Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All/All+Images) (Single Column)

LinuxSecurity - Security Advisories







LWN.net

  • [$] Debian Technical Committee overrides systemd change
    Debian packagers have a great deal of latitude when it comes to theconfiguration of the software they package; they may opt, for example,to disable defaultfeatures in software that they feel are a securityhazard. However, packagers are expected to ensure that their packagescomply with Debian Policy,regardless of the upstream's preferences. If a packager fails tocomply with the policy, the Debian TechnicalCommittee (TC) can step in to override them, which it hasdone in the case of a recent systemd change that broke severalprograms that depend on a world-writable /run/lockdirectory.


  • Four new stable kernels
    Greg Kroah-Hartman has announced the release of the 6.17.2, 6.16.12, 6.12.52, and 6.6.111 stable kernels. They each contain arelatively small set of important fixes. In addition: "Note, this is the LAST 6.16.y kernel release, this branch is nowend-of-life. Please move to the 6.17.y branch at this point in time."


  • Security updates for Monday
    Security updates have been issued by AlmaLinux (compat-libtiff3, iputils, kernel, open-vm-tools, and vim), Debian (asterisk, ghostscript, kernel, linux-6.1, and tiff), Fedora (cef, chromium, cri-o1.31, cri-o1.32, cri-o1.33, cri-o1.34, docker-buildx, log4cxx, mingw-poppler, openssl, podman-tui, prometheus-podman-exporter, python-socketio, python3.10, python3.11, python3.12, python3.9, skopeo, and valkey), Mageia (open-vm-tools), Red Hat (compat-libtiff3, kernel, kernel-rt, vim, and webkit2gtk3), and SUSE (distrobuilder, docker-stable, expat, forgejo, forgejo-longterm, gitea-tea, go1.25, haproxy, headscale, open-vm-tools, openssl-3, podman, podofo, ruby3.4-rubygem-rack, and weblate).


  • Kernel prepatch 6.18-rc1
    Linus has released 6.18-rc1 and closed themerge window for this development cycle. "This was one of the goodmerge windows where I didn't end up having to bisect any particular problemon [any] of the machines I was testing. Let's hope that success mostlytranslates to the bigger picture too."


  • [$] Enhancing FineIBT
    At the LinuxSecurity Summit Europe (LSS EU), Scott Constable and SebastianÖsterlund gave a talk on an enhancement to a control-flowintegrity (CFI)protection that was added to the kernel several years ago. The "FineIBT: Fine-grain Control-flowEnforcement with Indirect Branch Tracking" mechanism was merged forLinux 6.2 in early 2023 to harden the kernel against CFI attacks of varioussorts, but needed some fixes andenhancements more recently. The talk looked at the CFI vulnerabilityproblem, FineIBT, and an enhanced version that is hoped to be able to unifyall of the disparate hardware and software mitigations to address bothregular and speculative CFI vulnerabilities.


  • Security updates for Friday
    Security updates have been issued by Debian (redis and valkey), Fedora (docker-buildkit, ibus-bamboo, pgadmin4, webkitgtk, and wordpress), Mageia (kernel-linus, kmod-virtualbox & kmod-xtables-addons, and microcode), Oracle (compat-libtiff3 and udisks2), Red Hat (rsync), Slackware (python3), SUSE (chromium, cJSON, digger-cli, glow, go1.24, go1.25, go1.25-openssl, grafana, libexslt0, libruby3_4-3_4, pgadmin4, python311-python-socketio, and squid), and Ubuntu (dpdk, libhtp, vim, and webkit2gtk).


  • [$] Gccrs after libcore
    Despite its increasing popularity, the Rust programming language is stillsupported by a single compiler, the LLVM-based rustc. At the 2025 GNU ToolsCauldron, Pierre-Emmanuel Patry said that a lot of people are waitingfor a GCC-based Rust compiler before jumping into the language. Patry, whois working on just that compiler (known as "gccrs"), provided an update onthe status of that project and what is coming next.


  • [$] Last-minute /boot boost for Fedora 43
    Sudden increases in the size of Fedora's initramfsfiles have prompted the project to fast-track a proposal to increasethe default size of the /boot partition for new installs ofFedora 43 and later. The project has also walked back a fewchanges that have contributed to larger initramfs files, but theever-increasing size of firmware means that the need for more room isunavoidable. The Fedora Engineering Steering Council (FESCo) hasapproved a last-minute changejust before the final freeze for Fedora 43 to increase thedefault size of the /boot partition from 1GB to 2GB; thiswill leave plenty of space for kernels and initramfs images if a useris installing from scratch, but it is of no help for users upgradingfrom Fedora 42.


  • Ubuntu 25.10 released
    Ubuntu25.10, "Questing Quokka", has been released. This release includesLinux 6.17, GNOME 49, GCC 15, Python 3.13.7,Rust 1.85, and more. This release also features Rust-basedimplementations of sudo and coreutils; LWN covered the switch to theRust-based tools in March. The 25.10 version of Ubuntu flavorsEdubuntu, Kubuntu, Lubuntu, Ubuntu Budgie, Ubuntu Cinnamon, UbuntuKylin, Ubuntu MATE, Ubuntu Studio, and Xubuntu have alsobeen released.



  • Security updates for Thursday
    Security updates have been issued by AlmaLinux (gnutls, kernel, kernel-rt, and open-vm-tools), Debian (chromium, python-django, and redis), Fedora (chromium, insight, mirrorlist-server, oci-seccomp-bpf-hook, rust-maxminddb, rust-prometheus, rust-prometheus_exporter, rust-protobuf, rust-protobuf-codegen, rust-protobuf-parse, rust-protobuf-support, turbo-attack, and yarnpkg), Oracle (iputils, kernel, open-vm-tools, redis, and valkey), Red Hat (perl-File-Find-Rule and perl-File-Find-Rule-Perl), SUSE (expat, ImageMagick, matrix-synapse, python-xmltodict, redis, redis7, and valkey), and Ubuntu (fort-validator and imagemagick).


  • [$] LWN.net Weekly Edition for October 9, 2025
    Inside this week's LWN.net Weekly Edition:
    Front: Kernel Rust features; systemd v258, part 2; Cauldron kernel hackers; BPF for GNU tools; 6.18 merge window, part 1; Lifetime-end pointer zapping; Robot Operating System. Briefs: OpenSSH 10.1; Firefox profiles; Python 3.14; U-Boot v2025.10; FSF presidency; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.


  • Better profile management coming to Firefox
    Firefox has long had support for multiple profilesto store personal information such as bookmarks, passwords, and userpreferences. However, Firefox did not make profiles particularlydiscoverable or easy to manage. That is about to change; Mozilla hasannouncedthat it is launching a profile-management feature that will make iteasier to create and switch between profiles. According to the supportpage for the feature, it will be rolled out to users graduallybeginning on October 14.



  • [$] Upcoming Rust language features for kernel development
    TheRust for Linux project has been good for Rust, Tyler Mandry, one of theco-leads of Rust's language-design team, said. Hegave a talk atKangrejos 2025 covering upcoming Rust language features and thankingthe Rust for Linux developers for helping drive them forward. Afterward, Benno Lossin and Xiangfei Dingwent into more detail about their work on the three most important languagefeatures for kernel development: field projections, in-place initialization, and arbitrary self types.


  • Security updates for Wednesday
    Security updates have been issued by Fedora (apptainer, civetweb, mod_http2, openssl, pandoc, and pandoc-cli), Oracle (kernel), Red Hat (gstreamer1-plugins-bad-free, iputils, kernel, open-vm-tools, and podman), SUSE (cairo, firefox, ghostscript, gimp, gstreamer-plugins-rs, libxslt, logback, openssl-1_0_0, openssl-1_1, python-xmltodict, and rubygem-puma), and Ubuntu (gst-plugins-base1.0, linux-aws-6.8, linux-aws-fips, linux-azure, linux-azure-nvidia, linux-gke, linux-nvidia-tegra-igx, and linux-raspi).


  • Python 3.14.0 released
    Version3.14.0 of the Python language has been released. There are a lot ofchanges this time around, including official support for free threading, template string literals, and much more; seethe announcement for details.



LXer Linux News

  • How to Upgrade LMDE 6 to LMDE 7
    In this tutorial, I will show you how to upgrade your existing LMDE (Linux Mint Debian Edition) 6 “Faye” installations to the latest LMDE (Linux Mint Debian Edition) 7 “Gigi” release.


  • ReactOS Making Progress On Windows WDDM Driver Support
    The ReactOS project that continues striving toward being an "open-source Windows" ABI compatible operating system has been seeing some activity recently around supporting Windows Display Driver Model (WDDM) display drivers as the newer evolution of XDDM drivers...



  • UK waves 750M supercomputer contract at HPC builders
    Pre-market charm offensive begins for Edinburgh's next national number-cruncherThe British government is putting out feelers to industry ahead of the procurement process for the country's most powerful supercomputer, set to begin next year.…









  • 9to5Linux Weekly Roundup: October 12th, 2025
    The 261st installment of the 9to5Linux Weekly Roundup is here for the week ending on October 12th, 2025, keeping you updated with the most important things happening in the Linux world.





  • Compact M5Stack Unit C6L Integrates RISC-V ESP32-C6 and SX1262 for LoRa Meshtastic Use
    The M5Stack Unit C6L is a compact LoRa module featuring the ESP32-C6 SoC and SX1262 transceiver. It supports 868 to 923 MHz operation for private LoRa networks with Meshtastic compatibility and options for custom development. The ESP32-C6 integrates a dual RISC-V architecture consisting of a high-performance 32-bit core running at 160 MHz and a low-power […]


  • How to Easily Add a Live Wallpaper on KDE Plasma 6
    In this tutorial, I’ll show you how to add a live wallpaper on KDE Plasma 6 using a video from the internet. We’ll turn a regular video into a dynamic desktop wallpaper, making your Plasma desktop look more lively and interesting.





Linux Insider"LinuxInsider"












Slashdot

  • Software Update Bricks Some Jeep 4xe Hybrids Over the Weekend
    An anonymous reader quotes a report from Ars Technica: Owners of some Jeep Wrangler 4xe hybrids have been left stranded after installing an over-the-air software update this weekend. The automaker pushed out a telematics update for the Uconnect infotainment system that evidently wasn't ready, resulting in cars losing power while driving and then becoming stranded. Stranded Jeep owners have been detailing their experiences in forum and Reddit posts, as well as on YouTube. The buggy update doesn't appear to brick the car immediately. Instead, the failure appears to occur while driving -- a far more serious problem. For some, this happened close to home and at low speed, but others claim to have experienced a powertrain failure at highway speeds. Jeep pulled the update after reports of problems, but the software had already downloaded to many owners' cars by then. A member of Stellantis' social engagement team told 4xe owners at a Jeep forum to ignore the update pop-up if they haven't installed it yet. Owners were also advised to avoid using either hybrid or electric modes if they had updated their 4xe and not already suffered a powertrain failure. Yesterday, Jeep pushed out a fix.


    Read more of this story at Slashdot.


  • Carmakers Chose To Cheat To Sell Cars Rather Than Comply With Emissions Law, 'Dieselgate' Trial Told
    Car manufacturers decided they would rather cheat to prioritise "customer convenience" and sell cars than comply with the law on deadly pollutants, the first day of the largest group action trial in English legal history has been told. From a report: More than a decade after the original "dieselgate" scandal broke, lawyers representing 1.6 million diesel car owners in the UK argue that manufacturers deliberately installed software to rig emissions tests. They allege the "prohibited defeat devices" could detect when the cars were under test conditions and ensure that harmful NOx emissions were kept within legal limits, duping regulators and drivers. Should the claim be upheld, estimated damages could exceed $8 billion. The three-month hearing that opened at London's high court on Monday will focus on vehicles sold by five manufacturers -- Mercedes, Ford, Renault, Nissan and Peugeot/Citroen -- from 2009. In "real world" conditions, when driven on the road, lawyers argue, the cars produced much higher levels of emissions. The judgment on the five lead defendants will also bind other manufacturers including Jaguar Land Rover, Vauxhall/Opel, Volkswagen/Porsche, BMW, FCA/Suzuki, Volvo, Hyundai-Kia, Toyota and Mazda, whose cases are not being heard to reduce the case time and costs.


    Read more of this story at Slashdot.


  • TP-Link Makes History With First Successful Wi-Fi 8 Connection
    BrianFagioli writes: TP-Link has officially achieved the first successful Wi-Fi 8 connection using a prototype device built through an industry collaboration. The company confirmed that both the beacon and data throughput worked, marking a real-world validation of next-generation wireless tech. It's an early glimpse of what the next leap in speed and reliability could look like, even as the Wi-Fi 8 standard itself remains under development. The Verge adds: Like its predecessor, Wi-Fi 8 will utilize 2.4GHz, 5GHz, and 6GHz bands with a theoretical maximum channel bandwidth of 320MHz and peak data rate of 23Gbps, but aims to improve real-world performance and connection reliability. The goal is to provide better performance in environments with low signal, or under high network loads, where an increasing number of devices are sharing the same connection.


    Read more of this story at Slashdot.


  • China Is Shipping More Open AI Models Than US Rivals as Tech Competition Shifts
    Chinese companies now produce most of the world's freely available AI models. DeepSeek leads Hugging Face in popularity. Chinese firms like Alibaba receive higher ratings than OpenAI and Meta on LMArena. The site uses blind tests to measure user preferences. Chinese developers ship open models more frequently than American rivals. Irene Solaiman is chief policy officer at Hugging Face. She said Chinese companies build their user base by shipping frequently and quickly. American companies like OpenAI and Google keep their best models proprietary. Meta once led in open AI models. Mark Zuckerberg argued last year that the world would benefit if AI companies shared their technology freely. He pledged Meta would release its AI openly. The company has since become more cautious. Zuckerberg wrote in a new essay that Meta might need to keep the best models for itself.


    Read more of this story at Slashdot.


  • Three New California Laws Target Tech Companies' Interactions with Children
    California Governor Gavin Newsom signed three bills on Monday that establish the nation's most comprehensive framework for regulating how technology companies interact with minors. AB 56 requires social media platforms to display health warnings to users under 18. A child must view a skippable ten-second warning upon logging on each day. An unskippable thirty-second warning must appear if a child spends more than three hours on a platform. That warning repeats after each additional hour. The warnings must state that social media "can have a profound risk of harm to the mental health and well-being of children and adolescents." Minnesota passed a similar law in July. SB 243 makes California the first state to regulate AI companion chatbots. The law takes effect January 1, 2026. Companies must implement age verification and disclose that interactions are artificially generated. Chatbots cannot represent themselves as healthcare professionals. Companies must offer break reminders to minors and prevent them from viewing sexually explicit images. The legislation gained momentum after teenager Adam Raine died by suicide following conversations with OpenAI's ChatGPT. A Colorado family filed suit against Character AI after their daughter's suicide following problematic conversations with the company's chatbots. AB 1043 requires device-makers like Apple and Google to collect birth dates when parents set up devices for children. Device-makers must group users into four age brackets and share this information with apps. Google, Meta, OpenAI, and Snap supported the bill. The Motion Picture Association opposed it.


    Read more of this story at Slashdot.


  • Does the Internet Have a Philly Accent? Why Too Much Time Online Can Make You 'Culturally Philadelphian.'
    Philadelphia culture has become inescapable in certain corners of the internet. People who spend substantial time online report developing knowledge of the city's cultural touchstones and forming opinions about its regional debates despite minimal or no physical presence there, according to a new report. The phenomenon has prompted a theory: prolonged exposure to these digital spaces can make someone spiritually and culturally Philadelphian regardless of geography. Several factors explain Philadelphia's outsized online presence. The city is large but retains a small-town sensibility. Its residents wake earlier than West Coast users and can set the daily online agenda. Philadelphia sports teams have performed well for twenty-five years. The internet rewards visual absurdity and energetic presentation. Gritty functions as both hockey mascot and anti-fascist meme. The city's working-class union identity and reliably anti-Trump stance align with leftist online communities. The alternative explanation is simpler: Philadelphians believe their city dominates conversation and find confirming evidence everywhere they look. The internet may not have made Philadelphia bigger. It may have just made Philadelphians easier to find.


    Read more of this story at Slashdot.


  • Earth's Climate Has Passed Its First Irreversible Tipping Point and Entered a 'New Reality'
    Climate change has pushed warm-water coral reefs past a point of no return, marking the first time a major climate tipping point has been crossed, according to a report released on Sunday by an international team in advance of the United Nations Climate Change Conference COP30 in Brazil this November. From a report: Tipping points include global ice loss, Amazon rainforest loss, and the possible collapse of vital ocean currents. Once crossed, they will trigger self-perpetuating and irreversible changes that will lead to new and unpredictable climate conditions. But the new report also emphasizes progress on positive tipping points, such as the rapid rollout of green technologies. "We can now say that we have passed the first major climate tipping point," said Steve Smith, the Tipping Points Research Impact Fellow at the Global Systems Institute and Green Futures Solutions at the University of Exeter, during a media briefing on Tuesday. "But on the plus side," he added, "we've also passed at least one major positive tipping point in the energy system," referring to the maturation of solar and wind power technologies. The world is entering a "new reality" as global temperatures will inevitably overshoot the goal of staying within 1.5C of pre-industrial averages set by the Paris Climate Agreement in 2015, warns the Global Tipping Points Report 2025, the second iteration of a collaboration focused on key thresholds in Earth's climate system.


    Read more of this story at Slashdot.


  • The Pope Urges Vigilance About Who Controls AI
    An anonymous reader shares a report: Last week, sounding like a digital media consultant, Pope Leo XIV urged reporters to avoid "the degrading practice of so-called clickbait." He was addressing global news agencies at a gathering in Vatican City about the risks of a post-truth world, with a speech that also doubled as a severe societal warning about the dangers of AI. "Artificial intelligence is changing the way we receive information and communicate, but who directs it and for what purposes?" the pontiff said, according to Reuters. "We must be vigilant in order to ensure that technology does not replace human beings."


    Read more of this story at Slashdot.


  • OpenAI, Broadcom Forge Multibillion-Dollar Chip-Development Deal
    OpenAI and Broadcom are working together to develop and deploy 10 gigawatts of custom AI chips and computing systems over the next four years, a high-profile partnership aimed at satisfying some of the startup's immense computing needs. From a report: OpenAI plans to design its own graphics processing units, or GPUs, which will allow it to integrate what it has learned from developing powerful artificial-intelligence models into the hardware that underpins future systems. As part of the agreement announced Monday, the chips will be co-developed by OpenAI and Broadcom and deployed by the chip company starting in the second half of next year. The new agreement will be worth multiple billions of dollars, people familiar with the matter said. Broadcom specializes in designing custom AI chips that are specifically tailored to certain artificial-intelligence applications. It began working with OpenAI on creating a custom chip 18 months ago, and the companies broadened their partnership to include work on related components, including server racks and networking equipment.


    Read more of this story at Slashdot.


  • Hollywood Demands Copyright Guardrails from Sora 2 - While Users Complain That's Less Fun
    Enthusiasm for Sora 2 "wasn't shared in Hollywood," reports the Los Angeles Times, "where the new AI tools have created a swift backlash" that "appears to be only just the beginning of a bruising legal fight that could shape the future of AI use in the entertainment business."[OpenAI] executives went on a charm offensive last year. They reached out to key players in the entertainment industry — including Walt Disney Co. — about potential areas for collaboration and trying to assuage concerns about its technology. This year, the San Francisco-based AI startup took a more assertive approach. Before unveiling Sora 2 to the general public, OpenAI executives had conversations with some studios and talent agencies, putting them on notice that they need to explicitly declare which pieces of intellectual property — including licensed characters — were being opted-out of having their likeness depicted on the AI platform, according to two sources familiar with the matter who were not authorized to comment. Actors would be included in Sora 2 unless they opted out, the people said. OpenAI disputes the claim and says that it was always the company's intent to give actors and other public figures control over how their likeness is used. The response was immediate.... [Big talent agencies objected, along with performers' unions and major studios.] "Decades of enforceable copyright law establishes that content owners do not need to 'opt out' to prevent infringing uses of their protected IP," Warner Bros. Discovery said in a statement... The strong pushback from the creative community could be a strategy to force OpenAI into entering licensing agreements for the content they need, legal experts said... One challenge is figuring out a way that fairly compensates talent and rights holders. Several people who work within the entertainment industry ecosystem said they don't believe a flat fee works. Meanwhile, "the complete copyright-free-for-all approach that OpenAI took to its new AI video generation model, Sora 2, lasted all of one week," writes Gizmodo. But that means the service has "now pissed off its users."As 404 Media pointed out, social channels like Twitter and Reddit are now flooded with Sora users who are angry they can't make 10-second clips featuring their favorite characters anymore. One user in the OpenAI subreddit said that being able to play with copyrighted material was "the only reason this app was so fun." Futurism published more reactions, including ""It's official, Sora 2 is completely boring and useless with these copyright restrictions."Others accused OpenAI of abusing copyright to hype up its new app. "This is just classic OpenAI at this point," another user wrote. "They do this s*** all the time. Let people have fun for a day or two and then just start censoring like crazy." The app now has a measly 2.9-star rating on the App Store, indicative of growing disillusionment and frustration with censorship... [It's not dropped to 2.8.] In an apparent effort to save face, Altman claimed this week that many copyright holders are actually begging to have their characters appear on Sora, instead of complaining about the trend. "In the case of Sora, we've heard from a lot of concerned rightsholders and also a lot of rightsholders who are like 'My concern is you won't put my character in enough,'" he told the a16z podcast earlier this week. "So I can completely see a world where subject to the decisions that a rightsholder has, they get more upset with us for not generating their character often enough than too much," he added. Whether most rightsholders would agree with that sentiment remains to be seen. Business Insider offers another reaction. After watching Sora 2's main public feed, they write that Sora 2 "seems to be overrun with teenage boys."


    Read more of this story at Slashdot.


  • Flatpak Doesn't Work in Ubuntu 25.10, But a Fix is Coming
    "It's not just you: Flatpak flat-out doesn't work in the new Ubuntu 25.10 release," writes the blog OMG Ubuntu:While Flatpak itself can be installed using apt, trying to install Flatpaks with Flatpak from the command-line throws a "could not unmount revokefs-fuse filesystem" error, followed by "Child process exited with code 1". For those who've installed the Ubuntu 'Questing Quokka' and wanted to kit it out with their favourite software from Flathub, it's a frustrating road bump. AppArmor, the tool that enforces Ubuntu's security policies for apps, is causing the issue. According to the bug report on Launchpad, the AppArmor profile for fusermount3 lacks the privileges it needs to work properly in Ubuntu 25.10. Fusermount3 is a tool Flatpak relies on to mount and unmount filesystems... This is a bug and it is being worked on. Although there's no timeframe for a fix, it is marked as critical, so will be prioritised. The bug was reported in early September, but not fixed in time for this week's Ubuntu 25.10 release, reports Phoronix:Only [Friday] an updated AppArmor was pushed to the "questing-proposed" archive for testing. Since then... a number of users have reported that the updated AppArmor from the proposed archive will fix the Flatpak issues being observed. From all the reports so far it looks like that proposed update is in good shape for restoring Flatpak support on Ubuntu 25.10. The Ubuntu team is considering pushing out this update sooner than the typical seven day testing period given the severity of the issue. More details from WebProNews:Industry insiders point out that AppArmor, Ubuntu's mandatory access control system, was tightened in this release to enhance security... This isn't the first time AppArmor has caused friction; similar issues plagued Telegram Flatpak apps in Ubuntu 24.04 LTS earlier this year, as noted in coverage from OMG Ubuntu.


    Read more of this story at Slashdot.


  • California Will Stop Using Coal as a Power Source Next Month
    An anonymous reader shared this excerpt from a Los Angeles Times newsletter:One of the most consequential moments in California's drive to beat back climate change will take place next month. The state will stop receiving electricity from the Intermountain Power Plant in Central Utah, meaning our reliance on coal as a source of power will essentially be over... [T]he U.S. got nearly half its electricity from coal-fired plants as recently as 2007. By 2023, that figure had dropped to just 16.2%. California drove an even more dramatic shift, getting just 2.2% of its electricity from coal in 2024 — nearly all of it from the Intermountain plant. Operators plan to cut off that final burst of ions next month. "And with improved technology to store power, the change has been made without the power shortages that dogged the state up until 2020..."


    Read more of this story at Slashdot.


  • Why GPS Fails In Cities. And What Researchers Think Could Fix It
    ScienceDaily reports:Our everyday GPS struggles in "urban canyons," where skyscrapers bounce satellite signals, confusing even advanced navigation systems. Norwegian University of Science and Technology (NTNU) scientists created SmartNav, combining satellite corrections, wave analysis, and Google's 3D building data for remarkable precision. Their method achieved accuracy within 10 centimeters during testing [90% of the time]. The breakthrough could make reliable urban navigation accessible and affordable worldwide... "Cities are brutal for satellite navigation," explained Ardeshir Mohamadi. Mohamadi, a doctoral fellow at NTNU, is researching how to make affordable GPS receivers (like those found in smartphones and fitness watches) much more precise without depending on expensive external correction services.


    Read more of this story at Slashdot.


  • Russia Accused of Severing Ukrainian Nuclear Power Plant's Link, as Energy Remains a 'Key Battleground'
    It's the largest nuclear power plant in Europe. But "Ukraine's foreign minister accused Russia on Sunday of deliberately severing the external power line to the Russian-held Zaporizhzhia nuclear power station," reports Reuters, "in order to link the plant to Moscow's power grid."Ukrainian Foreign Minister Andrii Sybiha said Moscow was attempting to test a reconnection to Russia's grid. Ukraine has long feared that Moscow would try to redirect the plant's output to its grid. But Russian officials have denied any intention of trying to restart the plant, seized by Moscow's forces in the early weeks of the February 2022 invasion of Ukraine. The plant produces no electricity at the moment, but has been without an external electricity source for nearly three weeks. Officials have relied on emergency diesel generators to secure the power needed to keep the fuel cool inside the facility and guard against a meltdown. "Russia intentionally broke the plant's connection with the Ukrainian grid in order to forcefully test reconnection with the Russian grid," Sybiha wrote on X in English. He denounced the "attempted theft of a peaceful Ukrainian nuclear facility".... Each side has accused the other of shelling that caused the line outage. Russia's continued occupation of the Zaporizhzhia nuclear power plant deprived Ukraine of a quarter of its generating capacity, according to a report from the Brookings Institute — calling Ukraine's energy sector "a key battleground" in the war.The Russian invasion began on the very day that Ukraine launched its so-called island test. This involved completely isolating the Ukrainian and Moldovan power systems from their neighbors to check whether the system was stable. This is a mandatory procedure prior to synchronization with the European grid... Despite this, Ukraine managed not only to militarily defend itself but also to maintain grid stability in wartime conditions and implement all the solutions necessary for an unprecedented synchronization on March 16, 2022. In 2022 a former commissioner of the U.S. Nuclear Regulatory Commission (from 1998 to 2007) even argued in the Wall Street Journal that "An unappreciated motive for Russia's invasion of Ukraine is that Kyiv was positioning itself to break from its longtime Russian nuclear suppliers..."At the time of the invasion, Westinghouse supplied fuel to six of the 15 [Ukrainian] nuclear reactors and could displace the Russians in all of them. The U.S. government had been highly supportive of this effort, and these fuel contracts represented hundreds of millions of dollars in yearly lost sales to Atomstroyexport [a nuclear exporter that's a subsidiary of Russian state corporation Rosatom]. By seizing the nuclear plants, Russia is able to retake the market for Ukrainian nuclear fuel. Most important, Westinghouse, with support from the U.S., was in a position to build nuclear reactors in Ukraine over the next two decades. On Aug. 31, 2021, Energy Secretary Jennifer Granholm and her Ukrainian counterpart, Herman Halushchenko, signed a strategic cooperation agreement to build five nuclear units with a value, according to the World Nuclear Association, of more than $30 billion. The timing is telling. In November 2021, Ukraine's leaders signed a deal with Westinghouse to start construction on what they hoped would be at least five nuclear units — the first tranche of a program that could more than double the number of plants in the country, with a potential total value approaching $100 billion. Ukraine clearly intended that Russia receive none of that business. Brookings looks at how Ukraine's energy sector has fared during the war:The Ukrainian energy sector was designed to be oversized with significant redundancy in order to meet huge Soviet-era industrial demand as well as to make it more resilient to a future world war... A radical change did not occur until 2014, when Ukrainians overthrew the pro-Russian president, Viktor Yanukovych. In the decade since then, Ukraine has pursued a policy of European Union (EU) integration with determination and without interruption... The real prospect of an improvement in the quality of life and development of Ukraine through integration with the EU and NATO was unacceptable to Russia, which first annexed Crimea and covertly attacked the Ukrainian Donbas, before launching a full-scale invasion of Ukraine on February 24, 2022. Russia's in-depth knowledge of the Ukrainian power system, dating back to the Soviet Union, was used to carry out a well-planned operation to cut off electricity to Ukrainians. The aim was to break the morale of Ukrainians to continue defending themselves and to collapse the economy so that it could not support the Ukrainian military effort. Ironically, however, the size of the energy system, which had been scaled up in case of war, and the enormous Western support, unexpectedly ensured its resilience to Russian attacks. Although they note that "During the first two years of the war, Russia fired nearly 2,000 missiles and drones at Ukrainian energy infrastructure... " And this week in Ukraine, damage to substations, power plants and oil depot temporarily cut off electricity for hundreds of thousands of Ukrainian homes and businesses, reports the UN. "As colder weather sets in, strikes on critical infrastructure are deepening humanitarian needs," warned a UN spokesperson on Thursday...


    Read more of this story at Slashdot.


  • AMD Amps Up Chip War - But Nvidia's Still Leading
    The Wall Street Journal marvelled at AMD's "game-changing deal" this week with OpenAI, calling it "the culmination of an extraordinary, decade-long turnaround effort, solidifying AMD's status as Nvidia's most legitimate competitor."Shortly after taking charge of the company in 2014, [CEO] Su implemented a systematic plan to eat Intel's lunch, which she accomplished by going after Intel's main product lines while it was bogged down by manufacturing problems. Now, Su has set her sights on Nvidia, the $4.5 trillion chips behemoth led by her cousin, Jensen Huang. Some analysts believe that if Su can sign up more big customers for its AI chips, AMD could join the $1 trillion valuation club before too long. "With this, it's natural to ask: Did AMD just say checkmate to Nvidia?" asks the Motley Fool investment site. But their answer seems to be "no"...AMD has increased its push into the AI market over the past few years, launching the AMD Instinct line of accelerators, and in the latest quarter, predicted its MI350 series would drive revenue growth in the second half of the year. Some analysts have said that AMD's innovations position it to compete with Nvidia's Blackwell architecture and chip — released late last year — but Nvidia's commitment to release upgrades on an annual basis could keep it a step ahead when it comes to overall GPU performance and therefore revenue. Big tech companies are looking for the most powerful compute available — and so far, they know they can find that at Nvidia... [AMD's deal this week] is indeed an interesting operation, ensuring the company a major position in this infrastructure scale-up phase. [Nvidia CEO] Huang has said AI infrastructure spending may reach $4 trillion by the end of the decade, and this represents an enormous opportunity for chip designers such as AMD and Nvidia. So, the OpenAI deal is positive for AMD — but I wouldn't say it's negative for Nvidia. This chip giant signed its own deal with OpenAI last month, and it involves the deployment of 10 gigawatts of Nvidia systems across data centers... A quick comparison of the two deals: The Nvidia-OpenAI agreement involves more gigawatts, and Nvidia isn't giving up a stake in its business — on top of this, though Nvidia is offering OpenAI funding, this will result in revenue growth as OpenAI returns to Nvidia to order GPUs. This pretty much guarantees that Nvidia will be the chip designer to benefit the most as OpenAI expands — and AMD isn't about to step ahead of the market leader. All of this means that, yes, AMD should score a win thanks to its agreement with OpenAI and this may boost its growth in the market. But the chip designer can't say "checkmate" to its bigger rival as Nvidia is perfectly positioned to maintain its lead over the long term.


    Read more of this story at Slashdot.


The Register


  • Bose kills SoundTouch: Smart speakers go dumb in Feb
    Cloud support to be ditched on older hardware, customers left with pricey paperweights
    Audio equipment biz Bose is discontinuing cloud support for its SoundTouch product line, effectively reducing the premium devices to basic speakers with limited functionality.…



  • Broadcom cozies up to OpenAI for 10 GW custom chip love-in
    Every human deserves their own accelerator, says ChatGPT creator
    Broadcom has cuddled up with OpenAI as the ChatGPT outfit looks for ever more help building out the vast infrastructure it needs to deliver on its dreams of advanced intelligence – and possibly even a profit some day.…



  • Bun 1.3 stuffs everything and kitchen sink into JS runtime
    All-in-one toolkit or over-ambitious feature creep? You decide
    Version 1.3 of the Bun JavaScript runtime and toolkit has landed, pushing forward the project's goal to consolidate fragmented JavaScript toolchains into a single solution. Yet the rapid expansion has some developers questioning whether Bun is trying to do too much, too fast.…





  • SpaceX limbers up for Starship flight 11 as launch pad faces retirement
    Another flawless demonstration or unplanned explosion await
    SpaceX is counting down to today's 11th flight test of its monster Starship rocket, with weather looking suitable for the opening of the launch window at 18:15 CT (or around 17:00 CT, if the company's billionaire boss is to be believed).…



  • China probes Qualcomm's Autotalks deal amid rising US trade tensions
    Beijing insists it's business as usual – Washington might see it differently
    China's competition regulator has launched an investigation into Qualcomm's purchase of Israeli firm Autotalks, the latest salvo in the escalating tech trade war between Washington and Beijing.…





  • Dutch government puts Nexperia on a short leash over chip security fears
    Minister invokes powers to stop firm shifting knowledge to China, citing governance shortcomings
    The Dutch government has placed Nexperia - a Chinese-owned semiconductor company that previously operated Britain's Newport Wafer Fab — under special administrative measures, citing serious governance failures that threaten European tech security.…


  • We're all going to be paying AI's Godzilla-sized power bills
    Even if you never use it, you'll be paying for it thanks to datacenters' never-ending hunger for electricity
    Opinion When I was a wet-behind-the-ears developer running my programs on an IBM 360, a mainframe that was slower than a Raspberry Pi Zero W, my machine used about 50 kilowatts (kW). I thought that was a lot of power. Little did I know what was coming.…


  • Senators try to save cyber threat sharing law, sans government funding
    Also, DraftKings gets stuffed, Zimbra collab software exploited again, and Apple bug bounties balloon
    in brief A bipartisan Senate duo has introduced a bill to revive and extend America's cyber threat-sharing law for another ten years after its authorization lapsed during the government shutdown.…



  • Arduino has a new job selling chips for its new owner. Let's not pretend otherwise
    Getting swallowed by a whale is a life-changing event no matter what the whale says
    Opinion The successful, sector-defining, open source Italian embedded platform provider Arduino had a little bash in Turin recently. It made a few announcements, including a new single-board computer (SBC) with a Qualcomm system on a chip (SoC). Oh, and that it had been bought by American dragon-themed mobile chip monster Qualcomm in a deal with total fealty (WTF).…


  • UK waves £750M supercomputer contract at HPC builders
    Pre-market charm offensive begins for Edinburgh's next national number-cruncher
    The British government is putting out feelers to industry ahead of the procurement process for the country's most powerful supercomputer, set to begin next year.…




  • Weird ideas welcome: VC fund looking to make science fiction factual
    Nuclear power is getting hot, but don't hold your breath for everlasting batteries
    A venture capital fund is looking for ideas that are out of bounds for traditional investors, seeding technology that may only come to fruition decades down the line, but where researchers can show real results in the lab.…


  • Who gets a Mac at work? Here's how companies decide
    You can't always get what you want
    Most corporate laptop fleets consist primarily of PCs. However, there’s always a contingent of users who beg for Macs. Deciding who gets a Mac in your organization involves balancing IT’s need for simplicity, finance’s requirement to keep costs under control, and users’ desire to work with their preferred tools.…






  • Kyndryl sued for firing non-white workers, disabled vet
    Security team cuts allegedly targeted workers based on race, national origin, age, and whistleblowing
    Five former members of Kyndryl's internal IT security team have sued the IBM spinoff alleging that they were terminated as part of a campaign targeting employees based on their race, national origin, age, disability, and whistleblowing activities.…





  • Pro-Russia hacktivist group dies of cringe after falling into researchers' trap
    Forescout's phony water plant fooled TwoNet into claiming a fake cyber victory – then it quietly shut up shop
    Security researchers say they duped pro-Russia cybercriminals into targeting a fake critical infrastructure organization, which the crew later claimed - via their Telegram group - to be a real-world attack.…


  • Climate goals go up in smoke as US datacenters turn to coal
    High gas prices and surging AI demand send operators back to the dirtiest fuel in the stack
    US datacenters are experiencing a significant shift toward coal-powered energy due to elevated natural gas prices and rapidly growing electricity demand.…













  • Amazon's Quick Suite is like agentic AI training wheels for enterprises
    Slow down there Andy; you wouldn't want to bump into any hallucinations
    Despite ongoing concerns over the accuracy, reliability, and trustworthiness of AI in the enterprise, Amazon believes that if it can just make building agents easier for the average worker, they'll be automating the boring parts of their job in no time.…


  • Google rearranges Agentspace into Gemini Enterprise
    A new spin on workflow automation as Chocolate Factory tries to displace Microsoft as the enterprise go-to
    Google on Thursday announced the launch of Gemini Enterprise, a platform for automating business workflows using the company's Gemini family of machine learning models.…


  • Crims had 3-month head start on defenders in Oracle EBS invasion
    The miscreants started their attack all the way back on July 10
    The raid on Oracle E-Business Suite (EBS) likely began as early as July - about three months before any public detections - with extortionists compromising "dozens" of organizations, a Google investigation has determined.…




Linux.com






  • Xen 4.19 is released
    Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog

    The post Xen 4.19 is released appeared first on Linux.com.


  • Advancing Xen on RISC-V: key updates
    At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]

    The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.



  • AI Produces Data-driven OpenFOAM Speedup (HPC Wire)
    Researchers from TU Darmstadt, TU Dresden, Hewlett Packard Enterprise (HPE), and Intel have developed advanced applications that combine HPC simulations with AI techniques using the open-source computational fluid dynamics solver OpenFOAM and the HPE-led SmartSim AI/ML library. These applications show promise for improving the accuracy and capabilities of traditional scientific and engineering modelling with data-driven [0]

    The post AI Produces Data-driven OpenFOAM Speedup (HPC Wire) appeared first on Linux.com.



Phoronix

  • Intel Lands Big Linux GPU Driver Fix: Fixing Rendering Issues & Game Hangs/Crashes
    Problematic code dating back to 2017 has now been reverted within the Intel open-source Mesa driver code that led to various games having rendering/corruption issues as well as various hangs and crashes in other games. This affected a variety of Intel graphics hardware and software while now has finally been tracked down with the problematic code removed. This is a big improvement for Linux gamers on Intel graphics...


  • AMD Dev Proposes Dynamic Mitigations For Linux: Run-Time Toggling Of CPU Mitigations
    A big patch series was posted today for the Linux kernel that would allow enabling/disabling CPU security mitigations at run-time rather than the current handling that can only be managed at boot-time via various Linux kernel command-line arguments. Thus due to changing security needs, differing workloads mandating different CPU security concerns and the like, this proposed feature would allow Spectre, Meltdown, and other CPU security mitigations to all be toggled at run-time...


  • Linux Patches Updated For Apple Silicon USB3 Support
    While more code enabling Apple Silicon is reaching the mainline Linux kernel, a lot of important functionality so far remains under development or out-of-tree in the downstream Asahi Linux repository. One piece that's quite important for modern computing and still working its way to the mainline kernel is enabling USB3 functionality with Apple Silicon devices on Linux...






  • Intel Removing AMX-TRANSPOSE From The GCC Compiler
    One year ago updated Intel documentation noted AMX-TRANSPOSE as one of the new ISA additions for Diamond Rapids. But in updated Intel architecture documentation last month, it oddly removed all references to AMX-TRANSPOSE. Confirming that the Advanced Matrix Extensions (AMX) addition for TRANSPOSE is now dead, an Intel engineer posted a patch to remove AMX-TRANSPOSE from the GCC compiler...


  • ReactOS Making Progress On Windows WDDM Driver Support
    The ReactOS project that continues striving toward being an "open-source Windows" ABI compatible operating system has been seeing some activity recently around supporting Windows Display Driver Model (WDDM) display drivers as the newer evolution of XDDM drivers...



  • Blender Experimenting With Vulkan Ray Queries
    As part of Blender continuing to build out the Vulkan API capabilities for this open-source 3D modeling software, a proof of concept merge request was opened for beginning to make use of Vulkan ray queries...





  • Linux Patches Posted For Microsoft9s ACPI Fan Extensions
    Patches were posted this week for implementing Microsoft's extensions around the ACPI fan device for allowing the operating system to set fan speed trip points. In turn this should help some HP systems and likely other OEMs too in getting fan information working under Linux...







  • Intel XPU Manager Deprecates Data Center GPU Max Series & GPU Flex Series
    Last week during the Intel Tech Tour in Arizona, the Intel XPU Manager 1.3.3 software was released. Intel XPU Manager is a management and monitoring tool focused on Intel data center GPUs for simplifying administration, reliability, and maximizing utilization. Somewhat surprisingly, the Intel XPU Manager now deprecated the Data Center GPU Max Series as well as the Data Center GPU Flex Series...


  • Intel Simplifying P-State Driver9s Energy Model For Newer Core Ultra CPUs
    Intel engineer and Linux power management subsystem maintainer Rafael Wysocki posted a set of patches this week to simplify the energy model used by Core Ultra hybrid systems with a mix of P and E cores while lacking SMT support, such as with the current Lunar Lake SoCs and upcoming Panther Lake...




  • KDE Plasma 6.5 Fixing Some Of The Most Common Crashes, Other Bugs Fixed Too
    KDE developer Nate Graham describes this week as having seen a "massive amount of stability work" for the Plasma 6.5 desktop. Among the many fixes to land this week for this next Plasma desktop release were fixing the second and third most common causes of Plasma crashes. Additionally, the most prolific common crash scenario was discovered to be caused by third-party code...




  • Linux Now Disabling TPM Bus Encryption By Default For Performance Reasons
    Introduced last year in Linux 6.10 was TPM bus encryption and integration protection for Trusted Platform Module 2 (TPM2) handling. The intent was on better TPM security after a prior security demonstration showed TPM key recovery from Microsoft Windows BitLocker as well as TPM sniffing attacks. Shortly after being merged it was limited to just an x86_64 default where it had been tested the most at the time. Now more than one year later, this feature is being disabled by default in the mainline Linux kernel...



  • Python 3.14 Performance Looking Good In Benchmarks
    With this week9s release of Python 3.14 bringing performance improvements, debugging improvements, a new Zstd compression module, and other enhancements I have been eager to run some benchmarks seeing how Python 3.14 compares to prior Python releases.





OSnews

  • 9front Release released
    The worlds best operating system, 9front, has released a new release called Release. 9front is a maintained fork of Plan 9. The new release Release brings atomic(2) functions for arm, arm64, mips, 386 and amd64, improved stability when the kernel runs out of memory, memdraw and devdraw now support affine warp primitive, and more. You can download Release from the usual mirrors.


  • LineageOS 23 released
    The LineageOS project has released version 23 of their AOSP-based Android variant. LineageOS 23 is based on the initial release of Android 16  so not the QPR1 release that came later  because Google has not made the source code for that release available yet. Like other, similar projects, LineageOS also suffers from Googles recent further lockdown of Android; not only do they not have access to Android 16 QPR1s source code, they also cant follow along with the latest security patches for Android due to changes Google made to the patch release process, and without the device trees for Pixel devices, Pixels are now no longer supported any better than other Android devices. LineageOS 23 brings many of the same features Android 16 brought, and comes with updated versions of LineageOS own camera application and music player, as well as a new TV launcher. Theyve also worked hard to make it much easier to run LineageOS in QEMU, theyve improved support for running mainline kernels, theyve made it easier to merge security fixes and updates for various kernel versions, and much more. Update instructions can be found on the devices page, and specifically note that if youre using an unofficial LineageOS build, youll need to perform the original installation again. With LineageOS being the Debian of the Android world, you can expect a ton of these unofficial versions to pop up over the coming months for devices LineageOS does not officially support.


  • Liquid Glass is cracked, and usability suffers in iOS 26
    With iOS 26, Apple seems to be leaning harder into visual design and decorative UI effects — but at what cost to usability? At first glance, the system looks fluid and modern. But try to use it, and soon those shimmering surfaces and animated controls start to get in the way. Let’s strip back the frost and look at how these changes affect real use. ↫ Raluca Budiu I have not yet used Apples new Liquid Glass! graphical user interface design, so heres the usual disclaimer that my opinions are, then, effectively meaningless. That being said, the amount of detailed articles about the problems with Liquid Glass  from bugs to structural design problems  are legion, and this article by Raluca Budiu is an excellent example. There are so many readability problems, spacing issues, odd animations that dont actually convey anything meaningful, performance issues, and tons of bugs. It feels like it was made not by user interface specialists, but by marketeers, who were given too little time to boot. It feels incoherent and messy, and its going to take Apple a long, long time to mold and shape it into something remotely workable.


  • In bizarre move, Framework embraces deeply extremist views
    Framework, the maker of repairable laptops, is embroiled in a controversy, as the company and its CEO are openly supporting people with, well, questionable views. If you know a little bit about PR in social media space, you might note that, right out of the gate, a project by a vocal white nationalist known for splitting communities by their mere presence, is not a great highlight choice for an overtly non-left-right-political company like Framework. Does it get worse from here? Sadly, it does. ↫ Arya Bread Crumbs The questionable views were talking about here are0 Lets just say were not talking about milquetoast stuff like we should be a bit stricter with immigration! or lower taxes on the rich!, but views that are far, far outside of the mainstream in most places in the world. Framework has stated in no uncertain terms that it is supporting and embracing people like this. Thats a choice they are entirely free to make, but I, and many with me, then, are entirely free to choose not to buy and/or promote products by Framework. I still sincerely hope that all of this is just a massive breakdown of PR and common sense at Framework and its CEO, but since theyve already doubled-down, Im not holding my breath. This whole thing is going to haunt them, especially since Im fairly sure a huge chunk of their community and users  who are buying into hardware that is, in truth, overpriced  are not even remotely aligned with such extremist views. I care deeply about Frameworks mission, but I dont give a single rats ass about Framework itself. There are countless alternatives to Framework, some of which Ive even reviewed here (like the MNT Reform or the NovaCustom V54), and if you, too, feel a deep sense of the ick when it comes to supporting extremist views like the above, I urge you to take them into consideration.


  • Running FreeBSD using Windows Subsystem for Linux
    What if you are forced to use Windows, but want to use a real operating system instead? You could use WSL2 to use Linux inside Windows, but what if FreeBSD is more your thing? It turns out someone is working on making FreeBSD usable using WSL2. This repository hosts work-in-progress efforts to run FreeBSD inside Windows Subsystem for Linux (WSL2) with minimal to no changes to the FreeBSD base system. The project builds on the open-source components of WSL2 to enable FreeBSD to boot and run seamlessly in a Windows environment. ↫ WSL for FReeBSD GitHub page The project is experimental, and definitely not ready for production use. Its also important to note that this project is not part of Microsoft or FreeBSD. At this point in time, FreeBSD boots using WSL2 with basic functionality, and work is currently focused on networking, I/O, and process management.


  • Fedoras AI! policy process highlights rift between IBM/Red Hat and Fedora
    A lot of open source projects are struggling what to do with the AI! bubble, and Fedora is no different. This whole past year, the projects been struggling to formulate any official policies on the use of AI!, and LWN.nets Joe Brockmeier has just done an amazing job summarising the various positions, opinions, and people influencing this process. His conclusion: There appears to be a growing tension between what Red Hat and IBM would like to see from Fedora versus what its users and community contributors want from the project. Red Hat and IBM have already come down in favor of AI as part of their product strategies, the only real questions are what to develop and offer to the customers or partners. The Fedora community, on the other hand, has quite a few people who feel strongly against AI technologies for various ethical, practical, and social reasons. The results, so far, of turning people loose with generative AI tools on unsuspecting open-source projects has not been universally positive. People join communities to collaborate with other people, not to sift through the output of large language models. It is possible that Red Hat will persuade Fedora to formally endorse a policy of accepting AI-assisted content, but it may be at the expense of users and contributors. ↫ Joe Brockmeier at LWN.net Reading through Brockmeiers excellent article, the various forces pulling and pushing on Fedora become quite clear, and the fact weve got IBM/Red Hat in favour of AI!, and Fedoras community of developers and users against it, shouldnt come as a surprise to anyone. Wherever AI! makes an appearance, its almost exclusively a top-down process with corporate interests pushing AI! hard on a largely indifferent userbase. It seems Fedora is no different. The massive rift between IBM/Red Hat on one side, and the Fedora community on the other is probably best illustrated by a remark from Graham White, technical lead for the Granite AI agents at IBM. One of the earlier policy proposals referenced AI! slop, and White was offended by this, stating: Ive been working in the industry and building AI models for a shade over 20 years and never come across AI slop!. This seems derogatory to me and an unnecessary addition to the policy. ↫ Graham White, as quoted by Joe Brockmeier at LWN.net Us regular users are bombarded with AI! slop every day, and I just cant understand how disconnected from reality you must be to not only deny its a problem, but to deny its existence entirely, when virtually every single Google query will drop you in AI! muck. If such denial is commonplace within IBM/Red Hat, its really no wonder theres such a big rift between them and Fedora. It is wholly unsurprising, then, that Fedora is having such a hard time formulating an AI! policy. The current version of the proposed policy seems to view AI! and its use in or by Fedora mildly positively, which certainly has me, as a Fedora/KDE user, on edge. I dont want AI! anywhere near my operating system for a whole variety of reasons, and if the upcoming vote on the new policy ends up in favour of it, I might have to consider moving away from Fedora.


  • Microsoft closes another loophole to enable local accounts in Windows 11
    It seems like Microsoft is continuing its quest to force Windows users to use Microsoft accounts instead of local accounts, despite the fact Microsoft accounts on Windows are half-baked and potentially incredibly dangerous. In the most recent Windows 11 Insider Preview Build (26220.6772), the company has closed a few more loopholes people were using to trick the Windows installer into allowing local user accounts. We are removing known mechanisms for creating a local account in the Windows Setup experience (OOBE). While these mechanisms were often used to bypass Microsoft account setup, they also inadvertently skip critical setup screens, potentially causing users to exit OOBE with a device that is not fully configured for use. Users will need to complete OOBE with internet and a Microsoft account, to ensure device is setup correctly. ↫ Amanda Langowski at the Windows Blogs It seems that the specific workaround removed with this change is executing the command start ms-cxh:localonly! in the command prompt during the installation process (you can access cmd.exe by pressing shift+F10 during installation). Several other workarounds have also been removed in recent years, making it ever harder for people forced to use Windows 11 to use a local account, like the gods intended. The only reason Microsoft is pushing online accounts this hard is that it makes it much, much easier for them to collect your data and wrestle control over your installation away from you. A regular, proper local account with additional online accounts for various services would work just as well for users, allowing them to mix and match exactly what kind of cloud services they want integrated into their operating system. However, leaving this choice to the user invariably means people arent going to be using whatever trash services Microsoft offers. And so, Microsoft will make that choice for you, whether you like it or not. There are a million reasons to stay away from the Windows version that must be making Dave Cutler cry, and the insistence on online accounts is but one of them. Its a perfect example of how Microsoft developers Windows not to make it better for its users, but to make it better for its bottom line. I wonder how much more Microsoft can squeeze its users before we see some sort of actual revolt. Windows used to just lack taste. These days, its also actively hostile.


  • Servo GTK: a widget to embed Servo in GTK4
    Servo, the Rust-based browsing engine spun off from Mozilla, keeps making progress every month, and this made Ignacio Casal Quinteiro wonder: what if we make a GTK widget so we can test Servo and compare it to WebKitGTK? As part of my job at Amazon I started working in a GTK widget which will allow embedding a Servo Webview inside a GTK application. This was mostly a research project just to understand the current state of Servo and whether it was at a good enough state to migrate from WebkitGTK to it. I have to admit that it is always a pleasure to work with Rust and the great gtk-rs bindings. Instead, Servo while it is not yet ready for production, or at least not for what we need in our product, it was simple to embed and to get something running in just a few days. The community is also amazing, I had some problems along the way and they were providing good suggestions to get me unblocked in no time. ↫ Ignacio Casal Quinteiro The code is now out there, and while not yet ready for widespread use, this will make it easier for GTK developer to periodically assess the state of Servo, hopefully some day concluding it can serve as a replacement for WebKitGTK.


  • Synology reverses policy banning third-party HDDs after NAS sales plummet
    Earlier this year, popular NAS vendor Synology announced it would start requiring some of its more expensive models to only use Synology-branded drives. It seems the uproar this announcement caused has had some real chilling effect on sales, and the company just cancelled its plans. Synology has backtracked on one of its most unpopular decisions in years. After seeing NAS sales plummet in 2025, the company has decided to lift restrictions that forced users to buy its own Synology hard drives. The policy, introduced earlier this year, made third-party HDDs from brands like Seagate and WD practically unusable in newer models such as the DS925+, DS1825+, and DS425+. That change didn’t go over well. Users immediately criticised Synology for trying to lock them into buying its much more expensive drives. Many simply refused to upgrade, and reviewers called out the move as greedy and shortsighted. According to some reports, sales of Synology’s 2025 NAS models dropped sharply in the months after the restriction was introduced. ↫ Hilbert Hagedoorn at Guru3D.com If you want to screw over your users to make a few more euros, its generally a good idea to first assess just how locked-in your users really are. Synology is but one of many companies making and selling NAS devices, and even building one yourself is stupidly easy these days. Theres an entire cottage industry of motherboards and enclosures specifically designed for this purpose, and there are countless easy-to-use software options out there, too. In other words, nobody is really locked into Synology, so any unpopular move by the company was bound to make people look elsewhere, only to discover there are tons of competing options to choose from. The market seems to have spoken, and Synology can only respond by reversing its decision. Honestly, I had almost forgotten what a healthy tech market with tons of competing options looks like.


  • MicroPythonOS: an Android-like operating system for microcontrollers like the ESP32
    MicroPythonOS is a lightweight, fast, and versatile operating system designed to run on microcontrollers like the ESP32 and desktop systems. With a modern Android-like touch screen UI, App Store, and Over-The-Air updates, it’s the perfect OS for innovators and developers. ↫ MicroPytonOS website Its quite neat to see this running in such a constrained environment, especially considering it comes with a graphical user interface, some basic applications, and niceties like OTA updates and an application repository. As the name implies, MicroPythonOS uses native MicroPython for application and driver development, making cross-platform portability from microcontrollers to regular PCs a possibility. Its built on the MicroPython runtime, with LVGL for graphics, packaged by the lvgl_micropython project. Its still relatively early in development, but its completely open source so anyone can help out and improve the project. Im personally not too well-versed in the world of microcontrollers like the popular ESP32, so Im not entirely sure just how capable other operating systems and platforms built on top if it are. This particular operating system seems to make it rather easy and straightforward for anyone to build and distribute an application for such microcontrollers, to a point where even an idiot like myself could relatively easily buy, say, an ESP32 kit with a display and assemble my own collection of small applications. To repeat myself, it simply looks neat.


  • Qualcomm gobbles up Arduino
    It was good while it lasted, I guess. Arduino will retain its independent brand, tools, and mission, while continuing to support a wide range of microcontrollers and microprocessors from multiple semiconductor providers as it enters this next chapter within the Qualcomm family. Following this acquisition, the 33M+ active users in the Arduino community will gain access to Qualcomm Technologies’ powerful technology stack and global reach. Entrepreneurs, businesses, tech professionals, students, educators, and hobbyists will be empowered to rapidly prototype and test new solutions, with a clear path to commercialization supported by Qualcomm Technologies’ advanced technologies and extensive partner ecosystem. ↫ Qualcomms press release Qualcomms track record when it comes to community engagement, open source, and long-term support are absolutely atrocious, and theres no way Arduino will be able to withstand the pressures from management. Weve seen this exact story play out a million times, and it always begins with lofty promises, and always ends with all of them being broken. I have absolutely zero faith Arduino will be able to continue to do its thing like it has. Arduino devices are incredibly popular, and it makes sense for Qualcomm to acquire them. If I were using Arduinos for my open source projects, Id be a bit on edge right now.


  • That small sliver of time where a QNX desktop was a real thing we did
    Bradford Morgan White has published an excellent retrospective of QNX, the realtime microkernel operating system focused on embedded use cases. The final paragraph made me sad, though. QNX is a fascinating operating system. It was extremely well designed from the start, and while it has been rewritten, the core ideas that allowed it survive for 45 years persist to this day. While I am sad that Photon was deprecated, the reasoning is sound. Most vendors using QNX either do not require a GUI, or they implement their own. For example, while Boston Dynamics uses QNX in their robots, they don’t really need Photon, and neither do SpaceX’s Falcon rockets. While cars certainly have displays, most vehicle makers desire their screen interfaces to have a unique look and feel. Of course, just stating these use cases of robots, rockets, and cars speaks to the incredible reliability and versatility of QNX. Better operating systems are possible, and QNX proves it. ↫ Bradford Morgan White at Abort Retry Fail Way back in 2004, before I even joined OSNews properly, I wrote about QNX as a desktop operating system, because back then I went through a short stint where I used QNX and its amazing Photon MicroGUI as my primary desktop. Back then, there was a short-lived but very enthusiastic community using QNX on desktops, sharing tips and findings, supported by one or two QNX employees who tried their best to support this fledgling community in the face of corporate indifference. Eventually, these QNX employees left the company, and QNX started making it clearer than ever that they were not, in any way, interested in people using QNX on desktops, and in all honesty, they were most likely correct. However, I still think we had something special there, and had QNX management decided to help us out, it couldve grown into something more sustainable. An open source QNX and Photon couldve had an impact. Using QNX on the desktop back then was much easier than you might imagine, with graphical package managers, capable browsers and email clients, a massive pile of open source packages, pretty great performance, and little to no need to ever leave the GUI and use a CLI. If your hardware was properly supported, you could have a great experience. One of the very small what-ifs! form the early 2000s.


  • Redox now multithreaded by default
    Can these months please stop passing us by this quickly? It seems were getting a monthly Redox update every other week now, and thats not right. Anyway, what have the people behind this Rust-based operating system been up to this past month? One of the biggest changes this month is that Redox is now multithreaded by default, at least on x86 machines. Unsurprisingly, this can enable some serious performance gains. Also contributing to performance improvements this month is inode data inlining for small files, and the installation is now a lot faster too. LZ4 compression has been added to Redox, saving storage space and improving performance. As far as ports go, theres a ton of new and improved ports, like OpenSSH, Nginx, PHP, Neovim, OpenSSL 3.x, and more. On top of that, theres a long list of low-level kernel improvements, driver changes, and relibc improvements, changes to the main website, and so on.


  • The case against generative AI: the numbers just dont add up (i.e., its a scam)
    Every single “vibe coding is the future,” “the power of AI,” and “AI job loss” story written perpetuates a myth that will only lead to more regular people getting hurt when the bubble bursts. Every article written about OpenAI or NVIDIA or Oracle that doesn’t explicitly state that the money doesn’t exist, that the revenues are impossible, that one of the companies involved burns billions of dollars and has no path to profitability, is an act of irresponsible make believe and mythos. ↫ Edward Zitron The numbers are clear. People arent paying for AI!, and those that do, are using up way more resources than theyre actually paying for. The profits required to make all of this work just arent realistic in any way, shape, or form. The money being pumped around doesnt even exist. Its a scam of such utterly massive proportions, its easier for many of us to just assume it cant possibly be one. Too big to fail? Too many promises to be a scam. Its going to be a bloodbath, but as usual when the finance and tech bros scam entire sectors, its us normal folk who will be left to foot the bill. Lets blame immigrants some more while we implement harsh austerity measures to bail out the billionaire class. Again.


  • Under pressure from US government, Apple removes ICEBlock application from the App Store
    Your lovely host, late last night: Google claims they won’t be sharing developer information with governments, but we all know that’s a load of bullshit, made all the more relevant after whatever the fuck this was. If you want to oppose the genocide in Gaza or warn people of ICE raids, and want to create an Android application to coordinate such efforts, you probably should not, and stick to more anonymous organising tools. ↫ Thom Holwerda Lets check in with how that other walled garden Google is trying to emulate is doing. Apple has removed ICEBlock, an app that allowed users to monitor and report the location of immigration enforcement officers, from the App Store. We created the App Store to be a safe and trusted place to discover apps,! Apple said in a statement to Business Insider. Based on information weve received from law enforcement about the safety risks associated with ICEBlock, we have removed it and similar apps from the App Store.! ↫ Katherine Tangalakis-Lippert, Peter Kafka, and Kwan Wei Kevin Tan for Business Insider Oh. Apple and Google are but mere extensions of the state apparatus. Think twice about what device you bring with you the next time you wish to protest your governments actions.


  • Google details Android developer certification requirement, and its as bad as we feared
    Google has been on a bit of a marketing blitz to try and counteract some of the negative feedback following its new developer verification requirement for Android applications, and while theyre using a lot of words, none of them seem to address the core concerns. It basically comes down to that they just dont care about the consequences this new requirement has for projects like F-Droid, nor are they really bothered by any of the legitimate privacy concerns this whole thing raises. If this new requirement is implemented in its current form, F-Droid will simply not be able to continue to exist in its current form. F-Droid builds the applications in its repository themselves and signs them, and developer verification does not fit into that picture at all. F-Droid works this way to ensure its applications are built from the publicly available sources, so developers cant sneak anything nefarious into any binaries they would otherwise be submitting themselves. The privacy angle doesnt seem to bother Google much, either, which shouldnt be a surprise to anyone. With this new requirement, Android application developers can simply no longer be anonymous, which has a variety of side-effects, not least of which is that anyone developing applications for, say, dissidents, can now no longer be anonymous. Google claims they wont be sharing developer information with governments, but we all know thats a load of bullshit, made all the more relevant after whatever the fuck this was. If you want to oppose the genocide in Gaza or warn people of ICE raids, and want to create an Android application to coordinate such efforts, you probably should not, and stick to more anonymous organising tools. Students and hobbyists are getting the short end of the stick, too, as Googles promised program specifically for these two groups is incredibly limited. Yes, it waves the $25 fee, but thats about the only positive here: Developers who register with Google as a student or hobbyist will face severe app distribution restrictions, namely a limit on the number of devices that can install their apps. To enforce this, any user wanting to install software from these developers must first retrieve a unique identifier from their device. The developer then has to input this identifier into the Android Developer Console to authorize that specific device for installation. ↫ Mishaal Rahman at Android Authority Google does waive the requirement for developer certification for one particular type of user, and in doing so, highlights the only group of users Google truly cares about: enterprise users. Any application installed by an enterprise on managed devices will not need to have its developer certified. Google states that in this particular use case, the enterprises IT department is responsible for any security issues that may arise. Isnt it funny how the only group of users who wont have to deal with this nonsense are companies who pay Google tons of money for their enterprise tools? The only way were going to get out of this is if any governments step up and put a stop to this. We can safely assume the United States government wont be on our side  theyre too busy with their recurring idiotic song-and-dance anyway  so our only hope is the European Commission stepping in, but Im not holding my breath. After all, Apples rules and regulations regarding installing applications outside of the App Store in the EU are not that different from what Google is going to do. While the EU is not happy with the details of Apples rules, their general gist seems to be okay with them. Im afraid governments wont be stepping in to stop this one.



Linux Journal News

  • EU OS: A Bold Step Toward Digital Sovereignty for Europe
    Image
    A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
    What Is EU OS?
    EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.

    Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
    The Vision Behind EU OS
    The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.

    Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.

    However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
    Conclusion
    EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.

    Source: It's FOSS
    European Union


  • Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.

    In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.

    On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.

    Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.

    The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.

    Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.

    You can download the latest kernel here.
    Linus Torvalds kernel


  • AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
    Image
    AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.

    This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.

    Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.

    Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.

    Source: 9to5Linux
    AerynOS


  • Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
    Image
    Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.

    Here’s a quick overview of what’s new in Xojo 2025r1:
    1. Linux ARM IDE Support
    Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
    2. Web Drag and Drop
    One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
    3. Direct App Store Publishing
    Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
    4. New Desktop and Mobile Features
    This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
    5. Performance and IDE Enhancements
    Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
    What Does This Mean for Developers?
    Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
    How to Get Started
    Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.

    Download Xojo 2025r1 today at xojo.com.
    Final Thoughts
    With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
    Xojo ARM


  • New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux

    Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.

    Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.

    Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 

    Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.

    Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.

    Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.

    By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
    Windows


  • Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities

    The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 

    As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.

    In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 

    After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.

    The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.

    At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.

    The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
    Security


  • Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges

    The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.

    A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.

    This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 

    The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.

    On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.

    In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
    kernel


  • Linux Celebrates 32 Years with the Release of 6.6-rc2 Version

    Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.

    The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.

    Here is what Linus Torvalds had to say in today's announcement:
    Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds


  • Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction

    Want to interact with ChatGPT from your Linux desktop without using a web browser?

    Bavarder, a new app, allows you to do just that.

    Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.

    With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.

    During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.

    At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.

    As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!

    Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
    ChatGPT AI


  • LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite

    Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.

    Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.

    LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.

    You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.

    All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.

    In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.

    Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.

    The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
    LibreOffice


Linux Magazine News (path: lmi_news)



  • Linux Kernel 6.17 is Available
    Linus Torvalds has announced that the latest kernel has been released with plenty of core improvements and even more hardware support.



  • Zorin OS 18 Beta Available for Testing
    The latest release from the team behind Zorin OS is ready for public testing, and it includes plenty of improvements to make it more powerful, user-friendly, and productive.



  • USB4 Maintainer Leaves Intel
    Michael Jamet, one of the primary maintainers of USB4 and Thunderbolt drivers, has left Intel, leaving a gaping hole for the Linux community to deal with.









  • VirtualBox 7.2 Has Arrived
    With early support for Linux kernel 6.17 and other new additions, VirtualBox 7.2 is a must-update for users.



  • Debian 13.0 Officially Released
    After two years of development, the latest iteration of Debian is now available with plenty of under-the-hood improvements.





Page last modified on November 17, 2022, at 06:39 PM