Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All/All+Images) (Single Column)

LWN.net

  • Woodruff: You shouldn't trust trusted publishing
    William Woodruff, better known online as "yossarian", has publisheda blog post to make the case that users should not place their trustin trustedpublishing:

    Trusted Publishing is a mechanism for establishing trust between anexternal machine identity (like a CI/CD workflow) and one or moreprojects on a package index/registry. The "trust" in "TrustedPublishing" refers to that trust relationship, and not to anythingelse.

    It is not, and cannot be, a signal for package trust orquality. You cannot use it to determine whether a package is safe or"good," and PyPI consciously stymies attempts to misuse it for thatpurpose by not rendering it as a "green checkmark" or anything else ofthe sort.

    Or as another framing: Trusted Publishing is just a form ofauthentication. It doesn't tell you anything other than that an uploadwas authenticated, which all uploads to PyPI are.

    LWN covered trustedpublishing in June.



  • [$] Faster RCUs and lockless memory allocation
    Puranjay Mohan shared some of thework he's been doing recently on improving theperformance of read-copy-update (RCU) at the 2026LinuxStorage, Filesystem, Memory-Management, and BPF Summit; his talk would havebeen nice context to have earlier in the day when Harry Yoo and AlexeiStarovoitov led a session about thenew kmalloc_nolock() function thatallows for lockless allocation from any kernel context, and which interacts withthe RCU subsystem to allow that. This article therefore covers the two sessionstogether and in the reverse order, to provide that missing context.


  • Security updates for Tuesday
    Security updates have been issued by AlmaLinux (nodejs22 and nodejs24), Fedora (clamav, hplip, kernel, kernel-headers, librabbitmq, mingw-expat, mir, perl-Imager, podman-tui, prometheus-podman-exporter, python-rpds-py, rust-ashpd, rust-busd, rust-gtk4-macros, rust-inferno, rust-quick-xml, rust-reqsign-aws-v4, rust-wayland-scanner, and sandogasa), Oracle (container-tools:rhel8, kernel, mariadb:10.11, mariadb:11.8, nginx, perl:5.32, php, php:7.4, rrdtool, ruby:2.5, ruby:3.3, ruby:4.0, and uek-kernel), Red Hat (kernel, opentelemetry-collector, and python-urllib3), Slackware (c-ares and openssh), SUSE (bind, chromedriver, cryptsetup, s390-tools, dnsmasq, jackson-annotations, jackson-core, jackson-databind, lcms2, pacemaker, perl-Cpanel-JSON-XS, perl-Crypt-SaltedHash, postfix, and python-mistune), and Ubuntu (gnutls28, gzip, openssh, php7.0, python-parsl, python3.10, python3.12, python3.14, request-tracker5, socat, sogo, and tar).


  • OpenSSH 10.4 released
    OpenSSH 10.4 has been released. In addition to a number of securityand bug fixes, there are a few notable changes; this release addsexperimental support for a composite post-quantum signature schemecombining ML-DSA 44 and Ed25519 as described in thisIETF draft. With 10.4, if OpenSSH is compiled with sandbox supportit will fail on Linux systems that have not enabled SECCOMPor NO_NEW_PRIVS; prior to this release, sshd would log an errorbut continue operation. See the release notes fora full list of changes.


  • [$] The kernel's iomap layer
    Conversations about the kernel's filesystem implementations often involve alayer called "iomap", but relatively few people can reliably say what iomapactually is. That is just the kind of gap that LWN exists to fill. Inshort, iomap handles the mapping between data in the filesystem space(identified by a file of interest, and an offset within that file) and inthe storage space (which may be a memory location, or a set of blocks on astorage device). Using that mapping, iomap handles a long list of common,filesystem-related tasks, allowing a lot of boilerplate code to be removedfrom individual filesystem implementations.


  • Security updates for Monday
    Security updates have been issued by AlmaLinux (container-tools:rhel8, grafana, grafana-pcp, kernel, ruby:2.5, and ruby:3.3), Debian (bird3, chromium, kernel, linux-6.1, mediawiki, nginx, openvpn, php-phpseclib, php8.2, php8.4, and sympa), Fedora (7zip, buildah, chromium, clamav, freerdp, leptonica, mariadb10.11, mariadb11.8, nextcloud, nsd, openqa, openvpn, os-autoinst, pdns, pdns-recursor, perl-Crypt-ScryptKDF, podman, python-jupyter-server, and python-streamlink), Mageia (mariadb and yt-dlp), Slackware (libevent, libseccomp, mozilla, mutt, and php82), SUSE (apache2, containerd, dnsmasq, docker, dracut, firewalld-legacy, gimp, glibc, golang-github-docker-libnetwork, google-guest-agent, gstreamer-plugins-bad, helm, kernel, kernel-devel, keybase-client, kitty, krb5, libarchive, libnfs, libslirp, nilfs-utils, openCryptoki, openQA, openssl-3, pacemaker, pcr-oracle, perl-DBI, perl-List-SomeUtils-XS, podman, python-pip, python-pydata-sphinx-theme, python-tornado6, python3-lxml, python311-mistune, python313-joserfc, rmt-server, sg3_utils, systemd, tracker-miners, and xdg-dbus-proxy), and Ubuntu (cifs-utils, linux-nvidia, linux-nvidia-6.17, linux-raspi-realtime, and ncurses).


  • Kernel prepatch 7.2-rc2
    The 7.2-rc2 kernel prepatch is out fortesting. Linus said: "It's Sunday afternoon, and rc2 is out. Thingslook very normal - it's not a small rc2, but it's in line with recentreleases, and slightly smaller than rc2 was in 7.1. Let's see how that allcontinues, but so far so good."


  • Seven stable kernels for Saturday including two security fixes
    Greg Kroah-Hartman has announced the release of the 7.1.3, 6.18.38, 6.12.95, 6.6.144, 6.1.177, 5.15.211, and 5.10.260 stable kernels. Several kernelsin this batch include afix for a vulnerability introduced in the 6.0 kernel in IPv6 (CVE-2026-53362),which couldallow an attacker to escape a container and gain root access.

    There is also afix for a use-after-free bug in KVM (CVE-2026-53359)that was introduced in the 2.6.36 kernel. As usual, each stable kernel includesa number of fixes throughout the tree. Users are advised toupgrade.



  • Four vulnerabilities in Guix
    The GNU Guix project has announcedthree vulnerabilities in the guix substitute utility as wellas a fourth that affects the guix pull and guixtime-machine commands. The impact of the vulnerabilities ranges from remote privilegeescalation to local disclosure of sensitive files.

    The remote exploitation of guix substitute only requires that thevulnerable system attempt to download a binary substitute. Anyconfigured substitute server, including ones discovered usingguix-daemon's --discover option, can exploit this, and so can aman-in-the-middle (MITM), regardless of whether https is used in thesubstitute server urls.

    The local exploitation of guix substitute only requiresthe ability to connect to guix-daemon's socket, which by default anyuser can do.

    Separately, another security issue (CVE ID pending) was identifiedin guix pull and guix time-machine, which enables anyone who cancontrol the channels file used by these commands to cause a file to becreated or overwritten wherever the user running the command inquestion has permission to create them.

    The project is recommending that all users upgrade guixand guix-daemon immediately. See the announcement forinstructions, how to test for the vulnerabilities, the disclosuretimeline, and more.



  • [$] Limiting negative dentries
    A number of problems related to negative directory entries (dentries) werethe topic of a filesystem-track session atthe 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit. Negative dentries areused to indicate that a file of a given name does not exist in a directory;it is an optimization that short-circuits the lookup of the file name whenthe answer is already known.Miklos Szeredi led asession that discussedsome problems that come from having too many negative dentries for adirectory.


  • Security updates for Friday
    Security updates have been issued by AlmaLinux (389-ds-base, bind9.18, evince, fence-agents, freerdp, frr, frr10, gimp, gnutls, hplip, jmc, mariadb:11.8, mysql:8.4, php:7.4, postgresql-jdbc, postgresql:15, postgresql:16, valkey, xorg-x11-server, and xorg-x11-server-Xwayland), Debian (fastnetmon), Fedora (7zip, apptainer, cpp-httplib, mysql8.4, and nmap), Oracle (freerdp, giflib, glib2, glibc, kernel, libreoffice, libvirt, mariadb:10.11, postgresql, python3.11, python3.12, rrdtool, and thunderbird), Red Hat (buildah, podman, and skopeo), SUSE (alloy, apache2, buildah, c3p0, containerd, crun, cups, dhcpcd, dnsmasq, docker-stable, dracut, editorconfig-core-c, ffmpeg-7, fontforge, google-guest-agent, google-osconfig-agent, graphicsmagick, gstreamer-plugins-bad, gstreamer-plugins-good, helm, jackson-annotations, jackson-core, jackson-databind, jline3, kernel, kubectl-cnpg, lcms2, libslirp, libssh2_org, libxreaderdocument3, openbabel, openssl-3, pacemaker, perl-CGI-Session, perl-list-someutils-xs, python-lxml, python-tornado, python-tornado6, python3-onionshare, python311-python-engineio, sg3_utils, thunderbird, transmission, and trivy), and Ubuntu (cifs-utils, kernel, libvncserver, linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia-tegra, linux-oracle-5.15, linux-raspi, linux-xilinx, nghttp2, nginx, perl, and vim).


  • CalyxOS is back
    In August 2025, the CalyxOS privacy-focusedAndroid distribution announcedthat it was pausing all releases while it reworked itsrelease process, security protocols, and changed its signing keysfollowing the departure of one of its founders. The project has now announcedthat it is "officially back from the hiatus" with the7.2.2.0 release.

    CalyxOS 7.2.2.0 is signed by us using a newHSM-based, open-source signing solution we designed to enhance thesecurity of the entire signing process, ensure redundancy, and removesingle points of failure. You can verify CalyxOS 7.2.2.0 and futurebuilds following theseinstructions. For anyone who is interested, the security auditreport of the HSM provisioning ceremony script can be found here.

    In addition, we also went through significant infrastructureimprovements. In particular, we have set up a cleaner server structureto streamline each release. In response to Google's less frequent AOSPsource code releases, our team developed scripts to reduce theoverhead in applying monthly patches and updates. Please keep in mind,additional manual steps are still needed to compensate for AOSPchanges, such as requesting and storing kernel sources with eachupdate. Currently, our lead engineer is continuing the maintenance ofthe base device trees for both LineageOS and CalyxOS to bridge the gapcreated by the absence of Google Pixel device trees.


  • Kernel archive /pub tree restoring
    A few astute observers have noticed that somecontent on kernel.org had disappeared and were understandablyconcerned. Konstantin Ryabitsev has provided an update viasocial.kernel.org:
    There was an unfortunate error while changing the kernel.orgprimary/secondary mirroring infrastructure, which resulted in the /pubtree suddenly becoming empty. No data was lost, just public mirrorcopies. Everything is now being restored, but deletes are fast andrestores are slow, so thank you for your patience!
    The incident isbeing tracked on the Linux Foundation's IT status page.



  • Spoofed email from LWN
    We were made aware today of an email sent to a reader that wasspoofed to appear to be from LWN. The message claimed, among otherthings, that we were providing personal information about the readerto another site user. As is explained in our privacy policy we do not,and would not, provide such information.

    If any other readers have received an odd message from LWN, it isan attempt at a hoax; if in doubt, please check the DKIM header of theemail. Any email that does come from LWN will have a proper DKIMsignature in its headers.

    If you receive such a message, please feel free to send it to us,with its headers intact. But to reiterate, we are not providing anyuser information upon request, nor banning any accounts. We hope thiswill not be a recurring problem.



  • Fedora Council proposes pausing Community Initiatives
    Aoife Moloney has, on behalf of the Fedora Council, posted anannouncement that the Fedora Council is "proposing we pause theCommunity Initiatives process as an official project process"because it has decided the current process is ineffective. It is alsoclosing discussion regarding the AI developer desktopinitiative covered by LWN in May.

    The Fedora Objectives/Initiatives framework was never intended as amandatory prerequisite to do the work in Fedora. It supposed to helpby focusing the community on a certain work when needed, not to decidewhat is allowed. The AI developer desktop initiative proposalhighlighted that the Community Initiatives process has failed to serveas a good framework in Fedora where new ideas can surface, receiverespectful feedback, and gain Council support for work that fits theproject's present and/or future. This is something that the Councilmust address.

    As a first step, we would like to halt the community initiativeprocess immediately. Existing initiatives in flight (Fedora Forge,Atomic, and Fedora Docs 2026) will continue with full Councilbacking. Their underlying work will be completed as planned in theircurrent timeboxed state, though the administrative framework aroundthem may evolve.As a second step, we would like to work out a new mechanism to allowCouncil to set strategic direction in an open, transparent way thatmore intentionally includes the community voice. We recognise that wehave to be better at being more open in our discussions and decisionmaking.

    The council is considering the "sandbox" proposal as analternative or supplement to a process that replaces the CommunityInitiatives.




LXer Linux News







  • Razer Certifying Their First Laptop For Linux: Razer Blade 18 RZ09-0582
    Razer is a brand synonymous with gaming and finally in 2026 they are in the process of certifying their first laptop for Ubuntu Linux. This laptop going through Ubuntu Linux certification is the Razer Blade 18 RZ09-0582 and it offers incredible performance with the Core Ultra 9 290HX Plus processor and GeForce RTX 5090 graphics but with that also comes a very high price tag.





  • "I'll Make The Linux Kernel Mailing List Burn": Prominent LLVM Linux Developer Returns
    One of the original developers behind the work to allow the Linux kernel to be compiled using LLVM/Clang as an alternative to the GCC compiler is now back in the saddle working on LLVM Linux support. LLVM/Clang support for building the Linux kernel has been important for improving code portability and addressing GCC'isms, making use of LLVM compiler features not yet found with the GNU toolchain, evaluating the performance between GCC and Clang, and all the more important these days with the Linux kernel Rust integration...




  • Axiomtek MANO330 SBC features Intel N97/N150, HDMI, VGA, and LVDS
    Axiomtek’s MANO330 is a coming-soon Thin Mini-ITX single-board computer designed around Intel Processor N97 and N150 options, with DDR5 memory, multiple display interfaces, dual LAN, and M.2 expansion for compact embedded systems. According to the product listing, the MANO330 supports DDR5-4800 SO-DIMM memory with up to 32GB capacity. Expansion options include an M.2 Key B […]



  • Ryzen AI Developer Platform: AMD's Own Linux Distribution Built Atop Debian
    With the AMD Ryzen AI Halo developer platform there is the option of ordering this Ryzen AI Max+ mini PC with either Microsoft Windows 11 or "Linux OS". When receiving a AMD Ryzen AI Halo review sample last month, I fully expected it to just be an Ubuntu LTS install with ROCm preloaded. I was quite surprised when powering it up to find that it's an OS called the AMD Ryzen AI Developer Platform 1 "Rex" and is based on Debian Linux.



  • 9to5Linux Weekly Roundup: July 5th, 2026
    The 299th installment of the 9to5Linux Weekly Roundup is here for the week ending July 5th, 2026, keeping you updated on the most important developments in the Linux world.




Linux Insider"LinuxInsider"












Slashdot

  • Superconducting Thruster Harnesses Earth's Magnetic Field In First Orbital Test
    New Zealand startup Zenno Astronautics has completed the first orbital test of its "Supertorquer," a shoebox-sized superconducting magnet system that uses solar power and Earth's magnetic field to help control a satellite without fuel. The company says the technology could eventually support fuel-free satellite maneuvers, docking, deep-space trajectory changes, and even magnetic radiation shielding for astronauts. Space Magazine reports: The tests began shortly after Mira's launch in November last year aboard the SpaceX Transporter 12 mission and saw the shoebox-size device perform with flying colors, Zenno Astronautics CEO and founder Max Arshavsky, told Space.com. "It's a technology that allows a spacecraft to not tumble violently in space and point in the right direction," Arshavsky said. "The unit has multiple super-conducting magnets that are positioned in different axes. When we power up the magnets, they generate a magnetic field, which interacts with Earth's magnetic field, and because we can control the magnetic field on the satellite, we can control the way in which it turns with respect to Earth." Superconducting magnets are made of coils of superconducting wire that have zero electrical resistance and can therefore conduct much larger currents than normal wires. That larger current translates into a greater magnetic force. There is, however, a catch: Superconducting materials need to be cooled to extremely low temperatures to gain their wonder properties. [...] The unit housing the superconducting magnets is wrapped in layers of insulation and fitted with a heat pump that removes all the excess heat from the system. Every time the satellite needs a push, the superconducting coils power up, drawing energy from a battery charged by the satellite's solar panels. "It's converting solar energy straight into useful work," Arshavsky said. "Energy is the one thing that is abundant in space, and you can use it to energize the magnet to create a magnetic acceleration device. It gives you acceleration without fuel." In the future, Zenno Astronautics plans to launch larger systems that could enable spacecraft to dock in space or conduct close proximity operations using just the power of their solar-powered superconducting magnets. Arshavsky envisions powerful magnets that could, in the future, propel spacecraft on missions to the moon and Mars using only solar power.


    Read more of this story at Slashdot.


  • Japan Releases Snowman-Like Asteroid Image After Flyby
    Japan's Hayabusa2 probe captured rare close-up images of near-Earth asteroid Torifune, revealing a snowman-like shape made of two joined lobes. Phys.org reports: The fridge-sized Hayabusa2 skimmed asteroid Torifune on Sunday in a mission that demonstrated the ability to deflect a potentially dangerous space rock away from Earth. A new image released by the Japan Aerospace Exploration Agency (JAXA) on Monday could aid such efforts, as researchers say near-Earth asteroids vary in their size, shape and surface characteristics. "The moment I actually saw this image and the scientific data -- it really gave me goosebumps," JAXA scientist Yuya Mimasu told reporters, adding the asteroid "personally looked like a snowman." The black-and-white image, captured by a telescopic camera, showed what appeared to be two round objects joined together. "You can actually see the rocks... I really hadn't expected to be able to take a photo like this, so I'm absolutely over the moon," he said. [...] Moving at a speed of more than 18,000 kilometers (11,185 miles) per hour, the probe was due to fly within 800 meters (2,625 feet) of the asteroid, but JAXA said it would analyze the distance later. If confirmed, the mission would be one of the closest flybys of a near-Earth asteroid ever. JAXA also said Monday it succeeded in acquiring data from three other devices that can measure the distance from the asteroid and examine the existence of water.


    Read more of this story at Slashdot.


  • Meta Now Lets Anyone Use Your Instagram Photos In AI Images
    An anonymous reader quotes a report from Wired: Meta launched its inaugural AI image model from the Meta Superintelligence Labs on Tuesday, its effort to compete with the likes of OpenAI's GPT Images 2.0 and Google's Nano Banana 2 in the AI image generation race. The new model, called Muse Image, rolled out with deep integrations woven into the Instagram app. As part of this update, public Instagram profiles are now automatically opted into being fodder for generative AI remixes. All someone has to do is tag your account's profile in a prompt -- if it's public -- and they can use Meta AI to generate an image using your likeness. Meta positions this feature as a cheeky way to personalize generations with images of real people. "Whether you want to design a custom event invitation, mock up a collaborative creative concept, or generate a personalized graphic, tagging a username lets Meta AI use public photos to build a visual that's ready to post," reads one of Meta's announcement blogs about the new AI tool. [...] Instagram's help center site includes more details about how this feature will impact users, saying that "people may be able to create content with your Instagram content using AI features at Meta" if you leave your account public and on the default settings. (A previously archived version of this page from 2025 does not include similar, AI-focused language.) Instagram users who want to stop others from using their public posts for AI images (without switching your account to private) must manually disable the options under the app's "Sharing and reuse" settings. However, turning off the setting only blocks future AI generations; any AI images already created from their content will remain. Meta also says users will not be notified when others create AI-generated content using their posts.


    Read more of this story at Slashdot.


  • Doom Developer id Software Is Reportedly Losing Half Its Staff
    Doom developer id Software is reportedly laying off about half its staff as part of Microsoft's broader Xbox cuts. The reported layoffs potentially affects around 90 employees. Engadget reports: While neither Microsoft nor id Software have formally acknowledged the layoffs, one former member of the studio's staff, Michael Maynard, has echoed the 50 percent figure on LinkedIn. According to at least one of Game Developer's sources, that could translate to around 90 job cuts, though it's so far unclear what departments at id Software have been hit hardest. [...] Bloomberg reported yesterday that as part of the "reset" at Xbox, ZeniMax Media, the parent company of id Software, will be focusing on its biggest franchises -- like The Elder Scrolls, Fallout, Wolfenstein and Doom -- going forward. It's possible that motivated the cuts to id Software, but the developer at least outwardly appears to be already heavily focused on Doom. The studio launched Doom: The Dark Ages in 2025 and an expansion to the game on July 7, 2026. Whatever the reason, the cuts at Xbox aren't over: While Microsoft eliminated 1,600 roles alongside the announcement that Xbox is restructuring, it still plans to lay off another 1,600 employees over the coming months.


    Read more of this story at Slashdot.


  • Microsoft Flips Windows Backup On By Default Outside the EU
    Microsoft will turn on Windows settings backup and restore by default for eligible Windows 11 business devices outside the EU, starting with Windows 11 26H2. The Register reports: Now dubbed "Windows settings backup and restore," the service backs up a device's settings and a list of installed Microsoft Store apps, which can then be restored to a new device. Microsoft gave a use case for the technology: "Imagine a lost laptop, a hardware refresh, or an unexpected reset. These are some of the moments when your users need backup most. And that's rarely when anyone wants to discover that backup was never turned on." However, some organizations might not want it on. Perhaps those with strict privacy or data sovereignty requirements, or those regulated by the EU Digital Markets Act (DMA), for whom the default-on behavior won't apply. Windows 11 25H2 and earlier are also excluded, as is any device with a backup policy that explicitly disables the setting. Everything else running Windows 11 26H1 will get switched on after a feature update, and the same applies to 26H2, currently with Windows Insiders in the Experimental channel. Administrators might reasonably be wary of this being opt-out rather than opt-in. Backups are useful, but Microsoft is clear that this is not a comprehensive backup solution, calling it only "one step in a broader Windows resiliency effort." The implications still need consideration. An opt-out setting that quietly ships settings data off-device is exactly the sort of thing that adds to administrators' workloads rather than lightening them.


    Read more of this story at Slashdot.


  • Samsung Passes Nvidia To Become Most Profitable Company In the World
    Samsung's chip division is projected to earn more in 2026 than it made across its previous 40 years in semiconductors, driven by soaring AI-fueled demand for memory and storage. The company's latest quarterly operating profit reportedly topped Nvidia's, making Samsung the world's most profitable tech company for the period. Tom's Hardware reports: Brokerage consensus puts Samsung's full-year 2026 operating profit near 300 trillion won ($196 billion), and its second-quarter figure at about 84.6 trillion won ($55.1 billion). Samsung easily beat the consensus with $58.5 billion when it posted preliminary results on July 7, overtaking Nvidia's most recent quarterly operating profit of $53.54 billion and becoming the most profitable technology company in the world for the period, on the back of AI-driven memory demand. Samsung's DS division booked 53.7 trillion won ($35.1 billion) of the company's 57.2 trillion won in total operating profit during the first quarter of 2026, roughly 94% of the total, which is why the division's projection sits so close to Samsung's full-year consensus. "This year's profit will exceed the cumulative profit generated over the past 40 years since we entered the semiconductor business," Kim Yong-Kwan told staff, scoping the claim to the chip business rather than the wider conglomerate. Further reading: Samsung Chip Workers To Get $340,000 Average Bonus In AI Boom


    Read more of this story at Slashdot.


  • FCC To End Biden-Era Rule That Forces ISPs To List All Their Fees
    The FCC plans to roll back broadband label rules that require ISPs to itemize all passthrough fees. Under the proposal, providers could instead list a single "up to" amount for location-based charges. It would also allow ISPs to link to pricing labels rather than display them prominently, while eliminating machine-readable pricing files. Ars Technica reports: ISPs routinely advertise prices much lower than those actually charged to consumers on their monthly bills. One method of raising monthly bill prices above advertised rates is to tack on fees that, ISPs claim, are used to offset charges imposed by local governments. ISPs would be well within their rights to advertise accurate monthly prices and charge those exact prices on monthly bills. But because ISPs rarely do that, the FCC has required them to make specific price disclosures to consumers for the past decade. The Biden-era FCC updated the broadband-label rules to require that ISPs "itemize on the label (PDF) all discretionary monthly fees that the provider passes through to the consumer." The change drew protest from Comcast and other ISPs that complained bitterly about the complexity of listing all the hidden fees they had chosen to charge. Under Chairman Brendan Carr, the Trump FCC has steadily whittled away at requirements imposed under Democrats. An order (PDF) released in draft form last week would eliminate the requirement to itemize passthrough fees and let ISPs list them in a single "up to" amount. The "up to" amount can include both government fees and fees charged by non-government entities such as owners of utility poles. "Rather than continuing to require providers to itemize 'passthrough fees' that can vary by location, we allow providers to display such fees in the aggregate, either as a maximum or 'up to' amount for the total fees applicable in any location where the service plan is offered, or as the exact total of such fees assessed in a particular location," the FCC draft order said. The order to be voted on later this month includes a few other changes that will please ISPs and their lobby groups. ISPs will be allowed to provide links to price labels instead of displaying the full labels prominently on ordering pages and account portals, and will be allowed to stop making the price-label information available in machine-readable spreadsheets. The FCC is also relaxing the requirement that price information be available over the phone. The FCC said the change will "allow phone sales representatives to present label information conversationally, as a summary of key label fields, rather than require verbatim recitation." The changes have been in the works since October 2025, when the FCC issued a Notice of Proposed Rulemaking to let the public submit comments on the proposals. The outcome of that process is the draft order, which will be voted on at the FCC's July 22 meeting and take effect 30 days after it is published in the Federal Register. There are many types of passthrough fees that ISPs will be able to stop listing individually and roll into the "up to" amount. The FCC defined the fees as follows, saying they include just about anything that isn't a tax [...]. Another planned change will eliminate a requirement that providers archive all labels for at least two years after a service plan is no longer available. The Utility Reform Network, an advocacy group, told the FCC that the archived labels provide crucial data about how prices and services change over time, and that machine-readable labels are important for affordability research and information accessibility.


    Read more of this story at Slashdot.


  • China's DeepSeek Developing Its Own AI Chip
    An anonymous reader quotes a report from Reuters: Chinese startup DeepSeek is developing its own AI chip, according to three people familiar with the matter, a push that could reduce its reliance on Nvidia and Huawei chips, which it has depended on to train and run its globally popular models. The chip is designed for inference -- the stage of AI computing in which a trained model generates responses for users -- rather than for training new models, the sources said. If successful, DeepSeek's expansion into semiconductor development would mark a major strategic shift for a company widely hailed in China as the country's AI champion, potentially adding to challenges faced by Chinese tech giant Huawei.


    Read more of this story at Slashdot.


  • Major Banks In Talks To Exploit Debit Card Loophole
    JPMorgan, Bank of America, Wells Fargo, PNC, and other major banks have reportedly explored acquiring Fiserv's debit-card networks, STAR and Accel, in a move that could help them bypass federal caps on debit-card transaction fees. A law limits the fees big banks can charge merchants, but only if the transactions are routed through an outside network. There are no caps on these interchange fees over a bank-owned network, however. The Wall Street Journal reports: When Capital One Financial bought Discover Financial in a $50.6 billion deal, it got a network that cut out the need for a middleman in card transactions and allowed it to deal more directly with merchants. Now, big banks are looking on with envy because owning a network can mean exemption from a federal law that caps debit-card fees. Those fees collectively amount to billions of dollars each year across the industry, but banks have long complained the government-defined cap limits their ability to offer customers debit-card rewards and other services. Some have been exploring a small deal that could upend the rules, though they are worried about political backlash if they try. Big banks including JPMorgan Chase, Bank of America, Wells Fargo and PNC Financial Services Group have in recent months held preliminary and tentative discussions about a deal to acquire a network owned by the financial-technology company Fiserv, according to people familiar with the matter. There is no certainty a deal will happen. Several of the banks that looked at the Fiserv network have already decided it would be unlikely for them to move forward, some of the people said. Some have privately expressed concern that such a deal could prompt backlash from lawmakers, regulators and merchants, the people added.


    Read more of this story at Slashdot.


  • Microsoft Can Track Users Via a Windows Device ID
    A criminal complaint against alleged Scattered Spider member Peter Stokes revealed that Microsoft can associate Windows activity with a persistent "Global Device ID," which investigators used to link his PC to online activity connected to a hack. While unique device IDs are common, the case has raised privacy concerns because the identifier can apparently persist across updates, has no simple opt-out, and may allow Microsoft to connect a Windows installation to activity on third-party services. PCMag reports: Last week, the U.S. announced it had extradited 19-year-old Peter Stokes from Europe for allegedly being a member of the notorious hacking group Scattered Spider. But the case stands out because Microsoft played a key role in linking Stokes to the suspected hacking crimes, according to an unsealed criminal complaint. Stokes allegedly hacked an unnamed luxury jewelry retailer in May 2025 while using a VPN. The 39-page criminal complaint shows the FBI used Microsoft records to discover that his IP address was associated with a Microsoft device identifier known as Global Device ID (GDID). "According to a Microsoft representative, a Global Device Identifier in the Windows ecosystem is a persistent, device-level identifier designed to uniquely identify an installation of a Windows operating system on a device, either a physical device (e.g., a mobile phone or laptop) or virtual machine, across certain Microsoft services and scenarios," the complaint explains. The global device ID isn't exactly surprising, given that it's standard practice to assign a unique ID to each account or device so a tech provider can recognize and distinguish between them. But the complaint reveals Microsoft can associate the GDID with third-party services and the timing as well, giving Redmond a way to theoretically track a user's online activity. In other words, Redmond might be able to track the online activity of your Windows PC without third-party browser cookies. Stokes was discovered exploiting a web development tool called ngrok to bypass the jewelry retailer's network defenses. The complaint says Microsoft had records showing that on May 12, 2025, at 19:21 UTC, the GDID associated with Stokes' computer "accessed, among other ngrok pages, 'https://dashboard[.]ngrok.com/signup,' the ngrok page to set up an ngrok account." The document adds that Microsoft records also showed the GDID accessing "multiple sites" from servers at Tzulo, a web hosting provider, to help pull off the hack. Hence, the fact that federal investigators used the Microsoft identifier to nab a suspected hacker is raising concerns that it could be abused for other surveillance purposes. "Microsoft Windows is surveillance software," cybersecurity expert Matthew Hickey alleged in a tweet.


    Read more of this story at Slashdot.


  • Amazon Will Stop Accepting New Customers For Mechanical Turk
    An anonymous reader quotes a report from TechCrunch: These may be the last days of Amazon's Mechanical Turk. An announcement on the Mechanical Turk website says that on July 30, 2026, the crowdsourcing service will close to new customers. Amazon Web Services says the decision was made after "careful consideration," adding, "Existing customers can continue to use the service as normal. AWS continues to invest in security and availability improvements for Mechanical Turk, but we do not plan to introduce new features." In other words, Amazon isn't completely pulling the plug, but the service is very much on life support. Further reading: Horror Stories From Inside Amazon's Mechanical Turk (2020)


    Read more of this story at Slashdot.


  • Learning Another Language Appears To Slow Brain Aging By Up To 13 Years
    A new study suggests multilingualism may slow brain aging, with bilingual people showing brains that appear about six years younger than monolingual speakers and people who speak four languages showing brains that appear up to 13 years younger. Researchers say earlier language learning and higher proficiency appear to strengthen the effect. The Guardian reports: Our brains are made up of billions of nerve cells that communicate with one another. But as we get older, the connectivity in our brains often deteriorates, causing memory and speed of thought to decline. While previous research had observed that people from European countries with greater language proficiency tended to age more slowly, this study measured the impact of speaking languages on individual brains. Scientists in Spain, Chile, Argentina and Dublin compared people living in the Basque region -- characterized by high levels of multilingualism -- who spoke Spanish, Basque, French and/or English. To measure neurological age, the scientists used magnetoencephalography to measure the brain activity of 728 people with varying ages and levels of linguistic ability. They then used AI to process the results to calculate a normal level of brain connectivity at any given age. A second unrelated group of 144 people were then scanned and compared, comprising equal numbers of people speaking one, two, three or four languages. Dr Lucia Amoruso, from the Basque Center on Cognition, Brain and Language in San Sebastian, said: "In simple terms, people who spoke more languages tended to have brains that looked younger than expected for their chronological age. The effect was not only related to the number of languages spoken. Higher language proficiency and earlier acquisition of a second language were also associated with more delayed brain ageing. This suggests that multilingual experience matters as a gradient: it is not simply about being bilingual or not, but about the depth and duration of language experience."


    Read more of this story at Slashdot.


  • US Cyber Agency Is Using Anthropic's Mythos To Audit Government Code
    CISA is reportedly using Anthropic's Mythos model to scan government code repositories for security vulnerabilities, with sources saying the audits have already found numerous bugs. Reuters reports: The scanning is being done by CISA's Attack Surface Evaluation team, according to one of the sources. The team is a group within CISA that conducts digital security assessments and hacking exercises across government. Two of the sources said the audits had already uncovered a large number of vulnerabilities but did not elaborate. Reuters could not establish exactly how much government code the team had gone through or the nature or severity of the bugs it discovered. [...] The National Security Agency, the U.S. government's powerful eavesdropping agency, has been using Mythos as far back as April despite the blacklist, Axios has reported. Late last month, the New York Times said that NSA analysts had been testing Mythos in classified settings and coming away impressed with its capabilities. But when Anthropic rolled out a public version of Mythos called Fable, which included what it described as cybersecurity safeguards, the White House suddenly demanded that it ban foreigners from running it. This triggered a global shutdown of the model that was lifted only last week.


    Read more of this story at Slashdot.


  • GitHub Thumbs Nose At Sony's Controversial End to Physical Media With Its Introduction of Repo CDs
    GitHub is offering a limited run of 1,000 CD-ROM copies of public repositories as a pro-physical-media jab at Sony's plan to stop producing PlayStation game discs in 2028. Tom's Hardware reports: The coding and collaboration platform, owned by Microsoft, states that "In light of recent developments in physical media, GitHub is proud to announce that you can now obtain your public repo on CD-ROM." Moreover, it appeals to the human side of computing, adding the emotive line "Keep it. Lend it to friends. Pass it on to your children." It isn't April 1st, so thankfully this is no joke. However, if you check out the above-linked GitHub Your Code, On a CD offer page, it quickly becomes clear this is a very limited in time/scope stunt. "Order a burned CD of your own public GitHub repo. Yes, a real physical disc you can hold in your hands, no download required," begins the spiel. But this is a very limited run of 1,000 discs, with applications required between July 2 and July 6 (inclusive). Limit one per person, with availability varying between country/region. "Your code is physically yours, forever. Until you lose it, let's be real," says GitHub. At best, these CDs will be framed and put on a wall, some becoming collector's items or eBay money spinners (discs like 0001 or 0888 would be good ones, if they are numbered). Also, many will be lost or eventually/accidentally discarded, as GitHub seems to know. So this 'protest' is arguably 1,000 doses of expensively shipped e-waste.


    Read more of this story at Slashdot.


  • Research Universities Are Admitting Fewer PhDs, a Bad Sign For Science
    An anonymous reader quotes a report from the New York Times: The number of students admitted to Ph.D. programs this fall dropped 15 percent from the previous year, according to data from over 50 top research universities, raising fears that the nation's capacity to produce new science could be diminished. The decline is driven, in part, by a chaotic and unpredictable federal funding environment under the Trump administration, as federal cuts are promised and then reversed, and budgets remain unclear. A reduction in doctoral students could mean fewer scholars at universities to teach and mentor undergraduates. Higher education leaders also worry that, if the declines continue, there will be fewer researchers to power a rapidly evolving scientific work force. The data showing the decrease comes from 55 universities, all of them members of the Association of American Universities, an invitation-only organization that includes 69 of the most prestigious research institutions in the United States. The data collection was conducted by another group, the Association of American Universities Data Exchange. Schools in A.A.U. confer half of the nation's research doctorates, according to the association. "We are at risk of losing a whole generation of new talent because of the reduction in the capacity to support those students," said Toby Smith, a senior vice president at the A.A.U. University leaders and research advocates cite many reasons for the declines in new doctoral students. Key federal agencies, such as the National Institutes of Health and the National Science Foundation, have been funding fewer research grants. The wealthiest institutions also face a new federal tax on their endowments. But the most cited reason in interviews was the unreliable nature of federal funding under the Trump administration. The administration proposed major cuts to federal research agencies last year, but Congress restored the funding. It is again proposing big cuts. While Congress may again reverse the administration's proposed reductions, the uncertainty makes it hard for schools to make multiyear commitments to doctoral students. The administration also abruptly ended thousands of research grants last year, arguing that they did not align with the government's priorities. The administration restored many of the grants after judges deemed the eliminations illegal and arbitrary, but research advocates say the whiplash was damaging.


    Read more of this story at Slashdot.


www.theregister.com - Articles




















































Linux.com


  • From DHCP to SZTP – The Trust Revolution
    By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]

    The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.










Phoronix

  • Linux 7.3 To Make It Easier To Disable Syscall User Dispatch
    Introduced to the Linux kernel nearly six years ago was the Syscall User Dispatch feature to help with Linux gaming. Specifically, Syscall User Dispatch was developed to help Windows games run on Linux more efficiently. While it was upstreamed in Linux 5.11 for more efficiently intercepting system calls from Windows software under Wine, now in the name of security there are patches working their way to the mainline kernel to more easily disable it...






  • Razer Certifying Their First Laptop For Linux: Razer Blade 18 RZ09-0582
    Razer is a brand synonymous with gaming and finally in 2026 they are in the process of certifying their first laptop for Ubuntu Linux. This laptop going through Ubuntu Linux certification is the Razer Blade 18 RZ09-0582 and it offers incredible performance with the Core Ultra 9 290HX Plus processor and GeForce RTX 5090 graphics but with that also comes a very high price tag.





  • AF_ALG "Nightmare" Being Further Limited In Linux 7.3 With New Sysctl Knob
    The Linux kernel's AF_ALG interface was deprecated in Linux 7.2. This interface for letting user-space programs interact directly with the Linux kernel crypto API has proven to be a "massive attack surface" due to a variety of security concerns. With its deprecation in Linux 7.2, some AF_ALG features are already removed and for Linux 7.3 this interface is being further restrained...


  • "I9ll Make The Linux Kernel Mailing List Burn": Prominent LLVM Linux Developer Returns
    One of the original developers behind the work to allow the Linux kernel to be compiled using LLVM/Clang as an alternative to the GCC compiler is now back in the saddle working on LLVM Linux support. LLVM/Clang support for building the Linux kernel has been important for improving code portability and addressing GCC'isms, making use of LLVM compiler features not yet found with the GNU toolchain, evaluating the performance between GCC and Clang, and all the more important these days with the Linux kernel Rust integration...


  • EHEA 10Gb Ethernet Driver Being Retired By IBM As A Relic Of Outdated POWER Hardware
    In 2026 it's not too surprising when seeing old PCMCIA and ISA drivers being removed from the mainline Linux kernel source tree and old very low-speed network interfaces, with arguably the most surprising fast being how long they lasted in the mainline kernel. Meanwhile for the upcoming Linux 7.3 kernel, one of the first 10Gb Ethernet drivers is already set for retirement from the mainline Linux kernel...



  • Vulkan Video H.264/H.265 Encode Now Working For Intel Alchemist GPUs On Linux
    Earlier this year Vulkan Video encode was disabled on newer generations of Intel graphics hardware due to insufficient testing with the Intel ANV open-source driver. That impacted Gen12.5 graphics and newer - basically Alchemist and anything newer. Now at least Gen12.5 graphics with the likes of the Arc A-Series is seeing H.264 and H.265 encoding re-enabled...



  • Ryzen AI Developer Platform: AMD9s Own Linux Distribution Built Atop Debian
    With the AMD Ryzen AI Halo developer platform there is the option of ordering this Ryzen AI Max+ mini PC with either Microsoft Windows 11 or "Linux OS". When receiving a AMD Ryzen AI Halo review sample last month, I fully expected it to just be an Ubuntu LTS install with ROCm preloaded. I was quite surprised when powering it up to find that it9s an OS called the AMD Ryzen AI Developer Platform 1 "Rex" and is based on Debian Linux.




  • Intel i915 Driver Nearly Ready To "Work Well" With RT Linux Kernel Sans Display Support
    When it comes to the real-time "RT" patches carried outside of the Linux kernel, a number of them pertain to adjustments around the Intel i915 kernel DRM graphics driver. The mainline Linux kernel and its RT support depend upon not building "PREEMPT_RT" for the i915 driver support while patches have been worked on recently for making this Intel kernel graphics driver code play nicely with real-time Linux...



  • Pioneer DJM-S11 Professional DJ Mixer To Be Supported By Linux 7.3
    The Pioneer DJM-S11 is a professional scratch style 2-channel DJ mixer that retails for $2,269 USD. But if currently connecting this expensive piece of kit to Linux, it does nothing and is unusable. With 87 new lines of code, it will begin to work with the Linux 7.3 kernel later this year...


  • Uniwill Laptop Driver Preparing A Number Of Features For Linux 7.3
    The Unwill laptop driver on Linux for supporting various device-specific features by that major OEM/ODM will be seeing several new features with the Linux 7.3 cycle later this year. One of the most notable users of the Unwill driver is Bavarian Linux PC vendor TUXEDO Computers...




  • DXVK 3.0.1 Released With More Game Fixes, Other Improvements
    Following the release of DXVK 3.0 from late June that brought several big changes, DXVK 3.0.1 is out today with shipping various game fixes and other improvements to this important piece of Valve's Steam Play (Proton) for Direct3D Windows games on Linux...





  • OpenRazer 3.12.4 Fixes Compatibility With Linux 7.2
    OpenRazer 3.12.4 is now available as the newest update to these out-of-tree, unofficial Linux drivers for Razer devices. OpenRazer when paired with the likes of Polychromatic or other GUI options is what makes for a nice experience running Razer gaming peripherals under Linux...


  • FEX 2607 Optimizing For Yet-To-Be-Released ARM 256-bit SVE2 Hardware
    The FEX Emulator that allows running Linux x86/x86_64 software on ARM64 (AArch64) systems, including the likes of Wine / Valve's Steam Play (Proton) for Windows gaming on ARM, is out with its newest monthly feature release. The Valve-backed project for running x86_64 games and other software on ARM for the upcoming Steam Frame and other more typical ARM Linux systems has been baking more optimizations and improvements...



  • 4K @ 60 FPS USB Video Capture Finally Becomes Less Problematic On Linux
    One area of Linux hardware testing I haven't explored much in many years has been modern USB video capture for the lack of said hardware. The last time I did much video capturing on Linux was during the Hauppauge PCI card days. It turns out though that USB video capture of 4K 60 FPS content has been a pain point under Linux but is finally smoothing out with newer versions of the Linux kernel...



Engadget"Engadget - Technology News & Expert Reviews"





















OSnews

  • Most slopcode projects are abandoned and deleted within months of release
    About a month ago, Flathub announced a ban on slopcoded applications. Evangelos GeopJr! Paterakis, developer of a number of popular Linux applications and ton of other things, did some research into just how many applications tagged with AI slop!, a tag Flathub reviewers used to keep track of slopcoded applications submitted to Flathub, actually survived the test of time. The results are exactly what youd expect. Of the 120 unique repos, 32 were maintained and 88 were abandoned. No seriously, a big portion of them was completely deleted, nowhere to be found, others stopped 6 months ago, right after submitting to Flathub. ↫ Evangelos GeopJr! Paterakis Thats absolutely soul-crushing. Why should Flathubs reviewers spend their precious, limited time talking to lazy slopcoders AI! agents to get their slopcoded applications into Flathub, when 70% of these applications are abandoned or outright deleted from existence within mere months of being submitted? Minimal effort for the slopcoders, maximum effort for the reviewers. Just dump a bunch of shitty code over the fence, let a chatbot handle the interactions with the reviewers, and pretend you made a valuable contribution. This is the contradiction slopcode enthusiasts really dont want to talk about. If these AI! tools are so great, where is all the amazing new software? Wheres the massive gains in software quality? Isnt the story that AI! tools do the menial work, giving programmers more time to focus on improving their software? Reality does not seem to match the story were being sold. Despite these slopcode tools being out and available for years now, theres no influx of great applications and other software, theres no rise in software quality, nothing. What we mostly seem to be getting are slopcoded projects nobody, not even their creators! care about, so they just get abandoned and deleted as quickly as they were dredged up from the bottom of the programming barrel. These arent applications created because someone wanted them to exist; these are applications created because some mid programmer got high on their AI! supply and fancied themselves better at programming than they really are  only to realise once the comedown hits theyve got crappy, barely working, entirely unmaintainable gibberish vaguely looking like code nobody can make head nor tails of. And then they abandon the project, ready for the next high  leaving everyone else to clean up their mess. What a miserable workflow.


  • Linux ported to the Atari Jaguar
    Only a few days ago we had Linux on the Mega Drive, and someone took that as a challenge, so now we have Linux on the Atari Jaguar. The Jaguar has a very different architecture than the Mega Drive, but does happen to use a processor from the same 68000-family. Interestingly enough, to this day, Linux has architecture code for the 68000-family of processors. 68040, 68030, 680100 and even the original base 68000 processor. All neatly structured under arch/m68k/. ↫ Joel Bueno And, well, that means Linux can indeed be made to work on the Jaguar, with some hacking and magic, of course.


  • Review: iodéOS offers a frictionless de-Googled Android experience
    Wherever in the world you go, the smartphone landscape is dominated by Android and iOS, and while this has always been problematic, recent events have made the dependency on two American tech giants for what is probably our most personal computing device even more problematic than it already was. We use our smartphones to keep our secrets, do our banking, interact with our governments, share our deepest thoughts with our friends and family, and a whole lot more. Having this invaluable tool the vast majority of us depend on tied entirely to Google and Apple is not just bad for the market, its also a downright threat to the national security of anyone not living in the US. Here in Europe, theres been an awakening lately, with governments, companies, and people alike finally realising that having our entire digital infrastructure controlled by foreign, adversarial interests is a terrible idea. Sadly, breaking free from our Android and iOS chains is not so easy. The most ideal solution would be a truly open source alternative smartphone operating system, but thats a hard sell for 99.9% of smartphone users who need the applications required to do their finances, talk to their friends, or interact with their governments. The cold and harsh truth is that with very few exceptions, these applications simply do not (yet) exist for smartphone operating systems that arent Android or iOS. The only viable alternative at this point in time is to take whatevers left of the Android Open Source Project, remove anything that ties it to Google and its services, fill in the gaps with alternative services and applications, and sell it as a Google-free or de-Googled Android platform. Theres several projects in this space, and with Europe drunkenly stumbling out of the technological hole it dug itself into, its no surprise that two of the more popular alternatives to Apple or Google-controlled smartphones come from Europe (and from the same country, no less). Today, were taking a look at one of these: iodéOS. Iodé is a company based in Toulouse, France, which focuses on offering a Google-free Android called iodéOS, either preinstalled on phones you can buy, or as a ROM you can install yourself on supported devices. As a company, iodé makes its money through selling devices with iodéOS preinstalled, through an optional premium subscription (that I didnt take a look at), and through donations, and all of their code is published as open source on their Gitlab instance hosted in France. Iodé loaned me a Fairphone 6 with iodéOS preinstalled, one of he many smartphones and tablets they sell through their online store for review. This isnt going to be an Android review; you already know what Android is like, and theres no need for me to rehash any of that. Instead, I want to focus on the things that make using de-Googled Android different from using Google Android. Dont be afraid of microG There are various ways to go about making a de-Googled Android variant, and iodéOS chose the LineageOS route, with microG installed on top. For those unaware, microG is a project which aims to replace the various proprietary parts of Google Play Services, required by many Android applications, with open source reimplementations. While it doesnt offer 100% compatibility, it works exceptionally well, and youll be hard-pressed to find applications just dont work at all with microG. IodéOS updates its microG installation through a dedicated F-Droid repository thats obviously enabled by default, so you dont have to do anything yourself. Using microG instead of Google Play Services doesnt mean you have to rely solely on whatevers available in F-Droid, since there are a variety of alternative Play Store frontends available. IodéOS ships with the Aurora Store, which is an open-source frontend to the Play Store that can be used with or without a Google account. If you use it with your Google account, youll gain access to whatever applications you already own, including paid ones, but you wont be able to buy applications inside Aurora. You can, however, buy an application on the Play Store website, after which it will show up in Aurora as well, assuming youre logged in with the same account. Aurora also comes with something something called FakeStore, which is sadly an important part of the puzzle; its a stub application that has the same package name as the real Play Store. Some applications check whether the Play Store is available before working properly, so this is sadly needed to ensure maximum compatibility. The only issue I sometimes ran into with Aurora is that it would load up its listings, but then any application I tapped on said it was unavailable. When this happened, reloading the Aurora application always fixed the issue. Annoying, but not gamebreaking. A few things did not work for me when using microG on iodéOS, and theyre exactly the things youd expect not to work. If you have a WearOS device, youre out of luck; WearOS devices simply do not work when using microG, but there is a bounty to add support for it. If you want to use a smartwatch with iodéOS, there are various options available, such as Garmin devices, which is what I used during my testing and it worked flawlessly. Another feature from regular! Android that simply wont work is RCS. Theres only one RCS client available on Android, Google Messages, and as you can imagine, Google is in no rush to allow devices without Google Play Services to register for and use RCS messaging. Tying to register with Google Messages will fail, and there are no other RCS clients available (save for a few China and India-specific clients). Theres a microG bounty for this, too, but no luck so far. Of course, there are countless messaging platforms that work just fine on iodéOS  regular SMS, WhatsApp, Facebook Messenger, Signal, and so on  and especially if youre European, its unlikely RCS support matters to you at all. I just dont


  • Improved DEC Alpha emulator runs Windows 2000 for Alpha and OpenVMS and Tru64 with X11
    Colour me positively surprised, as I had no idea Alpha emulation had progressed this much. As you might know, Im involved a bit in the OpenVMS community and the Alpha emulation side via AXPBox. AXPBox (github) is a fork of the es40 alpha emulator by Camiel Vanderhoeven (who is now Chief Architect at VSI, the company that makes OpenVMS, for x86 nowdays). There have been many forks of es40 in the past and recently a new one has popped up with some great new features. Like speedups via a JIT compiler, S3 graphics port from MAME and ARC support, resulting in the ability to run Windows 2000 for the DEC Alpha. ↫ Remy van Elst Not only can you run the unreleased Alpha version of Windows 2000 on this forked emulator, its also capable of running OpenVMS and Tru64 UNIX. In fact, both OpenVMS and Tru64 can run their full X11 CDE desktops on the emulator as well, which is incredibly cool and a huge milestone. As the name of the original emulator implies, its emulating an AlphaServer Es40 from the turn of the century, which should be fast enough for enthusiast use. The last AlphaStation ever made, the ES47, is still very high on my list of computers I desperately want but will never have  they are incredibly rare, and whenever they do come up for sale, incredibly expensive. If you have one, consider yourself lucky, and please, write about it! Tell the world!


  • LineageOS and Androids upcoming developer verification: what it is, and how it affects you
    LineageOS, the de-Googled Android ROM that serves as the backbone for pretty much the entire custom Android ROM community, has published an article about what the Android developer verification changes mean for them. I really like the factual tone of their article, especially this part: Critics such as F-Droid, EFF, and “Keep Android Open” point out that this also happens to route every install path through Google-controlled infrastructure, hands Google a kill switch over any app or developer worldwide, and arrives shortly after Google’s antitrust lawsuits. Both things can be true at once: real fraud is a problem and the restriction of developers is a convenient side effect of solving it this way  and we’re not in a position to pretend we know Google’s internal reasoning. We’re just telling you what they’ve said and what it changes; you can weigh the “why” yourself. ↫ Nolen Johnson on the LineageOS website For LineageOS, these new verification measures dont really mean much, as they dont affect the projects work or software. The developer verification infrastructure is a separate application that is part of Google Mobile Services, and LineageOS does not ship GMS nor does it ever intend to. As such, they dont have to do anything, as this wont be an issue unless LineageOS users choose to install a GApps package that happens to include the developer verification infrastructure. If Google were to move the developer verification infrastructure into Play Services in the future, LineageOS makes it clear theyll disable it globally, as they have done with a number of other annoying Play Services-provided over-the-air update implementations . There really isnt much more they can do; the rest is up to users and projects that use LineageOS as their base.


  • Composite video on the NES: whys it so wobbly?
    The Nintendo Entertainment System. Is it the platonic ideal of an 8-bit video game system? Well, only because it’s so prominent and successful– it’s actually kind of an oddball in its expandability and design. But there’s something else about it. The picture is a bit… wobbly. Well, over composite video anyway. Let’s dig in and learn a little big more about the nitty-gritty of composite video. ↫ Nicole Branagan As usual, the information density in this article by Branagan is kind of remarkable, especially when you consider it never overwhelms you. Such a great read.


  • ReactOS implements very first NT6 system call
    A fairly big moment for the ReactOS project: it has just received its very first system call from NT6. The system call that has been added is NtGetCurrentProcessorNumberEx, which is used for returning the processor number of the logical processor that a caller is running on. It’s unclear how long it will take ReactOS to become compatible with Windows Vista software, but it took Microsoft around half a decade to develop Vista after the release of XP and marked a major upgrade, even if it didn’t land well with users at the time. ↫ Paul Hill at Neowin Its a milestone for sure, but not one thats going to make a huge difference for ReactOS at this moment in time. Still, its a sign of things to come, even if the very nature of the ReactOS project means that whatever things are coming tend to take a while to arrive.


  • Microsoft settles centuries of religious debate by providing clearest definition of hell to date: Windows with a website-based shell running only Copilot
    For how often people invoke it, the concept of hell! in Christianity is remarkably vague and nebulous, as both the Old and New Testament barely go into detail about the concept. As such, Im glad Microsoft has now given us a clear vision of hell and what, exactly, it looks like, ending centuries of denominational disagreements. Microsoft is currently selling the idea of Windows and Copilot as two separate things: an OS and an assistant riding along on top of it. However, a leaked video shows Project Aion, an internal prototype where Copilot doesnt just sit inside Windows, it becomes Windows, swallowing the Start menu, the taskbar, and three decades of desktop conventions in the process. The footage is reportedly two years old, so Aion is most likely dead by now. But its the clearest look yet at how far Microsoft was willing to take its agentic AI ambitions. ↫ Alfonso Maruccia at Techspot Everything about this is dreadful. Obviously replacing the entire shell with AI! nonsense is the main crime against usability here, but on top of that, this new shell is all just websites, all the way down, so everything is slow and stuttery. Since this runs on something called Win3!, which appears to be a very minimal, stripped-down version of Windows intended to only run the Edge browser engine, you cant run Win32 applications. If you do try to run a Win32 application, it will load the application in a remote virtual machine running in the cloud, which I;m sure does wonder for performance, responsiveness, and latency. We can all thank the lord this project is two years old and most likely cancelled by now, but we have no way of knowing if Microsoft is still intending for this to be the future direction of Windows. Since people dont want to use AI! of their own volition, it only makes sense in the technology industrys sick, twisted mind to force people into using AI! with efforts like this. Consent has never been Silicon Valleys strength, after all. At the time of writing, Microsoft is 225 billion dollars in the red on AI!, so I wouldnt be surprised if attempts to replace the regular Explorer shell with something AI!-based is still very much on the table in Redmond.


  • Vulkan-netbsd brings Vulkan to NetBSD
    NetBSD is the only BSD without a Vulkan stack (Mesa and Lavapipe), but thats about to change. The effort to bring Vulkan to NetBSD is now in beta, with prebuilt binaries coming soon. Mesa configures, compiles, links, installs, and registers the Lavapipe software Vulkan driver on NetBSD 10.1 amd64, against LLVM 19.1.7. The driver (libvulkan_lvp.so, ~17 MB) installs into /usr/pkg/lib, and its ICD manifest (advertising Vulkan API 1.4) installs into /usr/pkg/share/vulkan/icd.d/, so a Vulkan loader on the system can discover it. ldd resolves every dependency cleanly. The entire process — environment setup, dependency builds, the Mesa build, and installation — is automated end to end and reproducible on a fresh install. ↫ vulkan-netbsd GitHub page Its important to note that the next step in the process is to port the Vulkan loader, which is required to actually run Vulkan applications. This entire effort is still ongoing and seems to be handled mostly by Dean Howell alone, so expect breakage and incomplete documentation as development progresses. Still, this is a hugely important effort, and seeing it this far along is great news.


  • EveryMac celebrates 30th birthday
    EveryMac turned 30. On July 2, 1996, EveryMac.com launched. Thirty years is a long time  and a great deal has changed since then  but what has not changed is that EveryMac.com has been there to provide you with detailed info on every Mac from the original 128k to the current line. Thank you very much for your support through the years. ↫ EveryMac news item I thought OSNews was pretty unique with its founding in 1997, so its great to see another enthusiasts website as old as ours. Amazing company to be in, too  EveryMac is an indispensable, tirelessly maintained, and stupidly accurate resource that I use countless times each year. Heres to another 30 years.


  • Android is almost dead
    The clock is ticking for Android as a (somewhat) open platform. If you are running Android 8 or higher, a virus has been installed on your device and is silently awaiting remote activation. Over the past few months, devices around the world have been infected with this novel strain, with as many as 4 billion Android handsets and tablets estimated to have already been contaminated, meaning that around half of all humanity may be at risk from this threat. Disguising itself as the innocuously-titled “Android Developer Verifier” (ADV) process, this trojan horse runs surreptitiously in the background as a system service with full root privileges, quietly awaiting an activation signal. The service cannot be blocked, disabled, or removed. Unlike a commonplace bit of malware, this extraordinary strain won’t be detected and neutralized by Play Protect (the malware scanning and remediation service that is installed on all Android Certified devices). In fact, Play Protect is itself the vector through which this virus is transmitted and installed. That is because it is Google themselves who is propagating ADV. And once activated, this malevolent process has exactly one goal: to block you from running software by developers who haven’t been approved centrally by Google. ↫ The F-Droid news website If nobody steps up, if no regulator takes on Google in this matter, we could very well be looking at the end of F-Droid and similar open source application repositories on Android. I use F-Droid, and in fact, one of the most important and most-used application on my Pixel 10 Pro comes from F-Droid: Fennec. This Firefox fork is not available through any Google-sanctioned means, and I could just wake up one day and have the browser on what is supposed to be my phone stop working. Age verification, tying crucial services to iOS and Google Android, killing the ability to install your own software on your phone, purposefully making people hopelessly addicted to and dependent on AI!, and so much more  were facing a multi-pronged attack designed to beat us into submission and give up on the idea of Free computing. I have to admit Ive lost all hope well be able to win this battle, as the combined interests of technology megacorporations and our own governments are just too powerful to fight. I feel like were living in the computing end times.


  • WinPE as a stateless harness for Windows driver testing and fuzzing
    What if you need to do very low-level testing involving the very guts of Windows NT, but dont need most of the userland that sits on top? In fact, what if that userland only slows you down and complicates the work youre trying to do? The solution is Windows PE (Windows Preinstallation Environment). It is an official, stripped-down environment distributed with every Windows ISO image. It runs entirely in RAM, requires as little as 512 MB of memory, and lacks support for DirectX, the PowerShell subsystem, or the standard graphical shell (Explorer). Booting by default with NT AUTHORITY\\SYSTEM privileges makes it an ideal test harness for both of these tasks. The following analysis focuses on the low-level mechanisms of WinPE, as well as BCD and QEMU modifications that allow transforming this system into an ultra-fast, idempotent testing environment. ↫ Piotr Bednarski Now, the kind of work Bednarski does isnt the most common of tasks, but Ive often wondered just how far you can get by bolting on whatever WinPE will allow you to. There were various unofficial third-party tools that built Windows live CDs based on WinPE, but I think most of those have died out by now. If you look hard enough, you can also find some other utilities people made for WinPE, including even some rudimentary web browsers. Regarding web browsers, modern efforts seem to run into issues. WinPE is not really meant for any advanced functionality, but I really do wonder how capable you can make it without turning it into regular Windows.


  • M/PC: a concatenative operating system for Varvara
    M/PC is a concatenative operating system for Varvara, inspired by Openfirmware, designed to manage files on system without a file browser. It uses the postfix notation, meaning that the function success their operands. ↫ M/PC website Im not going to pretend to really understand what any of this means.


  • OSNews statement on slopcoded operating systems!
    Recently, there has been a surge in slopcoded new/hobby operating systems!. Such slopcoded projects  which, due to the nature of AI! tools, effectively consist of stolen code  will not be featured on OSNews and submitting them is fruitless. Other websites may choose to employ lower standards, as is their prerogative, but OSNews will not. I obviously cannot guarantee nothing will ever slip through the cracks, but I will take utmost care to ensure OSNews remains free of these so-called sloperating systems!. Plagiarism, license-washing, and code theft have no place in the world of enthusiast and hobby operating systems.


  • European digital ID wallets are a gift to Google and Apple
    European governments are rolling out digital identity wallets, which are to be used by citizens to access services, and to verify their age online. As reported by Follow the Money and Android Authority, there is a serious problem with this: these wallets rely on safety services of Google and Apple. These are known as Google Play Integrity API, and Apple’s Managed Device Attestation. Such safety services (known as “remote attestation”) are used to ensure that wallet apps run on hardware that is not tampered with. In this article we explain why the EU-wallet case is part of a bigger problem: by embedding these safety services in public infrastructure, Europe risks making society dependent on private companies while serving their corporate interests. ↫ Danny Lämmerhirt Setting aside the age verification nonsense, the fact that some European government are tying their identification services to iOS and Google Android is absolutely bonkers, especially in this day and age. Theres endless talk about reducing European dependence on the American tech giants who seem all too eager to do roll over when the Trump regime so much as glances in their general direction, and yet, they seem to want to effectively force us citizens to use American tech products. Essential online tools, like banking, government services, communication services, digital drivers licenses, and more, should not require the use of iOS or Google Android.


  • Apple should end their prohibition on shapes in MacOS app icons!
    Theres a lot you can say about macOS, but one thing Apple used to be incredibly good at were making beautifully crafted, detailed icons. As with almost every other aspect of macOS, this deteriorated sharply over the years, with the recent macOS releases with Liquid Glass being an absolute low point. Not only have they become bland and featureless, Apple also started forcing every icons to have the exact same rounded-rectangle shape, making them even harder to distinguish from one another. Rogue Amoeba, a company with a long history of developing applications with beautiful iconography, published a blog post pleading Apple to go back to proper icon design. With last year’s release of MacOS 26 (Tahoe), Apple made a mess of app icons. In the first betas of MacOS 27 (Golden Gate), however, there are signs of a turnaround. We’re urging Apple to continue making improvements, by restoring the ability for MacOS app icons to have distinct shapes. ↫ Paul Kafasis at the Rogue Amoeba blog I really hope Apple will turn its icon ship around.



Linux Journal News

  • EU OS: A Bold Step Toward Digital Sovereignty for Europe
    Image
    A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
    What Is EU OS?
    EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.

    Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
    The Vision Behind EU OS
    The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.

    Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.

    However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
    Conclusion
    EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.

    Source: It's FOSS
    European Union


  • Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.

    In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.

    On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.

    Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.

    The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.

    Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.

    You can download the latest kernel here.
    Linus Torvalds kernel


  • AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
    Image
    AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.

    This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.

    Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.

    Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.

    Source: 9to5Linux
    AerynOS


  • Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
    Image
    Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.

    Here’s a quick overview of what’s new in Xojo 2025r1:
    1. Linux ARM IDE Support
    Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
    2. Web Drag and Drop
    One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
    3. Direct App Store Publishing
    Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
    4. New Desktop and Mobile Features
    This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
    5. Performance and IDE Enhancements
    Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
    What Does This Mean for Developers?
    Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
    How to Get Started
    Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.

    Download Xojo 2025r1 today at xojo.com.
    Final Thoughts
    With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
    Xojo ARM


  • New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux

    Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.

    Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.

    Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 

    Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.

    Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.

    Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.

    By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
    Windows


  • Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities

    The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 

    As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.

    In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 

    After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.

    The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.

    At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.

    The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
    Security


  • Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges

    The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.

    A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.

    This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 

    The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.

    On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.

    In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
    kernel


  • Linux Celebrates 32 Years with the Release of 6.6-rc2 Version

    Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.

    The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.

    Here is what Linus Torvalds had to say in today's announcement:
    Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds


  • Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction

    Want to interact with ChatGPT from your Linux desktop without using a web browser?

    Bavarder, a new app, allows you to do just that.

    Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.

    With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.

    During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.

    At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.

    As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!

    Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
    ChatGPT AI


  • LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite

    Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.

    Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.

    LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.

    You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.

    All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.

    In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.

    Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.

    The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
    LibreOffice


Linux Magazine News (path: lmi_news)



  • Kubuntu Focus Goes Ultra
    The Kubuntu Focus team has upped the performance ante of its M2 and Zr laptops with the latest, greatest CPUs from Intel.









  • KDE Linux Drops AUR
    KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.











Page last modified on November 17, 2022, at 06:39 PM