Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All/All+Images) (Single Column)

LWN.net

  • [$] An update on the scraper situation
    Our article "Fighting the AI scraper botscourge", published in early 2025, discussed the problem of widespreadscraping of web sites in search of training data for large language modelsand related projects. This activity overwhelms sites with traffic. Over ayear after that article is published, the problem is still growing. Thehammering of sites by shadowy actors has reached new heights, and the openweb is becoming increasingly difficult to maintain. Where is this trafficcoming from, and what can be done about it?


  • [$] QBE 1.3: metaprogramming, performance, and cross-platform support
    QBE, a compact compiler backend developed by Quentin Carbonneaux, is alightweight alternative to larger compiler backends such as LLVM and GCC.Designed to be small enough for a single developer to understand, QBE uses astatic single-assignment (SSA) intermediate representation (IR), supports the C ABI,and serves as the backend for projects such as Hare andthe cproc C11 compiler. Frontendsemit the textual form of QBE's IR directly; QBE then takes care of register allocation,optimization, and native-code generation, producing assembly for the targetarchitecture.


  • Security updates for Friday
    Security updates have been issued by AlmaLinux (aardvark-dns, cups, edk2, gstreamer1-plugins-bad-free, gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, kernel, libsolv, libtasn1, libxml2, nginx:1.24, nginx:1.26, oci-seccomp-bpf-hook, python-urllib3, and tomcat), Debian (rlottie), Fedora (c-ares, k9s, kind, libXfont2, nmap, pam, perl-DBI, php, python-pendulum, tmux, and xorg-x11-server-Xwayland), Mageia (7zip and ack), Slackware (tigervnc), SUSE (alloy, cargo-c, chromium, clamav, cosign, dirmngr, firefox, flannel, fluidsynth, gnutls, go1.25, go1.26, gol, GraphicsMagick, helm, kernel-devel, libaom, libexif, openQA, os-autoinst, python-Django, python-idna, python-sqlparse, rust-keylime, rustup, sccache, SUSE Manager Client Tools, SUSE_Multi-Linux_Manager Client Tools, transmission, and warewulf4), and Ubuntu (curl, expat, golang-go.crypto, libheif, libidn, libraw, libsoup2.4, linux, linux-azure-4.15, linux-azure-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle, linux-aws, linux-aws-fips, linux-azure-fips, linux-fips, linux-raspi, linux-xilinx-zynqmp, and python2.7, python3.5).


  • [$] Kitty chases the mouse
    Kitty is a terminalemulator thatruns on Linux, macOS, and the BSDs, which is notable for its speed and featuressuch as image support and advanced font handling. It is under active development; arecent major release adds anew level of mouse support. Here, we will look at some of those featuresand show how the program can also be used as platform fortext-based applications. Kitty is free software, releasedunder the GPLv3.


  • Rust 1.97.0 released
    Version1.97.0 of the Rust programming language has been released. Changesinclude using a new symbol-mangling scheme by default, support for denyingwarnings in Cargo, and an end to the practice of hiding the linker's outputafter a successful build.


  • Security updates for Thursday
    Security updates have been issued by AlmaLinux (389-ds-base, aardvark-dns, buildah, compat-openssl10, freeipmi, frr, gnutls, grafana, grafana-pcp, kernel, kernel-rt, libyang, nginx, openexr, pcs, perl-HTTP-Daemon, postgresql:18, python3.14-pip, skopeo, tomcat9, and wireshark), Debian (chromium and pgextwlist), Fedora (openssh, opkssh, perl-CSS-Minifier-XS, python-jiter, python-nh3, python-pendulum, rust-jiter, and upower), Mageia (openvpn and vips), Oracle (389-ds-base, aardvark-dns, compat-openssl10, container-tools:ol8, freeipmi, kernel, libyang, perl-HTTP-Daemon, python3.14-pip, and skopeo), Slackware (libXfont2, proftpd, and xorg-server), SUSE (alloy, apache2, apptainer, assimp, chromium, clamav, docker, docker-compose, dracut, glib-networking, go-sendxmpp, go1.26-openssl, gstreamer-plugins-good, haproxy, hauler, jackson-annotations, jackson-bom, jackson-core, jackson- databind, jackson-dataformats-binary, jackson-modules-base, jackson-parent, kernel, krb5, kubevirt, libslirp, libXfont2, mpv, libkpipewirerecord6, ffmpegthumbs-kf5, netty, netty-tcnative, openqa, os-autoinst, podman, python-maturin, python-msgpack, python313-yt-dlp, radare2, rust-keylime, systemd, systemd, systemd-mini, tomcat11, trivy, xorg-x11-server, and xwayland), and Ubuntu (apache2, clamav, linux-raspi, and mailcap).


  • [$] LWN.net Weekly Edition for July 9, 2026
    Inside this week's LWN.net Weekly Edition:
    Front: Cryptography API; Iomap explanation; Negative dentries; Faster RCUs and lockless allocation for BPF; Negative dentries; LLMs in memory-management code Briefs: Guix vulnerabilities; OpenSSH 10.4; trusted publishing; kernel archive; CalyxOS; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.


  • OpenMandriva: Statement regarding attempted distribution sabotage
    Over on the OpenMandrivaforum, the Linux distribution has reportedsabotage of its repositories by a disgruntled contributor withadministrative credentials. According to "AngryPenguin", an abusiveincident in a distribution Matrix chat led to a user being kicked out ofthe chat; that "triggered a cascade of events", which led to peopleresigning from the distribution. Eventually, one of those people usedtheir administrative privileges to delete part of the distribution's GitHubrepository and to "publish an empty package in the cookerrepository, which obsoleted all gnome and cosmic packages, which could havedamaged the systems of people using gnome or cosmic".We are currently working to restore the deleted repositories and restorethe functionality of the obsolete packages.
    [...] We performed a full system audit and, aside from the removedpackages, we found no other violations.


  • [$] Progress in modernizing kernel cryptography
    At the 2026 Linux Security Summit North America, Eric Biggers spoke aboutsome of the problems with the kernel's cryptography framework, as wellas the recent progress in adding library APIs to allow developers touse cryptographic functions without using the traditional cryptoAPI. He walked through a couple of examples to demonstrate thefrailty of the original API and showed how the new library API madelife easier for developers and kernel maintainers.


  • Security updates for Wednesday
    Security updates have been issued by AlmaLinux (container-tools:rhel8, kernel-rt, libreoffice, nodejs:22, nodejs:24, opentelemetry-collector, perl-HTTP-Daemon, and python-markdown), Debian (dpkg, imagemagick, and postfix), Fedora (betterleaks, docker-compose, firefox, helm, perl-Compress-Raw-Bzip2, perl-IO-Compress, perl-JavaScript-Minifier-XS, python-cramjam, python-fastar, python-pillow-jxl-plugin, python-rignore, and tor), Oracle (grafana, grafana-pcp, and ruby:4.0), Slackware (tftp), SUSE (gi-docgen, glibc, helm, helm3, json-c-devel, kubevirt-1.6, librpmbuild10, python313-dulwich, python313-lxml_html_clean, python313-openapi-spec-validator, and sdbootutil), and Ubuntu (ruby-addressable).


  • Woodruff: You shouldn't trust trusted publishing
    William Woodruff, better known online as "yossarian", has publisheda blog post to make the case that users should not place their trustin trustedpublishing:

    Trusted Publishing is a mechanism for establishing trust between anexternal machine identity (like a CI/CD workflow) and one or moreprojects on a package index/registry. The "trust" in "TrustedPublishing" refers to that trust relationship, and not to anythingelse.

    It is not, and cannot be, a signal for package trust orquality. You cannot use it to determine whether a package is safe or"good," and PyPI consciously stymies attempts to misuse it for thatpurpose by not rendering it as a "green checkmark" or anything else ofthe sort.

    Or as another framing: Trusted Publishing is just a form ofauthentication. It doesn't tell you anything other than that an uploadwas authenticated, which all uploads to PyPI are.

    LWN covered trustedpublishing in June.



  • [$] Faster RCUs and lockless memory allocation
    Puranjay Mohan shared some of thework he's been doing recently on improving theperformance of read-copy-update (RCU) at the 2026LinuxStorage, Filesystem, Memory-Management, and BPF Summit; his talk would havebeen nice context to have earlier in the day when Harry Yoo and AlexeiStarovoitov led a session about thenew kmalloc_nolock() function thatallows for lockless allocation from any kernel context, and which interacts withthe RCU subsystem to allow that. This article therefore covers the two sessionstogether and in the reverse order, to provide that missing context.


  • Security updates for Tuesday
    Security updates have been issued by AlmaLinux (nodejs22 and nodejs24), Fedora (clamav, hplip, kernel, kernel-headers, librabbitmq, mingw-expat, mir, perl-Imager, podman-tui, prometheus-podman-exporter, python-rpds-py, rust-ashpd, rust-busd, rust-gtk4-macros, rust-inferno, rust-quick-xml, rust-reqsign-aws-v4, rust-wayland-scanner, and sandogasa), Oracle (container-tools:rhel8, kernel, mariadb:10.11, mariadb:11.8, nginx, perl:5.32, php, php:7.4, rrdtool, ruby:2.5, ruby:3.3, ruby:4.0, and uek-kernel), Red Hat (kernel, opentelemetry-collector, and python-urllib3), Slackware (c-ares and openssh), SUSE (bind, chromedriver, cryptsetup, s390-tools, dnsmasq, jackson-annotations, jackson-core, jackson-databind, lcms2, pacemaker, perl-Cpanel-JSON-XS, perl-Crypt-SaltedHash, postfix, and python-mistune), and Ubuntu (gnutls28, gzip, openssh, php7.0, python-parsl, python3.10, python3.12, python3.14, request-tracker5, socat, sogo, and tar).


  • OpenSSH 10.4 released
    OpenSSH 10.4 has been released. In addition to a number of securityand bug fixes, there are a few notable changes; this release addsexperimental support for a composite post-quantum signature schemecombining ML-DSA 44 and Ed25519 as described in thisIETF draft. With 10.4, if OpenSSH is compiled with sandbox supportit will fail on Linux systems that have not enabled SECCOMPor NO_NEW_PRIVS; prior to this release, sshd would log an errorbut continue operation. See the release notes fora full list of changes.


  • [$] The kernel's iomap layer
    Conversations about the kernel's filesystem implementations often involve alayer called "iomap", but relatively few people can reliably say what iomapactually is. That is just the kind of gap that LWN exists to fill. Inshort, iomap handles the mapping between data in the filesystem space(identified by a file of interest, and an offset within that file) and inthe storage space (which may be a memory location, or a set of blocks on astorage device). Using that mapping, iomap handles a long list of common,filesystem-related tasks, allowing a lot of boilerplate code to be removedfrom individual filesystem implementations.



LXer Linux News







  • Azure Linux 4.0 Released: Microsoft Expands Its Enterprise Linux Platform Beyond the Cloud
    Microsoft has officially unveiled Azure Linux 4.0, the latest version of its open-source Linux distribution designed for cloud infrastructure, enterprise workloads, and modern data centers. Formerly known as CBL-Mariner, Azure Linux has powered Microsoft's internal cloud services for years, but version 4.0 marks its biggest evolution yet by becoming a general-purpose server operating system that organizations can deploy both inside and outside Azure.


  • LLVM Clang Merges Initial Support For NVIDIA Rigel Core With Next-Gen Rosa CPU
    Earlier this week NVIDIA confirmed some basic details around their next-gen Rosa CPU that succeeds Vera. Among the public confirmation was that it will feature a "Rigel" Armv9.2-A core iterating on their Olympus core design. With the basic details published, NVIDIA immediately introduced Rigel core support into the GCC compiler. Now they have also upstreamed their initial Rigel core enablement into the LLVM Clang compiler...



  • Graviton5 CPU Benchmarks: 30% Geo Mean Improvement Over Graviton4
    After originally announcing Graviton5 last December, recently AWS finally made the M9g and M9gd instances generally available as the first featuring these new in-house ARM server processors for the EC2 cloud. Graviton5 makes use of Arm Neoverse-V3 cores compared to Neoverse-V2 with Graviton4, support up to 192 cores, and feature a higher 3.3GHz clock speed compared to 2.8GHz on the prior-generation Graviton CPUs. Here is an initial look at how the Graviton5 processor performs over Graviton4.






  • Pop!_OS Rolls Out Its "Frosted Glass" Desktop Style For COSMIC
    System76 developers have for the past number of weeks been working on developing a "frosted glass" appearance for the COSMIC desktop environment featured on their Pop!_OS Linux distribution. For Pop!_OS users this frosted glass feature is now available and will become more widespread for other Linux distributions once the next COSMIC release is formally tagged...




  • Proposed Linux Patch For A Brief Delay To Match PCI Spec Will Hopefully Address Some Bugs
    Going back to February there was a bug report around the xHCI controller dieing on resume from s2idle when using an AMD Ryzen AI Max+ "Strix Halo" Framework Desktop. In turn all USB devices behind the xHCI controller are lost on resume, but unbinding and binding the driver can restore the functionality without a reboot. After months of back and forth communication, it looks like a solution has been figured out and comes down to a nuance of the PCI spec with needing a brief wait...




Linux Insider"LinuxInsider"












Slashdot

  • Is the COSMIC Desktop Getting Better Than KDE and GNOME?
    "While KDE and GNOME dominate the landscape, a relative newcomer is starting to make waves with features other desktops still don't fully support," argues XDA Developers:Linux 7.0 was the first release of the kernel to officially support Rust, but COSMIC has been all-in on Rust since the very beginning, and COSMIC 1.1 finally stripped all the leftovers of C language from the desktop. It no longer has any traces of Nautilus (the GNOME file manager), and then there's now a COSMIC-native system monitor to replace the GNOME System Monitor, so you have even fewer chances of being afflicted by C-related problems. [The article calls COSMIC's system monitor "much better at showing detailed information about everything from processes to network and disk usage compared to the GNOME and KDE alternatives."] Stacking Windows As someone who used to love following Windows news, one of the most disheartening announcements was when Microsoft gave up on Sets, a feature that essentially turned every app window into a tab you could combine with other apps in the same window. I never thought I'd see that feature again, until COSMIC came along. Simply called "stacking", COSMIC has a feature that is exactly what Sets was supposed to be, though this time, you have more control. By default, apps still open in their proper, typical windows, with a title bar as you'd expect. But if you do want to combine multiple apps into one, you can right-click the title bar (or press Super + S) to enable stacking for that window. Then, simply drag another window over that one to start stacking them as tabs. This essentially gives you a whole new way to create "workspaces", as you can have a single window with all the tools you need, so you don't need to jump between different windows all the time, and you can keep a given window focused on a specific workload, but have multiple apps within it. It's a great reminder of what Microsoft took from us, too. Tiling, But On Demand Tiling windows is one of those features some power users simply love, and yes, there are ways to make it happen on KDE and GNOME with third-party apps or extensions, but those aren't ideal. It's an extra step to set them up, and very often they don't play nice with all the features those desktops offer, especially as new updates come out and those tools may have a hard time keeping up with the development of the desktops themselves. COSMIC is fantastic because not only does it have built-in window tiling, it's entirely controllable by the user. You can set any workspace to use tiling or floating windows depending on your preference, all completely independent of each other, and you can also choose the new default behavior for new workspaces so things are always tuned to your preferences. You can turn tiling on or off for a given workspace easily, and of course, even while tiling is on, you can allow certain apps to ignore it and still float above others. Not all these capabilities are exclusive to COSMIC, but to have this kind of feature built in with this level of control is still leagues better than anything KDE or GNOME offer in this regard. The article argues COSMIC also makes customization extremely simple without stifling your options (like tweaking color options for your desktop). "This desktop environment just keeps getting better, and it's quickly establishing itself as a major competitor to long-standing alternatives."


    Read more of this story at Slashdot.


  • AI-driven Datacenter Builds Increased Microsoft's Emissions 25% In One Year
    Microsoft released its 2026 Environmental Sustainability Report showing that last year it matched its entire electricity consumption with renewable energy, reports The Register."The bad news is it also increased greenhouse gas (GHG) emissions by 25%" — mostly due to datacenter construction and a decision to stop purchasing some renewable energy certificates:In 2020, Microsoft set itself the goal of becoming "carbon-negative" by 2030. Its own figures show emissions heading only upwards, from 13 million tons of CO2 equivalent in 2020, to 20 million tons in 2025. However, Microsoft estimates that without the carbon reduction initiatives it has already put in place, emissions would now stand at 34 million tons... For the first time, Microsoft claims to have replenished more [water] than it withdrew during 2025, returning 14,278 million liters (3,771 million gallons). Elsewhere, the corporation says its Circular Centers program reused 92% of decommissioned servers and their components.


    Read more of this story at Slashdot.


  • Id Co-founders Carmack and Romero Respond to Microsoft's Layoffs
    "I have been trying to find something meaningful to say about the Id Software layoffs," John Carmack posted Thursday to his 2.8 million followers on X.com:My "Microsoft will probably be a good steward of the brand" statement isn't aging well, and this is certainly going to dampen the mood of the founder reunion at QuakeCon next month. I'm saddened, but I can't muster anger or outrage over it. I don't have access to the books, but I suspect that Id Software was a marginal business from Microsoft's perspective. I believe the reports that Minecraft revenues have been carrying several other studios. To continue being produced long term, games need to succeed, not just be beloved. Games are competing with every other option for spending your leisure time and money, and the competition is brutal. You can't rule out the possibility that executives are idiots, but that shouldn't be your default belief. I don't think there is any obvious path that would have doubled the revenue from Id games. Could they have gotten more with a different pricing strategy? Could they have created more things for fans to buy? Could they have cost effectively marketed in a way that reached more players that would have loved and bought the games? Could they have changed the game designs and broadened the appeal to more players without alienating existing ones? Could they have produced the games at a lower cost, faster or cheaper? I really don't know. The game isn't over yet, and I hope the studio rallies through. Id Software co-founder John Romero also shared his thoughts on X.com:I'm so sorry for everyone at id Software affected by these layoffs. I know what it feels like to leave id while id goes on. It's a strange and painful thing to step away from a place that holds so much of your work, friendships and history. The people at id have done a great job moving that legacy forward. DOOM, Quake, and Wolfenstein are not easy names to carry on, especially in today's industry. The last few games showed real care, skill and respect for what those worlds mean to people. Romero also expressed his hope for "digital preservation" of Id's ongoing history (including code and assets). "I'm thinking of everyone at id today, and everyone else affected by yesterday's layoffs. Romero Games was there a year ago. I know how devastating it is, and my heart's with all of you. "Four Xbox studios are already out the door," noted IGN, but shared some thoughts about the future:Some have expressed concern that id Software would be unable to lead development on any new games in its current state, and that it might be relegated to support studio status. But in a new statement [posted to id Software's page on X.com] id Software said it was now at the staffing level it was back when it made the much-loved 2016 Doom reboot — and insisted it was still capable of making "great games." "While our studio was impacted, those changes were spread across teams. We still have the crew we need to build the games and tech we're known for... We're going to keep building the great games and tech that have defined us for the past 35 years, and we're looking forward to seeing you at QuakeCon this August."


    Read more of this story at Slashdot.


  • Facial Recognition in UK Shops Will Soon Instantly Alert Police About Offenders
    Facial recognition technology in U.K. shops "will soon alert police in real time to the presence of serious offenders," reports The Guardian, "with civil liberties groups warning of a 'dangerous escalation' towards surveillance and criminalisation in the retail sector."Facewatch, a facial recognition system used by more than 100 businesses including Sainsbury's, B&M and Spar to monitor thieves, said it was launching a UK-first feature to "alert police instantly when the most serious offenders trigger a live facial recognition match". Facewatch's chief executive, Nick Fisher, said the "unique technical development" would be launched in autumn and would warn police in an average of four seconds when the "worst offenders" were flagged on its network... Charlie Whelton, the policy and campaigns officer at [civil liberties nonprofit] Liberty, said it was concerned about this "untested, opaque development" and the way facial recognition technology had been allowed to "proliferate without anything to govern it". "It's not against the law to walk into a shop even if you've committed crimes in the past," he said. "The idea of calling the police on somebody who hasn't committed a crime, but there's a concern they might, is really upending the way we do things. And of course, it's not infallible. These systems do make mistakes, and it's very hard to argue with that when it happens to you." A number of people have been forced to leave shops after being falsely identified by Facewatch technology as a shoplifter, with some describing it as "Orwellian" and saying they felt as though they were "guilty until proven innocent"... The use of the Facewatch technology looks set to quickly expand, with Sainsbury's recently announcing plans to increase its use from 55 stores to more than 200 by the end of the year. Facewatch said it alerted retailers almost 300,000 times that a "known repeat offender" had entered a store during the first six months of 2026, and that its system allowed staff to intervene "before theft, abuse or violence could occur or escalate"... [E]xperts argue the use of facial recognition technology in shops to catch shoplifters is disproportionate. Nuala Polo, the UK public policy lead at the Ada Lovelace Institute, which studies the impact of AI on society, said: "There are other, much less intrusive means that you can use to catch shoplifters where you don't need to be scanning millions of faces every day, virtually without consent...." The campaign group Big Brother Watch has criticised police for "inserting themselves into this cowboy operation" and said people would be matched against "a secret blacklist compiled by unaccountable businesses and private security guards".


    Read more of this story at Slashdot.


  • 10 Million Cubans Suffer Nationwide Blackout - For The Second Time This Week
    The Associated Press reports:An islandwide blackout struck Cuba on Friday for the second time this week as the nation of nearly 10 million people grapples with a crumbling power grid and fuel shortages stemming from a U.S. energy blockade... Authorities reported that they have already begun restoring power to some areas. On Monday, another massive blackout affected nearly 10 million people nationwide. Authorities reported during the week that service was gradually being restored from that outage. "While total blackouts have become increasingly common in the Caribbean country, it's unusual for back-to-back ones to hit just days apart..."


    Read more of this story at Slashdot.


  • Meta Removes Controversial AI Feature On Instagram After Backlash
    "Meta has axed a controversial feature that allowed users to modify photos from public Instagram accounts using AI," reports TechCrunch:The feature, which wasn't designed to alert a user if their photos were used in this way, prompted immediate backlash... The company issued a blog post Friday announcing that it was removing the feature. Puck News founding partner Dylan Byers was the first to share the company's decision... Byers notes that the decision to do away with the feature came "amid scrutiny from users and talent agencies, including CAA."


    Read more of this story at Slashdot.


  • People Keep Sneaking Into an Empty IBM Campus - and Then Getting Arrested
    Since February, New York state police have arrested 48 people for trespassing on a former IBM campus in Somers, New York, reports the Wall Street Journal. 30 of the arrests were teenagers.The long-vacant site has become a magnet for so-called urban explorers, who prowl abandoned malls, hospitals, power plants, amusement parks, factories and any other disused structure they can breach... [I]t's been turbocharged by artsy videos on Instagram and TikTok that spur others to create their own posts, luring still more curiosity seekers... In Somers, social-media images of the old IBM campus — a sprawling, pyramid-studded 1980s complex designed by the late I.M. Pei's firm — show dystopian scenes: busted windows, tossed rooms and graffitied walls. But they also give eerie glimpses of conference rooms and cubicles unchanged since IBM left a decade ago, as if employees had fled the daily grind one day and never returned... One man in his mid-20s faces felony charges; police allege he had a loaded 9mm gun and took a Sony camera and power strip among other souvenirs. Andrew Proto, a defense lawyer, said "a 15-second clip" isn't worth a criminal record... Proto said he has represented or advised several minors arrested on the campus. The Somers town court clerk said some defendants received a 6-month "adjournment in contemplation of dismissal," meaning charges will be dropped and their arrest sealed if they avoid trouble. Some explorers who have posted about the IBM site say they follow an observe-and-preserve ethos and reject vandalism. They say they're driven by curiosity, the thrill of roaming forbidden spaces and a zeal to document discoveries — and that they're careful and know their limits. "It actually gives me hope when I hear that kids are out there getting into trouble," says Bradley Garrett, a cultural geographer and author of the book "Explore Everything: Place-Hacking the City," about his own urbex adventures. He sees urban exploration as "a gateway drug in a good way, sometimes, into intellectual curiosity about history and culture." But Garrett said popular spots can be "loved to death" online — and then shut down, looted or set ablaze. "Trespassers were blamed for a March 30 fire, reports a local newspaper, "that damaged one of the buildings and required volunteer firefighters to spend three hours extinguishing the blaze."


    Read more of this story at Slashdot.


  • How the FSF Sysadmins are Blocking Botnets with reaction
    For nearly two years the Free Software Foundation has been fighting web crawlers (including many aggressively scraping training data for AI models). A botnet controlling about five million IPs hit one system for six months in 2025. Their systems administrator wrote this week that they view these as distributed denial-of-service attacks. How are they fighting back?We noticed patterns in the scrapers that were abnormal, which gave us material for writing regular expressions. Searching for the regular expression then gave us a large lists of IP addresses. Looking up the origin of those IP addresses revealed that some of the crawlers were using botnets of residential IP addresses to scrape faster and avoid detection. We looked for what kinds of botnets might be generating the kind of traffic that we were seeing, and one that we suspected was called the "Vo1d" botnet, comprised of smart TVs running some sort of compromised app... We got confirmation that at least some of the botnet traffic hitting GNU Savannah was originating through the Vo1d/Popa botnet. We placed our regular expressions in fail2ban, and found that we were hitting the maximum rules that could be added to UFW firewall rules on our systems which showed degradation around 65,000 rules... We learned about ipset and configured fail2ban to add IP addresses that it found to IP sets. Using ipset, we kept building larger IP sets and did not find instability with as large as five million rules... We eventually found a promising project on Framasoft's forge Framagit called reaction written by ppom... After we ran into scaling issues with our initial implementation, we developed a much faster implementation where the reaction shutdown process would export the IP sets to disk and the reaction startup process would restore the IP sets. This allowed us to have nearly instantaneous restarts of the service to apply new rules. We published both of our configurations upstream to reaction's wiki so that everyone can benefit from it. reaction's getting started documentation now leads to the method that we proposed... Many sysadmins know about fail2ban, but not enough people know about reaction. I am very grateful to ppom for the help they have provided and for the tremendous project they have released to the world with reaction. We have implemented other defenses as well, but reaction is doing the majority of the automated work keeping our sites online.


    Read more of this story at Slashdot.


  • DuckDuckGo's Browser Now Blocks Most YouTube Ads
    Nerds.xyz reports:DuckDuckGo just gave its browser a feature that a lot of people have been waiting for. The privacy-focused browser can now block most video ads on YouTube, letting users watch videos without sitting through the pre-roll and mid-roll interruptions that have become part of everyday life on the platform. The feature is already enabled by default for iPhone, Windows, and Mac users running the latest version of the browser. Android users can turn it on manually... with DuckDuckGo planning to enable it by default in a future update... To make it work, DuckDuckGo relies on the same community-maintained filter lists used by uBlock Origin, along with some of its own compatibility rules. The company says you might notice a bit of extra buffering before a video starts, but once playback begins, most ads should be gone. Slashdot reader BrianFagioli argues that the feature raises questions about how creators are compensated when ad revenue is bypassed.


    Read more of this story at Slashdot.


  • Orbital Datacenter Plans Need an Environmental Review, FCC Told
    Environmental groups want America's FCC "to slam the brakes on orbital datacenters," writes The Register. They're arguing for an environmental impact assessment for what could be 1 million satellites:Earthjustice, acting on behalf of DarkSky International, Environment America, and Public Employees for Environmental Responsibility (PEER), filed a petition this week... The filing doesn't target any single company. Instead, it asks the regulator to put the entire emerging orbital datacenter sector on hold while it assesses the cumulative effects of proposals from SpaceX, Starcloud, Blue Origin, Cowboy Space, and any similar applications that follow. According to the petition, those proposals collectively seek "well over a million datacenter satellites" in low Earth orbit.... " increasing the existing volume of satellites in low-earth orbit by multiple orders of magnitude." The groups argue that the FCC is trying to apply licensing rules written for much smaller satellite constellations to an entirely new class of infrastructure. "If ever a situation warranted a Programmatic Environmental Impact Statement [PEIS], it is this one," the petition says. It argues that a single review would allow the agency to examine "the risks, alternatives, needs, costs, and impacts of this sudden transformation of Earth's exosphere" before deciding whether any of the projects are in the public interest. The petition raises concerns about rocket launch emissions, pollutants released as satellites burn up during atmospheric reentry, depletion of the ozone layer, orbital debris, light pollution, impacts on wildlife, and interference with astronomy. It also argues that the combined effects of these constellations cannot be understood by evaluating applications one at a time.... "It is difficult to imagine a better example of multiple projects presenting essentially identical impacts and risks that compound synergistically and cumulatively than the present proposals..." The petition argues that the FCC's current approach, which generally treats satellite licenses as categorically excluded from detailed environmental review, is no longer fit for proposals measured not in dozens or thousands of spacecraft but in hundreds of thousands and, potentially, millions. If the FCC agrees, orbital datacenter operators will have a mountain of paperwork to clear before sending their hardware skyward.


    Read more of this story at Slashdot.


  • This Factory Was Severely Short On Workers. Then It Offered Flexible Work.
    "Flexible, app-based scheduling lets large pools of part-time workers choose four-hour shifts and even select the type of work they prefer," writes long-time Slashdot reader Tony Isaac. While the system started during the pandemic when factories faced severe labor shortages, the model is now "supplying hundreds of trained workers each week... while giving people — from retirees to sidejob hustlers to longtime employees — control over their hours." NPR says it's attracting "people who may not be seeking a traditional career in the industry or even a 40-hour workweek,"It's a change that manufacturers including Stanley Black & Decker and Georgia-Pacific are embracing... Today, in any given week, about 450 flexible workers — roughly half the pool — pick up shifts at the [GE Appliances] plant, with workers putting in an average of 24 hours a week. Their contributions have been key to GE Appliances' $180 million expansion of the Georgia plant, completed last year, which added 600 new jobs... [Darcy Duvall, the plant's director of human resources operations] has also come to see that many workers prize flexibility despite the significant trade-offs — like lower pay and almost no benefits. MyWorkChoice employees can opt into their own group healthcare plan, but few do... The flexible work option has also helped GE Appliances keep longtime employees with decades of experience on the job.


    Read more of this story at Slashdot.


  • China's AI Companies May Be 'Distilling' America's AI Models
    In March, Anthropic's Claude "quietly deployed software to spy on China-based customers," reports the Washington Post — apparently to unmask Chinese rivals "suspected of hijacking its technology to make their own AI tools smarter."Last week Anthropic removed the spyware "after a software developer revealed its existence and privacy advocates criticized Anthropic, saying it had surveilled its own users." Anthropic's tracking code was designed in part to catch Chinese firms "distilling" its AI models, a technique that involves pressing a large, expensive AI system to serve as a tutor to a smaller, cheaper one. Asking the larger system huge numbers of questions — hundreds of thousands or more — generates responses that can be used to upgrade the power of the smaller one on the cheap. Distillation isn't illegal, and it has been used for years in the AI industry. But distillation without permission is against AI companies' rules, and, used effectively, is giving Chinese AI companies a major leg up, American AI companies say... Anthropic and ChatGPT-maker OpenAI have both accused Chinese AI companies of using this technique to build copycat AI models of their own. In a May blog post, Anthropic said that Chinese companies' use of distillation, along with evading U.S. export controls on high-end computer chips, has allowed them to "trail closely" behind U.S. models. But if these techniques can be blocked, it might be possible for the United States to "lock in a 12-24 month lead" on Chinese capabilities, the company said... This month, Anthropic said in a letter to U.S. senators that was obtained by The Post that it uncovered a campaign in which Chinese tech giant Alibaba's Qwen AI team used roughly 25,000 fraudulent accounts to generate more than 28.8 million exchanges with Claude to improve its own technology. In February, Anthropic made similar accusations against the Chinese firms Deepseek, Moonshot and MiniMax and said the campaigns were "growing in intensity and sophistication...." Anthropic and OpenAI have appealed to the U.S. government, arguing that distillation amounts to intellectual property theft that harms the U.S. in the geopolitical AI contest.... That Chinese AI labs are using U.S. models to improve their own technology appears beyond dispute. In a February 2025 study, researchers from China's Peking University and the state-funded Chinese Academy of Sciences developed methods to detect signs of distillation in leading large language models. They concluded that, with the exception of ByteDance's Doubao, most domestic models they tested showed substantial evidence of distillation, mostly drawing from U.S. models... In one set of intensive tests, a Qwen model misidentified itself as Claude nearly a third of the time, the Chinese researchers found. U.S. firms have also used distillation to piggyback on AI systems made by others. In 2024, OpenAI released a tool to make it easier for customers to distill its own models and produce data sets for AI training. SpaceX founder Elon Musk said in court testimony in May that his AI company xAI used distillation to train its models and that the technique is common throughout the industry. The article also notes that Anthropic "said it has banned nearly 700,000 accounts that were using Claude in China." But the article includes this quote from Kyle Chan, a fellow at the Washington-based Brookings Institution's China Center. "Anthropic's framing is that this is a geopolitical contest for basically the future of the world and freedom and democracy. It's that this is not just undercutting the U.S. commercially, but undercutting American strategic advantage in the most powerful technology we know today."


    Read more of this story at Slashdot.


  • EFF Celebrates 36th Anniversary, Says 'We Need You in the Fight'
    "We need you in the fight," says the American legal expert in privacy, surveillance, AI, and Internet freedom of speech who became the EFF's new executive director in March. As EFF celebrates the anniversary of its founding 1990, "Each headline is different, but they tell one story: Many of the threats that once seemed hypothetical are now reality, and EFF's work to ensure technology supports rights, justice, freedom, and innovation for all people has never been more critical."Governments and large corporations possess surveillance capabilities that were unimaginable just a few years ago. Ever greater concentrations of power are shaping speech, creativity, markets, and democratic institutions. Governments are increasingly seeking to control the internet and people's ability to access information and communicate freely. Our community's work is fundamental to the future of our countries, our livelihoods, and literally our lives... These are perilous times. It is also a moment of extraordinary possibility. The future of AI has not been written and we can work together to get it right. We can make sure our laws reflect the needs of the modern digital age. We can build the technologies that empower rather than marginalize communities.For me, the work starts with recognizing that digital rights are not a siloed policy issue. We must fight and win on the digital terrain to organize, speak freely, access healthcare, find work, receive an education, and participate fully in democracy. We can and must reject a false choice between innovation and civil liberties, and build power across movements to make sure technology truly works for people... EFF's founders understood something remarkably prescient: Technology and civil liberties would become inseparable. Now we all live digital lives, and the important digital rights issues that EFF has worked on since 1990 have become kitchen-table issues all around the world. EFF's founders understood that how technology is built, developed, used, and controlled deeply intersects with rights, justice, freedom, and democracy. EFF's unique combination of world-class lawyers, activists, and public interest technologists pursue change simultaneously in the courts, legislatures, companies, and our communities, and pierce through false choices. This integrated, intersectional approach, grounded in deep legal, policy, and technical expertise, is a linchpin in fighting and winning against some of the most powerful forces in the world — both governments and trillion-dollar companies. We defend people against unlawful government data collection and challenge license plate and face surveillance in our communities. We shape AI law and policy to protect civil liberties and support creativity and innovation. We push companies to strengthen encryption, fight to ensure you have the right to own what you buy, and build public interest technologies like Privacy Badger and Certbot that millions of people rely on every day. This work matters because it all answers the same question: Will technology empower or control us? Major battles the executive director sees on the horizon""Challenge increasingly sophisticated government and corporate surveillance systems that endanger our rights, democracy, safety and security.""Preserve strong encryption and online anonymity.""Ensure AI is developed and used in ways that respect fundamental rights and works for those who build it, use it, and are affected by it.""Confront the concentrations of power that limit access to new creativity and defend the rights of developers to build and innovate.""To meet these challenges, we must not only utilize the powerful levers of successful litigation, smart policy interventions, and effective public interest technology tools. We must also build a broader movement that recognizes that fights on the digital terrain are integral to all our fights for rights and justice... Together, our EFF community can help broaden the public conversation about technology's role in society and continue building the collective power necessary to shape the future rather than react to it.... "I'm looking forward to meeting more of you at my first EFFecting Change livestream on August 12 with Cory Doctorow, and hope this conversation is just the beginning of finding new ways to work together..." The blog post ends by noting that "We need you and others in the fight. Please renew your membership, become a recurring monthly supporter, and introduce someone new to EFF by snagging them a gift membership. "Everything we accomplish — every lawsuit, every policy victory, every public interest technology tool, every campaign — is possible because people like you are committed to ensuring technology strengthens freedom, privacy, creativity, and opportunity for everyone. "The future we want and need will be built by people and movements working together to ensure technology empowers rather than oppresses. "Let's build that future together."


    Read more of this story at Slashdot.


  • Meta Says US States Seek $1.4 Trillion In Penalties In August's Youth Safety Trial
    Meta "said in a court filing on Monday that four states were seeking $1.4 trillion in penalties," reports Reuters, "over accusations the company designed its Facebook and Instagram platforms to addict young users and misled the public about their safety."Meta put forward the figure in its response to the attorneys general's filings on how penalties should be calculated if the states prevailed at trial. The number, which has not previously been disclosed and is close to Meta's market capitalization of around $1.5 trillion, comes ahead of an August trial in Oakland, California, over the claims brought by California, Colorado, Kentucky and New Jersey against the company. Meta said the amount was unsupported by the evidence. "A sanction of that size has no analog in the history of consumer protection enforcement," the company said in the filing. "The plaintiffs' outlandish calculations have no basis in fact or law," the company said in a statement, adding that it would continue to defend itself against the states' demands. A spokesperson for California Attorney General Rob Bonta said in a statement the lawsuit "alleges Meta has prioritized profits over the safety of kids and fueled the mental health crisis we see impacting a generation of American children. The California Department of Justice looks forward to holding Meta fully accountable at trial in August...." Meta has denied the allegations, saying the attorneys general have no evidence it misled consumers about its platforms' alleged addictiveness because "social media addiction" is not an established psychiatric condition, and therefore statements that its platforms were not addictive could not be false... Last month, [U.S. District Judge] Rogers rejected Meta's bid to cancel the trial, saying there remained factual disputes over whether its social media platforms were addictive, whether Meta falsely denied it designed them that way, and whether it "partially" directed the platforms at children. "A further 14 states have brought claims under their own laws, which will be heard at a separate trial in February..." Thanks to Slashdot reader Sparkatron for sharing the article.


    Read more of this story at Slashdot.


  • How Flock Cameras Wrongly Tracked a Journalist for Days, Then Sent Police to Arrest Him
    "Are you armed?!" the police officer screamed. "Get out of the car!" A writer for the car-news site The Drive describes how "a technological chain linking surveillance cameras, AI, and law enforcement... led to me and my wife being surrounded by police, hands on their guns, in a Kohl's parking lot in suburban Minnesota."After dropping off our Amazon returns, we'd just gotten back in the Range Rover and reversed maybe two feet out of the spot when four cop cars came flying out of nowhere and boxed us in... The Plymouth Police Department had been tracking me for days using Flock license plate cameras, waiting for the right moment to strike, because they thought I'd stolen the Range Rover. And the reason I was ID'd as a dangerous car thief was a simple data error made 2,000 miles away in California, creating an edge case within an edge case that Flock's AI camera network was unable to handle... "The plates on this car are stolen," Officer Ganshyn said... This made absolutely no sense. Car companies keep meticulous track of the fleets they loan out to the media. The vehicles all have special manufacturer or dealer plates that are logged every time one enters or exits... The New Jersey plates that were allegedly stolen from the LA dealer were 34 03 DTM, not 34 10 DTM. But when the police report was created and the plate was entered into Flock's system, it was just recorded as 34 DTM. Just the five large characters, no little number in the middle... Flock's AI tech wasn't registering that non-standard little number when it began picking up the Range Rover around town... I connected the final dot. A lot of vehicles in [Range Rover manufacturer] JLR's media fleet have a New Jersey manufacturer plate with the same alphanumeric structure — 34 ## DTM — and Officer Ganshyn observed that meant it was now a nationwide issue. Anywhere a police department has a partnership with Flock, any other JLR-owned car with the same plate structure is going to get flagged as stolen. In fact, four other 34 ## DTM cars were being tracked around Minnesota that week, according to Officer Ganshyn. I was just the first one to get nabbed. The only way to stop it would be for the LAPD to correct their initial report and update Flock's system, which Jaguar Land Rover was now racing to make happen following the phone call. Still, he warned me to drive straight home, park the Range Rover, and leave it there. If I were to cross into the neighboring town, I'd probably get flagged again and go through this entire ordeal again with a different set of officers. His parting words were ominous: "You're lucky we're in Plymouth. If you were in Minneapolis, they definitely would've come at you with guns drawn." Ironically, even the original license plate wasn't stolen either, the article points out. It was reported misplaced during a Los Angeles photo shoot, and "The corporation had to report the plate as lost to law enforcement," according to the police report — and even then, the plate "was reported as NJ 34DTM instead of NJ 3403DTM." The author's conclusion? "Once these systems have you in their crosshairs, there's pretty much only one way it can go... A simple data-entry error, magnified and broadcast nationwide by a growing surveillance network operated through an opaque partnership between a private company and public agencies, led police to identify me as a car thief and set up a sting to take me down. I mean, they even had a drone flying overhead during the 'bust'... "Thank God our kids weren't with us." Thanks to long-time Slashdot reader sinij for sharing the article.


    Read more of this story at Slashdot.


www.theregister.com - Articles




















































Linux.com



  • From DHCP to SZTP – The Trust Revolution
    By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]

    The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.









Phoronix

  • HFI BIOS Aims To Provide A POST-Like Power On Screen & BIOS Setup Utility For RISC-V
    The Harmonic Firmware Initiative "HFI" is trying to provide a generic, standardized power-on firmware experience for RISC-V boards. Akin to the x86 world with having immediate graphics card initialization to provide a display while the system is booting and also having a BIOS setup utility for system configuration, HFI is trying to do the same for the RISC-V world...









  • Pop!_OS Rolls Out Its "Frosted Glass" Desktop Style For COSMIC
    System76 developers have for the past number of weeks been working on developing a "frosted glass" appearance for the COSMIC desktop environment featured on their Pop!_OS Linux distribution. For Pop!_OS users this frosted glass feature is now available and will become more widespread for other Linux distributions once the next COSMIC release is formally tagged...





  • Linux DT Patches Provide Very Basic Support For Apple M3 Pro / Max / Ultra
    Upstreamed for the Linux 7.2 kernel was initial support for booting Linux on the Apple M3 SoC devices. But just the barebones suppport for booting with not yet any accelerated graphics or other typical function needed for daily use of M3 Apple devices on Linux, just booting to a console. Now this work is complemented by additional Device Tree patches for also booting M3 Pro / Max / Ultra devices on Linux...



  • LLVM Clang Merges Initial Support For NVIDIA Rigel Core With Next-Gen Rosa CPU
    Earlier this week NVIDIA confirmed some basic details around their next-gen Rosa CPU that succeeds Vera. Among the public confirmation was that it will feature a "Rigel" Armv9.2-A core iterating on their Olympus core design. With the basic details published, NVIDIA immediately introduced Rigel core support into the GCC compiler. Now they have also upstreamed their initial Rigel core enablement into the LLVM Clang compiler...



  • Phoronix Premium 2026 Summer Support Special Ends Tonight
    For those that enjoy the daily flow of original open-source/Linux news on Phoronix along with all of the original Linux hardware reviews and performance benchmarking, but haven't yet subscribed to Phoronix Premium to help keep the site going after 22 years, the summer sale ends tonight...



  • Graviton5 CPU Benchmarks: 30% Geo Mean Improvement Over Graviton4
    After originally announcing Graviton5 last December, recently AWS finally made the M9g and M9gd instances generally available as the first featuring these new in-house ARM server processors for the EC2 cloud. Graviton5 makes use of Arm Neoverse-V3 cores compared to Neoverse-V2 with Graviton4, support up to 192 cores, and feature a higher 3.3GHz clock speed compared to 2.8GHz on the prior-generation Graviton CPUs. Here is an initial look at how the Graviton5 processor performs over Graviton4.



  • Proposed Linux Patch For A Brief Delay To Match PCI Spec Will Hopefully Address Some Bugs
    Going back to February there was a bug report around the xHCI controller dieing on resume from s2idle when using an AMD Ryzen AI Max+ "Strix Halo" Framework Desktop. In turn all USB devices behind the xHCI controller are lost on resume, but unbinding and binding the driver can restore the functionality without a reboot. After months of back and forth communication, it looks like a solution has been figured out and comes down to a nuance of the PCI spec with needing a brief wait...



  • Initial Patches Posted For Booting The Apple M4 On Linux
    With the Linux 7.2 kernel there is initial support for booting the Apple M3 SoC on Linux but it's not yet functional for end users with just booting to a simple console. There are now Device Tree files posted for booting the Apple M4 on Linux but also not yet useful for any typical Apple Mac/MacBook usage on Linux...


  • AMD Ryzen AI Halo Box RGB LED Driver Inches Closer To The Mainline Kernel
    The AMD Ryzen AI Halo mini PC powered by Ryzen AI Max+ "Strix Halo" began shipping this week. It features very nice Linux support out-of-the-box with the Debian-based Ryzen AI Developer Platform operating system. For those wishing to run their own x86_64 Linux distribution, one of the only caveats in the Linux support is quite small... No mainline kernel support yet for controlled the RGB LED light strip on the driver. But that driver is coming and will hopefully be mainlined soon...


  • Zlib-rs 0.6.6 Released With Updated Zlib API Support
    Zlib-rs 0.6.6 was just released by the Trifecta Tech Foundation. Just weeks after the prior release with a fix for Intel Raptor Lake and bringing new SIMD optimizations, zlib-rs 0.6.6 is about delivering updated Zlib API compatibility...





  • Single vs. Dual Channel Memory Performance With The Intel Core Ultra 7 270K Plus
    Given today9s pricing environment around system memory, a Phoronix Premium supporter recently requested some benchmarks to quantify the performance difference from single to dual channel memory. In considering a new computer build, he is contemplating whether to go for a single stick of DDR5 memory until memory prices hopefully subside in the future. For those in a similar boat, here are some benchmarks of single versus dual channel memory on an Intel Core Ultra 7 270K Plus "Arrow Lake" desktop.






Engadget"Engadget - Technology News & Expert Reviews"





















OSnews

  • Apple sues OpenAI for theft of trade secrets!
    Apple sued OpenAI on Friday, alleging the AI company has stolen the iPhone maker’s trade secrets to develop its own yet-to-be-unveiled AI gadgets. In the suit, filed in the District Court of Northern California, Apple accuses OpenAI of trade secret misappropriation and breach of contract. ↫ Lisa Eadicicco and Hadas Gold at CNN I find this about as interesting and watching artificial grass grow, but with the common wisdom being that Apple is behind on AI!, it was honestly only a matter of time before the lawsuits came. After all, thats usually what companies who cant win in the market do. At the very least this will give corporate tech news websites a whole slew of new material. I just hope they both implode. Wed all be better off for it.


  • Redox gets GTK3, Tcl
    Redox did the develop cools stuff thing again for a month, so weve got progress to talk about. This past month, GTK3 has been ported to Redox, as well as the Tcl programming language. Support for per-window fractional scaling has been added to Orbital, Redox desktop environment, but its still relatively limited for now. Theres also new USB gamepad support, which already works in quite a few emulators, as well as details about how Redox intends to improve its support for running in a virtual environment over the coming 12 months, an effort sponsored by NLnet. Of course, theres also the usual bugfixes and updates to various drivers, the kernel, Relibc, and more.


  • Understanding Windows monthly updates: Servicing explained
    Windows has a fairly complex update ecosystem, so every now and then, the company feels like it needs to publish clarifications and explainers so people can keep up with whats going on. Most individuals and organizations regularly deploy monthly security updates, released on the second Tuesday of each month. Windows also provides optional non-security preview updates, which give IT teams and early adopters an opportunity to validate upcoming fixes before theyre included in the next monthly security update. This guide explains the purpose of each update type, when updates are released, and how they fit into the modern Windows servicing model. ↫ Chris Morrissey at the Windows IT Pro Blog Its easy to make fun of Microsoft and Windows for just how complex and obtuse the update ecosystem really is, but in all honestly its kind of understandable. Windows is a sprawling platform used by so many different people, companies, and organisations, under so many different circumstances and in so many different environments, it makes sense that Microsoft wants to address the multitude of needs that arise from that complexity. And so we end up not only with a dizzying array of update types and a long corpus of mystic terminology, but also a long list of complex different management tools to deploy said updates. And then theres the various preview channels making everything even more complex. Im definitely not smart, qualified, or experienced enough to come up with a better solution, but I do think choosing better names for the various update types, and perhaps a centralised settings panel inside Windows that gave users a better idea of what each type of update actually does, would go a long way to improving clarity. During my month with Windows 11, I also found it deeply frustrating just how little information Microsoft provides about each of the updates Windows is installing. As a user, I was expected to copy/paste the KB number and then hope that would lead me to useful information, while it would be much more convenient if such information was available right then and there inside Windows Update. If you cant reduce complexity, you should try to improve transparency.


  • You paid me, a long-time Linux user, to use Windows 11 exclusively for a month: heres how it went
    You all donated en masse to have me use Windows 11 for a month, and so I did. What was it like for a long-time Linux user to go back and experience Windows as it exists now? Is it really as bad as weve collectively made it out to be? Did my month with Windows 11 consist of nothing but pain and misery, or are there good things to say, too? Or, was it an unexpected pleasant surprise? And ultimately, did I stay with Windows 11, or move back to the Linux world?  Donate through Ko-Fi  Donate through SEPA transfer*  Buy merch from our store  Why a fundraiser? *Name: Thom Holwerda  IBAN: SE08 8000 0820 1684 4657 8414  BIC: SWEDSESS This year, Im celebrating the milestone of having posted 20000 stories on OSNews during my 21 years as managing editor of OSNews. This is my full-time job, and since nobody is going to give me any bonuses, stock options, or golden pens, were running a big fundraiser to keep OSNews going. To add some spice to the whole thing, I added some incentives, with the first being using Windows 11 for a month. Were slowly but steadily approaching the next incentive, too, which is a proper video tour of my office, (unique) computers, and massive devices collection. Theres a similar incentive to this Windows 11 one, but for macOS. Yikes. The rules for the Windows 11 incentive are simple: use stock Windows 11 for a month for my computing tasks (with the exception of gaming  converting my Linux gaming PC to Windows just to play the same games seemed silly). I wasnt allowed to use any debloating tools, but as an EU citizen, I do have the ability to remove a ton of Windows stuff thanks to the success of the Digital Markets Act. I also tried to stick to Microsofts own applications as much as possible, for that true ecosystem experience!, and wasnt allowed to hack my way into a normal local user account. I was all-in. So what was it like? Setting it all up The installation process posed a number of challenges and issues. First and foremost, the Windows 11 installation process is incredibly barebones, and basically assumes no other operating system exists in the world. It has no clue anything other than Windows filesystems exist, making it dangerously easy to accidentally damage or outright delete any other operating systems you might have installed. My laptop happens to have two M.2 SSDs in, so I could safely dedicate one of them to Windows 11 without interfering with the other SSD with Fedora installed on it, but if youre experimenting with Windows 11 on your Linux machine with just one drive, you might want to reconsider. I also had to perform the first portion of the installation process  the WinPE section  with just my keyboard, since apparently, my trackpad was not supported and did not work at all. Once the system went through its first of what would be many reboots to come and loaded into the phase of the installation where youre actually already running Windows 11, my trackpad came to life, but without any gestures support  so no scrolling. Not a gamebreaker or anything, but definitely annoying. A bigger issue was that the Wi-Fi 7 Intel BE200 chip in my laptop was not supported out of the box by Windows 11. This meant that I had to install these drivers during the installation process, which involves going to the Intel website and finding the correct drivers to use. To make this process more obtuse and less intuitive, you cant use the normal driver installer; you have to specifically opt for the Intel® PROSet/Wireless Software and Wi-Fi Drivers for IT Administrators , download the ZIP, unpack it on a different computer, put the unpacked drivers on a USB stick, and point the Windows 11 installer to this USB stick. Mind you, the BE200 chip was launched almost three years ago, and theres no excuse for Windows 11 not supporting this chip out of the box  like Linux does. The remainder of the installation process involved dodging a lot of tracking and telemetry prompts, reboots, a lot of waiting, setting up the dreaded online account, waiting some more, and then finally ending up at the desktop. I then set out to enjoy my EU privileges by removing whatever applications I didnt need and turning off features I didnt want, as well as making sure all the drivers were up to date. This mostly involved installing the Intel Driver 8 Support Assistant and the Intel graphics drivers. Curiously, this is where I hit a returning issue: after installing the Intel GPU drivers for the first time, as well as after every subsequent update, the screen would go black and stay that way, forcing a reboot. Windows graphics stack is supposed to be able to gracefully handle driver updates, but clearly, some bug or problem was preventing the updated Intel driver from being reinitialised. Once those initial setup tasks were behind me, I experienced two more problems. First, sleep/wake was entirely broken and simply did not work. It turns out Windows 11 really doesnt like S3 sleep, and I had to specifically go into my laptops Dasharo Coreboot firmware to switch to S0ix get sleep/wake to work on Windows 11. Windows defaults to something it calls Modern Standby!, which requires the S0ix state to be enabled. You can also disable Modern Standby which would presumably make sleep/wake work with S3 (?), but this is a whole ordeal and clearly not something Microsoft wants you to do. Of course, the correct way of handling this would be for Windows 11 to adapt its sleep/wake settings to what the firmware reports, but alas. Another problem were the laptops cooling fans seemingly leading lives of their own, spinning up loudly at entirely random times, irrespective of use. It was so bad and loud


  • The state of accessibility in GNOME
    With July being Disability Pride Month, GNOMEs Sophie Herold published a blog post taking stock of where GNOME stands on this front, progress thats been made, as well as areas where the project comes short. One particular paragraph from her introduction really hits the nail on the head about accessibility discussions in tech circles: The reality of tech communities is that they are often ableist and elitist. Probably more so than the average population. If a user or contributor struggles with a tool, blame is shifted to a “skill issue,” if an interface is simplified to make it accessible to more people, it’s “dumbed down”. Assistive technologies are often developed by abled people, without involving and paying disabled people. This also leads to an attitude where contributors expect gratefulness from disabled people for providing them with the most basic needs. All these issues are also not absent from the GNOME community. ↫ Sophie Herold Even as someone who isnt disabled and doesnt use any tools classically shelved under the accessibility! moniker, I encounter the attitudes she mentions in the quoted paragraph basically every day. While we can have normal, productive discussions and differences of opinion about accessibility  for instance, I strongly believe robust theming support is absolutely crucial to accessibility, while the wider GNOME community does not  the dismissive attitudes towards people with accessibility needs in the software world is shameful. Even if you dont have accessibility needs today, you will definitely be needing them at some point in your life. If accessibility isnt one of the first words you jot down on your mood board or whatever when you start a new software project, youve already done millions of people a massive disservice. Get educated, learn what you can about accessibility, listen to people with accessibility needs, and make your software better for everyone. Youll thank yourself one day.


  • Next release of Cinnamon finally supports Wayland
    Linux Mints Cinnamon is one of the last desktops to still not support Wayland, and is relegated to only being compatible with legacy X11 environments. With the next release of Cinnamon, however, this is finally going to change. We worked really hard on Wayland and we got to the point where it feels solid and the experience is almost on par with X11. Wayland support will no longer be considered “experimental”. In the next version of Cinnamon, both X11 and Wayland will be fully supported. ↫ Clement Lefebvre on the Linux Mint blog The next release of Cinnamon, version 6.8, will be part of the next release of Linux Mint, scheduled for Christmas of this year.


  • Most slopcode projects are abandoned and deleted within months of release
    About a month ago, Flathub announced a ban on slopcoded applications. Evangelos GeopJr! Paterakis, developer of a number of popular Linux applications and ton of other things, did some research into just how many applications tagged with AI slop!, a tag Flathub reviewers used to keep track of slopcoded applications submitted to Flathub, actually survived the test of time. The results are exactly what youd expect. Of the 120 unique repos, 32 were maintained and 88 were abandoned. No seriously, a big portion of them was completely deleted, nowhere to be found, others stopped 6 months ago, right after submitting to Flathub. ↫ Evangelos GeopJr! Paterakis Thats absolutely soul-crushing. Why should Flathubs reviewers spend their precious, limited time talking to lazy slopcoders AI! agents to get their slopcoded applications into Flathub, when 70% of these applications are abandoned or outright deleted from existence within mere months of being submitted? Minimal effort for the slopcoders, maximum effort for the reviewers. Just dump a bunch of shitty code over the fence, let a chatbot handle the interactions with the reviewers, and pretend you made a valuable contribution. This is the contradiction slopcode enthusiasts really dont want to talk about. If these AI! tools are so great, where is all the amazing new software? Wheres the massive gains in software quality? Isnt the story that AI! tools do the menial work, giving programmers more time to focus on improving their software? Reality does not seem to match the story were being sold. Despite these slopcode tools being out and available for years now, theres no influx of great applications and other software, theres no rise in software quality, nothing. What we mostly seem to be getting are slopcoded projects nobody, not even their creators! care about, so they just get abandoned and deleted as quickly as they were dredged up from the bottom of the programming barrel. These arent applications created because someone wanted them to exist; these are applications created because some mid programmer got high on their AI! supply and fancied themselves better at programming than they really are  only to realise once the comedown hits theyve got crappy, barely working, entirely unmaintainable gibberish vaguely looking like code nobody can make head nor tails of. And then they abandon the project, ready for the next high  leaving everyone else to clean up their mess. What a miserable workflow.


  • Linux ported to the Atari Jaguar
    Only a few days ago we had Linux on the Mega Drive, and someone took that as a challenge, so now we have Linux on the Atari Jaguar. The Jaguar has a very different architecture than the Mega Drive, but does happen to use a processor from the same 68000-family. Interestingly enough, to this day, Linux has architecture code for the 68000-family of processors. 68040, 68030, 680100 and even the original base 68000 processor. All neatly structured under arch/m68k/. ↫ Joel Bueno And, well, that means Linux can indeed be made to work on the Jaguar, with some hacking and magic, of course.


  • Review: iodéOS offers a frictionless de-Googled Android experience
    Wherever in the world you go, the smartphone landscape is dominated by Android and iOS, and while this has always been problematic, recent events have made the dependency on two American tech giants for what is probably our most personal computing device even more problematic than it already was. We use our smartphones to keep our secrets, do our banking, interact with our governments, share our deepest thoughts with our friends and family, and a whole lot more. Having this invaluable tool the vast majority of us depend on tied entirely to Google and Apple is not just bad for the market, its also a downright threat to the national security of anyone not living in the US. Here in Europe, theres been an awakening lately, with governments, companies, and people alike finally realising that having our entire digital infrastructure controlled by foreign, adversarial interests is a terrible idea. Sadly, breaking free from our Android and iOS chains is not so easy. The most ideal solution would be a truly open source alternative smartphone operating system, but thats a hard sell for 99.9% of smartphone users who need the applications required to do their finances, talk to their friends, or interact with their governments. The cold and harsh truth is that with very few exceptions, these applications simply do not (yet) exist for smartphone operating systems that arent Android or iOS. The only viable alternative at this point in time is to take whatevers left of the Android Open Source Project, remove anything that ties it to Google and its services, fill in the gaps with alternative services and applications, and sell it as a Google-free or de-Googled Android platform. Theres several projects in this space, and with Europe drunkenly stumbling out of the technological hole it dug itself into, its no surprise that two of the more popular alternatives to Apple or Google-controlled smartphones come from Europe (and from the same country, no less). Today, were taking a look at one of these: iodéOS. Iodé is a company based in Toulouse, France, which focuses on offering a Google-free Android called iodéOS, either preinstalled on phones you can buy, or as a ROM you can install yourself on supported devices. As a company, iodé makes its money through selling devices with iodéOS preinstalled, through an optional premium subscription (that I didnt take a look at), and through donations, and all of their code is published as open source on their Gitlab instance hosted in France. Iodé loaned me a Fairphone 6 with iodéOS preinstalled, one of he many smartphones and tablets they sell through their online store for review. This isnt going to be an Android review; you already know what Android is like, and theres no need for me to rehash any of that. Instead, I want to focus on the things that make using de-Googled Android different from using Google Android. Dont be afraid of microG There are various ways to go about making a de-Googled Android variant, and iodéOS chose the LineageOS route, with microG installed on top. For those unaware, microG is a project which aims to replace the various proprietary parts of Google Play Services, required by many Android applications, with open source reimplementations. While it doesnt offer 100% compatibility, it works exceptionally well, and youll be hard-pressed to find applications just dont work at all with microG. IodéOS updates its microG installation through a dedicated F-Droid repository thats obviously enabled by default, so you dont have to do anything yourself. Using microG instead of Google Play Services doesnt mean you have to rely solely on whatevers available in F-Droid, since there are a variety of alternative Play Store frontends available. IodéOS ships with the Aurora Store, which is an open-source frontend to the Play Store that can be used with or without a Google account. If you use it with your Google account, youll gain access to whatever applications you already own, including paid ones, but you wont be able to buy applications inside Aurora. You can, however, buy an application on the Play Store website, after which it will show up in Aurora as well, assuming youre logged in with the same account. Aurora also comes with something something called FakeStore, which is sadly an important part of the puzzle; its a stub application that has the same package name as the real Play Store. Some applications check whether the Play Store is available before working properly, so this is sadly needed to ensure maximum compatibility. The only issue I sometimes ran into with Aurora is that it would load up its listings, but then any application I tapped on said it was unavailable. When this happened, reloading the Aurora application always fixed the issue. Annoying, but not gamebreaking. A few things did not work for me when using microG on iodéOS, and theyre exactly the things youd expect not to work. If you have a WearOS device, youre out of luck; WearOS devices simply do not work when using microG, but there is a bounty to add support for it. If you want to use a smartwatch with iodéOS, there are various options available, such as Garmin devices, which is what I used during my testing and it worked flawlessly. Another feature from regular! Android that simply wont work is RCS. Theres only one RCS client available on Android, Google Messages, and as you can imagine, Google is in no rush to allow devices without Google Play Services to register for and use RCS messaging. Tying to register with Google Messages will fail, and there are no other RCS clients available (save for a few China and India-specific clients). Theres a microG bounty for this, too, but no luck so far. Of course, there are countless messaging platforms that work just fine on iodéOS  regular SMS, WhatsApp, Facebook Messenger, Signal, and so on  and especially if youre European, its unlikely RCS support matters to you at all. I just dont


  • Improved DEC Alpha emulator runs Windows 2000 for Alpha and OpenVMS and Tru64 with X11
    Colour me positively surprised, as I had no idea Alpha emulation had progressed this much. As you might know, Im involved a bit in the OpenVMS community and the Alpha emulation side via AXPBox. AXPBox (github) is a fork of the es40 alpha emulator by Camiel Vanderhoeven (who is now Chief Architect at VSI, the company that makes OpenVMS, for x86 nowdays). There have been many forks of es40 in the past and recently a new one has popped up with some great new features. Like speedups via a JIT compiler, S3 graphics port from MAME and ARC support, resulting in the ability to run Windows 2000 for the DEC Alpha. ↫ Remy van Elst Not only can you run the unreleased Alpha version of Windows 2000 on this forked emulator, its also capable of running OpenVMS and Tru64 UNIX. In fact, both OpenVMS and Tru64 can run their full X11 CDE desktops on the emulator as well, which is incredibly cool and a huge milestone. As the name of the original emulator implies, its emulating an AlphaServer Es40 from the turn of the century, which should be fast enough for enthusiast use. The last AlphaStation ever made, the ES47, is still very high on my list of computers I desperately want but will never have  they are incredibly rare, and whenever they do come up for sale, incredibly expensive. If you have one, consider yourself lucky, and please, write about it! Tell the world!


  • LineageOS and Androids upcoming developer verification: what it is, and how it affects you
    LineageOS, the de-Googled Android ROM that serves as the backbone for pretty much the entire custom Android ROM community, has published an article about what the Android developer verification changes mean for them. I really like the factual tone of their article, especially this part: Critics such as F-Droid, EFF, and “Keep Android Open” point out that this also happens to route every install path through Google-controlled infrastructure, hands Google a kill switch over any app or developer worldwide, and arrives shortly after Google’s antitrust lawsuits. Both things can be true at once: real fraud is a problem and the restriction of developers is a convenient side effect of solving it this way  and we’re not in a position to pretend we know Google’s internal reasoning. We’re just telling you what they’ve said and what it changes; you can weigh the “why” yourself. ↫ Nolen Johnson on the LineageOS website For LineageOS, these new verification measures dont really mean much, as they dont affect the projects work or software. The developer verification infrastructure is a separate application that is part of Google Mobile Services, and LineageOS does not ship GMS nor does it ever intend to. As such, they dont have to do anything, as this wont be an issue unless LineageOS users choose to install a GApps package that happens to include the developer verification infrastructure. If Google were to move the developer verification infrastructure into Play Services in the future, LineageOS makes it clear theyll disable it globally, as they have done with a number of other annoying Play Services-provided over-the-air update implementations . There really isnt much more they can do; the rest is up to users and projects that use LineageOS as their base.


  • Composite video on the NES: whys it so wobbly?
    The Nintendo Entertainment System. Is it the platonic ideal of an 8-bit video game system? Well, only because it’s so prominent and successful– it’s actually kind of an oddball in its expandability and design. But there’s something else about it. The picture is a bit… wobbly. Well, over composite video anyway. Let’s dig in and learn a little big more about the nitty-gritty of composite video. ↫ Nicole Branagan As usual, the information density in this article by Branagan is kind of remarkable, especially when you consider it never overwhelms you. Such a great read.


  • ReactOS implements very first NT6 system call
    A fairly big moment for the ReactOS project: it has just received its very first system call from NT6. The system call that has been added is NtGetCurrentProcessorNumberEx, which is used for returning the processor number of the logical processor that a caller is running on. It’s unclear how long it will take ReactOS to become compatible with Windows Vista software, but it took Microsoft around half a decade to develop Vista after the release of XP and marked a major upgrade, even if it didn’t land well with users at the time. ↫ Paul Hill at Neowin Its a milestone for sure, but not one thats going to make a huge difference for ReactOS at this moment in time. Still, its a sign of things to come, even if the very nature of the ReactOS project means that whatever things are coming tend to take a while to arrive.


  • Microsoft settles centuries of religious debate by providing clearest definition of hell to date: Windows with a website-based shell running only Copilot
    For how often people invoke it, the concept of hell! in Christianity is remarkably vague and nebulous, as both the Old and New Testament barely go into detail about the concept. As such, Im glad Microsoft has now given us a clear vision of hell and what, exactly, it looks like, ending centuries of denominational disagreements. Microsoft is currently selling the idea of Windows and Copilot as two separate things: an OS and an assistant riding along on top of it. However, a leaked video shows Project Aion, an internal prototype where Copilot doesnt just sit inside Windows, it becomes Windows, swallowing the Start menu, the taskbar, and three decades of desktop conventions in the process. The footage is reportedly two years old, so Aion is most likely dead by now. But its the clearest look yet at how far Microsoft was willing to take its agentic AI ambitions. ↫ Alfonso Maruccia at Techspot Everything about this is dreadful. Obviously replacing the entire shell with AI! nonsense is the main crime against usability here, but on top of that, this new shell is all just websites, all the way down, so everything is slow and stuttery. Since this runs on something called Win3!, which appears to be a very minimal, stripped-down version of Windows intended to only run the Edge browser engine, you cant run Win32 applications. If you do try to run a Win32 application, it will load the application in a remote virtual machine running in the cloud, which I;m sure does wonder for performance, responsiveness, and latency. We can all thank the lord this project is two years old and most likely cancelled by now, but we have no way of knowing if Microsoft is still intending for this to be the future direction of Windows. Since people dont want to use AI! of their own volition, it only makes sense in the technology industrys sick, twisted mind to force people into using AI! with efforts like this. Consent has never been Silicon Valleys strength, after all. At the time of writing, Microsoft is 225 billion dollars in the red on AI!, so I wouldnt be surprised if attempts to replace the regular Explorer shell with something AI!-based is still very much on the table in Redmond.


  • Vulkan-netbsd brings Vulkan to NetBSD
    NetBSD is the only BSD without a Vulkan stack (Mesa and Lavapipe), but thats about to change. The effort to bring Vulkan to NetBSD is now in beta, with prebuilt binaries coming soon. Mesa configures, compiles, links, installs, and registers the Lavapipe software Vulkan driver on NetBSD 10.1 amd64, against LLVM 19.1.7. The driver (libvulkan_lvp.so, ~17 MB) installs into /usr/pkg/lib, and its ICD manifest (advertising Vulkan API 1.4) installs into /usr/pkg/share/vulkan/icd.d/, so a Vulkan loader on the system can discover it. ldd resolves every dependency cleanly. The entire process — environment setup, dependency builds, the Mesa build, and installation — is automated end to end and reproducible on a fresh install. ↫ vulkan-netbsd GitHub page Its important to note that the next step in the process is to port the Vulkan loader, which is required to actually run Vulkan applications. This entire effort is still ongoing and seems to be handled mostly by Dean Howell alone, so expect breakage and incomplete documentation as development progresses. Still, this is a hugely important effort, and seeing it this far along is great news.


  • EveryMac celebrates 30th birthday
    EveryMac turned 30. On July 2, 1996, EveryMac.com launched. Thirty years is a long time  and a great deal has changed since then  but what has not changed is that EveryMac.com has been there to provide you with detailed info on every Mac from the original 128k to the current line. Thank you very much for your support through the years. ↫ EveryMac news item I thought OSNews was pretty unique with its founding in 1997, so its great to see another enthusiasts website as old as ours. Amazing company to be in, too  EveryMac is an indispensable, tirelessly maintained, and stupidly accurate resource that I use countless times each year. Heres to another 30 years.



Linux Journal News

  • EU OS: A Bold Step Toward Digital Sovereignty for Europe
    Image
    A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
    What Is EU OS?
    EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.

    Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
    The Vision Behind EU OS
    The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.

    Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.

    However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
    Conclusion
    EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.

    Source: It's FOSS
    European Union


  • Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.

    In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.

    On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.

    Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.

    The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.

    Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.

    You can download the latest kernel here.
    Linus Torvalds kernel


  • AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
    Image
    AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.

    This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.

    Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.

    Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.

    Source: 9to5Linux
    AerynOS


  • Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
    Image
    Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.

    Here’s a quick overview of what’s new in Xojo 2025r1:
    1. Linux ARM IDE Support
    Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
    2. Web Drag and Drop
    One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
    3. Direct App Store Publishing
    Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
    4. New Desktop and Mobile Features
    This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
    5. Performance and IDE Enhancements
    Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
    What Does This Mean for Developers?
    Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
    How to Get Started
    Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.

    Download Xojo 2025r1 today at xojo.com.
    Final Thoughts
    With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
    Xojo ARM


  • New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux

    Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.

    Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.

    Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 

    Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.

    Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.

    Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.

    By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
    Windows


  • Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities

    The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 

    As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.

    In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 

    After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.

    The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.

    At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.

    The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
    Security


  • Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges

    The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.

    A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.

    This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 

    The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.

    On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.

    In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
    kernel


  • Linux Celebrates 32 Years with the Release of 6.6-rc2 Version

    Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.

    The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.

    Here is what Linus Torvalds had to say in today's announcement:
    Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds


  • Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction

    Want to interact with ChatGPT from your Linux desktop without using a web browser?

    Bavarder, a new app, allows you to do just that.

    Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.

    With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.

    During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.

    At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.

    As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!

    Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
    ChatGPT AI


  • LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite

    Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.

    Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.

    LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.

    You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.

    All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.

    In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.

    Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.

    The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
    LibreOffice


Linux Magazine News (path: lmi_news)

  • Hannah Montana Linux Is Back!
    Developer Noah Cagle decided the world needed the once obscure but beloved Linux distribution and gave it a decidedly pink refresh.




  • Kubuntu Focus Goes Ultra
    The Kubuntu Focus team has upped the performance ante of its M2 and Zr laptops with the latest, greatest CPUs from Intel.









  • KDE Linux Drops AUR
    KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.










Page last modified on November 17, 2022, at 06:39 PM