|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- Alpine Linux 3.23.0 released
Version 3.23.0 of Alpine Linux has been released. Notable changesin this release include an upgrade to version 3.0of the AlpinePackage Keeper (apk), and replacing the linux-edgepackage with linux-stable:
For years, linux-lts and linux-edge grew apart and developed theirown kernel configs, different architectures, etc.
Now linux-edge gets replaced with linux-stable which has theidentical configuration as linux-lts, but follows the stable releasesinstead of the long-term releases (see https://kernel.org/).
The /usrmerge planned for this release has been postponed; a new timelinefor the change will be published later. See the releasenotes for more information on this release.
- [$] The beginning of the 6.19 merge window
As of this writing, 4,124 non-merge commits have been pulled into themainline repository for the 6.19 kernel development cycle. That is arelatively small fraction of what can be expected this time around, but itcontains quite a bit of significant work, with changes to many core kernelsubsystems. Read on for a summary of the first part of the 6.19 mergewindow.
- [$] A "frozen" dictionary for Python
Dictionaries are ubiquitous in Python code; they are the data structure ofchoice for a wide variety of tasks. But dictionaries are mutable, whichmakes them problematic for sharing data in concurrent code. Python hasadded various concurrency features to the language over the last decade orso—async, free threading without the global interpreter lock(GIL), and independent subinterpreters—but users must work out their ownsolution for an immutable dictionary that can be safely shared byconcurrent code. There are existing modules that could be used, but a recent proposal, PEP 814 ("Add frozendictbuilt-in type"), looks to bring the feature to the language itself.
- cmocka 2.0 released
Andreas Schneider has announcedversion 2.0 of the cmockaunit-testing framework for C:
This release represents a major modernization effort, bringingcmocka firmly into the "modern" C99 era while maintaining thesimplicity and ease of use that users have come to expect.
One of the most significant changes in cmocka 2.0 is the migrationto C99 standard integer types. The LargestIntegralType typedef hasbeen replaced with intmax_t and uintmax_t fromstdint.h, providing better type safety and portability acrossdifferent platforms. Additionally, we've adopted the bool type whereappropriate, making the code more expressive and self-documenting.
Using intmax_t and uintmax_t also allows to printbetter error messages. So you can now finde.g. assert_int_equal and assert_uint_equal.
cmocka 2.0 introduces a comprehensive set of type-specificassertion macros, including `assert_uint_equal()`,`assert_float_equal()`, and enhanced pointer assertions. The mockingsystem has also been significantly improved with type-specific macroslike `will_return_int()` and `will_return_float()`. The same forparameter checking etc.
LWN covered theproject early in its development in 2013. See the full list of newfeatures, enhancements, and bug fixes in cmocka 2.0 in the changelog.
- Security updates for Thursday
Security updates have been issued by AlmaLinux (expat and libxml2), Debian (openvpn and webkit2gtk), Fedora (gi-loadouts, kf6-kcoreaddons, kf6-kguiaddons, kf6-kjobwidgets, kf6-knotifications, kf6-kstatusnotifieritem, kf6-kunitconversion, kf6-kwidgetsaddons, kf6-kxmlgui, nanovna-saver, persepolis, python-ezdxf, python-pyside6, sigil, stb, syncplay, tinyproxy, torbrowser-launcher, ubertooth, and usd), Mageia (cups), SUSE (cups, gegl, icinga2, mozjs128, and Security), and Ubuntu (ghostscript, kernel, linux, linux-aws, linux-aws-5.15, linux-gcp-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-oracle-5.15, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-hwe, linux-kvm, linux-oracle, linux-aws-fips, linux-fips, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure-fips, linux-gcp, linux-gcp-4.15, linux-hwe, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-gcp-6.14, linux-raspi, linux-gcp-fips, linux-intel-iot-realtime, linux-realtime, linux-raspi, linux-raspi-realtime, linux-xilinx, and postgresql-14, postgresql-16, postgresql-17).
- Cro provides commentary on LWN's Zig asynchronicity article
Loris Cro has publisheda detailed YouTube video talking about the terminology used to discuss asynchronicity, concurrency, and parallelism in our recent article about Zig's new Io interface. Our article is not completely clear because it uses the term "asynchronous I/O" to refer to what should really be called "non-blocking I/O", and sometimes confuses asynchronicity for concurrency, among other errors of terminology, he says. Readers interested in precise details about Zig's approach and some of the motivation behind the design may find Cro's video interesting.
- [$] LWN.net Weekly Edition for December 4, 2025
Inside this week's LWN.net Weekly Edition:
Front: Rust in Debian; Python comprehensions; asynchronous Zig; BPF and io_uring; C safety; 6.18 statistics; just. Briefs: Landlock; Let's Encrypt lifetimes; Last 5.4 kernel; TAB election; AlmaLinux 10.1; FreeBSD 15.0; NixOS 25.11; Django 6.0; Home Assistant 2025.12; PHP 8.5.0; Racket 9.0; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- Home Assistant 2025.12 released
Version2025.12 of the Home Assistant home-automation system has been released.
This month, we're unveiling Home Assistant Labs, a brand-new space where you can preview features before they go mainstream. And what better way to kick it off than with Winter mode? ❄️ Enable it and watch snowflakes drift across your dashboard. It's completely unnecessary, utterly delightful, and exactly the kind of thing we love to build. ❄️
But that's just the beginning. We've been working on making automations more intuitive over the past releases, and this release finally delivers purpose-specific triggers and conditions. Instead of thinking in (numeric) states, you can now simply say "When a light turns on" or "If the climate is heating". It's automation building the way our mind works, as it should be.
- Django 6.0 released
The Django Python webframework project has announcedthe release of Django 6.0 including many new features, as can be seen inthe releasenotes. Some highlights include template partials for modularizingtemplates, a flexible task framework for running background tasks, amodernized email API, and a ContentSecurity Policy (CSP) feature that provides the ability to "easily configure and enforce browser-level security policies to protect against content injection".
- [$] Just: a command runner
Over time, many Linux users wind up with a collection of aliases,shell scripts, and makefiles to run simple commands (or a series ofcommands) that are often used, but challenging to remember andannoying to type out at length. The just command runner is aRust-based utility that just does one thing and does it well: it readsrecipes from a text file (aptly called a "justfile"), and runs thecommands from an invoked recipe. Rather than accumulating a libraryof one-off shell scripts over time, just provides a cross-platform toolwith a framework and well-documented syntax for collecting anddocumenting tasks that makes it useful for solo users andcollaborative projects.
- Security updates for Wednesday
Security updates have been issued by Debian (containerd, mako, and xen), Fedora (forgejo, nextcloud, openbao, rclone, restic, and tigervnc), Oracle (firefox, kernel, libtiff, libxml2, and postgresql), SUSE (libecpg6, lightdm-kde-greeter, python-cbor2, python-mistralclient-doc, python315, and python39), and Ubuntu (kdeconnect, linux, linux-aws, linux-realtime, python-django, and unbound).
- A final stable kernel update for 5.4
Greg Kroah-Hartman has announced the release of the 5.4.302 stable kernel:
This is the LAST 5.4.y release. It is now end-of-life and should notbe used by anyone, anymore. As of this point in time, there are 1539documented unfixed CVEs for this kernel branch, and that number willonly increase over time as more CVEs get assigned for kernel bugs.
For the curious, Kroah-Hartman has also provideda list of the unfixed CVEs for 5.4.302.
- Let's Encrypt to reduce certificate lifetimes
Let's Encrypt has announcedthat it will be reducing the validity period of its certificates from90 days to 45 days by 2028:
Most users of Let's Encrypt who automatically issue certificateswill not have to make any changes. However, you should verify thatyour automation is compatible with certificates that have shortervalidity periods.
To ensure your ACME client renews on time, we recommend using ACMERenewal Information (ARI). ARI is a feature we've introduced to helpclients know when they need to renew their certificates. Consult yourACME client's documentation on how to enable ARI, as it differs fromclient to client. If you are a client developer, check out thisintegration guide.
If your client doesn't support ARI yet, ensure it runs on aschedule that is compatible with 45-day certificates. For example,renewing at a hardcoded interval of 60 days will no longer besufficient. Acceptable behavior includes renewing certificates atapproximately two thirds of the way through the current certificate'slifetime.
Manually renewing certificates is not recommended, as it will needto be done more frequently with shorter certificate lifetimes.
- FreeBSD 15.0 released
FreeBSD15.0 has been released. Notable changes in this release include a newmethod for installingthe base system using the pkg package manager, an updateto OpenZFS 2.4.0-rc4,native support for the inotify(2)interface, and the addition of Open Container Initiative (OCI) imagesto FreeBSD's release artifacts. See the releasenotes for a full list of changes, hardwarenotes for supported hardware, and check the erratabefore installing or upgrading.
- Modern CLI Tools: Time to Forget LS and CAT
The command line remains the most powerful interface for Linux users, but traditional Unix tools like ls, cat, grep, and find are showing their age. A new generation of CLI tools offers significant improvements in speed, usability, and features. In this tutorial, we explore 10 modern alternatives that will transform your daily workflow and boost your productivity.
- Radxa C200 Orin Developer Kit Features Jetson Orin NX and PCIe 4.0 Expansion
Radxa has introduced the C200 Orin Developer Kit, a compact carrier board built around NVIDIA’s Jetson Orin NX 8GB module. The design targets robotics, automation, and edge computing systems that require a high performance CPU–GPU combination, wide connectivity, and support for the Jetson software ecosystem. The kit integrates NVIDIA’s Jetson Orin NX 8GB, which includes […]
- Post Quantum Safe Algorithms in the Red Hat Enterprise Linux 10.1 Distros
Red Hat Enterprise Linux 10.1 and two of its free-of-charge clones have been released, with Post Quantum Safe encryption algorithms enabled by default. In this article, we'll look at OpenSSH and OpenSSL on AlmaLinux 10.1, and show you that the Post Quantum Safe algorithms are indeed working.
- MetaComputing Launches 45-TOPS Arm Linux-Ready PC Powered by CIX CP8180
Switzerland-based MetaComputing has announced a new ARM-based AI PC designed for the Framework Laptop 13 ecosystem. Developed with CIX Technology, the device introduces an ARM mainboard option for Framework systems and represents one of the first consumer-facing deployments of the CIX CP8180 processor. The platform is built around the CP8180 SoC manufactured on a 6 […]
- Rust core library partly polished for industrial safety spec
Ferrous Systems achieves IEC 61508 (SIL 2) certification for systems that demand reliabilityMemory-safe Rust code can now be more broadly applied in devices that require electronic system safety, at least as measured by International Electrotechnical Commission (IEC) standards.…
- Becoming a Security Engineer: Linux-Focused Roadmap for Offensive and Defensive Paths
Linux has become the backbone of modern IT infrastructure, powering the majority of web servers, cloud platforms, and even the most popular security tools used by professionals worldwide. For cybersecurity professionals, strong Linux skills are no longer optional-they're essential. Whether your goal is to break into systems as an ethical hacker or defend and secure them against malicious actors, a solid foundation in Linux will be at the core of your career. The cybersecurity field offers two distinct but complementary paths for Linux-focused professionals: offensive security (Red Team) and defensive security (Blue Team). Each path requires deep technical expertise, but they approach security challenges from opposite perspectives. Understanding both paths-their overlapping fundamentals, unique specializations, and career trajectories-is crucial for anyone looking to build a successful career as a Linux Security Engineer.
- Linux 6.19 Goes Ahead And Enables Microsoft C Extensions Support
Last month I reported on Linux 6.19 looking to enable Microsoft C Extensions support throughout the Linux kernel with setting the -fms-extensions compiler option to allow Microsoft C Extensions when building the kernel. Linus Torvalds today merged that support without objections...
- Fedora 44 Cleared To Replace Kernel Console With User-Space KMSCON
A proposal was raised a month ago for Fedora Linux 44 to replace the kernel's frame-buffer console "FBCON" with KMSCON in user-space. The Fedora Engineering and Steering Committee (FESCo) has now granted approval for making this change in Fedora 44 as part of a larger foal to eventually deprecate FBCON/FBDEV emulation in the kernel...
- Intel's Open-Source Linux Graphics Driver Delivered Significant Improvements In 2025
Last week I provided a look at how Intel's GPU compute performance on Battlemage evolved in 2025. In today's article is a similar Intel Arc A-Series "Alchemist" and B-Series "Battlemage" look at how the OpenGL and Vulkan graphics performance has evolved over the past year. Simply put, the open-source Intel Linux graphics driver stack has evolved immensely this year... Not just for Vulkan but even the OpenGL support continues moving in the right direction too.
- How to turn on the AI-ready infrastructure you already own
Hammerspace maximizes your GPU usage using your existing NVMe storagePartner content As AI computing expands across hybrid and multi-cloud environments, infrastructure teams are under pressure to accelerate time-to-insight while maximizing GPU investments. But too often, storage becomes the bottleneck.…
- RoboCop Statue Rises In Detroit
alternative_right quotes a report from the Guardian: The statue looms and glints at more than 11 feet tall and weighing 3,500 pounds, looking out at the city with, how to put it ... a characteristically stern expression? Despite its daunting appearance and history as a crimefighter of last resort, the giant new bronze figure of the movie character RoboCop is being seen as a symbol of hope, drawing fans and eliciting selfie mania since it began standing guard over Detroit on Wednesday afternoon. It has been 15 years in the making. Even in a snowstorm in the dark, people were driving by to see it, said Jim Toscano, co-owner of the Free Age film production company, where the statue now stands firmly bolted down near the sidewalk. RoboCop hit theaters in 1987, portraying a near-future Detroit as crime-ridden and poorly protected by a beleaguered and outgunned police force, until actor Peter Weller appeared as a nearly invincible cyborg, apparently created by a nefarious corporation bent on privatizing policing. A grassroots campaign to build a RoboCop statue in Detroit began in 2010, eventually raising over $67,000 on Kickstarter and resulting in a completed sculpture in 2017. However, hosting setbacks caused it to get stuck, "stored away from public view," reports the Guardian. The project finally found a home after business owner Mike Toscano agreed to display it in their new open-air product market, calling it "too unique and too cool not to do."
Read more of this story at Slashdot.
- US Probes Reports Waymo Self-Driving Cars Illegally Passed School Buses 19 Times
U.S. regulators are pressing Waymo for answers after Texas officials reported 19 instances of its self-driving cars illegally passing stopped school buses, including cases that occurred after Waymo claimed to have deployed a software fix. Longtime Slashdot reader BrendaEM shares the report from Reuters: In a November 20 letter posted by NHTSA, the Austin Independent School District said five incidents occurred in November after Waymo said it had made software updates to resolve the issue and asked the company to halt operations around schools during pick-up and drop-off times until it could ensure the vehicles would not violate the law. "We cannot allow Waymo to continue endangering our students while it attempts to implement a fix," a lawyer for the school district wrote, citing one incident involving a Waymo that was "recorded driving past a stopped school bus only moments after a student crossed in front of the vehicle, and while the student was still in the road." The letter prompted NHTSA to ask Waymo on November 24 if it would comply with the request to cease self-driving operations during student pick-up and drop-off times, adding: "Was an appropriate software fix implemented or developed to mitigate this concern? And if so, does Waymo plan to file a recall for the fix?" The school district told Reuters on Thursday that Waymo refuses to halt operations around schools and said another incident involving a self-driving car and an actively loading school bus occurred on December 1, which "indicates that those programming changes did not resolve the issue or our concerns." In a statement, Waymo did not answer why it had refused to halt operations around Austin schools or answer if it would issue a recall. "We're deeply invested in safe interaction with school buses. We swiftly implemented software updates to address this and will continue to rapidly improve," Waymo said. NHTSA said in a letter to Waymo on Wednesday that it was demanding answers to a series of questions by January 20 about incidents involving school buses and details of software updates to address safety concerns.
Read more of this story at Slashdot.
- Microsoft Faces New Complaint For Unlawfully Processing Data On Behalf of Israeli Military
Ancient Slashdot user Alain Williams shares a report from Al Jazeera: The Irish Council for Civil Liberties (ICCL) has announced it filed a complaint against Microsoft, accusing the global tech giant of unlawfully processing data on behalf of the Israeli military and facilitating the killings of Palestinian civilians in Gaza. In the complaint, the council asked the Data Protection Commission -- the European Union's lead data regulator for the company -- to "urgently investigate" Microsoft Ireland's processing. "Microsoft's technology has put millions of Palestinians in danger. These are not abstract data-protection failures -- they are violations that have enabled real-world violence," Joe O'Brien, ICCL's executive director, said in a statement. "When EU infrastructure is used to enable surveillance and targeting, the Irish Data Protection Commission must step in -- and it must use its full powers to hold Microsoft to account." After months of complaints from rights groups and Microsoft whistleblowers, the company said in September it cancelled some services to the Israeli military over concerns that it was violating Microsoft's terms of service by using cloud computing software to spy on millions of Palestinians.
Read more of this story at Slashdot.
- Plane Crashed After 3D-Printed Part Collapsed
A light aircraft crashed in Gloucestershire after a 3D-printed plastic air-induction elbow softened from engine heat and collapsed, cutting power during final approach and causing the plane to undershoot the runway. Investigators say the part was made from "inappropriate material" and safety actions will be taken in the future regarding 3D printed parts. The BBC reports: Following an "uneventful local flight", the AAIB report said the pilot advanced the throttle on the final approach to the runway, and realized the engine had suffered a complete loss of power. "He managed to fly over a road and a line of bushes on the airfield boundary, but landed short and struck the instrument landing system before coming to rest at the side of the structure," the report read. It was revealed the part had been installed during a modification to the fuel system and collapsed due to its 3D-printed plastic material softening when exposed to heat from the engine. The Light Aircraft Association (LAA) said it now intends to take safety actions in response to the accident, including a "LAA Alert" regarding the use of 3D-printed parts that will be sent to inspectors.
Read more of this story at Slashdot.
- Russia Blocks Roblox, Apple's FaceTime
Russia has blocked Apple's FaceTime and the gaming platform Roblox as part of a broader crackdown on foreign tech platforms. CBC News reports: Both restrictions are part of an accelerating clampdown on foreign tech platforms: In the case of FaceTime, Russian authorities allege it is being used for criminal activity, while Roblox was accused of distributing extremist materials and "LGBT propaganda." The move follows restrictions against Google's YouTube, Meta's WhatsApp and the Telegram messaging service. Critics say the curbs amount to censorship and a tightening of state control over private communications. Russia says they are legitimate law enforcement measures. Russian authorities have this year launched a state-backed rival app called Max, which critics say could be used for surveillance -- allegations that state media have dismissed as false. Justifying its decision, the communications regulator, Roskomnadzor, said in an emailed statement: "According to law enforcement agencies, FaceTime is being used to organize and carry out terrorist attacks in the country, recruit perpetrators, and commit fraud and other crimes against Russian citizens." The watchdog did not cite evidence in support of the allegations.
Read more of this story at Slashdot.
- EU Hits Meta With Antitrust Probe Over Plans To Block AI Rivals From WhatsApp
The EU has opened an antitrust investigation into Meta over a new WhatsApp policy that could block rival AI assistants from accessing the platform. Complaints from smaller AI developers triggered the probe, which could lead to fines of up to 10% of Meta's global revenue if the company is found to have abused its dominance. Reuters reports: EU antitrust chief Teresa Ribera said the move was to prevent dominant firms from "abusing their power to crowd out innovative competitors." She added interim measures could be imposed to block Meta's new WhatsApp AI policy rollout. "AI markets are booming in Europe and beyond," she said. "This is why we are investigating if Meta's new policy might be illegal under competition rules, and whether we should act quickly to prevent any possible irreparable harm to competition in the AI space." A WhatsApp spokesperson called the claims "baseless," adding that the emergence of chatbots on its platforms had put a "strain on our systems that they were not designed to support," a reference to AI systems from other providers. "Still, the AI space is highly competitive and people have access to the services of their choice in any number of ways, including app stores, search engines, email services, partnership integrations, and operating systems."
Read more of this story at Slashdot.
- Bending Spoons Buys Eventbrite For $500 Million
Longtime Slashdot reader williamyf writes: The Italian company Bending Spoons seems to be on an acquisitions spree. Their recent acquisitions of AOL and Vimeo are not yet finalized, yet on Dec. 2 they announced they are buying Eventbrite, a company specializing in publicizing and organizing local events, for just half a milliard USD. Bending Spoons' portfolio also includes other companies like Evernote and WeTransfer. Further reading: Private Equity Hipsters Are Coming For Your Favorite Apps (2024)
Read more of this story at Slashdot.
- Microsoft 'Mitigates' Windows LNK Flaw Exploited As Zero-Day
joshuark shares a report from BleepingComputer: Microsoft has silently "mitigated" a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks. Tracked as CVE-2025-9491, this security flaw allows attackers to hide malicious commands within Windows LNK files, which can be used to deploy malware and gain persistence on compromised devices. However, the attacks require user interaction to succeed, as they involve tricking potential victims into opening malicious Windows Shell Link (.lnk) files. Thus some element of social engineering, and user technically naive and gullibility such as thinking Windows is secure is required. [...] As Trend Micro threat analysts discovered in March 2025, the CVE-2025-9491 was already being widely exploited by 11 state-sponsored groups and cybercrime gangs, including Evil Corp, Bitter, APT37, APT43 (also known as Kimsuky), Mustang Panda, SideWinder, RedHotel, Konni, and others. Microsoft told BleepingComputer in March that it would "consider addressing" this zero-day flaw, even though it didn't "meet the bar for immediate servicing." ACROS Security CEO and 0patch co-founder Mitja Kolsek found, Microsoft has silently changed LNK files in the November updates in an apparent effort to mitigate the CVE-2025-9491 flaw. After installing last month's updates, users can now see all characters in the Target field when opening the Properties of LNK files, not just the first 260. As the movie the Ninth Gate stated: "silentium est aurum"
Read more of this story at Slashdot.
- RAM Is So Expensive, Samsung Won't Even Sell It To Samsung
A severe spike in global DRAM prices has pushed Samsung Semiconductor to refuse a long-term RAM order from its own sibling, Samsung Electronics. The move is forcing the smartphone division into short, expensive renegotiations, which will likely mean higher costs for consumer devices. PCWorld reports: Samsung subsidiaries are, naturally, going to look to Samsung Semiconductor first when they need parts. Such was reportedly the case for Samsung Electronics, in search of memory supplies for its newest smartphones as the company ramps up production for 2026 flagship designs. But with so much RAM hardware going into new "AI" data centers -- and those companies willing to pay top dollar for their hardware -- memory manufacturers like Samsung, SK Hynix, and Micron are prioritizing data center suppliers to maximize profits. The end result, according to a report from SE Daily spotted by SamMobile, is that Samsung Semiconductor rejected the original order for smartphone DRAM chips from Samsung Electronics' Mobile Experience division. The smartphone manufacturing arm of the company had hoped to nail down pricing and supply for another year. But reports say that due to "chipflation," the phone-making division must renegotiate quarterly, with a long-term supply deal rejected by its corporate sibling. A short-term deal, with higher prices, was reportedly hammered out.
Read more of this story at Slashdot.
- 30% of Doctors In UK Use AI Tools In Patient Consultations, Study Finds
An anonymous reader quotes a report from the Guardian: Almost three in 10 GPs in the UK are using AI tools such as ChatGPT in consultations with patients, even though it could lead to them making mistakes and being sued, a study reveals. The rapid adoption of AI to ease workloads is happening alongside a "wild west" lack of regulation of the technology, which is leaving GPs unaware which tools are safe to use. That is the conclusion of research by the Nuffield Trust thinktank, based on a survey of 2,108 family doctors by the Royal College of GPs about AI and on focus groups of GPs. Ministers hope that AI can help reduce the delays patients face in seeing a GP. The study found that more and more GPs were using AI to produce summaries of appointments with patients, assisting their diagnosis of the patient's condition and routine administrative tasks. In all, 598 (28%) of the 2,108 survey respondents said they were already using AI. More male (33%) than female (25%) GPs have used it and far more use it in well-off than in poorer areas. It is moving quickly into more widespread use. However, large majorities of GPs, whether they use it or not, worry that practices that adopt it could face "professional liability and medico-legal issues," and "risks of clinical errors" and problems of "patient privacy and data security" as a result, the Nuffield Trust's report says. [...] In a blow to ministerial hopes, the survey also found that GPs use the time it saves them to recover from the stresses of their busy days rather than to see more patients. "While policymakers hope that this saved time will be used to offer more appointments, GPs reported using it primarily for self-care and rest, including reducing overtime working hours to prevent burnout," the report adds.
Read more of this story at Slashdot.
- Subaru Owners Are Ticked About In-Car Pop-Up Ads For SiriusXM
Subaru owners are reporting full-screen SiriusXM pop-up ads appearing on their infotainment systems while driving -- sometimes even overriding Apple CarPlay. Subaru says the ads appear only twice a year, but frustrated drivers argue the practice is distracting, unsafe, and a sign of an industry trend that's likely to get worse. The Drive reports: At least one 2024 Crosstrek owner reported that the pop-up took over their screen even though they were using Apple CarPlay. To force-close an application that's in use, solely for the sake of in-car advertising, is especially egregious. [The following Subaru owner complaints to the National Highway Traffic Safety Administration reiterate that point...] The Drive reached out to Subaru for comment on the marketing tactics. A company spokesperson responded, "We will discuss those messages in an upcoming meeting and will always consider customer feedback. This is the first we've heard of any issue. Those messages occur only twice a year, around Memorial Day and Thanksgiving, to alert customers that all channels are available to them for about two weeks." Reddit posts dating back as far as 2023 show owners complaining about in-car notifications.
Read more of this story at Slashdot.
- Meta Poaches Apple Design Exec Alan Dye
Apple's longtime human-interface chief Alan Dye is leaving to lead a new creative studio at Meta's Reality Labs, where he'll shape AI-driven design for devices like smart glasses and VR headsets. Dye will be replaced by Steve Lemay, who has had "a key role in the design of every major Apple interface since 1999," according to a statement Apple CEO Tim Cook gave Bloomberg's Mark Gurman. TechCrunch reports: Shortly after the news broke of Dye's departure, Zuckerberg announced a new creative studio within Reality Labs that would be led by Dye. There, he'll be joined by Billy Sorrentino, another former Apple designer who led interface design across Reality Labs; Joshua To, who led interface design across Reality Labs; Meta's industrial design team, led by Pete Bristol; and its metaverse design and art teams led by Jason Rubin. Zuckerberg said the studio would "bring together design, fashion, and technology to define the next generation of our products and experiences." "Our idea is to treat intelligence as a new design material and imagine what becomes possible when it is abundant, capable, and human-centered," the Meta CEO wrote on Threads. "We plan to elevate design within Meta, and pull together a talented group with a combination of craft, creative vision, systems thinking, and deep experience building iconic products that bridge hardware and software."
Read more of this story at Slashdot.
- New Homes In London Were Delayed By 'Energy-Hungry' Data Centers
A London Assembly report warns that surging demand from "energy-hungry" data centers is straining the electricity grid and delaying new housing developments. With data-center electricity use expected to rise up to 600% by 2050, officials fear London's housing crisis could worsen without coordinated action. The BBC reports: According to the report (PDF) from the London Assembly Planning and Regeneration Committee, some new housing developments in west London were temporarily delayed after the electricity grid reached full capacity. The committee's chair James Small-Edwards said energy capacity had become a "real constraint" on housing and economic growth in the city. In 2022, the General London Assembly (GLA) began to investigate delays to housing developments in the boroughs of Ealing, Hillingdon and Hounslow - after it received reports that completed projects were being told they would have to "wait until 2037" to get a connection to the electricity grid. There were fears the boroughs may have to "pause new housing altogether" until the issue was resolved. But the GLA found short-term fixes with the National Grid and energy regulator Ofgem to ensure the "worst-case scenario" did not happen -- though several projects were still set back. The strains on parts of London's housing highlighted the need for "longer term planning" around grid capacity in the future, said the report.
Read more of this story at Slashdot.
- 'End-To-End Encrypted' Smart Toilet Camera Is Not Actually End-To-End Encrypted
An anonymous reader quotes a report from TechCrunch: Earlier this year, home goods maker Kohler launched a smart camera called the Dekoda that attaches to your toilet bowl, takes pictures of it, and analyzes the images to advise you on your gut health. Anticipating privacy fears, Kohler said on its website that the Dekoda's sensors only see down into the toilet, and claimed that all data is secured with "end-to-end encryption." The company's use of the expression "end-to-end encryption" is, however, wrong, as security researcher Simon Fondrie-Teitler pointed out in a blog post on Tuesday. By reading Kohler's privacy policy, it's clear that the company is referring to the type of encryption that secures data as it travels over the internet, known as TLS encryption -- the same that powers HTTPS websites. [...] The security researcher also pointed out that given Kohler can access customers' data on its servers, it's possible Kohler is using customers' bowl pictures to train AI. Citing another response from the company representative, the researcher was told that Kohler's "algorithms are trained on de-identified data only." A "privacy contact" from Kohler said that user data is "encrypted at rest, when it's stored on the user's mobile phone, toilet attachment, and on our systems." The company also said that, "data in transit is also encrypted end-to-end, as it travels between the user's devices and our systems, where it is decrypted and processed to provide our service."
Read more of this story at Slashdot.
- Top Journal Retracts Study Predicting Catastrophic Climate Toll
Nature has retracted a headline-grabbing climate-economics study after critics found flawed data that massively inflated its predicted global economic collapse. The New York Times reports: The decision came after a team of economists noticed problems with the data for one country, Uzbekistan, that significantly skewed the results. If Uzbekistan were excluded, they found, the damages would look similar to earlier research (PDF). Instead of a 62 percent decline in economic output by 2100 in a world where carbon emissions continue unabated, global output would be reduced by 23 percent. Of course, erasing more than 20 percent of the world's economic activity would still be a devastating blow to human welfare. The paper's detractors emphasize that climate change is a major threat, as recent meta analyses have found, and that more should be done to address it -- but, they say, unusual results should be treated skeptically. "Most people for the last decade have thought that a 20 percent reduction in 2100 was an insanely large number," said Solomon Hsiang, a professor of global environmental policy at Stanford University who co-wrote the critique published in August. "So the fact that this paper is coming out saying 60 percent is off the chart."
Read more of this story at Slashdot.
- Amazon keeps the pressure on Intel, AMD with 192-core Graviton5 CPU
The homegrown chips now account for half of all new CPUs added to AWS over the past three years
re:invent Amazon on Thursday unveiled Graviton5, its densest, highest performance CPU yet, cramming 192 processor cores into a single socket and promising new levels of AWS performance.…
- Hegseth needs to go to secure messaging school, report says
He's not alone: DoD inspector general says the whole Defense Department has a messaging security problem
US Defense Secretary Pete Hegseth definitely broke the rules when he sent sensitive information to a Signal chat group, say Pentagon auditors, but he's not the only one using insecure messaging, and everyone needs better training.…
- Twins who hacked State Dept hired to work for gov again, now charged with deleting databases
And then they asked an AI to help cover their tracks
Vetting staff who handle sensitive government systems is wise, and so is cutting off their access the moment they're fired. Prosecutors say a federal contractor learned this the hard way when twin brothers previously convicted of hacking-related offenses allegedly used lingering access to delete nearly 100 government databases, including systems tied to Homeland Security and other agencies, within minutes of being terminated.…
- We'll beat China to the Moon, NASA nominee declares
Isaacman: 'We can never accept a gap in our capabilities again'
The US must return astronauts to the Moon before China mounts its first crewed landing there, NASA administrator nominee Jared Isaacman predicted on Wednesday. He also vowed that the country will not endure another gap in its human-spaceflight capabilities as the International Space Station approaches retirement.…
- Server prices set to jump 15% as memory costs spike
Major OEMs are plotting double-digit hikes as DRAM and NAND shortages bite
Exclusive Server and PC prices are climbing sharply as hardware manufacturers grapple with soaring memory component costs, multiple supply chain sources have told The Register.…
- Snowflake jumps on agentic AI train with Anthropic tie-up
$200M deal brings Claude into data cloud, yet its touted â€90%+’ accuracy needs human oversight
Anthropic and Snowflake announced a deal that will allow the deployment of AI agents capable of complex, multi-step analysis inside Snowflake's governed data environments.…
- Sorry, but your glitchy connection might have cost you that job
Technical problems on video calls can cause uncanniness, which influences real-world decisions
If you didn't get your dream job, you might be able to blame your internet provider. Technical glitches on video calls in healthcare, job interviews, and parole hearings can affect real-world decisions, a study has found. The researchers suggest new technologies may even be making the problem worse.…
- EU probes Meta after WhatsApp kicked rival AIs off platform
OpenAI and Microsoft yank their chatbots, telling millions of users to head elsewhere
The European Commission has opened an antitrust probe into Meta after WhatsApp rewrote its rules to block rival AI chatbots including OpenAI's ChatGPT and Microsoft's Copilot.…
- Palantir wants to set the juice loose with new AI power initiative
Nvidia is along for the ride with chips to offer, naturally
Palantir has always been a company marked by ambition, and it's embarking on what might be its most ambitious project yet with Chain Reaction, a new multi-industry, AI-powered software suite designed to eliminate energy bottlenecks for datacenters.…
- Logitech chief says ill-conceived gadgets put the AI in FAIL
Just ignore all the ways the peripherals biz uses AI itself
Logitech's CEO says that AI-powered devices are a solution looking for a problem, despite being a strong proponent of AI and her firm pushing out exactly the kind of thing she's talking about.…
- Datacenters that don't have their own power supplies will fail
It's time to ask your bit barn provider how they'll keep the lights on, and what their plans mean for prices
Availability of energy will determine the prices charged by datacenter operators, who won’t be viable unless they generate some of their own juice.…
- Rust core library partly polished for industrial safety spec
Ferrous Systems achieves IEC 61508 (SIL 2) certification for systems that demand reliability
Memory-safe Rust code can now be more broadly applied in devices that require electronic system safety, at least as measured by International Electrotechnical Commission (IEC) standards.…
- Micron ditches consumer memory brand Crucial to chase AI riches
First AI came for our jobs. Now, our memory?
The lure of AI spending was too much for Micron to ignore. On Wednesday, the US chipmaker announced it's abandoning its Crucial memory and storage lineup to bolster its supply of enterprise-focused chips, including those used in AI systems.…
- John Henry still leading the race vs AI in customer service
Gartner found only 20% of customer service leaders have cut human agents because of AI
The world’s smallest digital violin is playing for AI chatbots, which are having a hard time elbowing out their human counterparts for jobs in customer service, according to a Gartner study.…
- Lawyer's 6-year-old son uses AI to build copyright infringement generator
Rights holders had better buckle up for years of legal wrangling, IP lawyer tells The Reg
You don't have to be smarter than a fifth grader (or even a first grader) to commit potential copyright infringement using AI tools. One IP attorney watched over the weekend as his young son built a bedtime story generator that used copyrighted characters without permission. …
- MAGA cognoscenti warn feds away from shielding AI infringers
Letting AI firms train on copyrighted data will end up helping China, conservative groups argue
A group of conservatives allied with President Donald Trump's MAGA movement, including former Trump strategist Steve Bannon, has asked the Justice Department and the White House to stop protecting Big Tech against copyright claims.…
- China's reusable rocket makes it to orbit but fails to stick the landing
An â€anomaly’ meant a fireball arrived at the recovery zone instead of a spent first stage
There's good news and bad news for the Chinese commercial launch industry. The good news is that LandSpace's ZhuQue-3 launched successfully on its maiden flight. The bad news is that a hoped-for recovery of the first stage ended in a fireball.…
- Microsoft sharpens the blocking axe for Exchange Web Services
Starting in March, Frontline Worker and Kiosk–only mailboxes lose EWS access
Microsoft is getting serious about the end of Exchange Web Services (EWS) and has announced that, starting in March 2026, it will begin blocking EWS access to mailboxes without license rights.…
- HPE positions Morpheus stack as enterprise alternative to VMware
IT giant touts unified management, stretched clusters, and AI-ready networking at Discover Barcelona
HPE is laying out its enterprise stall with enhancements to its GreenLake hybrid cloud portfolio, while converging its Aruba and Juniper networking to offer customers AIOps across both, plus high-speed connectivity for AI processing.…
- ISS hits rare full house as all eight docking ports ocupado
Russian vehicles will depart soon, but Baikonur launchpad damage clouds future arrivals
Updated NASA confirmed this week that for the first time, all eight of the International Space Station's docking ports are currently occupied – four by Russian vehicles.…
- Newly launched civil service pension portal from Capita is crapita, users report
Awarded a ÂŁ239M contract, outsourcer apologizes for any inconvenience to 1.5M members
Updated Pension scheme members are facing a string of errors and malfunctions as they try to log into and retrieve account details from the UK's civil service portal the government is paying Capita £239 million ($318 million) to build and run.…
- Pat Gelsinger's EUV lithography gig gets $150M wink from Uncle Sam
Commerce Department wants equity in xLight as it backs a free-electron laser to challenge ASML
The US Department of Commerce has signed a preliminary letter of intent to provide up to $150 million to xLight, a Palo Alto-based startup led by former Intel chief Pat Gelsinger, that is working on extreme ultraviolet (EUV) lithography.…
- Amazon is forging a walled garden for enterprise AI
AWS Chief Matt Garman lays out his vision bringing artificial intelligence to the enterprise
Re:Invent Amazon wants to make AI meaningful to enterprises, and it’s building yet another walled garden disguised as an easy button to do it.…
- AWS offers AI-in-a-box for enterprise datacenters
If sovereignty or on-prem AI matters, the new AI Factories could be for you
re:invent Many businesses and government agencies require that all sensitive data stay on-premises for legal or security reasons. If those orgs want to work with AI, they can't rely on regular public clouds, but now they can let AWS build and manage AI hardware and software in their datacenters.…
- University of Pennsylvania joins list of victims from Clop's Oracle EBS raid
Ivy League school warns more than 1,400 people after attackers siphon data via zero-day
The University of Pennsylvania has become the latest victim of Clop's smash-and-grab spree against Oracle's E-Business Suite (EBS) customers, with the Ivy League school now warning more than a thousand individuals that their personal data was siphoned from its systems.…
- HPE backs AMD's Helios AI rack with Juniper's scale-up switch
Hardware bundle ties next-gen accelerators to an Ethernet fabric arriving in 2026
HPE is throwing its weight behind AMD's Helios rack-scale architecture and will offer this as part of its AI portfolio next year, including a purpose-built Juniper Networks scale-up switch.…
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
- Xen 4.19 is released
Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
The post Xen 4.19 is released appeared first on Linux.com.
- Advancing Xen on RISC-V: key updates
At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]
The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.
- Linux 6.19 GPU Driver Features: Color Pipeline API, Intel Xe3P, AMDGPU For GCN 1.0/1.1
The big set of kernel graphics driver features were merged today for the Linux 6.19 kernel. As usual there is a lot of new feature work on the AMD Radeon, Intel, and NVIDIA graphics drivers plus the smaller Arm/embedded graphics like now having initial Qualcomm Gen8 GPU support. Plus the growing number of accelerator "accel" drivers for NPUs / AI accelerators...
- NVIDIA Releases CUDA 13.1 With New "CUDA Tile" Programming Model
NVIDIA just released CUDA 13.1 for what they claim is "the largest and most comprehensive update to the CUDA platform since it was invented two decades ago." The most notable addition with the CUDA 13.1 release is CUDA Tile as a new tile-based programming model...
- FreeBSD 15.0 Benchmarks Versus FreeBSD 14.3 On AMD EPYC
This week brought the official release of FreeBSD 15.0 as the latest major update to this BSD operating system. In being eager to test out this new FreeBSD release, for this first round of FreeBSD 15.0 benchmarking is seeing how it compares to the former FreeBSD 14.3 release on a Supermicro + AMD EPYC Turin server.
- Rust-Written Redox OS Sees Initial Wayland Port
Developers behind Redox OS, the original open-source operating system written from scratch in the Rust programming language, have ported Wayland to it with initially getting the Smallvil Wayland compositor up and running along with the Smithay framework and the Wayland version of the GTK toolkit...
- Zlib-rs 0.5.3 Expands AVX-512 Usage For Faster Performance
The Trifecta Tech Foundation today released zlib-rs 0.5.3 as the newest version of this Zlib implementation written in the Rust programming language for better memory safety. Zlib-rs is advertised as "a safer Zlib" for use by both C and Rust projects while delivering competitive performance to the C-based zlib-ng...
- Linux 6.19 Goes Ahead And Enables Microsoft C Extensions Support
Last month I reported on Linux 6.19 looking to enable Microsoft C Extensions support throughout the Linux kernel with setting the -fms-extensions compiler option to allow Microsoft C Extensions when building the kernel. Linus Torvalds today merged that support without objections...
- Intel9s Open-Source Linux Graphics Driver Delivered Significant Improvements In 2025
Last week I provided a look at how Intel9s GPU compute performance on Battlemage evolved in 2025. In today9s article is a similar Intel Arc A-Series "Alchemist" and B-Series "Battlemage" look at how the OpenGL and Vulkan graphics performance has evolved over the past year. Simply put, the open-source Intel Linux graphics driver stack has evolved immensely this year... Not just for Vulkan but even the OpenGL support continues moving in the right direction too.
- Fedora 44 Cleared To Replace Kernel Console With User-Space KMSCON
A proposal was raised a month ago for Fedora Linux 44 to replace the kernel's frame-buffer console "FBCON" with KMSCON in user-space. The Fedora Engineering and Steering Committee (FESCo) has now granted approval for making this change in Fedora 44 as part of a larger foal to eventually deprecate FBCON/FBDEV emulation in the kernel...
- Scoped User Access In Linux 6.19 To Reduce Speculation Barriers & Its Performance Hit
Merged yesterday to the Linux 6.19 Git codebase was the "core/uaccess" pull that introduces new scoped user-mode access with auto-cleanup functionality. This can reduce the number of speculation barriers encountered when needing to access user-mode memory and thereby avoiding some of the performance penalties incurred by speculation barriers...
- AES-GCM Optimizations Land In Linux 6.19 - Benefiting AMD Zen 3, AVX-512 CPUs Too
Google engineer Eric Biggers who is known for his many Linux crypto subsystem performance optimizations has seen his latest pull requests land in Linux 6.19. Notable among them are some AES-GCM optimizations benefiting AMD Zen 3 processors and separately AVX-512 processors also benefit too from this latest round of optimization work...
- Linux 6.19 Merges "klp-build" As New Livepatch Module Generation Solution
Merged as part of the objtool changes for the Linux 6.19 kernel is introducing the "klp-build" script as a new solution to generate livepatch modules using a source .patch file as the input. This klp-build effort was spearheaded by Josh Poimboeuf with ideas learned from the out-of-tree Kpatch project over the past decade...
- Microsoft drops AI sales targets in half after salespeople miss their quotas
Microsoft has lowered sales growth targets for its AI agent products after many salespeople missed their quotas in the fiscal year ending in June, according to a report Wednesday from The Information. The adjustment is reportedly unusual for Microsoft, and it comes after the company missed a number of ambitious sales goals for its AI offerings. ↫ Benj Edwards at Ars Technica I�m sure this is fine and not a sign of anything at all.
- On recreating the lost SDK for a 42-year-old operating system: VisiCorp VisiOn
I would think most of us here at OSNews are aware of VisiOn, the graphical multitasking operating system for the IBM PC which was one of the first operating systems with a graphical user interface, predating Windows, GEM, the Mac, and even the Apple Lisa. While VisiOn was technically an open! platform anybody could develop an application for, the operating system�s SDK cost $7000 at the time and required a VAX system. This, combined with VisiOn failing in the market, means nobody knows how to develop an application for it. Until now. Over the past few months, Nina Kalinina painstakingly unraveled VisiOn so that she she could recreate the SDK from scratch. In turn, this allowed developer Atsuko to develop a clean-room application for VisiOn � which is most likely the very first third-party application ever developed and released for VisiOn. I�ve been following along with the pains Kalinina had to go through for this endeavour over on Fedi, and it sure was a wild ride few would be willing (and capable) to undertake. It took me a month of working 1-2 hours a day to produce a specification that allowed Atsuko to implement a`clean-room`homebrew application for VisiOn that is capable of bitmap display, menus and mouse handling. If you�re wondering what it felt like: this project is the largest Sudoku puzzle! I have ever tried to solve. In this note, I have tried to explain the process of solving this puzzle, as well as noteworthy things about VisiOn and its internals. ↫ Nina Kalinina The article contains both a detailed look at VisiOn, as well as the full process of recreating its SDK and developing an application with it. Near the end of the article, after going over all the work that was required to get here, there�s a sobering clarification: This reverse-engineering project ended up being much bigger than I anticipated. We have a working application, yes, but so far I�ve documented less than 10% of all the VisiHost and VisiOp calls. We still don�t know how to implement keyboard input, or how to work with timers and background processes (if it is possible). ↫ Nina Kalinina I�d love for more people to be interested in helping this effort out, as it�s not just an extremely difficult challenge, but also a massive contribution to software preservation. VisiOn may not be more than a small footnote in computing history, but it still deserves to be remembered and understood, and Kalinina and Atsuko have done an amazing amount of legwork for whomever wants to pick this up, too.
- Google is experimentally replacing news headlines with AI clickbait nonsense
Did you know that BG3 players exploit children? Are you aware that Qi2 slows older Pixels? If we wrote those misleading headlines, readers would rip us a new one — but Google is experimentally beginning to replace the original headlines on stories it serves with AI nonsense like that. ↫ Sean Hollister at The Verge I�m a little teapot, short and stout. Here is my handle, here is my spout. When I get all steamed up, hear me shout. Tip me over and pour me out!
- Micron is ending its consumer RAM business because of AI!
You may have noticed that due to AI! companies buying up all literally all the RAM in the world, prices for consumer RAM and SSDs have gone completely batshit insane. Well, it�s only going to get worse, since Micron has announced it�s going to exit the market for consumer RAM and is, therefore, retiring its Crucial brand. The reason? You know the reason. “The AI-driven growth in the data center has led to a surge in demand for memory and storage. Micron has made the difficult decision to exit the Crucial consumer business in order to improve supply and support for our larger, strategic customers in faster-growing segments,” said Sumit Sadana, EVP and Chief Business Officer at Micron Technology. ↫ Micron�s press release First it was the crypto pyramid scheme, and now it�s the AI! pyramid scheme. These MLMs for unimpressive white males who couldn�t imagine themselves out of a wet paper bag are ruining not just the environment, software, and soon the world�s economy when the bubble pops, but are now also making it extraordinarily expensive to buy some RAM or a bit of storage. Literally nothing good is coming from these techbro equivalents of Harlequin romance novels, and yet, we�re forced to pretend they�re the next coming of the railroads every time some guy who was voted most likely to die a middle manager at Albertsons in Casper, Wyoming, farts his idea out on a napkin. I am so tired.
- Redox takes first baby steps towards a modesetting driver for Intel graphics
An exciting tidbit of news from Redox, the Rust-based operating system. Its founder and lead developer Jeremy Soller has merged the first changes for a modesetting driver for Intel graphics. After a few nights of reading through thousands of pages of PRMs I have finally implemented a modesetting driver for Intel HD graphics on Redox OS. There is much more to do, but there is now a clear path to native hardware accelerated graphics! ↫ Jeremy Soller Of course, all the usual disclaimers apply, but it�s an important first step, and once again underlines that Redox is turning into a very solid platform that might just be on the cusp of becoming something we can use every day.
- MacOS: losing confidence
It�s always a bit sad and a little awkward when reality starts hitting long-time fans and users of an operating system, isn�t it? I feel like I�m at least fifteen years ahead of everyone else when it comes to macOS, at least. Over the last few weeks I’ve been`discovering problems`that have been eroding confidence in macOS. From text files that simply won’t show up in Spotlight search, to Clock timers that are blank and don’t function, there’s one common feature: macOS encounters an error or fault, but doesn’t report that to the user, instead just burying it deep in the log. When you can spare the time, the next step is to contact Apple Support, who seem equally puzzled. You’re eventually advised to reinstall macOS or, in the worst case, to wipe a fairly new Apple silicon Mac and restore it in DFU mode, but have no reason to believe that will stop the problem from recurring. You know that Apple Support doesn’t understand what’s going wrong, and despite the involvement of support engineers, they seem as perplexed as you. ↫ Howard Oakley I remember when Mac OS X was so far ahead of the competition it was honestly a little tragic. Around the late PowerPC and very early Intel days, when the iPhone hadn�t yet had the impact on the company it has now, the Mac and its operating system were the star of the company�s show, and you felt it when you used it. Even though the late PowerPC hardware was being outpaced left, right, and centre by Intel and AMD hardware in virtually every sense, Mac OS X more than made up for it being being a carefully and lovingly crafted operating system designed and developed by people who clearly deeply cared. I used nothing but Macs as a result. These days, everything�s reversed. By all accounts, Macs are doing amazing hardware-wise, with efficient, powerful processors and solid design. The operating system, however, has become a complete and utter mess, showing us that no, merely having great hardware does not make up for shit software in the same way the reverse was true two decades ago. I�d rather use a slower, hotter laptop with great software than a faster, cooler laptop with terrible software. I�m not sure we�re going to see this trend reversed any time soon. Apple, too, is chasing the dragon, and everything the company does is designed around their cash cow, and I just don�t see how that�s going to change without a complete overhaul of the company�s leadership.
- Why is running Linux on a RiscPC so hard?
What if you have a Risc PC, but aside from RISC OS, you also want to run Linux? Well, then you have to jump through a lot of hoops, especially in 2025. Well, this was a mess. I don�t know why Potato is so crashy when I install it. I don�t know why the busybox binary in the Woody initrd is so broken. But I�ve got it installed, and now I can do circa-2004 UNIX things with a machine from 1994. ↫ Jonathan Pallant The journey is definitely the most rewarding experience here for us readers, but I�m fairly sure Pallant is just happy to have a working Linux installation on his Risc PC and wants to mostly forget about that journey. Still, reading about the Risc PC is very welcome, since it�s one of those platforms you just don�t hear about very often between everyone talking about classic Macs and Commodore 64s all the time.
- A vector graphics workstation from the 70s
OK I promised computers, so let’s move to the Tek 4051 I got! Released in 1975, this was based on the 4010 series of terminals, but with a Motorola 6800 computer inside. This machine ran, like so many at the time, BASIC, but with extra subroutines for drawing and manipulating vector graphics. 8KB RAM was standard, but up to 32KB RAM could be installed. Extra software was installed via ROM modules in the back, for example to add DSP routines. Data could be saved on tape, and via RS232 and GBIP external devices could be attached! All in all, a pretty capable machine, especially in 1975. BASIC computers where getting common, but graphics was pretty new. According to Tektronix the 4051 was ideal for researches, analysts and physicians, and this could be yours for the low low price of 6 grand, or around $36.000 in 2025. I could not find sales figures, but it seems that this was a decently successful machine. Tektronix also made the 4052, with a faster CPU, and the 4054, a 19″ 4K resolution behemoth! Tektronix continued making workstations until the 90s but like almost all workstations of the era, x86/Linux eventually took over the entire workstation market. ↫ Rik te Winkel at Just another electronics blog Now that�s a retro computer you don�t see very often.
- FreeBSD 15.0 released with pkgbase
The FreeBSD team has released FreeBSD 15.0, and with it come several major changes, one of which you will surely want to know more about if you�re a FreeBSD user. Since this change will eventually drastically change the way you use FreeBSD, we should get right into it. Up until now, a full, system-wide update for FreeBSD � as in, updating both the base operating system as well as any packages you have installed on top of it � would use two separate tools: freebsd-update and the pkg package manager. You used the former to update the base operating system, which was installed as file sets, and the latter to update everything you had installed on top of it in the form of packages. With FreeBSD 15.0, this is starting to change. Instead of using two separate tools, in 15.0 you can opt to deprecate freebsd-update and file sets, and rely entirely on pkg for updating both the base operating system as well as any packages you have installed, because with this new method, the base system moves from file sets to packages. When installing FreeBSD 15.0, the installer will ask you to choose between the old method, or the new pkg-only method. Packages (pkgbase / New Method): The base system is installed as a set of packages from the FreeBSD-base! repository. Systems installed this way are managed entirely using the pkg(8) tool. This method is used by default for all VM images and images published in public clouds. In FreeBSD 15.0, pkgbase is offered as a technology preview, but it is expected to become the standard method for managing base system installations and upgrades in future releases. ↫ FreeBSD 15.0 release announcement As the release announcement notes, the net method is optional in FreeBSD 15 and will remain optional during the entire 15.x release cycle, but the plan is to deprecate freebsd-update and file sets entirely in FreeBSD 16.0. If you have an existing installation you wish to convert to using pkgbase, there�s a tool called pkgbasify to do just that. It�s sponsored by the FreeBSD Foundation, so it�s not some random script. Of course, there�s way more in this release than just pkgbase. Of note is that the 32bit platforms i386, armv6, and 32-bit powerpc have been retired, but of course, 32bit code will continue to run on their 64bit counterparts. FreeBSD 15.0 also brings a native inotify implementation, a ton of improvements to the audio components, improved Intel Wi-Fi drivers, and so, so much more.
- Windows drive letters are not limited to A-Z
On its own, the title of this post is just a true piece of trivia, verifiable with`the built-in`subst`tool`(among other methods). Here�s an example creating the drive +:\ as an alias for a directory at C:\foo: The +:\ drive then works as normal (at least in cmd.exe, this will be discussed more later): However, understanding why it�s true elucidates a lot about how Windows works under the hood, and turns up a few curious behaviors. ↫ Ryan Liptak Fascinating doesn�t even begin to describe this article, but at the same time, it also makes me wonder at what point maintaining this drive letter charade becomes too burdensome, clunky, and complex. Internally, Windows NT does not use drive letters at all, but for the sake of backwards compatibility and to give the user what they expect, a whole set of abstractions has been crafted to create the illusion that modern versions of Windows still use the same basic drive letter conventions as DOS did 40 years ago. I wonder if we�ll ever reach a point where Windows no longer uses drive letters, or if it�s possible today to somehow remove or disable these abstractions entirely, and run Windows NT without drive letters, as Cutler surely intended. Vast swaths of Windows programs would surely curl up in fetal position and die, including many core components of the operating system itself � as this article demonstrates, very few parts of Windows can handle even something as mundane as a drive letter outside of A-Z � but it�d make for a great experiment. Someone with just the right set of Windows NT skills must�ve tried something like this at some point, either publicly or inside of Microsoft.
- Migrating Dillo away from GitHub
What do you do if you develop a lightweight browser that doesn�t support JavaScript, but you once chose GitHub as the home for your code? You�re now in the unenviable position that your own browser can no longer access your own online source repository because it requires JavaScript, which is both annoying and, well, a little awkward. The solution is, of course, obvious: you move somewhere else. That�s exactly what the Dillo browser did. They set up a small VPS, opted for cgit as the git frontend for its performance and small size, and for the bug tracker, they created a brand new, very simple bug tracker. To avoid this problem, I created my own bug tracker software, buggy, which is a very simple C tool that parses plain Markdown files and creates a single HTML page for each bug. All bugs are stored in a git repository and a git hook regenerates the bug pages and the index on each new commit. As it is simply plain text, I can edit the bugs locally and only push them to the remote when I have Internet back, so it works nice offline. Also, as the output is just an static HTML site, I don�t need to worry about having any vulnerabilities in my code, as it will only run at build time. ↫ Rodrigo Arias Mallo There�s more considerations detailed in the article about Dillo�s migration, and it can serve as inspiration for anyone else running a small open source project who wishes to leave GitHub behind. With GitHub�s continuing to add more and more complexity and AI! to separate open source code from its licensing terms, we may see more and more projects giving GitHub the finger.
- Landlock-ing Linux
Landlock is a Linux API that lets applications explicitly declare which resources they are allowed to access. Its philosophy is similar to OpenBSD’s`unveil()`and (less so)`pledge(): programs can make a contract with the kernel stating, “I only need these files or resources — deny me everything else if I’m compromised.” It provides a simple, developer-friendly way to add defense-in-depth to applications. Compared to traditional Linux security mechanisms, Landlock is vastly easier to understand and integrate. This post is meant to be an accessible introduction, and hopefully persuade you to give Landlock a try. ↫ prizrak.me blog I had no idea this existed, even though it seems to plug a hole in the security and sandboxing landscape on Linux by not requiring any privileges and by being relatively simple and straightforward to use. There�s even an additional supervisor! proposal that would bring Android-like permissions not just to, say, desktop applications (see Flatpak), but to every process trying to access anything for the first time. I�m not knowledgeable enough to make any statements about Landlock compared to any other options we have for securing desktop Linux in a user-friendly, non-intrusive manner, but I definitely like its simplicity.
- System 7 natively boots on the Mac Mini G4
Only a few weeks ago, the CHRP variants of Mac OS 7.6 and 8 were discovered and uploaded to the internet for posterity, but we�re already seeing the positive results of this event unfold: Mac OS 7.x can now run on the Mac Mini G4 � natively. The very short of it is as follows. First, the CHRP release of Mac OS 8 contains a ROM file that allows Mac OS 8 to boot on the G4 Mac Mini. Second, the CHRP release of 7.6 contains a System Enabler that allows 7.6 earlier versions to run by using the aforementioned ROM file. Third, the ROM has been modified to add compatibility with as many Mac models as possible. There�s a lot more to it, of course, but the end result is that quite a few more older, pre-9.x versions of Mac OS can now run on G4 and G3 Macs, which is quite cool. Of course, there are limitations. Note that, although I describe many of these as stable!, I mean you can use much of it normally (sound/video/networking aside) without it crashing or misbehaving, at least not too hard, but that is not to say everything works, because that is just not the case. For example, when present, avoid opening the Apple System Profiler, unless you want a massive crash as it struggles trying to profile and gather all the information about your system. Some other apps or Control Panels might either not work, or work up to a certain point, after which they might freeze, requiring you to Force Quit the Finder to keep on going. And so on. ↫ Jubadub at Mac OS 9 Lives Issues or no, this is amazing news, and great work by all involved.
- Genode OS Framework 25.11 released
The release 25.11 wraps up our year of rigidity, clarity, performance! with a bouquet of vast under-the-hood improvements. Genode�s custom kernel received special tuning of its new CPU scheduler for Sculpt-OS workloads, and became much more scalable with respect to virtual-memory management. Combined, those efforts visibly boost the performance of Sculpt OS on performance-starved hardware like the PinePhone or the i.MX8-based MNT Reform laptop. On account of improving clarity, our new configuration format � now named human-inclined data (HID) � proliferates throughout Genode�s tooling. We are also happy to report that almost all Genode components have become interoperable with both XML and HID by now. ↫ Genode OS Framework 25.11 release notes The Genode Framework 25.11 also brings a major change to how important shared components that aren�t strictly part of the framework are handled, such as ports like libSDL, sqlite, or gnutls. Before, these could only be built with the Genode build system, which was suboptimal because this isn�t designed for building individual components. Several changes have been made to now enable the use of multiple build systems and the Goa SDK, which should make it a lot easier to these crucial components to become the responsibility of wider parts of the community. There�s way more, of course, such as the usual driver improvements, including the addition of support for serial-to-USB adapters.
- Dell: about 1 billion PCs will not or cannot be upgraded to Windows 11
During a Dell earnings call, the company mentioned some staggering numbers regarding the amount of PCs that will not or cannot be upgraded to Windows 11. “We have about 500 million of them capable of running Windows 11 that haven’t been upgraded,” said Dell COO Jeffrey Clarke on a Q3 earnings call earlier this week, referring to the overall PC market, not just Dell’s slice of machines. “And we have another 500 million that are four years old that can’t run Windows 11.” He sees this as an opportunity to guide customers towards the latest Windows 11 machines and AI PCs, but warns that the PC market is going to be relatively flat next year. ↫ Tom Warren at The Verge The monumental scale of the Windows 10 install base that simply won�t or cannot upgrade to Windows 11 is massive, and it�s absolutely bonkers to me that we�re mostly just letting them get away with leaving at least a billion users out in the cold when it comes to security updates and bug fixes. The US government (in better times) and the EU should�ve 100% forced Microsoft�s hand, as leaving this many people on outdated, unsupported operating system installations is several disasters waiting to happen. Aside from the dangerous position Microsoft is forcing its Windows 10 users into, there�s also the massive environmental and public health impact of huge swaths of machines, especially in enterprise environments, becoming obsolete overnight. Many of these will end up in landfills, often shipped to third-world countries so we in the west don�t have to deal with our e-waste and its dangerous consequences directly. I can get fined for littering � rightfully so � but when a company like Microsoft makes sweeping decisions which cause untold amounts of dangerous chemicals to be dumped in countless locations all over the globe, governments shrug it off and move on. At least we will get some cheap eBay hardware out of it, I guess.
- CDE 2.5.3 released
So my love for the Common Desktop Environment isn�t exactly a secret, so let�s talk about the project�s latest release, CDE 2.5.3, released a few days ago. As the version number suggests, this first new version in two years is a rather minor release, containing only a few bug fixes. For instance, CDE�s window manager dtwm picked up support for more mouse buttons, its file manager dtfile now uses sh to find files instead of ksh, and a few more of these rather minor, but welcome, changes and bugfixes. Ever since CDE was released as open source over thirteen years ago, and while considerable work has been done to make it build, install, and run on modern platforms, that�s kind of where the steam ran out. CDE isn�t being actively developed to build upon its strengths and add new and welcome features and conveniences, but is instead kept in a sort of buildable stasis. There is absolutely nothing wrong with this � it keeps CDE accessible on modern platforms, and that�s a huge amount of work that deserves respect and gratitude � but it�d be nice if we lived in a world where there was enough interest (and time and money) to have people work on actually improving it. Of course, the reality is that there�d be very little interest in such an improved CDE, and that�s exactly why it isn�t happening. On top op the current work the CDE team is doing, you�d need to not only develop new features, but also improve the Motif toolkit to make such new features possible, and make sure such improvements don�t break anything else. With such an old codebase, that can�t possible be an easy task. Still, I will continue to daydream of a slightly more modernised CDE with some additional niceties we�ve come to expect over the past 30 years, even if I know full well it�s futile.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.Â
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.Â
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.Â
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.Â
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice website or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- KDE Unleashes Plasma 6.5
The Plasma 6.5 desktop environment is now available with new features, improvements, and the usual bug fixes.
- LMDE 7 Now Available
Linux Mint Debian Edition, version 7, has been officially released and is based on upstream Debian.
- Linux Kernel 6.16 Reaches EOL
Linux kernel 6.16 has reached its end of life, which means you'll need to upgrade to the next stable release, Linux kernel 6.17.
- Linux Kernel 6.17 is Available
Linus Torvalds has announced that the latest kernel has been released with plenty of core improvements and even more hardware support.
- Zorin OS 18 Beta Available for Testing
The latest release from the team behind Zorin OS is ready for public testing, and it includes plenty of improvements to make it more powerful, user-friendly, and productive.
|
