|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)

- Call for topics for the 2026 Maintainers Summit
The Maintainers Summit is an annual, invitation-only gathering of kerneldevelopers and maintainers to discuss development-process issues; see LWN's 2025 Maintainers Summit coverage for anexample. The call fortopics for the 2026 gathering (Prague, October 8) has gone out.One of the best ways to obtain an invitation to the Summit is with a goodtopic proposal. For best consideration, topics should be submitted beforeJuly 24.
- [$] Sending packets directly from BPF
Tetragon, the BPF-based security monitoring tool,uses BPF to monitor different aspects of a running kernel andenforce user-specified policies. It sends its data to a user-space process,which forwards the data to a central monitoring service elsewhere in thenetwork, however. Thispresents a point of vulnerability: if an attacker can kill Tetragon's user-spaceagent, it won't be able to properly report on the situation. Song Liu, MahéTardy, and Liam Wiseheart spoke about their work removing the need for theuser-space agent at the 2026Linux Storage, Filesystem, Memory-Management, andBPF Summit.
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (389-ds:1.4, buildah, freeipmi, freerdp, gegl, gimp, golang, kernel, libreoffice, maven:3.9, openexr, perl-DBI, plexus-utils, podman, tomcat, tomcat9, xorg-x11-server, and xorg-x11-server-Xwayland), Debian (imagemagick, p7zip, and redis), Fedora (breezy, calibre, and golang-github-openprinting-ipp-usb), Mageia (ffmpeg, gzip, haproxy, libheif, libtiff, libxml2, packages, perl-List-SomeUtils-XS, and perl-Socket), SUSE (alsa, chromedriver, curl, dhcpcd, docker-compose, glibc, haproxy, ImageMagick, jq, kernel, kubernetes, libpng15, libredwg-devel, libslirp, nghttp2, php8, python-Pillow, python313-Django, python313-weasyprint, qemu, rust-keylime, sccache, and systemd), and Ubuntu (cifs-utils, libexif, libreoffice, libssh2, openssh, and pipewire).
- Final normal Debian bookworm release
Debian hasannounced the final normal update for Debian 12 ("bookworm"). Long-term-support updates will continue until 2028. As may be expected from a stable version, the update is mostly limited to security fixes. Still, it may be time for Debian users to look into upgrading to a more recent version. Conveniently, Debian 13 ("trixie") alsoreceived an update this weekend, with many of the same security fixes.
- Security updates for Monday
Security updates have been issued by Debian (chromium, libxfont, mesa, opam, and wireless-regdb), Fedora (acl, attr, chromium, cjson, composer, docker-compose, jfrog-cli, librabbitmq, libssh2, libXfont2, log4cxx, OpenImageIO, openssh, p11-kit, perl-Crypt-DSA, perl-HTML-Gumbo, prometheus, python-dulwich, python-idna, python-pillow, python-tornado, sssd, tmux, upower, webkitgtk, xorg-x11-server, and xorg-x11-server-Xwayland), Mageia (libarchive and vim), Oracle (389-ds:1.4, buildah, cups, edk2, freerdp, golang, grafana, gstreamer1-plugins-bad-free, gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, kernel, libexif, libsolv, libtasn1, libxml2, nginx:1.24, nginx:1.26, nodejs:22, nodejs:24, oci-seccomp-bpf-hook, podman, postgresql:18, python-urllib3, tigervnc, tomcat, unbound, and xorg-x11-server), Slackware (p11-kit), and SUSE (agama, dash, dracut, flannel, go1.26, gsasl, gstreamer-plugins-good, ImageMagick, imagemagick, kernel, krb5, krb5, krb5-mini, libIex-3_4-33, libmbedtls23, libxfont2, nasm, nghttp2, perl-CGI-Session, perl-dbi, perl-List-SomeUtils-XS, python-pillow, python-social-auth-app-django, python-urllib3, python313-Django4, python313-Django6, python313-pytest-html, python313-sqlparse, python313-websockets, rclone, rust-keylime, rustup, sccache, spectre-meltdown-checker, sssd, terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid, thunderbird, tiff, traefik2, xorg-x11-server, and xwayland).
- Kernel prepatch 7.2-rc3
The 7.2-rc3 kernel prepatch is out fortesting. Linus said: "Things continue to look normal (the 'new normal'with slightly higher rates of commits, although I do get the feeling thatwe're seeing that slightly balanced out by people starting to go on summervacation)".
- [$] An update on the scraper situation
Our article "Fighting the AI scraper botscourge", published in early 2025, discussed the problem of widespreadscraping of web sites in search of training data for large language modelsand related projects. This activity overwhelms sites with traffic. Over ayear after that article is published, the problem is still growing. Thehammering of sites by shadowy actors has reached new heights, and the openweb is becoming increasingly difficult to maintain. Where is this trafficcoming from, and what can be done about it?
- [$] QBE 1.3: metaprogramming, performance, and cross-platform support
QBE, a compact compiler backend developed by Quentin Carbonneaux, is alightweight alternative to larger compiler backends such as LLVM and GCC.Designed to be small enough for a single developer to understand, QBE uses astatic single-assignment (SSA) intermediate representation (IR), supports the C ABI,and serves as the backend for projects such as Hare andthe cproc C11 compiler. Frontendsemit the textual form of QBE's IR directly; QBE then takes care of register allocation,optimization, and native-code generation, producing assembly for the targetarchitecture.
- Security updates for Friday
Security updates have been issued by AlmaLinux (aardvark-dns, cups, edk2, gstreamer1-plugins-bad-free, gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, kernel, libsolv, libtasn1, libxml2, nginx:1.24, nginx:1.26, oci-seccomp-bpf-hook, python-urllib3, and tomcat), Debian (rlottie), Fedora (c-ares, k9s, kind, libXfont2, nmap, pam, perl-DBI, php, python-pendulum, tmux, and xorg-x11-server-Xwayland), Mageia (7zip and ack), Slackware (tigervnc), SUSE (alloy, cargo-c, chromium, clamav, cosign, dirmngr, firefox, flannel, fluidsynth, gnutls, go1.25, go1.26, gol, GraphicsMagick, helm, kernel-devel, libaom, libexif, openQA, os-autoinst, python-Django, python-idna, python-sqlparse, rust-keylime, rustup, sccache, SUSE Manager Client Tools, SUSE_Multi-Linux_Manager Client Tools, transmission, and warewulf4), and Ubuntu (curl, expat, golang-go.crypto, libheif, libidn, libraw, libsoup2.4, linux, linux-azure-4.15, linux-azure-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle, linux-aws, linux-aws-fips, linux-azure-fips, linux-fips, linux-raspi, linux-xilinx-zynqmp, and python2.7, python3.5).
- [$] Kitty chases the mouse
Kitty is a terminalemulator thatruns on Linux, macOS, and the BSDs, which is notable for its speed and featuressuch as image support and advanced font handling. It is under active development; arecent major release adds anew level of mouse support. Here, we will look at some of those featuresand show how the program can also be used as platform fortext-based applications. Kitty is free software, releasedunder the GPLv3.
- Rust 1.97.0 released
Version1.97.0 of the Rust programming language has been released. Changesinclude using a new symbol-mangling scheme by default, support for denyingwarnings in Cargo, and an end to the practice of hiding the linker's outputafter a successful build.
- Security updates for Thursday
Security updates have been issued by AlmaLinux (389-ds-base, aardvark-dns, buildah, compat-openssl10, freeipmi, frr, gnutls, grafana, grafana-pcp, kernel, kernel-rt, libyang, nginx, openexr, pcs, perl-HTTP-Daemon, postgresql:18, python3.14-pip, skopeo, tomcat9, and wireshark), Debian (chromium and pgextwlist), Fedora (openssh, opkssh, perl-CSS-Minifier-XS, python-jiter, python-nh3, python-pendulum, rust-jiter, and upower), Mageia (openvpn and vips), Oracle (389-ds-base, aardvark-dns, compat-openssl10, container-tools:ol8, freeipmi, kernel, libyang, perl-HTTP-Daemon, python3.14-pip, and skopeo), Slackware (libXfont2, proftpd, and xorg-server), SUSE (alloy, apache2, apptainer, assimp, chromium, clamav, docker, docker-compose, dracut, glib-networking, go-sendxmpp, go1.26-openssl, gstreamer-plugins-good, haproxy, hauler, jackson-annotations, jackson-bom, jackson-core, jackson- databind, jackson-dataformats-binary, jackson-modules-base, jackson-parent, kernel, krb5, kubevirt, libslirp, libXfont2, mpv, libkpipewirerecord6, ffmpegthumbs-kf5, netty, netty-tcnative, openqa, os-autoinst, podman, python-maturin, python-msgpack, python313-yt-dlp, radare2, rust-keylime, systemd, systemd, systemd-mini, tomcat11, trivy, xorg-x11-server, and xwayland), and Ubuntu (apache2, clamav, linux-raspi, and mailcap).
- [$] LWN.net Weekly Edition for July 9, 2026
Inside this week's LWN.net Weekly Edition: Front: Cryptography API; Iomap explanation; Negative dentries; Faster RCUs and lockless allocation for BPF; LLMs in memory-management code Briefs: Guix vulnerabilities; OpenSSH 10.4; trusted publishing; kernel archive; CalyxOS; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- OpenMandriva: Statement regarding attempted distribution sabotage
Over on the OpenMandrivaforum, the Linux distribution has reportedsabotage of its repositories by a disgruntled contributor withadministrative credentials. According to "AngryPenguin", an abusiveincident in a distribution Matrix chat led to a user being kicked out ofthe chat; that "triggered a cascade of events", which led to peopleresigning from the distribution. Eventually, one of those people usedtheir administrative privileges to delete part of the distribution's GitHubrepository and to "publish an empty package in the cookerrepository, which obsoleted all gnome and cosmic packages, which could havedamaged the systems of people using gnome or cosmic".We are currently working to restore the deleted repositories and restorethe functionality of the obsolete packages. [...] We performed a full system audit and, aside from the removedpackages, we found no other violations.

- Reworked System Call Entry Handling Slated For Linux 7.3
Stemming from looking at a proposed Linux kernel patch to alter the Linux kernel's system call number handling, veteran Linux kernel developer Thomas Gleixner went down a rabbit hole of the kernel's system call entry handling to make a number of clean-ups and improvements to the code. That rework to the system call entry handling is now expected to land for the Linux 7.3 kernel cycle...
- Raspberry Pi 5 IOMMU Driver Being Worked On For The Mainline Linux Kernel
While the Raspberry Pi 5 is already over two and a half years old, one of the missing elements of its support from the mainline Linux kernel has been the IOMMU driver. We are now seeing Raspberry Pi's downstream IOMMU driver being adapted for mainline with hopes of getting it into the upstream kernel...
- 9to5Linux Weekly Roundup: July 12th, 2026
The 300th installment of the 9to5Linux Weekly Roundup is here for the week ending July 12th, 2026, keeping you updated on the most important developments in the Linux world.
- Graviton5 Outperforming Intel Xeon Granite Rapids But Falls Short Of AMD EPYC Turin
Following the recent GA of the AWS M9g series as the first instances powered by the new Graviton5 CPUs, I recently ran benchmarks looking at Graviton4 vs. Graviton5 CPU performance. There was very nice generational gains for the new AWS Graviton processors with the shift from Arm Neoverse-V2 to Neoverse-V3 cores and from DDR5-5600 to DDR5-8800 memory, among other improvements. For those wondering how the Graviton5 ARM server processors compare to AMD EPYC and Intel Xeon, here are some additional comparison data points from the Amazon EC2 cloud.
- armStone MX8ULP packs NXP i.MX 8ULP into a 100mm Pico-ITX single board computer
F&S Elektronik Systeme GmbH has showcased the armStone MX8ULP, a Pico-ITX single board computer based on the NXP i.MX 8ULP processor. The 100 × 72 mm platform targets industrial, IoT, and human-machine interface applications, combining low-power processing, real-time capabilities, and multiple connectivity options. The armStone MX8ULP integrates the NXP i.MX 8ULP SoC, which combines two […]
- HackerBox 0128 Mesh Deck explores LoRa communication with Meshtastic
HackerBox has released Issue 0128, titled “Mesh Deck,” a DIY communications platform built around a ProMicro nRF52840 development board, an SX1262-based LoRa module, a GPS receiver, an OLED display, and a miniature QWERTY keyboard. The kit focuses on assembling and configuring a portable Meshtastic node for decentralized messaging without cellular or internet service. The main […]
- HFI BIOS Aims To Provide A POST-Like Power On Screen & BIOS Setup Utility For RISC-V
The Harmonic Firmware Initiative "HFI" is trying to provide a generic, standardized power-on firmware experience for RISC-V boards. Akin to the x86 world with having immediate graphics card initialization to provide a display while the system is booting and also having a BIOS setup utility for system configuration, HFI is trying to do the same for the RISC-V world...

- StubHub, CEO Hit With 'Deceptive Practices' Class Action Over Mass Scalping
An anonymous reader quotes a report from the BBC: StubHub and its CEO, Eric Baker, have been hit with a proposed $5-million class-action lawsuit in the United States over the company's ties to large-scale scalpers -- connections reported by CBC News last week. The suit, filed Monday by New York ticket buyer Louis Sanquini, alleges deceptive practices and fraudulent misrepresentation over StubHub's promoting itself as a "marketplace for fans to buy and sell tickets." The online ticket resale giant has faced a storm of customer complaints after cancelling thousands of World Cup tickets. The company has repeatedly said it is simply a technology platform that does not buy, sell or possess tickets. However, CBC reported last week that Baker disclosed in recent filings with the U.S. Securities and Exchange Commission that he runs Andro Capital, a hedge fund that engages in large-scale resale of millions of dollars' worth of sports and concert tickets on the StubHub resale platform. Sanquini filed the proposed class action in the Southern District of New York, arguing consumers were kept in the dark and that he believed StubHub was a "neutral" marketplace. Lead counsel Kevin Steinberg told CBC News in an emailed statement that "consumers deserve honesty and transparency." A CBC investigation found that the CEO of online ticket reseller StubHub owns and manages a hedge fund that scalps millions of dollars of its own tickets. "While what StubHub is alleged to have engaged in and perpetrated upon millions of patrons is unfathomable, this case is about transparency and consumer trust. If companies make representations to the public, consumers are entitled to expect that those representations are complete and accurate," he said. The claim reads: "Defendants' failure to disclose this conflict of interest, while affirmatively marketing StubHub as a fan-to-fan marketplace, deceived Plaintiff and the Class and caused them to pay prices, and accept terms, they would not have accepted had the truth been known." Sanquini argues that had he known StubHub's CEO held a financial interest and that the company was helping finance professional resellers, he would never have used the resale site to buy tickets to see rock band Kiss in 2023 or to attend a New York Red Bulls-New York City FC Major League Soccer match in 2024.
 
Read more of this story at Slashdot.
- Indian Scientists Produce Most Detailed 3D Atlas of the Human Brainstem
Scientists at the Indian Institute of Technology, Madras (IIT-M) have created what they describe as the world's most detailed 3D cellular atlas of the human brainstem, linking whole-brain MRI views to individual neurons across more than 500 tissue sections. The free online atlas, called Anchor, could help researchers better understand diseases such as Alzheimer's, Parkinson's, stroke, and SIDS by showing how healthy and diseased brain tissue differs cell by cell. The BBC reports: Built from high-resolution microscope images rather than costlier molecular techniques, it creates a detailed three-dimensional map of the brainstem, identifying more than 200 clusters of brain cells and nerve pathways. Eight chemical markers help distinguish different cell types, producing one of the clearest pictures yet of this vital, but poorly, understood part of the brain. The brainstem occupies only a sliver of the brain, yet it keeps people alive. It links the brain to the spinal cord and controls breathing, heartbeat, sleep, wakefulness and movement. [...] Users can zoom from the whole brainstem seen on MRI down to individual neurons while maintaining their precise spatial relationships. The researchers have made the atlas freely available online, hoping it becomes a reference tool for neuroscientists, neurologists and neurosurgeons worldwide. Its applications could also extend well beyond anatomy. By comparing healthy brainstem maps with diseased tissue, scientists may better understand disorders ranging from Parkinson's disease and stroke to Alzheimer's disease and sudden infant death syndrome (SIDS). More precise maps could also help neurosurgeons navigate one of the brain's most delicate regions with greater confidence.
 
Read more of this story at Slashdot.
- Scientists Find Sugar Deep In Our Galaxy
Astronomers have detected erythrulose, a sugar found in raspberries and self-tanners, in a gas cloud near the center of the Milky Way. While not essential for life itself, the molecule can convert into a form thought to be important for life's origins, adding evidence that key prebiotic ingredients may be widespread across the galaxy. The Associated Press reports: Using two dish-shaped radio telescopes in Spain, researchers collected data from a large gas cloud near the center of the Milky Way. They identified the sugar in gas form by comparing telescope signals to samples in the lab. It's the latest kind of sugar detected in space -- in a region crossed by NASA's twin Voyager, the farthest spacecraft to ever travel from Earth. Scientists have found interesting chemistry in our galaxy, including building blocks for genetic material and parts of the cell. They spotted a cousin to table sugar near the center of the Milky Way about 25 years ago, and black grains from asteroid Bennu retrieved by NASA's Osiris-Rex spacecraft yielded other sugars, including a key DNA ingredient. The latest sugar isn't essential for life, but can easily convert to a form that's thought to be crucial to kick-starting life on Earth. And it's one of the most complex sugars spotted so far, said astrophysicist Erika Hamden with the University of Arizona. The results were published in the journal Nature Astronomy.
 
Read more of this story at Slashdot.
- Over 200 Economists Say 'We Must Act Now' On AI's Economic Impact
An anonymous reader quotes a report from the Associated Press: Hundreds of economists say in an open letter that institutions "must act now" to address how artificial intelligence could transform the economy and could put many people out of work. The statement released Monday was signed by top economists, along with computer scientists and some executives at tech companies including Anthropic, Google and OpenAI. "AI may become radically more powerful over the next 10 years," says the letter organized by Stanford University's digital economy lab. "This could drive an unprecedented transformation of our economy, larger than the Industrial Revolution, but unfolding over a vastly shorter time frame. It could bring risks, including large-scale job displacement, as well as opportunities such as major gains in living standards." The letter, which has only four sentences, says leaders must "build the incentives, guardrails, and institutions needed to steer AI in a direction that complements humans and benefits society." The Stanford lab says the letter has so far been signed by more than 200 economists and AI researchers, including 16 winners of a Nobel Prize. "We must be intentional and make collective, democratic choices, rather than letting market forces play out and risking leaving most citizens behind," wrote computer scientist and AI pioneer Yoshua Bengio, who was also among the signatories. He said it "it is highly plausible that AI will drastically transform our economies." Other signatories include Google CEO Eric Schmidt, LinkedIn cofounder Reid Hoffman, and Nobel laureates Joseph Stiglitz, Daron Acemonglu, and Simon Johnson.
 
Read more of this story at Slashdot.
- Microsoft Promises To Fix Search With Major Windows 11 Overhaul
Microsoft is overhauling Windows 11 search to prioritize local apps, files, and settings over web results while removing ads, promotions, MSN/Bing clutter, and other distractions. "You've have been asking for search that is faster, more relevant, and easier to use -- whether you're opening an app, finding a file, or changing a setting," Microsoft says in a new blog post. "Because the Windows Search Box is where many people start, we focused first on making results more dependable, easier to scan, and clearer before you click." Windows Central reports: The company is highlighting several key improvements, including clearer results that does a better job at showing why a search result is appearing when a query has been typed, alongside prioritizing local results before reaching out to the web. Search is also getting better at handling things like typos, which should help surface the right results even when the user misspells an app or file. The search home pane will no longer show MSN or Bing content, and promotional content and ads will no longer appear in search results. These upgrades are now rolling out to Windows Insiders in the Experimental Channel, and are expected to roll out to all Windows 11 users later this year. Insiders may not see the changes right away as they are rolling out in waves. The full list of changes can be found here.
 
Read more of this story at Slashdot.
- US Government Warns That Russia State Hackers Are Coming After Your Router
CISA and allied governments are warning users to secure their routers as Russian state-backed hackers continue compromising the devices and turning them into proxy nodes to disguise attacks against critical infrastructure. The advisory urges users to disable outdated SNMP versions, use strong passwords, update firmware, and turn off unnecessary router services to reduce the risk of being swept into these botnets. Ars Technica reports: "Russian Federal Security Service (FSB) Center 16 cyber actors continue to exploit poorly configured and vulnerable networking devices worldwide, opportunistically compromising multiple critical infrastructure sector networks," the Cybersecurity and Infrastructure Security Agency said Monday. The hacking groups are tracked under various names, including Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard, and Static Tundra. The advisory was co-issued by governments from around the world, including Australia, Denmark, New Zealand, and the UK. The primary means of compromise the agency warned about was hackers scanning IP ranges with active Simple Network Management Protocol (SNMP) agents that accept common or default authentication credentials. These scans are run by the very sorts of router botnets the actors are trying to enroll the targeted device in. By sending malicious traffic from spoofed addresses, the hackers can use the SNMP agent on poorly configured routers to run malware. SNMP allows users to collect and organize information about managed networking devices or to modify that information to change device behavior. With control of a device, the hackers then use it as an exit node when probing or attacking targets in the communications, defense, energy, financial services, and government sectors. By funneling the malicious traffic through a benign-appearing device on a trustworthy IP address, the attackers are able to lower the chances of getting blocked by firewalls and other security defenses. Monday's advisory made no mention of identical operations carried out in recent years by China. So-called residential proxies are also a go-to tool used by financially motivated criminal hackers to obscure their true IP address. In many cases, these sorts of proxies are made up of millions of streaming devices that are sold with preloaded malware.
 
Read more of this story at Slashdot.
- German Firm Files For Insolvency After Cybercriminals Shut Down Production For 6 Weeks
German textile firm ZEGO has filed for insolvency and is blaming a March cyberattack that shut down production for nearly six weeks. "ZEGO's filing adds another name to the short but growing list of companies that say a digital break-in was commercially fatal to their business," reports The Register. From the report: In a notice to customers and suppliers, the organization said it had exhausted every available option before seeking insolvency protection. Managing director Johannes Zenglein described the filing as "one of the most difficult steps in our company's 37-year history." "The cyberattack of March 29, 2026, however, impacted our company to an extent that we could not fully compensate for despite our best efforts," Zenglein wrote. "The consequences resulted in a production outage of nearly six weeks and significant financial strain. These effects ultimately impacted our financial situation so severely that filing for insolvency became necessary." ZEGO did not disclose what kind of attack it suffered, whether ransomware was involved, who was behind it, or whether customer or employee data was compromised. What it has made clear is that the operational disruption alone was enough to push the business beyond the point of recovery. ZEGO said insolvency proceedings have now been initiated, but insisted the filing does not necessarily spell the end of the business. It said it plans to keep production running while administrators attempt to restructure the business, preserve jobs, and keep customers and suppliers on board.
 
Read more of this story at Slashdot.
- States Sue to Block Paramount-Warner Bros Merger, Defying DOJ
A coalition of 12 states led by California is suing to block the $111 billion Paramount Skydance-Warner Bros. merger, arguing it would reduce competition in theatrical distribution, blockbuster films, and basic cable licensing. The challenge (PDF) defies the DOJ's approval of the deal. Variety reports: The coalition, led by California Attorney General Rob Bonta, alleges that the $111 billion transaction violates the Clayton Act by lessening competition in three distinct markets: wide-release theatrical distribution, "top-grossing" theatrical distribution, and basic cable licensing. "The unlawful merger of these two entertainment behemoths would lead to higher prices, lower quality, and less content for film and television, harming movie theaters, basic cable distributors, and ultimately, audiences on every sofa and movie theater seat in the U.S.," Bonta said in a statement on Monday. The suit argues that the combined company will control 27% of the wide-release theatrical distribution market, 30% of the submarket comprising "anticipated blockbuster films," and 27% of the basic cable bundle. The states argue that such consolidation will harm theaters and cable and satellite providers that rely on competition among distributors. Paramount and Warner Bros. are two of the five remaining legacy studios. Together, all five -- including Disney, Sony and Universal -- control 86% of theatrical distribution and 90% of blockbuster distribution, the states said. Warner Bros. and Paramount are also the second- and third-largest basic cable distributors, respectively. [...] The states are expected to seek an injunction to block the transaction, which Paramount expects to close sometime after July 22. The 12 states in the coalition are Arizona, California, Colorado, Connecticut, Massachusetts, Minnesota, Nevada, New Jersey, New Mexico, New York, Oregon, and Washington. [...] All are represented by Democratic attorneys general. "Consolidation here not only leads to higher prices -- it also leads to fewer opportunities for important stories to come to life, and fewer ways for audiences to encounter stories, ideas, and perspectives beyond their own experiences," Bonta said. "In this country, no one is above the law. With this lawsuit, California and our sister states are fighting for free and fair markets, not rigged markets. America has no kings in government or our economy."
 
Read more of this story at Slashdot.
- Apple Reportedly Agreed to Intel Chips To Avoid White House Tariffs
According to the Wall Street Journal (paywalled), Apple agreed to use Intel's U.S. chipmaking plants after White House officials pressured Tim Cook during tariff-relief talks last summer. MacRumors reports: In August 2025, Apple CEO Tim Cook was in Washington to lobby the Trump administration to drop its proposed 100 percent tariff on semiconductor imports -- a levy that would have raised costs across Apple's product line. Apple reportedly secured an exemption after pledging to invest hundreds of billions of dollars in the U.S., although many of those investments were already planned. During the meetings, president Trump and commerce secretary Howard Lutnick are said to have urged Cook to use Intel's fabrication plants to make some of Apple's chips. The link between the tariff talks and the Apple-Intel deal had not been previously reported. Almost a year later, Trump announced via his Truth Social platform that Apple would begin using Intel-made chips in some products. "We need to design and build our Chips right here in America," the president posted. The news sent Intel shares to record highs. According to a person familiar with the negotiations cited by the WSJ, Apple plans to have Intel make chips for both Mac laptops and iPhones. The report doesn't say which chips or in what volume, and Apple is expected to remain reliant on Taiwan Semiconductor Manufacturing Company, or TSMC, for the majority of its custom silicon.
 
Read more of this story at Slashdot.
- Cloudflare Precursor Watches Your Mouse and Keyboard To Decide If You Are Human
BrianFagioli writes: Cloudflare has launched Precursor, a new behavioral bot detection system that monitors mouse movement, typing cadence, scrolling, clipboard activity, page visibility, and other signals across an entire browsing session. The system is designed to catch advanced bots that can run JavaScript, use real browsers, and pass traditional CAPTCHA challenges. Cloudflare says Precursor does not record actual keystrokes and instead studies timing and rhythm. The company also says the data is not tied to user identities or persistent profiles. Even so, software that watches how people move and type throughout a visit raises privacy concerns, especially as Cloudflare claims bots now generate roughly 57 percent of all Internet requests.
 
Read more of this story at Slashdot.
- Social Media Limits Are Coming For Teens Across Europe
The European Union is considering major new restrictions on children's access to social media, including age limits, phased access, and an outright ban. "This is not about whether children can access social media," said European Commission President Ursula von der Leyen. "It is about when social media can access our children." The Verge reports: Social media platforms could also be forced to prove their services are not harmful before young people are allowed to use them. European Commission President Ursula von der Leyen said the bloc's executive arm could propose new legislation within months, after reviewing recommendations from a panel of experts released today. The panel recommended using a phased approach, including "no screens at all" for children under 3, supervised internet use for those under 13, and some limits for older teens. It also said social media platforms should have to prove their services are safe to younger users, an approach von der Leyen said she supports. Von der Leyen said the Commission will consider the report and return with proposals "after the summer." Any legislation would still need approval from the European Parliament and the EU's 27 member countries before becoming law across the bloc.
 
Read more of this story at Slashdot.
- Why 55% of Americans Stopped Posting On Social Media
A new Incogni survey suggests Americans are pulling back from social media, with more than half saying "maintaining an online presence feels like work" and 55% reporting they post less than they did five years ago. "The full study concludes that there's been a significant shift in public attitudes toward social media," reports PCMag. "Where it was once fun and relaxing, it's now growing dark and angsty..." From the report: As the chart shows, there's also a clear correlation with age. A full 60% of Gen Z respondents feel the pain of maintaining a social presence. Perhaps they have a niggling hope that they might still be discovered as an influencer? Those of us in the Boomer category are clearly more relaxed about it, with just 38% saying that maintaining a social presence feels like work. The survey quizzed respondents about how they feel when they don't keep up with checking their socials and, by extension, how they'd feel if they just plain quit. They were given choices, both positive (peace, relaxation, and relief) and negative (anxiety, fear of missing out, and discomfort). Overall, positive reactions held slightly greater sway, with an average of about 21% compared with 19% for negative reactions. The Gen Y contingent accentuated that split, with 25% positive and 21% negative, while Gen X went even further, with 20% positive and just 13% negative. But the Gen Z group flipped the results, identifying 27% negative and 26% positive reactions to going without social media. There's another force pushing folks away from the socials: increasing politicization. Of the survey's respondents, 44% agreed that political content is driving people away from social media, and only 20% disagreed. Among Gen Z respondents, the impetus was stronger: 48% agreed, and just 13% disagreed. These negative feelings associated with politics only serve to highlight the positive reactions to deleting your social media. Are you posting less on social media than you did five years ago, and are you being more selective about who can see what you post? Then you're with the majority. More than half of the respondents answered yes to each of those questions. But would you ever parlay fewer posts into no posts (aka quit posting entirely)? When asked what it would take to finally get them to terminate a social media account, a die-hard group of one in six respondents said there's nothing that could make them quit. But more than half could picture quitting due to security concerns, and almost half accepted the possibility that harassment or hate speech could send them packing. Others cited the amount of time wasted on scrolling through social media and the mental health threats of doomscrolling.
 
Read more of this story at Slashdot.
- China, Russia and Others Seek To Inflame Debate Over AI Data Centers
An anonymous reader quotes a report from The New York Times: A state-owned newspaper in China recently published a satellite image of a data center in Gainesville, Va., writing in English that the development of artificial intelligence posed a threat to Americans' physical and financial well-being. A comic strip made to look as if it had been published by a Maryland news outlet -- created with OpenAI's ChatGPT by people in China, the tech company said -- circulated on X this year, blaming data centers for soaring electricity bills. It showed a tycoon smoking a cigar and clutching bags of cash. A video shared on X by a known covert Russian influence operation questioned the viability of a data center that an American company, Firebird, is constructing in Armenia, the small Caucasus nation that has been a focus of Kremlin pressure. "The country's electrical grid instability may render it useless," the video's narrator says. All are examples of a push by foreign adversaries to seize on what polls have shown is deep ambivalence -- verging at times on hostility -- about the spread of the data centers needed to power A.I. in the United States and elsewhere. China, Russia and, to a lesser extent, Iran have sought to use state media outlets to turn the controversy over data centers in the United States into "a domestic fracture point," according to a new analysis by Alethea, a threat intelligence company, which identified scores of articles and posts on social media this year. These campaigns, whose impact on public opinion remains to be seen, have raised alarms in Washington, where A.I. is seen as a top issue heading into this year's midterm elections.
 
Read more of this story at Slashdot.
- Linus Torvalds on Rust, C, Bugs, and AI Patch-Checking Tools
"Git and email are the two really only tools I use," Linus Torvalds said at Open Source Summit India 2026. But ZDNet reports that he also shared his thoughts on Rust, C, and patch-checking tools:"I use Google as a way to look things up." He added, "I'm unusual; most of the other maintainers end up using many more tools, and I think a lot of them are starting to use AI tools for patch checking," while he "works at a higher level. I work with people, not tools." When asked about Rust both in Git and the kernel, he pushed back against hype: "I'm not sure Rust is going to take over the world. I still think Rust is very interesting, [but] I still find C to be a much simpler tool." Torvalds continued, "I'm much more excited about all the tools we have for verification of C," including "automated patch verification tools" and "automated email checking tools for patches like Sashiko." Summing up, Torvalds told the Mumbai audience: "I'm more of a hack-and-slash kind of person, and I still like the raw and simple power of C, and I don't think that's going to change." Torvalds also warned against overestimating Rust's benefits: "Rust fixes a few easy bugs that you can make in C, but it does not fix the logic errors, right? It does not think for you, and when you write incorrect code, the language does not matter. The end result will be incorrect." On mixed C/Rust code bases, he pointed out that guarantees are limited: "The guarantees that Rust give you only apply in the Rust-only parts of your code base, and wherever you interact with C code, all bets are off," with most Rust code in Linux talking to "core kernel C code" that is "much better quality... because that code has been tested in every single environment." At the same time, Torvalds pointed out, "some of our big and more high-profile bugs in the kernel lately have been logic errors" rather than the kind of memory errors Rust prevents. "It was just bad programming, which sadly happens even in carefully maintained subsystems and important kernels that are supposed to be very secure."
 
Read more of this story at Slashdot.
- Japan's Space Agency Conducts First Test Flight For Experimental Reusable Rocket
"Japan's experimental reusable rocket took off and safely landed in a first test flight Saturday," reports the Associated Press, as Japan "seeks to achieve the technology key to cut launch costs and compete in the global space market dominated by SpaceX."The RV-X rocket lifted off, hovered and moved horizontally before landing [watch the video here] during its less than one-minute flight at the Japan Aerospace Exploration Agency's Noshiro Testing Center in northeastern Japan, which was livestreamed by the NVS, a group of space fans...Saturday's flight is a step forward for Japan in achieving the technology needed to develop a lower cost successor to the country's current mainstay, single-use H3 series. Japan's test comes the same week that China recovered an orbital booster rocket for the first time.
 
Read more of this story at Slashdot.

- AI needs a home, not a hotel
PARTNER CONTENT: Firms crafting internal AI must choose a permanent residence for their tech, not just rent server space by the hour.

- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.

- Linux Dealing With Apple9s Wild Mess Of Sensors On Apple Silicon SoCs
While there has been the Apple System Management Controller "SMC" hardware monitoring driver with the intent on exposing battery/power stats as well as thermal and more for Apple Silicon SoCs on Linux, it hasn't yet been working out properly on the mainline kernel. Between missing Device Tree nodes to the hodgepodge mess of sensors between the different Apple M-Series SoCs, it's a mess...
- "Light" GRUB Alternative Package For Confidential Computing Approved For Fedora 45
A month ago there was a change proposal raised for offering a "light" version of the GRUB2 bootloader for use in confidential computing environments. While there were some differing views on the matter for this alternative, stripped-down GRUB package as opposed to just using other bootloaders like systemd-boot, ultimately, the proposal is now approved...
- Graviton5 Outperforming Intel Xeon Granite Rapids But Falls Short Of AMD EPYC Turin
Following the recent GA of the AWS M9g series as the first instances powered by the new Graviton5 CPUs, I recently ran benchmarks looking at Graviton4 vs. Graviton5 CPU performance. There was very nice generational gains for the new AWS Graviton processors with the shift from Arm Neoverse-V2 to Neoverse-V3 cores and from DDR5-5600 to DDR5-8800 memory, among other improvements. For those wondering how the Graviton5 ARM server processors compare to AMD EPYC and Intel Xeon, here are some additional comparison data points from the Amazon EC2 cloud.
- Reworked System Call Entry Handling Slated For Linux 7.3
Stemming from looking at a proposed Linux kernel patch to alter the Linux kernel's system call number handling, veteran Linux kernel developer Thomas Gleixner went down a rabbit hole of the kernel's system call entry handling to make a number of clean-ups and improvements to the code. That rework to the system call entry handling is now expected to land for the Linux 7.3 kernel cycle...
- Raspberry Pi 5 IOMMU Driver Being Worked On For The Mainline Linux Kernel
While the Raspberry Pi 5 is already over two and a half years old, one of the missing elements of its support from the mainline Linux kernel has been the IOMMU driver. We are now seeing Raspberry Pi's downstream IOMMU driver being adapted for mainline with hopes of getting it into the upstream kernel...
- Cloud Hypervisor 53 Released With Offloaded Snapshot/Restore Daemon
Cloud Hypervisor 53.0 is now available for this open-source, Rust-based VMM focused on cloud workloads and modern security needs. Originally started at Intel, Cloud Hypervisor continues seeing new development these days by Microsoft, Meta, Arm, and other organizations...
- HFI BIOS Aims To Provide A POST-Like Power On Screen & BIOS Setup Utility For RISC-V
The Harmonic Firmware Initiative "HFI" is trying to provide a generic, standardized power-on firmware experience for RISC-V boards. Akin to the x86 world with having immediate graphics card initialization to provide a display while the system is booting and also having a BIOS setup utility for system configuration, HFI is trying to do the same for the RISC-V world...
- Pop!_OS Rolls Out Its "Frosted Glass" Desktop Style For COSMIC
System76 developers have for the past number of weeks been working on developing a "frosted glass" appearance for the COSMIC desktop environment featured on their Pop!_OS Linux distribution. For Pop!_OS users this frosted glass feature is now available and will become more widespread for other Linux distributions once the next COSMIC release is formally tagged...
- Linux DT Patches Provide Very Basic Support For Apple M3 Pro / Max / Ultra
Upstreamed for the Linux 7.2 kernel was initial support for booting Linux on the Apple M3 SoC devices. But just the barebones suppport for booting with not yet any accelerated graphics or other typical function needed for daily use of M3 Apple devices on Linux, just booting to a console. Now this work is complemented by additional Device Tree patches for also booting M3 Pro / Max / Ultra devices on Linux...
- LLVM Clang Merges Initial Support For NVIDIA Rigel Core With Next-Gen Rosa CPU
Earlier this week NVIDIA confirmed some basic details around their next-gen Rosa CPU that succeeds Vera. Among the public confirmation was that it will feature a "Rigel" Armv9.2-A core iterating on their Olympus core design. With the basic details published, NVIDIA immediately introduced Rigel core support into the GCC compiler. Now they have also upstreamed their initial Rigel core enablement into the LLVM Clang compiler...

- How early SunOS did diskless workstations before NFS
I have a love-hate relationship with Suns NFS. Since it was so prevalent, its a go-to for getting stuff on and off the classic UNIX workstations I love to explore, but at the same time, it also never seems to work right away. However, the technology NFS was designed to replace was apparently quite a bit worse. Sun sold diskless workstations before NFS, which used something called nd (network disk). The problems with nd stem from a limitation of SunOS at the time. Since SunOS only provided support for a maximum of eight partitions per physical disk, nd offered the ability to create subpartitions, of which you had to manually create and remember the start and end sectors. Thats a recipe for problems. But wait, theres more! For extra bonus problems, you might run out of available partitions to use on your server disk because you needed all of the available ones for regular filesystems and your swap area. If you were in this situation you could take the dangerous but necessary step of specifying your network disks using the special c partition (cf dkinfo(8)), which was conventionally used to provide access to the entire disk. This was extra dangerous because you had to make sure that the nd disks you specified werent overlapping into any regular partitions that you were using, since as nd(8) says, nd itself did no sanity checking. If you said sectors X to Y were network disk X, thats what they were, and goodness help you if some of them were also something else. ↫ Chris Siedenmann And this isnt even everything. Every part of this sounds horrid, and I can totally understand seeing NFS as a godsend compared to nd. Its depressing that were in 2026 now, and the basic task of sending a file from one computer to another over your own network often still a total clusterfuck.
- Nokia’s 14 years of mobile-phone supremacy ended in an afternoon
OSNews covered the downfall of Nokia extensively back when it was happening, but I must admit that seeing this whole story in retrospectives! now makes me feel so incredibly old. This story played out roughly between 2007 and 2016 in the grand scheme of things, the end of Nokias phone business wasnt that long ago! Zeit, bitte bleib stehen. Anyway, heres another retrospective, but this one I definitely like a bit more than the countless others weve seen, because it ends on the part of the story often left out: Nokia not only survived, its actually thriving. The company itself ultimately survived, even if the transition wasn’t painless. Nokia’s revenues, which peaked in 2007, fell sharply through the mid-2010s before the company refocused on a decades-old business line—telecom infrastructure—that many had forgotten Nokia was even in. Nokia now ranks among the world’s top three suppliers of 5G network equipment, serving carriers across more than 125 countries, alongside Ericsson and Huawei. Although the company could never quite crack the smartphone, it now plays a key role in providing the network backbone those smartphones run on. ↫ Chris Chinchilla at IEEE Spectrum From a business perspective, I honestly doubt Nokias phone business couldve survived to this day, even if they had responded to the arrival of the iPhone sooner, and even if they didnt do the stupid thing of focusing on Windows Phone first and had just embraced Android right away. Obviously, a Nokia with its own touch-era smartphone operating system would never have survived none of them did and even if they went with Android from the onset, I think the eventual onslaught of Samsung, which has killed many a popular smartphone brand, wouldve trampled Nokia too. In a better version of our world, Nokia wouldve survived with its own smartphone operating system, based on Symbian or not, and it wouldve been Europes strong, consistent answer to the Americans iOS and Android. While Nokia wouldve still been a business and wouldve undoubtedly tried the same anti-user shenanigans as Apple and Google, theyd at least be easier to reign in regulatory-wise. Youd hope. The EU shouldve never allowed Nokias smartphone business to be sold to Microsoft.
- Apple sues OpenAI for theft of trade secrets!
Apple sued OpenAI on Friday, alleging the AI company has stolen the iPhone maker’s trade secrets to develop its own yet-to-be-unveiled AI gadgets. In the suit, filed in the District Court of Northern California, Apple accuses OpenAI of trade secret misappropriation and breach of contract. ↫ Lisa Eadicicco and Hadas Gold at CNN I find this about as interesting and watching artificial grass grow, but with the common wisdom being that Apple is behind on AI!, it was honestly only a matter of time before the lawsuits came. After all, thats usually what companies who cant win in the market do. At the very least this will give corporate tech news websites a whole slew of new material. I just hope they both implode. Wed all be better off for it.
- Redox gets GTK3, Tcl
Redox did the develop cools stuff thing again for a month, so weve got progress to talk about. This past month, GTK3 has been ported to Redox, as well as the Tcl programming language. Support for per-window fractional scaling has been added to Orbital, Redox desktop environment, but its still relatively limited for now. Theres also new USB gamepad support, which already works in quite a few emulators, as well as details about how Redox intends to improve its support for running in a virtual environment over the coming 12 months, an effort sponsored by NLnet. Of course, theres also the usual bugfixes and updates to various drivers, the kernel, Relibc, and more.
- Understanding Windows monthly updates: Servicing explained
Windows has a fairly complex update ecosystem, so every now and then, the company feels like it needs to publish clarifications and explainers so people can keep up with whats going on. Most individuals and organizations regularly deploy monthly security updates, released on the second Tuesday of each month. Windows also provides optional non-security preview updates, which give IT teams and early adopters an opportunity to validate upcoming fixes before theyre included in the next monthly security update. This guide explains the purpose of each update type, when updates are released, and how they fit into the modern Windows servicing model. ↫ Chris Morrissey at the Windows IT Pro Blog Its easy to make fun of Microsoft and Windows for just how complex and obtuse the update ecosystem really is, but in all honestly its kind of understandable. Windows is a sprawling platform used by so many different people, companies, and organisations, under so many different circumstances and in so many different environments, it makes sense that Microsoft wants to address the multitude of needs that arise from that complexity. And so we end up not only with a dizzying array of update types and a long corpus of mystic terminology, but also a long list of complex different management tools to deploy said updates. And then theres the various preview channels making everything even more complex. Im definitely not smart, qualified, or experienced enough to come up with a better solution, but I do think choosing better names for the various update types, and perhaps a centralised settings panel inside Windows that gave users a better idea of what each type of update actually does, would go a long way to improving clarity. During my month with Windows 11, I also found it deeply frustrating just how little information Microsoft provides about each of the updates Windows is installing. As a user, I was expected to copy/paste the KB number and then hope that would lead me to useful information, while it would be much more convenient if such information was available right then and there inside Windows Update. If you cant reduce complexity, you should try to improve transparency.
- You paid me, a long-time Linux user, to use Windows 11 exclusively for a month: heres how it went
You all donated en masse to have me use Windows 11 for a month, and so I did. What was it like for a long-time Linux user to go back and experience Windows as it exists now? Is it really as bad as weve collectively made it out to be? Did my month with Windows 11 consist of nothing but pain and misery, or are there good things to say, too? Or, was it an unexpected pleasant surprise? And ultimately, did I stay with Windows 11, or move back to the Linux world? Donate through Ko-Fi Donate through SEPA transfer* Buy merch from our store Why a fundraiser? *Name: Thom Holwerda IBAN: SE08 8000 0820 1684 4657 8414 BIC: SWEDSESS This year, Im celebrating the milestone of having posted 20000 stories on OSNews during my 21 years as managing editor of OSNews. This is my full-time job, and since nobody is going to give me any bonuses, stock options, or golden pens, were running a big fundraiser to keep OSNews going. To add some spice to the whole thing, I added some incentives, with the first being using Windows 11 for a month. Were slowly but steadily approaching the next incentive, too, which is a proper video tour of my office, (unique) computers, and massive devices collection. Theres a similar incentive to this Windows 11 one, but for macOS. Yikes. The rules for the Windows 11 incentive are simple: use stock Windows 11 for a month for my computing tasks (with the exception of gaming converting my Linux gaming PC to Windows just to play the same games seemed silly). I wasnt allowed to use any debloating tools, but as an EU citizen, I do have the ability to remove a ton of Windows stuff thanks to the success of the Digital Markets Act. I also tried to stick to Microsofts own applications as much as possible, for that true ecosystem experience!, and wasnt allowed to hack my way into a normal local user account. I was all-in. So what was it like? Setting it all up The installation process posed a number of challenges and issues. First and foremost, the Windows 11 installation process is incredibly barebones, and basically assumes no other operating system exists in the world. It has no clue anything other than Windows filesystems exist, making it dangerously easy to accidentally damage or outright delete any other operating systems you might have installed. My laptop happens to have two M.2 SSDs in, so I could safely dedicate one of them to Windows 11 without interfering with the other SSD with Fedora installed on it, but if youre experimenting with Windows 11 on your Linux machine with just one drive, you might want to reconsider. I also had to perform the first portion of the installation process the WinPE section with just my keyboard, since apparently, my trackpad was not supported and did not work at all. Once the system went through its first of what would be many reboots to come and loaded into the phase of the installation where youre actually already running Windows 11, my trackpad came to life, but without any gestures support so no scrolling. Not a gamebreaker or anything, but definitely annoying. A bigger issue was that the Wi-Fi 7 Intel BE200 chip in my laptop was not supported out of the box by Windows 11. This meant that I had to install these drivers during the installation process, which involves going to the Intel website and finding the correct drivers to use. To make this process more obtuse and less intuitive, you cant use the normal driver installer; you have to specifically opt for the Intel® PROSet/Wireless Software and Wi-Fi Drivers for IT Administrators , download the ZIP, unpack it on a different computer, put the unpacked drivers on a USB stick, and point the Windows 11 installer to this USB stick. Mind you, the BE200 chip was launched almost three years ago, and theres no excuse for Windows 11 not supporting this chip out of the box like Linux does. The remainder of the installation process involved dodging a lot of tracking and telemetry prompts, reboots, a lot of waiting, setting up the dreaded online account, waiting some more, and then finally ending up at the desktop. I then set out to enjoy my EU privileges by removing whatever applications I didnt need and turning off features I didnt want, as well as making sure all the drivers were up to date. This mostly involved installing the Intel Driver 8 Support Assistant and the Intel graphics drivers. Curiously, this is where I hit a returning issue: after installing the Intel GPU drivers for the first time, as well as after every subsequent update, the screen would go black and stay that way, forcing a reboot. Windows graphics stack is supposed to be able to gracefully handle driver updates, but clearly, some bug or problem was preventing the updated Intel driver from being reinitialised. Once those initial setup tasks were behind me, I experienced two more problems. First, sleep/wake was entirely broken and simply did not work. It turns out Windows 11 really doesnt like S3 sleep, and I had to specifically go into my laptops Dasharo Coreboot firmware to switch to S0ix get sleep/wake to work on Windows 11. Windows defaults to something it calls Modern Standby!, which requires the S0ix state to be enabled. You can also disable Modern Standby which would presumably make sleep/wake work with S3 (?), but this is a whole ordeal and clearly not something Microsoft wants you to do. Of course, the correct way of handling this would be for Windows 11 to adapt its sleep/wake settings to what the firmware reports, but alas. Another problem were the laptops cooling fans seemingly leading lives of their own, spinning up loudly at entirely random times, irrespective of use. It was so bad and loud
- The state of accessibility in GNOME
With July being Disability Pride Month, GNOMEs Sophie Herold published a blog post taking stock of where GNOME stands on this front, progress thats been made, as well as areas where the project comes short. One particular paragraph from her introduction really hits the nail on the head about accessibility discussions in tech circles: The reality of tech communities is that they are often ableist and elitist. Probably more so than the average population. If a user or contributor struggles with a tool, blame is shifted to a “skill issue,” if an interface is simplified to make it accessible to more people, it’s “dumbed down”. Assistive technologies are often developed by abled people, without involving and paying disabled people. This also leads to an attitude where contributors expect gratefulness from disabled people for providing them with the most basic needs. All these issues are also not absent from the GNOME community. ↫ Sophie Herold Even as someone who isnt disabled and doesnt use any tools classically shelved under the accessibility! moniker, I encounter the attitudes she mentions in the quoted paragraph basically every day. While we can have normal, productive discussions and differences of opinion about accessibility for instance, I strongly believe robust theming support is absolutely crucial to accessibility, while the wider GNOME community does not the dismissive attitudes towards people with accessibility needs in the software world is shameful. Even if you dont have accessibility needs today, you will definitely be needing them at some point in your life. If accessibility isnt one of the first words you jot down on your mood board or whatever when you start a new software project, youve already done millions of people a massive disservice. Get educated, learn what you can about accessibility, listen to people with accessibility needs, and make your software better for everyone. Youll thank yourself one day.
- Next release of Cinnamon finally supports Wayland
Linux Mints Cinnamon is one of the last desktops to still not support Wayland, and is relegated to only being compatible with legacy X11 environments. With the next release of Cinnamon, however, this is finally going to change. We worked really hard on Wayland and we got to the point where it feels solid and the experience is almost on par with X11. Wayland support will no longer be considered “experimental”. In the next version of Cinnamon, both X11 and Wayland will be fully supported. ↫ Clement Lefebvre on the Linux Mint blog The next release of Cinnamon, version 6.8, will be part of the next release of Linux Mint, scheduled for Christmas of this year.
- Most slopcode projects are abandoned and deleted within months of release
About a month ago, Flathub announced a ban on slopcoded applications. Evangelos GeopJr! Paterakis, developer of a number of popular Linux applications and ton of other things, did some research into just how many applications tagged with AI slop!, a tag Flathub reviewers used to keep track of slopcoded applications submitted to Flathub, actually survived the test of time. The results are exactly what youd expect. Of the 120 unique repos, 32 were maintained and 88 were abandoned. No seriously, a big portion of them was completely deleted, nowhere to be found, others stopped 6 months ago, right after submitting to Flathub. ↫ Evangelos GeopJr! Paterakis Thats absolutely soul-crushing. Why should Flathubs reviewers spend their precious, limited time talking to lazy slopcoders AI! agents to get their slopcoded applications into Flathub, when 70% of these applications are abandoned or outright deleted from existence within mere months of being submitted? Minimal effort for the slopcoders, maximum effort for the reviewers. Just dump a bunch of shitty code over the fence, let a chatbot handle the interactions with the reviewers, and pretend you made a valuable contribution. This is the contradiction slopcode enthusiasts really dont want to talk about. If these AI! tools are so great, where is all the amazing new software? Wheres the massive gains in software quality? Isnt the story that AI! tools do the menial work, giving programmers more time to focus on improving their software? Reality does not seem to match the story were being sold. Despite these slopcode tools being out and available for years now, theres no influx of great applications and other software, theres no rise in software quality, nothing. What we mostly seem to be getting are slopcoded projects nobody, not even their creators! care about, so they just get abandoned and deleted as quickly as they were dredged up from the bottom of the programming barrel. These arent applications created because someone wanted them to exist; these are applications created because some mid programmer got high on their AI! supply and fancied themselves better at programming than they really are only to realise once the comedown hits theyve got crappy, barely working, entirely unmaintainable gibberish vaguely looking like code nobody can make head nor tails of. And then they abandon the project, ready for the next high leaving everyone else to clean up their mess. What a miserable workflow.
- Linux ported to the Atari Jaguar
Only a few days ago we had Linux on the Mega Drive, and someone took that as a challenge, so now we have Linux on the Atari Jaguar. The Jaguar has a very different architecture than the Mega Drive, but does happen to use a processor from the same 68000-family. Interestingly enough, to this day, Linux has architecture code for the 68000-family of processors. 68040, 68030, 680100 and even the original base 68000 processor. All neatly structured under arch/m68k/. ↫ Joel Bueno And, well, that means Linux can indeed be made to work on the Jaguar, with some hacking and magic, of course.
- Review: iodéOS offers a frictionless de-Googled Android experience
Wherever in the world you go, the smartphone landscape is dominated by Android and iOS, and while this has always been problematic, recent events have made the dependency on two American tech giants for what is probably our most personal computing device even more problematic than it already was. We use our smartphones to keep our secrets, do our banking, interact with our governments, share our deepest thoughts with our friends and family, and a whole lot more. Having this invaluable tool the vast majority of us depend on tied entirely to Google and Apple is not just bad for the market, its also a downright threat to the national security of anyone not living in the US. Here in Europe, theres been an awakening lately, with governments, companies, and people alike finally realising that having our entire digital infrastructure controlled by foreign, adversarial interests is a terrible idea. Sadly, breaking free from our Android and iOS chains is not so easy. The most ideal solution would be a truly open source alternative smartphone operating system, but thats a hard sell for 99.9% of smartphone users who need the applications required to do their finances, talk to their friends, or interact with their governments. The cold and harsh truth is that with very few exceptions, these applications simply do not (yet) exist for smartphone operating systems that arent Android or iOS. The only viable alternative at this point in time is to take whatevers left of the Android Open Source Project, remove anything that ties it to Google and its services, fill in the gaps with alternative services and applications, and sell it as a Google-free or de-Googled Android platform. Theres several projects in this space, and with Europe drunkenly stumbling out of the technological hole it dug itself into, its no surprise that two of the more popular alternatives to Apple or Google-controlled smartphones come from Europe (and from the same country, no less). Today, were taking a look at one of these: iodéOS. Iodé is a company based in Toulouse, France, which focuses on offering a Google-free Android called iodéOS, either preinstalled on phones you can buy, or as a ROM you can install yourself on supported devices. As a company, iodé makes its money through selling devices with iodéOS preinstalled, through an optional premium subscription (that I didnt take a look at), and through donations, and all of their code is published as open source on their Gitlab instance hosted in France. Iodé loaned me a Fairphone 6 with iodéOS preinstalled, one of he many smartphones and tablets they sell through their online store for review. This isnt going to be an Android review; you already know what Android is like, and theres no need for me to rehash any of that. Instead, I want to focus on the things that make using de-Googled Android different from using Google Android. Dont be afraid of microG There are various ways to go about making a de-Googled Android variant, and iodéOS chose the LineageOS route, with microG installed on top. For those unaware, microG is a project which aims to replace the various proprietary parts of Google Play Services, required by many Android applications, with open source reimplementations. While it doesnt offer 100% compatibility, it works exceptionally well, and youll be hard-pressed to find applications just dont work at all with microG. IodéOS updates its microG installation through a dedicated F-Droid repository thats obviously enabled by default, so you dont have to do anything yourself. Using microG instead of Google Play Services doesnt mean you have to rely solely on whatevers available in F-Droid, since there are a variety of alternative Play Store frontends available. IodéOS ships with the Aurora Store, which is an open-source frontend to the Play Store that can be used with or without a Google account. If you use it with your Google account, youll gain access to whatever applications you already own, including paid ones, but you wont be able to buy applications inside Aurora. You can, however, buy an application on the Play Store website, after which it will show up in Aurora as well, assuming youre logged in with the same account. Aurora also comes with something something called FakeStore, which is sadly an important part of the puzzle; its a stub application that has the same package name as the real Play Store. Some applications check whether the Play Store is available before working properly, so this is sadly needed to ensure maximum compatibility. The only issue I sometimes ran into with Aurora is that it would load up its listings, but then any application I tapped on said it was unavailable. When this happened, reloading the Aurora application always fixed the issue. Annoying, but not gamebreaking. A few things did not work for me when using microG on iodéOS, and theyre exactly the things youd expect not to work. If you have a WearOS device, youre out of luck; WearOS devices simply do not work when using microG, but there is a bounty to add support for it. If you want to use a smartwatch with iodéOS, there are various options available, such as Garmin devices, which is what I used during my testing and it worked flawlessly. Another feature from regular! Android that simply wont work is RCS. Theres only one RCS client available on Android, Google Messages, and as you can imagine, Google is in no rush to allow devices without Google Play Services to register for and use RCS messaging. Tying to register with Google Messages will fail, and there are no other RCS clients available (save for a few China and India-specific clients). Theres a microG bounty for this, too, but no luck so far. Of course, there are countless messaging platforms that work just fine on iodéOS regular SMS, WhatsApp, Facebook Messenger, Signal, and so on and especially if youre European, its unlikely RCS support matters to you at all. I just dont
- Improved DEC Alpha emulator runs Windows 2000 for Alpha and OpenVMS and Tru64 with X11
Colour me positively surprised, as I had no idea Alpha emulation had progressed this much. As you might know, Im involved a bit in the OpenVMS community and the Alpha emulation side via AXPBox. AXPBox (github) is a fork of the es40 alpha emulator by Camiel Vanderhoeven (who is now Chief Architect at VSI, the company that makes OpenVMS, for x86 nowdays). There have been many forks of es40 in the past and recently a new one has popped up with some great new features. Like speedups via a JIT compiler, S3 graphics port from MAME and ARC support, resulting in the ability to run Windows 2000 for the DEC Alpha. ↫ Remy van Elst Not only can you run the unreleased Alpha version of Windows 2000 on this forked emulator, its also capable of running OpenVMS and Tru64 UNIX. In fact, both OpenVMS and Tru64 can run their full X11 CDE desktops on the emulator as well, which is incredibly cool and a huge milestone. As the name of the original emulator implies, its emulating an AlphaServer Es40 from the turn of the century, which should be fast enough for enthusiast use. The last AlphaStation ever made, the ES47, is still very high on my list of computers I desperately want but will never have they are incredibly rare, and whenever they do come up for sale, incredibly expensive. If you have one, consider yourself lucky, and please, write about it! Tell the world!
- LineageOS and Androids upcoming developer verification: what it is, and how it affects you
LineageOS, the de-Googled Android ROM that serves as the backbone for pretty much the entire custom Android ROM community, has published an article about what the Android developer verification changes mean for them. I really like the factual tone of their article, especially this part: Critics such as F-Droid, EFF, and “Keep Android Open” point out that this also happens to route every install path through Google-controlled infrastructure, hands Google a kill switch over any app or developer worldwide, and arrives shortly after Google’s antitrust lawsuits. Both things can be true at once: real fraud is a problem and the restriction of developers is a convenient side effect of solving it this way and we’re not in a position to pretend we know Google’s internal reasoning. We’re just telling you what they’ve said and what it changes; you can weigh the “why” yourself. ↫ Nolen Johnson on the LineageOS website For LineageOS, these new verification measures dont really mean much, as they dont affect the projects work or software. The developer verification infrastructure is a separate application that is part of Google Mobile Services, and LineageOS does not ship GMS nor does it ever intend to. As such, they dont have to do anything, as this wont be an issue unless LineageOS users choose to install a GApps package that happens to include the developer verification infrastructure. If Google were to move the developer verification infrastructure into Play Services in the future, LineageOS makes it clear theyll disable it globally, as they have done with a number of other annoying Play Services-provided over-the-air update implementations . There really isnt much more they can do; the rest is up to users and projects that use LineageOS as their base.
- Composite video on the NES: whys it so wobbly?
The Nintendo Entertainment System. Is it the platonic ideal of an 8-bit video game system? Well, only because it’s so prominent and successful– it’s actually kind of an oddball in its expandability and design. But there’s something else about it. The picture is a bit… wobbly. Well, over composite video anyway. Let’s dig in and learn a little big more about the nitty-gritty of composite video. ↫ Nicole Branagan As usual, the information density in this article by Branagan is kind of remarkable, especially when you consider it never overwhelms you. Such a great read.
- ReactOS implements very first NT6 system call
A fairly big moment for the ReactOS project: it has just received its very first system call from NT6. The system call that has been added is NtGetCurrentProcessorNumberEx, which is used for returning the processor number of the logical processor that a caller is running on. It’s unclear how long it will take ReactOS to become compatible with Windows Vista software, but it took Microsoft around half a decade to develop Vista after the release of XP and marked a major upgrade, even if it didn’t land well with users at the time. ↫ Paul Hill at Neowin Its a milestone for sure, but not one thats going to make a huge difference for ReactOS at this moment in time. Still, its a sign of things to come, even if the very nature of the ReactOS project means that whatever things are coming tend to take a while to arrive.
- Microsoft settles centuries of religious debate by providing clearest definition of hell to date: Windows with a website-based shell running only Copilot
For how often people invoke it, the concept of hell! in Christianity is remarkably vague and nebulous, as both the Old and New Testament barely go into detail about the concept. As such, Im glad Microsoft has now given us a clear vision of hell and what, exactly, it looks like, ending centuries of denominational disagreements. Microsoft is currently selling the idea of Windows and Copilot as two separate things: an OS and an assistant riding along on top of it. However, a leaked video shows Project Aion, an internal prototype where Copilot doesnt just sit inside Windows, it becomes Windows, swallowing the Start menu, the taskbar, and three decades of desktop conventions in the process. The footage is reportedly two years old, so Aion is most likely dead by now. But its the clearest look yet at how far Microsoft was willing to take its agentic AI ambitions. ↫ Alfonso Maruccia at Techspot Everything about this is dreadful. Obviously replacing the entire shell with AI! nonsense is the main crime against usability here, but on top of that, this new shell is all just websites, all the way down, so everything is slow and stuttery. Since this runs on something called Win3!, which appears to be a very minimal, stripped-down version of Windows intended to only run the Edge browser engine, you cant run Win32 applications. If you do try to run a Win32 application, it will load the application in a remote virtual machine running in the cloud, which I;m sure does wonder for performance, responsiveness, and latency. We can all thank the lord this project is two years old and most likely cancelled by now, but we have no way of knowing if Microsoft is still intending for this to be the future direction of Windows. Since people dont want to use AI! of their own volition, it only makes sense in the technology industrys sick, twisted mind to force people into using AI! with efforts like this. Consent has never been Silicon Valleys strength, after all. At the time of writing, Microsoft is 225 billion dollars in the red on AI!, so I wouldnt be surprised if attempts to replace the regular Explorer shell with something AI!-based is still very much on the table in Redmond.

- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem. What Is EU OS? EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments. The Vision Behind EU OS The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty. Conclusion EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here. Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1: 1. Linux ARM IDE Support Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started. 2. Web Drag and Drop One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required! 3. Direct App Store Publishing Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process. 4. New Desktop and Mobile Features This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection. 5. Performance and IDE Enhancements Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced. What Does This Mean for Developers? Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution. How to Get Started Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com. Final Thoughts With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you. Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem. Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca. Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers. kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement: Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring. ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners. LibreOffice

- Hannah Montana Linux Is Back!
Developer Noah Cagle decided the world needed the once obscure but beloved Linux distribution and gave it a decidedly pink refresh.
- Kubuntu Focus Goes Ultra
The Kubuntu Focus team has upped the performance ante of its M2 and Zr laptops with the latest, greatest CPUs from Intel.
- KDE Linux Drops AUR
KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.
|