|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- [$] A struct sockaddr sequel
One of the many objectives of the LinuxKernel Self-Protection Project (KSPP), which just completed ten years ofwork, is to ensure that all array references can be bounds-checked,even in the case of flexible array members, the size of which is not knownat compile time. One of the most challenging flexible array members in thekernel is not even declared as such. Almost exactly one year ago, LWN looked at the effort to increase safety aroundthe networking subsystem's heavily used sockaddr structure. Oneyear later, Kees Cook is still looking for a way to bring this work to aclose.
- Security updates for Friday
Security updates have been issued by Debian (keystone and lxd), Fedora (docker-buildkit, firefox, gh, gitleaks, lasso, runc, and seamonkey), Mageia (perl-Authen-SASL, perl-Cpanel-JSON-XS, perl-Crypt-OpenSSL-RSA, perl-JSON-XS, python-flask-cors, python-py, python-setuptools, and ruby), Oracle (java-1.8.0-openjdk), SUSE (binutils, cargo-packaging, rust-bindgen, chromium, go-sendxmpp, helm, lasso, libxml2, openssh, openssh8.4, python-Django, python-Scrapy-doc, python311-Brotli, squid, tomcat10, and weblate), and Ubuntu (linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 and linux-xilinx-zynqmp).
- Two new stable kernels
Greg Kroah-Hartman has announced the release of the 6.17.8 and 6.12.58 stable kernels. Each contains animportant set of fixes. Users are advised to upgrade.
- Rust in Android: move fast and fix things (Google Security Blog)
The Google Security Blog has anew post on just how well the use of Rust is working out for theAndroid project.
We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android's C and C++ code. But the biggest surprise was Rust's impact on software delivery. With Rust changes having a 4x lower rollback rate and spending 25% less time in code review, the safer path is now also the faster one.
- Privilege escalation in LightDM Greeter by KDE (SUSE Security Team Blog)
The SUSE Security Team has published an in-deptharticle on its findings after reviewing a D-Bus service containedin LightDMGreeter by KDE (the lightdm-kde-greeter package)for addition to openSUSE Tumbleweed. The team found a privilegeescalation from the lightdm service user to root, aswell as other attack vectors in the service:
In agreement with upstream, we assigned CVE-2025-62876 to track thelightdm service user to root privilege escalation aspect described inthis report. The severity of the issue is low, since it only affectsdefense-in-depth (if the lightdm service user were compromised) andthe problematic logic can only be reached and exploited if triggeredinteractively by a privileged user.
The fixes are contained in the 6.0.4release of the project.
- Thunderbird 145 released
Version145 of the Thunderbird email client has been released. Notablechanges in this release include enabling DNS over HTTPS, support forMicrosoft Exchange via Exchange Web Services, and quite a few bugfixes. As of 145, the project is no longer shipping 32-bit binariesfor Linux on x86.
- [$] Another Fedora Flatpak discussion
Many distributions provide support out of the proverbial box forFlatpak packages, but Fedora is unusual in that it also provides, anddefaults, to its own repository of Fedora-built Flatpaks. This has beena source of confusion for Fedora users, who expect to get the Flatpakbuilt by the original developers and hosted on Flathub. It has also been a sourceof conflict with upstream projects, because users complain of bugs inFlatpak packages they are not responsible for. The situation has also frustrated someFedora developers, who would prefer to put Flathub's offeringsfirst. A new complaint that Fedora has apparently used manifestsfrom Flathub to build the packages for Fedora—without giving credit tothe original authors—has spurred discussions about Fedora'sFlatpaks once again. While no concrete changes are on the table, yet,there may be some movement toward addressing persistent complaints.
- Security updates for Thursday
Security updates have been issued by Debian (chromium and firefox-esr), Fedora (firefox, rubygem-rack, skopeo, and webkitgtk), Mageia (perl, perl-CPAN, perl-HTTP-Tiny, perl-Data-Entropy, perl-FCGI, perl-File-Find-Rule, perl-YAML-LibYAML, python-tornado, python-urllib3, python-pip, python3, and unbound), Oracle (ipa and kernel), Red Hat (container-tools:rhel8, krb5, openssl, pcs, podman, and runc), Slackware (mozilla), SUSE (binutils, kernel, netty, netty-tcnative, podman, python311-pdfminer, and tomcat11), and Ubuntu (bind9 and linux-aws-6.8).
- [$] LWN.net Weekly Edition for November 13, 2025
Inside this week's LWN.net Weekly Edition:
Front: FUSE performance; Magic kfuncs; Tails Linux; Direct I/O and modifying buffers; Working with bootable containers. Briefs: Kernel LLM policy; Firefox 145; FHS; Homebrew 5.0.0; Mastodon 4.5; Public-inbox 2.0.0; Pytest 9.0.0; Quote; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- Homebrew 5.0.0 released
Version5.0.0 of the Homebrew packagemanager for Linux and macOS has been released. Notable changes in thisrelease include download concurrency by default, official support for64-bit Arm on Linux, and more.
- [$] The intersection of unstable pages and direct I/O
Longtime LWN readers will have encountered the concept of "stable pages"before; it was first covered here nearly15 years ago. For the most part, the problem that stable pages weremeant to solve — preventing errors when user space modifies a buffer thatis under I/O — has been dealt with. Butrecent discussions show that there is one area where problems remain:direct I/O. There is some disagreement,though, over whether those problems are the result of user-space bugs andhow much of a performance price should be paid to address them.
- Security updates for Wednesday
Security updates have been issued by AlmaLinux (kernel, kernel-rt, and libtiff), Debian (kernel, libarchive, rust-sudo-rs, and squid), Fedora (chromium, dotnet8.0, forgejo, ruby, and webkitgtk), Oracle (bind, bind9.18, kernel, kernel-uek*, libtiff, and runc), Red Hat (firefox, kernel, and kernel-rt), Slackware (mozilla), SUSE (buildah, colord, containerd, kernel, lasso, libsoup, micropython, ongres-scram, openssh, proxy-helm, uyuni-tools, python-pdfminer.six, qatengine, qatlib, regclient, and runc), and Ubuntu (raptor and raptor2).
- Firefox 145 released
Firefox 145 has been released. Notablechanges in this release include note-takingfeatures for PDFs viewed in Firefox, enhancedprivacy protections, and the ability to access and manage passwords inthe sidebar. This release also drops support for 32-bit Linux systems.
- [$] Protecting privacy with Tails
Tails is an unusual Linuxdistribution developed by the Tor Project; itis designed to help users work around internet censorship and avoidsurveillance. It is a "portable" operating system that is meant to berun from a USB stick or ISO image and to leave no trace on thecomputer it was run on. Tails routes connections to the internet overthe Tornetwork and includes a selection of applications and toolssuited to working with sensitive documents, communicating securely,and preserving users' anonymity. The tradeoff, of course, is thatTails is less convenient and requires users to learn a new set oftools to avoid compromising their own security and anonymity. Tails 7.1 wasreleased in October, and it seemed like as good a time as any to takeit for a spin.
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (bind, expat, kernel, osbuild-composer, qt6-qtsvg, runc, valkey, and xorg-x11-server-Xwayland), Debian (incus), Fedora (cef and dotnet8.0), Mageia (strongswan), Red Hat (fence-agents and python-requests), SUSE (chromium, colord, erlang26, java-1_8_0-openjdk, libsoup, python-django, thunderbird, tiff, and warewulf4), and Ubuntu (intel-microcode and rust-sudo-rs).
- Fedora at Kirinyaga University Docs workshop
We did it again, Fedora at Kirinyaga university in Kenya. This time, we didn’t just introduce what open source is – we showed students how to participate and actually contribute in real time. Many students had heard of open source before, but were not sure how to get started or where they could fit. We […]
- GNU C Library Adds Linux "mseal" Function For Memory Sealing
Introduced last year in the Linux 6.10 kernel was the mseal system call for memory sealing to protect the memory mapping against modifications to seal non-writable memory segments or better protecting sensitive data structures. The GNU C Library has finally introduced its mseal function making use of this modern Linux kernel functionality...
- Wine 10.19 Released With More Improvements
Ahead of the Wine 11.0 code freeze beginning in early December, Wine 10.19 is out today as the newest bi-weekly development release for running Windows games and applications on Linux...
- ollama 0.12.11 Brings Vulkan Acceleration
ollama 0.12.11 released this week as the newest feature update to this easy-to-run method of deploying OpenAI GPT-OSS, DeepSeek-R1, Gemma 3, and other large language models. Exciting with ollama 0.12.11 is that it's now supporting the Vulkan API...
- To 'Infinity' ... and beyond: MX Linux 25 has arrived
Systemd-free option still available if you choose that downloadMX Linux 25 "Infinity" is now available, and the new version has some significant differences from the 2023 release, with things that used to be boot-time choices now more loaded pre-install decisions.…
- EROFS File-System Continues Attracting More Industry Players
The EROFS read-only file-system started by Huawei and now maintained by a growing number of contributors continues attracting even more interest. EROFS has exhibited much potential for mobile devices as well as container use-cases while proving itself to be quite robust since its mainlining back in 2019...
- Linux Looks To Remove SHA1 Support For Signing Kernel Modules
Patches posted to the Linux kernel mailing list this week are seeking to remove SHA1 support for signing of kernel modules. This is part of the larger effort in the industry for moving away from SHA1 given its vulnerabilities to hash collisions and superior hashing algorithms being available...
- Sony Killed This Game in 2024. Three Developers Reverse-Engineered It Back to Life
An anonymous reader shared this post from the gaming news site Aftermath: Concord, Sony Interactive Entertainment and Firewalk Studios' Overwatch-like shooter, was live for just two weeks before it was pulled offline. Though Concord certainly had some dedicated players, it didn't have many — which is why it may be surprising to hear that a group of players are reverse-engineering the game and its servers to bring it back to life. Publisher Sony removed Concord from stores and digital marketplaces, automatically refunded some, and, later, shut down Firewalk Studios. Two hundred or so people were laid off, and any hopes of Concord's return were dashed. Poor sales — estimated to be under 25,000 copies sold — and low player numbers marred the release. Firewalk Studios' game director Ryan Ellis said in a blog post that pieces of the game "resonated with players," but "other aspects of the game and [Concord's] initial launch didn't land the way [Firewalk Studios] intended." Concord wasn't a bad game, but it just didn't generate enough interest with enough players. Now, a group of three hobbyist reverse-engineers, who go by real, Red, and gwog online, are trying to make it playable again... "Sometimes there's enough of the server left in the game, that we can 'activate' that code and make the game believe it's a server," Red said. "We do pretty much always need to fill in the gaps though..." Concord used an anti-tamper software to keep people from cheating, which also creates a problem for people reverse engineering. It's "nearly impossible" to crack, Red said, so the group didn't — they found an exploit to "forcefully decrypt the game's code" to "restore the game and start working on servers...." It's not open to the public, but people can sign up for future tests. Even former Firewalk Studios employees have joined the server. They're excited to see Concord come back to life, too, the developers said. "Friday morning, a video of the playtest was posted to the Concord Reddit page," according to the article. (Though ironically by Friday night YouTube had had removed the video "due to a copyright claim by MarkScan Enforcement."
 
Read more of this story at Slashdot.
- Why Solarpunk Is Already Happening In Africa
Long-time Slashdot reader schwit1 shares a Substack post by economist/entrepreneur Skander Garroum:You know that feeling when you're waiting for the cable guy, and they said 'between 8am and 6pm, and you waste your entire day, and they never show up? Now imagine that, except the cable guy is 'electricity,' the day is '50 years,' and you're one of 600 million people. At some point, you stop waiting and figure it out yourself. What's happening across Sub-Saharan Africa right now is the most ambitious infrastructure project in human history, except it's not being built by governments or utilities or World Bank consortiums. It's being built by startups selling solar panels to farmers on payment plans. And it's working. Over 30 million solar products sold in 2024. 400,000 new solar installations every month across Africa. 50% market share captured by companies that didn't exist 15 years ago. Carbon credits subsidizing the cost. IoT chips in every device. 90%+ repayment rates on loans to people earning $2/day. And if you understand what's happening in Africa, you understand the template for how infrastructure will get built everywhere else for the next 50 years.
Read more of this story at Slashdot.
- Woman Pleads Guilty to Lying About Astronaut Accessing Bank Account From International Space Station
It was the first allegation of a crime committed in space — back in 2019. But by 2020 it had led tocharges of lying to federal authorities.And now a former Air Force intelligence officer "has pleaded guilty to lying to a federal agent," reports CNBC, "by falsely claiming that her estranged astronaut wife illegally accessed her bank account while aboard the International Space Station for six months, prosecutors in Houston, Texas, said Friday."The guilty plea by Summer Worden, 50, on Thursday comes more than five years after she was indicted in the space case for lying about actions by her wife, Anne McClain, a U.S. Army colonel, West Point graduate and Iraq war combat veteran, while they were in the midst of a divorce. The claim came at a time when Worden said that the couple was engaged in a custody battle over what Worden's then-6-year-old son, who had been conceived through in vitro fertilizationand carried by a surrogate... McClain was aboard the Space Station from December 2018 through June 2019. She recently commanded the SpaceX Crew-10 crew mission to the Space Station from March this year until August. Worden, who remains free on bond, is scheduled to be sentenced on February 12. She faces a maximum possible sentence of up to five years in prison.
Read more of this story at Slashdot.
- A 'Peak Oil' Prediction Surprise From the International Energy Agency
"The International Energy Agency's latest outlook signals that oil demand could keep growing through to the middle of the century," reports CNBC, "reflecting a sharp tonal shift from the world's energy watchdog and raising further questions about the future of fossil fuels."In its flagship World Energy Outlook, the Paris-based agency on Wednesday laid out a scenario in which demand for oil climbs to 113 million barrels per day by 2050, up 13% from 2024 levels. The IEA had previously estimated a peak in global fossil fuel demand before the end of this decade and said that, in order to reach net-zero emissions by 2050, there should be no new investments in coal, oil and gas projects... The IEA's end-of-decade peak oil forecast kick-started a long-running war of words with OPEC, an influential group of oil exporting countries, which accused the IEA of fearmongering and risking the destabilization of the global economy. The IEA's latest forecast of increasing oil demand was outlined in its "Current Policies Scenario" — one of a number of scenarios outlined by the IEA. This one assumes no new policies or regulations beyond those already in place. The CPS was dropped five years ago amid energy market turmoil during the coronavirus pandemic, and its reintroduction follows pressure from the Trump administration... Gregory Brew, an analyst at Eurasia Group's Energy, Climate and Resources team, said the IEA's retreat on peak oil demand signified "a major shift" from the group's position over the last five years. "The justifications offered for the shift include policy changes in the U.S., where slow EV penetration indicates robust oil [consumption], but is also tied to expected increases in petrochemical and aviation fuel in East and Southeast Asia," Brew told CNBC by email. "It's unlikely the agency is adjusting based on political pressure — though there has been some of that, with the Trump administration criticizing the group's supposed bias in favor of renewable energy — and the shift reflects a broader skepticism that oil demand is set to peak any time soon," he added... Alongside its CPS, the IEA also laid out projections under its so-called "Stated Policies Scenario" (STEPS), which reflects the prevailing direction of travel for the global energy system. In this assumption, the IEA said it expects oil demand to peak at 102 million barrels per day around 2030, before gradually declining. Global electric car sales are much stronger under this scenario compared to the CPS. The IEA said its multiple scenarios explore a range of consequences from various policy choices and should not be considered forecasts. Thanks to Slashdot reader magzteel for sharing the news.
Read more of this story at Slashdot.
- GM Wants Parts Makers To Pull Supply Chains From China
schwit1 shares a report from the Business Times: General Motors (GM) has directed several thousand of its suppliers to scrub their supply chains of parts from China, four people familiar with the matter said, reflecting automakers' growing frustration over geopolitical disruptions to their operations. GM executives have been telling suppliers they should find alternatives to China for their raw materials and parts, with the goal of eventually moving their supply chains out of the country entirely, the people said. The automaker has set a 2027 deadline for some suppliers to dissolve their China sourcing ties, some of the sources said. GM approached some suppliers with the directive in late 2024, but the effort took on fresh urgency this past spring, during the early days of an escalating US-China trade battle, the sources said.
Read more of this story at Slashdot.
- Scientists Confirmed What Is Inside Our Moon
alternative_right shares a report from ScienceAlert: A thorough investigation published in May 2023 found that the inner core of the Moon is, in fact, a solid ball with a density similar to that of iron. To figure it out once and for all, [astronomer Arthur Briaud of the French National Centre for Scientific Research in France] and his colleagues collected data from space missions and lunar laser-ranging experiments to compile a profile of various lunar characteristics. These include the degree of its deformation by its gravitational interaction with Earth, the variation in its distance from Earth, and its density. ... they found that the lunar core is very similar to that of Earth â" with an outer fluid layer and a solid inner core. According to their modeling, the outer core has a radius of about 362 kilometers (225 miles), and the inner core has a radius of about 258 kilometers (160 miles). That's about 15 percent of the entire radius of the Moon. The inner core, the team found, also has a density of about 7,822 kilograms per cubic meter. That's very close to the density of iron. [...] The research has been published in Nature.
Read more of this story at Slashdot.
- She Used ChatGPT To Win the Virginia Lottery, Then Donated Every Dollar
An anonymous reader quotes a report from the Washington Post: Winning the lottery isn't what brought Carrie Edwards her 15 minutes of fame. It was giving it all away. Standing alone in her kitchen one day in September, the Virginia woman was thunderstruck to discover she had won $150,000 in a Powerball drawing. As she was absorbing her windfall, she said, "I just heard as loud as you can hear God or whoever you believe in the universe just say, this is -- it's not your money." Then came a decision: She would donate it all to her three most cherished charities (source paywalled; alternative source). [...] Her journey to the lucky prize started when she walked into a 7-Eleven with a friend who wanted to buy two Powerball tickets. The jackpot for the Sept. 6 drawing was topping $1.7 billion, the second-largest amount ever. Edwards, 68, hardly ever played the lottery, but her friend was an active player who gave her two pieces of advice: Always buy a paper ticket, rather than getting them online. And the Powerball multiplier is a scam, don't do it. She ignored him on both accounts. She created a Virginia Lottery account on her phone. Then, instead of the typical strategies of using family birthdays and lucky numbers, she went to ChatGPT -- which she had only recently started using for research -- and asked, "Do you have any winning numbers for me?" "Luck is luck," replied the chatbot. Then it gave numbers that she plugged in -- paying the extra dollar for the Power Play to multiply anything she might win. She initially thought luck wasn't on her side when she didn't win the massive jackpot. But what she didn't realize is that she'd picked the "draw two" option, meaning her numbers were reentered for the next drawing. When she got a notification on her phone that she had won, she said, she thought it was a scam, or maybe she'd won something small, like $10. Just to satisfy her curiosity, she logged into her account and saw that she had matched four of the five numbers plus the Powerball in that second drawing. It would have been a $50,000 payout, but the multiplier tripled her winnings.
Read more of this story at Slashdot.
- YouTube TV and Disney Reach Deal Ending Two-Week Blackout of ESPN, ABC
YouTube TV and Disney have ended their two-week carriage standoff, restoring ESPN, ABC, and other Disney networks under a new multiyear deal. Variety reports: Under the new agreement, ESPN's full lineup of sports -- including content from ESPN Unlimited -- will be made available on YouTube TV to base-plan subscribers at no additional cost by the end of 2026. In addition, access to a selection of live and on-demand programming from ESPN Unlimited will be available inside YouTube TV. The deal also lets YouTube include the Disney+ and Hulu bundle as part of "select YouTube offerings." According to Disney, "select networks" will be included in various genre-specific packages that YouTube TV expects to launch in the future. [...] The deal supersedes their prior distribution agreement, inked in December 2021 after a two-day blackout.
Read more of this story at Slashdot.
- Apple's $230 iPhone Pocket Sells Out Nearly Immediately
Apple's limited-edition "iPhone Pocket" sold out almost instantly worldwide despite its $150-$230 price tag. Appleinsider reports: Longtime Apple users immediately saw the resemblance with the old iPod socks, and everyone saw the price. Apple and Japan's Issey Miyake fashion house partnered to create a limited edition iPhone Pocket, a stretched sock-like bag or shoulder strap. There was no denying that an iPhone in this Pocket looked snuggly. There was definitely no denying that the accessory was well designed. There's also no question that it was about as goofy as the iPod Sock from back the in the day. But there was every denying of the price. The iPhone Pocket came in a short version for $150, and a longer one for $230. For comparison, the Apple Watch SE starts at $250. As ever, though, if you liked it, if you had a use for it, and if you had the budget, there was no reason left not to buy. But if you have hesitated because of the cost, you are now out of luck. There are none left in the US.
Read more of this story at Slashdot.
- Five People Plead Quilty To Helping North Koreans Infiltrate US Companies
"Within the past year, stories have been posted on Slashdot about people helping North Koreans get remote IT jobs at U.S. corporations, companies knowingly assisting them, how not to hire a North Korean for a remote IT job, and how a simple question tripped up a North Korean applying for a remote IT job," writes longtime Slashdot reader smooth wombat. "The FBI is even warning companies that North Koreans working remotely can steal source code and extort money from the company -- money that goes to fund the North Korean government. Now, five more people have plead guilty to knowingly helping North Koreans infiltrate U.S. companies as remote IT workers." TechCrunch reports: The five people are accused of working as "facilitators" who helped North Koreans get jobs by providing their own real identities, or false and stolen identities of more than a dozen U.S. nationals. The facilitators also hosted company-provided laptops in their homes across the U.S. to make it look like the North Korean workers lived locally, according to the DOJ press release. These actions affected 136 U.S. companies and netted Kim Jong Un's regime $2.2 million in revenue, said the DOJ. Three of the people -- U.S. nationals Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis -- each pleaded guilty to one count of wire fraud conspiracy. Prosecutors accused the three of helping North Koreans posing as legitimate IT workers, whom they knew worked outside of the United States, to use their own identities to obtain employment, helped them remotely access their company-issued laptops set up in their homes, and also helped the North Koreans pass vetting procedures, such as drug tests. The fourth U.S. national who pleaded guilty is Erick Ntekereze Prince, who ran a company called Taggcar, which supplied to U.S. companies allegedly "certified" IT workers but whom he knew worked outside of the country and were using stolen or fake identities. Prince also hosted laptops with remote access software at several residences in Florida, and earned more than $89,000 for his work, the DOJ said. Another participant in the scheme who pleaded guilty to one count of wire fraud conspiracy and another count of aggravated identity theft is Ukrainian national Oleksandr Didenko, who prosecutors accuse of stealing U.S. citizens' identities and selling them to North Koreans so they could get jobs at more than 40 U.S. companies. According to the press release, Didenko earned hundreds of thousands of dollars for this service. Didenko agreed to forfeit $1.4 million as part of his guilty plea. The DOJ also announced that it had frozen and seized more than $15 million in cryptocurrency stolen in 2023 by North Korean hackers from several crypto platforms.
Read more of this story at Slashdot.
- Russia Imposes 24-Hour Mobile Internet Blackout For Travelers Returning Home
An anonymous reader quotes a report from The Record: Russian telecom operators have begun cutting mobile internet access for 24 hours for citizens returning to the country from abroad, in what officials say is an effort to prevent Ukrainian drones from using domestic SIM cards for navigation. "When a SIM card enters Russia from abroad, the user has to confirm that it's being used by a person -- not installed in a drone," the Digital Development Ministry said in a statement earlier this week. Users can restore access sooner by solving a captcha or calling their operator for identification. Authorities said the temporary blackout is meant to "ensure the safety of Russian citizens" and prevent SIM cards from being embedded in "enemy drones." The new rule has led to unexpected outages for residents in border regions, whose phones can automatically connect to foreign carriers. Officials advised users to switch to manual network selection to avoid being cut off.
Read more of this story at Slashdot.
- Logitech Reports Data Breach From Zero-Day Software Vulnerability
BrianFagioli writes: Logitech has confirmed a cybersecurity breach after an intruder exploited a zero-day in a third-party software platform and copied internal data. The company says the incident did not affect its products, manufacturing or business operations, and it does not believe sensitive personal information like national ID numbers or credit card data were stored in the impacted system. The attacker still managed to pull limited information tied to employees, consumers, customers and suppliers, raising fair questions about how long the zero-day existed before being patched. Logitech brought in outside cybersecurity firms, notified regulators and says the incident will not materially affect its financial results. The company expects its cybersecurity insurance policy to cover investigation costs and any potential legal or regulatory issues. Still, with zero-day attacks increasing across the tech world, even established hardware brands are being forced to acknowledge uncomfortable weaknesses in their internal systems.
Read more of this story at Slashdot.
- JPMorgan Chase Wins Fight With Fintech Firms Over Fees To Access Customer Data
According to CNBC, JPMorgan Chase has secured deals ensuring it will get paid by the fintech firms responsible for nearly all the data requests made by third-party apps connected to customer bank accounts. From the report: The bank has signed updated contracts with the fintech middlemen that make up more than 95% of the data pulls on its systems, including Plaid, Yodlee, Morningstar and Akoya, according to JPMorgan spokesman Drew Pusateri. "We've come to agreements that will make the open banking ecosystem safer and more sustainable and allow customers to continue reliably and securely accessing their favorite financial products," Pusateri said in a statement. "The free market worked." The milestone is the latest twist in a long-running dispute between traditional banks and the fintech industry over access to customer accounts. For years, middlemen like Plaid paid nothing to tap bank systems when a customer wanted to use a fintech app like Robinhood to draw funds or check balances. [...] After weeks of negotiations between JPMorgan and the middlemen, the bank agreed to lower pricing than it originally proposed, and the fintech middlemen won concessions regarding the servicing of data requests, according to people with knowledge of the talks. Fintech firms preferred the certainty of locking in data-sharing rates because it is unclear whether the current CFPB, which is in the process of revising the open-banking rule, will favor banks or fintech companies, according to a venture capital investor who asked for anonymity to discuss his portfolio companies. The bank and the fintech firms declined to disclose details about their contracts, including how much the middlemen agreed to pay and how long the deals are in force.
Read more of this story at Slashdot.
- Sam Altman Celebrates ChatGPT Finally Following Em Dash Formatting Rules
An anonymous reader quotes a report from Ars Technica: On Thursday evening, OpenAI CEO Sam Altman posted on X that ChatGPT has started following custom instructions to avoid using em dashes. "Small-but-happy win: If you tell ChatGPT not to use em-dashes in your custom instructions, it finally does what it's supposed to do!" he wrote. The post, which came two days after the release of OpenAI's new GPT-5.1 AI model, received mixed reactions from users who have struggled for years with getting the chatbot to follow specific formatting preferences. And this "small win" raises a very big question: If the world's most valuable AI company has struggled with controlling something as simple as punctuation use after years of trying, perhaps what people call artificial general intelligence (AGI) is farther off than some in the industry claim. "The fact that it's been 3 years since ChatGPT first launched, and you've only just now managed to make it obey this simple requirement, says a lot about how little control you have over it, and your understanding of its inner workings," wrote one X user in a reply. "Not a good sign for the future."
Read more of this story at Slashdot.
- Retail Traders Left Exposed in High-Stakes Crypto Treasury Deals
An anonymous reader shares a report: Executives are turning to a novel structure to fund crypto accumulation vehicles as investor appetite thins. They're called in-kind contributions, and they now account for a growing share of digital-asset treasury, or DAT, deals. Instead of raising cash to buy tokens in the open market, DAT sponsors contribute large slugs of their own crypto, often unlisted and hard to value. Digital-asset treasuries are a new breed of public company built to hold concentrated crypto positions. The structure surged in 2025 as small-cap firms, especially in biotech and mining, reinvented themselves as digital-asset proxies. Sponsors provide tokens or raise money to buy them, and the stock then trades as a kind of listed bet on crypto. For insiders, it's a shortcut to liquidity. For investors, a wager on upside. But not all DATs carry the same level of risk. Earlier deals raised money to buy tokens through regular markets, which offered at least some independent price check. In-kind contributions skip that step -- letting insiders decide what their tokens are worth, sometimes before the token even trades publicly. That shift means pricing and trading risks land more squarely on shareholders, many of them retail investors. Investor faith is already wobbling. Many DATs that once traded above the value of their holdings now trade below it. As insiders supply the tokens and set their price, it's becoming harder for investors to tell what these deals are really worth, or when to get out. The in-kind structure was on full display in a recent $545 million private placement by Tharimmune Inc., a biotech firm-turned-crypto proxy, to set up a buyer of Canton Coins. About 80% of the raise came in the form of unlisted Canton tokens, priced at 20 cents each, according to an investor presentation seen by Bloomberg News. The token began trading on exchanges Nov. 10 and is now around 11 cents, CoinGecko data show. More deals are following the same template. In these placements, insiders contribute tokens -- sometimes illiquid or unlisted -- to form a treasury, lock in valuations and seed the perception of market demand. But when tokens list below deal price, public shareholders absorb the difference. [...] Then there's Flora Growth Corp., a Nasdaq-listed company that announced a $401 million deal to start acquiring Zero Gravity tokens in September. On closer inspection, the firm had raised just $35 million in cash to pair with a $366 million in-kind contribution of then-unlisted 0G tokens. Those tokens were priced at around $3 a piece; they subsequently listed, and are now trading at about $1.20.
Read more of this story at Slashdot.
- Apple’s new 15% mini-app deal finally gets Tencent to cut Cupertino in
When is an app not an app? When it’s a mini app inside another app
Apple has cut its take to 15 percent on purchases inside mini apps running within other iOS apps, and reached a parallel agreement with Tencent that brings WeChat's vast mini-program ecosystem into its revenue net.…
- Researchers find hole in AI guardrails by using strings like =coffee
Who guards the guardrails? Often the same shoddy security as the rest of the AI stack
Large language models frequently ship with "guardrails" designed to catch malicious input and harmful output. But if you use the right word or phrase in your prompt, you can defeat these restrictions.…
- Crims poison 150K+ npm packages with token-farming malware
Amazon spilled the TEA
Yet another supply chain attack has hit the npm registry in what Amazon describes as "one of the largest package flooding incidents in open source registry history" - but with a twist. Instead of injecting credential-stealing code or ransomware into the packages, this one is a token farming campaign.…
- Now you can share your AI delusions with Group ChatGPT
Just when you thought virtual collaboration couldn’t get worse, OpenAI stuffs a bot into your group conversations
Feel like your team's group chat is a bit lifeless? Remote coworkers not really collaborating as well as they should be? There's a new way to stir the pot now that OpenAI has piloted ChatGPT group chats: cram a chatbot into the conversation and let it chime in whenever it thinks it should.…
- AMD grabs more x86 share as Intel stumbles in entry-level chips
Mercury Research blames stockpiling and low-end shortages for unusually flat CPU market
AMD continues to claw market share away from Intel in CPU shipments, growing faster than its rival in most segments. Meanwhile business in the x86 processor arena is unusually flat overall, likely due to stockpiling over tariff fears.…
- Project Kuiper becomes Amazon Leo as satellite network trickles into orbit
Starlink challenger drops the codename, but full-blown service still years out
Amazon has rebranded its satellite broadband plan from Project Kuiper to Amazon Leo. And no, Leo doesn't stand for "Late Entrants Only," even though the project is years behind Starlink and still not ready for anyone to use.…
- GPU goliaths are devouring supercomputing – and legacy storage can't feed the beast
VDURA boss: Your x86 clusters are obsolete, metadata is eating 20% of I/O, and every idle GPU second burns cash
The supercomputing landscape is fracturing. What once was a relatively unified world of massive multi-processor x86 systems has splintered into competing architectures, each racing to serve radically different masters: traditional academic workloads, extreme-scale physics simulations, and the voracious appetite of AI training runs.…
- Shenzhou-20 crew rides Shenzhou-21 home after debris strike
Original spacecraft deemed unsafe after cracks spotted in window
The Shenzhou-20 astronauts have returned to Earth on the Shenzhou-21 spacecraft after engineers deemed the Shenzhou-20 vehicle unsafe following a debris strike while it was docked to the Tiangong space station.…
- Report blasts UK Ministry of Defence over Afghan data-handling failures
Public Accounts Committee tears into department responsible for the most dangerous breach in British history
The UK Parliament's Public Accounts Committee (PAC) says the Ministry of Defence (MoD) has failed to appropriately improve its data protection mechanisms, three years after the infamous 2022 Afghan data breach.…
- UK tribunal says reselling Microsoft licenses is A-OK
Windows giant disagrees and plans to appeal
Microsoft's attempt to claim that its software can't be resold has hit a wall at the UK Competition Appeal Tribunal, which decided that Office having clipart does not mean customers can't sell their licenses on.…
- Chinese web giant Tencent can't buy all the GPUs it wants
Getting by with a meager $2 billion quarterly capex – vastly less than rivals, but still cashing in on AI
Chinese web giant Tencent’s capital expenditure is slowing and the company expects it will decelerate further due to its inability to buy all the GPUs it wants.…
- Chinese spies told Claude to break into about 30 critical orgs. Some attacks succeeded
Anthropic dubs this the first AI-orchestrated cyber snooping campaign
Chinese cyber spies used Anthropic's Claude Code AI tool to attempt digital break-ins at about 30 high-profile companies and government organizations – and the government-backed snoops "succeeded in a small number of cases," according to a Thursday report from the AI company.…
- Happy holidays: AI-enabled toys teach kids how to play with fire, sharp objects
Consumer advocacy researchers at PIRG tested four AI toys, and none of them passed muster
Picture the scene: It's Christmas morning and your child is happily chatting with the AI-enabled teddy bear you got them when you hear it telling them about sexual kinks, where to find the knives, and how to light matches. This is not a hypothetical scenario. …
- Firefox adds AI Window, users want AI wall to keep it out
Browser maker scolds AI objectors, "The web is changing, and sitting it out doesn’t help anyone"
Mozilla is apparently a lot more excited about adding AI features to Firefox than its community. The org has decided that AI deserves its own new environment in the browser, a move its fans met with withering criticism.…
- Ransomed CTO falls on sword, refuses to pay extortion demand
Checkout.com will instead donate the amount to fund cybercrime research
Digitial extortion is a huge business, because affected orgs keep forking over money to get their data back. However, instead of paying a ransom demand after getting hit by extortionists last week, payment services provider Checkout.com donated the demanded amount to fund cybercrime research.…
- States that aren't nice to ICE still sharing key database full of personal info
Lawmakers warn of ‘information gap’ lets immigration agents sidestep states’ data safeguards
Democratic lawmakers say some states that don't want to assist Immigration and Customs Enforcement (ICE) may be unintentionally allowing the agency access to residents' driver and criminal records through a law-enforcement data network.…
- AI pilots keep crashing, mostly because firms skip the prep, survey finds
Under a third of PoCs make it past testing, but those that do often boost productivity
It is the best of AI times; it is the worst of AI times, depending on whom you ask. Nearly a third of firms are seeing almost total failure of their AI proof-of-concept (PoC) projects, while 46 percent are successfully moving more than 10 percent of theirs into operational use.…
- ERP carnage continues as orgs jump in unprepared
Lack of executive backing, unrealistic plans, and muddled goals remain recipe for failure
In Barcelona this week, consultancy Gartner once again tried to answer one of the perennial questions in IT: what is it about ERP projects that makes them so likely to fail?…
- Britain's first small modular reactors to be built in Wales
Government picks Wylfa on Anglesey for initial trio of units, but power unlikely before mid-2030s
The UK will build its first small modular reactor (SMR) nuclear plant at Wylfa on Anglesey, an island off northwest Wales - but it won't generate power until the mid-2030s.…
- Geopolitics push European CIOs to think local on cloud
Majority of customers plan to favor domestic providers as sovereignty fears rise
A survey of CIOs and tech leaders in Western Europe has found 61 percent want to increase their use of local cloud providers amid global geopolitical uncertainty.…
- London left buffering as Hyperoptic backup link refuses to boot
Broadband provider says damaged fiber and dormant failover path knocked customers offline for nearly 24 hours
Updated UK broadband provider Hyperoptic learned the importance of testing backup systems this week after the service went dark for customers in London.…
- NHS supplier ends probe into ransomware attack that contributed to patient death
Synnovis's 18-month forensic review of Qilin intrusion completed, now affected patients to be notified
Synnovis has finally wrapped up its investigation into the 2024 ransomware attack that crippled pathology services across London, ending an 18-month effort to untangle what the NHS supplier describes as one of the most complex data reconstruction jobs it has ever faced.…
- Networking students need an explanation of the internet that can fit in their heads
Networks have changed profoundly, except for the parts that haven’t
Systems Approach When my colleague and co-author Bruce Davie delivered his keynote at the SIGCOMM conference, he was asked a thought-provoking question: How should we think about educating the next generation of students about networking, given how different and more complex the internet is today?…
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
- Xen 4.19 is released
Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
The post Xen 4.19 is released appeared first on Linux.com.
- Advancing Xen on RISC-V: key updates
At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]
The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.
- Mesa 25.3 Released With Many Open-Source Vulkan Driver Improvements
Mesa 25.3 is out tonight as the newest quarterly feature release to this set of (predominantly) OpenGL and Vulkan drivers widely used across Linux systems. Mesa 25.3 features numerous Vulkan extensions added to the different open-source drivers, continued enhancements to the OpenGL drivers, and various other changes...
- Wine 10.19 Released With More Improvements
Ahead of the Wine 11.0 code freeze beginning in early December, Wine 10.19 is out today as the newest bi-weekly development release for running Windows games and applications on Linux...
- AMD GCN 1.0/1.1 GPUs Will Default To AMDGPU Driver In Linux 6.19, SMART POWER OLED Added
Sent out today is likely the last batch of AMDGPU kernel graphics driver feature updates ahead of the Linux 6.19 merge window getting underway around the start of December. And it's an exciting one too from adding a new SMART POWER OLED feature to switching from the Radeon to AMDGPU drivers by default for aging GCN 1.0 Southern Islands and GCN 1.1 Sea Islands GPUs...
- ollama 0.12.11 Brings Vulkan Acceleration
ollama 0.12.11 released this week as the newest feature update to this easy-to-run method of deploying OpenAI GPT-OSS, DeepSeek-R1, Gemma 3, and other large language models. Exciting with ollama 0.12.11 is that it's now supporting the Vulkan API...
- AMD GAIA 0.13 Released With New AI Coding & Docker Agents
AMD's GAIA open-source project as a reminder is their "Generrative AI Is Awesome" quick-setup solution for demonstrating generative AI use on AMD hardware platforms with Ryzen CPUs, Radeon GPUs, and/or Ryzen AI NPUs. GAIA is predominantly Microsoft Windows focused but recently they did introduce limited support for Linux that is currently bound to Vulkan-accelerated GPU support. Out today is AMD GAIA 0.13 as another step forward for this AI demonstrator...
- Nouveau Driver To Support Larger Pages & Compression Support With Linux 6.19
While the "Nova" driver continues to be developed as a modern Rust-written, open-source and in-kernel NVIDIA graphics driver for Linux, for the time being Nouveau is what's working for end-users for those wanting a mainline open-source NVIDIA graphics driver for gaming and other workloads. With Linux 6.19 the Nouveau driver is picking up support for handling larger pages as well as compression support...
- GNU C Library Adds Linux "mseal" Function For Memory Sealing
Introduced last year in the Linux 6.10 kernel was the mseal system call for memory sealing to protect the memory mapping against modifications to seal non-writable memory segments or better protecting sensitive data structures. The GNU C Library has finally introduced its mseal function making use of this modern Linux kernel functionality...
- Mainline Linux Patches For The VisionFive 2 Lite: RISC-V For As Little As $19.9 USD
Following the mainline Linux kernel support for the VisionFive 2 RISC-V single board computer from StarFive, Linux kernel patches are on the way for their new VisionFive 2 Lite low-cost offering. With the StarFive VisionFive 2 Lite this RISC-V board can be procured for as little as $19.9 USD as one of the cheapest yet fairly capable RISC-V SBCs...
- The Headaches Supporting Content Protection With Linux GPU Drivers
Intel driver engineer Suraj Kandpal presented at the recent X.Org Developer's Conference (XDC2025) on the challenges around supporting content protection on Linux such as for High-bandwidth Digital Content Protection (HDCP) and Protected Audio Video Path (PAVP)...
- EROFS File-System Continues Attracting More Industry Players
The EROFS read-only file-system started by Huawei and now maintained by a growing number of contributors continues attracting even more interest. EROFS has exhibited much potential for mobile devices as well as container use-cases while proving itself to be quite robust since its mainlining back in 2019...
- New Patch Moves AMD GCN 1.0 GPUs Over To AMDGPU Driver By Default
Following the recent patch proposal for moving AMD GCN 1.1 generation GPUs over to the AMDGPU Linux driver by default in place of the legacy Radeon driver, a similar patch has now been proposed for the GCN 1.0 graphics processors. AMD GCN 1.0/1.1 GPUs are at parity with the AMDGPU driver to the Radeon driver while needing this newer kernel driver for enjoying RADV Vulkan support, better performance, and overall a better experience...
- Possible Setback For Linux x86_64 Laptops: Prominent Developer Joins Qualcomm
Back in early September we reported on a Linux hardware enablement leader planning to leave Red Hat. Hans de Goede has been a longtime contributor to improving Intel/AMD Linux desktop/laptop hardware support and in fact an x86 platform drivers subsystem maintainer. We now found out where this lead Linux x86 driver developer ended up: Qualcomm...
- The Incredible Evolution Of AMD EPYC HPC Performance Shown In The Azure Cloud
Last week the Microsoft Azure HBv5 instances reached general availability as powered by the custom EPYC 9V64H CPUs with HBM3 memory. These very interesting EPYC processors for memory bandwidth intensive workloads were announced last year while have finally reached GA with jaw-dropping results for software able to take advantage of the 6.7 TB/s memory bandwidth thanks to the HBM memory. The Azure HBv5 benchmarks last week showed how they compare to prior generation HBv4 instances while this article is taking things further and putting the performance into perspective against the older HBv2 and HBv3 instances.
- Linux Looks To Remove SHA1 Support For Signing Kernel Modules
Patches posted to the Linux kernel mailing list this week are seeking to remove SHA1 support for signing of kernel modules. This is part of the larger effort in the industry for moving away from SHA1 given its vulnerabilities to hash collisions and superior hashing algorithms being available...
- RadeonSI OpenGL Mesh Shader Support Is Now Completed For Mesa 26.0
For next quarter's Mesa 26.0 release, the AMD RadeonSI Gallium3D driver will present OpenGL mesh shaders support. It's been a long journey from the GL_EXT_mesh_shader extension being crafted and merged to wiring up the Mesa driver support while now it's in place for the AMD Radeon Linux graphics driver...
- Framework Laptop 16 Upgrade To AMD Ryzen AI 300 Series Benchmarks
Framework Computer announced back in August that the Framework Laptop 16 would be rolling out upgrades to the AMD Ryzen AI 300 series and a GeForce RTX 5070 graphics option. Today the review embargo lifts on these new Framework 16 laptop upgrades and some Linux benchmarking of the new hardware.
- Using Rust in Android speeds up development considerably
Google has been using Rust in Android more and more for its memory safety characteristics, and the results on that front were quite positive. It turns out, however, that not only does using Rust reduce the number memory safety issues, it�s also apparently a lot faster to code in Rust than C or C++. We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code. But the biggest surprise was Rust�s impact on software delivery. With Rust changes having a 4x lower rollback rate and spending 25% less time in code review, the safer path is now also the faster one. ↫ Jeff Vander Stoep at the Google Security Blog When you think about it, it actually makes sense. If you have fewer errors of a certain type, you�ll spend less time fixing those issues, time which you can then spend developing new code. Of course, it�s not that simple and there�s a ton more factors to consider, but on a base level, it definitely makes sense. Spellcheck in word processors means you have to spend less time detecting and fixing spelling errors, so you have more time to spend on actually writing. I�m sure we�ll all be very civil about this, and nobody will be weird about Rust at all.
- Haiku gets new guarded heap for the kernel
Another month, another Haiku activity report, and this time we�ve got a major change under the hood: a brand new guarded heap. The old guarded heap was suboptimal and had started to lag behind, so the new one attempts to rectify some of these shortcomings. So, to rectify these limitations, I rewrote the kernel guarded heap more or less from scratch, taking the old code into account where it made sense but otherwise creating entirely new bookkeeping structures, interacting directly with the page table and virtual memory systems, and more. This new guarded heap implementation frees physical pages when not in use, meaning that the “virtual memory reuse disabled” mode now runs for quite long periods of time (indeed, I could successfully boot to the desktop and run compile jobs.) It also prints more diagnostics when kernel panics due to memory faults inside the heap happen, which the old kernel guarded heap didn’t (but the userland one has always done). ↫ Haiku�s activity report for October The new guarded heap is optional for now, but Haiku is planning on releasing some pre-built test builds so users can start testing it out. Of course, this isn�t the only change or improvement from this past month � the list of changes is long, but there�s no real tentpole features here. Haiku�s development pace is still very much on track.
- Google cancels plans to require Android application certification outside of the Play Store
Only a few months ago, Google announced it was going to require that all Android applications � even those installed outside of the Play Store � had to be verified. This led to a massive backlash, and it seems our protests and complaints have had effect: the company announced a change in plans today, and will, in fact, not require certification for installing applications outside of the Play Store. Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn�t verified. We are designing this flow specifically to resist coercion, ensuring that users aren�t tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands. We are gathering early feedback on the design of this feature now and will share more details in the coming months. ↫ Matthew Forsythe Director at the Android Developers Blog While this is great news, I�m still concerned this is only temporary. Companies like Google have a tendency to announce some draconian measure to test the waters, walk it back in response to backlash, only to then reintroduce it through some sneaky backdoor a year later when nobody�s looking. Installing whatever we want on the devices we own should be a protected right, not something graciously afforded to us by our corporate overlords. If you think this is the end of this story, you�re a fool.
- Big news for small OpenBSD /usr partitions
Ever ran into issues using sysupgrade on OpenBSD because /usr ran out of space? OpenBSD developers are trying to address this issue. Firstly, Stuart Henderson (sthen@) modified the installer to increase free space prior to installing. Theo de Raadt (deraadt@) modified sysupgrade(8) so that, if space is too tight, it will fail gracefully rather than risk leaving the administrator with a broken system. ↫ OpenBSD Journal These are very welcome additions.
- Valve brings x86 gaming to ARM Linux with FEX
Valve announced a few new devices yesterday. There�s a new Steam console, which is essentially just a tiny PC with SteamOS installed � think of it as a Steam Deck without a display. Second, Valve finally released a new Steam Controller to go with the Steam console, which has taken them long enough. Lastly, there�s a brand new Steam VR headset, the Steam Frame. Other websites with actual access to these new devices will do a better job of covering them than I ever could, but I do want to highlight something crucially important about the Steam Frame: it contains a Snapdragon ARM processor, but can still run Steam and all of its games. How does this work? Well, after developing Proton to allow Windows games to run on Linux, Valve introduced! FEX, which will allow you to run x86 Windows games on ARM Linux. I put the quotation marks there because FEX was an existing project Valve invested heavily into in recent times, and it�s now at the point where Valve seems confident enough it will be capable of running enough x86 games on ARM Linux. As such, the Steam Frame runs full SteamOS with KDE Plasma, you can run x86 Steam games, and as an additional bonus, you can install Android APKs as well. I�ve yet to even try VR, because I�m not particularly interested in buying into any locked-down platform. The Steam Frame may be the first VR device I�ll buy � depending on price, of course � and the Steam console definitely looks like a great addition to the living room, too. My wife and I have little to no interesting in buying an Xbox or PS5, but having easy, no-hassle access to our massive Steam libraries on our TV will be awesome.
- VMS/XDE: an OpenVMS x86 development environment for Linux and Windows/WSL
VMS/XDE is an OpenVMS x86 development environment for Linux and WIndows (via WSL). It provides a familiar user experience for OpenVMS developers working in Linux and Windows yet offers 100% binary and file system compatilibilty with OpenVMS. VMS/XDE includes OpenVMS V9.2-3 user, supervisor and executive mode operating system environments and a set of x86 native compilers and layered products geared towards OpenVMS software development and testing. ↫ VMS/XDE website VMS/XDE is a beta version, and comes with the usual annoying OpenVMS x86 time bombs, this time exploding on 3 January 2026. If you intend to use the finalised commercial version after the beta period ends, you�ll have to employ the same licenses as regular OpenVMS. It�s a bit of a mess, but that�s the OpenVMS way, sadly � and I don�t blame them, either, as I�m sure they�re hamstrung by a ton of agreements and restrictions imposed upon them by HP. Regardless, VMS/XDE brings a zero setup OpenVMS environment to the operating system you�re already using, making it easier to develop and cross-compile for the platform. I still have absolutely no clue just how many people OpenVMS is still relevant for, but I absolutely adore the fact VMS Software Inc. is working on this. In a world where so many of its former competitors are being held hostage by corporate indifference, it�s refreshing to see VMS still moving forward.
- Plasma Mobile 6.5 keeps improving
As part of the KDE Plasma 6.5 release, we also got a new release of Plasma Mobile. As there�s a lot of changes, improvements, and new features in Plasma Mobile 6.5, the Plasma Mobile Team published a blog post to highlight them all. The biggest improvement is probably the further integration of Waydroid, a necessary evil to run Android applications until the Plasma Mobile ecosystem manages to become a bit more well-rounded. Waydroid can now be managed straight from the settings application and the quick settings dropdown. Furthermore, the lockscreen has been improved considerably, there�s been a ton of polish for the home screen and the user interface in general, the quick settings panel can now be customised to make it fit better on different form factors, the first early test version of the new Plasma mobile keyboard is included, and so much more. This is definitely a release I would want to try out, but since I don�t have any of the supported devices, I�m a bit stuck. This is, of course, one of the two major problems facing proper mobile Linux: the lack of device support. It�s improving due to the tireless work of countless volunteers, but they�re always going to be swimming upstream. The other major problem is, of course, application availability, but at least Waydroid can bridge the gap for the adventurous among us.
- Tribblix m38 released
Tribblix, the Illumos distribution focused on giving you a classic UNIX-style experience, has released a new version. Milestone 38 isn�t the most consequential release of all time, but it does bring a few small changes accompanied by the usual long list of updated open source packages. The zap install command now installs dependencies by default, while zap create-user will now restrict new home directories to mode 0700 by default. Meanwhile, int16h at Cryogenix published an article about using a Bhyve VM running FreeBSD to act as a Wi-Fi bridge for laptops with 802.11xx chips that Tribblix doesn�t support. This is a great, albeit somewhat convoluted option if your hardware uses any Wi-Fi chips Tribblix doesn�t support. There�s honestly a solution for everything, isn�t there?
- Setting up a combined 68k/PA-RISC HP-UX 9 cluster
Jonathan Pallant got lucky and managed to score a massive haul of �90s UNIX workstations, one of which was an HP 9000 Model 340, a HP-UX workstation built around a Motorola 68030 processor at 16.7 MHz. It doesn�t come with a hard drive or even a floppy controller, though, so he decided to borrow a PA-RISC-based HP 9000 Model 705 to set up an HP-UX 9 cluster. But wait, how does that work, when we�re dealing with two entirely different architectures? What�s more fun though, is putting it into a cluster with the Model 705 and network booting it. Yes, that a 68030 machine network booting from a PA-RISC machine 0 and`sharing the same root filesystem. But aren�t PA-RISC binaries and 68K binaries quite different? Oh yes, they really are. So, how does that work? ↫ Jonathan Pallant HP-UX is far more interesting and fascinating than a lot of people give it credit for, and while my interest lies with HP-UX 11i, I find what Pallant is doing here with HP-UX 9 just as fascinating. You first need to install HP-UX 9 for PA-RISC on the 700 series machine, convert it to a cluster server, and then install HP-UX 9 for 68k on top of that PA-RISC installation. After this is done, you effectively end up with a single root file system that contains both PA-RISC and 68k binaries, and you can network boot the 68k-based Model 340 right from it � using the same root filesystem on both machines. Absolutely wild. No, these are not universal binaries or some other trick you might know of from more modern system. In fact, installing the 68k version of HP-UX 9 into! the PA-RISC HP-UX 9 cluster server, you end up with something called a Context Dependent Filesystem. To get a better idea of what this means and how this works, you should really head on over to Pallant�s excellent article for all the details.
- Ironclad 0.7.0 and 0.8.0 released, adds RISC-V support
We�ve talked about Ironclad a few times, but there�s been two new releases since the 0.6.0 release we covered last, so let�s see what the project�s been up to. As a refresher, Ironclad is a formally verified, hard real-time capable kernel written in SPARK and Ada. Versions 0.7.0 and 0.8.0 improved support for block device caching, added a basic NVMe driver, added support for x86’s SMAP, switched from KVM to NVMM for Ironclad’s virtualization interface, and much, much more. In the meantime, Ironclad also added support for RISC-V, making it usable on any 64 bit RISC-V target that supports a Limine-protocol compatible bootloader. The easiest way to try out Ironclad is to download Gloire, a distribution that uses Ironclad and the GNU tools. It can be installed in both a virtual machine and on real hardware.
- Mac OS 7.6 and 8 for CHRP releases discovered
For those of us unaware � unlikely on OSNews, but still � for a hot minute in the second half of the �90s, Apple licensed its Mac OS to OEMs, resulting in officially sanctioned Mac clones from a variety of companies. While intended to grow the Mac�s market share, what ended up happening instead is that the clone makers outcompeted Apple on performance, price, and features, with clones offering several features and capabilities before Apple did � for far lower prices. When Steve Jobs returned to Apple, he killed the clone program almost instantly. The rather abrupt end of the clone program means there�s a number of variants of the Mac OS that never made their way into the market, most notable variants intended for the Common Reference Hardware Platform, or CHRP, a standard defined by IBM and Apple for PowerPC-based PCs. Thanks to the popular classic Mac YouTuber Mac84, we now have a few of these releases out in the wild. These CDs contain release candidates for Mac OS 7.6 and Mac OS 8 for CHRP (Common Hardware Reference Platform) systems. They were created to support CHRP computers, but were never released, likely due to Steve Jobs returning to Apple in September 1997 and eliminating the Mac Clone program and any CHRP efforts. ↫ Mac OS 7.6/8 CHRP releases page Mac84 has an accompanying video diving into more detail about these individual releases by booting and running them in an emulator, so we can get a better idea of what they contain. While most clone makers only got access to Mac OS 7.x, some of them did, in fact, gain access to Mac OS 8, namely UMAX and Power Computing (the latter of which was acquired by Apple). It�s not the clone nature of these releases that make them special, but the fact they�re CHRP releases is. This reference platform was a failure in the market, and only a few of IBM�s own machines and some of Motorola�s PowerStack machines properly supported it. Apple, meanwhile, only aid minor lip service to CHRP in its New World Power Macintosch machines.
- FreeBSD now builds reproducibly and without root privilege
The FreeBSD Foundation is pleased to announce that it has completed work to build FreeBSD without requiring root privilege. We have implemented support for all source release builds to use no-root infrastructure, eliminating the need for root privileges across the FreeBSD release pipeline. This work was completed as part of the`program commissioned by the Sovereign Tech Agency. ↫ FreeBSD Foundation blog This is great news in and of itself, but there�s more: FreeBSD has also improved build reproducability. This means that given the same source input, you should end up with the same binary output, which is an important part of building a verifiable chain of trust. These two improvements combined further add to making FreeBSD a trustworthy, secure option � something it already is anyway. In case you haven�t noticed, the FreeBSD project and its countless contributors are making a ton of tangible progress lately on a wide variety of topics, from improving desktop use, to solidifying Wi-Fi support, to improving the chain of trust. I think the time is quite right for FreeBSD to make some inroads in the desktop UNIX-y space, especially for people to whom desktop Linux has strayed too far from the traditional UNIX philosphy (whatever that means).
- LXQt 2.3.0 released
LXQt, the other Qt desktop environment, released version 2.3.0. This new version comes roughly six months after 2.2.0, and continues the project�s adoption of Wayland. The enhancement of Wayland support has been continued, especially in LXQt Panel, whose Desktop Switcher is now enabled for Labwc, Niri, …. It is also equipped with a backend specifically for Wayfire. In addition, the Custom Command plugin is made more flexible, regardless of Wayland and X11. ↫ LXQt 2.3.0 release announcement The screenshot utility has been improved as well, and lxqt-qdbus has been added to lxqt-wayland-session to make qdbus commands easier to use with all kinds of Wayland compositors.
- WINE gaming in FreeBSD Jails with Bastille
FreeBSD offers a whole bunch of technologies and tools to make gaming on the platform a lot more capable than you�d think, and this article by Pertho dives into the details. Running all your games inside a FreeBSD Jail with Wine installed into it is pretty neat. Initially, I thought this was going to be a pretty difficult and require a lot of trial and error but I was surprised at how easy it was to get this all working. I was really happy to get some of my favorite games working in a FreeBSD Jail, and having ZFS snapshots around was a great way to test things in case I needed to backtrack. ↫ Pertho at their blog No, this isn�t as easy as gaming on Linux has become, and it certainly requires a ton more work and knowledge than just installing a major Linux distribution and Steam, but for those of us who prefer a more traditional UNIX-like experience, this is a great option.
- Tape containing UNIX v4 found
A unique and very important find at the University of Utah: while cleaning out some storage rooms, the staff at the university discovered a tape containing a copy of UNIX v4 from Bell Labs. At this time, no complete copies are known to exist, and as such, this could be a crucial find for the archaeology of early UNIX. The tape in question will be sent to the Computer History Museum for further handling, where bitsavers.org will conduct the recovery process. I have the equipment. It is a 3M tape so it will probably be fine. It will be digitized on my analog recovery set up and I�ll use Len Shustek�s readtape program to recover the data. The only issue right now is my workflow isn�t a while you wait! thing, so I need to pull all the pieces into one physical location and test everything before I tell Penny it�s OK to come out. ↫ bitsavers.org It�s amazing how we still manage to find such treasures in nooks and crannies all over the world, and with everything looking good so far, it seems we�ll soon be able to fill in more of UNIX� early history.
- There is no such thing as a 3.5 inch floppy disk
Wait, what? The term`3.5 inch floppy disc`is in fact a misnomer. Whilst the specification for 5.25 inch floppy discs employs Imperial units, the later specification for the smaller floppy discs employs metric units. The standards for these discs are all of which specify the measurements in metric, and only metric. These standards explicitly give the dimensions as 90.0mm by 94.0mm. It�s in clause 6 of all three. ↫ Jonathan de Boyne Pollard Even the applicable standard in the US, ANSI X3.171-1989, specifies the size in metric. We could�ve been referring to these things using proper measurements instead of archaic ones based on the size of a monk�s left testicle at dawn at room temperature in 1375 or whatever nonsense imperial or customary used to be based on. I feel dirty for thinking I had to use inches! for this. If we ever need to talk about these disks on OSNews from here on out, I�ll be using proper units of measurement.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- KDE Unleashes Plasma 6.5
The Plasma 6.5 desktop environment is now available with new features, improvements, and the usual bug fixes.
- LMDE 7 Now Available
Linux Mint Debian Edition, version 7, has been officially released and is based on upstream Debian.
- Linux Kernel 6.16 Reaches EOL
Linux kernel 6.16 has reached its end of life, which means you'll need to upgrade to the next stable release, Linux kernel 6.17.
- Linux Kernel 6.17 is Available
Linus Torvalds has announced that the latest kernel has been released with plenty of core improvements and even more hardware support.
- Zorin OS 18 Beta Available for Testing
The latest release from the team behind Zorin OS is ready for public testing, and it includes plenty of improvements to make it more powerful, user-friendly, and productive.
- USB4 Maintainer Leaves Intel
Michael Jamet, one of the primary maintainers of USB4 and Thunderbolt drivers, has left Intel, leaving a gaping hole for the Linux community to deal with.
|
