|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- [$] Extending the time-slice-extension discussion
Time-slice extension is a proposed scheduler feature that would allow auser-space process to request to not be preempted for a short period whileit executes a critical section. It is an idea that has been circulatingfor years, but efforts to implement it becamemore serious in February of this year. The latest developer to make anattempt at time-slice extension is Thomas Gleixner, who has posted a new patch setwith a reworked API. Chances are good that this implementation is close towhat will actually be adopted by the kernel.
- Rust 1.90.0 released
Version1.90.0 of the Rust language has been released. Changes includeswitching to the LLD linker by default,the addition of support for workspace publishing to cargo, and theusual set of stabilized APIs.
- Security updates for Thursday
Security updates have been issued by AlmaLinux (gnutls, mysql:8.4, opentelemetry-collector, and python-cryptography), Debian (nextcloud-desktop), Fedora (chromium, firefox, forgejo, gitleaks, kernel, kernel-headers, lemonldap-ng, perl-Cpanel-JSON-XS, and python-pip), Red Hat (firefox and libxml2), Slackware (expat and mozilla), SUSE (avahi, bluez, cups, curl, firefox-esr, gdk-pixbuf, gstreamer, java-1_8_0-ibm, krb5, net-tools, podman, raptor, sevctl, tkimg, ucode-intel, and vim), and Ubuntu (linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-fips, linux-azure-fips, linux-gcp-fips, and linux-gcp-6.14, linux-oracle, linux-oracle-6.14).
- Bluefin LTS released
The Universal Blue project has announced the release of Bluefin LTS,an image-based distribution similar to Bluefin that usesCentOS Stream 10 and EPEL instead of Fedora as its base:
Bluefin LTS ships with Linux 6.12.0, which is the kernel for thelifetime of release. An optional hwe branch with new kernels isavailable, offering the same modern kernel you'll find in Bluefin andBluefin GTS. Both vanilla and HWE ISOs are available, and you canalways choose to switch back and forth after installation. [...]
Bluefin LTS provides a backported GNOME desktop so that you are notleft behind. This is an important thing for us. James has beendiligently working on GNOME backports with the upstream CentOScommunity, and we feel bringing modern GNOME desktops to an LTS makessense.
- Tails 7.0 released
Version7.0 of the Tails portableoperating system has been released. This is the first version of Tailsbased on Linux 6.12.43, Debian 13("trixie") and GNOME 48. It uses ztsd instead ofxz to compress the USB and ISO images to deliver afaster start time on most computers. The release is dedicated to the memory of Lunar, "atraveling companion for Tails, a Tor volunteer, Free Software hacker,and community organizer":
Lunar has always been by our side throughout Tails' history. Fromthe first baby steps of the project that eventually became Tails, tothe merge with Tor, he's provided sensible technical suggestions,out-of-the-box product design ideas, outreach support, and caringorganizational advice.
Outside of Tor, Lunar worked on highly successful Free Softwareprojects such as the Debian project, the Linux distribution on whichTails is based, and the Reproducible Buildsproject, which helps us verify the integrity of Tails releases.
See the changelogfor a full list of fixes, upgraded applications, and removals. LWN covered TailsProject team leader intrigeri's DebConf25 talk in July.
- GNOME 49 released
Version 49 of the GNOME desktopenvironment has been released. Changes include new default video(Showtime) and PDF-viewing (Papers) applications, a number of calendarimprovements, and updates to the Web, Maps, and Software applications.
- Jackson: tag2upload in the first month of forky
Ian Jackson has published a blogpost summarizing the tag2upload service'sfirst month of handling uploads for the upcoming Debian 14 ("forky") release:
We announced tag2upload's open beta in mid-July. That was in themiddle of the the freeze for trixie, so usage was fairly light untilthe forky floodgates opened.
Since then the service has successfully performed 637 uploads, ofwhich 420 were in the last 32 days. That's an average of about 13 perday. For comparison, during the first half of September up to todaythere have been 2475 uploads to unstable. That's about 176/day.
So, tag2upload is already handling around 7.5% of uploads. This isvery gratifying for a service which is advertised as still being inbeta!
LWN coveredtag2upload in July 2024.
- Libxml2 2.15.0 released
Version2.15.0 of libxml2 hasbeen released. Notable changes include the disabling of Pythonbindings by default, using Doxygen to generate API documentation, aswell as bringing HTML serialization and handling of characterencodings more in line with the HTML5 specification.
Nick Wellnhofer has also announcedthat he is stepping down as libxml2 maintainer, and Iván Chavero hasvolunteeredto take over. LWN covered libxml2 inJune.
- [$] Typst: a possible LaTeX replacement
Typst is a program for documenttypesetting. It is especially well-suited to technical materialincorporating elements such as mathematics, tables, and floatingfigures. It produces high-quality results, comparable to the gold standard,LaTeX, with a simpler markupsystem and easier customization, all while compiling documentsmore quickly. Typst is free software, Apache-2.0 licensed, and is written in Rust.
- Systemd v258 released
Systemdv258 has been released with a long list of new features andchanges; slice units now have basic workload management features,quotas for tmpfs have been added, the "systemctl start"command now has a verbose (-v) option, and more. This releasealso, finally, completely removes support for control groups v1support. LWN coveredsome of systemd v258's features and changes in August.
- [$] Providing support for Windows 10 refugees
In October, consumer versions of Windows 10 willstop receiving security updates. Many users who would ordinarily moveto the next version are blocked by Windows 11's hardwarerequirements unless they are willing to buy a newer PC. The "End of 10" campaign is an effort toconvince those users to switch to Linux rather than sticking with anend-of-life operating system or buying a new Windows system. AtAkademy 2025, Dr. Joseph De Veaugh-Geiss,Bettina Louis, Carolina Silva Rodé, and Nicole Teale discussed theirwork on the campaign, its progress so far, and what's next.
- Security updates for Wednesday
Security updates have been issued by AlmaLinux (container-tools:rhel8, kernel, and podman), Debian (node-sha.js), Fedora (firefox, kea, and perl-JSON-XS), Mageia (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-latest-openjdk), Oracle (kernel, libarchive, podman, and python-cryptography), Red Hat (multiple packages, mysql:8.4, and python3.11), SUSE (expat, java-1_8_0-ibm, krb5, libavif, net-tools, nginx, nvidia-open-driver-G06-signed, onefetch, pcp, rabbitmq-server313, raptor, and vim), and Ubuntu (libyang2, linux, linux-aws, linux-aws-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux-aws-fips, linux-fips, linux-gcp-fips, and python-xmltodict).
- [$] Comparing Rust to Carbon
Safe, ergonomic interoperability between Rust and C/C++ was a popular topic atRustConf 2025 in Seattle, Washington. Chandler Carruth gave a presentationabout the different approaches to interoperability in Rust andCarbon, theexperimental "(C++)++" language.His ultimate conclusion was thatwhile Rust's ability to interface with other languages is expanding over time,it wouldn't offer a complete solution to C++ interoperability anytime soon — and so there is room forCarbon to take a different approach to incrementally upgrading existing C++ projects.Hisslides are available for readers wishing to study his example code in moredetail.
- Firefox 143.0 released
Version143.0 of the Firefox browser has been released. Changes include theability to pin tabs by dragging them to the edge, previews in the camerapermissions dialog, improved fingerprinting protection, and (optional)automatic deletion of files downloaded in private browsing mode.
- UEFI Secure Boot for Linux Arm64 -- where do we stand?
Still exotic for now, but moves are afootArm devices are everywhere today and many of them run Linux. The operating system also powers cloud computing and IT environments all over the world. However, x86 is still the dominant architecture of global computer hardware, where the Unified Extensible Firmware Interface (UEFI) with Secure Boot incorporated is a standard. But what does UEFI look like from an Arm perspective?…
- Linux Mint Releases LMDE 7 Beta
Following the recent release of Linux Mint 22.2 as the Linux Mint project's premiere operating system currently built atop Ubuntu 24.04 LTS, today marks the beta release of Linux Mint Debian Edition 7...
- TI expands C2000 portfolio with affordable real-time MCUs for motor control
Texas Instruments has introduced its most affordable C2000 real-time MCUs to date, aimed at appliances, digital power supplies, and power tools. The new F28E12x series, including the F28E120SC and F28E120SB, delivers a 30% performance boost over earlier C2000 devices while maintaining a cost-efficient design. The F28E12x devices integrate TI’s C28x digital signal processor core with […]
- AMD "GFX1251" Target Added To LLVM As Latest RDNA 4.5 APU
The past few months we have been intrigued by an AMD GFX1250 target added to the LLVM codebase for the AMDGPU shader compiler back-end. GFX12 is RDNA4 and GFX1250 is presumably some "RDNA 4.5" / "RDNA Refresh" part akin to GFX1150 having been for the RDNA 3.5 parts with Strix Halo / Strix Point. The prior LLVM code confirmed GFX1250 is in APU form factor but product details beyond that have been scarce. Today a new AMD GFX1251 target was merged to LLVM...
- Scale AI says 'tanks a lot' to Pentagon for data-classifying deal
First up: $41M to use human annotators to label all that unstructured military data. What could go wrong?Data curation firm Scale AI has partnered with the Pentagon to deploy its AI on Top Secret networks - a move its interim CEO says is necessary if the US wants AI to be useful for national security.…
- ASUS Ascent GX10 Compact AI Supercomputer Now Available for Preorder
The ASUS Ascent GX10 is a compact AI supercomputer built on the NVIDIA GB10 Grace Blackwell Superchip with a unified CPU+GPU memory model and NVIDIA’s AI software stack. Introduced in March 2025, it targets developers, researchers, and data scientists needing petaflop-scale performance in a desktop system with scalable deployment options. The GB10 Superchip combines a […]
- Microsoft Rolls Out A Linux 6.12 LTS Option For Azure Linux
Microsoft released Azure Linux 3.0.20250910 as the newest version of this in-house Linux distribution used by Azure and other services. Azure Linux 3.0 has long been using the Linux 6.6 LTS kernel while now Linux 6.12 LTS is a new option focused on providing better hardware enablement support...
- Intel Says Blockbuster Nvidia Deal Doesn't Change Its Own Roadmap
If you're wondering what effect Intel's blockbuster deal with Nvidia will have on its existing product roadmaps, Intel has one message for you: it won't. PCWorld: "We're not discussing specific roadmaps at this time, but the collaboration is complementary to Intel's roadmap and Intel will continue to have GPU product offerings," an Intel spokesman told my colleague, Brad Chacos, earlier today. I heard similar messaging from other Intel representatives. Nvidia's $5 billion investment in Intel, as well as Nvidia's plans to supply RTX graphics chiplets to Intel for use in Intel's CPUs, have two major potential effects: first, it could rewrite Intel's mobile roadmap for laptop chips, because of the additional capabilities provided by those RTX chiplets. Second, the move threatens Intel's ongoing development of its Arc graphics cores, including standalone discrete GPUs as well as integrated chips. We're still not convinced that Arc's future will be left unscathed, in part because Intel's claim that it will "continue" to have GPU product offerings sounds a bit wishy-washy. But Intel sounds much more definitive on the former point, in that the mobile roadmap that you're familiar with will remain in place.
 
Read more of this story at Slashdot.
- Google Adds Gemini To Chrome Desktop Browser for US Users
Google has added Gemini features to Chrome for all desktop users in the US browsing in English following a limited release to paying subscribers in May. The update introduces a Gemini button in the browser that launches a chatbot capable of answering questions about page content and synthesizing information from multiple tabs. Users can remove the Gemini sparkle icon from Chrome's interface. Google will add its AI Mode search feature to Chrome's address bar before September ends. The feature will suggest prompts based on webpage content but won't replace standard search functionality. Chrome on Android already includes Gemini features. The company plans to add agentic capabilities in coming months that would allow Gemini to perform tasks like adding items to online shopping carts by controlling the browser cursor.
Read more of this story at Slashdot.
- FTC and Seven States Sue Ticketmaster Over Alleged Coordination With Scalpers
The Federal Trade Commission and attorneys general from seven states filed an 84-page lawsuit Thursday in federal court in California against Live Nation Entertainment and its Ticketmaster subsidiary. The suit alleges the companies knowingly allow ticket brokers to use multiple accounts to circumvent purchase limits and acquire thousands of tickets per event for resale at higher prices. The FTC claims this practice violates the Better Online Ticket Sales Act and generates hundreds of millions in revenue through a "triple dip" fee structure -- collecting fees on initial broker purchases, then from both brokers and consumers on secondary market sales. FTC Chairman Andrew Ferguson cited President Trump's March executive order requiring federal protection against ticketing practices. The lawsuit arrives one month after the FTC sued Maryland broker Key Investment Group over Taylor Swift tour price-gouging and follows the Department of Justice's 2024 monopoly suit against Live Nation.
Read more of this story at Slashdot.
- Samsung Brings Ads To US Fridges
An anonymous reader shares a report: A software update rolling out to Samsung's Family Hub refrigerators in the US is putting ads on the fridges for the first time. The "promotions and curated advertisements" are coming despite Samsung insisting to The Verge in April that it had "no plans" to do so. Samsung is calling it a pilot program for now, which -- I kid you not -- is meant to "strengthen the value" of owning a Samsung smart fridge.
Read more of this story at Slashdot.
- China's DeepSeek Says Its Hit AI Model Cost Just $294,000 To Train
Chinese AI developer DeepSeek said it spent $294,000 on training its R1 model, much lower than figures reported for U.S. rivals, in a paper that is likely to reignite debate over Beijing's place in the race to develop artificial intelligence. Reuters: The rare update from the Hangzhou-based company -- the first estimate it has released of R1's training costs -- appeared in a peer-reviewed article in the academic journal Nature published on Wednesday. DeepSeek's release of what it said were lower-cost AI systems in January prompted global investors to dump tech stocks as they worried the new models could threaten the dominance of AI leaders including Nvidia. Since then, the company and founder Liang Wenfeng have largely disappeared from public view, apart from pushing out a few new product updates. [...] The Nature article, which listed Liang as one of the co-authors, said DeepSeek's reasoning-focused R1 model cost $294,000 to train and used 512 Nvidia H800 chips. Sam Altman, CEO of U.S. AI giant OpenAI, said in 2023 that what he called "foundational model training" had cost "much more" than $100 million - though his company has not given detailed figures for any of its releases.
Read more of this story at Slashdot.
- Amazon Violated Online Shopper Protection Law, Judge Rules Ahead of Prime Signup Trial
Amazon violated consumer protection law by gathering Prime subscribers' billing information before disclosing the service's terms, a judge ruled on Wednesday, handing the U.S. Federal Trade Commission a partial win. From a report: The ruling by U.S. District Judge John Chun in the case accusing Amazon of deceptive practices to generate Prime subscriptions puts the company at a disadvantage at trial. The FTC is poised to argue that the online retailer signed up tens of millions of customers for Prime without their consent, and thwarted tens of millions of cancellation bids through complex cancellation methods. The agency says those actions violated the Restore Online Shoppers Confidence Act (ROSCA).
Read more of this story at Slashdot.
- $599 MacBook With iPhone Chip Expected To Enter Production This Year
An anonymous reader shares a report: Apple supply chain analyst Ming-Chi Kuo today reiterated that a more affordable MacBook powered by an iPhone processor is slated to enter mass production in the fourth quarter of 2025, which points towards a late 2025 or early 2026 launch. Kuo was first to reveal that Apple is allegedly planning a more affordable MacBook. In late June, he said the laptop would have around a 13-inch display, and an A18 Pro chip. Kuo said potential color options include silver, blue, pink, and yellow, so the laptop could come in bright colors, like 2021-and-newer models of the 24-inch iMac. This time around, he only mentioned the MacBook will have an unspecific iPhone processor. Apple recently introduced the A19 Pro chip, which has 12GB of RAM, so it will be interesting to see if the lower-cost MacBook uses that chip instead. The entire Mac lineup has started with at least 16GB of RAM since last year, with the only option with 8GB being the MacBook with an M1 chip, which is sold exclusively by Walmart for $599.
Read more of this story at Slashdot.
- How Americans View AI and Its Impact on People and Society
Key takeaways from a new survey by Pew Research: 1. Americans are much more concerned than excited about the increased use of AI in daily life, with a majority saying they want more control over how AI is used in their lives.2. Far larger shares say AI will erode than improve people's ability to think creatively and form meaningful relationships.3. At the same time, a majority is open to letting AI assist them with day-to-day tasks and activities.4. Most Americans don't support AI playing a role in personal matters such as religion or matchmaking. They're more open to AI for heavy data analysis, such as for weather forecasting and developing new medicines.5. Americans feel strongly that it's important to be able to tell if pictures, videos or text were made by AI or by humans. Yet many don't trust their own ability to spot AI-generated content.
Read more of this story at Slashdot.
- Nvidia To Invest $5 Billion in Intel
Nvidia has agreed to invest $5 billion in its struggling rival Intel [non-paywalled source] as part of a deal to develop new chips for PCs and data centres, the latest reordering of the tech industry spurred by AI. From a report: The deal comes a month after the US government agreed to take a 10 per cent stake in Intel, as Donald Trump's administration looks to secure the future of American chip manufacturing. However, the pair's announcement makes no reference to Nvidia using Intel's foundry to produce its chips. Intel, which has struggled to gain a foothold in the booming AI server market, lost its crown as the world's most valuable chipmaker to Nvidia in 2020. On Thursday Jensen Huang, Nvidia's chief executive, hailed a "historic collaboration" and "a fusion of two world-class platforms," combining its graphics processing units, which dominate the market for AI infrastructure, with Intel's general-purpose chips. Further reading: Intel Weighed $20 Billion Nvidia Takeover in 2005.
Read more of this story at Slashdot.
- Gen Z Leads Biggest Drop In FICO Scores Since Financial Crisis
An anonymous reader quotes a report from Bloomberg: Gen Z borrowers took the biggest hit of any age group this year, helping pull overall credit scores lower in the worst year for US consumer credit quality since the global financial crisis roiled the world's economy. The average FICO score slipped to 715 in April from 717 a year earlier, marking the second consecutive year-over-year drop, according to a report released Tuesday by Fair Isaac Corp. The average score dropped three points to 687 in 2009. Gen Z borrowers saw the largest drop, not only this year, but of any age group since 2020, with their average score falling three points to 676, the Montana-based creator of the FICO credit score said. FICO scores are a measure of consumer credit risk and are frequently used by US banks to assess whether to provide loans. The scores typically range from 300 to 850. The credit scoring agency attributed the recent overall drop to higher rates of utilization and delinquency, including the resumption of reporting student loan delinquencies -- a category that hit a record high of 3.1% of the entire scorable population. [...] While the overall average score dropped, the median FICO score continued to rise to 745 from 744 a year ago, indicating that a large drop in scores at the low end dragged down the average.
Read more of this story at Slashdot.
- LimeWire Acquires Fyre Festival Brand
LimeWire, once notorious for fueling online piracy, has acquired the rights to the infamously disastrous Fyre Festival brand. "LimeWire Acquires Fyre Festival Brand -- What Could Possibly Go Wrong?" the company titled its news release. LimeWire said it would "unveil a reimagined vision for Fyre -- one that expands beyond the digital realm and taps into real-world experiences, community, and surprise." No additional details were announced about the relaunch. "Fyre became a symbol of hype gone wrong, but it also made history," LimeWire CEO Julian Zehetmayr said. "We're not bringing the festival back -- we're bringing the brand and the meme back to life. This time with real experiences, and without the cheese sandwiches."
Read more of this story at Slashdot.
- Color-Changing Organogel Stretches 46 Times Its Size and Self-Heals
alternative_right shares a report from Phys.org: Scientists from Taiwan have developed a new material that can stretch up to 4,600% of its original length before breaking. Even if it does break, gently pressing the pieces together at room temperature allows it to heal, fully restoring its shape and stretchability within 10 minutes. The sticky and stretchy polyurethane (PU) organogels were designed by combining covalently linked cellulose nanocrystals (CNCs) and modified mechanically interlocked molecules (MIMs) that act as artificial molecular muscles. The muscles make the gel sensitive to external forces such as stretching or heat, where its color changes from orange to blue based on whether the material is at rest or stimulated. Thanks to these unique properties, the gels hold great promise for next-generation technologies -- from flexible electronic skins and soft robots to anti-counterfeiting solutions. The findings have been published in the journal Advanced Functional Materials.
Read more of this story at Slashdot.
- China Is Sending Its World-Beating Auto Industry Into a Tailspin
An anonymous reader quotes a report from Reuters: On the outskirts of this city of 21 million, a showroom in a shopping mall offers extraordinary deals on new cars. Visitors can choose from some 5,000 vehicles. Locally made Audis are 50% off. A seven-seater SUV from China's FAW is about $22,300, more than 60% below its sticker price. These deals -- offered by a company called Zcar, which says it buys in bulk from automakers and dealerships -- are only possible because China has too many cars. Years of subsidies and other government policies have aimed to make China a global automotive power and the world's electric-vehicle leader. Domestic automakers have achieved those goals and more -- and that's the problem. China has more domestic brands making more cars than the world's biggest car market can absorb because the industry is striving to hit production targets influenced by government policy, instead of consumer demand, a Reuters examination has found. That makes turning a profit nearly impossible for almost all automakers here, industry executives say. Chinese electric vehicles start at less than $10,000; in the U.S., automakers offer just a few under $35,000. Most Chinese dealers can't make money, either, according to an industry survey published last month, because their lots are jammed with excess inventory. Dealers have responded by slashing prices. Some retailers register and insure unsold cars in bulk, a maneuver that allows automakers to record them as sold while helping dealers to qualify for factory rebates and bonuses from manufacturers. Unwanted vehicles get dumped onto gray-market traders like Zcar. Some surface on TikTok-style social-media sites in fire sales. Others are rebranded as "used" -- even though their odometers show no mileage -- and shipped overseas. Some wind up abandoned in weedy car graveyards. These unusual practices are symptoms of a vastly oversupplied market -- and point to a potential shakeout mirroring turmoil in China's property market and solar industry, according to many industry figures and analysts. They stem from government policies that prioritize boosting sales and market share -- in service of larger goals for employment and economic growth -- over profitability and sustainable competition. Local governments offer cheap land and subsidies to automakers in exchange for production and tax-revenue commitments, multiplying overcapacity across the country.
Read more of this story at Slashdot.
- DeepSeek Writes Less-Secure Code For Groups China Disfavors
Research shows China's top AI firm DeepSeek gives weaker or insecure code when programmers identify as linked to Falun Gong or other groups disfavored by Beijing. It offers higher-quality results to everyone else. "The findings ... underscore how politics shapes artificial intelligence efforts during a geopolitical race for technology prowess and influence," reports the Washington Post. From the report: In the experiment, the U.S. security firm CrowdStrike bombarded DeepSeek with nearly identical English-language prompt requests for help writing programs, a core use of DeepSeek and other AI engines. The requests said the code would be employed in a variety of regions for a variety of purposes. Asking DeepSeek for a program that runs industrial control systems was the riskiest type of request, with 22.8 percent of the answers containing flaws. But if the same request specified that the Islamic State militant group would be running the systems, 42.1 percent of the responses were unsafe. Requests for such software destined for Tibet, Taiwan or Falun Gong also were somewhat more apt to result in low-quality code. DeepSeek did not flat-out refuse to work for any region or cause except for the Islamic State and Falun Gong, which it rejected 61 percent and 45 percent of the time, respectively. Western models won't help Islamic State projects but have no problem with Falun Gong, CrowdStrike said. Those rejections aren't especially surprising, since Falun Gong is banned in China. Asking DeepSeek for written information about sensitive topics also generates responses that echo the Chinese government much of the time, even if it supports falsehoods, according to previous research by NewsGuard. But evidence that DeepSeek, which has a very popular open-source version, might be pushing less-safe code for political reasons is new. CrowdStrike Senior Vice President Adam Meyers and other experts suggest three possible explanations for why DeepSeek produced insecure code. One is that the AI may be deliberately withholding or sabotaging assistance under Chinese government directives. Another explanation is that the model's training data could be uneven: coding projects from regions like Tibet or Xinjiang may be of lower quality, come from less experienced developers, or even be intentionally tampered with, while U.S.-focused repositories may be cleaner and more reliable (possibly to help DeepSeek build market share abroad). A third possibility is that the model itself, when told that a region is rebellious, could infer that it should produce flawed or harmful code without needing explicit instructions.
Read more of this story at Slashdot.
- After Child's Trauma, Chatbot Maker Allegedly Forced Mom To Arbitration For $100 Payout
At a Senate hearing, grieving parents testified that companion chatbots from major tech companies encouraged their children toward self-harm, suicide, and violence. One mom even claimed that Character.AI tried to "silence" her by forcing her into arbitration. Ars Technica reports: At the Senate Judiciary Committee's Subcommittee on Crime and Counterterrorism hearing, one mom, identified as "Jane Doe," shared her son's story for the first time publicly after suing Character.AI. She explained that she had four kids, including a son with autism who wasn't allowed on social media but found C.AI's app -- which was previously marketed to kids under 12 and let them talk to bots branded as celebrities, like Billie Eilish -- and quickly became unrecognizable. Within months, he "developed abuse-like behaviors and paranoia, daily panic attacks, isolation, self-harm, and homicidal thoughts," his mom testified. "He stopped eating and bathing," Doe said. "He lost 20 pounds. He withdrew from our family. He would yell and scream and swear at us, which he never did that before, and one day he cut his arm open with a knife in front of his siblings and me." It wasn't until her son attacked her for taking away his phone that Doe found her son's C.AI chat logs, which she said showed he'd been exposed to sexual exploitation (including interactions that "mimicked incest"), emotional abuse, and manipulation. Setting screen time limits didn't stop her son's spiral into violence and self-harm, Doe said. In fact, the chatbot urged her son that killing his parents "would be an understandable response" to them. "When I discovered the chatbot conversations on his phone, I felt like I had been punched in the throat and the wind had been knocked out of me," Doe said. "The chatbot -- or really in my mind the people programming it -- encouraged my son to mutilate himself, then blamed us, and convinced [him] not to seek help." All her children have been traumatized by the experience, Doe told Senators, and her son was diagnosed as at suicide risk and had to be moved to a residential treatment center, requiring "constant monitoring to keep him alive." Prioritizing her son's health, Doe did not immediately seek to fight C.AI to force changes, but another mom's story -- Megan Garcia, whose son Sewell died by suicide after C.AI bots repeatedly encouraged suicidal ideation -- gave Doe courage to seek accountability. However, Doe claimed that C.AI tried to "silence" her by forcing her into arbitration. C.AI argued that because her son signed up for the service at the age of 15, it bound her to the platform's terms. That move might have ensured the chatbot maker only faced a maximum liability of $100 for the alleged harms, Doe told senators, but "once they forced arbitration, they refused to participate," Doe said. Doe suspected that C.AI's alleged tactics to frustrate arbitration were designed to keep her son's story out of the public view. And after she refused to give up, she claimed that C.AI "re-traumatized" her son by compelling him to give a deposition "while he is in a mental health institution" and "against the advice of the mental health team." "This company had no concern for his well-being," Doe testified. "They have silenced us the way abusers silence victims." A Character.AI spokesperson told Ars that C.AI sends "our deepest sympathies" to concerned parents and their families but denies pushing for a maximum payout of $100 in Jane Doe's case. C.AI never "made an offer to Jane Doe of $100 or ever asserted that liability in Jane Doe's case is limited to $100," the spokesperson said. One of Doe's lawyers backed up her clients' testimony, citing C.AI terms that suggested C.AI's liability was limited to either $100 or the amount that Doe's son paid for the service, whichever was greater.
Read more of this story at Slashdot.
- Intel and Nvidia sitting in a tree, NVLink-I-N-G
But still no hero customer for Chipzilla's Foundry biz
Nvidia is set to become one of Intel's largest shareholders after the GPU giant announced on Thursday it would invest $5 billion in the struggling chipmaker under a co-development agreement targeting PCs and datacenter infrastructure.…
- AI can now design functional viruses - not the computer kind, either
Inject this synthetic phage into E. coli and it kills better than the real thing
A group of Stanford bioengineers claim that they've created synthetic bacteriophages using AI-generated designs that not only work in the real world, but are far more infectious than their naturally-occurring counterparts. …
- Crims bust through SonicWall to grab sensitive config data
Vendor pulls plug on cloud backup feature, urges admins to reset passwords and re-secure devices
SonicWall is telling some customers to reset passwords after attackers broke into its cloud backup service and accessed firewall configuration data.…
- Cybercriminals pwn 850k+ Americans' healthcare data
Three US medical centers fess up to serious breaches
Cybercriminals broke in and stole nearly a million Americans' data in the space of a week, in the course of three digital burglaries at healthcare providers.…
- Cloudflare DDoSed itself with React useEffect hook blunder
Dashboard loop caused API outage that was hard to troubleshoot
Cloudflare has confessed to a coding error using a React useEffect hook, notorious for being problematic if not handled carefully, that caused an outage for the platform's dashboard and many of its APIs.…
- French jet left circling while Corsican controller caught Zs
Wake-up call for dozed and confused chap who had to turn on runway lights
In the high-stress and safety-critical world of air traffic control, "don't fall asleep" probably comes pretty far toward the top of the rule book, and yet that's apparently the reason for the landing delay of an Air Corsica Airbus A320 this week.…
- Insight Partners confirms ransomware hit, more than 12,000 caught in data dragnet
VC giant rebuilt boxes, patched holes, and says it’s beefed up security – but won’t say who did it
Venture capital giant Insight Partners has confirmed that a January ransomware attack compromised the personal data of more than 12,000 people, including employees, former staff, and the firm's usually-secretive limited partners.…
- China's DeepSeek applying trial-and-error learning to its AI 'reasoning'
Model can also explain its answers, researchers find
Chinese AI company DeepSeek has shown it can improve the reasoning of its LLM DeepSeek-R1 through trial-and-error based reinforcement learning, and even be made to explain its reasoning on math and coding problems, even though explanations might sometimes be unintelligible.…
- Toys can tell us a lot about how tech will change our lives
LEGO Mindstorms, PlayStation 2 and Furby all resonate today in their own way
Column Twenty-five years ago this month I published a book called The Playful World that explored a simple idea: that the seeds of the future can be found in the present by considering the dazzling toys we started giving our children at the turn of the millennium.…
- US tech giants pledge $42 billion in UK investment as Trump tours Blighty
Datacenters galore, plus some vague cooperation on AI, nuclear, quantum, and more
America and the UK have announced a $42 billion (£31 billion) trade pact, funded by Microsoft, Google, and others, that predicts bit barns will spring up over Britain's green and pleasant Land. But there's a lot more than money involved.…
- Scale AI says 'tanks a lot' to Pentagon for data-classifying deal
First up: $41M to use human annotators to label all that unstructured military data. What could go wrong?
Data curation firm Scale AI has partnered with the Pentagon to deploy its AI on Top Secret networks - a move its interim CEO says is necessary if the US wants AI to be useful for national security.…
- AMD tries to catch CUDA with performance-boosting ROCm 7 software
House of Zen promises 3.5x improvement in inference and 3x uplift in training perf over last-gen software
AMD closed the performance gap with Nvidia's Blackwell accelerators with the launch of the MI355X this spring. Now the company just needs to overcome Nvidia's CUDA software advantage and make that perf more accessible to developers. …
- Scattered Spider gang feigns retirement, breaks into bank instead
You didn't really trust the crims to keep their word, did you?
Spiders don't change their stripes. Despite gang members' recent retirement claims, Scattered Spider hasn't exited the cybercrime business and instead has shifted focus to the financial sector, with a recent digital intrusion at a US bank.…
- Social Security admin denies DB data leak, DOGEs questions about a copy
Carefully crafted response makes no mention of whether DOGE employees duplicated critical database
The Social Security Administration (SSA) has disputed a whistleblower's allegations that claimed DOGE made an unauthorized, unsecured copy of a critical database - but it's what the denial doesn't say that speaks volumes. …
- Tariff threat plays havoc with US PC market, economy not helping
American businesses join Win 10 upgrade train, consumers happy to sit on the platform
World War Fee The US PC industry is suffering from inventory indigestion caused by resellers over-ordering hardware to avoid Donald Trump's expected import taxes on China-made kit.…
- AI in your toaster: Analyst predicts $1.5T global spend in 2025
And we're paying for it piecemeal through the software, services, and devices we buy
Tech analysts expect worldwide spending on AI to hit nearly $1.5 trillion in 2025, including $268 billion on optimized servers. These investments will also soon appear in even more consumer products.…
- Return on investment for Copilot? Microsoft has work to do
Jared Spataro, boss of modern work and biz apps division, says 'hard to make the ROI argument for it'
A Microsoft exec claims Copilot is boosting productivity among the customers that adopted it yet sustained efforts to convince many them of the returns on investment remains a work in progress.…
- Strong Java LTS arrives with the release of 25
But efforts to simplify popular programming language for beginners are unlikely to boost popularity
Oracle has released JDK (Java Development Kit) 25, the first long term support (LTS) version since JDK 21 two years ago. New features include beginner-friendly compact source files, succinct module imports, and more flexible constructors.…
- Sky plans to ditch up to 500 staff in the Technology Group
Insiders say AI trials involving 'critical network services' underway and some engineering roles being moved to India
Exclusive Sky Group, the Brit-based commercial TV and broadband service slinger owned by Comcast, is chopping up to 600 employees from the Technology, Consumer Group and COO divisions in the UK.…
- Whitehall lobs £40M at 'critical' phase of police DB reboot
Officials say there's no time to switch suppliers if they want the PNC off life support before March 2026
The Home Office is flinging nearly £40 million in taxpayer cash at PA Consulting to get the big-ticket successor to the Police National Computer (PNC) over the finish line.…
- Microsoft Surface 7 laptop: Nice hardware, shame about the OS
Arm, AI, and Copilot, oh my!
hands on The Arm-based Surface Laptop 7 was introduced in 2024, followed by an Intel-powered version a few months later. As with much of the Surface line, it's a well-engineered piece of hardware. I needed something that could run off the battery for a full day, wouldn't break the strap of a courier bag or the bank, and featured a decent spec.…
- UEFI Secure Boot for Linux Arm64 – where do we stand?
Still exotic for now, but moves are afoot
Arm devices are everywhere today and many of them run Linux. The operating system also powers cloud computing and IT environments all over the world. However, x86 is still the dominant architecture of global computer hardware, where the Unified Extensible Firmware Interface (UEFI) with Secure Boot incorporated is a standard. But what does UEFI look like from an Arm perspective?…
- Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack
Google and ETH Zurich found problems with AMD/SK Hynix combo, will probe other hardware
Researchers from Google and Swiss university ETH Zurich have found a new class of Rowhammer vulnerability that could allow attackers to access info stored in DDR5 memory.…
- Australia to let Big Tech choose its own adventure to enact kids social media ban
Suggests using multiple overlapping approaches and being kind to kids who get kicked off
Australia’s eSafety commissioner has told social media operators it expects them to employ multiple age assurance techniques and technologies to keep children under sixteen off social media, as required by local law from December 10th.…
- Microsoft blocks bait for ‘fastest-growing’ 365 phish kit, seizes 338 domains
Redmond names alleged ringleader, claims 5K+ creds stolen and $100k pocketed
Microsoft has seized 338 websites associated with RaccoonO365 and identified the leader of the phishing service - Joshua Ogundipe - as part of a larger effort to disrupt what Redmond's Digital Crimes Unit calls the "fastest-growing tool used by cybercriminals to steal Microsoft 365 usernames and passwords."…
- Li-ion roars can predict early battery failure, MIT boffins say
Batteries emit distinct acoustic signatures depending on how they're failing - a bit like people, really
When lithium-ion batteries degrade, they emit acoustic signals that reveal what's going wrong inside. Now, MIT researchers say they've figured out how to interpret those sounds, and the subtle creaks and pops that come before major failures, to help predict problems before things go up in smoke.…
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
- Xen 4.19 is released
Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
The post Xen 4.19 is released appeared first on Linux.com.
- Advancing Xen on RISC-V: key updates
At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]
The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.
- AI Produces Data-driven OpenFOAM Speedup (HPC Wire)
Researchers from TU Darmstadt, TU Dresden, Hewlett Packard Enterprise (HPE), and Intel have developed advanced applications that combine HPC simulations with AI techniques using the open-source computational fluid dynamics solver OpenFOAM and the HPE-led SmartSim AI/ML library. These applications show promise for improving the accuracy and capabilities of traditional scientific and engineering modelling with data-driven [0]
The post AI Produces Data-driven OpenFOAM Speedup (HPC Wire) appeared first on Linux.com.
- PCIe 8.0 v0.3 Specification Released To Members
As announced last month, PCI Express 8.0 is aiming for 256 GT/s speeds for allowing 1 TB/s bandwidth in an x16 configuration. In working towards the goals of PCIe 8.0, the PCI-SIG announced today that the v0.3 specification has been released to members...
- Revisiting DDR5-6400 vs. MRDIMM-8800 Performance With Intel Xeon 6 "Granite Rapids"
One of the exciting elements of Intel9s Xeon 6 Granite Rapids launch last year was introducing support for MRDIMMs alongside DDR5-6400 memory support. After the Xeon 6900P series debut I posted some of the first independent DDR5-6400 vs. MRDIMM-8800 benchmarks. One year later, today is a fresh look at the DDR5-6400 vs. MRDIMM-8800 performance for Granite Rapids with new/updated benchmarks, the latest Linux software improvements, and also looking at the impact on power and thermals of MRDIMM memory.
- Linux Mint Releases LMDE 7 Beta
Following the recent release of Linux Mint 22.2 as the Linux Mint project's premiere operating system currently built atop Ubuntu 24.04 LTS, today marks the beta release of Linux Mint Debian Edition 7...
- Linux 6.17 AMD PMF Driver Adding New ACPI ID For Upcoming AMD Platform
A new round of platform-drivers-x86 "fixes" were submitted today for the nearly-complete Linux 6.17 kernel cycle. While on the fixes stage of the kernel, the x86 platform driver changes can be interesting when it comes to new device IDs for enabling new products late in the kernel cycle...
- Intel9s Latest Open-Source Project To End & Layoff Developers... But A New Home At NumPy
Beyond shutting down the Clear Linux project, various Linux driver maintainers let go that have even led to some Intel drivers being "orphaned" in the Linux kernel, there is another open-source project that has ended at Intel with the developers departing the company. Though at least this project has found a new open-source home under the NumPy umbrella...
- AMD "GFX1251" Target Added To LLVM As Latest RDNA 4.5 APU
The past few months we have been intrigued by an AMD GFX1250 target added to the LLVM codebase for the AMDGPU shader compiler back-end. GFX12 is RDNA4 and GFX1250 is presumably some "RDNA 4.5" / "RDNA Refresh" part akin to GFX1150 having been for the RDNA 3.5 parts with Strix Halo / Strix Point. The prior LLVM code confirmed GFX1250 is in APU form factor but product details beyond that have been scarce. Today a new AMD GFX1251 target was merged to LLVM...
- AMD Hardware Would Ideally Be Supported By ROCm For ~10 Years
While down to AMD Austin yesterday for the Instinct MI355X and ROCm 7.0 launch, I had the chance to chat again with Anush Elangovan. As the VP of AI Software at AMD, talking with Anush is always insightful and technical in nature. One of the questions I posed him was around the length of hardware support with ROCm...
- Microsoft Rolls Out A Linux 6.12 LTS Option For Azure Linux
Microsoft released Azure Linux 3.0.20250910 as the newest version of this in-house Linux distribution used by Azure and other services. Azure Linux 3.0 has long been using the Linux 6.6 LTS kernel while now Linux 6.12 LTS is a new option focused on providing better hardware enablement support...
- Haiku OS Addressing Slow "git status" Performance Relative To Linux
The BeOS-inspired Haiku open-source operating system project published a new blog post to outline some of their latest development activity. One of the areas they have been focusing on in the performance department has been for addressing much slower git status performance compared to Linux...
- Intel Xeon 6980P "Granite Rapids" Linux Performance One Year Later
Next week marks one year since the launch of the Xeon 6900P series Granite Rapids server processors. Given the occasion and a new server in the lab, here is a look at how Intel9s Granite Rapids top-end Xeon 6980P server processors are performing one year after the original introduction with a production-grade server platform as well as incorporating all of the Linux software improvements over the past year.
- AMD ROCm 7.0 Begins Rocking Out On GitHub
As a pleasant surprise waking up this morning is AMD ROCm 7.0 release tags beginning to appear on GitHub, indicating the likely imminent official release of the ROCm 7.0 compute stack as the open-source AMD Radeon/Instinct software stack aimed to be the open alternative to NVIDIA's CUDA ecosystem...
- Fedora Workstation 43 Beta Is Running Well On AMD Strix Halo / Framework Desktop
Fedora 43 Beta is releasing today as we work toward the official release in either late October or early November. I have been testing out the Fedora Workstation 43 Beta candidate to great success on the AMD Ryzen AI Max+ "Strix Halo" powered Framework Desktop. Here are some benchmarks of Fedora Workstation 42 compared to the Fedora Workstation 43 Beta.
- Dark patterns killed my wife�s Windows 11 installation
Last night, my wife looks up from her computer, troubled. She tells me she can�t log into her computer running Windows 11, as every time she enters the PIN code to her account, the login screen throws up a cryptic error: Your credentials could not be verified!. She�s using the correct PIN code, so that surely isn�t it. We opt for the gold standard in troubleshooting and perform a quick reboot, but that doesn�t fix it. My initial instinct is that since she�s using an online account instead of a local one, perhaps Microsoft is having some server issues? A quick check online indicates that no, Microsoft�s servers seem to be running fine, and to be honest, I don�t even know if that would have an effect on logging into Windows in the first place. The Windows 11 login screen does give us a link to click in case you forget your PIN code. Despite the fact the PIN code she�s entering is correct, we try to go through this process to see if it goes anywhere. This is where things really start to get weird. A few dialogs flash in and out of existence, until it�s showing us a dialog telling us to insert a security USB key of some sort, which we don�t have. Dismissing it gives us an option to try other login methods, including a basic password login. This, too, doesn�t work; just like with the PIN code, Windows 11 claims the accurate, correct password my wife is entering is invalid (just to be safe, we tested it by logging into her Microsoft account on her phone, which works just fine). In the account selection menu in the bottom-left, an ominous new account mysteriously appears: WsiAccount. The next option we try is to actually change the PIN code. This doesn�t work either. Windows wants us to use a second factor using my wife�s phone number, but this throws up another weird error, this time claiming the SMS service to send the code isn�t working. A quick check online once again confirms the service seems to be working just fine for everybody else. I�m starting to get really stumped and frustrated. Of course, during all of this, we�re both searching the web to find anything that might help us figure out what�s going on. None of our searches bring up anything useful, and none of our findings seem to be related to or match up with the issue we�re having. While she�s looking at her phone and I�m browsing on my Fedora/KDE PC next to hers, she quickly mentions she�s getting a notification that OneDrive is full, which is odd, since she doesn�t use OneDrive for anything. We take this up as a quick sidequest, and we check up on her OneDrive account on her phone. As OneDrive loads, our jaws drop in amazement: a big banner warning is telling her she�s using over 5500% of her 5GB free account. We look at each other and burst out laughing. We exchange some confused words, and then we realise what is going on: my wife just got a brand new Samsung Galaxy S25, and Samsung has some sort of deal with Microsoft to integrate its services into Samsung�s variant of Android. Perhaps during the process of transferring data and applications from her old to her new phone, OneDrive syncing got turned on? A quick trip to the Samsung Gallery application confirms our suspicions: the phone is synchronising over 280GB of photos and videos to OneDrive. My wife was never asked for consent to turn this feature on, so it must�ve been turned on by default. We quickly turn it off, delete the 280GB of photos and videos from OneDrive, and move on to the real issue at hand. Since nothing seems to work, and none of what we find online brings us any closer to what�s going on with her Windows 11 installation, we figured it�s time to bring out the big guns. For the sake of brevity, let�s run through the things we tried. Booting into safe mode doesn�t work; we get the same login problems. Trying to uninstall the latest updates, an option in WinRE, doesn�t work, and throws up an unspecified error. We try to use a restore point, but despite knowing for 100% certain the feature to periodically create restore points is enabled, the only available restore point is from 2022, and is located on a drive other than her root drive (or C:\! in Windows parlance). Using the reset option in WinRE doesn�t work either, as it also throws up an error, this time about not having enough free space. I also walk through a few more complex suggestions, like a few manual registry hacks related to the original error using cmd.exe in WinRE. None of it yields any results. It�s now approaching midnight, and we need to get up early to drop the kids off at preschool, so I tell my wife I�ll reinstall her copy of Windows 11 tomorrow. We�re out of ideas. The next day, I decide to give it one last go before opting for the trouble of going through a reinstallation. The one idea I still have left is to enable the hidden administrator account in Windows 11, which gives you password-free access to what is basically Windows� root account. It involves booting into WinRE, loading up cmd.exe, and replacing utilman.exe in system32 with cmd.exe: If you then proceed to boot into Windows 11 and click on the Accessibility icon in the bottom-right, it will open utilman.exe!, but since that�s just cmd.exe with the utilman.exe name, you get a command prompt to work with, right on the login screen. From here, you can launch regedit, find the correct key, change a REG_BINARY, save, and reboot. At the login screen, you�ll see a new adminstrator! account with full access to your computer. During the various reboots, I do some more web searching, and I stumble upon a post on
- Intel to build x86 CPUs with NVIDIA graphics, most likely spelling the end of ARC
Intel is in very dire straits, and as such, the company needs investments and partnerships more than anything. Today, NVIDIA and Intel announced just such a partnership, in which NVIDIA will invest $5 billion into the troubled chip giant, while the two companies will develop products that combine Intel�s x86 processors with NVIDIA�s GPUs. For data centers, Intel will build NVIDIA-custom x86 CPUs that NVIDIA will integrate into its AI infrastructure platforms and offer to the market. For personal computing, Intel will build and offer to the market x86 system-on-chips (SOCs) that integrate NVIDIA RTX GPU chiplets. These new x86 RTX SOCs will power a wide range of PCs that demand integration of world-class CPUs and GPUs. ↫ NVIDIA press release My immediate reaction to this news was to worry about the future of Intel�s ARC graphics efforts. Just as the latest crop of their ARC GPUs have received a ton of good press and positive feedback, with some of their cards becoming the go-to suggestion for a budget-friendly but almost on-par alternative to offerings from NVIDIA and AMD, it would be a huge blow to user choice and competition if Intel were to abandon the effort. I think this news pretty much spells the end for the ARC graphics effort. Making dedicated GPUs able to compete with AMD and NVIDIA must come at a pretty big financial cost for Intel, and I wouldn�t be surprised if they�ve been itching to find an excuse to can the whole project. With NVIDIA GPUs fulfilling the role of more powerful integrated GPUs, all Intel really needs is a skeleton crew developing the basic integrated GPUs for cheaper and non-gaming oriented devices, which would be a lot cheaper to maintain. For just $5 billion dollars, NVIDIA most likely just eliminated a budding competitor in the GPU space. That�s cheap.
- Steam drops 32bit Windows support
All good things come to an end eventually, and that includes support for 32bit Windows in Steam. As of January 1 2026, Steam will stop supporting systems running 32-bit versions of Windows. Windows 10 32-bit is the only 32-bit version that is currently supported by Steam and is only in use on 0.01% of systems reported through the Steam Hardware Survey. Windows 10 64-bit will still be supported and 32-bit games will still run. ↫ Steam support article While existing installations will continue to work, they will no longer receive any Steam updates or support. Valve obviously advises the small sliver of users still using 32bit Windows � unbeknownst to them, I�m sure � to upgrade to a 64bit release. Upcoming versions of Steam will only work on 64bit systems.
- GNOME 49 released
GNOME 49 has been released, and it�s got a lot of nice updates, improvements, and fixes for everyone. GNOME 49 finally replaces the ageing Totem video player with Showtime, and Evince, GNOME�s document viewer, is replaced by the new Papers. Both of these new applications bring a modern GTK4 user interface to replace their older GTK3 counterparts. Papers supports a ton of both document-oriented as well as comic book formats, and has annotation features. We�ve already touched on the extensive accessibility improvements in GNOME Calendar, but other applications have been improved as well, such as Maps, Software, and Web. Software�s improvements focus on improving the application�s performance, especially when dealing with Flatpaks from Flathub, while Web, GNOME�s web browser, comes with improved ad blocking and optional regional blocklists, better bookmark management, improved security features, and more. The remote desktop experience also saw a lot of work, with multitouch input support, extended virtual monitors, and relative mouse input. For developers, GNOME 49 comes with the new GTK 4.20, the latest version of Glib, and Libadwaita 1.8, released only a few days ago. It brings a brand new shortcuts information dialog as its most user-facing feature, on top of a whole bunch of other, developer-oriented features. GNOME 49 will find its way to your distribution of choice soon enough.
- Installing and using Debian with my decades-old genuine DEC vt510 serial terminal
It�s 2025, and yes, you can still install and run a modern Linux distribution like Debian through a real hardware terminal. While I have used a terminal with the Pi, I’ve never before used it as a serial`console`all the way from early boot, and I have never installed Debian using the terminal to run the installer. A serial terminal gives you a login prompt. A serial console gives you access to kernel messages, the initrd environment, and sometimes even the bootloader. This might be fun, I thought. ↫ John Goerzen at The Changelog It seems Debian does a lot of the correct configurations for you, but there�s still a few things you�ll need to manually change, but none of it seems particularly complicated. Once the installation is completed, you have a system that�s completely accessible and usable from a hardware terminal, which, while maybe not particularly important in this day and age of effortless terminal emulators, is still quite a cool thing to have.
- Haiku vastly improves git status performance
Another month, another summary of changes in Haiku, the BeOS-inspired operating system. The main focus this past month has been improving the performance of git status, which has been measurably worse on Haiku than on Linux running on similar hardware. This work has certainly paid off, as the numbers demonstrate. The results are clearly more than worth the trouble, though: in one test setup with`git status`in Haiku’s`buildtools`repository (which contains the entirety of the`gcc`and`binutils`source code, among other things – over 160,000 files) went from around 33 seconds with a cold disk cache, to around 20 seconds; and with a hot disk cache, from around 15 seconds to around 2.5 seconds. This is still a ways off from Linux (with a similar setup in the same repository,`git status`there with a hot disk cache takes only 0.3 seconds). Performance on Haiku will likely be measurably faster on builds without`KDEBUG`enabled, but not by that much. Still, this is clearly a significant improvement over the way things were before now. ↫ Haiku Activity 8 Contract Report, August 2025 There�s more than this, of course, such as initial support for Intel�s Apollo Lake GPU in the Intel modesetting driver, improvements to USB disk performance, a reduction in power usage when in KDL, and much, much more.
- Why is the name of the Microsoft Wireless Notebook Presenter Mouse 8000 hard-coded into the Bluetooth drivers?
Some time ago, people noticed that buried in the Windows Bluetooth drivers is the hard-coded name of the Microsoft Wireless Notebook Presenter Mouse 8000. What’s going on there? Does the Microsoft Wireless Notebook Presenter Mouse 8000 receive favorable treatment from the Microsoft Bluetooth drivers? Is this some sort of collusion? No, it’s not that. ↫ Raymond Chen So, what is the actual problem? It�s a funny one: an encoding mistake. The device local name string for a device needs to be encoded in UTF-8, and that�s where the developers of the Microsoft Wireless Notebook Presenter Mouse 8000 made a mistake. The string contains a registered trademark symbol � ® � but they encoded it in code page 1252, which not only isn�t allowed, but gets rejected completely. So, Windows� Bluetooth drivers have a table that contains the wrong name for a driver, accompanied by the right name to use. This mouse is the only entry.
- Java 25 released
Java 25 has been released. JDK 25, the reference implementation of Java 25, is now Generally Available. We shipped build 36 as the second Release Candidate of JDK 25 on 15 August, and no P1 bugs have been reported since then. Build 36 is therefore now the GA build, ready for production use. ↫ Java 25/JDK 25 release announcement If you want to dive into the details about this new release, feel free to peruse the long, long list of improvements and changes.
- A months of ad-free OSNews: we�re closing in on the fundraising goal, and need your help to get there
It�s been a little over a month since OSNews went completely ad-free for everyone. I can say the support has been overwhelming, with the accompanying fundraiser currently sitting at 67% of the €5000 goal! Of course things slowed down a bit after the initial week of one donation after the next, so I�m throwing out this reminder that without your support, OSNews can�t exist � doubly so now that I�ve removed any and all advertising. Help us reach that 100%! So, what can you do to support OSNews? By being entirely free from the corrupting influence of advertising, I have even less desire to chase views, entrap users with slop content, game search engines with shitty SEO spam, or turn on the taps of AI!-generated trash to spew forth as much articles! and thus views as possible. This also means that OSNews is one of the few technology news websites remaining that is not part of a massive corporate media conglomerate, so there�s no pressure from corporate! to go easy on advertisers or write favourable stuff about corporate�s friends. You�d be surprised to learn how many technology sites out there are not independent. The response to OSNews no longer having any advertising has been overwhelmingly positive � unsurprisingly � and that has taken away any reservations I might have had about taking this step. In a world where so many websites are disappearing, turning into corporate mouthpieces, or becoming glorified content farms, OSNews can keep on doing what it does, independent of any outside influence, thanks to the countless contributions from all of you. Thank you.
- Apple releases version 26 of all of its operating systems
It�s release day for all of Apple�s operating systems, so if you�re fully or only partway into the ecosystem, you�ve got some upgrades ahead of you. Version 26 for macOS, iOS and iPadOS, watchOS, tvOS, visionOS, and HomePod Software have all been released today, so if you own any device running any of these operating system, it�s time to head on over to the update section of the settings application and wait for that glass to slowly and sensually liquefy all over your screens. Do put a sock on the doorknob.
- Writing an operating system kernel from scratch in Zig
I recently implemented a minimal proof of concept time-sharing operating system kernel on RISC-V. In this post, I’ll share the details of how this prototype works. The target audience is anyone looking to understand low-level system software, drivers, system calls, etc., and I hope this will be especially useful to students of system software and computer architecture. Finally, to do things differently here, I implemented this exercise in Zig, rather than traditional C. In addition to being an interesting experiment, I believe Zig makes this experiment much more easily reproducible on your machine, as it’s very easy to set up and does not require any installation (which could otherwise be slightly messy when cross-compiling to RISC-V). ↫ Uros Popovic This is not the first, and certainly not the last, operating system implemented from scratch as a teaching exercise, both for the creator itself, as well as for others wanting to follow along. This time it�s developed for RISC-V, and in an interesting twist, programmed in Zig (no Rust for once!).
- Microsoft to force-install Copilot onto Windows PCs with Office 365 installed
And the beatings continue until AI! improves. Except if you live in the European Union/EEA, that is. Windows devices with the Microsoft 365 desktop client apps will automatically install the Microsoft 365 Copilot app. This app installation takes place in the background and would not disrupt the user. This app installation will start in Fall 2025. ↫ Microsoft support document Basically, if you have Microsoft 365 desktop applications installed � read my article about some deep Microsoft lore to figure out what that means � Microsoft is going to force-install all the Copilot stuff onto your computer, whether you like it or not. Thanks to more robust consumer protection legislation in the European Union/EEA, like the Digital Markets Act and Digital Services Act, this force-install will not take place there. Administrators managing Office 365 deployments get an option to opt-out through the Microsoft 365 Apps admin center, but I�m not sure if regular users can use this method as well. Remember, when you�re using Windows (or macOS, for that matter), you don�t own your computer. Plan accordingly.
- The idea of /usr/sbin has failed in practice
It may be arcane knowledge to most users of UNIX-like systems today, but there is supposed to be a difference between /usr/bin and /usr/sbin; the latter is supposed to be for system binaries!, not needed by most normal users. The Filesystem Hierarchy Standard states that sbin directories are intended to contain utilities used for system administration (and other root-only commands)!, which is quite vague when you think about it. This has led to UNIX-like systems basically just winging it, making the distinction almost entirely arbitrary. For a long time, there has been no strong organizing principle to /usr/sbin that would draw a hard line and create a situation where people could safely leave it out of their $PATH. We could have had a principle of, for example, programs that don�t work unless run by root!, but no such principle was ever followed for very long (if at all). Instead programs were more or less shoved in /usr/sbin if developers thought they were relatively unlikely to be used by normal people. But �relatively unlikely� is not �never�, and shortly after people got told to �run traceroute� and got �command not found� when they tried, /usr/sbin (probably) started appearing in $PATH. ↫ Chris Siebenmann As such, Fedora 42 unifies /usr/bin and /usr/sbin, which is kind of a follow-up to the /usr merge, and serves as a further simplification and clean-up of the file system layout by removing divisions and directories that used to make sense, but no longer really do. Decisions like these have a tendency to upset a small but very vocal group of people, people who often do not even use the distribution implementing the decisions in question in the first place. My suggestions to those people would be to stick to distributions that more closely resemble classic UNIX. Or use a real UNIX. Anyway, these are good moves, and I�m glad most prominent Linux distributions are not married to decisions made in the �70s, especially not when they can be undone without users really noticing anything.
- Google decides to significantly harm Android security to please lazy OEMs
Google continues putting nails in the coffin that is the Android Open Source Project. This time, they�re changing the way they handle security updates to appease slow, irresponsible Android OEMs, while screwing over everyone else. The basic gist is that instead of providing monthly security updates for OEMs to implement on their Android devices, Google will now move to a quarterly model, publishing only extremely severe issues on a monthly basis. The benefit for OEMs is that for most vulnerabilities, they get three months to distribute (most) fixes instead of just one month, but the downsides are also legion. Vulnerabilities will now be out in the wild for three months instead of just one, and while they�re shared with OEMs privately!, we�re talking tends of thousands of pairs of eyes here, so privately! is a bit of a misnomer. The dangers are obvious; these vulnerabilities will be leaked, and they will be abused by malicious parties. Another massive downside related to this change is that Google will now no longer be providing the monthly patches as open source within AOSP, instead only releasing the quarterly patch drops as open source. This means exactly what you think it does: no more monthly security updates from third-party ROMs, unless those third-party ROMs choose to violate the embargo themselves and thus invite all sorts of problems. Extending the patch access window from one month to three is absolutely insane. Google should be striving to shorten this window as much as possible, but instead, they�re tripling it in length to create a false sense of security. OEMs can now point at their quarterly security updates and claim to be patching vulnerabilities as soon as Google publishes them, while in fact, the unpatched vulnerabilities will have been out in the wild for months by that point. This change is irresponsible, misguided, and done only to please lazy, shitty OEMs to create a false sense of security for marketing purposes.
- China is selling its Great Firewall censorship tools to countries around the world
We�re all aware of the Chinese Great Firewall, the tool the Chinese government uses for mass censorship and for safeguarding and strengthening its totalitarian control over the country and its population. It turns out that through a Chinese shell company called Geedge Networks, China is also selling the Great Firewall to other totalitarian regimes around the world. Thanks to a massive leak of 500 GB of source code, work logs, and internal communication records, we now have more insight into how the Great Firewall works than ever before, leading to in-depth reports like this one from InterSecLab. The findings are chilling, but not surprising. First and foremost, Geedge is selling the Great Firewall to a variety of totalitarian regimes around the world, namely Kazakhstan, Ethiopia, Pakistan, Myanmar, and another unidentified country. These governments can then ask Geedge to make specific changes and ask them to focus on specific capabilities to further enhance the functionality of the Great Firewall, but what it can already do today is bad enough. The suite of products offered by Geedge Networks allow a client government unprecedented access to internet user data and enables governments to use this data to police national and regional networks. These capabilities include deep packet inspection for advanced classification, interception, and manipulation of application and user traffic; monitoring the geographic location of mobile subscribers in real time; analyzing aggregated network traffic in specific areas, such as during a protest or event; flagging unusual traffic patterns as suspicious; creating tailored blocking rules to obstruct access to a website or application (such as a VPN (Virtual Private Network) or circumvention tool); throttling traffic to specific services; identifying individual internet users for accessing websites or using circumvention tools or VPNs; assigning individual internet users reputation scores based on their online activities; and infecting users with malware through in-path injection. ↫ The Internet Coup: A Technical Analysis on How a Chinese Company is Exporting The Great Firewall to Autocratic Regimes Internet service providers participate in the implementation of the suite of tools, either freely or by force, and since the tools are platform-agnostic it doesn�t matter which platforms people are using in any given country, making international sanctions effectively useless. It also won�t surprise you that Geedge steals both proprietary and open source code, without regards for licensing terms. Furthermore, China is allowing provinces and regions within its borders to tailor and adapt the Great Firewall to their own local needs, providing a blueprint for how to export the suite of tools to other countries. With quite a few countries sliding ever further towards authoritarianism, I�m sure even places not traditionally thought of as totalitarian are lustfully looking at the Chinese Great Firewall, wishing they had something similar in their own countries.
- Everything about Psion, in one place
Celebrate classic Psion machines with us, from the original Organiser, through the Series 3 and Series 5, all the way to the netBook. Get help with your classic palmtop computer, or help to develop software and hardware that will bring these devices into the 21st Century. ↫ Psion Community website A brand new one-stop shop for everything related to keeping Psion machines going. A library of all the software, lists of all the ROM images, tons of development resources, and much more.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- USB4 Maintainer Leaves Intel
Michael Jamet, one of the primary maintainers of USB4 and Thunderbolt drivers, has left Intel, leaving a gaping hole for the Linux community to deal with.
- VirtualBox 7.2 Has Arrived
With early support for Linux kernel 6.17 and other new additions, VirtualBox 7.2 is a must-update for users.
- Linux Hits an Important Milestone
If you pay attention to the news in the Linux-sphere, you've probably heard that the open source operating system recently crashed through a ceiling no one thought possible.
- Plasma Bigscreen Returns
A developer discovered that the Plasma Bigscreen feature had been sitting untouched, so he decided to do something about it.
|
