Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All/All+Images) (Single Column)

LinuxSecurity - Security Advisories







LWN.net

  • [$] Mergiraf: syntax-aware merging for Git
    The idea of automatic syntax-aware merging in version-control systems goes back to2005 or earlier, but initial implementations wereoften language-specific and slow.Mergiraf is a merge-conflict resolver that uses a generic algorithm plus asmall amount of language-specific knowledgeto solve conflicts that Git's default strategy cannot.The project's contributors have been working on thetool for just under a year, but it alreadysupports 33 languages, including C,Python, Rust, and evenSystemVerilog.


  • Ubuntu introduces architecture variants
    Michael Hudson-Doyle, a member of Ubuntu's Foundations team, has announcedthe introduction of an "architecture variant" for Ubuntu 25.10:

    By making changes to dpkg, apt and Launchpad, we are able to buildmultiple versions of a package, each for a different level of thex86-64 architecture, meaning we can have packages that specificallytarget x86-64-v3, for example.

    As a result, we're very excited to share that in Ubuntu 25.10, somepackages are available, on an opt-in basis, in their optimized formfor the more modern x86-64-v3 architecture level.

    See the announcement for details on opting in to x86-64-v3packages.



  • Security updates for Friday
    Security updates have been issued by AlmaLinux (java-1.8.0-openjdk, java-17-openjdk, libtiff, redis, and redis:6), Debian (chromium, mediawiki, pypy3, and squid), Fedora (openbao), SUSE (cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont, chromium, chrony, expat, haproxy, himmelblau, ImageMagick, iputils, kernel, libssh, libxslt, openssl-3, podman, strongswan, xorg-x11-server, and xwayland), and Ubuntu (kernel, libxml2, libyaml-syck-perl, linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle, linux-fips, linux-aws-fips, linux-gcp-fips, linux-kvm, and netty).


  • Rust 1.91.0 released
    Version1.91.0 of the Rust language has been released. Changes includepromoting aarch64-pc-windows-msvc to a tier-1 platform, a new lint ruleto catch dangling raw pointers from local variables, and a fair number ofnewly stabilized APIs.


  • [$] The long path toward optimizing short reads
    The kernel's file-I/O subsystems have been highly optimized over the yearsin the hope of providing the best performance for a wide variety ofworkloads. There is, however, one workload type that suffers with currentkernels: applications that perform many short reads, in multiple processes,from the same file. Kiryl Shutsemau has been working on a patch totry to optimize this case, but the task is turning out to be harder thanone might expect.


  • Bazzite Fall update released
    The Universal Blueproject has announcedthe Fall update for the Fedora-based Bazzite gaming distribution. Thisrelease brings Bazzite up to Fedora 43, includes support foradditional handheld gaming systems, as well as drivers for a number ofsteering wheel devices, and more.



  • Security updates for Thursday
    Security updates have been issued by AlmaLinux (java-21-openjdk and libtiff), Debian (pdns-recursor and xorg-server), Fedora (bind, bind-dyndb-ldap, dtk6core, dtk6gui, dtk6log, dtk6widget, fcitx5-qt, fluidsynth, gammaray, kddockwidgets, LabPlot, mingw-qt6-qt3d, mingw-qt6-qt5compat, mingw-qt6-qtactiveqt, mingw-qt6-qtbase, mingw-qt6-qtcharts, mingw-qt6-qtdeclarative, mingw-qt6-qtimageformats, mingw-qt6-qtlocation, mingw-qt6-qtmultimedia, mingw-qt6-qtpositioning, mingw-qt6-qtscxml, mingw-qt6-qtsensors, mingw-qt6-qtserialport, mingw-qt6-qtshadertools, mingw-qt6-qtsvg, mingw-qt6-qttools, mingw-qt6-qttranslations, mingw-qt6-qtwebchannel, mingw-qt6-qtwebsockets, nheko, python-pyqt6, qt-creator, qt6, qt6-qt3d, qt6-qt5compat, qt6-qtbase, qt6-qtcharts, qt6-qtcoap, qt6-qtconnectivity, qt6-qtdatavis3d, qt6-qtdeclarative, qt6-qtgrpc, qt6-qthttpserver, qt6-qtimageformats, qt6-qtlanguageserver, qt6-qtlocation, qt6-qtlottie, qt6-qtmqtt, qt6-qtmultimedia, qt6-qtnetworkauth, qt6-qtopcua, qt6-qtpositioning, qt6-qtquick3d, qt6-qtquick3dphysics, qt6-qtquicktimeline, qt6-qtremoteobjects, qt6-qtscxml, qt6-qtsensors, qt6-qtserialbus, qt6-qtserialport, qt6-qtshadertools, qt6-qtspeech, qt6-qtsvg, qt6-qttools, qt6-qttranslations, qt6-qtvirtualkeyboard, qt6-qtwayland, qt6-qtwebchannel, qt6-qtwebengine, qt6-qtwebsockets, qt6-qtwebview, unbound, xorg-x11-server-Xwayland, and zeal), Oracle (kernel and libtiff), Red Hat (redis:6), Slackware (tigervnc and xorg), SUSE (java-21-openjdk, java-25-openjdk, strongswan, and xorg-x11-server), and Ubuntu (amd64-microcode, binutils, and xorg-server, xwayland).


  • [$] LWN.net Weekly Edition for October 30, 2025
    Inside this week's LWN.net Weekly Edition:
    Front: Pixnapping attack; Fil-C; Debian ftpmasters; GoFundMe complaints; Safer user-space access. Briefs: Man pages 6.16; Btrfs on AlmaLinux; Fedora Linux 43; ICANN report; PSF grants; Rust Coreutils 0.3.0; Tor Browser 15.0; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.


  • GNU/Linux man pages 6.16 released
    Alejandro Colomar has announced the release of version 6.16 of the GNU/Linux man pages. This release includes new or rewritten man pages for fsconfig(), fsmount(), and fsopen(), as well as a number of newly documented interfaces in existing man pages. The release is also available as a PDF book.


  • ICANN report: DNS runs on FOSS
    ICANN's Security andStability Advisory Committee (SSAC) has announceda reporton "the critical role of Free and Open Source Software (FOSS)within the Domain Name System (DNS)". The report is aimed atpolicymakers and examines recent cybersecurity regulations in the US,UK, and EU as they apply to FOSS in the DNS system; it includesfindings and guidelines "to strengthen the FOSS ecosystem that iscritical to the secure and stable operation of the Internet". Fromthe report's summary:

    This ecosystem depends on a global network of maintainers andcontributors who are often unpaid volunteers. While many are unpaidvolunteers, the DNS space is unique in also relying on a handful oflong-lived maintenance organizations. This creates a model based oncommunity collaboration rather than the commercial contracts thatdefine a traditional software supply chain, which introduces uniquerisks related to financial sustainability for the maintenanceorganizations and maintainer burnout for volunteers.

    These unique characteristics mean that regulatory frameworksdesigned for proprietary software may not be well-suited for FOSS andtherefore could have severe unintended consequences to the stabilityof critical Internet infrastructure.

    Thanks to SSAC member Maarten Aertsen for the tip.



  • [$] Retrieving pixels from Android phones with Pixnapping
    A new class of attacks on Android phones, called "Pixnapping", was announced onOctober 13. It allows a malicious app to gather output rendered in avictim app, pixel-by-pixel, by exploiting a GPU side-channel. Depending onwhat the victim app displays, anything from sensitive email and chats totwo-factor authentication (2FA) codes could be captured—and shipped off toan attacker's site.


  • Tor Browser 15.0 released
    Version 15.0of the TorBrowser has been released:
    This is our first stable release based on Firefox ESR 140, incorporating a year's worth of changes that have been shippedupstream in Firefox. As part of this process, we've also completed ourannual ESR transition audit, where we reviewed and addressed around200 Bugzilla issues for changes in Firefox that may negatively affectthe privacy and security of Tor Browser users. Our final reports fromthis audit are now available in the tor-browser-specrepository on our GitLab instance.
    This release inherits the vertical tabs feature, unified searchbutton, as well as other new features and usability improvements inFirefox that have passed the Tor Project's audit.



  • [$] Debian splits ftpmaster team
    Debian's ftpmasterteam has been responsible for allowing new packages to enter Debian,removing old packages, and otherwise maintaining Debian's packagearchive for more than two decades. As of October 26, the team isno more and its duties are being split between two new teams. The ArchiveOperations Team will focus on the infrastructure required tosupport the Debianarchives, and the DFSG, Licensing & NewPackages Team, which is responsible for reviewing packagesentering the newqueue. In time, this move could speed up processing of newpackages, as well as making the teams more sustainable, but only afternew members are recruited and trained. For now, the same folks aredoing the work but spread across two teams.


  • Seven stable kernels for Wednesday
    Greg Kroah-Hartman has announced the release of the 6.17.6, 6.12.56, 6.6.115, 6.1.158, 5.15.196, 5.10.246, and 5.4.301 stable kernels. As always, eachcontains important fixes throughout the tree. Users of these kernelsare advised to upgrade.



  • Security updates for Wednesday
    Security updates have been issued by Debian (gimp, python-authlib, and xorg-server), Fedora (chromium and git-lfs), Mageia (poppler and tomcat), Red Hat (kernel, kernel-rt, redis, and redis:6), SUSE (fetchmail, grafana, ImageMagick, kernel-devel, libluajit-5_1-2, proxy-helm, python-Authlib, and xen), and Ubuntu (linux-intel-iotg, linux-intel-iotg-5.15 and squid, squid3).



LXer Linux News

  • Vulkan 1.4.331 Brings Two New Extensions
    Just one week after Vulkan 1.4.330 brought five new extensions, Vulkan 1.4.331 is now available with another two new extensions for this high performance graphics and compute API...




  • The clock's ticking for MySQL 8.0 as end of life looms
    Percona says more than half of installs remain on version set to lose support in 2026Users have six months to migrate from MySQL 8.0 if they are to stay on a supported version of the open source database, or face security and reliability risks.…


  • Steam Deck 2 Rumors Ignite a New Era for Linux Gaming
    The speculation around a successor to the Steam Deck has stirred renewed excitement, not just for a new handheld, but for what it signals in Linux-based gaming. With whispers of next-gen specs, deeper integration of SteamOS, and an evolving handheld PC ecosystem, these rumors are fueling broader hopes that Linux gaming is entering a more mature age. In this article we look at the existing rumors, how they tie into the Linux gaming landscape, why this matters, and what to watch.









  • LILYGO T-Echo Plus Integrates LoRa, GNSS, and IMU in Rugged Wireless Smart Tag
    LILYGO’s T-Echo Plus is a compact, battery-powered smart tag designed for wireless telemetry, motion tracking, and geolocation. It combines LoRa communication, GNSS positioning, Bluetooth Mesh, and a 6-axis IMU in an enclosure with both vibration and visual feedback, aiming to support mobile, field-deployed, or remote monitoring applications. The device uses the nRF52840 SoC from Nordic […]



  • DietPi October 2025 Update Adds Support for NanoPi R3S, R76S, and Reworked Dashboard
    The October 18th release of DietPi v9.18 introduces support for new FriendlyELEC single-board computers, a redesigned DietPi-Dashboard with improved security, and the addition of the LazyLibrarian eBook and audiobook manager. The update also includes bug fixes, filesystem improvements, and expanded compatibility for virtual devices   DietPi: DietPi is a lightweight, Debian-based operating system optimized for […]







Linux Insider"LinuxInsider"












Slashdot

  • YouTube's AI Moderator Pulls Windows 11 Workaround Videos, Calls Them Dangerous
    An anonymous reader shares a report: Is installing Windows 11 with a local account or on unsupported hardware harmful or dangerous? YouTube's AI moderation system seems to think so, as it has started pulling videos that show users how to sidestep Microsoft's setup restrictions. Tech YouTuber Rich White, aka CyberCPU Tech, was the first to go public about the issue on October 26, when he posted a video reporting the removal of a how-to he published on installing Windows 11 25H2 with a local account instead of a Microsoft account. In the video, White expressed concern that YouTube's automated flagging process may be the root of the problem, as he found it hard to believe that "creating a local account in Windows 11 could lead to serious harm or even death," as YouTube reportedly alleged when it removed the video. When he appealed, White said that YouTube denied the request within 10 to 20 minutes, early on a Sunday morning, which led him to speculate that there wasn't a human in the loop when the request was shut down. That wasn't his only video removed, either. The next day, White uploaded his video for this week on installing Windows 11 25H2 on unsupported hardware, which was removed hours after being posted. YouTube justified the removal on similar grounds. [...] At least two other YouTubers - Britec09 and Hrutkay Mods - have released videos alleging much of the same.


    Read more of this story at Slashdot.


  • Windows 11 Tests Bluetooth Audio Sharing That Connects Two Headsets at Once
    Microsoft is bringing shared audio to Windows 11, allowing you to stream audio across two pairs of wireless headphones, speakers, earbuds, or hearing aids. From a report: The feature is built using the Bluetooth Low Energy (LE) audio codec, and it's rolling out in preview to Windows 11 Insiders in the Dev and Beta channels. Shared audio comes in handy if you're watching a movie on a laptop with your friend or family member, or just want to show them new music that you can both stream inside your own wireless headsets. You can use shared audio by connecting Bluetooth LE-supported devices to your Windows 11 PC and then selecting the Shared audio (preview) button in your quick settings menu. Microsoft introduced an LE Audio feature on Windows 11 in August, enabling higher audio quality while using a wireless headset in a game or call.


    Read more of this story at Slashdot.


  • Coinbase CEO Stunt Exposes Prediction Market Vulnerability
    An anonymous reader shares a report: When Coinbase's quarterly earnings call wrapped up Thursday, its chief executive, Brian Armstrong, didn't finish with profit guidance or statements of confidence. He closed it out with a list: "Bitcoin, Ethereum, blockchain, staking and Web3." Those weren't random buzzwords. They were part of an $84,000 betting market [non-paywalled source]. Across prediction market platforms Kalshi and Polymarket, users had wagered on which words would be spoken during the call -- part of a niche category known as mention markets, where the outcome isn't tied to earnings, price moves or sports games, but to what people say in some public forum. With the final analyst question complete, several terms listed in contracts were still unsaid. Armstrong ticked them off one by one. "I was a little distracted because I was tracking the prediction market about what Coinbase will say on their next earnings call," he said in his parting remarks. "I just want to add here the words Bitcoin, Ethereum, blockchain, staking, and Web3 -- to make sure we get those in before the end of the call." The exchange's CEO had just moved a market -- even if only a small one. Mention markets are one of the more curious byproducts of the broader prediction market boom, but also one of the more controversial. Platforms like Kalshi, which is regulated by the Commodity Futures Trading Commission, and Polymarket, which is in the process of returning to the US market, let users wager on the outcomes of real-world events. That can mean elections, policy decisions, or sports -- but also, increasingly, corporate rituals and even common jargon.


    Read more of this story at Slashdot.


  • A TikTok Interview Triggered a Securities Filing
    Snowflake filed an 8-K with the Securities and Exchange Commission earlier this week after its chief revenue officer gave financial projections in a TikTok video. Mike Gannon told an influencer outside the New York Stock Exchange that the data-storage company would exit the year with just over $4.5 billion in revenue and reach $10 billion in a couple of years. The filing stated that Gannon is not authorized to disclose financial information on behalf of the company and that investors should not rely on his statements. Snowflake reaffirmed its August guidance of $.395 billion for fiscal year 2026. The video appeared on an account called theschoolofhardknockz and drew more than 555,000 views on TikTok. Gannon told the interviewer he watches the videos all the time.


    Read more of this story at Slashdot.


  • 10M People Watched a YouTuber Shim a Lock; the Lock Company Sued Him. Bad Idea.
    Trevor McNally posts videos of himself opening locks. The former Marine has 7 million followers and nearly 10 million people watched him open a Proven Industries trailer hitch lock in April using a shim cut from an aluminum can. The Florida company responded by filing a federal lawsuit in May charging McNally with eight offenses. Judge Mary Scriven denied the preliminary injunction request in June and found the video was fair use. McNally's followers then flooded the company with harassment. Proven dismissed the case in July and asked the court to seal the records. The company had initiated litigation over a video that all parties acknowledged was accurate. ArsTechnica adds: Judging from the number of times the lawsuit talks about 1) ridicule and 2) harassment, it seems like the case quickly became a personal one for Proven's owner and employees, who felt either mocked or threatened. That's understandable, but being mocked is not illegal and should never have led to a lawsuit or a copyright claim. As for online harassment, it remains a serious and unresolved issue, but launching a personal vendetta -- and on pretty flimsy legal grounds -- against McNally himself was patently unwise. (Doubly so given that McNally had a huge following and had already responded to DMCA takedowns by creating further videos on the subject; this wasn't someone who would simply be intimidated by a lawsuit.) In the end, Proven's lawsuit likely cost the company serious time and cash -- and generated little but bad publicity.


    Read more of this story at Slashdot.


  • The World's Secret Electricity Superusers Revealed
    An anonymous reader shares a report: The rush to secure electricity has intensified as tech companies look to spend trillions of dollars building data centers. There's an industry that consumes even more power than many tech giants, and it has largely escaped the same scrutiny: suppliers of industrial gases. Everyday items like toothpaste and life-saving treatments like MRIs are among the countless parts of modern life that hinge on access to gases such as nitrogen, oxygen and helium. Producing and transporting these gases to industrial facilities and hospitals is a highly energy-intensive process. Three companies -- Linde, Air Liquide and Air Products and Chemicals -- control 70% of the $120 billion global market for industrial gases. Their initiatives to rein in electricity use or switch to renewables aren't enough to rapidly cut carbon emissions, according to a new report from the campaign group Action Speaks Louder. "The scale of the sector's greenhouse gas emissions and electricity use is staggering," said George Harding-Rolls, the group's head of campaigns and one of the authors of the report. Linde's electricity use in 2024 exceeded that of Alphabet's Google and Samsung Electronics as well as oil giant TotalEnergies, while the power use of Air Liquide and Air Products was comparable to that of Shell and Microsoft. Yet unlike fossil fuel and tech companies, these industrial gas companies are far from household names because their customers are the world's largest chemicals, steel and oil companies rather than average consumers. The industry relies on air-separation units, which use giant compressors to turn air into liquid and then distill it into its many components. These machines are responsible for much of the industry's electricity demand, and their use alone is responsible for 2% of carbon dioxide emissions in China and the US, the world's two largest polluters.


    Read more of this story at Slashdot.


  • FDA Clears Way For Faster Personalized Gene Editing Therapy
    A top United States regulator plans to unveil a faster approach to approving custom gene-editing treatments, a move designed to unleash a wave of industry investment that will yield cures for patients with rare diseases. From a report: Vinay Prasad, who oversees gene therapies at the Food and Drug Administration, said scientific advances, like Crispr, have forced the agency to relax some of its strict rules. As an example, he cited the case of 10-month-old KJ Muldoon, who this year became the first person in history to have his genes custom edited to cure an inherited disease. "Regulation has to evolve as fast as science evolves," Prasad said in an interview with Bloomberg News. The agency is "going to be extremely flexible and work very fast with the scientists who want to bring these therapies to kids who need it." Prasad plans to publish a paper in early November outlining the FDA's new approach. He predicted it will spark interest in developing treatments for conditions that may affect only a handful of people.


    Read more of this story at Slashdot.


  • Google Working on Bare-Bones Maps That Removes Almost All Interface Elements and Labels
    Google Maps is testing a power saving mode in its latest Android beta release that strips the navigation interface to its bare essentials. The feature transforms the screen into a monochrome display and removes nearly all UI elements during navigation, according to AndroidAuthority. Users discovered code strings in version 25.44.03.824313610 indicating the mode activates through the phone's physical power button rather than through any in-app menu. The stripped-down interface eliminates standard map labels and appears to omit even the name of the upcoming street where drivers need to turn. The mode supports walking, driving, and two-wheeler directions but currently cannot be used in landscape orientation.


    Read more of this story at Slashdot.


  • You Can't Refuse To Be Scanned by ICE's Facial Recognition App, DHS Document Says
    An anonymous reader shares a report: Immigration and Customs Enforcement (ICE) does not let people decline to be scanned by its new facial recognition app, which the agency uses to verify a person's identity and their immigration status, according to an internal Department of Homeland Security (DHS) document obtained by 404 Media. The document also says any face photos taken by the app, called Mobile Fortify, will be stored for 15 years, including those of U.S. citizens. The document provides new details about the technology behind Mobile Fortify, how the data it collects is processed and stored, and DHS's rationale for using it. On Wednesday 404 Media reported that both ICE and Customs and Border Protection (CBP) are scanning peoples' faces in the streets to verify citizenship. "ICE does not provide the opportunity for individuals to decline or consent to the collection and use of biometric data/photograph collection," the document, called a Privacy Threshold Analysis (PTA), says. A PTA is a document that DHS creates in the process of deploying new technology or updating existing capabilities. It is supposed to be used by DHS's internal privacy offices to determine and describe the privacy risks of a certain piece of tech. "CBP and ICE Privacy are jointly submitting this new mobile app PTA for the ICE Mobile Fortify Mobile App (Mobile Fortify app), a mobile application developed by CBP and made accessible to ICE agents and officers operating in the field," the document, dated February, reads. 404 Media obtained the document (which you can see here) via a Freedom of Information Act (FOIA) request with CBP.


    Read more of this story at Slashdot.


  • Affinity's Image-Editing Apps Go 'Freemium' in First Major Post-Canva Update
    ArsTechnica: When graphic design platform-provider Canva bought the Affinity image-editing and publishing apps early last year, we had some major questions about how the companies' priorities and products would mesh. How would Canva serve the users who preferred Affinity's perpetually licensed apps to Adobe's subscription-only software suite? And how would Affinity's strong stance against generative AI be reconciled with Canva's embrace of those technologies. This week, Canva gave us definitive answers to all of those questions: a brand-new unified Affinity app that melds the Photo, Designer, and Publisher apps into a single piece of software called "Affinity by Canva" that is free to use with a Canva user account, but which gates generative AI features behind Canva's existing paid subscription plans ($120 a year for individuals). This does seem like mostly good news, in the near to mid term, for existing Affinity app users who admired Affinity's anti-AI stance: All three apps' core features are free to use, and the stuff you're being asked to pay for is stuff you mostly don't want anyway. But it may come as unwelcome news for those who like the predictability of pay-once-own-forever software or are nervous about where Canva might draw the line between "free" and "premium" features down the line. [...] There's now a dedicated page for the older versions of the Affinity apps, and an FAQ at the bottom of that page answers several questions about the fate of those apps. Affinity and Canva say they will continue to keep the activation servers and downloads for all Affinity v1 and v2 apps online for the foreseeable future, giving people who already own the existing apps a way to keep using the versions they're comfortable with. Users can opt to link their Serif Affinity store accounts to their new Canva accounts to access the old downloads without juggling multiple accounts. But those older versions of the apps "won't receive future updates" and won't be able to open files created in the new Canva-branded Affinity app.


    Read more of this story at Slashdot.


  • Amazon CEO Says Massive Corporate Layoffs Were About Agility - Not AI or Cost-Cutting
    Amazon CEO Andy Jassy says the company's latest big round of layoffs -- about 14,000 corporate jobs -- wasn't triggered by financial strain or AI replacing workers, but rather a push to stay nimble. From a report: Speaking with analysts on Amazon's quarterly earnings call Thursday, Jassy said the decision stemmed from a belief that the company had grown too big and too layered. "The announcement that we made a few days ago was not really financially driven, and it's not even really AI-driven -- not right now, at least," he said. "Really, it's culture." Jassy's comments are his first public explanation of the layoffs, which reportedly could ultimately total as many as 30,000 people -- and would be the largest workforce reduction in Amazon's history. The news this week prompted speculation that the cuts were tied to automation or AI-related restructuring. Earlier this year, Jassy wrote in a memo to employees that he expected Amazon's total corporate workforce to shrink over time due to efficiency gains from AI. But his comments Thursday framed the layoffs as a cultural reset aimed at keeping the company fast-moving amid what he called "the technology transformation happening right now."


    Read more of this story at Slashdot.


  • Adobe Struggles To Assure Investors That It Can Thrive in AI Era
    An anonymous reader shares a report: Adobe brought together 10,000 marketers, filmmakers and content creators to its annual conference this week to persuade them that the company's software products are adapting to AI and remain the best tools for their work. But it's Adobe's investors, rather than its users, who are the most skeptical that generative AI technology won't disrupt the company's business as the top seller of software for creative professionals. Despite a strong strategy, Adobe is "at risk of structural AI-driven competitive and pricing pressure," wrote Tyler Radke, an analyst at Citigroup. The company's shares have lost about a quarter of their value this year as AI tools like Google's video-generating model Veo have gained steam. In an interview with Bloomberg Television earlier this week, Adobe Chief Executive Officer Shantanu Narayen said the company is undervalued as the market is focused on semiconductors and the training of AI models.


    Read more of this story at Slashdot.


  • Scientists Reveal Roof Coating That Can Reduce Surface Temperatures Up To 6C On Hot Days
    An anonymous reader quotes a report from the Guardian: Australian scientists have developed roof coatings that can passively cool surfaces up to 6C below ambient temperature, as well as extract water from the atmosphere, which they say could reduce indoor temperatures during extreme heat events. One coating made from a porous film, which can be painted on to existing roofs, works by reflecting 96% of incoming solar radiation, rather than absorbing the sun's energy. It also has a high thermal emittance, meaning it effectively dissipates heat to outer space when the sky is clear. Its properties are known as passive radiative cooling. [...] In a study, published in the journal Advanced Functional Materials, the researchers tested a prototype for six months on the roof of the Sydney Nanoscience Hub, pairing the cool paint with a UV-resistant topcoat that encouraged dew droplets to roll down into a receptacle. As much as 390 milliliters per sq meter per day could be collected for about a third of the year, the scientists found. Based on that water capture rate, an average Australian roof -- about 200 sq meters -- could provide up to 70 liters on days favorable for collecting dew, they estimate. [...] In well-insulated buildings, a 6C decrease in roof temperature "might result in a smaller fraction of that cooling being reflected in the top level of the house," [said the study's lead author, Prof Chiara Neto of the University of Sydney], but greater temperature reductions would be expected in most Australian houses, "where insulation is quite poor." She said the coating could also help reduce the urban heat island effect, in which hard surfaces absorb more heat than natural surfaces, resulting in urban centers being 1C to 13C warmer than rural areas. The researchers found that the prototype coating was comprised of poly(vinylidene fluoride-co-hexafluoropropene), which is used in the building industry but was "not a scalable technology going forward" due to its environmental issues. However, they are now commercializing a water-based paint with similar performance that is affordable and environmentally safer, costing about the same as standard premium paints.


    Read more of this story at Slashdot.


  • How a Chorus of Synchronized Frequencies Helps You Digest Your Food
    alternative_right shares a report from Phys.org: It is known in the scientific community that if you have a self-sustained oscillation, such as an arteriole, and you add an external stimulus at a similar but not identical frequency, you can lock the two, meaning you can shift the frequency of the oscillator to that of the external stimulus. In fact, it has been shown that if you connect two clocks, they will eventually synchronize their ticking. Distinguished Professor of Physics and Neurobiology David Kleinfeld found that if he applied an external stimulus to a neuron, the entire vasculature would lock at the same frequency. However, if he stimulated two sets of neurons at two different frequencies, something unexpected happened: some arterioles would lock at one frequency and others would lock at another frequency, forming a staircase effect. Searching for an explanation, Kleinfeld enlisted the help of his colleague, Professor of Physics Massimo Vergassola, who specializes in understanding the physics of living systems, and then recruited Ecole Normale Superieure graduate student Marie Sellier-Prono and Senior Researcher at the Institute for Complex Systems Massimo Cencini. Together, the researchers found they could use a classical model of coupled oscillators with an intestinal twist. The gut oscillates naturally due to peristalsis -- the contracting and relaxing of muscles in the digestive tract -- and provided a simplified model over the complex network of blood vessels in the brain. The intestine is unidirectional, meaning frequencies shift in one direction in a gradient from higher to lower. This is what enables food to move in one direction from the beginning of the small intestine to the end of the large intestine. "Coupled oscillators talk to each other and each section of the intestine is an oscillator that talks to the other sections near it," stated Vergassola. "Normally, coupled oscillators are studied in a homogeneous setting, meaning all the oscillators are at more or less similar frequencies. In our case, the oscillators were more varied, just as in the intestine and the brain." In studying the coupled oscillators in the gut, past researchers observed that there is indeed a staircase effect where similar frequencies lock onto those around it, allowing for the rhythmic movement of food through the digestive tract. But the height of the rises or breaks, the length of the stair runs or frequencies, and the conditions under which the staircase phenomenon occurred -- essential features of biological systems -- was something which had not been determined until now. The findings have been published in the journal Physical Review Letters.


    Read more of this story at Slashdot.


  • SpaceX: Starship Will Be Going To the Moon, With Or Without NASA
    schwit1 shares a report from Behind the Black: SpaceX is going to land this spaceship manned on the Moon, whether or not NASA's SLS and Orion are ready. And even if those expensive, cumbersome, and poorly designed boondoggles are ready for those first two Artemis landings, SpaceX is likely to quickly outmatch them with numerous other private missions to the Moon, outside of NASA. It has the funds to do it, and it knows it has the customers willing to buy the flights. The news comes from a detailed update SpaceX released today on the Starship lunar lander. Here's the section where SpaceX "made it clear that it sees Starship and Superheavy as its own space effort, irrelevant of NASA": "To return Americans to the Moon, SpaceX aligned Starship development along two paths: development of the core Starship system and supporting infrastructure, including production facilities, test facilities, and launch sites -- which SpaceX is self-funding representing over 90% of system costs -- and development of the HLS-specific Starship configuration, which leverages and modifies the core vehicle capability to support NASA's requirements for landing crew on and returning them from the Moon. SpaceX is working under a fixed-price contract with NASA, ensuring that the company is only paid after the successful completion of progress milestones, and American taxpayers are not on the hook for increased SpaceX costs. SpaceX provides significant insight to NASA at every stage of the development process along both paths, including access to flight data from missions not funded under the HLS contract. Both pathways are necessary and made possible by SpaceX's substantial self-investments to enable the high-rate production, launch, and test of Starship for missions to the Moon and other purposes. Starship will bring the United States back to the Moon before any other nation and it will enable sustainable lunar operations by being fully and rapidly reusable, cost-effective, and capable of high frequency lunar missions with more than 100 tons of cargo capacity."


    Read more of this story at Slashdot.


The Register



  • Ransomware gang runs ads for Microsoft Teams to pwn victims
    You click and think you're getting a download page, but get malware instead
    Imagine searching for Microsoft Teams, seeing a text link at the top of the results, visiting it, and then getting hit with malware. The Rhysida ransomware gang, an especially insidious criminal organization that has stolen millions of people's info, has been placing fake ads for Microsoft Teams in search engines and then infecting victims who make the mistake of clicking them.…


  • YouTube's AI moderator pulls Windows 11 workaround videos, calls them dangerous
    Creators baffled as videos on local accounts, unsupported PCs vanish under ‘harmful acts’ rule
    Is installing Windows 11 with a local account or on unsupported hardware harmful or dangerous? YouTube's AI moderation system seems to think so, as it has started pulling videos that show users how to sidestep Microsoft's setup restrictions.…


  • A word about comments and forums...
    Our house, our rules
    One of the biggest surprises of my tenure at El Reg so far is the activity in our forums and article comments. Reg readers are engaged, opinionated, and unafraid to express themselves. I love this. Thank you for reading, and for commenting.…




  • Developer puts Windows 7 on a crash diet, drops it to down to 69 MB
    Trim down for obsolete operating system leaves it booting, but not much else
    Stripping Windows to the bare essentials is a favorite hobby among enthusiasts, especially as Microsoft continues loading its OS with unwanted bloat. The latest achievement is Windows 7 being reduced to 69 MB.…



  • Attackers dig up $11M in Garden Finance crypto exploit
    Bitcoin bridge biz offers 10 percent reward to attackers if they play nice
    Blockchain company Garden admits it was compromised and temporarily shut down its app after approximately $11 million worth of assets were stolen.…


  • Meta to sell $30B in bonds to build AI datacenters
    Zuckcorp will gladly pay you in 2065 for the eyewatering sums it is borrowing today
    Even the world's richest companies need outside help to fulfill their datacenter dreams. Now, Meta is selling $30 billion in bonds to build out its infrastructure estate and support its ambition in AI markets. Some of these won't mature for 40 years.…


  • SpaceX shows off progress on its lunar Starship
    NASA is short of options when it comes to alternatives
    SpaceX has published an update on its lunar Starship progress, and it still has a long way to go before the impressive-looking renders are translated into reality.…


  • The clock's ticking for MySQL 8.0 as end of life looms
    Percona says more than half of installs remain on version set to lose support in 2026
    Users have six months to migrate from MySQL 8.0 if they are to stay on a supported version of the open source database, or face security and reliability risks.…



  • Linux vendors are getting into Ubuntu – and Snap
    Ubuntu's much-maligned format may be finally reaching critical mass
    Ubuntu Summit More than one Linux-adjacent vendor presented at the Ubuntu Summit, and a small but recurring theme is offering official Snap packages.…


  • VodafoneThree to offshore UK network jobs to India
    TUPE or not TUPE? Not for roles being sent overseas amid a push to meet post-merger rollout targets
    Exclusive VodafoneThree has told some staff their roles may be offshored to India under new contracts with Ericsson and Nokia – and that employment protections won't apply.…




  • NHS left with sick PCs as suppliers resist Windows 11 treatment
    Hospitals told to upgrade, but some medical device makers haven't prescribed compatibility yet
    NHS hospitals are being blocked from fully upgrading to Windows 11 by a small number of suppliers that have yet to make their medical devices compatible with Microsoft's latest operating system.…


  • Actor couldn’t understand why computer didn’t work when the curtain came down
    When tech support collides with Halloween, the results are scary
    On Call Happy Halloween, dear reader! The Register wishes you a wonderfully scary day. To kick things off, we’ve twisted On Call, our weekly reader-contributed column about keeping computers alive despite the best efforts of zombie coworkers and demonic bosses, to bring tales of times tech support turned spooky.…


  • Europe preps Digital Euro to enter circulation in 2029
    Because fewer people like banknotes, and payment sovereignty is a problem
    The Governing Council of the European Central Bank (ECB) has decided the bloc needs a digital version of the Euro, and ordered work that could see it enter circulation in 2029.…




  • Hacking LED Halloween masks is frighteningly easy
    No costume idea? We've got you covered
    Hacking makes the holidays so much more enjoyable, and nothing says trick or treat quite like pwning LED Halloween masks belonging to every neighborhood kid during candy-collection hours.…


  • Claude code will send your data to crims ... if they ask it nicely
    Company tells users concerned about exfiltration to 'stop it if you see it'
    A researcher has found a way to trick Claude into uploading private data to an attacker's account using indirect prompt injection. Anthropic says it has already documented the risk, and its foolproof solution is: keep an eye on your screen.…





  • Proton trains new service to expose corporate infosec cover-ups
    Service will tell on compromised organizations, even if they didn't plan on doing so themselves
    Some orgs would rather you not know when they've suffered a cyberattack, but a new platform from privacy-focused tech firm Proton will shine a light on the big breaches that might otherwise stay buried.…




  • Trump and Xi ease trade tensions, but Nvidia still can't sell Blackwell in China
    US President did discuss chip exports with his counterpart, but made no breakthroughs
    Talks between US President Trump and Chinese leader Xi Jinping in South Korea yielded a modest thaw, with the two agreeing to trim tariffs and pause new rare-earth export curbs. But whether Nvidia can sell its latest GPUs to China remains an open question.…




  • Invisible npm malware pulls a disappearing act – then nicks your tokens
    PhantomRaven slipped over a hundred credential-stealing packages into npm
    A new supply chain attack dubbed PhantomRaven has flooded the npm registry with malicious packages that steal credentials, tokens, and secrets during installation. The packages appear safe when first downloaded, making them particularly difficult for security apps to identify.…



  • Canonical CEO says no to IPO in current volatile market
    We should be a public company,' Shuttleworth tells The Reg, just not 'with our trousers around our ankles
    Interview An initial public offering is a matter of when, not if, for Canonical founder and CEO Mark Shuttleworth, though interested stock owners shouldn't expect a prospectus anytime soon.…


  • Equinix revealed as occupant of £3.9B UK datacenter campus
    Investment will fund 250 MW, three-facility campus near London as AI and cloud demand surge
    Equinix will occupy a massive datacenter campus near London's M25, investing £3.9 billion ($5.1 billion) in the 85-acre (0.34 square kilometers) Hertfordshire plot close to South Mimms services.…


  • Cyberpunks mess with Canada's water, energy, and farm systems
    Infosec agency warns hacktivists broke into critical infrastructure systems to tamper with controls
    Hacktivists have breached Canadian critical infrastructure systems to meddle with controls that could have led to dangerous conditions, marking the latest in a string of real-world intrusions driven by online activists rather than spies.…





  • There's mushroom for improvement in fungal computing
    Ohio State boffins coax shiitake and button varieties into behaving like memristors
    US boffins claim early tests indicate edible mushrooms can function as organic memory devices, though significant challenges remain before the lab experiment can be turned into something practical.…




  • AI is making Google and Meta even stronger and richer
    So they’re increasing spending on infrastructure to keep it that way
    When generative AI exploded into public view in late 2022, plenty of pundits predicted it would be bad news for the likes of Google and Meta as nimble AI-powered rivals found new ways to capture netizens’ attention and monetize it.…


  • Major telecom supplier compromised by unnamed nation-state attackers
    Snoops remained undetected for nearly 10 months
    Nation-state snoops broke into Ribbon Communications – an outfit that provides software and networking gear to Verizon, CenturyLink, and the US Defense Department – last December, remained hidden for about nine months, and stole files belonging to three customers, according to the US telecommunications firm.…


  • Microsoft gives Windows 11 a fresh Start – here's how to get it
    More convenient layout saves you a click
    Four years after the debut of Windows 11, Microsoft has finally fixed one of the biggest problems with its Start menu: The need to click the “All” button to view a complete list of all of your apps. A new Start menu, which gives you three different ways to view all installed programs without that extra click, is slowly rolling out to users.…


  • Microsoft just revealed that OpenAI lost more than $11.5B last quarter
    Satya has also delivered Sam most of the cash he promised
    updated Microsoft reported earnings for the quarter ended Sept. 30 on Wednesday after market close and buried in its financial filings were a couple of passages suggesting that OpenAI suffered a net loss of $11.5 billion or more during the quarter.…


  • Microsoft Azure challenges AWS for downtime crown
    Azure Front Door service outage disrupts airlines and other online services
    Microsoft Azure has been experiencing a global outage since around 1600 UTC, or 0900 PDT on Wednesday, October 29, 2025.…



Linux.com









  • Xen 4.19 is released
    Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog

    The post Xen 4.19 is released appeared first on Linux.com.


  • Advancing Xen on RISC-V: key updates
    At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]

    The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.


Phoronix


  • KosmicKrisp Now Vulkan 1.3 Compliant For Apple Devices
    Over the summer months LunarG announced KosmicKrisp as a new Vulkan-on-Metal implementation for Apple devices and built around Mesa. That alternative to MoltenVK was upstreamed for next quarter's Mesa 26.0 release and now it's also celebrating being an officially Vulkan 1.3 conformant implementation...


  • Ubuntu 25.10 amd64v3 Benchmarks: Some Minor & Rare Performance Advantages For Desktop Workloads
    Yesterday Canonical announced architecture variants for Ubuntu Linux with Ubuntu 25.10 seeing the introduction of "amd64v3" packages that are built for the x86_64-v3 micro-architecture feature level to assume AVX/AVX2 and other newer CPU ISA features found since Intel Haswell and AMD Excavator processors. Eager to run some initial tests, here is a first look at the Ubuntu 25.10 amd64v3 performance for desktop workloads.


  • AMD Windows Driver Changes For RX 5000/6000 Series Won9t Impact Linux Users
    Over the past day there have been many reports of AMD planning to no longer provide game optimizations for the Radeon RX 5000 and RX 6000 series graphics cards for their Microsoft Windows driver. Surprisingly many in the Linux community still seem to think it will impact the Linux drivers, but long story short, there is no real concern for Linux users/gamers...





  • Vulkan 1.4.331 Brings Two New Extensions
    Just one week after Vulkan 1.4.330 brought five new extensions, Vulkan 1.4.331 is now available with another two new extensions for this high performance graphics and compute API...





  • AMD Strix Point Performance Continues Evolving Nicely With Ubuntu 25.10
    This week marks fifteen months since AMD Strix Point laptops began shipping. Back at the end of July 2024 the Linux performance and support was already in good shape while since then the Linux performance has only evolved even more to make these AMD Zen 5 laptops perform even better. Here is a fresh look at how the performance has evolved since launch day and the added gains when moving to the recently released Ubuntu 25.10 and some performance advantages too if moving to the in-development Linux 6.18 kernel.



  • New Linux Patch Expands The Range Of AMD Zen 6 CPU Models
    AMD Linux engineers continue to be quite busy working on enabling next-generation Zen 6 processors that will begin shipping next year. The newest patch working its way to the Linux kernel is expanding the range of Zen 6 CPU models detected by the kernel...




  • AMD ROCm 7.1 Release Appears Imminent
    AMD continues with their aggressive efforts to enhance their GPU software compute ecosystem with ROCm. The fire under them has been lit and they have been taking their software efforts more expeditiously in recent times to better compete with NVIDIA's CUDA ecosystem and ensuring their Instinct hardware is properly primed to compete. The release dance has begun for ROCm 7.1...


  • AMDGPU With Linux 6.19 Will Support Analog Video Connectors For Old GCN 1.0 GPUs
    Following last week's initial batch of AMDGPU kernel graphics driver changes intended for Linux 6.19, another round of new AMDGPU / Radeon / AMDKFD material was sent out today to DRM-Next. Notable with this pull is the Display Core "DC" work for analog video connectors as the initiative from one of Valve's contractors for improving the Radeon GCN 1.0 era GPU support with the AMDGPU driver...


  • Mesa 25.2.6 Released With Many Driver Fixes
    Eric Engestrom just released Mesa 25.2.6 as the newest bi-weekly stable update to this collection of open-source OpenGL and Vulkan drivers widely used on Linux systems for 3D support...



  • AMD RadeonSI Driver Now Defaults To Enabling ACO For Faster Performance
    Prominent AMD Radeon Gallium3D driver developer Marek Olšák just changed the RadeonSI driver's default from the AMDGPU LLVM shader compiler back-end over to the ACO back-end initially developed by Valve. This should lead to better performance and quicker shader compilation and in turn faster game loads...


  • AMD Radeon AI PRO R9700 Performance For OpenCL Workloads
    On Monday the AMD Radeon AI PRO R9700 officially arrived at Internet retailers and is successfully selling at the $1299 price point. Some models have since sold out but as of writing two days later some Radeon AI PRO R9700 graphics cards remain available at that competitive price point. On Monday I provided some initial benchmarks of the AMD Radeon AI PRO R9700 for vLLM AI inferencing with more AI benchmarks on the way... While the craze is all about AI in 2025, the Radeon AI PRO R9700 does work for other non-AI workloads too and in this article is a look at its competitive OpenCL performance with great value compared to the NVIDIA RTX competition.


  • AMD On Track With openSIL For Zen 6 Platforms, openSIL FAS 1.0 Published
    In addition to talking up the openSFI firmware collaboration between AMD and Intel at the OCP Global Summit 2025, AMD engineer Raj Kapoor provided a status update on the company's much anticipated openSIL effort for working to ultimately replace AGESA with a new open-source CPU silicon initialization codebase...



  • AMD XDNA Linux Driver Preps For New Ryzen AI "NPU3A" Revision
    Yesterday the GitHub-hosted AMD XDNA driver code saw a new tagged release as version 202610.2.21.17. That itself wasn't too interesting but while diving into there is new yet-to-be-merged code for a new "NPU3A" revision to their NPU3 IP in Ryzen AI...






  • Red Hat Affirms Plans To Distribute NVIDIA CUDA Across RHEL, Red Hat AI & OpenShift
    Following Canonical announcing plans to better support NVIDIA CUDA on Ubuntu Linux and make it easier to install as well as SUSE better supporting CUDA along similar lines, Red Hat today affirmed their plans to do the same. Red Hat will be making it easier to use the NVIDIA CUDA stack across RHEL, Red Hat AI, and OpenShift products...





OSnews

  • Removing obfuscation in Minecraft: Java Edition
    Gaming isnt something we talk about very often here on OSNews, but I think this piece of news is actually a rare piece of good, welcome news from this industry. Mojang, the Microsoft-owned company behind Minecraft, has announced its going to stop obfuscating the code behind the Java edition of Minecraft. A refresher: the Java edition of Minecraft is the original version of the game, which exists alongside the Bedrock Edition, which is written in C++. Both variants are kept more or less in sync with each other. The Java edition has historically been far more moddable, and comes with far fewer restrictions than the Bedrock Edition, which Microsoft maintains far tighter control over. Still, the modding scene around the Java Edition sprung up in spite of Mojang and Microsoft, not because of them, but over the years the modding scene has been embraced more and more by these two companies. The final step in this embrace comes today as Mojang will no longer obfuscate the code behind th Java Edition. Minecraft: Java Edition has been obfuscated since its release. This obfuscation meant that people couldn’t see our source code. Instead, everything was scrambled – and those who wanted to mod Java Edition had to try and piece together what every class and function in the code did.` But we encourage people to get creative both in Minecraft and with Minecraft – so in 2019 we tried to make this tedious process a little easier by releasing “obfuscation mappings”. These mappings were essentially a long list that allowed people to match the obfuscated terms to un-obfuscated terms. This alleviated the issue a little, as modders didn’t need to puzzle out what everything did, or what it should be called anymore. But why stop there? ↫ Minecraft website This is excellent news for the game, the wider modding community, and players. Minecraft is still a massively popular game, and making modding easier is very welcome, as for a lot of people, mods are what make Minecraft actually interesting. Its also rare to see a massive force in gaming making a positive step like this, so they deserve the few kudos.


  • How did the Windows 95 user interface code get brought to the Windows NT code base?
    After the release of Windows 95, with its brand new and incredibly influential graphical user interface, it was only a matter of time before this new taskbar, Start menu, and everything else would make its way to Microsofts other operating system line, Windows NT. The development of Windows 95 more or less lined up with that of Windows NT 3.5, but it wouldnt be until Windows NT 4.0, released a little less than a year after Windows 95, that NT, too, would have the brand new user interface. Raymond Chen has published a blog post detailing the cooperation and interplay between the Windows 95 and Windows NT teams, and, as always with Chen, its a joy to read. Members of the Windows 95 user interface team`met regularly with members of the Windows NT user interface team`to keep them aware of what was going on and even get their input on some ideas that the Windows 95 team were considering. The Windows NT user interface team were focused on shipping Windows NT, but they appreciated being kept in the loop. During the late phases of the development of Windows 95, the Windows NT side of the house took a more active role in bringing the Windows 95 user interface to Windows NT. ↫ Raymond Chen at The Old New Thing Chen details there was a lot of code-sharing, to the point where the Windows 95 version of the GUI contained NT-specific code, and vice versa. This code-sharing was quite a lot less elegant than today with tools like git, since Microsofts own internal source code system called SLM (pronounced slime) did not support branches, so they had to regularly perform three-way merges manually. It was a different time, for sure. Anyway, its amazing how much of this ancient Microsoft lore couldve been lost to time, or shrouded in mystery, if it wasnt for someone like Raymond Chen regularly sharing the stories from Microsofts past.


  • OpenIndiana 2025.10 released
    OpenIndiana, the Illumos distribution for general use, has released its latest snapshot release, and theres some really interesting things in there. To refresh your memory: Illumos is a fork of the final OpenSolaris release, based on Solaris 11, before Oracle closed Solaris back up. Its been in development ever since that fateful day back in 2010, and several Illumos distributions with unique identities have sprung up around the project. OpenIndiana is one of them, and functions like a rolling release with a snapshot release every six months. OpenIndiana 2025.10 was released today, and this snapshots changelog covers changes over the past six months. It comes with all the latest open source packages you would expect, like the latest or at least very recent versions of Firefox, Thunderbird, LibreOffice, and much more, but the GNOME version (44.4 from 2023) is definitely a bit outdated. Theres a ton new utilities written in Rust, and the usual bug and security fixes as well, like for crucial utilities such as OpenSSL and OpenSSH, and things like Python versions 3.14 3.13, 3.12, and 3.9. A particularly interesting bullet point is maintenance work and improvements for Sun Ray support, and the changelog notes that these little thin clients are still popular among their users. Im very deep into the world of Sun Rays at the moment, so reading that you can still use them through OpenIndiana is amazingly cool. Theres a Sun Ray metapackage that installs the necessary base components, allowing you to install Suns/Oracles original Sun Ray Server software on OpenIndiana. Even though MATE is the default desktop for OpenIndiana, the Sun Ray Server software does depend on a few GNOME components, so those will be pulled in. Ive definitely put this on my list, once Im done with my current Sun Ray deep dive on Solaris 10. If youre interested in SPARC support, theres quite a few machines that do work with the SPARC version of OpenIndiana, and recently, theres been a lot of progress on this front. Running the SPARC version on various servers can work, but desktop use, say, on a Sun Ultra 45, is a bit more problematic due to boot issues and a lack of graphics drivers. The work is ongoing, though, and theres been a ton of renewed interest.


  • Windows to automatically suggest a memory scan after a blue screen
    Microsoft is introducing a new feature in Windows to better deal with blue screens of death. In the release notes for Windows 11 Insider Preview Build 26220.6982 (Dev Channel), the company detailed that after a user experiences a blue screen, Windows will automatically perform a memory scan. We’re introducing a new feature that helps improve system reliability. If your PC experiences a bugcheck (unexpected restart), you may see a notification when signing in suggesting a quick memory scan. If you choose to run it, the system will schedule a Windows Memory Diagnostic scan to run during your next reboot (taking 5 minutes or less on average) and then continue to Windows. If a memory issue is found and mitigated, you will see a notification post-reboot. ↫ Amanda Langowski at the Windows Blogs In its current iteration, this memory scan will trigger after every single error code to collect as much data as possible, but Microsoft states it will refine and narrow the number of error codes in the future. In addition, this feature will not be available on Arm64 and systems with Administrator Protection and/or BitLocker without Secure Boot. Lets hope this feature wont be a nuisance, but an actually useful feature that helps people uncover memory problems that otherwise remain undiagnosed.


  • Python Software Foundation has bigger spine than big tech
    Back in January 2025, the Python Software Foundation applied for a $1.5 million grant from the US governments National Science Foundation, under the Safety, Security, and Privacy of Open Source Ecosystems program, to address structural vulnerabilities in Python and PyPI. After a lot of paperwork, their application was approved, but upon receiving the contractual agreement, the Python Software Foundation decided to back out. Why? We became concerned, however, when we were presented with the terms and conditions we would be required to agree to if we accepted the grant. These terms included affirming the statement that we “do not, and will not during the term of this financial assistance award, operate any programs that advance or promote DEI, or discriminatory equity ideology in violation of Federal anti-discrimination laws.” This restriction would apply not only to the security work directly funded by the grant, but to any and all activity of the PSF as a whole. Further, violation of this term gave the NSF the right to “claw back” previously approved and transferred funds. This would create a situation where money we’d already spent could be taken back, which would be an enormous, open-ended financial risk. In the end, however, the PSF simply can’t agree to a statement that we won’t operate any programs that “advance or promote” diversity, equity, and inclusion, as it would be a betrayal of our mission and our community. ↫ Loren Crary at the PSF blog The fact that this is news at all is a deeply sad state of affairs, but its great to see at least some organisations in tech still have a spine. In a world where tech giants and their sleazy CEOs are falling over each other to lather the US president in bribes and tasteless gifts, its refreshing to see someone passing up on what would be an enormous amount of money for them. The PSF operates on a budget of $5 million a year, so $1.5 million would be a massive boon for the effort. The efforts of the PSF regarding outreach have been incredibly successful over the years. PyCon US had 1% female speakers in 2011, 7% in 2012, 15% in 2013, 33% in both 2014 and 2015, and 40% in 2016. DEI! efforts usually just mean the gruntwork of reaching out to members of underrepresented groups within your community, and ensuring they feel welcome, safe, and respected. Monocultures tend to be self-destructive, whether were talking about operating systems or people. Having perspectives from people with different backgrounds, different life experiences, and different approaches is a massive net benefit to your organisation. Making efforts to foster such environments illegal is absolute batshit insanity, and Im glad that unlike cowards like Tim Cook or Sundar Pichai, the Python Software Foundation has a spine and is standing up for whats right.


  • Id like to speak to the Bellcore ManaGeR
    I love it when I discover  usually through people smarter than I  an operating system or graphical user interface Ive never heard of. This time, weve got Bellcore MGR, as meticulously detailed by Nina Kalinina a few weeks ago. I love old computers, and I enjoy looking at old user interfaces immensely. I could spend a whole evening on installing an old version of MS Word and playing with it: Ah, look, how cute, they didnt invent scrollbars just yet!. A special place in my heart is taken by user interfaces that were historically significant and yet fell into relative obscurity (like Windows 2 or BTRON). This is why I absolutely had to try Bellcore MGR. An early windowing system (1984), it was made by the Bell Communications Research, and it looked like Plan 9s older sister. The system was distributed over the Usenet, ported to every conceivable Unix-like system, including Minix, Linux and Coherent, and  eventually  mostly forgotten. The only two videos on YouTube that have something to do with MGR have a bit over 1000 views combined, and dont really show it in the best light possible. And I think its a crying shame. ↫ Nina Kalinina The reference to Plan 9 is apt, as MGR definitely seems to function almost exactly like Plan 9s rio graphical user interface, including things like drawing a rectangle to open a new window. Rio is an acquired taste  to put it very mildly  and it seems MGR fits the same bill. Theres also $home movie, an entire video editor for MGR, which is honestly mind-blowing considering its running on a mere SPARCstation in the late 80s and early 90s. It has an incredibly unique UNIXy flavour: If you dont have 40 minutes to watch the tour, please do spend two minutes on this demo of the $HOME MOVIE! system. It is a suite of tools for the capture, editing and playback of window system sessions on a Sun Sparcstation! based on MGR. It is probably the most Unix way of making videos: the window manager dumps the rendering commands into a file, then the rendering commands can be altered with a set of small tools, some of which are in awk, and then these rendering commands can be packaged into a single demo. ↫ Nina Kalinina Kalinina had to more or less reverse-engineer its unique video format, too, but in doing so managed to upload the original demonstration of $movie home, narrated by its creator and created in $movie home itself, to YouTube. Kalinina also created and uploaded a ready-made hard disk image of Debian 0.93 with Bellcore MGR preinstalled for use in Qemu and 86Box.


  • The Linux boot process: from power button to kernel
    You press the power button. A second later a wall of text scrolls by, or a logo fades in, and eventually Linux appears. What happens in between is not magic. It is a careful handshake between tiny programs and a very literal CPU. This part follows that handshake until the very first line of C code inside the Linux kernel runs. ↫ 0xkatos blog Exactly what it says on the tin.


  • Upcoming Kwin changes extend battery life
    I think most of us are aware that compositors use multiple planes to render our user interfaces, and in the case of KDEs Kwin specifically, they use two planes  one for the user interface, and one specifically for the mouse cursor. Kwin developer Xaver Hugl has been working on changing Kwin to use more than just two planes, and it turns out this delivers some considerable power use reductions and thus battery life improvements. So, when can you use these changes and test them? Due to various driver issues when trying to use overlays, like slow atomic tests on AMD as well as display freezes on some AMD and NVidia GPUs, this feature is still off by default. However, if you want to experiment anyways or attempt to fix the drivers, starting from Plasma 6.5, you can set the KWIN_USE_OVERLAYS environment variable to enable the feature anyways. If you test it, please report your findings! If there’s problems in the drivers, we’d like to know and have bug reports for the GPU vendors of course, but also if things work well that would be nice to hear. ↫ Xaver Hugl Leave it to Linux graphics-related developers to uncover driver bugs in graphics drivers.


  • AI! assistants misrepresent news content 45% of the time
    An extensive study by the European Broadcasting Union and the BBC highlights just how deeply inaccurate and untrustworthy AI! news results really are. AI! sucks even at its most basic function. Its incredible how much money is being pumped into this scam, and how many people are wholeheartedly defending these bullshit generators as if their lives depended on it. If these tools cant even summarise a text  something you learn in early primary school as a basic skill  how on earth are they supposed to perform more complex tasks like coding, making medical assessments, distinguish between a chips bag and a gun? Maybe we deserve it.


  • Teenager detained at gunpoint by US cops because AI! mistook a chips bag for a gun
    If youre eating a bag of chips in an area where AI! software is being used to monitor peoples behaviour, you might want to reconsider. Some high school kid in the US was hanging out with his friends, when all of a sudden, he was being swarmed by police officers with with guns drawn. Held at gunpoint, he was told to lie down, after which he was detained. Obviously, this is a rather unpleasant experience, so say the least, especially considering the kid in question is a person of colour. In the US. Anyway, the AI! software used by the police department to monitor citizens behaviour mistook an empty chips bag in his pocket for a gun. US police officers, who only receive a few weeks of training, didnt question what the computer told them and pointed guns at a teenager. In a statement, Omnilert expressed regret over the incident, acknowledging that the image “closely resembled a gun being held.” The company called it a “false positive,” but defended the system’s response, stating it “functioned as intended: to prioritize safety and awareness through rapid human verification.” ↫ Alexa Dikos and Rebecca Pryor at FOX45 News Ive been warning that the implementation of AI! was going to lead to people dying, and while this poor kid got lucky this time, you know its only a matter of time before people start getting shot by US police because theyre too stupid to question their computer overlords. Add in the fact that AI! is well-known to be deeply racist, and we have a very deadly cocktail of failures.


  • OpenBSD 7.8 released
    Like clockwork, every six months, we have a new OpenBSD release. OpenBSD 7.8 adds support for the Raspberry Pi 5, tons of improvements to sleep, wake, and hibernate, the TCP stack can now run in parallel on multiple processors, and so much more. DRM has been updated to match Linux 6.12.50, and drivers for the Qualcomm Snapdragon DRM subsystem and Qualcomm DisplayPort controller were added as well. The changelog is, as always, long and detailed, so head on over for the finer details. OpenBSD users will know how to upgrade, and new users can visit the download page.


  • What about the icons in pifmgr.dll?
    Raymond Chen has another great post about some of the classic icons from Windows 95, this time focusing on pifmgr.dll. In this file, there are a variety of random-seeming icons, and it turns out theyre random for a reason: they were just a bunch a fun, generic icons intended for people to use when creating PIF files. The icons in pifmgr.dll were created just for fun. They were not created with any particular programs in mind, with one obvious exception. They were just a fun mix of icons for people to use for their own homemade shortcut files. ↫ Raymond Chen at The Old New Thing For those of us who didnt grow up with Windows, or who, god forbid, are too young to know, PIF or personal information files are effectively shortcuts to DOS programs for use in a multitasking environment. A PIF file would not only point to the relevant DOS executable, but also contain information about the environment in which said executable was supposed to run. Their history goes back to IBMs TopView, and Microsoft later embraced and adapted them for use in Windows.


  • Understanding driver updates through Windows Update
    Microsoft has published a set of short questions and answers about driver updates through Windows Update, and theres one tidbit in there I found interesting. Driver dates might look old, but that is not true. The driver date is descriptive info set by the driver provider and can be any date they choose. When determining which driver to install, Windows Update uses targeting information set by the provider inside the driver files to determine the best driver. This lets the device provider promote the best driver, regardless of the chosen date.  ↫ Microsoft knowledge base article Whenever I do have to fiddle with Windows machines, I always wondered about why some drivers in Windows Update would show some seriously old dates. It turns out the answer is as obvious as it always tends to be: OEMs.


  • KDE Plasma 6.5 released
    KDE is on a roll lately, and keeps on rolling with todays release of KDE Plasma 6.5. As the project itself notes, this release focuses on relatively small improvements, refinements, and other niceties, without making any massive changes. With Linux desktops taking accessibility more seriously lately than ever before, I want to focus on the accessibility improvements first. The Orca screen reader now announces caps lock state changes, and screen readers will now describe the Shortcuts and Autostart pages more optimally. Theres also a new grayscale colour filter for people sensitive to colours, developers have done Plasma-wide pass to eliminate bright flashes in the UI, and the desktop zoom feature will now follow the text insertion point as it moves around the UI. Keyboard navigation in various parts of Plasma have been improved, and a few other small changes have been to improve accessiblity. Other changes include rounded bottom window corners (which can be turned off), automatic and scheduled theme and wallpaper transitions (e.g. from light to dark), and a new and improved applications permissions settings panel. A small new feature that will be a massive time saver for me is the ability to favourite items in your clipboard history, so they remain available over time. I reuse certain copied bits of text all the time, and I cant wait to start using this little addition. Remote desktop has also received a ton of love in Plasma 6.5. You can now share your clipboard, and you no longer need to create dedicated RDP user accounts; you can just log in with your normal account credentials as you would expect you could. Plasmas Discover application, used for application and update management, has seen major work to improve its performance  very welcome, for sure. Of course, theres a ton of other changes, too. KDE Plasma 6.5 will find its way to your distribution soon enough.


  • Intel, AMD to bring memory tagging to x86, at some point
    Now that ARMs memory tagging, used extensively by Android ROMs such as GrapheneOS and now also by Apple, is becoming the new norm to aid in improving memory safety, the x86 world cant sit idly by. As such, Intel and AMD have announced a ChkTag, x86s version of memory tagging. ChkTag is a set of new and enhanced x86 instructions to detect memory safety violations, such as buffer overflows and misuses of freed memory (use-after-free). ChkTag is designed to be suitable for hardening applications, operating system kernels, hypervisors for virtualization, and UEFI firmware. ChkTag places control in the software developers’ hands to balance their security needs with operational elements that often become prominent when deploying code. For example, ChkTag provides instruction-granular control over which memory accesses are checked. Compilers can offer optimizations and new language features or intrinsics. ChkTag prepares x86 for a future with increasing amounts of code written in memory-safe languages running alongside code in other languages. Furthermore, ChkTag loads tags from linear/virtual memory that can often be committed on demand. ↫ Intel and AMDs announcement Its important to note that ChkTag  why not just call it CheckTag  isnt ready yet, nor is there any indication when it will be included in any processors from Intel and AMD. The goal is to catch certain memory safety problems in hardware. According to Intel and AMDs shared announcement, developers will have fine-grained control over the feature, allowing them to tap into the functionality in whatever way they deem necessary or valuable for their software in specific circumstances. My fear is that Intel and AMD will use this feature as a product differentiator, restricting it to either more expensive processors or to Xeon/Threadripper processors, thereby fracturing the market. This would inevitably lead to spotty support for the feature across the x86 landscape, meaning most ordinary consumer wont benefit from it at all.


  • This is how much Anthropic and Cursor spend on Amazon Web Services
    I can exclusively reveal today Anthropic’s spending on Amazon Web Services for the entirety of 2024, and for every month in 2025 up until September, and that that Anthropic’s spend on compute far exceeds that previously reported.` Furthermore, I can confirm that through September, Anthropic has spent more than 100% of its estimated revenue (based on reporting in the last year) on Amazon Web Services, spending $2.66 billion on compute on an estimated $2.55 billion in revenue. ↫ Ed Zitron These numbers do not even include what the company spends on Googles services. Going through all the numbers and reporting, Zitron explains that the more successful! Anthropic becomes, the bigger the gap between income from paying customers and its spending on Amazon and Google services becomes. Its simply unsustainable, and the longer we keep this scam going, the worse the consequences will be when the bubble pops. Sadly, nobody will go to jail once hell breaks loose.



Linux Journal News

  • EU OS: A Bold Step Toward Digital Sovereignty for Europe
    Image
    A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
    What Is EU OS?
    EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.

    Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
    The Vision Behind EU OS
    The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.

    Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.

    However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
    Conclusion
    EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.

    Source: It's FOSS
    European Union


  • Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.

    In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.

    On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.

    Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.

    The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.

    Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.

    You can download the latest kernel here.
    Linus Torvalds kernel


  • AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
    Image
    AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.

    This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.

    Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.

    Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.

    Source: 9to5Linux
    AerynOS


  • Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
    Image
    Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.

    Here’s a quick overview of what’s new in Xojo 2025r1:
    1. Linux ARM IDE Support
    Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
    2. Web Drag and Drop
    One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
    3. Direct App Store Publishing
    Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
    4. New Desktop and Mobile Features
    This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
    5. Performance and IDE Enhancements
    Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
    What Does This Mean for Developers?
    Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
    How to Get Started
    Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.

    Download Xojo 2025r1 today at xojo.com.
    Final Thoughts
    With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
    Xojo ARM


  • New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux

    Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.

    Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.

    Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 

    Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.

    Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.

    Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.

    By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
    Windows


  • Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities

    The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 

    As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.

    In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 

    After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.

    The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.

    At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.

    The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
    Security


  • Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges

    The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.

    A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.

    This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 

    The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.

    On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.

    In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
    kernel


  • Linux Celebrates 32 Years with the Release of 6.6-rc2 Version

    Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.

    The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.

    Here is what Linus Torvalds had to say in today's announcement:
    Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds


  • Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction

    Want to interact with ChatGPT from your Linux desktop without using a web browser?

    Bavarder, a new app, allows you to do just that.

    Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.

    With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.

    During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.

    At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.

    As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!

    Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
    ChatGPT AI


  • LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite

    Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.

    Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.

    LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.

    You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.

    All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.

    In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.

    Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.

    The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
    LibreOffice


Linux Magazine News (path: lmi_news)


  • KDE Unleashes Plasma 6.5
    The Plasma 6.5 desktop environment is now available with new features, improvements, and the usual bug fixes.


  • Xubuntu Site Possibly Hacked
    It appears that the Xubuntu site was hacked and briefly served up a malicious ZIP file from its download page.


  • LMDE 7 Now Available
    Linux Mint Debian Edition, version 7, has been officially released and is based on upstream Debian.


  • Linux Kernel 6.16 Reaches EOL
    Linux kernel 6.16 has reached its end of life, which means you'll need to upgrade to the next stable release, Linux kernel 6.17.





  • Linux Kernel 6.17 is Available
    Linus Torvalds has announced that the latest kernel has been released with plenty of core improvements and even more hardware support.



  • Zorin OS 18 Beta Available for Testing
    The latest release from the team behind Zorin OS is ready for public testing, and it includes plenty of improvements to make it more powerful, user-friendly, and productive.



  • USB4 Maintainer Leaves Intel
    Michael Jamet, one of the primary maintainers of USB4 and Thunderbolt drivers, has left Intel, leaving a gaping hole for the Linux community to deal with.









Page last modified on November 17, 2022, at 06:39 PM