|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- Sunsetting Tor 0.4.8
The Tor Project has announcedthat it is planning to actively stop supporting Tor 0.4.8 and earlierC Tor versions soon.
Usually, we try not to break existing releases, even if they areunsupported, unless we have a pretty good reason. In this case, wehave several reasons. [...]
The most important reason is this: in 0.4.9, we have made someformer fields in our directory data obsolete -- specifically, TAPonion keys and familylines. Removing these fields will let us save a great deal ofclient directory bandwidth for everyone. This, in turn, will make allTor clients bootstrap a little faster, especially those on slowconnections. But when we remove these fields, clients and relaysrunning earlier versions of Tor will no longer work, since they expectthe TAP onion keys to be present. Therefore, in order to deliverimproved performance faster, we need to accelerate the date on which0.4.8 will stop working.
The target sunset date is currently September 1,2026, after which any version prior to Tor 0.4.9 will cease to work onthe network. The first stable release in the 0.4.9.x series wasannouncedin February 2026, and the Tor 0.4.8.x series reached end of life onJune 1.
- Security updates for Tuesday
Security updates have been issued by Debian (ffmpeg), Fedora (erlang, ffmpeg, prometheus, python-scrapy, python3-docs, python3.14, thorvg, tigervnc, and vips), Mageia (mumble and sslh), Oracle (389-ds:1.4, dracut, firefox, hplip, kernel, openssh, postgresql:15, redis:6, and uek-kernel), Red Hat (delve, gvisor-tap-vsock, nginx, nginx:1.24, nginx:1.26, osbuild-composer, podman, rhc, skopeo, and yggdrasil), SUSE (containerized-data-importer, graphite2, kernel, libarchive, openssh, openssh-askpass-gnome, openvswitch, openvswitch3, postfix, python-lxml, python-nltk, python-python-multipart, python-urllib3, rmt-server, terraform-provider-local, terraform-provider-null, and util-linux), and Ubuntu (google-guest-agent, haproxy, libxml2, linux-azure, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle-5.15, mysql-8.0, mysql-8.4, and nginx).
- GIMP 0.54.1 in a Flatpak
The GIMP project reports thatGNOME contributor "balooii" has worked to package GIMP0.54.1—released in 1996—as a Flatpak that will build andrun on modern 64-bit Linux systems. This is a Motif-basedversion, and the same version that was usedby Larry Ewing to create Tux.
While not likely to be useful for serious graphics work today, itshould be interesting for users who would like to see what a30-year-old version of GIMP was capable of.
- [$] Free-threaded Python: past, present, and future
Probably the biggest change for Python over the last five years or so isthe advent of the "free-threaded" version of the language, which removes theglobal interpreter lock (GIL) and allows multiple threads to run inparallel in the interpreter. At PyConUS 2026, held in Long Beach, California in mid-May, longtime CPythoncore developer (and current steering council member) Thomas Wouters gave atalk about the feature. He looked at the motivation behind the GIL-removalefforts, some history,the current status of the free-threaded interpreter, and provided aprediction on where it all leads.
- First preview release of Xfce's Wayland compositor
Brian Tarricone has announcedthe first preview release of xfwl4, a Wayland compositor for the Xfce desktop environment.
After close to six months of work, I feel like it's ready to getsome wider use, even though of course there will be bugs and missingfeatures. Think of this as an alpha release. [...]
The end goal of xfwl4 is to behave as closely as possible to anXfce desktop running on an X server. Ideally a user could switchbetween the two without even knowing there's a difference. In reality,of course, it won't be quite that seamless, and there's still morework to be done to get as close as possible to that ideal. This is afirst solid cut at it, at the very least.
- [$] Reports from OSPM 2026, day one
The Power Managementand Scheduling in the Linux Kernel Summit, which still goes by thehistorical acronym OSPM, was held in Cambridge, UK, in mid-April. As hasbecome traditional, the presenters at that event have since writtensummaries of their sessions, and this work has kindly been made availableto LWN for publication. The first day's sessions covered a wide range oftopics, including idle-state selection, user-space schedulers withsched_ext, lock-holder preemption, and much more.
- Security updates for Monday
Security updates have been issued by AlmaLinux (389-ds:1.4, kernel, and kernel-rt), Debian (gst-libav1.0, gst-plugins-good1.0, imagemagick, kernel, libconfig-inifiles-perl, libgd-perl, libhttp-daemon-perl, mediawiki, pillow, and squid), Fedora (389-ds-base, alertmanager, ansible-core, buildah, chromium, erlang-cowboy, erlang-cowlib, erlang-gun, freerdp, kubernetes1.33, kubernetes1.34, kubernetes1.35, mingw-SDL2_image, ongres-scram, ongres-stringprep, openssl, perl-Config-IniFiles, perl-Crypt-PBKDF2, podman, postgresql-jdbc, python3.13, strongswan, webkitgtk, xdg-desktop-portal, and yt-dlp), Red Hat (osbuild-composer), SUSE (alloy, amazon-ssm-agent, ansible-core, apache-sshd, jpgpj, azure-storage-azcopy, chromedriver, containerized-data-importer, firefox, glibc, graphite2, inspektor-gadget, kubevirt, lemon, openvswitch, python-starlette, python311, python311-joserfc, python313, and tinyproxy), and Ubuntu (netatalk).
- Systemd v261 released
Systemd v261 has been released with a long list of changes, including a newcloud "Instance Metadata Service" (IMDS) subsystem, "boot secret"functionality for use on systems that lack a physical TPM, as well assupport for the kernel's Live Update Orchestration (LUO) / KexecHandover (KHO) systems when they are present and enabled. See therelease notes for the full list of changes.
- Linux 7.2 Showing Some Unexpected & Nice Performance Gains On AMD EPYC Sorano
While the Linux 7.2 merge window doesn't wrap up until this weekend as the feature cut-off for new material, I have already begun some early benchmarks of the code currently staged for this next version of the Linux kernel. Linux 7.2 already was looking quite exciting with cache aware scheduling and other exciting new features while an unexpected surprise in my early testing this week was seeing some local network/socket performance improvements...
- Linux's ARM64 NEON Intrinsics CRC64 Code Adapted To Work On 32-bit ARM
Merged for Linux 7.1 was ARMM64 NEON-accelerated CRC64-NVMe support for around 6x the performance out of that checksumming algorithm. The generic code had been a bottleneck in NVMe and other storage subsystem code of the Linux kernel with CRC64-NVMe being used to help verify against data corruption. Now for Linux 7.2, the NEON-accelerated code will also work for those still relying on 32-bit ARM...
- Mushroom Behind 'Tiny Human' Visions Lacks Genes For Known Psychedelics
alternative_right shares a report from ScienceAlert: If you consumed a wild mushroom and suddenly started seeing tiny people around you, you might reasonably assume it contained a familiar psychedelic. But that does not appear to be the case with Lanmaoa asiatica, known locally as jian shou qing, a mushroom species sold in markets in Yunnan, southwestern China. When eaten undercooked, the mushroom can produce vivid visions of miniature people -- not unlike Gulliver on his travels to Lilliput. To try and find out the root cause, University of Utah mycologists Colin Domnauer and Bryn Dentinger sequenced the genomes of 53 mushroom samples from across the wider Lanmaoa genus. And despite the reported hallucinations, they found no close matches to genes associated with psilocybin or ibotenic acid, two well-known mushroom hallucinogens whose biosynthetic pathways were specifically examined in the study. "Biosynthetic gene mining of the L. asiatica genome found no close hits with any genes known in the production of mushroom psychoactive compounds," write the researchers in their published paper. "This supports our hypothesis of the presence of a novel unidentified metabolite responsible for the unique hallucinogenic properties of L. asiatica." [...] Whatever chemical pathways are causing these effects in the brain, the responsible compound appears to be something scientists have not yet identified. [...] By identifying 1,515 corresponding genes across the selected specimens, the researchers obtained a clearer answer to the question of what defines a mushroom species as part of the genus Lanmaoa. There are now 17 recognized species in the genus, including four that haven't been identified before, two of which the researchers specifically named here: Lanmaoa fallax and Lanmaoa carbonilivor. The researchers say the Lanmaoa family and evolutionary tree can now be more fully mapped out, and some existing specimens may need to be reclassified.
 
Read more of this story at Slashdot.
- Europe: The World's Fastest-Warming Continent
fjo3 shares a report from the AFP: The latest heatwave sweeping across Europe is a stark reminder that it is the world's fastest-warming continent, stretching into an Arctic that is heating at an even greater pace. Britain, France, Italy and Spain have issued red alerts and health warnings for much of their territory this week as the region endures its second heat episode since May. Here is a look at why Europe is warming faster than elsewhere: The planet as a whole is around 1.4C warmer than in preindustrial times, defined as 1850-1900. By comparison, Europe is around 2.4C hotter than the preindustrial era, according to the EU's Copernicus Climate Change Service. The long-term rise in global average temperatures is mainly due to greenhouse gas emissions from burning oil, gas and coal, but it varies by regions due to a combination of factors. Land warms faster than the ocean as water can absorb more heat and cool through evaporation. Shifts in atmospheric circulation have driven more frequent and more intense heatwaves in the European summer, according to Copernicus. High-pressure systems, which bring settled weather and higher temperatures, have become more common in Europe, Copernicus director Carlo Buontempo said. [...] Another major reason is geography as Europe is connected to the Arctic, which is 3.2C warmer than in preindustrial times. The region's rising temperatures are partly due to a process known as the albedo feedback. Bright snow and ice reflect much of the sun's heat back into space, but as they melt they reveal darker, heat-absorbing surfaces such as land and the ocean. In other parts of Europe, areas where snow was very frequent in winter have seen this coverage shrink, exposing dark land. Stricter air quality regulations have reduced aerosol emissions since the 1980s. But tackling the pollutant had the side effect of contributing to global warming, as these tiny airborne particles have a cooling effect by reflecting sunlight and making clouds more reflective.
Read more of this story at Slashdot.
- US AI Stock Sell-Off Shakes Markets From Wall Street To Asia
An anonymous reader quotes a report from The Guardian: A tech sell-off shook global markets on Tuesday as attention turned away from developments in the US war with Iran and toward the future of AI companies and chipmakers that have driven stock markets to record highs. The tech-heavy Nasdaq index closed 2.2% lower on Tuesday. The S&P 500 was also down by Tuesday afternoon, dropping 1.43% while the Dow remained steady. All three major US indices have hit record highs this year, riding off a rush of funding to support AI technology and infrastructure. Nasdaq is up 10% for the year, while the Dow jumped 6% so far this year, breaching past 51,000 points, and the S&P 500 is up 7.3%. But some economists have warned that the influx of AI spending is a bubble reminiscent of the dot-com bubble that burst in the early 2000s. Seven tech companies make up 30% of the S&P 500's value. The heavy reliance on a single industry and a few key companies has some investors wondering if it's a matter of when, not if, there will be a burst. Those concerns have been heightened by signals from the Federal Reserve last week that it may increase interest rates, and therefore the cost of borrowing, in order to tackle rising inflation. Alphabet fell 5% on Monday. SpaceX plunged 16%. The selloff also spread to Asia, with South Korea's benchmark dropping 10% as SK Hynix and Samsung Electronics each lost more than 12%, while Japan's Nikkei 225 declined 3.5%.
Read more of this story at Slashdot.
- 29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests
A 29-year-old bug in the Squid web proxy, dubbed Squidbleed and tracked as CVE-2026-47729, can let an authorized proxy user retrieve fragments of another user's cleartext HTTP requests, including credentials and session tokens. The security researcher who reported the flaw credited Anthropic's Claude Mythos Preview for the discovery. The Hacker News reports: Squid describes this as an attack by a trusted client: someone already permitted to use the proxy, not any random host on the internet. That matches Squid's usual home, shared networks like schools, offices, and public Wi-Fi. In those setups, the attacker is just another user of the same proxy. The leak also only reaches traffic that Squid can read. Normal HTTPS rides an opaque CONNECT tunnel, so Squid never sees inside it; the exposed traffic is cleartext HTTP, plus TLS-terminating setups where Squid decrypts and inspects. The attacker also needs the proxy to reach an FTP server they control on port 21. Both FTP and that port are on by default. [...] If you patch, verify the fix, not just the version. Confirm the guard is in FtpGateway.cc, or check your distribution's backport, since distros ship their own builds (Debian packages Squid 5.7). The public thread is still inconsistent: maintainer Amos Jeffries first said Squid 7.6 carried the fix, then corrected that to 7.7, and on June 22 Debian's Salvatore Bonaccorso noted the referenced commit looks like it is already in 7.6. The fix is small, a null-terminator check before the vulnerable strchr calls, merged to the development branch in April and v7 in May. Squid 7.6 does separately patch CVE-2026-50012, an unrelated cache_digest heap overflow. The cleaner move is the one the researchers recommend anyway: turn FTP off. Chromium dropped FTP years ago, and most networks carry almost none of it, so disabling it removes this attack surface for free, whatever build you run. The risk is real but bounded. SUSE rates it moderate, CVSS 6.5, and the vector explains the score: the attacker needs proxy access (low privileges), and the only impact is confidentiality, nothing on integrity or availability.
Read more of this story at Slashdot.
- China Reclaims Fastest Supercomputer At 2 Exaflops
Longtime Slashdot reader hackingbear shares a report from TOP500: The 67th edition of the TOP500 list of the world's most powerful supercomputers was announced today at the ISC 2026 conference in Hamburg, Germany. LineShine, a previously unlisted system installed in China, debuts at No. 1, displacing El Capitan as the world's most powerful supercomputer as measured by the High Performance Linpack (HPL) benchmark. LineShine achieved 2.198 Exaflop/s on HPL -- about 80 percent of its 2.736 Exaflop/s theoretical peak -- making it the first system on the TOP500 to exceed two exaflops of sustained double-precision performance using CPUs only. Installed at the National Supercomputing Centre in Shenzhen (NSCS) and built by the Shenzhen Cloud Computing Center, the system is based on a custom Chinese processor and the "LingKun" platform: 13.79 million cores across 304-core LX2 processors running at 1.55 GHz, linked by the proprietary LingQi interconnect and running Kylin OS. LineShine draws approximately 42.2 megawatts of power, for an efficiency of 52.07 Gigaflops/Watt. Its debut marks the first time since 2017 that a Chinese system has led the TOP500, and it also takes over the No. 1 position on the HPCG ranking with 22.00 HPCG-Petaflop/s. On the HPL-MxP mixed-precision benchmark, LineShine reached 7.92 Exaflop/s for fourth place, a comparatively modest 3.6x speedup over its HPL score that points to a CPU-only design without dedicated low-precision accelerators. While impressive, "the results may say more about Beijing's desire to show self-sufficiency in computing systems than its standing in the global AI race," reports Reuters. Reuters interviewed tech and policy experts who said that the results "do not mean that China has the world's fastest computer for AI work because of changes in the computing industry in recent years and the methods used to compile the list." The reports notes that LineShine "ranked fourth on a benchmark test designed to simulate computing work that is more similar to AI." Jimmy Goodrich, a senior fellow at the University of California's Institute for Global Conflict and Cooperation, said: "If the hyperscalers submitted their systems, this 'world's fastest' would not crack the top five." Addison Snell, CEO of Intersect360 Research, a firm that focuses on supercomputers, added: "I'm not surprised it's the number one system. What I'm surprised by is that they submitted it and want recognition for it."
Read more of this story at Slashdot.
- Wikipedia Cofounder Larry Sanger Banned From Site for 'Canvassing'
Wikipedia cofounder Larry Sanger has been indefinitely banned from editing the site after editors concluded that he violated its canvassing rules, "or in other words, calling on his followers off platform in order to influence Wikipedia's content," reports 404 Media. Sanger says the ban proves Wikipedia suppresses ideological diversity, while editors argue he was trying to mobilize an outside audience to influence internal decisions and had ignored an earlier warning. From the report: The discussion that led to the decision to ban Sanger concluded with what an editor called a "clear consensus" to ban Sanger. "There is general agreement among participants that he has engaged in off-wiki canvassing and is not here to constructively build the encyclopedia," the editor said in a note closing the discussion. "There is also a significant concern shared by many editors that his actions constitute calls for outing." While Sanger has been railing about bias on Wikipedia for years, the specific issue here is around his WikiProject Intellectual Diversity. WikiProjects are group efforts among Wikipedia volunteers to deal with certain issues on the site. [...] Sanger's WikiProject Intellectual Diversity, as its name implies, aims to bring more intellectual diversity to the site, mostly meaning more right-leaning perspectives. Sanger's WikiProject Intellectual Diversity and its goals alone do not merit a ban according to Wikipedia's policies. The problem, according to Wikipedia editors, is that during the discussion about whether to allow WikiProject Intellectual Diversity to become an official WikiProject, Sanger invited his 91,000 followers on X to influence that discussion. Discussions about potential bans are supposed to remain open for at least 72 hours. While consensus that Sanger had violated Wikipedia policies was clear, Sanger was banned at some point before that deadline. He was then briefly unbanned, and then again indefinitely banned once 72 hours had elapsed and the discussion about the ban closed. "Wikipedia has become more of a mob-rule anarchy than ever," Sanger said in a statement sent to me by a spokesperson. "In the kangaroo court in which a mob ousted me, Wikipedia's administrators showed that they don't appear to value details like formal charges, a designated prosecutor, basic decorum, distinction between prosecution and judge, dispassionate adjudication, and so forth. They have no proper system other than triggering a mob to selectively enforce their hodgepodge of vague rules." "Now that same mob has blocked me for trying to bring an intellectually diverse group of thinkers and editors to the site," Sanger continued. "Subscribing to their groupthink is now an official requirement of being a member in good standing. Something must change, and now. I only wonder if the system as it currently stands can even allow the discourse necessary to fix the system."
Read more of this story at Slashdot.
- Walmart, In Biggest Deal In Two Years, Buys Advertising Tech Firm Vibe.co
Walmart is acquiring self-serve connected-TV ad platform Vibe.co for a reported $1.4 billion, adding it to an advertising ecosystem that already includes smart-TV maker Vizio. AdExchanger reports: On Tuesday, Walmart announced that it is buying Vibe.co, the French self-serve ad platform that specializes in helping small brands buy streaming commercials with similar ease and precision as they get from search and social. Vibe has been vying for a bigger share of the ad dollars moving to connected TV, especially in the US, as evidenced by the company's ubiquitous billboards in major cities including New York and San Francisco. Now, Vibe joins Walmart Connect's commerce ecosystem alongside the smart TV maker Vizio. And Vibe's tech is poised to help unify Walmart's growing CTV footprint with the closed-loop attribution provided by its retail sales data. [...] Together, Walmart and Vibe.co strive to "build the best ecosystem for the performance TV market," Vibe CEO and Co-Founder Arthur Querou told AdExchanger. Performance CTV has a high ceiling for growth. The performance budgets dedicated for streaming platforms are still small potatoes compared to search and social, Querou said. Only one-quarter of CTV ad campaigns have lower-funnel objectives, and that number has been static for years, according to data from Advertiser Perceptions. Now that Walmart owns both Vibe and Vizio, advertisers should have an easier time tying streaming campaigns to shopper data. That promise stands to win Walmart more marketing dollars earmarked for retail media and streaming behemoths -- including Amazon. Walmart is especially interested in attracting more small- and medium-sized businesses (SMBs) who lack the tools, budgets or teams to invest in streaming TV, a Walmart spokesperson told AdExchanger. Other ad platforms, including MNTN and Magnite, have likewise targeted SMB advertisers as a source for continued growth in the CTV market. By adding Vibe.co, Walmart can court SMBs with the pitch that its new self-serve tools will make it easier for them to execute CTV campaigns. Plus, SMBs tend to prioritize performance campaigns, since they are under more pressure to justify tighter ad budgets and thus have to be more selective about which platforms they advertise on. And Walmart is better positioned than most platforms to prove its ads drove performance thanks to its retail data foundation.
Read more of this story at Slashdot.
- Mark Zuckerberg Directed Meta To Create a Prediction Markets App
An anonymous reader quotes a report from the New York Times: Mr. Zuckerberg, the chief executive of Meta, recently dispatched a small team at his company to create a smartphone app similar to Polymarket and Kalshi, two employees with knowledge of the matter said. Users would not wager money, and the app would probably rely on a video game-like points system instead, one person said, though the company had not ruled out the eventual use of real money betting. The app is internally referred to as "Arena" and would function independently from Meta's social networking apps, which include Facebook, Instagram, WhatsApp and Messenger, said the employees, who spoke on the condition of anonymity to discuss confidential plans. Meta aims to grow the app by leveraging its large social networking audiences and directing them toward using it, they said. The effort, which insiders characterized as experimental but a top priority, is part of a broader push by Mr. Zuckerberg to create new types of apps based on emerging social behavior online. More than 3.56 billion people visit one or more of Meta's apps every day, an amount that has raised questions about whether those platforms have reached a saturation point. Arena is one of a handful of apps that Meta is trying out. Others include one called Meta Photos, another stand-alone app which would create new types of media using artificial intelligence, the employees said. [...] Meta insiders have cautioned that Arena remains in development and may not be released. But as executives search for ways to keep the world's largest social media sites thriving, Mr. Zuckerberg appears to be relying on his well-worn product development strategy: Follow the users.
Read more of this story at Slashdot.
- Digital Euro Expected To Launch By 2029 After EU Backing
The European Parliament's economic committee has backed a digital euro designed to reduce Europe's dependence on US-controlled payment networks such as Visa and Mastercard. The ECB-backed currency is targeted for launch by 2029 after a full parliamentary vote and negotiations with EU member states. Euronews reports: Under the proposal, consumers would be able to hold digital euros in a dedicated wallet, subject to a holding limit that has yet to be determined. The system would support both online and offline payments and is intended to offer a high degree of privacy, with the ECB unable to directly identify users from their payment data. The ECB would provide the underlying infrastructure, while commercial banks and payment service providers would offer digital euro services to customers. Financial institutions are expected to be compensated for their participation in the scheme, while merchants will pay fees that are expected to be lower than those associated with current card transactions. How that compensation should be structured remains one of the most contentious issues ahead of negotiations with EU member states, according to three sources familiar with the discussions. [...] The European Parliament is expected to formalise the committee's position during a plenary vote in Strasbourg in early July. Negotiations with the EU's 27 member states would then begin, with lawmakers aiming to reach a final agreement before the end of the year.
Read more of this story at Slashdot.
- Meta Launches Cheaper Smart Glasses Without Ray-Ban
Meta has launched its first smart glasses without Ray-Ban branding. Starting at $299, they're cheaper than the Ray-Ban Meta Gen 2 while retaining EssilorLuxottica as a design and manufacturing partner. The Verge reports: As far as style and specs, the Meta Glasses aren't that different from Ray-Bans. The internal specs are the same as the recently released Ray-Ban Meta Optics Styles, with slightly longer battery life. The Adventurer models have thinner rims, while the Fury models hew a bit closer to the Meta Ray-Ban Display with a bolder, chunkier frame. You could describe the Adventurer as square, and the Fury as even more square. The Kylie glasses sport a more unique design with a distinct Y2K flavor that I'm told is meant to be worn lower on your nose. [...] While playing around with the Meta Glasses, it was hard not to notice that the camera appears smaller than in previous Ray-Ban glasses. Technically, Himel tells me, that's not new to these Meta Glasses. It was actually introduced back in March with the prescription-optimized Optics Styles. [...] Meta is quadrupling down on AI. The new Meta Glasses will all launch with Muse Spark, the first model out of Meta's Superintelligence Labs. (It'll also be arriving on older Ray-Ban and Oakley glasses in the US and Canada via a software update.) Supposedly, that means more helpful glasses. At my hands-on, I was told that Meta AI would now be less stiff. I'd be able to talk to it more naturally and get smarter responses. The AI now supports 14 more languages, including Arabic, Japanese, Mandarin, Hindi, and Korean. Pedestrian turn-by-turn navigation is also coming to Meta's displayless glasses. Later this month, there'll be a new "dynamic photo" feature that automatically takes multiple frames and then recommends the best one.
Read more of this story at Slashdot.
- % Prime Day Savings Are Live! Save up to 75% on training, certifications, bundles, and THRIVE-ONE Annual. Ends June 26.
The biggest learning deals of the season have arrived. Save up to 75% on training, certifications, bundles, and more through June 26, and take the next step toward your professional goals. SAVE NOW
The post % Prime Day Savings Are Live! Save up to 75% on training, certifications, bundles, and THRIVE-ONE Annual. Ends June 26. appeared first on Linux.com.
- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
- "Disgusting" Linux sched_ext Source Code Restructured Following Complaint By Linus Torvalds
Last week the main set of sched_ext changes were merged for Linux 7.2 that included continued work on sub-scheduler support. While Linus Torvalds didn't object to any of the features being worked on for this extensible scheduler framework that relies on user-space BPF programs, he was frustrated by the layout of the new C source files and remarked, "please don't do this disgusting thing...proper hierarchical filesystems have been available since 1965."..
- BASIC09 Programming Language Front-End Developed For LLVM
The 46-year-old BASIC09 programming language has new compiler support with a front-end having been developed for the LLVM compiler stack. BASIC09 was developed in 1980 for the Motorola 6809 CPU running with the OS-9 operating system. With this LLVM compiler front-end, you can write BASIC09 code for modern software and hardware...
- Linux 7.2 Showing Some Unexpected & Nice Performance Gains On AMD EPYC Sorano
While the Linux 7.2 merge window doesn't wrap up until this weekend as the feature cut-off for new material, I have already begun some early benchmarks of the code currently staged for this next version of the Linux kernel. Linux 7.2 already was looking quite exciting with cache aware scheduling and other exciting new features while an unexpected surprise in my early testing this week was seeing some local network/socket performance improvements...
- DeviceTree-ACPI Hybrid Mode Proposed For Improving Linux Support On Snapdragon Laptops
Over the years while working at Red Hat, Hans de Goede was known for driving many wonderful Linux laptop improvements benefiting AMD/Intel x86_64 hardware. Hans left Red Hat last year and ended up joining Qualcomm to advance their open-source/Linux support. Today he is out with a significant new patch series for consideration that has the potential of significantly improving the Qualcomm Snapdragon X Series laptop Linux support and also important indicators for better Snapdragon laptop support on Linux moving forward...
- In memory of the man who put red and green squiggles under words
Every little thing in a graphical user interface that we take for granted today, no matter how small, was thought up by someone, at some point. Case in point: the little red squiggly lines underneath misspelled words. In one form or another, these are everywhere now, and have just become a regular staple of every single text editing field we encounter every single day and don�t stop to think about. Still, they were invented by someone, and we happen to know exactly who that was: Tony Krueger. In early versions of Word, the Spell Check feature was something that you explicitly invoked, and then you had to sit and wait while the program looked for all your potentially-misspelled words, and then showed them to you one at a time for a decision on what to do for each one. Word did introduce an Auto Spell Check feature to run spell check when the user was idle, so that when you hit the Spell Check button, the results were ready to go. However, the Auto Spell Check was still a blocking operation. As a result, a lot of users turned it off because it always seemed to decide “Now would be a good time to spell-check the document” just as you wanted to do something, forcing you to wait for the spell check pass to complete before you could, say, save and exit. Tony made the spell checker much more unobtrusive so that it didn’t interfere with your foreground work. And when it found a problem, instead of waiting for you to trigger a spell check, it immediately drew red squiggles under potentially-misspelled words (and later green squiggles under potential grammatical errors). ↫ Raymond Chen at The Old New Thing Tony Krueger passed away recently, after, among other things, having worked on an dizzying number of Microsoft Word releases. Imagine coming up with something that seems to basic and elementary to us now, and seeing it spread pretty much everywhere. I wonder what it must feel like to have invented something that seems so simple, most people don�t even realise they use it every single day.
- KDE is going to fix network shares
I�ve had my share of issues with network shares on any operating system, but since I mostly use KDE these days I found this deep dive into how, exactly, network shares work in KDE quite interesting. It turns out that while network shares in KDE�s Dolphin mostly work, it does involves a few layers that sometimes don�t interact well with each other, leading to really curious and annoying problems with mounted shares not appearing, permission issues, and so on. The biggest cause of problems is when using a non-KDE application in KDE that also happens to use a non-KDE save/open dialog. Such a non-KDE save/open dialog won�t be able to see any network shared mounted by KDE, and sadly, quite a few applications you�re likely to use on a KDE installation use non-KDE open/save dialogs, like Blender, GIMP, LibreOffice, OnlyOffice, Inkscape, Audacity, DaVinci Resolve, and more. That�s one hell of a list of applications to offer inconsistent or outright broken access to network shares you�ve set up and mounted in KDE. Luckily, this issue seems to be getting a ton of attention soon. All is not lost. Happily, KDE just received an investment of over €1.2 million from the Sovereign Tech Fund, and it includes funding for improvements to KDE’s network share handling! ↫ Nate Graham The project is in the planning phases at the moment, but they�re considering a whole slew of possible changes, fixes, and workarounds to make this stupid and annoying problem just go away. In 2026, nobody should be dealing with manually editing /etc/fstab or getting frustrated over supposedly disappearing network shares.
- Xfce�s new Wayland compositor sees first alpha release
The developer working on Xfwl4, the Wayland compositor for Xfce, has published the new compositor�s very first alpha release. Considering it�s only been six months or so of work, it�s impressive to see the effort reach this state already. The end goal of xfwl4 is to behave as closely as possible to an Xfce desktop running on an X server. Ideally a user could switch between the two without even knowing there’s a difference. In reality, of course, it won’t be quite that seamless, and there’s still more work to be done to get as close as possible to that ideal. This is a first solid cut at it, at the very least. ↫ Brian Tarricone Being the very first alpha release, it won�t surprise you there�s a few things missing or broken at this point. Still, if you�re brave, you can download and build the release and try it out.
- Valve opens Steam Machine waitlist
Valve officially made the Steam Machine available (sort of but not really) today, and if you were hoping for the president of the Yacht Collectors� Club to have found a loophole through the RAM and storage crisis, I�ll be the bearer of bad news: the base Steam Machine model with 512GB of storage and no controller costs $1049 or €1039. It�s clear that this price is significantly higher than Valve had originally anticipated, as the company dedicates the first part of its press announcement to this sticker shock. Steam Machine,`like our other hardware products, is made up of many components that we source from manufacturers around the world. The price at which we sell our hardware is a direct result of the cost of these components. We felt like we had a good understanding of how those costs might change over time when we first started sourcing them for Steam Machine back in 2023. That understanding was born from the many years of data we all have about the evolution of PC hardware prices – primarily, that it tends to get cheaper over time as new technology arrives. Over the past year or so, that has changed quickly and significantly, most visibly for RAM and storage components. There are a variety of reasons, all of which are affecting hardware products everywhere. The overall effect is that our original goal for the price of Steam Machine is no longer viable. So the prices we�re sharing today reflect the state of the world for manufacturing; or, more accurately, it reflects the price of the components as we�ve secured them over the past 6 months. Price wasn�t the only thing impacted by all of this: availability was as well. There were periods where we found we couldn�t source some of our components at all, at any price. More than anything else, this has impacted the number of units we�ve been able to produce for launch. ↫ Valve press announcement As Valve mentions, availability is also going to be an issue, and thus they�ve had to settle on a complex reservation and lottery system. Between now and 25 June, you can sign up for a model, after which the entire pool of reservations will be randomised to determine a waitlist order. As machines become available, they will simply go down the list from first to last as determined by that randomisation. In other words, you can�t just go out and buy one right away. At this price and for the hardware the Steam Machine contains � an AMD Zen 4 CPU with 6c/12t up to 4.8 Ghz, a custom RDNA3 GPU, and 16GB of DDR5 RAM and 8GB of DDR6 video RAM � you�re probably better off sticking with what you already have. Until the AI! bubble pops and prices come down again, that is. Thanks, AI! techbros. Everybody despises you.
- A tale of two path separators
In macOS, you can apparently create files and directories in the Finder with names that include slashes. If you then go into the terminal and take a look with ls, you�ll see that the slashes are actually colons. I don’t understand all the nuances, but I know this is a side-effect of the fact that macOS has not one but`two`path separators: the slash (/) and the colon (:). The two separators are used in different contexts, and the system will translate between them as needed. These two separators reflect the two parent systems of modern macOS:`classic Mac OS`and the`Unix-like NeXTSTEP. When they were joined together, Apple’s engineers had to build a file system that was compatible with both the classic Mac’s file system (the Mac OS Extended File System, aka HFS+), and with NeXTSTEP’s file system (the Unix file system, aka UFS). Among other differences, these systems had different path separators: HFS+ used a colon, while UFS used a slash. ↫ Alex Chan (article from 2021) I had no idea macOS worked this way, but it makes sense considering the platform�s dual history. What�s interesting is that when Apple moved to APFS almost a decade ago, this duality in path separators remained, most likely for backwards compatibility reasons. In a sense, this is somewhat similar to Windows supporting both backward and forward slashes, with the former being a leftover from DOS, and the latter an addition (to Windows) from the UNIX world. None of that beats Windows when using the Japanese or Korean locale, though. Because Japanese and Korean Windows use different codepages than Windows in the Americas and Western Europe, these versions of Windows render the backslash as the yen sign (¥) and and won (₩) sign respectively. As such, something like the Program Files directory actually renders like C:¥Program Files¥ and C:₩Program Files₩. Similar issues occurred in other Windows locales as well, but the impact of this in Japan and South Korea were so widespread that people just expect it to be that way, even if it�s easily fixed today. I can�t find if Windows 11 still uses ¥/₩ in Japan/South Korea, since the last references of it I can quickly uncover all point to Windows 10.
- Apple internals: Swift in the kernel
Apple�s Swift has become the de-facto language for Apple�s own developers for a while now, and it seems that with the new operating system releases from the company unveiled during WWDC, Switch is now also being used in the kernel. Naturally I dropped what I was doing and went grepping through the iOS 27 kernelcache. Alas, nothing came of it. All is not lost though: I found the Embedded Swift runtime in macOS 27, sitting in`com.apple.kec.pthread`of all places. Then I went poking around the root filesystem and it turns out Apple gave the whole effort a name: KernelKit. Let�s dissect it. ↫ Josh Maine It�s still quite limited at this time, which makes sense � you don�t want to be too crazy with the core of the operating system that runs on god knows how many PCs, smartphones, and other devices. It�s also entirely contained within a few kexts as embedded runtimes, and the XNU kernel itself remains entirely C and C++.
- I stored a website in a favicon!
Every website has a favicon. It�s that little icon in your browser tab. Usually you upload it once and then never think about it again. But. A favicon is just an image. An image is just pixels. And pixels are just bytes. So of course I wondered if I could store something inside one. ↫ Tim Wehrle I love it when people do something useless just for fun.
- What was nice about the UI of Windows 2000
I mean, this is preaching to the choir, but let�s go anyway. I liked the UIs of the entire era from 3.0 to 2000, really. I�m mostly using Windows 2000 as an example here because it runs so well in QEMU/KVM and that allows me to easily take screenshots. Some of the following will sound absolutely trivial, but I think it�s worth pointing out. ↫ movq.de blog Just a series of observations about how much better graphical user interfaces were back in the �90s and early 2000s. We�ve lost so many affordances based on both common sense and scientific study, and what we ended up with is a confusing, inconsistent mess. It doesn�t really matter where you look � user interface design has deteriorated since the early 2000s, a decline that only accelerated thanks to the arrival of the iPhone, where consistency is a dirty word, and the web, where the advertising people took prominence over the design people. I just want my buttons to look like buttons man.
- To study how chips really work, MIT researchers built their own operating system
A fascinating novel approach by researchers at MIT, called Fractal, to study in-depth how processors actually work. A team at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) decided to build something different. Fractal, an operating system kernel written from the ground up, treats the hardware itself as the object of study. Its first major use, a deep look at branch predictors — a CPU’s way of guessing what code to run next, before it knows for certain, so it doesn’t have to waste time waiting to find out — inside Apple’s M1 processor, has already turned up findings that prior work missed, including the first evidence that a class of speculative attack known as “Phantom” affects Apple Silicon. “We’re using hardware in ways it wasn’t designed for,” says Joseph Ravichandran, the MIT PhD student in electrical engineering and computer science (EECS) who led the project. “It’s not even obvious that this is a possible thing you could do with the hardware. But we found a way to pull all these different primitives off. It’s like a microscope. If you’ve got a hand magnifying glass, you can see a little bit. But if you had an electron microscope, now we’re really talking. That’s what Fractal is. The electron microscope of operating systems.” ↫ Rachel Gordon at MIT News While Fractal is small, its creators also added POSIX system calls, a C library, vim, GCC, a shell, and more. This way, it feels more familiar, and makes it easier for researchers to get started with the tool. Fractal is open source and hosted on GitHub, it has its own website, and there�s a detailed research paper with more in-depth information.
- AmigaOS 2: the greatest upgrade
Five years after releasing the Amiga 1000, Commodore was about to launch the Amiga 3000, their first real high-end Amiga. With a 68030 processor, on-board SCSI and a slightly updated graphics chipset, all in a sleek desktop case, the Amiga was truly ready for the era of professional 32-bit computing. But Moore�s law wasn�t the only thing thad had been pressuring Commodore since the release of the Amiga 1000: The desktop metaphor had matured even further, and the competition had been hard at work. IBM had launched OS/2, Windows 3.0 had turned Microsoft�s offering from a proof of concept into something actually usable, and new players had entered the scene � among them NeXTStep, with its polished 3D look. It was time to bring AmigaOS, too, into the 1990s. ↫ Carl Svensson It�s interesting � there�s a lot of focus on the first version of the Amiga operating system and the third one, but you don�t hear a lot about AmigaOS 2.x. It turns out this is rather odd, because as Svensson details, this version came with an absolute ton of changes and improvements, from an entirely new widget toolkit to a brand new file system, and so much more. The new widget toolkit and accompanying style guide also ensured that the operating system looked, felt, and behaved consistently. Remember when we cared about that? There�s so much more cool features, though, like command history, line editing, universal clipboard support and more just for the CLI, as well as something called Commodities. These were tiny little programs managed from a central location, which didn�t even need a GUI to work. Commodities included by default were things like ClickToFront, a focus-follows-mouse option, and more. Oh and of course, BASIC was replaced by ARexx. The list just keeps going, and you should really read Svensson�s article.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- KDE Linux Drops AUR
KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.
|
