All the News that Matters

• [$] LWN.net Weekly Edition for November 6, 2025
  Inside this week's LWN.net Weekly Edition:
  Front: Python thread safety; Namespace reference counting; Merigraf; Speeding up short reads; Julia 1.12; systemd security. Briefs: CHERIoT 1.0; Chromium XSLT; Arm KASLR; Bazzite; Devuan 6.0; Incus 6.18; LXQt 2.3.0; Rust 1.91.0; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.

• Removing XSLT from Chromium
  Mason Freed and Dominik Röttsches have published a documentwith a timeline and plans for removing Extensible Stylesheet LanguageTransformations (XSLT) from the Chromium project and Chromebrowser:
  Chromium has officially deprecated XSLT, including the XSLTProcessorJavaScript API and the XML stylesheet processing instruction. Weintend to remove support from version 155 (November 17, 2026). TheFirefox and WebKit projects have also indicated plans to remove XSLTfrom their browser engines. This document provides some history andcontext, explains how we are removing XSLT to make Chrome safer, andprovides a path for migrating before these features are removed fromthe browser.
  LWN covered the WebHypertext Application Technology Working Group (WHATWG) discussionabout XSLT in August.
  
  
  

• LXQt 2.3.0 released
  Version2.3.0 of the Lightweight Qt Desktop Environment (LXQt) has beenreleased. The highlight of this release is continued improvement inWayland support across LXQt components. Rather than offering its owncompositor, the LXQt project takes a modular approach and works withseveral Wayland compositors, such as KWin, labwc, and niri.
  
  
  

• [$] A security model for systemd
  Linux has many security features and tools that have evolved overthe years to address threats as they emerge and security gaps as theyare discovered. Linux security is all, as Lennart Poettering observed at the All Systems Go! conference heldin Berlin, somewhat random and not a "clean"design. To many observers, that may also appear to be the case forsystemd; however, Poettering said that he does have a vision for howall of the security-related pieces of systemd are meant to fittogether. He wanted to use his talk to explain "how the individualsecurity-related parts of systemd actually fit together and why theyexist in the first place".
  

• OCI Runtime Specification 1.3 adds FreeBSD
  Version1.3 of the Open Container Initiative (OCI) RuntimeSpecification has been released. The specification covers theconfiguration, execution environment, and lifecycle of containers. Themost notable change in 1.3 is the addition of FreeBSD to thespecification, which the FreeBSD Foundation calls"a watershed moment for FreeBSD":
  The addition of cloud-native container support complements FreeBSD'salready robust virtualization capabilities, particularly the powerfulFreeBSD jails technology that has been a cornerstone of the operatingsystem for over two decades. In fact, OCI containers on FreeBSD areimplemented using jails as the underlying isolation mechanism,bringing together the security and resource management benefits ofjails with the portability and ecosystem advantages of OCI-compliantcontainers.
  
  

• Security updates for Wednesday
  Security updates have been issued by Debian (bind9 and gimp), Fedora (chromium, fastapi-cli, fastapi-cloud-cli, gherkin, libnbd, maturin, openapi-python-client, python-annotated-doc, python-cron-converter, python-fastapi, python-inline-snapshot, python-jiter, python-openapi-core, python-platformio, python-pydantic, python-pydantic-core, python-pydantic-extra-types, python-rignore, python-starlette, python-typer, python-typing-inspection, python-uv-build, ruff, rust-astral-tokio-tar, rust-attribute-derive, rust-attribute-derive-macro, rust-collection_literals, rust-get-size-derive2, rust-get-size2, rust-interpolator, rust-jiter, rust-manyhow, rust-manyhow-macros, rust-proc-macro-utils, rust-quote-use, rust-quote-use-macros, rust-regex, rust-regex-automata, rust-reqsign, rust-reqsign-aws-v4, rust-reqsign-command-execute-tokio, rust-reqsign-core, rust-reqsign-file-read-tokio, rust-reqsign-http-send-reqwest, rust-serde_json, rust-speedate, rust-tikv-jemalloc-sys, rust-tikv-jemallocator, and uv), Mageia (golang and libavif), Red Hat (bind9.16, pcs, and qt6-qtsvg), SUSE (colord, ffmpeg, govulncheck-vulndb, jasper, openjpeg, poppler, qatengine, qatlib, runc, sccache, and tiff), and Ubuntu (keystone, libssh, linux-hwe-6.14, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-raspi, runc-app, runc-stable, squid, squid3, and unbound).

• Incus 6.18 released
  Version6.18 of the Incus container and virtual-machine management systemhas been released. Notable changes in this release include newconfiguration keys for providing credentials to systemd, BPF tokendelegation, VirtIO support for sound cards, the ability to export ISOvolumes, improvements to the IncusOS command-line utility, and more.
  

• [$] Julia 1.12 brings progress on standalone binaries and more
  Julia is a modern programminglanguage that is of particular interest to scientists due to its highperformance combined with language features such as Lisp-style macros, anadvanced type system, and multiple dispatch. We last looked at Julia in January on the occasion ofits 1.11 release. Early in October Julia 1.12appeared, bringing a handful of quality-of-life improvements for Juliaprogrammers, most notably support, though still experimental and limited,for the creation of binaries.

• Security updates for Tuesday
  Security updates have been issued by Debian (dcmtk, geographiclib, gimp, pure-ftpd, and ruby-rack), Fedora (dotnet9.0), Oracle (expat, kernel, tigervnc, xorg-x11-server, and xorg-x11-server-Xwayland), Red Hat (git, mariadb:10.5, multiple packages, osbuild-composer, pcs, sssd, and tigervnc), SUSE (kernel and redis), and Ubuntu (google-guest-agent).

• CHERIoT 1.0 released
  Version1.0 of the Capability Hardware Extension to RISC-V for IoT(CHERIoT) specification has been released. CHERIoT is ahardware-software system for secure embedded devices, and thespecification provides a full description of the ISA and its intendeduse by CHERIoTRTOS. David Chisnall has written a blogpost about the release that explains its significance as well as plansfor CHERIoT 2.0 and beyond:
  
  The last change that we made to the ISA was in December 2024, so weare confident that this is a stable release that we can support inhardware for a long time. This specification was implemented by the1.0 release of CHERIoT Ibex and by CHERIoT Kudu (which has not yet hadan official release). These two implementations demonstrate that theISA scales from three-stage single-issue pipelines to six-stagedual-issue pipelines, roughly the same range of microarchitecturessupported by Arm's M profile.
  
  We at SCI have the first of our ICENI chips, which use the CHERIoTIbex core, on the way back from the fab now and will be scaling up tomass production in the new year. I am not allowed to speak for otherfolks building CHERIoT silicon, but I expect 2026 to be an excitingyear for the CHERIoT project!
  
  
  

• Defeating KASLR by Doing Nothing at All (Project Zero)
  The Project Zero blog explainsthat, on 64-bit Arm systems, the kernel's direct map is always placed atthe same virtual location, regardless of whether kernel address-spacelayout randomization (KASLR) is enabled.
  While it remains true that KASLR should not be trusted to prevent exploitation, particularly in local contexts, it is regrettable that the attitude around Linux KASLR is so fatalistic that putting in the engineering effort to preserve its remaining integrity is not considered to be worthwhile. The joint effect of these two issues dramatically simplified what might otherwise have been a more complicated and likely less reliable exploit.

• Python steering council accepts lazy imports
  Barry Warsaw, writing for the Python steering council, has announcedthat PEP 810 ("Explicit lazyimports") has been approved, unanimously, by the four who could vote. SincePablo Galindo Salgado was one of the PEP authors, he did not vote. The PEP provides a way to defer importing modules until the namesdefined in a module areneeded by other parts of the program. We covered the PEP and the discussion around ita few weeks back. The council also had "recommendations about some ofthe PEP's details, a few suggestions for filling a couple of smallgaps", including:Use lazy as the keyword. We debated many of the given alternatives(and some we came up with ourselves), and ultimately agreed with the PEP'schoice of the lazy keyword. The closest challenger wasdefer, but once we tried to use that in all the places where theterm is visible, we ultimately didn't think it was as good an overallfit. The same was true with all the other alternative keywords we couldcome up with, so... lazy it is!
  What about from foo lazy import bar? Nope! We like that in both module imports and from-imports that the lazy keyword is the first thing on the line. It helps to visually recognize lazy imports of both varieties.

• [$] An explicit thread-safety proposal for Python
  Python already has several ways to run programs concurrently —including asynchronous functions, threads, subinterpreters, and multiprocessing— but all of those options have drawbacks of one kind or another.PEP 703 ("Making the Global Interpreter Lock Optional in CPython")removed a major barrier to running Pythonthreads in parallel, but also exposed Python programmers to the same trickysynchronization problems found in other languages supporting multithreadedprograms. A new draft proposalby Mark Shannon,PEP 805 ("Safe Parallel Python"), suggests a way for the CPython runtimeto cut down on concurrency bugs, making it more practical for Python programmersto use versions of the language without the global interpreter lock (GIL).
  

• Devuan 6.0 released
  Version6.0 ("Excalibur") of the systemd-averse Devuan distribution has beenreleased. It is based on Debian 13 ("trixie"), and includes some ofthe significant changes from that release, including the merged/usr hierarchy. See therelease notes for details.

• [$] Namespace reference counting and listns()
  The kernel's namespaces feature is, amongother things, a key part of the implementation of containers. Like much inthe kernel, though, the namespace API evolved over time; there was nodesign at the outset. As a result, this API has some rough edges andmissing features. Christian Brauner is working to straighten out thenamespace situation somewhat with thisdaunting 72-part patch series that, among other things, adds a newsystem call to allow user space to query the namespaces present on thesystem.

Linux Insider"LinuxInsider"

• Open-Source Security Tool AdaptixC2 Fueling Ransomware Attacks
  Ransomware gangs are exploiting AdaptixC2, an open-source command-and-control framework originally built for red team testing, to support stealthy post-exploitation operations. The post Open-Source Security Tool AdaptixC2 Fueling Ransomware Attacks appeared first on LinuxInsider.

• Open-Source Model Near Breaking Point Despite Trillions in Value
  A coalition of open-source stewards warns that the software industry’s reliance on goodwill to maintain critical infrastructure is unsustainable, despite open source fueling trillions in global economic value. The post Open-Source Model Near Breaking Point Despite Trillions in Value appeared first on LinuxInsider.

• The Linux Foundation Expands Agentic AI Push With Third Major Project
  The Linux Foundation has launched its third major agentic AI initiative in three months, designed to secure communication, enhance interoperability, and drive open-source innovation in multi-agent environments. The post The Linux Foundation Expands Agentic AI Push With Third Major Project appeared first on LinuxInsider.

• TuxCare’s In-Memory CVE Scanner Enhances Linux Security With Radar
  TuxCare Radar is an in-memory CVE scanner that reduces false positives, speeds compliance, and delivers real-time Linux vulnerability detection. The post TuxCare’s In-Memory CVE Scanner Enhances Linux Security With Radar appeared first on LinuxInsider.

• Linux Patch Blind Spot Exposes Critical Cybersecurity Risks
  Linux patch delays leave enterprises exposed to long-standing vulnerabilities. Experts warn automation and consistent management are essential to closing this critical security gap. The post Linux Patch Blind Spot Exposes Critical Cybersecurity Risks appeared first on LinuxInsider.

• The Year of the Linux Desktop? This Time, the Data Says Yes
  Linux is making real gains on the desktop. New data shows its market share passing 5% in the U.S., signaling a long-awaited breakthrough. The post The Year of the Linux Desktop? This Time, the Data Says Yes appeared first on LinuxInsider.

• From Kernel to Cloud: Open Source Takes On Security Trade-Offs
  Open-source systems are adopting live patching and isolation technologies to support always-on security and meet enterprise compliance demands in the cloud. The post From Kernel to Cloud: Open Source Takes On Security Trade-Offs appeared first on LinuxInsider.

• Kubernetes Cost Optimization May Be Doing More Harm Than Good
  Slashing Kubernetes costs sounds smart — until it backfires. Here’s how to reduce spend safely while improving platform stability and speed. The post Kubernetes Cost Optimization May Be Doing More Harm Than Good appeared first on LinuxInsider.

• Is a Security Baseline Enough for Open-Source Software?
  The OpenSSF’s new baseline sets minimum security expectations for open-source projects — but not all developers agree it’s practical, scalable, or sufficient. The post Is a Security Baseline Enough for Open-Source Software? appeared first on LinuxInsider.

• DOD Raises Software Security Expectations With SWFT Initiative
  Open-source software may be in the crosshairs of military and government agencies as the U.S. Department of Defense evaluates the risks of both free and proprietary software. The post DOD Raises Software Security Expectations With SWFT Initiative appeared first on LinuxInsider.

• UK space sector 'lacks strategic direction,' Lords warn
  Parliamentary report calls for sovereign launch capability and reduced dependence on US services
  The UK's House of Lords UK Engagement with Space Committee has published a scathing report, "The Space Economy: Act Now or Lose Out," declaring that the 2021 National Space Strategy has "failed to turn its ambitions into reality."…
  

• China uses Mars orbiter to snap interstellar comet 3I/ATLAS
  Middle Kingdom also postpones astronaut return mission after something hit its spaceship
  China has matched the European Space Agency’s feat of taking a snapshot of interstellar comet 3I/ATLAS from a Mars orbiter.…
  

• Qualcomm bets on inferencing in the cloud, which Arm says can’t run it all it forever
  Awkward, seeing as they’re close partners
  Qualcomm and Arm have offered differing predictions regarding the market for inferencing silicon.…
  

• Microsoft apologizes for not explaining cheaper no-AI M365 plans, and all it took was a government lawsuit
  Even offers refunds if users sign up for AI they don’t want, once it fixed a bad link
  Updated Microsoft Australia has apologized to users of its M365 suite after regulators accused it of steering them towards pricey bundles that include its Copilot AI service.…
  

• Perplexity shows how to run monster AI models more efficiently on aging GPUs, AWS networks
  Some clever networking hacks open the door
  AI search provider Perplexity's research wing has developed a new set of software optimizations that allows for trillion parameter or large models to run efficiently across older, cheaper hardware using a variety of existing network technologies, including Amazon's proprietary Elastic Fabric Adapter.…
  

• Azure stumbles in Western Europe, Microsoft blames 'thermal event'
  Degraded performance and possible dependency problems across AZs
  Microsoft has warned of a “thermal event” impacting Azure users in its West Europe region, and perhaps elsewhere.…
  

• Sony rolls out a standard way to measure bias in how AI describes what it 'sees'
  Images in the test dataset were all sourced with consent
  AI models are filled to the brim with bias, whether that's showing you a certain race of person when you ask for a pic of a criminal or assuming that a woman can't possibly be involved in a particular career when you ask for a firefighter. To deal with these issues, Sony AI has released a new dataset for testing the fairness of computer vision models, one that its makers claim was compiled in a fair and ethical way.…
  

• Gorge on Microsoft Store apps with 16-at-once installer
  For now it works only with the web version of the Microsoft Store
  hands on Normally, when you install an application in Windows, it comes either from a direct download or as a single choice from the Microsoft Store. But what if you could install several different apps at the same time by creating a custom group?…
  

• Black Hawk chown: DARPA takes helicopter pilots out of the air for $6M
  An hour’s tablet training and a soldier was sending the bird on autonomous errands
  Who needs a drone when you can fly a Black Hawk from a tablet? DARPA's $6 million award to Sikorsky paid off when a National Guard soldier, trained in under an hour, used a handheld tablet to command an optionally piloted Black Hawk through multiple autonomous missions. …
  

• Uncle Sam lets Google take Wiz for $32B
  Second time's the charm for after Wiz rejected Google's $23B offer last year
  Google's second attempt to acquire cloud security firm Wiz is going a lot better than the first, with the Department of Justice clearing the $32 billion deal, which ranks as Google's largest-ever acquisition.…
  

• Oak Ridge lab bags $125M to bolt quantum onto supercomputers
  The DoE’s planned funding runs through 2030
  America's Oak Ridge National Laboratory will receive up to $125 million through 2030 to develop hybrid computing systems that link quantum and supercomputing technologies.…
  

• When Debian won't do, Devuan 6 'Excalibur' Linux makes the grade
  Debian 13 base, minus systemd and RISC-V build
  Old school enough to favor Debian, but averse to systemd? Good news: Devuan 6 "Excalibur" is here, and all you need to do is draw it from the stone master its installer.…
  

• AMD taking AI fight to Nvidia with Helios rack-scale system
  CEO Lisa Su says next-gen MI400 GPUs and architecture gaining traction with hyperscalers
  AMD plans to launch its Helios rack-scale architecture in 2026 as a direct challenge to Nvidia in the AI infrastructure market, pending successful integration of its next-gen GPUs and processors.…
  

• Two-fifths of SAP Americas users yet to ditch legacy ERP
  S/4HANA migration? Many still worried about business process change
  Around two fifths of North America's SAP users have yet to begin migrating to S/4HANA with just two years until mainstream support ends for legacy systems.…
  

• AMD red-faced over random-number bug that kills cryptographic security
  Local privileges required to exploit flaw in Ryzen and Epyc CPUs. Some patches available, more on the way
  AMD will issue a microcode patch for a high-severity vulnerability that could weaken cryptographic keys across Epyc and Ryzen CPUs.…
  

• Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes
  Meanwhile, others tried to social-engineer the chatbot itself
  Nation-state goons and cybercrime rings are experimenting with Gemini to develop a "Thinking Robot" malware module that can rewrite its own code to avoid detection, and build an AI agent that tracks enemies' behavior, according to Google Threat Intelligence Group.…
  

• Rust Foundation tries to stop maintainers corroding
  Memory safety costs money: Maintainers Fund to directly pay developers for their work
  The Rust Foundation has launched a Maintainers Fund to support developers sustaining the language, addressing a long-standing challenge in open source software.…
  

• Snowflake goes all out to woo PostgreSQL developers with lakehouse extensions
  Buyers still struggling to differentiate data platforms in era of AI
  Cloud data platform vendor Snowflake has made its set of PostgreSQL extensions open source in a bid to help developers and data engineers integrate the popular open source database with its lakehouse system.…
  

• M&S pegs cyberattack cleanup costs at £136M as profits slump
  Retailer's tech systems aren’t down anymore, but the same can’t be said for its rocky financials
  Marks & Spencer says its April cyberattack will cost around £136 million ($177.2 million) in total.…
  

• Power crunch threatens to derail AI datacenter construction
  Supply chains also unprepared for liquid cooling demands
  A survey of datacenter professionals reveals that supply chain constraints and power availability are hampering the industry's efforts to scale datacenter capacity.…
  

• Famed software engineer DJB tries Fil-C… and likes what he sees
  A ‘three-letter person’ experiments with the new type-safe C, and is impressed
  Famed mathematician, cryptographer and coder Daniel J. Bernstein has tried out the new type-safe C/C++ compiler, and he's given it a favorable report.…
  

• UK agri dept spent hundreds of millions upgrading to Windows 10 – just in time for end of support
  After a £312M upgrade to the retiring OS, Defra still has 24,000 devices to replace
  The UK's Department for Environment, Food & Rural Affairs (Defra) has spent £312 million (c $407 million) modernizing its IT estate, including replacing tens of thousands of Windows 7 laptops with Windows 10 – which officially reached end of support last month.…
  

• Trump turnabout sees him re-nominate amateur astronaut Jared Isaacman to run NASA
  Ruled him out just six months ago due to Musky connections
  US president Donald Trump on Tuesday decided who he wants to lead NASA, despite having ruled out the same person six months ago.…
  

• Supermicro admits building AI infrastructure is a tricky, low-margin business ... for now
  Can’t rule out more revenue wobbles given the complexity of big projects
  Server-maker and designer Supermicro has promised to improve performance, after missing its guided revenue and revealing its margins aren’t strong.…
  

• Tanzania back online after politically motivated five-day outage
  Net access cut on election eve, resumed after widely-loathed president was sworn in after disputed poll
  The African nation of Tanzania has reconnected to the internet after a five day outage.…
  

• Amazon complains that Perplexity's agentic shopping bot is a terrible customer
  Perplexity likens Amazon's legal threat to an attempt to ban access to ... wrenches?
  Amazon.com has sent a cease and desist letter to Perplexity in which it insists the AI company prevent its Comet browser from making automated purchases on behalf of users.…
  

• Google imagines out of this world AI - running on orbital datacenters
  Chocolate Factory's latest moonshot aims to put AI supercomputing cluster in sun-sychronous orbit
  Google on Tuesday announced a new moonshot – launching constellations of solar-powered satellites packed to the gills with its home-grown tensor processing units (TPUs) to form orbital AI datacenters.…
  

• Uncle Sam wants to scan your iris and collect your DNA, citizen or not
  DHS rule would expand biometric collection to immigrants and some citizens linked to them
  If you're filing an immigration form - or helping someone who is - the Feds may soon want to look in your eyes, swab your cheek, and scan your face. The US Department of Homeland Security wants to greatly expand biometric data collection for immigration applications, covering immigrants and even some US citizens tied to those cases.…
  

• Copilot can replace Search in latest Windows 11 test builds, but it's not a good idea
  When you opt in, your taskbar becomes an extension of the Copilot app, but with some search added in
  hands on With Microsoft cramming Copilot into every nook and cranny of its software, it’s no surprise that everyone’s favorite AI assistant is now set to take over the search box. As of the latest Windows Insider Dev and Beta builds, the "Ask Copilot anything" box is available if you know how to switch it on.…
  

• Deploying to Amazon's cloud is a pain in the AWS younger devs won't tolerate
  They have no need to prove their bonafides
  Recently, I was spinning up yet another terribly coded thing for fun because I believe in making my problems everyone else's problems, and realized something that had been nagging at me for a while: working with AWS is relatively painful.…
  

• IBM cutting several thousand jobs in latest layoffs
  Resource Actions expected to hit half of US Infrastructure group
  IBM this week began notifying several thousand employees that they will be laid off, according to sources familiar with the matter. …
  

• UK judge delivers a 'damp squib' in Getty AI training case, no clear precedent set
  Experts disagree about what the ruling means for AI training on copyrighted material
  London's High Court has dismissed the major portions of Getty Images' lawsuit against generative AI firm Stability AI for training its image-generation model on copyrighted images, which some legal experts say could weaken intellectual property laws. However, others saw daylight for trademark and copyright protection in the judge's ruling.…
  

• Russian spies pack custom malware into hidden VMs on Windows machines
  Curly COMrades strike again
  Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving the spies long-term network access to snoop and deploy malware.…
  

• Consumer Financial Protection Bureau's security falls apart amid layoffs
  Security program fails to meet federal standards as government cuts drain resources
  The infosec program run by the US' Consumer Financial Protection Bureau (CFPB) "is not effective," according to a fresh audit published by the Office of the Inspector General (OIG).…
  

• Game on! Penguin levels up as Linux finally cracks 3% on Steam
  Only a point up in a year, but that’s a 50% leap for Linux gamers
  The latest edition of Valve's monthly Steam Hardware & Software Survey is out, showing a rise in Steam usage on Linux. Penguin likes to play!…
  

• Python slithers faster by adding lazy imports that load code after startup
  PEP 810 approved following lengthy debate among developer community
  Python programs are set to get faster startup times with PEP 810 "Explicit lazy imports," which allows scripts to defer loading imported libraries until they're actually needed rather than at startup.…
  

• Coders paired with bot buddies work fast, but take too many shortcuts
  Trust me bro, says GitHub Copilot. And programmers just... do
  Developers who "pair code" with an AI assistant stand to learn as much as they do in traditional human-human pairings, but also show a less critical attitude toward their silicon-based partner’s output, academics have found.…
  

• Tesla board wants to grant Musk $1T in stock, Norway wealth fund says nope
  Norges Bank Investment Management votes against excessive award, automaker's share price skids
  Norway's sovereign wealth fund has opposed Tesla CEO Elon Musk's proposed $1 trillion share award, which the carmaker's board says is necessary to retain him.…
  

• Win10 still clings to over 40% of devices weeks after Microsoft pulls support
  Popular operating system much more sticky than Windows 7 was during its EOL
  As the dust settles over the end of support for many versions of Windows 10, the operating system remains a significant presence in the Windows market.…
  

• Invasion of the message body snatchers! Teams flaw allowed crims to impersonate the boss
  Check Point lifts lid on a quartet of Teams vulns that made it possible to fake the boss, forge messages, and quietly rewrite history
  Microsoft Teams, one of the world's most widely used collaboration tools, contained serious, now-patched vulnerabilities that could have let attackers impersonate executives, rewrite chat history, and fake notifications or calls – all without users suspecting a thing.…
  

• $10B + spent on liquid cooling this week – it's only Tuesday
  Eaton and Vertiv splash cash as HPC infrastructure and AI factories run hot
  Liquid cooling tech is hot. It's only Tuesday and already infrastructure specialists have forked out more than $10 billion on companies proffering tech that promises to help ease energy bills of datacenter operators.…
  

• Cybercrooks getting violent more often to secure big payouts in Europe
  France-based victims hit especially hard, while UK named most-targeted country generally
  Researchers are seeing a "dramatic" increase in cybercrime involving physical violence across Europe, with at least 18 cases reported since the start of the year.…
  

• OpenAI API moonlights as malware HQ in Microsoft’s latest discovery
  Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel
  Hackers have found a new use for OpenAI's Assistants API – not to write poems or code, but to secretly control malware.…
  

• Keeping the lights on takes up nearly all police IT spending in England and Wales
  Plans for investing in AI and service transformation held up as treasury pulls plug, NAO finds
  Police forces in England and Wales spend around 97 percent of their £2 billion ($2.6 billion) annual technology budget on maintaining legacy systems, an official report has found.…
  

• 'What the hell, Microsoft?' Users hit with incorrect ESU and LTSC Win10 out-of-support messages
  Microsoft accidentally tells supported users that they aren't
  Microsoft says a broken update left some Windows 10 users staring at an out-of-support message despite having an activated Extended Security Updates (ESU) license or a version of Windows 10 that is still officially supported.…
  

• AI's trillion dollar deal wheel bubbling around Nvidia, OpenAI
  How to build a trillion-dollar industry: Step 1, invest in your customers. Step 2, sell them stuff
  Feature In late 2025, a series of multi-billion-dollar deals in the artificial intelligence sector is causing déjà vu among industry veterans. Money, computer chips, and cloud credits are rotating in a closed loop among a handful of companies: Nvidia, OpenAI, Microsoft, Oracle, AMD, CoreWeave, xAI, and a few others. This has fueled a trillion-dollar AI boom or bubble built on intertwined investments and contracts.…
  

• Ministry of Defence's F-35 blunder: £57B and counting
  Government spending watchdog eviscerates penny wise, pound foolish approach
  Britain's Ministry of Defence (MoD) is being criticized for undermining its F-35 stealth fighter program through years of short-term budget decisions that have increased long-term costs and left the fleet understrength and undercapable.…
  

• Google Cloud suspended customer's account three times, for three different reasons
  Experience leads company boss to decide 'I cannot rely on having a Google account for production use cases'
  The founder of a service that manages SSL certificates says Google Cloud has suspended his account three times, without good reason, and recommended not using the G-Cloud for serious workloads.…
  

• China's president Xi Jinping jokes about backdoors in Xiaomi smartphones
  South Korea's president laughed, so perhaps it was funny? Unlike China's censorship and snooping
  Chinese president Xi Jinping has joked that smartphones from Xiaomi might include backdoors.…
  

• LLMs are lousy at reading Asian languages, finds Singapore’s Grab
  Superapp company that chased Uber away built its own model to do the job right
  Proprietary large language models are bad at interpreting Asian languages, according to Singaporean super-app company Grab, which has built its own model instead.…
  

• FEX 2511 Delivers More Performance Improvements For Linux x86 Binaries On ARM64
  FEX 2511 is out today for this open-source emulator akin to Apple's Rosetta that allows running x86/x86+64 applications on ARM64. But in the case of FEX, for ARM64 Linux devices and akin to other open-source projects like Box64...

• More Intel Crescent Island Enablement Prepped For Linux 6.19
  Following Intel's disclosure less than one month ago of Crescent Island as a upcoming Xe3P graphics card with 160GB of vRAM focused on enterprise-level AI inferencing, Intel's open-source Linux graphics driver engineers have been quick to begin plumbing the Xe kernel graphics driver for this next-generation graphics card...

• Intel Xeon 6 Performance Feature Benchmarks: Latency Optimized Mode
  A new feature of Intel Xeon 6 "Birch Stream" platforms is the "Latency Optimized Mode" performance setting. The Intel Latency Optimized Mode will keep the uncore clock frequencies higher for more consistent performance but at the cost of increased power use. For those wondering about the performance and power impact, here are some comparison benchmarks of engaging this Latency Optimized Mode with Intel Xeon 6980P "Granite Rapids" server processors.

• Linux Patches Updated For Snapdragon X Elite Powered TUXEDO Elite 14 Gen1 Laptop
  In mid-2024, Bavarian PC vendor TUXEDO Computers began teasing a Snapdragon X Elite powered Linux laptop with hopes of having it available by Christmas 2024. As we approach Christmas 2025, there still are no immediate signs of this new ARM-based TUXEDO laptop soon shipping but there are signs of life still with new Linux kernel patches posted for enabling this Snapdragon X Elite laptop...

• Fwupd 2.0.17 Released With More Hardware Support & Features
  Days after the Linux Vendor Firmware Service celebrated 135 million firmware downloads, a new version of the Fwupd utility is now available for firmware updating systems and peripherals under Linux...

• Linux 6.19 To Support Additional Arm Mali & Vivante Graphics Hardware
  Sent out today to DRM-Next was the latest weekly batch of drm-misc-next patches for enhancing the various smaller Direct Rendering Manager drivers within the kernel. Included with this week's update is supporting some additional Mali and Vivante hardware as well as continuing to enhance the in-kernel accelerator "accel" drivers...

• GNOME Mutter Now "Completely Drops The Whole X11 Backend"
  The merge to GNOME Mutter has finally happened that "completely drops" the X11 back-end to make GNOME strictly focused on Wayland-based environments...

• LXQt 2.3 Released With Improved Wayland Support
  LXQt 2.3 is out today as the newest release of this lightwight, Qt-based desktop environment...

• 3mdeb Achieves Good Progress Porting Coreboot+OpenSIL To AMD Turin Motherboard
  Over the past few months the open-source firmware consulting firm 3mdeb has been porting Coreboot and AMD's new openSIL silicon initialization library to the Gigabyte MZ33-AR1. The Gigabyte MZ33-AR1 is a broadly available motherboard that supports the latest-generation AMD EPYC 9005 "Turin" server processors. 3mdeb has been fairly successful in their quest and an early demonstrator for openSIL...

• systemd-appd Is A New Component Being Planned By Flatpak Developers
  Given this week's release of Flatpak 1.17 for app sandboxing, open-source developer Sebastian Wick published a blog post on Tuesday around the latest Flatpak developments and a look ahead at some of the feature development planned. Arguably most significant of that is the plans for systemd-appd...

• AMD Contributes BFloat16 Support To LLVM9s SPIR-V Target
  AMD software engineers continue making interesting contributions to the LLVM compiler stack around SPIR-V as the IR used by Vulkan and other Khronos APIs...

• Benchmarking The AMD EPYC 9V64H: Azure HBv59s Custom AMD CPU With HBM3
  Nearly one year ago Microsoft announced the HBv5 virtual machines powered by a custom-designed AMD 4th Gen EPYC processor with high bandwidth memory (HBM3). Finally today the Azure HBv5 series is reaching general availability for those with memory-intensive HPC applications and other workloads. Microsoft kindly provided Phoronix with HBv5 access in advance to begin testing these new VMs with the AMD EPYC 9V64H CPUs featuring HBM memory, so here are some of the first independent benchmarks of these exciting processors powering Azure9s new HPC VM instances.

• Rust Foundation Maintainers Fund Announced For Long-Term Support To Rust Developers
  The Rust Foundation announced today the creation of the Rust Foundation Maintainers Fund as a new means of providing consistent, transparent, and long-term support for developers that make the Rust programming language possible...

• Linux 6.19 Will Finally Support Intel9s Adaptive Sharpness Filter "CASF" With Lunar Lake
  Going all the way back to early 2024, Intel Linux engineers have been working on supporting an Adaptive Sharpening Filter new to Lunar Lake. While Lunar Lake later launched in September 2024, the Linux patches for this feature remained under review and discussion. Besides the Intel driver implementation itself for Lunar Lake and newer, it also ushers in a new DRM sharpness property to help standardize such functionality for user-space that could be used by other kernel graphics drivers. Finally with the upcoming Linux 6.19 kernel, this Intel Content Adaptive Sharpness Filter "CASF" feature is being introduced to the mainline kernel...

• Open Container Initiative "OCI" Runtime Spec v1.3 Released With FreeBSD Support
  The Open Container Initiative unveiled today the OCI Runtime Specification v1.3 update for this standard around operating system process and application containers. This runtime specification continues to evolve for outlining the configuration, execution environment, and lifecycle of a container. Notable with the v1.3 revision is introducing official FreeBSD support...

• MIPS64EL & ARMEL Architectures Dropped In Debian Unstable/Experimental
  The ARMEL and MIPS64EL architectures have been dropped from Debian unstable and experimental. This is the end of the road for these aging ARM and MIPS targets in the Debian world...

• AMD9s Zen 5 RDSEED Issue Is Causing Headaches For Optimized CachyOS Builds
  AMD's RDSEED issue with Zen 5 processors that is in the process of being addressed with microcode/BIOS updates is in the interim causing headaches for Arch Linux powered CachyOS that provides optimized binaries for these latest Ryzen processors...

• Wild 0.7 Released For This Very Fast Linker Written In Rust
  Wild 0.7 released on Monday as the newest feature release for this very fast linker for Linux systems competing with Mold on x86_64 / ARM64 / RISC-V devices...

• Intel9s LLM-Scaler Updated With OpenAI9s GPT-OSS Model Support
  Back in August was the announcement of LLM-Scaler as part of Project Battlematrix. LLM-Scaler is a new Intel software project to provide optimized AI inference capabilities on Intel graphics hardware. A new beta release of LLM-Scaler "llm-scaler-vllm" is now available with expanded LLM model coverage...

• SUSE Provides U-Boot Support For The Raspberry Pi 5
  SUSE's hardware enablement team has worked through proper U-Boot support for the Raspberry Pi 5 single board computer...

• libinput 1.30-rc1 Released With Lua Plugin Support
  The libinput input handling library for the Linux desktop on both Wayland and X.Org based systems is rolling out Lua plug-in support. Out today is libinput 1.30-rc1 with the initial infrastructure for supporting plug-ins written in the Lua scripting language...

• Intel Preparing Linux Graphics Driver For Xe3P DisplayPort 2.1 ALPM Support
  Last month Intel's open-source Linux software engineers began sending out Xe3P_LPD display support in preparation for display capabilities with Nova Lake. Now being built out atop that is further functionality with the most recent talking point being DisplayPort 2.1 Advanced Link Power Management (ALPM)...

• Rust-Based Redox OS Gets Servo Web Engine Running - Sort Of
  The Rust-based Redox OS open-source operating system project is out with its October 2025 status report. Most notable is this Rust-based OS now having the Rust-based Servo web engine running... Albeit in extremely crude form at the moment...

• Linux 6.19 To Optimize Exiting To User-Space For Restartable Sequences
  Queued up in a TIP branch ahead of the Linux 6.19 merge window opening in about one month's time is optimizing the Restartable Sequences "RSEQ" code for its exit to user-space code path...

• Git 2.52-rc0 Starts Working On SHA1-SHA256 Interop, Hints For New Default Branch Name
  The first test release of the Git 2.52 distributed revision control system is now available. As has been a common trend, Git 2.52 is making further preparations in anticipation of the big Git 3.0 milestone...

• Flatpak 1.17 Adds Support For Sideloading From OCI Images, flatpak+HTTPS URIs
  Flatpak 1.17 is out today as the newest feature release for this Linux app sandboxing/distribution tech. Flatpak 1.17 brings a number of exciting new features...

• AMD Radeon AI PRO R9700 Offers Competitive Workstation Graphics Performance/Value
  Last week the AMD Radeon PRO R9700 officially began shipping for that new AI-minded workstation/professional graphics card built on RDNA4 and packing 32GB of RAM to accommodate large language models (LLMs) especially with multi-GPU configurations. While the focus of the product has been all about AI workloads, you may be wondering about the graphics capabilities of the Radeon AI PRO R9700 given the lack of any other "Radeon PRO 9000" series product at this point. In today9s testing is a look at the workstation graphics capabilities for the AMD Radeon AI PRO R9700.

• RadeonSI ACO vs. LLVM Backends For AMD Strix Halo
  With the RadeonSI Gallium3D driver now defaulting to the ACO compiler back-end for all Radeon GPUs rather than the conventional AMDGPU LLVM shader compiler back-end, I ran some quick comparison benchmarks on AMD Ryzen AI Max+ "Strix Halo" with Radeon 8060S Graphics for comparison...

• Linux 6.19 To Support Microsoft9s ACPI Fan Extensions
  A few weeks back I reported on Linux kernel patches surfacing for implementing Microsoft's ACPI Fan Extensions. This should help some HP devices and hardware from other OEMs for obtaining fan information reporting under Linux. The good news now is that the patches should be part of the upcoming Linux 6.19 kernel cycle...

• GCC 16 Lands Improved Memmove Behavior For x86/x86_64 CPUs
  H.J. Lu, a long-time compiler expert at Intel, merged today improved memmove() behavior for the GNU Compiler Collection ahead of the upcoming GCC 16 release...

• Devuan 6.0 Released For Debian 13 Without systemd
  Devuan 6.0 "Excalibur" is now available as the fork of Debian GNU/Linux without the use of systemd. Devuan 6.0 is Debian 13 but for "init freedom" lets you use either SysVinit, OpenRC, or Runit as the init system...

• Linux 6.19 Adding Support For The Line 6 POD HD Pro X Audio Effects Processor
  The upcoming Linux 6.19 kernel will add support for the Line 6 POD HD Pro X audio effects processor that has been in the market for several years now -- the past decade! -- but only now seeing the necessary additions for Linux support...

• A lost IBM PC/AT model? Analyzing a newfound old BIOS
  Some people not only have a very particular set of skills, but also a very particular set of interests that happen to align with those skills perfectly. When several unidentified and mysterious IBM PC ROM chips from the 1980s were discovered on eBay, two particular chips dumped contents posed particularly troublesome to identify. In 1985, the FCh model byte could only mean the 5170 (PC/AT), and the even/odd byte interleaving does point at a 16-bit bus. But there are three known versions of the PC/AT BIOS released during the 5170 familys lifetime, corresponding to the three AT motherboard types. This one here is clearly not one of them: its date stamps and part numbers dont match, and the actual contents are substantially different besides. My first thought was that this may have come from one of those more shadowy members of the 5170 family: perhaps the AT/370, the 3270 AT/G(X), or the rack-mounted 7532 Industrial AT. But known examples of those carry the same firmware sets as the plain old 5170, so their BIOS extensions (if any) came in the shape of extra adapter ROMs. Whatever`this`thing was  some other 5170-type machine, a prototype, or even just a custom patch  it seemed Id have to inquire within for any further clues. ↫ VileR at the int10h.org blog Ill be honest and state that most of the in-depth analysis of the code dumped from the ROM chips is far too complex for me to follow, but that doesnt make the story it tells any less interesting. Theres no definitive, 100% conclusive answer at the end, but the available evidence collected by VileR does make a very strong case for a very specific, mysterious variant of the IBM PC being the likely source of the ROMs. If youre interested in some very deep IBM lore, heres your serving.

• The Microsoft SoftCard for the Apple II: getting two processors to share the same memory
  We talked about the Z80 SoftCard, Microsofts first hardware product, back in 2023, but thanks to Raymond Chen and Nicole Branagan, weve got some more insights. The Microsoft Z-80 SoftCard was a plug-in expansion card for the Apple II that added the ability to run CP/M software. According to Wikipedia, it was Microsoft’s first hardware product and in 1980 was the single largest revenue source for the company. ↫ Raymond Chen at The Old New Thing And Chen links to an article by Branagan from 2020, which goes into even more detail. So there I was, very happy with my Apple ][plus. But then I saw someone on the internet post, and it seems that my Apple is an overpriced box with a toy microcontroller for a CPU, while real computers use an Intel 8080, 8085 or Zilog Z80 to run something called “CP/M”… but I’ve already spent so much money on the Apple, so can I turn it into a real computer? ↫ Nicole Branagan I have a soft spot for this particular subgenre of hardware  add-in cards that allow you to run an entirely different architecture inside your computer  and soon, Ill be diving into a particularly capable example here on OSNews.

• bluetui and restterm: two beautiful TUI applications
  Theres something incredibly enticing and retrofuturistic about a well-designed TUI, or text-based user interface. Theres an endless list number of these, but two crossed my path these past few days, and I found them particularly appealing. First, weve got bluetui, an application for managing Bluetooth connections on Linux systems with bluez installed. The second is resterm. Resterm is a terminal-first client for working with`HTTP,GraphQL, and`gRPC`services. No cloud sync, no signups, no heavy desktop app. Simple, yet feature rich, terminal client for .http/.rest files. It pairs a Vim-like-style editor with a workspace explorer, response diff, history, profiler and scripting so you can iterate on requests without leaving the keyboard. ↫ restterm GitHub page I dont use TUIs or the command line in general all that much, but these are two excellent examples of just how beautiful and user-friendly a good text-based user interface can really be. The command line is about a lot more than just archaic, cryptic incantations designed in the 1960s.

• Sculpt OS 25.10 released
  In the light of this years roadmap focus on rigidity, clarity, performance!, Sculpt OS 25.10 looks the same as the version 25.04 but might feel different as it includes countless under-the-hood improvements of the two preceding framework releases 25.05 and 25.08. User interaction on performance-starved platforms like the PinePhone has become visibly smoother thanks our recent CPU scheduling advances. The streamlined block-storage stack combined with various refinements of the package-installation mechanism make the on-target installation of 3rd-party components a bliss. Regarding supported hardware, we steadily follow the tireless work of the Linux kernel community. All PC driver components using Linux kernel code are now consistently based on kernel version 6.12. ↫ Sculpt OS 25.10 release announcement Theres also an optional brand new configuration format, which optionally replaces Scultps use of XML for this purpose. Norman Feske, one of the co-founders of Genode Labs, published an article detailing how to test this new format, which also goes much deeper into how it works. For Sculpt OS 25.10 release, Alexander Böttcher has also released an experimental image with five different kernel to choose from. The image is for PC, and works as a live system so theres no need to install it to explore Sculpt OS. Speaking of Alexander Böttcher, he also published an article about improvements and changes to Sculpt OS lockscreen component. This component has existed for a very long time, and has been improved considerably over the years, and Böttchers article details how to install it, configure it, and use it.

• Debian to add hard Rust dependency to APT
  It seems like a number of Debian ports are going to face difficult times over the coming months. Debian developer Julian Andres Klode has sent a message to the Debian mailing lists that APT will very soon start requiring Rust. I plan to introduce hard Rust dependencies and Rust code into APT, no earlier than May 2026. This extends at first to the Rust compiler and standard library, and the Sequoia ecosystem. In particular, our code to parse .deb, .ar, .tar, and the HTTP signature verification code would strongly benefit from memory safe languages and a stronger approach to unit testing. ↫ Julian Andres Klode The problem for a lot of architectures that Debian supports, in one way or another, is that Rust and its toolchain simply arent available for them. As such, Julian Andres Klode states, rather directly, that these architectures have about six months to get themselves a full Rust toolchain, or sunset their Debian ports. The Debian PA-RISC (hppa) and Alpha ports, for instance, do not have a Rust toolchain port, and most likely wont be getting one either, especially not within six months. The reasoning for moving towards a hard Rust dependency for APT is the same as it is in every other similar case: Debians and APTs developers want to be able to make use of modern tools and technologies, even if that means dead architectures get left behind. As much as I am a massive fan of retro-architectures like PA-RISC, I really dont want otherwise modern Linux distributions to eschew modern tools and technologies just because theyre not available for an architecture that died in 2005. I own and use the last and most powerful PA-RISC workstation running HP-UX as a retro platform, so I definitely care  but I really dont expect Debian or Fedora or whatever to waste any resources on supporting them if that means holding the distributions back for everyone else using it on actually modern platforms. If theres a large enough community of people around such architectures, theyll keep the Linux train running. If not, well, thats life.

• Microsoft breaks Task Manager in Windows 11, hard
  Lets take a look at how things are going at Microsoft, whose CEO claimed a few months ago that 30% of their code was generated by AI!. After installing Windows Updates released on or after October 28, 2025 (KB5067036), you might encounter an issue where closing Task Manager using the Close (X) button does not fully terminate the process. When you reopen Task Manager, the previous instance continues running in the background even though no window is visible. This results in multiple lingering instances of taskmgr.exe, consuming system resources and potentially degrading device performance. Additional instances appear as “Task Manager” in the Processes tab and as “Taskmgr.exe” in the Details tab. Although the impact is less if Task Manager is opened and closed a few times, many instances accumulated over time can cause noticeable slowdowns in other applications. ↫ The Windows Health Dashboard Well okay then.

• Configuring cwm on OpenBSD
  For those unfamiliar, cwm is the Calm Window Manager. It’s part of the OpenBSD base distribution as one of the native window managers, along with an old version of fvwm and the venerable twm. It’s pretty simple but surprisingly powerful, a floating window manager with some basic manual tiling. It’s keyboard-centric, has an application launcher and highly configurable menus. It uses groups rather than workspaces which provides a lot of flexibility. My configuration isn’t particularly groundbreaking, but it’s comfy and suits me well. I can happily live in it indefinitely, though I do split my time between cwm and Xfce with occasional forays into other window managers or Wayland compositors. This has nothing to do with cwm limitations and everything to do with me being curious and craving novelty. It’s cwm that I return to, because it’s entirely unsurprising and very capable, and also because it’s part of OpenBSD’s base so I know I’m dealing with software that’s been refined and audited and refined again. ↫ Antony Fox-Bramwell If you opt for a default installation of something like OpenBSD, without any additional desktop environments like Xfce, when you start X, youll be served with the default OpenBSD window manager: cwm, or the calm window manager. At first glance, it looks incredibly basic and, to most people, archaic and unusable, but what it lacks in sparkles and boondoggles it more than makes up for in flexibility and configurability. The problem, however, is that its not exactly intuitive to mold cwm into something that works for you. Articles like this one, by Antony Fox-Bramwell, function as great springboards into the world of configuring cwm. If you do an internet search for similar articles, youll find tons of other examples that can help you become more capable at configuring cwm. Most of us are probably just fine accepting something like KDE or Xfce, but if those just dont scratch your itch, diving into cwm could be just what youre looking for.

• V7 pwd, converted to modern POSIX systems
  This is a conversion of the original V7 pwd program for use on POSIX systems (tested primarily on Linux). This is mostly of historical interest  modern systems have a library routine or system call for getting the current directory, and dont need this. Ive attempted to make the minimum set of logic/functionality changes needed to make the program work, preserving the core of the original logic. Ive made slightly more aesthetic changes, to make reading easier for a post-standardization C speaker. ↫ Cliff L. Biffle Over on Fedi, Cliff L. Biffle provides more details as to why he undertook this project.

• AMD to enter ARM market with new Sound Wave! APU
  AMD is expanding its processor portfolio beyond the x86 architecture with its first ARM-based APU, internally known as “Sound Wave.” The chip’s existence was uncovered through customs import records, confirming several details about its design and purpose. Built with a BGA-1074 package measuring 32 mm × 27 mm, the processor fits within standard mobile SoC dimensions, making it suitable for thin and light computing platforms. It employs a 0.8 mm pitch and FF5 interface, replacing the FF3 socket previously used in Valve’s Steam handheld devices, further hinting at a new generation of compact AMD-powered hardware. ↫ Hilbert Hagedoorn at The Guru of 3D It only makes sense for AMD to enter the market for ARM SoCs, as its a whole section of the processor market theyre not tapping into. Even if they dont manage to compete with the best ARM processors out there, they can still serve the mid and lower end just fine.

• Removing obfuscation in Minecraft: Java Edition
  Gaming isnt something we talk about very often here on OSNews, but I think this piece of news is actually a rare piece of good, welcome news from this industry. Mojang, the Microsoft-owned company behind Minecraft, has announced its going to stop obfuscating the code behind the Java edition of Minecraft. A refresher: the Java edition of Minecraft is the original version of the game, which exists alongside the Bedrock Edition, which is written in C++. Both variants are kept more or less in sync with each other. The Java edition has historically been far more moddable, and comes with far fewer restrictions than the Bedrock Edition, which Microsoft maintains far tighter control over. Still, the modding scene around the Java Edition sprung up in spite of Mojang and Microsoft, not because of them, but over the years the modding scene has been embraced more and more by these two companies. The final step in this embrace comes today as Mojang will no longer obfuscate the code behind th Java Edition. Minecraft: Java Edition has been obfuscated since its release. This obfuscation meant that people couldn’t see our source code. Instead, everything was scrambled – and those who wanted to mod Java Edition had to try and piece together what every class and function in the code did.` But we encourage people to get creative both in Minecraft and with Minecraft – so in 2019 we tried to make this tedious process a little easier by releasing “obfuscation mappings”. These mappings were essentially a long list that allowed people to match the obfuscated terms to un-obfuscated terms. This alleviated the issue a little, as modders didn’t need to puzzle out what everything did, or what it should be called anymore. But why stop there? ↫ Minecraft website This is excellent news for the game, the wider modding community, and players. Minecraft is still a massively popular game, and making modding easier is very welcome, as for a lot of people, mods are what make Minecraft actually interesting. Its also rare to see a massive force in gaming making a positive step like this, so they deserve the few kudos.

• How did the Windows 95 user interface code get brought to the Windows NT code base?
  After the release of Windows 95, with its brand new and incredibly influential graphical user interface, it was only a matter of time before this new taskbar, Start menu, and everything else would make its way to Microsofts other operating system line, Windows NT. The development of Windows 95 more or less lined up with that of Windows NT 3.5, but it wouldnt be until Windows NT 4.0, released a little less than a year after Windows 95, that NT, too, would have the brand new user interface. Raymond Chen has published a blog post detailing the cooperation and interplay between the Windows 95 and Windows NT teams, and, as always with Chen, its a joy to read. Members of the Windows 95 user interface team`met regularly with members of the Windows NT user interface team`to keep them aware of what was going on and even get their input on some ideas that the Windows 95 team were considering. The Windows NT user interface team were focused on shipping Windows NT, but they appreciated being kept in the loop. During the late phases of the development of Windows 95, the Windows NT side of the house took a more active role in bringing the Windows 95 user interface to Windows NT. ↫ Raymond Chen at The Old New Thing Chen details there was a lot of code-sharing, to the point where the Windows 95 version of the GUI contained NT-specific code, and vice versa. This code-sharing was quite a lot less elegant than today with tools like git, since Microsofts own internal source code system called SLM (pronounced slime) did not support branches, so they had to regularly perform three-way merges manually. It was a different time, for sure. Anyway, its amazing how much of this ancient Microsoft lore couldve been lost to time, or shrouded in mystery, if it wasnt for someone like Raymond Chen regularly sharing the stories from Microsofts past.

• OpenIndiana 2025.10 released
  OpenIndiana, the Illumos distribution for general use, has released its latest snapshot release, and theres some really interesting things in there. To refresh your memory: Illumos is a fork of the final OpenSolaris release, based on Solaris 11, before Oracle closed Solaris back up. Its been in development ever since that fateful day back in 2010, and several Illumos distributions with unique identities have sprung up around the project. OpenIndiana is one of them, and functions like a rolling release with a snapshot release every six months. OpenIndiana 2025.10 was released today, and this snapshots changelog covers changes over the past six months. It comes with all the latest open source packages you would expect, like the latest or at least very recent versions of Firefox, Thunderbird, LibreOffice, and much more, but the GNOME version (44.4 from 2023) is definitely a bit outdated. Theres a ton new utilities written in Rust, and the usual bug and security fixes as well, like for crucial utilities such as OpenSSL and OpenSSH, and things like Python versions 3.14 3.13, 3.12, and 3.9. A particularly interesting bullet point is maintenance work and improvements for Sun Ray support, and the changelog notes that these little thin clients are still popular among their users. Im very deep into the world of Sun Rays at the moment, so reading that you can still use them through OpenIndiana is amazingly cool. Theres a Sun Ray metapackage that installs the necessary base components, allowing you to install Suns/Oracles original Sun Ray Server software on OpenIndiana. Even though MATE is the default desktop for OpenIndiana, the Sun Ray Server software does depend on a few GNOME components, so those will be pulled in. Ive definitely put this on my list, once Im done with my current Sun Ray deep dive on Solaris 10. If youre interested in SPARC support, theres quite a few machines that do work with the SPARC version of OpenIndiana, and recently, theres been a lot of progress on this front. Running the SPARC version on various servers can work, but desktop use, say, on a Sun Ultra 45, is a bit more problematic due to boot issues and a lack of graphics drivers. The work is ongoing, though, and theres been a ton of renewed interest.

• Windows to automatically suggest a memory scan after a blue screen
  Microsoft is introducing a new feature in Windows to better deal with blue screens of death. In the release notes for Windows 11 Insider Preview Build 26220.6982 (Dev Channel), the company detailed that after a user experiences a blue screen, Windows will automatically perform a memory scan. We’re introducing a new feature that helps improve system reliability. If your PC experiences a bugcheck (unexpected restart), you may see a notification when signing in suggesting a quick memory scan. If you choose to run it, the system will schedule a Windows Memory Diagnostic scan to run during your next reboot (taking 5 minutes or less on average) and then continue to Windows. If a memory issue is found and mitigated, you will see a notification post-reboot. ↫ Amanda Langowski at the Windows Blogs In its current iteration, this memory scan will trigger after every single error code to collect as much data as possible, but Microsoft states it will refine and narrow the number of error codes in the future. In addition, this feature will not be available on Arm64 and systems with Administrator Protection and/or BitLocker without Secure Boot. Lets hope this feature wont be a nuisance, but an actually useful feature that helps people uncover memory problems that otherwise remain undiagnosed.

• Python Software Foundation has bigger spine than big tech
  Back in January 2025, the Python Software Foundation applied for a $1.5 million grant from the US governments National Science Foundation, under the Safety, Security, and Privacy of Open Source Ecosystems program, to address structural vulnerabilities in Python and PyPI. After a lot of paperwork, their application was approved, but upon receiving the contractual agreement, the Python Software Foundation decided to back out. Why? We became concerned, however, when we were presented with the terms and conditions we would be required to agree to if we accepted the grant. These terms included affirming the statement that we “do not, and will not during the term of this financial assistance award, operate any programs that advance or promote DEI, or discriminatory equity ideology in violation of Federal anti-discrimination laws.” This restriction would apply not only to the security work directly funded by the grant, but to any and all activity of the PSF as a whole. Further, violation of this term gave the NSF the right to “claw back” previously approved and transferred funds. This would create a situation where money we’d already spent could be taken back, which would be an enormous, open-ended financial risk. In the end, however, the PSF simply can’t agree to a statement that we won’t operate any programs that “advance or promote” diversity, equity, and inclusion, as it would be a betrayal of our mission and our community. ↫ Loren Crary at the PSF blog The fact that this is news at all is a deeply sad state of affairs, but its great to see at least some organisations in tech still have a spine. In a world where tech giants and their sleazy CEOs are falling over each other to lather the US president in bribes and tasteless gifts, its refreshing to see someone passing up on what would be an enormous amount of money for them. The PSF operates on a budget of $5 million a year, so $1.5 million would be a massive boon for the effort. The efforts of the PSF regarding outreach have been incredibly successful over the years. PyCon US had 1% female speakers in 2011, 7% in 2012, 15% in 2013, 33% in both 2014 and 2015, and 40% in 2016. DEI! efforts usually just mean the gruntwork of reaching out to members of underrepresented groups within your community, and ensuring they feel welcome, safe, and respected. Monocultures tend to be self-destructive, whether were talking about operating systems or people. Having perspectives from people with different backgrounds, different life experiences, and different approaches is a massive net benefit to your organisation. Making efforts to foster such environments illegal is absolute batshit insanity, and Im glad that unlike cowards like Tim Cook or Sundar Pichai, the Python Software Foundation has a spine and is standing up for whats right.

• Id like to speak to the Bellcore ManaGeR
  I love it when I discover  usually through people smarter than I  an operating system or graphical user interface Ive never heard of. This time, weve got Bellcore MGR, as meticulously detailed by Nina Kalinina a few weeks ago. I love old computers, and I enjoy looking at old user interfaces immensely. I could spend a whole evening on installing an old version of MS Word and playing with it: Ah, look, how cute, they didnt invent scrollbars just yet!. A special place in my heart is taken by user interfaces that were historically significant and yet fell into relative obscurity (like Windows 2 or BTRON). This is why I absolutely had to try Bellcore MGR. An early windowing system (1984), it was made by the Bell Communications Research, and it looked like Plan 9s older sister. The system was distributed over the Usenet, ported to every conceivable Unix-like system, including Minix, Linux and Coherent, and  eventually  mostly forgotten. The only two videos on YouTube that have something to do with MGR have a bit over 1000 views combined, and dont really show it in the best light possible. And I think its a crying shame. ↫ Nina Kalinina The reference to Plan 9 is apt, as MGR definitely seems to function almost exactly like Plan 9s rio graphical user interface, including things like drawing a rectangle to open a new window. Rio is an acquired taste  to put it very mildly  and it seems MGR fits the same bill. Theres also $home movie, an entire video editor for MGR, which is honestly mind-blowing considering its running on a mere SPARCstation in the late 80s and early 90s. It has an incredibly unique UNIXy flavour: If you dont have 40 minutes to watch the tour, please do spend two minutes on this demo of the $HOME MOVIE! system. It is a suite of tools for the capture, editing and playback of window system sessions on a Sun Sparcstation! based on MGR. It is probably the most Unix way of making videos: the window manager dumps the rendering commands into a file, then the rendering commands can be altered with a set of small tools, some of which are in awk, and then these rendering commands can be packaged into a single demo. ↫ Nina Kalinina Kalinina had to more or less reverse-engineer its unique video format, too, but in doing so managed to upload the original demonstration of $movie home, narrated by its creator and created in $movie home itself, to YouTube. Kalinina also created and uploaded a ready-made hard disk image of Debian 0.93 with Bellcore MGR preinstalled for use in Qemu and 86Box.

• The Linux boot process: from power button to kernel
  You press the power button. A second later a wall of text scrolls by, or a logo fades in, and eventually Linux appears. What happens in between is not magic. It is a careful handshake between tiny programs and a very literal CPU. This part follows that handshake until the very first line of C code inside the Linux kernel runs. ↫ 0xkatos blog Exactly what it says on the tin.

• SUSE Dives into the Agentic AI Pool
  SUSE becomes the first open source company to adopt agentic AI with SUSE Enterprise Linux 16.
  

• Linux Now Runs Most Windows Games
  The latest data shows that nearly 90 percent of Windows games can be played on Linux.
  

• Fedora 43 Has Finally Landed
  The Fedora Linux developers have announced their latest release, Fedora 43.
  

• KDE Unleashes Plasma 6.5
  The Plasma 6.5 desktop environment is now available with new features, improvements, and the usual bug fixes.
  

• Xubuntu Site Possibly Hacked
  It appears that the Xubuntu site was hacked and briefly served up a malicious ZIP file from its download page.
  

• LMDE 7 Now Available
  Linux Mint Debian Edition, version 7, has been officially released and is based on upstream Debian.
  

• Linux Kernel 6.16 Reaches EOL
  Linux kernel 6.16 has reached its end of life, which means you'll need to upgrade to the next stable release, Linux kernel 6.17.
  

• Amazon Ditches Android for a Linux-Based OS
  Amazon has migrated from Android to the Linux-based Vega OS for its Fire TV.
  

• Cairo Dock 3.6 Now Available for More Compositors
  If you're a fan of third-party desktop docks, then the latest release of Cairo Dock with Wayland support is for you.
  

• System76 Unleashes Pop!_OS 24.04 Beta
  System76's first beta of Pop!_OS 24.04 is an impressive feat.
  

• Linux Kernel 6.17 is Available
  Linus Torvalds has announced that the latest kernel has been released with plenty of core improvements and even more hardware support.
  

• Kali Linux 2025.3 Released with New Hacking Tools
  If you're a Kali Linux fan, you'll be glad to know that the third release of this famous pen-testing distribution is now available with updates for key components.
  

• Zorin OS 18 Beta Available for Testing
  The latest release from the team behind Zorin OS is ready for public testing, and it includes plenty of improvements to make it more powerful, user-friendly, and productive.
  

• Fedora Linux 43 Beta Now Available for Testing
  Fedora Linux 43 Beta ships with Gnome 49 and KDE Plasma 6.4 (and other goodies).
  

• USB4 Maintainer Leaves Intel
  Michael Jamet, one of the primary maintainers of USB4 and Thunderbolt drivers, has left Intel, leaving a gaping hole for the Linux community to deal with.
  

• Budgie 10.9.3 Now Available
  The latest version of this elegant and configurable Linux desktop aligns with changes in Gnome 49.
  

• KDE Linux Alpha Available for Daring Users
  It's official, KDE Linux has arrived, but it's not quite ready for prime time.
  

• AMD Initiates Graphics Driver Updates for Linux Kernel 6.18
  This new AMD update focuses on power management, display handling, and hardware support for Radeon GPUs.
  

• AerynOS Alpha Release Available
  With a choice of several desktop environments, AerynOS 2025.08 is almost ready to be your next operating system.
  

• AUR Repository Still Under DDoS Attack
  Arch User Repository continues to be under a DDoS attack that has been going on for more than two weeks.