|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- [$] Using dma-bufs for read and write operations
The kernel's dma-bufsubsystem provides a way for drivers to share memory buffers, usuallyin order to support efficient device-to-device I/O. At the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, Pavel Begunkov, assistedby Kanchan Joshi, led a joint session of the storage and memory-managementtracks to explore ways to make the use of dma-bufs more efficient yet, andto make them available for read and write operations initiated by userspace.
- [$] Scaling transparent huge pages to 1GB
As a general rule, when developers talk about huge pages, they arereferring to PMD-level pages that are 1MB or 2MB in size, depending on theCPU architecture. Most CPUs can support other huge-page sizes, though. Onx86 systems, PUD-level huge pages hold 1GB of data. Providing such largepages transparently to processes has generally not been considered aseither feasible or desirable, but Usama Arif is trying to change thatassessment. At the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, he led a session in thememory-management track on how to make transparent huge pages (THPs) trulyhuge.
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (freerdp, glib2, libsoup3, and openexr), Debian (dnsmasq, p7zip, p7zip-rar, python-authlib, and rails), Fedora (chromium, firefox, httpd, and nss), SUSE (java-25-openj9, krb5, libmodsecurity3, and mcphost), and Ubuntu (imagemagick, linux, linux-aws, linux-aws-fips, linux-aws-hwe, linux-azure-4.15, linux-fips, linux-gcp, linux-gcp-4.15, linux-gcp-fips, linux-hwe, linux-kvm, linux-oracle, linux-azure, linux-azure-fips, linux-oracle, linux-azure-5.15, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, and linux-raspi).
- Stenberg: Mythos finds a curl vulnerability
Daniel Stenberg has published a lengthyarticle on his thoughts on Anthropic's Mythos, which the companydecided was too dangerous for wide public release.
My personal conclusion can however not end up with anything elsethan that the big hype around this model so far was primarilymarketing. I see no evidence that this setup finds issues to anyparticular higher or more advanced degree than the other tools havedone before Mythos. Maybe this model is a little bit better, but evenif it is, it is not better to a degree that seems to make asignificant dent in code analyzing.
This is just one source code repository and maybe it is much betteron other things. I can only tell and comment on what it foundhere.
But allow me to highlight and reiterate what I have said before: AIpowered code analyzers are significantly better at finding securityflaws and mistakes in source code than any traditional code analyzersdid in the past. All modern AI models are good at this now. Anyonewith time and some experimental spirits can find security problemsnow. The highquality chaos is real.
- Two stable kernels with Dirty Frag fixes
Greg Kroah-Hartman has released the 7.0.6 and 6.18.29 stable kernels with HyunwooKim's patchfor the second vulnerability (CVE-2026-43500)reported with Dirty Fragand Copy Fail 2. Allusers are advised to upgrade.
- [$] Providing 64KB base pages with 4KB kernels, two different ways
Some CPU architectures are able to run with a number of different base-pagesizes; using a larger size can often result in better performance at thecost of increased memory use. Other architectures are more limited. Atthe 2026 LinuxStorage, Filesystem, Memory Management, and BPF Summit, two sessions inthe memory-management track explored options for letting processes run with64KB page sizes when the underlying kernel does not. The first was focusedon letting each process have its own page size, while the second concernedbringing 64KB pages to x86 systems.
- Debian to require reproducible builds
Paul Gevers has slipped an interesting bit of news into a "bits from the releaseteam" message:
Aided by the efforts of the Reproducible Builds project, we've decided it's time to say that Debian must ship reproducible packages. Since yesterday, we have enabled our migration software to block migration of new packages that can't be reproduced or existing packages (in testing) that regress in reproducibility.
As Gioele Barabucci pointedout, "reproducible" in this sense is limited to building within aninstance of Debian's build environment, which is a tighter requirement thanis normally used. It is still a big step forward for reproducible builds.
- Security updates for Monday
Security updates have been issued by AlmaLinux (corosync, freeipmi, kernel, and kernel-rt), Debian (corosync, firefox-esr, kernel, lcms2, libpng1.6, linux-6.1, php8.2, php8.4, postorius, pyjwt, and tor), Fedora (dotnet10.0, exim, gnutls, kernel, nextcloud, nodejs22, php, proftpd, prosody, python-pulp-glue, python-requests, rclone, and SDL3_image), Mageia (firefox, nss, rootcerts, openvpn, thunderbird, and vim), Oracle (corosync, freeipmi, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good, kernel, libpng, and mingw-libtiff), Slackware (kernel and mozilla), SUSE (build, product-composer, c-ares, cairo, copacetic, distribution, firefox, firefox-esr, frr, glibc, go1.25, google-cloud-sap-agent, iproute2, java-11-openj9, java-17-openj9, java-17-openjdk, java-1_8_0-openj9, java-21-openj9, java-21-openjdk, java-25-openjdk, kernel, libexif-devel, libpcp-devel, libtpms, libtree-sitter0_26, Mesa, micropython, mozjs128, nginx, opencc, openCryptoki, php-composer2, podman, postfix, python-pytest, python311-Django, python311-Django4, redis, semaphore, strongswan, terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid, tor, valkey, vim, and wireshark), and Ubuntu (linux-nvidia-tegra, linux-raspi, linux-raspi-5.4, and nasm).
- Kernel prepatch 7.1-rc3
Linus has released 7.1-rc3 for testing."I think this answers the 'is 7.1 continuing the larger size patternthat we saw with 7.0?' question, and the answer is yes: that wasn't a flukebrought on by a .0 release - it simply seems to be the new normal."
- More stable kernels with partial Dirty Frag fixes
Greg Kroah-Hartman has released the 6.1.171, 5.15.205, and 5.10.255 stable kernels, quicklyfollowed by 6.1.172 and 5.15.206 kernels. This is another roundof stable kernels to provide fixes for one of the CVEs (CVE-2026-43284)assigned following the DirtyFrag and Copy Fail 2security disclosures. There is not, yet, a stable kernel with a fixfor CVE-2026-43500,though apatch to fix the second half is in the works.
- Running Four Intel Graphics Cards Under Linux On Ubuntu 26.04
It's been nearly one year to the week since Intel introduced Project Battlematrix as their initiative for improving their Linux driver support for the Arc Pro B-Series with enhancements such as bettering the multi-GPU support in allowing up to eight Arc Pro GPUs per system as well as other open-source driver optimizations in the era of AI. Recently with the Arc Pro B70 in having four review samples for testing I was finally able to try out the multi-GPU state of the Arc (Pro) graphics cards on Linux with their open-source driver code.
- Fedora Hummingbird: Taking the Hummingbird model to the full operating system
At Red Hat Summit 2026, we’re announcing Fedora Hummingbird — a new container-based rolling Fedora Linux distribution. This distribution provides access to the latest software as soon as it’s available upstream, which ensures that it’s up to date and secure. Fedora Hummingbird primarily utilizes an image-based workflow, similar to containers, but also runs in virtual […]
- Sam Altman Testifies That Elon Musk Wanted Control of OpenAI
OpenAI CEO Sam Altman took the stand Tuesday in Elon Musk's trial against the company, testifying that Musk repeatedly sought control of OpenAI before leaving in 2018. Altman said he opposed putting AI "under the control of any one person," while Musk's lawyer used a pointed cross-examination to attack Altman's trustworthiness. An anonymous reader shares updates from the testimony via the New York Times: Before Elon Musk left OpenAI in a power struggle in 2018, he wanted to merge the nonprofit artificial intelligence lab with Tesla, his electric car company. Mr. Musk and other OpenAI co-founders met several times to discuss the merger. OpenAI's chief executive, Sam Altman, was even offered a seat on Tesla's board of directors, according to a court document. But folding OpenAI into Tesla would have eliminated the lab's nonprofit status, and that, Mr. Altman said on the witness stand on Tuesday, was something he wanted to avoid. [...] "I believed that A.I. should not be under the control of any one person," Mr. Altman said. [...] Mr. Altman testified about his feud with Mr. Musk. He said he had become worried that Mr. Musk, who provided the early investment money for OpenAI, wanted to take control of the lab. He described what he called a "particularly harrowing moment" when his OpenAI co-founders asked Mr. Musk what would happen to his control of a potential for-profit when he died. Mr. Altman said Mr. Musk had replied that the control would pass to his children. "I was not comfortable with that," Mr. Altman said. When Mr. Musk lost a power struggle for control of the lab, he left, forcing Mr. Altman to find another big financial backer in Microsoft. But Mr. Altman ran into trouble in 2023 when OpenAI's board fired him because, as several of its members have testified in the trial, it didn't trust him. Steven Molo, Mr. Musk's lead lawyer, homed in on Mr. Altman's trustworthiness during an aggressive cross-examination. "Are you completely trustworthy?" Mr. Molo asked. "I believe so," Mr. Altman answered. After questioning Mr. Altman's trustworthiness for nearly 20 minutes, Mr. Molo turned to Mr. Altman's relationship with Mr. Musk. Mr. Altman said that after he met Mr. Musk in the mid-2010s, Mr. Musk had occasionally expressed concern about the dangers of A.I. But Mr. Musk spent far more time saying he was worried that companies like Google would get ahead in A.I. development, Mr. Altman said. (Mr. Musk testified in the trial that he had wanted to create OpenAI to prevent Google from controlling the technology.) Mr. Altman, the lawyer intimated, took advantage of Mr. Musk's concerns and was never sincere about his own A.I. fears. "Are you a person who just tells people things they want to hear whether those things are true or not?" Mr. Molo asked. The lawyer also questioned whether Mr. Atman, who became a billionaire through years of tech investments, was self-dealing through OpenAI. Mr. Molo showed a list of Mr. Altman's personal investments across a number of companies that stand to benefit from their association with OpenAI. They included Helion Energy, a start-up that has deals with Microsoft and OpenAI, and Cerebras, a chip maker in business with OpenAI. Mr. Molo asked if Mr. Altman, who is on OpenAI's board as well as its chief executive, would ever fire himself. "I have no plans to do that," Mr. Altman said. OpenAI's odd journey from nonprofit lab to what it is today -- a well-funded, for-profit company that is still connected to a nonprofit called the OpenAI Foundation with an endowment that could be worth more than $130 billion -- provided grist for Mr. Molo's questions about Mr. Altman's motivations. He implied that Mr. Altman could have continued to build OpenAI as a pure nonprofit. But the only way to build such a valuable charity was to raise billions through a for-profit venture, Mr. Altman responded. Still, the giant sums being raised appeared to upset Mr. Musk. In late 2022, according to court documents, Mr. Musk sent a text to Mr. Altman complaining that Microsoft was preparing to invest $10 billion in OpenAI. "This is a bait and switch," Mr. Musk said at the time. But Mr. Altman, under questioning from his own lawyers, said: "Every step of the way, I have done my best to maximize the value of the nonprofit. I would point out that there are not a lot of historical examples of a nonprofit at this scale." Before Altman took the stand, OpenAI board chair Bret Taylor continued his testimony that began on Monday. He said Elon Musk's 2024 bid to buy the company's assets appeared to conflict with his lawsuit and was rejected because the board did not believe OpenAI's mission should be controlled by one person. "We did not feel like it was appropriate for one person to control our mission," he said. Recap:Microsoft CEO Satya Nadella Testifies In OpenAI Trial (Day Nine)Sam Altman Had a Bad Day In Court (Day Eight)Sam Altman's Management Style Comes Under the Microscope At OpenAI Trial (Day Seven)Brockman Rebuts Musk's Take On Startup's History, Recounts Secret Work For Tesla (Day Six) OpenAI President Discloses His Stake In the Company Is Worth $30 Billion (Day Five)Musk Concludes Testimony At OpenAI Trial (Day Four)Elon Musk Says OpenAI Betrayed Him, Clashes With Company's Attorney (Day Three) Musk Testifies OpenAI Was Created As Nonprofit To Counter Google (Day Two) Elon Musk and OpenAI CEO Sam Altman Head To Court (Day One)
 
Read more of this story at Slashdot.
- South Korea Floats 'Citizen Dividend' Using AI Profits
South Korea's presidential policy chief is calling for a "citizen dividend" that would return some AI-driven profits and tax revenue to the public. The Straits Times. From the report: Presidential policy chief Kim Yong-beom said in a Facebook post that a portion of the profits and tax revenue derived from the artificial intelligence boom "should be structurally returned to all citizens." That is because, Mr Kim argued, the economic gains from AI are based at least partly on industrial infrastructure built by the country over five decades. Mr Kim's comments come after tens of thousands of people gathered outside Samsung's main chip hub in April to demand employees get a greater share of AI profits. The company's labour union wants 15 per cent of operating profit handed to chip-division employees. The union has threatened an 18-day strike starting May 21. Workers have pointed to rising payouts at SK Hynix, which in 2025 agreed to allocate 10 per cent of its annual operating profit to a performance bonus pool, as evidence they deserve more pay. "Excess profits in the AI era are, by nature, concentrated," Mr Kim wrote. Memory companies, core engineers and asset holders are highly likely to receive substantial benefits, while much of the middle class may experience only indirect effects.
Read more of this story at Slashdot.
- Instructure Pays Canvas Hackers To Delete Students' Stolen Data
Instructure, the company behind the widely used Canvas learning platform, says it reached an agreement with the hackers who stole 3.5 terabytes of student and university data. The company says it received "digital confirmation" that the information was destroyed and that affected schools and students would not be extorted. The BBC reports: Paying cyber criminals goes against the advice of law enforcement agencies around the world, as it can fuel further attacks and offers no guarantee the data has been deleted. In previous cases, criminals have accepted ransom payments but lied about destroying stolen data, instead keeping it for resale. For example, when the notorious LockBit ransomware group was hacked by the National Crime Agency, police found stolen data had not been deleted even after payments had been made. Instructure said in a statement on its website that protecting students' and education staff data was its primary motivation. "While there is never complete certainty when dealing with cyber criminals, we believe it was important to take every step within our control to give customers additional peace of mind, to the extent possible," the company said. Instructure did not set out the terms of the agreement but said that it meant that:- the data was returned to the company- it received "digital confirmation of data destruction"- it had been informed that no Instructure customers would be extorted as a result of the incident- the agreement covers all affected customers, with no need for individuals to engage with the hackers
Read more of this story at Slashdot.
- Amazon Employees Are 'Tokenmaxxing' Due To Pressure To Use AI Tools
An anonymous reader quotes a report from the Financial Times (via Ars Technica): Amazon employees are using an internal AI tool to automate non-essential tasks in a bid to show managers they are using the technology more frequently. The Seattle-based group has started to widely deploy its in-house "MeshClaw" product in recent weeks, allowing employees to create AI agents that can connect to workplace software and carry out tasks on a user's behalf, according to three people familiar with the matter. Some employees said colleagues were using the software to automate additional, unnecessary AI activity to increase their consumption of tokens -- units of data processed by models. They said the move reflected pressure to adopt the technology after Amazon introduced targets for more than 80 percent of developers to use AI each week, and earlier this year began tracking AI token consumption on internal leader boards. "There is just so much pressure to use these tools," one Amazon employee told the FT. "Some people are just using MeshClaw to maximize their token usage." Amazon has told employees that the AI token statistics would not be used in performance evaluations. But several staff members said they believed managers were monitoring the data. "Managers are looking at it," said another current employee. "When they track usage it creates perverse incentives and some people are very competitive about it."
Read more of this story at Slashdot.
- Google Announces Its Chromebook Successor: the Googlebook
Google is teasing a new line of "Googlebook" laptops for this fall, powered by a new Android-and-ChromeOS-derived operating system that will run Chrome, Android apps, phone-connected apps and files, and deeply integrated Gemini features. The company says Chromebooks will continue "after the launch of Googlebook" and "...all Chromebooks will continue to receive support through their device's existing date commitment." The Verge reports: "We'll have more to share on the exact OS branding later this year," Peter Du of Google's global communications team tells The Verge. [...] Googlebooks will have a Magic Pointer feature that offers contextual suggestions whenever you shake your cursor and point it at something on the screen. Google's examples include setting up a meeting by pointing at a date in an email or selecting images of furniture and a living space to visualize them together. Beyond your mouse pointer, Googlebooks will also feature the custom AI-created widgets that Google is also debuting today for Android phones and Wear OS smartwatches. I don't know what kind of horrors people will be able to make into widgets, but Google gives the example of making one to organize your flights, hotel information, restaurant reservations, and another for creating a countdown timer for an upcoming family reunion. (It's always flights, hotels, and restaurants, isn't it?) While there are many outstanding questions to be answered about Googlebooks, the biggest and most obvious ones are what will these laptops look like, what chips will be in them, and what will they cost? We've got none of that so far. Google only has some initial renders of a mysterious Googlebook and the promise that it's working with Acer, Asus, Dell, HP, and Lenovo to make the first models. There are no model names. No specs. Nada. Google isn't even saying if the laptop in its renders is made by a partner or a tease of some first-party Pixel-like Googlebook to come or is just a cool mockup. The one distinct hardware feature shown, the bar of glowing Google-colored light, will be a signature of all Googlebooks. (Sure, bring on the RGB. Why not?)
Read more of this story at Slashdot.
- Microsoft's $1 Billion AI Data Center Will 'Switch Off Half of Kenya'
Microsoft and G42's planned $1 billion AI data center in Kenya has stalled amid disagreements over power commitments, with President William Ruto saying the country would need to "switch off half the country" to support the project at full scale. Tom's Hardware reports: The project, announced in May 2024 during Ruto's visit to Washington, was supposed to bring a geothermal-powered data center to the Olkaria region in Kenya's Rift Valley. G42 was to lead construction, with the facility running Microsoft Azure in a new East Africa cloud region. The first phase targeted 100 megawatts of capacity and was expected to be operational by this year, with a long-term goal of scaling to 1 gigawatt. President Ruto isn't exaggerating about shutting off half the country's power. Kenya's total installed electricity capacity sits between 3,000 and 3,200 megawatts, and peak demand reached a record 2,444 megawatts in January, according to data from KenGen, the country's government-owned electricity producer. The full 1 gigawatt build would therefore have consumed roughly a third of the country's total capacity, and even the first 100 megawatts would have required a significant share of the Olkaria geothermal complex's output, which currently generates around 950MW across all its plants. John Tanui, principal secretary at Kenya's Ministry of Information, told Bloomberg that the project hasn't been withdrawn and that talks are continuing, adding that the "scale of the data center they [Microsoft] wanted to do still requires some structuring." A separate 60-megawatt project with local developer EcoCloud is also still under discussion. [...] Microsoft is spending $190 billion on capex in 2026, and the company adds approximately 1 gigawatt of data center capacity every three months globally. But power constraints are proving to be a universal bottleneck: nearly half of planned U.S. data center builds this year have been delayed or canceled due to shortages of electrical infrastructure.
Read more of this story at Slashdot.
- EU To Crack Down On TikTok, Instagram's 'Addictive Design'
The EU plans to target "addictive design" features on TikTok, Instagram, and other platforms, including endless scrolling, autoplay, push notifications, and recommendation loops that can steer children toward harmful content. European Commission President Ursula von der Leyen said new regulation could arrive later this year, alongside an EU age-verification app meant to make child-safety rules easier to enforce. CNBC reports: "We are taking action against TikTok and its addictive design -- endless scrolling, autoplay, and push notifications. The same applies to Meta, because we believe Instagram and Facebook are failing to enforce their own minimum age of 13," Von der Leyen said. "We are investigating platforms that allow children to go down 'rabbit holes' of harmful content -- such as videos that promote eating disorders or self-harm," she added. The EU's executive arm has also developed its own age verification app, which has the "highest privacy standards in the world," according to Von der Leyen. Member states will soon be able to integrate it into their digital wallets, and it can easily be enforced by online platforms. "No more excuses -- the technology for age-verification is available," the EU chief said. The EU Commission could have a legal proposal prepared as soon as the summer, as it awaits the advice and findings of its 'Special Panel of experts on Child Safety Online.'
Read more of this story at Slashdot.
- eBay Rejects GameStop's $56 Billion Takeover As 'Neither Credible Nor Attractive'
An anonymous reader quotes a report from Reuters: EBay on Tuesday rejected a $56 billion takeover bid from the much smaller GameStop over financing doubts, calling the proposal "neither credible nor attractive." EBay, which has roughly four times GameStop's market value, also underscored that its turnaround efforts under CEO Jamie Iannone have boosted growth, with its stock returning 201% since Iannone took the position six years ago. "We have concluded that your proposal is neither credible nor attractive," eBay Chairman Paul Pressler said in a statement. "eBay's Board is confident the company, under its current management team, is well-positioned to continue to drive sustainable growth." He also pointed to concerns with GameStop's bid, including its financing, its impact on eBay's long-term growth and the leadership structure of a potentially combined company. Last week, GameStop's CEO Ryan Cohen delivered one of the most memorable CNBC interviews in recent memory... initially disinterested, then increasingly hostile, with little eye contact, few real answers to basic questions, and repeated robotic deflections to "check the website." It's worth a watch if you have a few extra minutes.
Read more of this story at Slashdot.
- FCC Says Foreign-Made Routers Can Get Updates Until 2029
The FCC has softened its ban on foreign-made consumer routers, allowing vendors to keep issuing broader software and firmware updates for devices already in use in the U.S. through at least January 2029. Dark Reading reports: Under the original FCC ruling, foreign manufacturers were permitted to provide only limited maintenance and security patches to US customers through March 2027. In a public note (PDF) on May 8, the FCC extended that deadline to at least January 2029 and also expanded the scope of permissible updates. The FCC will now allow foreign manufacturers to provide not just minor security fixes and changes, but also more major software and firmware updates that could affect router functionality, which previously required additional FCC review. The agency described the revisions as intended to ensure the continued safety of already deployed foreign-made consumer routers in the US. "The FCC likely issued this revision in response to the operational realities of network security and the slow pace of equipment replacement," says Jason Soroko, senior fellow at Sectigo. "Replacing millions of embedded devices across national infrastructure requires immense time and capital, and abandoning existing systems to a completely unpatched state would create an immediate vulnerability." "This waiver significantly alleviates the most pressing fears tied to the initial ban by preventing a sudden and dangerous security vacuum," added Soroko.
Read more of this story at Slashdot.
- First Real-Time Brain-Controlled Hearing Device
Researchers at Columbia demonstrated the first real-time brain-controlled hearing system that can identify which speaker a listener is focusing on in a noisy environment and automatically amplify that voice while suppressing others. "This breakthrough addresses the 'cocktail party effect,' a major limitation of conventional hearing aids, which often struggle to distinguish between overlapping conversations in noisy settings," reports Neuroscience News. From the report: In the new study, Columbia researchers teamed up with surgeons and their epilepsy patients who were undergoing brain surgery to better pinpoint the sources of their seizures. The hospital patients, who volunteered to be part of this study, already had electrodes implanted in their brains. [senior author Nima Mesgarani's] system used the electrodes to measure the brain activity of the patients as they focused on one of two overlapping conversations played simultaneously. The system then automatically detected which conversation a patient was paying attention to and adjusted the volume in real time, turning up that conversation while quieting the other. For one volunteer, the experience of controlling the system with her brain was literally unbelievable. She accused the researchers of secretly adjusting the volumes. Others told stories about friends and family with hearing impairments who could benefit from such a technology. One person said: "It seems like science fiction." [...] The scientists developed real-time machine-learning algorithms that could examine the brainwaves and identify which conversation the patients were paying attention to. Once deployed, their system could rapidly deduce which conversation each listener was paying attention to and make it easier for them to hear it. This happened both when the researchers guided the subjects toward a particular conversation, and when the subjects chose freely, as would be necessary in a real-world conversation. "For this to work in real time, the system has to be very fast, accurate and stable for the experience to feel pleasant for the listener," Dr. Mesgarani said. The scientists found their new system correctly identified which conversation the volunteers paid attention to. This dramatically improved the intelligibility of the speech the volunteers focused on, reduced listening effort, and was consistently preferred by the volunteers when compared to conversations the system did not provide assistance with. One volunteer recalled her uncle, who had hearing problems. "Can you imagine if this technology existed in a world [where] ... he could access it? He might actually live a much more peaceful... life." The research has been published in Nature Neuroscience.
Read more of this story at Slashdot.
- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
- FreeBSD 15.2 Will Aim For The Nice KDE Desktop Installation Experience
FreeBSD 15.0 had aimed to provide a KDE desktop install option from its text-based OS installer to make for a more compelling FreeBSD out-of-the-box desktop experience. That was then delayed to FreeBSD 15.1 but that didn't end up materializing. Now the KDE desktop install option is diverted to FreeBSD 15.2...
- AMD & Intel Roll Out New Linux Updates For Today9s Patch Tuesday
Today's Patch Tuesday is a busier one than normal for the quarter. Both AMD and Intel have rolled out new updates for Linux customers among other security disclosures today. Thankfully though the vulnerabilities don't appear to be too widespread or impactful...
- Running Four Intel Graphics Cards Under Linux On Ubuntu 26.04
It9s been nearly one year to the week since Intel introduced Project Battlematrix as their initiative for improving their Linux driver support for the Arc Pro B-Series with enhancements such as bettering the multi-GPU support in allowing up to eight Arc Pro GPUs per system as well as other open-source driver optimizations in the era of AI. Recently with the Arc Pro B70 in having four review samples for testing I was finally able to try out the multi-GPU state of the Arc (Pro) graphics cards on Linux with their open-source driver code.
- ARCTIC Fan Controller Driver Expected To Land In Linux 7.2
A new driver expected to land in the upcoming Linux 7.2 kernel is the ARCTIC Fan Controller driver to allow fan speed monitoring and PWM controls for this upcoming ARCTIC product. Making this new driver all the more exciting is that it was worked on by ARCTIC directly compared to the typical workflow for such desktop/consumer hardware peripherals often being left up to the reverse-engineering, open-source community...
- Linux Scheduler Work Helping Boost Gaming Performance On Old "Potato" Hardware
Prominent Linux kernel engineer Peter Zijlstra of Intel has been working on a set of scheduler patches to help with enhancing the behavior and delivering better results, especially for aging hardware he described as a "potato" -- an Intel Sandy Bridge desktop CPU with AMD Radeon RX 580 Polaris graphics. Benchmark results are promising from this work for gaming on old hardware while other workloads may ultimately stand to benefit too...
- The anti-minimalist backlash is the bigger story behind Oxygen’s revival
A few weeks ago, we talked about a project within KDE to revive two of their classic themes, Oxygen and Air, and polish them up to make them usable on the current versions of KDE. The developers and designers working on this project say they�ve been utterly surprised by just how popular this news has proven to be, and Filip Fila published a blog post with some thoughts on this unexpected popularity. Why are people yearning so strongly for user interfaces from the past? That’s the real story underneath the retro-yearning. It isn’t a simply story of people wanting their childhood from the 2000s back. It’s that a lot of ‘the new’ we’ve been offering doesn’t satisfy. It doesn’t have personality. It doesn’t feel warm. It doesn’t feel like it was made with the idea of being anything more than a clean product that gets the job done. The escapism towards the past is a symptom. A symptom of unmet needs, not mere sentimentality. ↫ Filip Fila Fila uses modern architecture as an example, and I think it�s an apt one. While monumental modern architecture can easily be beautiful and striking, it�s the mundane buildings all around us that just don�t seem to elicit any positive emotions, no sense of belonging or safety. As Fila also notes, the decades-long swing to minimalism in both architecture and UI design isn�t merely because of a preference among designers, but also because minimalism is a hell of a lot cheaper to produce. A building with very little ornamentation and basic, straight lines is much easier, and thus cheaper, to design, construct, and maintain. The same applies to graphical user interface design. There are some signs that the pendulum is starting to swing back towards more instead of less, in all aspects of design. More and more people are loudly demanding buildings to adopt more classical elements, and as we can all attest to here on OSNews, the longing for aspects of UI design from the �90s and early 2000s to make a return is strong. And not just among us deep in the weeds, either; I�ve lost count of the number of times I�ve seen normal people utterly confounded by modern UI design. Anyway, bring back beveled edges.
- Google gives early peek at Android laptops: Googlebooks
The news that Google is working to move Chrome OS to the Android technology stack, and that it wants to start putting Android on laptops, is not exactly news, as the company has been talking about it for years. At an Android event today, the company finally unveiled the culmination of all this work: Googlebooks. We’re bringing together the best of Android, which comes with powerful apps on Google Play and a modern OS that’s designed for Intelligence, and ChromeOS, which comes with the world’s most popular browser. The result is Googlebook: a new category of laptops built with Gemini’s helpfulness at its core, designed to work seamlessly with the devices in your life and powered by premium hardware. We’re sharing a sneak peek into the Googlebook experience today and will have a lot more to share later this year. ↫ Alex Kuscher at The Keyword, a Google blog apparently The approach here seems very similar to Chromebooks, with Googlebooks being designed and built by various OEMs, but instead of Chrome OS they run Android in desktop mode. Of course, AI! has been creamed all over these things, to the point where not even the venerable mouse cursor is safe: if you wiggle your cursor, it will turn into Magic Pointer!, which will highlight various AI! actions as you hover over stuff on your screen. Google also showed off an AI!-based feature to create widgets, as well as the ability to access files on your phone right from a Googlebook. That�s about all we know as far as functionality and features goes. They�re supposed to go on sale later this year, with models coming from Acer, ASUS, Dell, HP, and Lenovo.
- OpenBSD and slopcode: raindrop to a torrent?
Every single software product is dealing with the question about what to do with AI!-generated code, but the question is particularly difficult to answer for open source operating systems like Linux distributions and the various BSDs, which often consist of a wide variety of software packages from hundreds to thousands of different developers. On top of that, they also have to ask the AI! question for every layer of their offering, from the base install, to the official repositories, to community-run ones. As users, we, too, are asking these same questions, wondering just how much AI! taint we�re willing to spread across our computers. I understand the difficult position Linux distributions are in with regard to AI!. I mean, when even the Linux kernel itself is tainted by AI!, a no- AI! policy is basically an empty gesture for them at this point. Personally, I find a policy of we don�t do �AI� in our work, but we don�t have control over the thousands of components we consist of! to be an entirely reasonable, if deeply unsatisfying, position to take. What else are they going to do? You can�t really be a Linux distribution without, you know, the Linux kernel, which is, as I�ve already said, utterly tainted by AI! at this point. Still, in the back of my mind, I always had a trump card: if all else fails, we�ll always have OpenBSD. Its project leader Theo de Raadt is deeply principled, every OpenBSD user and contributor I know hates AI! deeply, and the project routinely sticks to their principles even when it�s difficult or inconvenient. Yes, this makes OpenBSD not the most ideal desktop operating system, but I�d rather use that than something that embraces the multitude of ethical, environmental, quality, and legal concerns regarding AI! code completely. Imagine my surprise, then, to discover that OpenBSD already contains slopcode in its base installation, with the project�s leaders and developers remaining oddly silent about it. My friend and OSNews regular Morgan posted this on Fedi a few days ago: Nearly six weeks later, and the question of whether AI! generated code in tmux � not tool-assisted bug finding, not refactoring, actual LLM-generated slop with questionable license(1) � that was consequently merged into OpenBSD base, is considered acceptable by the lead devs, remains unanswered. Despite Theo de Raadt�s concrete stance against any code of questionable license origin polluting the project � and the tmux merge was indeed questionable � it seems this is being swept under the rug. This makes me extremely uncomfortable; it�s like seeing a fox in the henhouse but the farmers are all looking the other way and no one can convince them to admit they can see it and root it out. I really don�t know what to do being just a user; I feel like even if I tried to chime in on the mailing list I would just be ignored like the others trying to raise the alarm. I hope, as they do, that this is being discussed internally, away from the public list, and that a positive outcome is near. Maybe they are waiting for the 7.9 release before setting anything in stone. Or maybe the AI! disease has infected one of the last pure operating system projects we have left and there�s no going back. ↫ Morgan on Fedi I obviously share Morgan�s concerns, and like him, I�m also afraid that opening the door to a few drops of slop in base will quickly grow into a torrent of slop as time goes by. Yes, it�s just a patch to tmux, but it�s in base, and the base! of a BSD is almost a sacred concept, and entirely the last place where you want to see code that raises ethical, environmental, quality, and legal concerns. For all we know, this patch of slop or the next one contains a bunch of GPL code because it just so happens that�s where the ball tumbling down the developer�s pachinko machine ended up. GPL code that would then be in the base of a BSD. I echo the call for the OpenBSD project to address this problem, and to set clear boundaries and guidelines regarding AI! code, so users and developers alike know what level of quality and integrity we can expect from OpenBSD and its base installation going forward.
- Windows 11 will start boosting your processor to maximum GHz to make the Start menu open faster
Microsoft is currently testing a brand new performance-enhancing feature in Windows 11. Microsoft, too, is introducing something to Windows 11 called low latency profile! and it this will work irrespective of the processor, be it AMD64 CPUs like Intel or AMD or ARM64 ones like from Qualcomm. Essentially what this new tech will do is apply a maximum available clock frequency boost for a very small span of time, like for one to three seconds, when a user launches any app. The idea is that the app launch time will reduce while the quick clock burst should not impact the overall efficiency of the system by much. ↫ Sayan Sen at Neowin Unsurprisingly, boosting the processor�s clock speed to its maximum for a few seconds will make a menu or application open a little faster. I�m not entirely sure why anyone seems surprised by this, but here we are. Yes, the Start menu will load faster and applications will be ready quicker if you boost the processor to its full potential, but that does raise the question of why Windows 11 would need to do that just to open a menu or load an application in the first place. According to Microsoft�s Scott Henselmann, who defended Microsoft�s approach (weirdly enough he did so on a nazi platform called Twitter! that I�m obviously not linking to), every other modern operating system does the exact same thing, pointing specifically to macOS and GNOME and KDE on Linux. He also pointed out that the Start menu today does a lot more than the same Start menu back in Windows 95, including making network requests and rendering everything in HiDPI. I just want a cascading menu of stuff I can run and don�t want my launcher to make network requests, but alas, I guess I�m old. Anyway, I don�t know enough about the intricacies of how modern processors work to make any statements about how this affects battery life, but instinctively, you�d think this would not exactly be conducive to that. I also wonder if this will trigger a lot of laptops to spin up their fans whenever you open the Start menu, because the few seconds your processor goes full tilt raises its temperature just enough to make that happen. Once this new feature comes out of testing and is generally available, I�d be quite interested in seeing battery tests, as well comparisons to other operating systems to see how it fares.
- GitHub is sinking
Microsoft acquired GitHub and applied their unique brand of enshittification. Amongst their achievements was the spawning of the Copilot circle of hell. Now they’re effectively DDoSing themselves with slop. I won’t dwell on what else went wrong. I don’t know and I don’t care. GitHub is impressively bad now. It’s embarrassing. Shameful. ↫ David Bushell Luckily, there�s really very little in the form of lock-in with GitHub, unless you really value your stars or whatever. There are countless alternatives, and if you�re a programmer, it�s probably absolutely trivial for you to run your own instance of any of the various available forges. If you�re still on GitHub, you should really be thinking about, and planning for, leaving, as it seems it�s circling the drain.
- Debian embraces reproducible builds
Big news from the Debian release team: Debian is going for reproducible package builds. Aided by the efforts of the Reproducible Builds project, we�ve decided it�s time to say that Debian must ship reproducible packages. Since yesterday, we have enabled our migration software to block migration of new packages that can�t be reproduced or existing packages (in testing) that regress in reproducibility. ↫ Paul Gevers Reproducible means, in short, that you can verify that the source code used to build a package is indeed that source code. This provides a layer of defense against people tampering with code or otherwise trying to fiddle with the process between source code and final package on your system. This effort constitutes a tremendous amount of work, but it�s massively important.
- Building a web server in aarch64 assembly to give my life (a lack of) meaning!
ymawky is a small, static http web server written entirely in aarch64 assembly for macos. it uses raw darwin syscalls with no libc wrappers, serves static files, supports GET, HEAD, PUT, OPTIONS, DELETE, byte ranges, directory listing, custom error pages, and tries to be as hardened as possible. why? why not? the dream of the 80s is alive in ymawky. everybody has nginx. having apache makes you a square. so why not strip every single convenience layer that computer science has given us since 1957? i wanted to understand how a web server actually works, something i know little about coming from a low-level/systems background. the risks that come up, the problems that need to be solved, the things you don’t think about when you’re writing python or c. this (probably) won’t replace nginx, but it is doing something in the most difficult way possible. ↫ Tony imtomt! I love this.
- Object oriented programming in Ada
Ada is incredibly well designed. One way this shows is that it takes the big, monolithic features of other languages and breaks them down into their constituent parts, so we can choose which portions of those features we want. The example I often reach for to explain this is object-oriented programming. ↫ Christoffer Stjernlöf Exactly what it says on the tin.
- Sculpt OS 26.04 released
Sculpt OS, the operating system based on the various components that make up Genode, has seen a new release, 26.04. A lot of the new features and changes to Genode that we�ve been talking about for a while now are part of this release, most notably the new human-inclined data syntax that replaces XML as the configuration language for Genode. That�s not the only major improvement, though. Regarding technical advances of the new version and device support in particular, all Linux-based drivers have been updated to kernel version 6.18, making the system compatible with most modern Intel-PC hardware. Laptop users may appreciate the new USB networking option that is now offered by default. Software-wise, the new version comes with a longed-after update of Qt6 along with the Chromium-based Falkon browser, downloadable at the depot of cproc. In the same menu, one can find the experimental first version of the Goa SDK running natively on Sculpt OS without the need of a Linux VM. For the first time, Genode components can now be developed, compiled, and tested using Sculpt OS on its own. The amazement of walking without crutches. ↫ Sculpt OS 26.04 release notes This new release is available for common PC hardware, the PinePhone, and the MNT Reform.
- Sprite scaling on the Master System: building the new on the ruins of the old
Sprite scaling. It is the coolest effect of the 2D arcade era, a must-have for games from Space Harrier to Real Bout Fatal Fury Special. Home consoles pretty much lacked it– sorry, Nintendo, but Mode 7 only scales a background, not sprites. So therefore you might be surprised to hear that Sega’s plucky underdog Master System could do it. Well, don’t get your hopes up; this is far too limited– calling it scaling is overstating things. But let’s dig in anyway! ↫ Nicole Branagan Nicole Branagan has the best articles on obscure console features, and this one is no exception.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- France Says "Au Revoir" to Microsoft
In a move that should surprise no one, France announced plans to reduce its reliance on US technology, and Microsoft Windows is the first to get the boot.
|
