installation easier for high-performance AI workstations.
For general users, Chrome will be available for download directly from Google once released.
Why This Took So Long
Interestingly, this move comes years after Chrome was already available on ARM-based platforms like Apple Silicon Macs and Windows devices.
Go to Full Article
- CrackArmor Exposed: Critical Flaws in AppArmor Put Millions of Linux Systems at Risk
by George Whittaker
A newly disclosed set of vulnerabilities has sent shockwaves through the Linux security community. Dubbed “CrackArmor,” these flaws affect AppArmor, one of the most widely used security modules in Linux, potentially exposing millions of systems to serious compromise.
Discovered by the Qualys Threat Research Unit, the vulnerabilities highlight a concerning reality: even core security mechanisms can harbor weaknesses that go unnoticed for years.
What Is CrackArmor?
“CrackArmor” refers to a group of nine critical vulnerabilities found in the Linux kernel’s AppArmor module. AppArmor is a mandatory access control (MAC) system designed to restrict what applications can do, helping contain attacks and enforce system policies.
These flaws stem from a class of issues known as “confused deputy” vulnerabilities, where a lower-privileged user can trick trusted processes into performing actions on their behalf.
Why These Vulnerabilities Are Serious
The impact of CrackArmor is significant because it undermines one of Linux’s core security layers. Researchers found that attackers could:
Escalate privileges to root from an unprivileged account
Bypass AppArmor protections entirely
Break container isolation, affecting Kubernetes and cloud workloads
Execute arbitrary code in the kernel
Trigger denial-of-service (DoS) conditions
In some demonstrations, attackers were able to gain full root access in seconds under controlled conditions.
How Widespread Is the Risk?
The scope of the issue is massive. AppArmor is enabled by default in major distributions such as:
Ubuntu
Debian
SUSE
Because of this, researchers estimate that over 12.6 million Linux systems could be affected.
These systems span:
Enterprise servers
Cloud infrastructure
Containers and Kubernetes clusters
IoT and edge devices
This widespread deployment significantly amplifies the potential impact.
A Long-Standing Problem
One of the most concerning aspects of CrackArmor is how long the vulnerabilities have existed. According to researchers, the flaws date back to around 2017 (Linux kernel 4.11) and remained undiscovered in production environments for years.
This long exposure window increases the risk that similar weaknesses may exist elsewhere in critical system components.
Go to Full Article
- Intel Expands Linux Graphics Team to Boost Drivers and Gaming Support
by George Whittaker
Intel is once again investing in Linux development. The company has recently posted several job openings aimed at strengthening its Linux graphics driver and GPU software teams, signaling continued interest in improving Intel hardware support on the open-source platform.
For Linux users, especially gamers and developers, this could mean faster improvements to Intel’s graphics stack and stronger support for modern workloads.
New Roles Focused on Linux Graphics
Intel has listed multiple GPU Software Development Engineer positions, many of which specifically focus on Linux graphics technologies. These roles involve working on the full graphics stack, including firmware, kernel drivers, and user-space components used by applications and games.
The responsibilities for these positions include:
Developing and optimizing Intel GPU drivers for Linux
Improving the Linux graphics stack, including kernel DRM drivers and Mesa components
Working with graphics APIs and tools used by modern applications
Ensuring compatibility across desktop, workstation, and data-center hardware
The job listings also emphasize experience with C/C++ development and the Linux kernel graphics ecosystem, highlighting the technical depth required for these roles.
Linux Gaming Is Part of the Plan
One of the more notable details from the job postings is the mention of Linux gaming technologies such as Wine and Proton. These compatibility layers allow Windows games to run on Linux, making them central to platforms like SteamOS and the Steam Deck.
Intel’s focus on these tools suggests the company wants its GPUs to perform well not just in enterprise workloads but also in gaming environments. That aligns with the growing popularity of Linux gaming driven by:
Valve’s Proton compatibility layer
Vulkan-based graphics APIs
The success of devices like the Steam Deck
Beyond Gaming: HPC and Data Center Work
While gaming support is part of the focus, the hiring effort isn’t limited to consumer graphics. Intel is also recruiting engineers for areas such as:
High-performance computing (HPC)
AI and machine-learning workloads
Middleware development for supercomputing systems
Cloud and data-center GPU optimization
These roles indicate Intel’s broader strategy to strengthen Linux across multiple sectors, from desktops and laptops to supercomputers and cloud infrastructure.
Go to Full Article
- AerynOS 2026.02 Alpha Released: Advancing a Modern Atomic Linux Vision
by George Whittaker
The developers behind AerynOS have released AerynOS 2026.02 Alpha, the latest development snapshot of the independent Linux distribution previously known as Serpent OS. This new release continues the project’s rapid evolution, bringing updated packages, improved build tools, and new installation options while the system remains in an early testing stage.
Although still labeled as an alpha-quality release, the new ISO gives enthusiasts and developers a chance to explore the direction AerynOS is taking as it builds a modern Linux platform from scratch.
A Modern Atomic Approach
AerynOS aims to rethink how Linux distributions handle updates and package management. The project focuses on atomic-style updates, meaning system changes are applied as a complete transaction rather than individual package installs. This approach helps reduce the risk of partially completed updates leaving a system in a broken state.
Unlike some atomic distributions, however, AerynOS does not rely on an immutable filesystem, allowing users to retain flexibility and customization while still benefiting from safer update behavior.
Updated Desktop Environments
The 2026.02 alpha release ships with several modern desktop environment options:
GNOME 49.4 as the default desktop
COSMIC 1.0.8, System76’s emerging desktop environment
KDE Plasma 6.6.1 available as an alternative session
These updates provide users with multiple modern desktop choices while ensuring compatibility with the latest frameworks and desktop technologies.
New Core Software and Components
AerynOS 2026.02 also brings a large batch of software updates across the system stack. Some of the notable versions included in the release are:
Linux kernel 6.18.15 LTS
Firefox 148
PipeWire 1.6
Wine 11.3
Waybar 0.15
Mesa/Nesa graphics drivers 26.x
Together, these updates ensure that the development snapshot reflects a modern Linux software ecosystem while improving compatibility with newer hardware.
Improved Development Tooling
A significant portion of the February development cycle focused on improving the distribution’s internal tooling:
Moss, the package manager, has been optimized for faster performance.
Boulder, the package build system, now automates more recipe creation and version handling.
Go to Full Article
|
