|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All)
(Two Column)
- [$] Objections to systemd age-attestation changes go overboard
In early March, Dylan M. Taylor submitted a pull request to add a fieldto store a user's birth date in systemd's JSON user records. This was done to allowapplications to store the date to facilitate compliance with age-attestation and-verification laws. It was to be expected that some members of the community wouldobject; the actual response, however, has been shockingly hostile. Some of this hasbeen fueled by a misinformation campaign that has targeted the systemd project andTaylor specifically, resulting in Taylor being doxxed and receiving deaththreats. Such behavior is not just problematic; it is also deeply misguided given theactual nature of the changes.
- Vulnerability Research Is Cooked (sockpuppet.org)
There is ablog post on sockpuppet.org arguing that we are not prepared for theupcoming flood of high-quality, LLM-generated vulnerability reports andexploits.
Now consider the poor open source developers who, for the last 18 months, have complained about a torrent of slop vulnerability reports. I'd had mixed sympathies, but the complaints were at least empirically correct. That could change real fast. The new models find real stuff. Forget the slop; will projects be able to keep up with a steady feed of verified, reproducible, reliably-exploitable sev:hi vulnerabilities? That's what's coming down the pipe.
Everything is up in the air. The industry is sold on memory-safe software, but the shift is slow going. We've bought time with sandboxing and attack surface restriction. How well will these countermeasures hold up? A 4 layer system of sandboxes, kernels, hypervisors, and IPC schemes are, to an agent, an iterated version of the same problem. Agents will generate full-chain exploits, and they will do so soon.
Meanwhile, no defense looks flimsier now than closed source code. Reversing was already mostly a speed-bump even for entry-level teams, who lift binaries into IR or decompile them all the way back to source. Agents can do this too, but they can also reason directly from assembly. If you want a problem better suited to LLMs than bug hunting, program translation is a good place to start.
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (firefox, kernel, and kernel-rt), Debian (phpseclib and roundcube), Fedora (bind, bind-dyndb-ldap, dotnet8.0, dotnet9.0, firefox, freerdp, mingw-expat, musescore, nss, ntpd-rs, perl-YAML-Syck, php-phpseclib3, polkit, pyOpenSSL, python3.12, rust, rust-cargo-rpmstatus, rust-cargo-vendor-filterer, stgit, webkitgtk, and xen), SUSE (dovecot24, ImageMagick, jupyter-nbclassic, kernel, libjxl, libsuricata8_0_4, obs-service-recompress, obs-service-tar_scm, obs-service-set_version, openbao, perl-Crypt-URandom, plexus-utils, python-pyasn1, python-PyJWT, strongswan, traefik, traefik2, and webkit2gtk3), and Ubuntu (gst-plugins-base1.0, gst-plugins-good1.0, imagemagick, pillow, pyasn1, pyjwt, and roundcube).
- SystemRescue 13.00 released
SystemRescue 13.00 has been released. TheSystemRescue distribution is a live boot system-rescue toolkit, basedon Arch Linux, for repairing systems in the event of a crash. Thisrelease includes the 6.18.20 LTS kernel, updates bcachefs tools andkernel module to 1.37.3, and manyupgraded packages. See the step-by-step guide forinstructions on performing common operations such as recovering files,creating disk clones, and resetting lost passwords.
- Rspamd version 4.0.0 released
Version4.0.0 of the Rspamdspam-filtering system has been released. Notable new features includeHTML fuzzy phishing detection, support for up to eight flags with fuzzyhashes, and more. See the changelog for more onimprovements, breaking changes, and bug fixes.
- [$] Rust's next-generation trait solver
Rust's compiler team has been working on a long-term project torewrite the trait solver — the part of the compiler that determines whichconcrete function should be called when a programmer uses a trait method that isimplemented for multiple types. The rewrite is intended to simplifyfuture changes to the trait system, fix a handful of tricky soundness bugs, andprovide faster compile times. It's also nearly finished, with a relativelysmall number of remaining blocking bugs.
- Security updates for Monday
Security updates have been issued by AlmaLinux (freerdp, golang, and ncurses), Debian (asterisk, bind9, gst-plugins-base1.0, gst-plugins-ugly1.0, gvfs, incus, libxml-parser-perl, nodejs, php-phpseclib, php-phpseclib3, phpseclib, and strongswan), Fedora (bcftools, bind, bind-dyndb-ldap, chromium, dotnet10.0, dotnet8.0, dotnet9.0, giflib, htslib, libsoup3, libtasn1, maturin, mingw-expat, mingw-freetype, mongo-c-driver, perl-XML-Parser, php-phpseclib, php-phpseclib3, pypy, pypy3.10, pypy3.11, python-cryptography, python-fastar, python-ply, python-pycparser, python-uv-build, python3.11, python3.12, python3.13, python3.6, roundcubemail, rubygem-json, rust-ambient-id, rust-astral-reqwest-middleware, rust-astral-reqwest-retry, rust-astral-tokio-tar, rust-astral_async_http_range_reader, rust-cargo-c, rust-ingredients, rust-native-tls, rust-nix, rust-openssl-probe, rust-openssl-probe0.1, rust-pty-process, rust-reqsign, rust-reqsign-aliyun-oss, rust-reqsign-aws-v4, rust-reqsign-azure-storage, rust-reqsign-command-execute-tokio, rust-reqsign-core, rust-reqsign-file-read-tokio, rust-reqsign-google, rust-reqsign-http-send-reqwest, rust-reqsign-huaweicloud-obs, rust-reqsign-tencent-cos, rust-rustls-native-certs, rust-sequoia-chameleon-gnupg, rust-tar, rust-webpki-root-certs, rustup, samtools, suricata, uv, and vim), Mageia (cmake, libpng, nodejs, python-ujson, and strongswan), Red Hat (python3 and python3.9), SUSE (389-ds, amazon-cloudwatch-agent, capstone, chromium, containerd, cosign, curl, docker-compose, docker-stable, exiv2, expat, firefox, freeipmi, freerdp, gimp, glusterfs, govulncheck-vulndb, gstreamer-plugins-ugly, jupyter-bqplot-jupyterlab, jupyter-jupyterlab-templates, jupyter-matplotlib, kea, kernel, libsodium, libtpms-devel, LibVNCServer, nghttp2, nginx, poppler, python-dynaconf, python-ldap, python-nltk, python-orjson, python-pyasn1, python-pydicom, python-PyJWT, python-pyopenssl, python-tornado6, python311, python311-cbor2, python311-deepdiff, python311-intake, python311-jsonpath-ng, python311-lmdb, python311-oci-sdk, python312, rclone, redis, salt, tomcat11, v2ray-core, and vim), and Ubuntu (linux-ibm-5.4).
- Kernel prepatch 7.0-rc6
The 7.0-rc6 kernel prepatch is out fortesting.
Anyway, exactly because it's just "more than usual" rather than feeling *worse* than usual, I don't currently feel this merits extending the release, and I still hope that next weekend will be the last rc. But it's just a bit unnerving how this release doesn't want to calm down, so no promises.
- [$] The many failures leading to the LiteLLM compromise
LiteLLMis a gateway library providing access to a number of large language models(LLMs); it is popular and widely used. On March 24, the word went outthat the version of LiteLLM found in the PythonPackage Index (PyPI) repository had beencompromised with information-stealing malware and downloaded thousands oftimes, sparking concern across the net. This may look like just anothersupply-chain attack — and it is — but the way it came about reveals justhow many weak links there are in the software supply chains that we alldepend on.
- MidnightBSD 4.0.4 Released With Aged & Agectl For Age Verification/Attestation
MidnightBSD 4.0.4 is out today as the newest update to this desktop-minded BSD operating system. Notable with this update is introducing the Aged daemon and Agectl program for handling age verification and age attestation given the increasing number of US states pursuing laws around age verification at the OS user level...
- Apertis v2026: A modern foundation for industrial embedded development
Apertis v2026 is here, bringing a significantly modernized foundation for industrial embedded development. Based on Debian 13 (Trixie), this release delivers updated system libraries, development tools, compilers, and core services, alongside a new default Wayland compositor, a reworked SDK, and smarter packaging pipelines. The result is a more capable, maintainable platform designed to meet the long-term stability and security requirements of industrial products.
- Seeed Studio reTerminal D1001 Targets HMI Systems with ESP32-P4 and Integrated Display
Seeed Studio has launched an 8-inch HMI device combining a touch display, wireless connectivity, and multimedia hardware in a single platform. The reTerminal D1001 pairs an ESP32-P4 with an ESP32-C6 for networking, along with a 6-axis IMU for motion sensing. The system is powered by the ESP32-P4NRW32, a dual-core RISC-V processor operating at up to […]
- Servo 0.0.6 Released With Many Great Improvements
Servo 0.0.6 is out today to round out the month with many great improvements made in recent weeks to this Rust-based browser engine advancing with its servoshell implementation and many prospects around using it for embedded browser use cases...
- Anthropic goes nude, exposes Claude Code source by accident
Oopsy-doodle: Did someone forget to check their build pipeline?Would you like a closer look at Claude? Someone at Anthropic has some explaining to do, as the official npm package for Claude Code shipped with a map file exposing what appears to be the popular AI coding tool's entire source code.…
- Startup Pitches 'Brainless Clones' To Serve the Role of Backup Human Bodies
MIT Technology Review discovered that startup R3 Bio has pitched an ethically and scientifically explosive long-term vision beyond its public work on non-sentient monkey "organ sacks": creating human "brainless clones" or replacement bodies for organs as part of an extreme life-extension agenda. From the report: Imagine it like this: a baby version of yourself with only enough of a brain structure to be alive in case you ever need a new kidney or liver. Or, alternatively, he has speculated, you might one day get your brain placed into a younger clone. That could be a way to gain a second lifespan through a still hypothetical procedure known as a body transplant. The fuller context of R3's proposals, as well as activities of another stealth startup with related goals, have not previously been reported. They've been kept secret by a circle of extreme life-extension proponents who fear that their plans for immortality could be derailed by clickbait headlines and public backlash. And that's because the idea can sound like something straight from a creepy science fiction film. One person who heard R3's clone presentation, and spoke on the condition of anonymity, was left reeling by its implications and shaken by [R3 founder John Schloendorn's] enthusiastic delivery. The briefing, this person said, was like a "close encounter of the third kind" with "Dr. Strangelove." [...] MIT Technology Review found no evidence that R3 has cloned anyone, or even any animal bigger than a rodent. What we did find were documents, additional meeting agendas, and other sources outlining a technical road map for what R3 called "body replacement cloning" in a 2023 letter to supporters. That road map involved improvements to the cloning process and genetic wiring diagrams for how to create animals without complete brains. A main purpose of the fundraising, investors say, was to support efforts to try these techniques in monkeys from a base in the Caribbean. That offered a path to a nearer-term business plan for more ethical medical experiments and toxicology testing -- if the company could develop what it now calls monkey "organ sacks." However, this work would clearly inform any possible human version.
Read more of this story at Slashdot.
- SpaceX Starlink Satellite Suffers Mysterious 'Anomaly' In Orbit
A Starlink satellite broke apart in orbit after suffering an unexplained "anomaly," apparently due to an "internal energetic source" rather than a collision. "The incident appears to have created some debris, with fragments likely to fall to Earth over the next few weeks," reports Scientific American. From the report: The satellite lost communication at about 560 kilometers above Earth, Starlink said. While the statement from Starlink, which is a subsidiary of Musk's rocket company SpaceX, merely noted that investigations are ongoing, LeoLabs said its radar observations of the event indicated an "internal energetic source" as the likely cause rather than a collision. The incident underscores the potential hazards of the increasingly large numbers of satellites and other spacecraft in low-Earth orbit -- some 10,000 Starlinks are currently in orbit and counting. Starlink's statement said that "the event poses no new risk" to the International Space Station or to the upcoming launch of NASA's Artemis II mission, targeted for April 1.
Read more of this story at Slashdot.
- Russia Goes After VPNs As 'Great Crackdown' Gathers Pace
An anonymous reader quotes a report from Reuters: Russia is going to further clamp down Virtual Private Networks (VPNs), which are used by millions of Russians to get around internet controls and censorship, Russia's digital minister said. In what has been cast by diplomats as Russia's "great crackdown," the authorities have repeatedly blocked mobile internet and jammed major messenger services while giving sweeping powers to cut off mass communications. "The task is reduce VPN usage," Digital Minister Maksut Shadayev said on state-backed messenger MAX late on Monday, adding that his ministry was trying to impose the limits with minimal impact on users. He said decisions had been taken to restrict access to a number of unidentified foreign platforms without giving details.
Read more of this story at Slashdot.
- Volvo Shifts Polestar 3 Production Entirely To the US
Polestar and Volvo are ending Polestar 3 production in Chengdu, China, and consolidating all output of the electric SUV at Volvo's plant in South Carolina. "The move to consolidate global Polestar 3 production in Charleston help[s] generate efficiencies for both companies, whilst also underscoring our confidence in the plant and the role it plays in our manufacturing footprint," said Hakan Samuelsson, chief executive of Volvo Cars. "The U.S. is a very important market for Volvo Cars, both to support our growth ambitions as well as a strategic production site to meet regional and export demands." Ars Technica reports: Volvo had a challenging 2025, with sales falling by 7 percent. Meanwhile, Polestar, which was spun out from the Swedish OEM's performance arm into a standalone startup in 2017, had a rather good 2025, seeing a 34 percent increase in sales. So increasing the proportion of Polestar 3s to come out of South Carolina seems sensible. And as we learned last September, the midsize electric Volvo EX60 will also go into production at the South Carolina site later this year, and then we'll see a still-unnamed hybrid Volvo in 2030. The two companies also announced today that Volvo agreed to extend part of a shareholder loan it made to Polestar and will convert the rest into Polestar shares. Polestar will still owe Volvo $661 million, due at the end of 2031, and another $274 million will become Polestar stock now, with a further $65 million in the second quarter of the year. Since December, Polestar has also raised $1 billion through three equity financing investments.
Read more of this story at Slashdot.
- Oracle Cuts Thousands of Jobs Across Sales, Engineering, Security
bobthesungeek76036 shares a report from the Register: Oracle laid off thousands of employees on Tuesday as it ramps spending on AI infrastructure projects internally and with major technology partners. The layoffs were carried out via email, according to copies of the message viewed by Business Insider. The email told affected workers they would be terminated immediately and to provide a personal email for follow-up. The cuts echo a TD Cowen forecast earlier this year, when the investment bank questioned how Oracle would finance its expanding AI datacenter buildout and suggested headcount reductions could reach 20,000 to 30,000. It is not clear how many employees were notified on Tuesday, but one screenshot that purports to show the number of internal Slack users showed a drop of 10,000 overnight. [...] Oracle employs about 162,000 people, with 58,000 of those in the US and approximately 104,000 internationally. If the rumored cuts of 30,000 are correct, it would amount to 18 percent of the company's workforce. According to posts from Oracle workers on LinkedIn, the cuts were spread through multiple departments around the country, with employees in Kansas, Tennessee, and Texas taking to social media to say they were among those chopped. "This news didn't seem to affect stock price," adds bobthesungeek76036. "ORCL is up 6% for the day."
Read more of this story at Slashdot.
- Top Brussels Official Urges Europeans To Work From Home, Drive Less As Energy Crisis Deepens
A top EU official is urging Europeans to work from home, drive less, and cut air travel as the bloc braces for a prolonged energy crisis triggered by the Gulf conflict. The European Commission is also pushing member states to accelerate renewables and other energy-security measures as oil and gas disruptions continue. Politico reports: In a speech with echoes of the early days of the coronavirus pandemic, EU energy chief Dan Jorgensen said Europe was facing a "very serious situation" with no clear end in sight. "Even if ... peace is here tomorrow, still we will not go back to normal in the foreseeable future," he said, following an extraordinary meeting of the EU's 27 energy ministers on Tuesday to discuss the crisis. "The more you can do to save oil, especially diesel, especially jet fuel, the better we are off," Jorgensen said, confirming an earlier report by POLITICO that Brussels wanted Europeans to travel less. He urged member countries to follow the advice of the International Energy Agency, which he said included "work from home where possible, reduce highway speed limits by ten kilometers [an hour], encourage public transport, alternate private car access ... increase car sharing and adopt efficient driving practices." Longer term, he urged EU countries to double down on building more renewables, saying "this must be the time we finally turn the tide and truly become energy independent."
Read more of this story at Slashdot.
- Google Now Lets You Change Your Gmail Address
Google is rolling out a feature in the U.S. that lets some users change their Gmail address without creating a new account or losing their data. TechCrunch reports: Users who have access to this feature can go to their Google Account settings, navigate to Personal info > Email > Google Account email option. Tap on the "Change Google Account email" button to start the process of changing your username. Users will be able to change their username only once every 12 months. Plus, they won't be able to delete their new email address for that period of time. The company said users' old emails will be preserved, and the old email address will serve as an alternate address for the account. Users will be able to sign in to Google services using both the old and the new addresses. You can learn more via Google's support page.
Read more of this story at Slashdot.
- Global Ban On Digital Duties Expires After Stalled Talks At WTO Meeting
An anonymous reader quotes a report from the New York Times: A global ban on taxing digital streaming and downloads across national borders expired on Monday, after members of the World Trade Organization concluded an annual meeting without agreeing to extend it. U.S. representatives had pushed to extend the ban, which prevents the more than 160 members of the W.T.O. from issuing duties related to e-commerce. But Brazil and Turkey blocked a motion for a longer extension. U.S. representatives excoriated the outcome as further proof of the organization's irrelevance. The W.T.O. provides a forum for trade negotiations and setting rules for global trade. But U.S. officials have long criticized the group for its failure to police unfair trade practices by countries like China. Over the past year, the Trump administration has further abandoned W.T.O. by issuing its own global framework of tariffs instead. [...] Brazil had pushed for a two-year extension of the moratorium on e-commerce duties, while the United States wanted a permanent one. The countries couldn't come to a compromise, but negotiations are set to continue in Geneva this spring. W.T.O. members also failed to reach an agreement on future reforms for the organization. Bernd Lange, the chair of the international trade committee for the European Parliament, wrote in a post on X that "supporters of the multilateral trading system are waking up with a hangover." "We knew that a breakthrough might not materialize, but that doesn't make it any less painful," he wrote, adding that "without an agreement to extend moratorium on digital tariffs, a period of great uncertainty could soon begin for businesses and consumers." Jonathan McHale, the vice president of digital trade at the Computer & Communications Industry Association, called the outcome "deeply disappointing." He said: "For more than two decades, W.T.O. members have recognized that imposing tariffs on electronic transmissions would be counterproductive, but allowed the issue to become a negotiating football."
Read more of this story at Slashdot.
- Australia Readies Social Media Court Action Citing Teen Ban Breaches
Australia is preparing possible court action against major social media platforms that are failing to enforce the country's social media ban on under-16s. "Three months after the ban came into effect, the eSafety Commissioner said it was probing Meta's Instagram and Facebook, Google's YouTube, Snapchat and TikTok for possible breaches of the law," reports Reuters. From the report: Communications Minister Anika Wells said the government was gathering evidence "so that the eSafety Commissioner can go to the Federal Court and win." "We have spent the summer building that evidence base of all the stories that no doubt you have all heard ... about how kids are getting around that," Wells told reporters in Canberra. The legal threat is a striking change of tone from a government which had hailed tech giants' shows of cooperation when the ban went live in December. Under the Australian law, platforms must show they are taking reasonable steps to keep out underage users or face fines of up to $34 million per breach, something eSafety would need to pursue in a civil court. The regulator previously said it would only take enforcement action in cases of systemic noncompliance. But in its first comprehensive compliance report since the ban took effect, eSafety said measures taken by the platforms were substandard and it would make a decision about next steps by mid-year. "We are now moving âinto an enforcement stance," said commissioner Julie Inman Grant in a statement. The regulator reported major compliance gaps, including platforms prompting children who had previously declared ages under 16 to do fresh age checks, allowing repeated attempts at age-assurance tests until a child got a result over 16 and poor pathways for people to report underage accounts. Some platforms did not use age-inference, which estimates age based on someone's online activity, and some only used age-assurance measures like photo-based checks after a user tried to change their age, rather than at sign-up. That made it "likely many Australian children aged under 16 have been able to create accounts on age-restricted social media platforms by simply declaring they are 16 or older", the regulator said. Nearly one-third of parents reported their under-16 child had at least one social media account after the ban took effect, of which two-thirds said the platform had not asked the child's age, it added.
Read more of this story at Slashdot.
- Claude Code's Source Code Leaks Via npm Source Maps
Grady Martin writes: A security researcher has leaked a complete repository of source code for Anthropic's flagship command-line tool. The file listing was exposed via a Node Package Manager (npm) mapping, with every target publicly accessible on a Cloudflare R2 storage bucket. There's been a number of discoveries as people continue to pore over the code. The DEV Community outlines some of the leak's most notable architectural elements and the key technical choices: Architecture Highlights The Tool System (~40 tools): Claude Code uses a plugin-like tool architecture. Each capability (file read, bash execution, web fetch, LSP integration) is a discrete, permission-gated tool. The base tool definition alone is 29,000 lines of TypeScript.The Query Engine (46K lines): This is the brain of the operation. It handles all LLM API calls, streaming, caching, and orchestration. It's by far the largest single module in the codebase.Multi-Agent Orchestration: Claude Code can spawn sub-agents (they call them "swarms") to handle complex, parallelizable tasks. Each agent runs in its own context with specific tool permissions.IDE Bridge System: A bidirectional communication layer connects IDE extensions (VS Code, JetBrains) to the CLI via JWT-authenticated channels. This is how the "Claude in your editor" experience works.Persistent Memory System: A file-based memory directory where Claude stores context about you, your project, and your preferences across sessions. Key Technical Decisions Worth Noting Bun over Node: They chose Bun as the JavaScript runtime, leveraging its dead code elimination for feature flags and its faster startup times.React for CLI: Using Ink (React for terminals) is bold. It means their terminal UI is component-based with state management, just like a web app.Zod v4 for validation: Schema validation is everywhere. Every tool input, every API response, every config file.~50 slash commands: From /commit to /review-pr to memory management -- there's a command system as rich as any IDE.Lazy-loaded modules: Heavy dependencies like OpenTelemetry and gRPC are lazy-loaded to keep startup fast.
Read more of this story at Slashdot.
- One in seven Americans are ready for an AI boss, but they might not trust it
Poll finds 15% happy to take orders from a bot even as most question its output and fear job losses
Around 15 percent of Americans would be willing to work for an AI boss, according to a new poll that suggests while robots are not exactly welcome in the corner office, the idea no longer seems quite so far-fetched.…
- AI server farms heat up the neighborhood for miles around, paper finds
Researchers say localized warming can extend well past site edges, raising concerns about community impact
Datacenters create heat islands that raise surrounding temperatures by several degrees at distances up to 10 km (over 6 miles), which could have an impact on surrounding communities.…
- UK manufacturers under cyber fire with 80% reporting attacks
ESET says factory outages, lost revenue, and supply chain disruption are becoming routine
Nearly 80 percent of British manufacturers say they've been hit by a cyber incident in the past year, as new research suggests disruption on the factory floor is no longer an exception but business as usual.…
- Claude Code source leak reveals how much info Anthropic can hoover up about you and your system
If you loved the data retention of Microsoft Recall, you'll be thrilled with Claude Code
Anthropic's Claude Code lacks the persistent kernel access of a rootkit. But an analysis of its code shows that the agent can exercise far more control over people's computers than even the most clear-eyed reader of contractual terms might suspect. It retains lots of your data and is even willing to hide its authorship from open-source projects that reject AI.…
- Don't open that WhatsApp message, Microsoft warns
How to avoid social engineering attacks? Employee training tops the list
Be careful what you click on. Miscreants are abusing WhatsApp messages in a multi-stage attack that delivers malicious Microsoft Installer (MSI) packages, allowing criminals to control victims' machines and access all of their data.…
- Gmail celebrates 22 years by finally letting users change their addresses
Congratulations, XxXh4xx0r420xXx, you can now use that account in your professional life, too
If you're embarrassed by your Gmail address but haven't wanted to start a new account for fear of losing messages, we have good news. Ahead of Gmail's 22nd anniversary on Wednesday, Google says it is now letting US users change their account username.…
- Iran targets M365 accounts with password-spraying attacks
Researchers say some targets correlate with cities hit by Iranian missile strikes
Suspected Iran-linked threat actors are conducting password-spraying attacks against hundreds of organizations, primarily Middle Eastern municipalities, in campaigns that security researchers believe may have been aimed at supporting bomb-damage assessment following missile strikes.…
- Oracle cuts jobs across sales, engineering, security
Big Red declines comment as reports point to layoffs in the thousands
Oracle laid off thousands of employees on Tuesday as it ramps spending on AI infrastructure projects internally and with major technology partners.…
- Anthropic goes nude, exposes Claude Code source by accident
Oopsy-doodle: Did someone forget to check their build pipeline?
Would you like a closer look at Claude? Someone at Anthropic has some explaining to do, as the official npm package for Claude Code shipped with a map file exposing what appears to be the popular AI coding tool's entire source code.…
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]
- Things Linux OS Can Do That Other OS Can�t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter [0]
- Microsoft Copilot is now injecting ads into pull requests on GitHub
Why do so many people keep falling for the same trick over and over again? With an over $400 billion gap between the money invested in AI data centers and the actual revenue these products generate, Silicon Valley slowly returned to the tested and trusted playbook: advertising. Now, ads are starting to appear in pull requests generated by Copilot. According to Melbourne-based software developer Zach Manson, a team member used the AI to fix a simple typo in a pull request. Copilot did the job, but it also took the liberty of editing the PR�s description to include this message: Quickly spin up Copilot coding agent tasks from anywhere on your macOS or Windows machine with Raycast.! ↫ David Uzondu at Neowin It turns out that Microsoft has added ads to over 1.5 million Copilot pull requests on GitHub, and they�re even appearing on GitLab, one of the GitHub alternatives. The reasoning is clear, too, of course: AI! companies and investors have poured ungodly amounts of money in AI! that is impossible to recover, even with paying customers. As such, the logical next step is ads, and many AI! companies are already starting to add advertising to their pachinko machines. It was only a matter of time before Copilot would start inserting ads into the pull requests it ejaculates over all kinds of projects. This isn�t the first time a once-free service turns on its users, but it�s definitely one of the quickest turnarounds I�ve ever seen. Usually it takes much longer before companies reach the stage of putting ads in their products to plug any financial bleeding, but with the amount of money poured into this useless black hole, it really shouldn�t be surprising we�re already there. I�m sure Copilot�s competitors, like Claude, will soon follow suit. They�re enshittifying Git, and developers are just letting it happen. No wonder worker exploitation is so rampant in Silicon Valley.
- Capability-based security for Redox: namespace and CWD as capabilities
By reimplementing these features using capabilities, we made the kernel simpler by moving complex scheme and namespace management out of it which improved security and stability by reducing the attack surface and possible bugs. At the same time, we gained a means to support more sandboxing features using the CWD file descriptor. This project leads the way for future sandboxing support in Redox OS. As the OS continues to move toward capability-based security, it will be able to provide more modern security features. ↫ Ibuki Omatsu Redox seems to be making the right decisions at, crucially, the right time.
- The curious case of retro demo scene graphics
Of course, it was only a matter of time before the time-honoured tradition of the demoscene also got infected by AI!. For me personally, generative AI ruins much of the fun. I still enjoy creating pixel art and making little animations and demos. My own creative process remains satisfying as an isolated activity. Alas, obvious AI generated imagery � as well as middle-aged men plagiarizing other, sometimes much younger, hobbyist artists � makes me feel disappointed and empty. It�s not as much about effort as it is about the loss of style and personality; soul, if you will. The result is defacement, to echo T. S. Eliot, rather than inspired improvement. Even in more elaborate AI-based works, it�s hard to tell where the prompt ends and the pixelling begins. ↫ Carl Svensson A wonderful explanation of the rather unique views on originality, stealing, plagiarism, and related topics within the demoscene, which certainly diverge from many other places.
- Running a Plan 9 network on OpenBSD
This guide describes how you can install a Plan 9 network on an OpenBSD machine (it will probably work on any unix machine though). The authentication service (called authsrv! on Plan 9) is provided by a unix version: authsrv9. The file service is provided by a program called u9fs!. It comes with Plan 9. Both run from inetd. The (diskless) cpu server is provided by running qemu, booted from only a floppy (so without local storage). Finally, the terminal is provided by the program drawterm. The nice thing about this approach is that you can use all your familiar unix tools to get started with Plan 9 (e.g. you can edit the Plan 9 files with your favorite unix editor). I�m assuming you have read at least something about Plan 9, for example the introduction paper Plan 9 from Bell Labs. ↫ Mechiel Lukkien If you�re running OpenBSD, you�re already doing something better than everyone else, and if you want to ascend to the next level, this is a great place to start. Of course, the final level, where you leave your earthly roots behind and become a being of pure enlightened energy, is running Plan 9 on real hardware as the universe intended, but let�s not put the cart before the horse. One day, all of humanity will just be an endless collection of interconnected cosmic Plan 9 servers, more plentiful than the stars in the known universe.
- Will AI! chatbots be the tobacco of the future?
Towards the end of 2024, Dennis Biesma decided to check out ChatGPT. The Amsterdam-based IT consultant had just ended a contract early. “I had some time, so I thought: let’s have a look at this new technology everyone is talking about,” he says. “Very quickly, I became fascinated.” Biesma has asked himself why he was vulnerable to what came next. He was nearing 50. His adult daughter had left home, his wife went out to work and, in his field, the shift since Covid to working from home had left him feeling “a`little isolated”. He smoked a bit of cannabis some evenings to “chill”, but had done so for years with no ill effects. He had never experienced a mental illness. Yet within months of downloading ChatGPT, Biesma had sunk €100,000 (about £83,000) into a business startup based on a delusion, been hospitalised three times and tried to kill himself. ↫ Anna Moore at The Guardian These stories are absolutely heart-wrenching, and it doesn�t just happen to people who have had a history of mental illness or other things you might associate with priming someone for falling for! an AI! chatbot. Just a few years in, and it�s already clear that these tools pose a real danger to a group of people of indeterminate size, and proper research into the causes is absolutely warranted and needed. On top of that, if there�s any evidence of wrongdoing from the companies behind these chatbots � intentionally making them more addictive, luring people in, ignoring established dangers, covering up addiction cases, etc. � lawsuits and regulation are definitely in order. Only yesterday, Facebook and Google lost a landmark trial in the US, ruling the companies intentionally made social media as addictive as possible, thereby destroying a person�s life in the process. Countless similar lawsuits are underway all over the world, and I have a feeling that in a few years to decades, we�ll look at unregulated, rampant social media the same way we look at tobacco now. Perhaps AI! chatbots will join their ranks, too.
- Microsoft removes trust for drivers signed with the cross-signed driver program
Today, we’re excited to announce a significant step forward in our ongoing commitment to Windows security and system reliability: the removal of trust for all kernel drivers signed by the deprecated cross-signed root program. This update will help protect our customers by ensuring that only kernel drivers that the Windows Hardware Compatibility Program (WHCP) have passed and been signed can be loaded by default. To raise the bar for platform security, Microsoft will maintain an explicit allow list of reputable drivers signed by the cross-signed program. The allow list ensures a secure and compatible experience for a limited number of widely used, and reputable cross-signed drivers. This new kernel trust policy applies to systems running Windows 11 24H2, Windows 11 25H2, Windows 11 26H1, and Windows Server 2025 in the April 2026 Windows update. All future versions of Windows 11 and Windows Server will enforce the new kernel trust policy. ↫ Peter Waxman at the Windows IT Pro Blog The cross-signed root program was discontinued in 2021, and ran since the early 2000s, so I think it�s fair to no longer automatically assume such possibly old and outdated drivers are still to be trusted.
- Windows 95 defenses against installers that overwrite a file with an older version
I�ll never grow tired of reading about the crazy tricks the Windows 95 development team employed to make the user experience as seamless as they could given the constraints they were dealing with. During the 16bit Windows days, application installers could replace system components with newer versions if such was necessary. Installers were supposed to do a version check, but many of them didn�t follow this guidance. When moving to Windows 95, this meant installers ended up replacing Windows 95 system components with Windows 3.x versions, which wasn�t exactly a goods thing. So, they came up with a solution. Windows 95 worked around this by keeping a backup copy of commonly-overwritten files in a hidden C:\Windows\SYSBCKUP directory. Whenever an installer finished, Windows went and checked whether any of these commonly-overwritten files had indeed been overwritten. If so, and the replacement has a higher version number than the one in the SYSBCKUP directory, then the replacement was copied into the SYSBCKUP directory for safekeeping. Conversely, if the replacement has a lower version number than the one in the SYSBCKUP directory, then the copy from SYSBCKUP was copied on top of the rogue replacement. ↫ Raymond Chen All of this happened entirely silently, and neither the installers nor the user had any idea this was happening. The Windows 95 team tried other solutions, like just making it impossible to replace system components with older versions entirely, but that caused many installers to break. Some installers apparently even went rogue and would create a batch file that would replace the system components upon a reboot, before Windows 95 could perform its silent fixes. Wild. I used Windows 95 extensively, and had no idea this was a thing.
- US regulator bans imports of new foreign-made routers, citing security concerns
The U.S. Federal Communications Commission said on Monday it was banning the import of all new foreign-made consumer routers, the latest crackdown on Chinese-made electronic gear over security concerns. China is estimated to control at least 60% of the U.S. market for home routers, boxes that connect computers, phones, and smart devices to the internet. ↫ David Shepardson at Reuters I�m sure the American public will be thrilled to find out yet another necessity has drastically increased in price.
- Apple discontinues the Mac Pro with no plans for future hardware
It’s the end of an era: Apple has confirmed to 9to5Mac that the Mac Pro is being discontinued. It has been removed from Apple’s website as of Thursday afternoon. The “buy” page on Apple’s website for the Mac Pro now redirects to the Mac’s homepage, where all references have been removed. Apple has also confirmed to 9to5Mac that it has no plans to offer future Mac Pro hardware. ↫ Chance Miller at 9To5Mac If a Mac Pro falls in the back of the Apple Store and there�s no one around to hear it, does it make a sound?
- The reports of age verification in Linux are greatly exaggerated, for now
Several US states, the country of Brazil, and I�m sure other places in the world have enacted or are planning to enact laws that would place the burden of age verification of users on the shoulders of operating system makers. The legal landscape is quite fragmented at this point, and there�s no way to tell which way these laws will go, with tons of uncertainties around to whom these laws would apply, if it targets accounts for application store access or the operating system as a whole, what constitutes an operating system in the first place, and many more. Still, these laws are already forcing major players like Apple to implement sharing self-reported age brackets with application developers (at least in iOS), so there�s definitely something happening here. In recent weeks, the open source world has also been confronted with the first consequences of these laws, as both systemd and xdg-desktop-portal have responded to operating system-level age verification laws in, among other places, California and Colorado, by adding birthDate to userdb (on systemd�s side) and developing an age verification portal (on xdg-desktop-portal�s side) for use by Flatpaks. The age verification portal would then use the value set in usrdb�s birthDate as its data source. The value in birthDate would only be modifiable by an administrator, but can be read by users, applications, and so on. Crucially, this field is entirely optional, and distributions, desktop environments, and users are under zero obligation to use it or to enter a truthful value. In fact, contrary to countless news items and comments about these additions, nothing about this even remotely constitutes as age verification!, as nothing � not the government, not the distribution or desktop environments, not the user � has to or even can verify anything. If these changes make it to your distribution, you don�t have to suddenly show your government ID, scan your face, or link your computer to some government-run verification service, or even enter anything anywhere in the first place. Furthermore, while the xdg-desktop-portal�s proposals are still fluid and subject to change, consensus seems to be to only share age brackets with applications, instead of full birth dates or specific ages � assuming anything has even been entered in the birthDate field in the first place. Even if your Linux distribution and/or desktop environment implements everything needed to support these changes and expose them to you in a nice user interface, everything about it is optional and under your full control. The field is of the same type as the existing fields emailAddress, realName, and location, which are similarly entirely optional and can be left empty if desired. Taken in isolation, then, as it currently stands, there�s really not much meat to these changes at all. The primary reason to implement these changes is to minimally comply with the new laws in California, Colorado, Brazil, and other places, and it�s understandable why the people involved would want to do so. If they do not, they could face lawsuits, fines, or worse, and I don�t know about you, but I wouldn�t want to be on the receiving end of the western world�s most incompetent justice system. Aside from that, these changes make it possible to build robust parental controls, which isn�t mentioned in the original commits to systemd, but is clearly the main focal point of xdg-desktop-portal�s proposal. This all seems well and good, but given today�s political climate in the United States, as well as the course of history, that as it currently stands! is doing a lot of heavy lifting. Rightfully so, a lot of people are worried about where this could lead. Sure, today these are just inconsequential, optional changes in response to what seems to be misguided legislation, but what happens once these laws are tightened, become more demanding, and start requiring a lot more than just a self-reported age bracket? In Texas, for instance, H.B. 1131 requires any commercial entity, including websites, that contains more than one-third sexual material harmful to minors! to implement age verification tools using things like government-issued IDs or bank transaction data to verify visitors� ages before allowing them in. The UK has a similar law on the books, too. It�s not difficult to imagine how some other law will eventually shift this much stricter, actual age verification from websites and applications into operating systems instead. What will systemd�s and xdg-desktop-portal�s developers do, then? Will they comply as readily then as they do now? This is a genuine worry, especially if you already belong to a group targeted by the current US administration, or were face-scanned by ICE at a protest. Large groups of especially religious extremists consider anything that�s LGBTQ+ to be sexual material harmful to minors!, even if it�s just something normal like a gay character in a TV show. It�s not hard to imagine how age verification laws, especially if they force age verification at the operating system level, can become weaponised to target the LGBTQ+ community, other minorities, and people protesting the Trump regime. You may think this won�t affect you, since you�re using an open source operating system like desktop Linux or one of the BSDs, and surely they are principled enough to ignore such dangerous laws and simply not comply at all, right? Sadly, here�s where the idealism and principles of the open source world are going to meet the harsh boot of reality; while open source software has a picturesque image of talented youngsters hacking away in their bedrooms, the reality is that most of the popular open source operating systems are actually hugely complex operations that require a ton of funding, and that funding is often managed by foundations. And guess where most popular Linux distributions� and BSD variants� foundations are located? Developers from all over the world may contribute to Debian, but all of its financials and trademarks are managed by Software in the Public Interest, domiciled in New York State. Fedora is part of Red Hat, owned by IBM, and
- From Linux to Blockchain: The Infrastructure Behind Modern Financial Systems
by George Whittaker
The modern internet is built on open systems. From the Linux kernel powering servers worldwide to the protocols that govern data exchange, much of today’s digital infrastructure is rooted in transparency, collaboration, and decentralization. These same principles are now influencing a new frontier: financial systems built on blockchain technology.
For developers and system architects familiar with Linux and open-source ecosystems, the rise of cryptocurrency is not just a financial trend, it is an extension of ideas that have been evolving for decades.
Open-Source Foundations and Financial Innovation
Linux has long demonstrated the power of decentralized development. Instead of relying on a single authority, it thrives through distributed contributions, peer review, and community-driven improvement.
Blockchain technology follows a similar model. Networks like Bitcoin operate on open protocols, where consensus is achieved through distributed nodes rather than centralized control. Every transaction is verified, recorded, and made transparent through cryptographic mechanisms.
For those who have spent years working within Linux environments, this architecture feels familiar. It reflects a shift away from trust-based systems toward verification-based systems.
Understanding the Stack: Nodes, Protocols, and Interfaces
At a technical level, cryptocurrency systems are composed of multiple layers. Full nodes maintain the blockchain, validating transactions and ensuring network integrity. Lightweight clients provide access to users without requiring full data replication. On top of this, exchanges and platforms act as interfaces that connect users to the underlying network.
For developers, interacting with these systems often involves APIs, command-line tools, and automation scripts, tools that are already integral to Linux workflows. Managing wallets, verifying transactions, and monitoring network activity can all be integrated into existing development environments.
Go to Full Article
- Firefox 149 Arrives with Built-In VPN, Split View, and Smarter Browsing Tools
by George Whittaker
Mozilla has officially released Firefox 149.0, bringing a mix of new productivity features, privacy enhancements, and interface improvements. Released on March 24, 2026, this update continues Firefox’s steady push toward a more modern and user-focused browsing experience.
Rather than focusing on a single headline feature, Firefox 149 introduces several practical tools designed to improve how users multitask, stay secure, and interact with the web.
Built-In VPN Comes to Firefox
One of the most notable additions in Firefox 149 is the introduction of a built-in VPN feature. This optional tool provides users with an added layer of privacy while browsing, helping mask IP addresses and secure connections on public networks.
In some configurations, Mozilla is offering a free usage tier with limited monthly data, giving users a simple way to enhance privacy without installing separate software.
This move aligns with Mozilla’s long-standing emphasis on user privacy and security.
Split View for Better Multitasking
Firefox 149 introduces a Split View mode, allowing users to display two web pages side by side within a single browser window. This feature is especially useful for:
Comparing documents or products Copying information between pages Research and multitasking workflows
Instead of juggling multiple tabs and windows, users can now work more efficiently in a single, organized view.
Tab Notes: A New Productivity Tool
Another standout feature is Tab Notes, available through Firefox Labs. This tool allows users to attach notes directly to individual tabs, making it easier to:
Keep track of research Save reminders tied to specific pages Organize ongoing tasks
This feature reflects a growing trend toward integrating lightweight productivity tools directly into the browser experience.
Smarter Browsing with Optional AI Features
Firefox 149 also expands its experimental AI-powered features, including tools that can assist with summarizing content, providing quick explanations, or helping users interact with web pages more efficiently.
Importantly, Mozilla is keeping these features optional and user-controlled, maintaining its focus on transparency and privacy.
Developer and Platform Updates
For developers, Firefox 149 includes updates to web standards and APIs. One example is improved support for HTML features like enhanced popover behavior, which helps developers build more interactive web interfaces.
As always, these under-the-hood changes help ensure Firefox remains competitive and standards-compliant.
Go to Full Article
- Blender 5.1 Released: Faster Workflows, Smarter Tools, and Major Performance Gains
by german.suarez
The Blender Foundation has officially released Blender 5.1, the latest update to its powerful open-source 3D creation suite. This version focuses heavily on performance improvements, workflow refinements, and stability, while also introducing a handful of new features that expand what artists and developers can achieve.
Rather than reinventing the platform, Blender 5.1 is all about making existing tools faster, smoother, and more reliable — a release that benefits both professionals and hobbyists alike.
A Release Focused on Refinement
Blender 5.1 emphasizes polish over disruption, with developers addressing hundreds of issues and improving the overall production pipeline. The update includes widespread optimizations across rendering, animation, modeling, and the viewport, resulting in a more responsive and efficient experience.
Many of Blender’s internal libraries have also been updated to align with modern standards like VFX Platform 2026, ensuring better long-term compatibility and performance.
Performance Gains Across the Board
One of the standout aspects of Blender 5.1 is its performance boost:
Faster animation playback and shape key evaluation Improved rendering speeds for both GPU and CPU Reduced memory overhead and smoother viewport interaction Optimized internal systems for better responsiveness
In some scenarios, animation and editing performance improvements can be dramatic, especially with complex scenes.
New Raycast Node for Advanced Shading
A major feature addition in Blender 5.1 is the Raycast shader node, which opens the door to advanced rendering techniques.
This node allows artists to trace rays within a scene and extract data from surfaces, enabling:
Non-photorealistic rendering (NPR) effects Custom shading techniques Decal projection and X-ray-style visuals
It’s a flexible tool that expands Blender’s shading capabilities, especially for stylized workflows.
Grease Pencil Gets a Big Upgrade
Blender’s 2D animation tool, Grease Pencil, sees meaningful improvements:
New fill workflow with support for holes in shapes Better handling of imported SVG and PDF files More intuitive drawing and editing behavior
These updates make Grease Pencil far more practical for hybrid 2D/3D workflows and animation pipelines.
Geometry Nodes and Modeling Improvements
Geometry Nodes continue to evolve with expanded functionality:
Go to Full Article
- The Need for Cloud Security in a Modern Business Environment
by George Whittaker
Cloud systems are an emergent standard in business, but migration efforts and other directional shifts have introduced vulnerabilities. Where some attack patterns are mitigated, cloud platforms leave businesses open to new threats and vectors. The dynamic nature of these environments cannot be addressed by traditional security systems, necessitating robust cloud security for contemporary organizations.
Just as businesses have come to acknowledge the value of cloud operations, so too have cyber attackers. Protecting sensitive assets and maintaining regulatory compliance, while simultaneously ensuring business continuity against cloud attacks, requires a modern strategy. When any window could be an opportunity for infiltration, a comprehensive approach serves to limit exploitation.
Unlike traditional on-premise infrastructure, cloud environments dramatically expand an organization’s threat surface. Resources are distributed across regions, heavily dependent on APIs, and frequently created or decommissioned in minutes. This constant change makes it difficult to maintain a fixed security perimeter and increases the likelihood that misconfigurations or exposed services go unnoticed, creating opportunities for exploitation.
The Vulnerabilities of Cloud Security Services
Any misconfiguration, insecure application programming interface (API), or identity management solution may become an invitation for cyberattacks. Amid the rise of artificial intelligence (AI) technology, it is possible for even inexperienced individuals to exploit such weaknesses in cloud systems. Cloud environments are designed for accessibility, a benefit that can be taken advantage of.
“Unlike traditional software, AI systems can be manipulated through language and indirect instructions,” Lee Chong Ming wrote for Business Insider. “[AI expert Sander] Schulhoff said people with experience in both AI security and cybersecurity would know what to do if an AI model is tricked into generating malicious code.”
At the same time that many businesses are migrating to cloud platforms and implementing cloud security features, they are adopting AI technology in order to accelerate workflows and other processes. These systems may have their advantages for certain industries, but their presence can create its own vulnerabilities. Addressing the shortcomings of cloud systems and AI at the same time compounds the security challenges of today.
Go to Full Article
- Google Brings Chrome to ARM Linux: A Long-Awaited Step for Modern Linux Devices
by George Whittaker
Google has officially announced that Chrome is coming to ARM64 Linux systems, marking a major milestone for both the Linux and ARM ecosystems. The native browser is expected to launch in Q2 2026, finally closing a long-standing gap for users running Linux on ARM-based hardware.
For years, ARM Linux users have relied on Chromium builds or workarounds to access a Chrome-like experience. That’s about to change.
Why This Announcement Matters
Until now, Google Chrome on Linux was limited to x86_64 systems, leaving ARM-based devices without an official build.
That meant users had to:
Use Chromium instead of Chrome
Run emulated versions of Chrome
Miss out on proprietary features like sync, DRM support, and Google services
With this new release, ARM Linux users will finally get the full Chrome experience, including seamless integration with Google’s ecosystem.
What Users Can Expect
The upcoming ARM64 version of Chrome will bring the same features users expect on other platforms:
Google account sync (bookmarks, history, tabs)
Access to the Chrome Web Store and extensions
Built-in features like translation, autofill, and security protections
Support for DRM services and media playback
This brings ARM Linux closer to feature parity with macOS (ARM support since 2020) and Windows on ARM (since 2024).
The Rise of ARM on Linux
The timing of this move reflects a broader shift in computing. ARM-based hardware is rapidly gaining traction across:
Laptops powered by Snapdragon and future ARM chips
Developer boards like Raspberry Pi
High-performance systems such as NVIDIA’s ARM-based AI desktops
Google itself highlighted growing demand for Chrome on these systems, especially as ARM expands beyond mobile devices into mainstream computing.
Partnerships and Deployment
Google is also working with hardware vendors to streamline adoption. Notably, Chrome will be integrated into NVIDIA’s Linux-on-ARM DGX Spark systems, making installation easier for high-performance AI workstations.
For general users, Chrome will be available for download directly from Google once released.
Why This Took So Long
Interestingly, this move comes years after Chrome was already available on ARM-based platforms like Apple Silicon Macs and Windows devices.
Go to Full Article
- CrackArmor Exposed: Critical Flaws in AppArmor Put Millions of Linux Systems at Risk
by George Whittaker
A newly disclosed set of vulnerabilities has sent shockwaves through the Linux security community. Dubbed “CrackArmor,” these flaws affect AppArmor, one of the most widely used security modules in Linux, potentially exposing millions of systems to serious compromise.
Discovered by the Qualys Threat Research Unit, the vulnerabilities highlight a concerning reality: even core security mechanisms can harbor weaknesses that go unnoticed for years.
What Is CrackArmor?
“CrackArmor” refers to a group of nine critical vulnerabilities found in the Linux kernel’s AppArmor module. AppArmor is a mandatory access control (MAC) system designed to restrict what applications can do, helping contain attacks and enforce system policies.
These flaws stem from a class of issues known as “confused deputy” vulnerabilities, where a lower-privileged user can trick trusted processes into performing actions on their behalf.
Why These Vulnerabilities Are Serious
The impact of CrackArmor is significant because it undermines one of Linux’s core security layers. Researchers found that attackers could:
Escalate privileges to root from an unprivileged account
Bypass AppArmor protections entirely
Break container isolation, affecting Kubernetes and cloud workloads
Execute arbitrary code in the kernel
Trigger denial-of-service (DoS) conditions
In some demonstrations, attackers were able to gain full root access in seconds under controlled conditions.
How Widespread Is the Risk?
The scope of the issue is massive. AppArmor is enabled by default in major distributions such as:
Ubuntu
Debian
SUSE
Because of this, researchers estimate that over 12.6 million Linux systems could be affected.
These systems span:
Enterprise servers
Cloud infrastructure
Containers and Kubernetes clusters
IoT and edge devices
This widespread deployment significantly amplifies the potential impact.
A Long-Standing Problem
One of the most concerning aspects of CrackArmor is how long the vulnerabilities have existed. According to researchers, the flaws date back to around 2017 (Linux kernel 4.11) and remained undiscovered in production environments for years.
This long exposure window increases the risk that similar weaknesses may exist elsewhere in critical system components.
Go to Full Article
- Intel Expands Linux Graphics Team to Boost Drivers and Gaming Support
by George Whittaker
Intel is once again investing in Linux development. The company has recently posted several job openings aimed at strengthening its Linux graphics driver and GPU software teams, signaling continued interest in improving Intel hardware support on the open-source platform.
For Linux users, especially gamers and developers, this could mean faster improvements to Intel’s graphics stack and stronger support for modern workloads.
New Roles Focused on Linux Graphics
Intel has listed multiple GPU Software Development Engineer positions, many of which specifically focus on Linux graphics technologies. These roles involve working on the full graphics stack, including firmware, kernel drivers, and user-space components used by applications and games.
The responsibilities for these positions include:
Developing and optimizing Intel GPU drivers for Linux
Improving the Linux graphics stack, including kernel DRM drivers and Mesa components
Working with graphics APIs and tools used by modern applications
Ensuring compatibility across desktop, workstation, and data-center hardware
The job listings also emphasize experience with C/C++ development and the Linux kernel graphics ecosystem, highlighting the technical depth required for these roles.
Linux Gaming Is Part of the Plan
One of the more notable details from the job postings is the mention of Linux gaming technologies such as Wine and Proton. These compatibility layers allow Windows games to run on Linux, making them central to platforms like SteamOS and the Steam Deck.
Intel’s focus on these tools suggests the company wants its GPUs to perform well not just in enterprise workloads but also in gaming environments. That aligns with the growing popularity of Linux gaming driven by:
Valve’s Proton compatibility layer
Vulkan-based graphics APIs
The success of devices like the Steam Deck
Beyond Gaming: HPC and Data Center Work
While gaming support is part of the focus, the hiring effort isn’t limited to consumer graphics. Intel is also recruiting engineers for areas such as:
High-performance computing (HPC)
AI and machine-learning workloads
Middleware development for supercomputing systems
Cloud and data-center GPU optimization
These roles indicate Intel’s broader strategy to strengthen Linux across multiple sectors, from desktops and laptops to supercomputers and cloud infrastructure.
Go to Full Article
- AerynOS 2026.02 Alpha Released: Advancing a Modern Atomic Linux Vision
by George Whittaker
The developers behind AerynOS have released AerynOS 2026.02 Alpha, the latest development snapshot of the independent Linux distribution previously known as Serpent OS. This new release continues the project’s rapid evolution, bringing updated packages, improved build tools, and new installation options while the system remains in an early testing stage.
Although still labeled as an alpha-quality release, the new ISO gives enthusiasts and developers a chance to explore the direction AerynOS is taking as it builds a modern Linux platform from scratch.
A Modern Atomic Approach
AerynOS aims to rethink how Linux distributions handle updates and package management. The project focuses on atomic-style updates, meaning system changes are applied as a complete transaction rather than individual package installs. This approach helps reduce the risk of partially completed updates leaving a system in a broken state.
Unlike some atomic distributions, however, AerynOS does not rely on an immutable filesystem, allowing users to retain flexibility and customization while still benefiting from safer update behavior.
Updated Desktop Environments
The 2026.02 alpha release ships with several modern desktop environment options:
GNOME 49.4 as the default desktop
COSMIC 1.0.8, System76’s emerging desktop environment
KDE Plasma 6.6.1 available as an alternative session
These updates provide users with multiple modern desktop choices while ensuring compatibility with the latest frameworks and desktop technologies.
New Core Software and Components
AerynOS 2026.02 also brings a large batch of software updates across the system stack. Some of the notable versions included in the release are:
Linux kernel 6.18.15 LTS
Firefox 148
PipeWire 1.6
Wine 11.3
Waybar 0.15
Mesa/Nesa graphics drivers 26.x
Together, these updates ensure that the development snapshot reflects a modern Linux software ecosystem while improving compatibility with newer hardware.
Improved Development Tooling
A significant portion of the February development cycle focused on improving the distribution’s internal tooling:
Moss, the package manager, has been optimized for faster performance.
Boulder, the package build system, now automates more recipe creation and version handling.
Go to Full Article
- Armbian 26.02 Arrives with Linux 6.18 LTS and Expanded Board Support
by George Whittaker
The Armbian project has released Armbian 26.02, the latest update to the lightweight Linux distribution designed specifically for ARM and RISC-V single-board computers (SBCs). Known for its stability and hardware optimization, Armbian continues to evolve with improved hardware support, new desktop options, and updated core components in this release.
A Linux Distribution Tailored for SBCs
Armbian is built on top of Debian or Ubuntu, providing optimized system images for single-board computers such as Orange Pi, Banana Pi, and ODROID devices. The project focuses on stability, performance, and long-term maintenance for embedded and development boards.
With the 26.02 release, the developers continue that mission by refining support for modern hardware platforms and improving the overall software stack.
Powered by Linux 6.18 LTS
One of the biggest upgrades in Armbian 26.02 is the transition to Linux kernel 6.18 LTS, which brings improved driver support, performance enhancements, and better compatibility for newer SBC hardware.
The newer kernel helps ensure that Armbian remains compatible with evolving chipsets while maintaining stability across its supported devices.
New Board Support
This release expands Armbian’s hardware ecosystem with support for several new boards, including:
SpacemiT MusePi Pro
Radxa Rock 4D
Orange Pi RV2
ODROID M2
These additions reflect Armbian’s ongoing focus on supporting emerging ARM and RISC-V development boards used by hobbyists, developers, and embedded system builders.
Desktop Improvements
Armbian 26.02 also introduces expanded desktop options:
RISC-V XFCE desktop images for supported RISC-V systems
Restored KDE Neon desktop builds
Updated desktop targets based on Ubuntu 24.04 LTS
These changes give users more flexibility when choosing between lightweight environments or more full-featured desktop setups.
Enhancements to Armbian Tools
The Armbian ecosystem itself has also received improvements. The Armbian Imager utility, used to flash OS images to SBC storage devices, now features:
Faster image decompression
Code signing for improved security on macOS and Windows
AI-assisted translation support
A new settings panel with additional developer options
Go to Full Article
- Linux 7.0 Is Coming: What to Expect from the Next Major Kernel Release
by George Whittaker
Excitement in the open-source world is rising as the Linux kernel project moves toward the next major release: Linux kernel 7.0. While a major version number might sound like a dramatic overhaul, the reality is a lot more steady progress, and that’s part of what makes the Linux kernel so reliable and trusted. The first release candidate (RC1) for Linux 7.0 has already been published, and developers are entering the final stretch toward a stable release expected around mid-April 2026.
An Evolution, Not a Revolution
Linus Torvalds, the creator and lead maintainer of the Linux kernel, officially confirmed that the next version after Linux 6.19 will be dubbed Linux 7.0. In the announcement, he made clear that the jump to “7.0” isn’t tied to any monumental architectural upheaval, it’s a practical naming decision made partly to keep version numbers manageable.
That tradition continues a long-standing pattern: kernel series are often numbered until they reach higher minor versions (like 6.19), and then the major number increments, even if the changes are incremental and largely additive rather than breaking.
Inside the 7.0 Development Cycle
The Linux 7.0 cycle opened with the merge window, during which new code from contributors around the world is accepted. With the release candidate phase now underway, the focus has turned toward stabilization and testing.
The 7.0-rc1 announcement notes that this cycle saw a “smooth” merge window with relatively few major boot failures reported on the lead developer’s own test machines, a good sign for the kernel’s broad hardware support.
Expected Improvements
While the final changelog for the stable 7.0 kernel will only be known when it ships, several themes stand out from early previews and reporting:
1. Broad Hardware Enablement
Driver updates make up a significant portion of the changes so far, helping Linux support the latest CPUs and SoCs from vendors like Intel, AMD, and Qualcomm. Early testing indicates enablement for new families such as Intel Nova Lake and AMD Zen 6, which will be important for next-generation laptops, desktops, and servers.
2. Performance and Responsiveness
Kernel maintainers and community reports suggest that performance improvements are part of the 7.0 trend. Although specifics are still emerging, the kernel’s scheduler and memory management subsystems tend to see ongoing optimization as workloads diversify.
Go to Full Article
|
