|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- Debian bind9 Important Denial of Service Security Advisory DSA-6285-1
Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service. For the oldstable distribution (bookworm), these problems have been fixed in version 1:9.18.49-1~deb12u1. For the stable distribution (trixie), these problems have been fixed in
- Debian Trixie PowerDNS Denial of Service Info Disclosure Vuln DSA-6284-1
Multiple vulnerabiliites have been discovered in the PowerDNS DNS server, which could result in denial of service or information disclosure. For the stable distribution (trixie), these problems have been fixed in version 4.9.15-0+deb13u1. We recommend that you upgrade your pdns packages.
- Debian Bookworm Firefox-esr Security Advisory DSA-6283-1
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the same-origin policy, privilege escalation, information disclosure, spoofing or sandbox escape. For the oldstable distribution (bookworm), these problems have been fixed
- [$] LWN.net Weekly Edition for May 21, 2026
Inside this week's LWN.net Weekly Edition:
Front: OpenSUSE site age restrictions; Lots of LSFMM+BPF coverage; The tenth OpenPGP email summit. Briefs: Firefox 151.0; pgBackRest funding; RIP Peter G. Neumann; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- [$] What is to be done about MGLRU?
"Reclaim" is the task of finding memory that can be taken away from itscurrent user and put to better uses within the system; it is a core part ofthe memory-management picture. The addition of the multi-generational LRU (MGLRU) was meant toprovide a better reclaim implementation than the "traditional LRU" thatpreceded it, but MGLRU has complicated the situation instead. No fewer thanthree memory-management-track sessions at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit were focused on MGLRU,with an eye toward integrating it more fully, improving its performance,and addressing some problems encountered with Android systems.
- Security updates for Wednesday
Security updates have been issued by AlmaLinux (kernel, libpng, nginx, nginx:1.24, ruby, and ruby:3.3), Debian (gnutls28 and linux-6.1), Fedora (dnsmasq, kernel, keylime-agent-rust, perl-Net-CIDR-Lite, python-pysam, python-urllib3, rust-cargo-vendor-filterer, rust-ingredients, rust-oo7-cli, rust-rpki, rust-sevctl, and rust-tealdeer), Mageia (bind), Oracle (bind, giflib, gimp:2.8, kernel, libpng, rsync, ruby, and vim), Slackware (haveged and mozilla), SUSE (cockpit, dnsmasq, erlang26, freeipmi, git-bug, glibc, GraphicsMagick, haveged, ImageMagick, iproute2, kernel, openssh, perl-CryptX, perl-HTTP-Tiny, postgresql14, postgresql15, postgresql16, python-Pillow, rsync, tiff, and traefik), and Ubuntu (Highlight.js, linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-realtime, linux, linux-aws, linux-aws-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle, linux, linux-aws, linux-aws-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8, linux, linux-aws, linux-hwe-6.17, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux-realtime-6.17, and smarty3).
- [$] The tenth OpenPGP email summit
The OpenPGP Email Summit isan annual meeting for those who work on encrypted email and relatedtopics. The tenthinstallment of this meeting took place in March 2026 and the minuteshave now been published. As usual, a wide range of topics werediscussed. Highlights included support for post-quantum cryptography(PQC) with multiple actors planning rollouts within this year, apromising new approach for making email signatures ubiquitous with theplan of making OpenPGP signed email a default, a new draft that bringsreliable deletion (or "forward secrecy") features to OpenPGP, as wellas a plan for transferring ownership of the OpenPGP.org domain.
- Firefox 151.0 released
Version151.0 of the Firefox browser has been released. Significant changesinclude the ability to clear and restart a private-browsing session, betterfingerprinting protection, control over the apparent location when using theFirefox VPN, and more.
- [$] openSUSE "terms of site" raise complaints about age restrictions
Many people in the Linux community began using the operating system—andcontributing to open source—at a tender age, often well beforetheir 16th birthday. Thus, a recent change in openSUSE's terms of site (ToS)that required users of the project's web site to be "at least 16years of age or the age of majority" in their jurisdiction hasraised objections. The terms have since been modified, though usersmust still have parental approval to create accounts if they areyounger than 16.
- [$] In search of faster this_cpu operations
The kernel's this_cpuoperations are meant to speed access to per-CPU variables. They aremore optimal on some CPUs than others, though. During amemory-management-track session at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, Yang Shi proposed afundamental, and somewhat controversial, change to how these operationswork in order to provide better performance on a wider range of architectures.
- [$] What's brewing in CXL
ComputeExpress Link (CXL) is a technology intended to enable the provision of"memory nodes" in data centers that provide (possibly shared) memory tonearby CPUs. It has, Dan Williams said at the beginning of hismemory-management-track session on the topic at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, "been makingmemory-management problems worse since 2021". He used the session toprovide an overview of the ways in which CXL can be expected to extend thatrecord into the future.
- [$] Improving the per-CPU memory allocator
There are many places in the kernel where performance can be improved byusing per-CPU data. But, as it turns out, the kernel's allocator forper-CPU data has some performance problems of its own. Harry Yoo led asession in the memory-management track of the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit to explore ways toaddress those problems and accelerate the allocation and initialization ofper-CPU data.
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (libpng and nginx), Debian (erlang, netatalk, and nginx), Fedora (mod_md and SDL2_image), Mageia (perl-libwww-perl, perl-HTTP-Message, perl-WWW-Mechanize-Cached, perl-File-XDG, perl-Path-Tiny, perl-YAML-Syck, postgresql15, and rclone), SUSE (agama, alloy, cacti, cloud-init, dnsmasq, emacs, firefox, glibc, go1.25, go1.26, google-cloud-sap-agent, google-guest-agent, ibus-rime, librime, imagemagick, kernel, libsndfile, nginx, ongres-scram, ongres-stringprep, plexus-testing,, openexr, openssh, PackageKit, perl-Text-CSV_XS, php-composer2, php8, postgresql16, postgresql18, python-lxml, python-python-multipart, python3, python311-urllib3, rmt-server, rsync, tiff, tree-sitter, util-linux, and xen), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-aws-fips, linux-azure, linux-azure-5.4, linux-azure-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-raspi, and linux-xilinx-zynqmp).
- Greg KH Calls For More Rust Linux Developers
Greg Kroah-Hartman took time away from his duties as Linux's second-in-command as stable maintainer, various subsystem maintainer, and recent hobby of using AI/LLMs for uncovering Linux kernel bugs to present at the Rust Week conference...
- Mageia 10 RC1 Released With Newer Packages
Following the ISOs dropping a few days ago, today the Mageia 10 release candidate was officially announced for those fond of this Linux distribution with its roots tracing back to Mageia and Mandrake Linux...
- ODROID-H5 is a low-power x86 SBC with 10GbE and four M.2 slots
Hardkernel has introduced the ODROID-H5, a new x86 single-board computer based on Intel’s Core i3-N300 processor. The board updates the ODROID H-series with onboard 10GbE networking, four M.2 expansion slots, DDR5 memory support, and a revised HSIO configuration intended for storage, networking, and accelerator expansion. The new model succeeds the ODROID-H4 family and shifts the […]
- NASA Expects Chinese Crewed Mission Around the Moon In 2027
NASA Administrator Jared Isaacman says he expects China to fly taikonauts around the moon in 2027, "ratcheting up perceptions of a space race between China and the United States," reports SpaceNews. He is using that prospect to argue for a revamped Artemis strategy and an accelerated path toward a U.S. lunar return. From the report: "The next time the world tunes in to watch astronauts fly around the moon, which will likely be sometime in 2027, they will be taikonauts, and America will no longer be the exclusive power to send humans into the lunar environment," he said. While Isaacman has frequently discussed a race with China to be the next to land humans on the moon, this was one of the first times he predicted a 2027 Chinese crewed circumlunar mission. He repeated the comments later in the day at an industry reception. China has not publicly announced plans for such a mission, which, as Isaacman described it, would likely be similar to NASA's Artemis 2 mission in April. There have been rumors of a mission along those lines, though, and an expectation of a roadmap of missions leading to a Chinese crewed landing by the end of the decade. So far, all the crewed missions to fly around, orbit or land on the moon have been flown by NASA: nine Apollo missions from 1968 to 1972 and Artemis 2. All the astronauts on those missions have been Americans except for Canadian Space Agency astronaut Jeremy Hansen on Artemis 2. Isaacman has used the threat that China could land astronauts on the moon before NASA returns there as a rationale for revamping the Artemis lunar exploration program. In February, he announced that Artemis 3, which was to be a lunar landing attempt in 2028, will instead be a test flight in low Earth orbit in 2027, followed by a landing on Artemis 4 in 2028. In March, he changed other elements of Artemis at the agency's Ignition event, including effectively canceling the lunar Gateway to focus resources instead on a lunar base, while calling for a much higher cadence of robotic lander missions.
 
Read more of this story at Slashdot.
- Colossal Biosciences Is Growing Chickens In a 3D-Printed Artificial Eggshell
Colossal Biosciences says it has grown chickens inside 3D-printed artificial eggshells. "The company says the egg technology could help conserve at-risk bird species," reports MIT Technology. "It could also play a role in a project to re-create the extinct giant moa, a flightless 12-foot-tall bird that once lived in New Zealand and laid four-liter eggs, larger than those of any living bird." From the report: The biotech company today claimed it has developed a "fully artificial egg" as part of its effort to resurrect extinct avian species, including birds like the dodo and the giant moa. But "artificial eggshell" would probably be a better description for the invention. It's an oval-shaped printed lattice, coated inside with a special silicone-based membrane that lets in oxygen, just as a real eggshell does. To generate birds, Colossal took recently laid chicken eggs and carefully poured their contents into the artificial shells, where they continued growing. A window on top lets researchers peek inside. "To see them all moving around in their artificial eggs was absolutely mind blowing," says Andrew Pask, the company's chief biology officer. "You really feel you can grow life outside of the womb." [...] The work on the artificial eggshell was carried out in Dallas by Colossal's exogenous development team, or Exo Dev. That group is also trying to develop artificial wombs for mammals, starting with marsupials. "We're looking at every single facet of what's happening during a mammalian pregnancy to unpack exactly how we then go about recapitulating that," says Pask. For that team, an artificial eggshell is a relatively quick and easy technical win. That's because chickens are already an example of ex utero development. After an egg is laid, a small embryo sitting on top of the yolk starts growing, drawing nutrients from the yolk, the white, and even the shell, which provides calcium. (Colossal says it has to add ground-up calcium to the artificial eggs.) In order to create a moa, Colossal will have to genetically alter another type of bird, changing potentially thousands of DNA letters. But so far, chickens are the only bird species that can be genetically engineered. And that's via a tricky process of editing stem cells that produce egg and sperm. Scientists have to add or delete DNA letters from these cells and then inject them back into an egg. The resulting bird will carry the genetic changes in its gonads -- and then be able to pass them on. Pask says Colossal's idea is that it could modify avian stem cells enough to produce moa-like sperm or eggs. But then you might have the odd situation of a chicken laying an egg with a moa embryo inside it. "You would have chickens making moa egg and moa sperm. But it's still a chicken egg," he says.
Read more of this story at Slashdot.
- Intuit To Lay Off Over 3,000 Employees To Refocus On AI
Intuit is reportedly cutting about 3,000 jobs, or 17% of its workforce, as it restructures around AI and simplifies its corporate organization. TechCrunch reports: The layoffs come during a bad year for the tech workforce. The tech industry has already cut more than 100,000 jobs this year, per Statista, and is on track to outpace both 2024 and 2025 if the layoff trend continues. Companies such as Amazon, Block, Cisco, Cloudflare, Meta, Microsoft, and Oracle have let go of thousands of employees each, all of them citing a need to refocus expenditures around AI projects as a reason to cut jobs and restructure their organizations. [...] Intuit, however, hasn't been perceived as a beneficiary of the AI boom, with its shares consistently underperforming in the broader S&P 500 over the past 12 months. The company has been caught up in the broader current of worries that traditional software-as-a-service firms will not be able to keep up or compete, as new and upcoming AI products and services threaten to change how software is developed and how it is used. In its fiscal second quarter ended January, Intuit reported revenue of $4.65 billion, a 17% increase, and net profit of $693 million, a 48% improvement compared to a year earlier. The company expects revenue to increase by about 10% in the third quarter, for which it will report results later today.
Read more of this story at Slashdot.
- Google Publishes Exploit Code Threatening Millions of Chromium Users
An anonymous reader quotes a report from Ars Technica: Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other Chromium-based browsers. The proof-of-concept code exploits the Browser Fetch programming interface, a standard that allows long videos and other large files to be downloaded in the background. An attacker can use the exploit to create a connection for monitoring some aspects of a user's browser usage and as a proxy for viewing sites and launching denial-of-service attacks. Depending on the browser, the connections either reopen or remain open even after it or the device running it has rebooted. The unfixed vulnerability can be exploited by any website a user visits. In effect, a compromise amounts to a limited backdoor that makes a device part of a limited botnet. The capabilities are limited to the same things a browser can do, such as visit malicious sites, provide anonymous proxy browsing by others, enable proxied DDoS attacks, and monitor user activity. Nonetheless, the exploit could allow an attacker to wrangle thousands, possibly millions, of devices into a network. Once a separate vulnerability becomes available, the attacker could use it to then compromise all those devices. "The dangerous part here is that you can just have a lot of different browsers together that you can in the future run something on that you figure out," said Lyra Rebane, the independent researcher who discovered the vulnerability and privately reported it to Google in late 2022 in an interview. He said using the exploit code Google prematurely published would be "pretty easy," although scaling it to wrangle large numbers of devices into a single network would require more work. In the thread of Rebane's disclosure to Google, two developers said in separate responses that it was a "serious vulnerability." Its severity was rated S1, the second-highest classification. Since its reporting 29 months ago, the vulnerability remained unknown except to Chromium developers. Then on Wednesday morning, it was published to the Chromium bug tracker. Rebane initially assumed the vulnerability was finally fixed. Shortly thereafter, he learned that, in fact, it remained unpatched. While Google removed the post, it remains available on archival sites, along with the exploit code. Google representatives didn't immediately respond to an email asking how and why it published the vulnerability and if or when a fix would become available. The exploit works by abusing Chromium's Browser Fetch API to open a service worker that remains persistently active. A malicious website can trigger it through JavaScript, creating a connection that can be used "for monitoring some aspects of a user's browser usage and as a proxy for viewing sites and launching denial-of-service attacks," reports Ars. Depending on the browser, those connections "either reopen or remain open even after it or the device running it has rebooted," effectively turning the device into part of a "limited botnet."
Read more of this story at Slashdot.
- RHEL 10.2 Released With New AI Command Line Assistance
Red Hat has released RHEL 10.2 and 9.8 with new AI-assisted command-line tools. The releases also add updated developer toolchains such as Go 1.26, LLVM 21, Rust 1.92, Python 3.14, and PHP 8.4. Phoronix reports: Red Hat Enterprise Linux has introduced the goose command for power users. Goose is an optional CLI AI assistance with model context protocol (MCP) integration. There is also improved visual output via color output enhancements. As for their rationale with the new AI integration: "The business value: Faster problem resolution, and a quicker path for new administrators to become proficient. This translates into higher developer productivity and accelerated project timelines."
Read more of this story at Slashdot.
- GitHub's Internal Repos Breached Via Employee's Use of Malicious VS Code Extension
Longtime Slashdot reader Himmy32 writes: GitHub has announced on X that their internal repositories have been breached through a compromised VS Code Extension on an employee's workstation. Bleeping Computer reported that the attack is linked to TeamPCP who have been in the news for a recent campaign affecting Checkmarx, Trivy, SAP, TanStack, and Bitwarden. The group appears to be attempting to sell the stolen code on cybercrime forums. "Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately," the company said. "Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker's current claims of ~3,800 repositories are directionally consistent with our investigation so far." Although the investigation remains ongoing, GitHub says it has "no evidence of impact to customer information stored outside of GitHub's internal repositories." The company has also not said whether it's in contact with the hackers or if it's received a ransom demand.
Read more of this story at Slashdot.
- Anna's Archive Hit With Global Domain Takedown Order
An anonymous reader quotes a report from TorrentFreak: A coalition of thirteen major publishers has won a massive $19.5 million default judgment against shadow library Anna's Archive. A New York federal judge fully approved the publishers' requests, issuing a broad permanent injunction that orders more than twenty specific global registries, hosts, and service providers to immediately disable the site's remaining domains. [...] At first glance, the damages award is the headline figure. Judge Rakoff granted the maximum statutory damages of $150,000 for each of the 130 "Works in Suit." This brings the final damages bill amount to a staggering $19,500,000. However, as with the $322 million judgment won by the music industry against Anna's Archive in the related Spotify case, it's highly unlikely that this money will be recouped. For now, the operators of Anna's Archive remain strictly anonymous, which doesn't help either. The default judgment (PDF) addresses this and requires the operators to unmask their identities and provide a sworn statement with valid contact information to the court within 10 days. However, since the operators have previously stated they hide their identities to avoid "decades of prison time," it is safe to assume that the operators will simply ignore this request. The true power of this default judgment lies in the permanent injunction. Anna's Archive is known to evade enforcement and change domain names when needed, so the injunction targets the technical intermediaries that keep the site online. Specifically, the injunction orders "all domain name registries and registrars of record" to permanently disable access to Anna's Archive's domains and prevent their transfer to anyone other than the publishers or the music industry plaintiffs in the related case. In addition to domain name services, the order also extends to international hosting providers, who are also ordered to stop working with the site. Leaving no room for interpretation, the order specifically names more than twenty companies and organizations. This includes familiar names like Cloudflare, Njalla, and DDOS-Guard, as well as the domain name registries of the site's current active domains [...]. The names include some intermediaries that were already listed in the Spotify default judgment, as well as new ones.
Read more of this story at Slashdot.
- Seagate Sparks Memory Sell-Off As CEO Says It Would 'Take Too Long' To Build New Factories
Seagate CEO Dave Mosley said Monday that building new memory chip factories or adding capacity would "take too long" to keep up with AI-driven storage demand. "If we took the teams off and started building new factories or bringing up new machines, that would just take too long. You would end up with more capacity, but then you'd slow the rate of growth on that technology," Mosely said. CNBC reports: Memory chip stocks have soared in recent months as a flood of AI investing has sent demand soaring, with the chips a key part of the AI buildout in data centers. Chip production cycles stretch over many quarters for a single unit, and investors are increasingly wary of how long the leading memory makers can capture demand. CME Group is launching a new futures market for semiconductors, enabling more traders to lock in prices and hedge against the rising prices of computing power. At Monday's conference, Mosely also addressed the "very long lead times" and maintaining predictability with its clients. "We know what's coming out a year from now," he said. "And we've basically gone to the customers and said, 'Look, if you want to plan this really well, which it should be for your data centers, we know what's coming out. You can buy this stuff up to a certain period.' And so we want to keep that four or five quarters of visibility very, very solid for what's being built. But the demand is significantly higher than that."
Read more of this story at Slashdot.
- Yearslong Fight Over Users' Right To Tweak Smart TV Software Heads To Trial
A long-running lawsuit over Vizio's Linux-based smart TV software is headed to trial in August, with the Software Freedom Conservancy arguing that GPL rules require Vizio to release complete source code owners could use to modify, maintain, or strip ads and tracking from their TVs. Ars Technica reports: The outcome could reverberate across the industry. Because many of today's popular smart TV operating systems are Linux-based, the case may help determine how much control many owners have over their sets. Access to the full code would allow users to make meaningful changes to how their TVs work, including limiting ads or deactivating automatic content recognition. [...] The Software Freedom Conservancy argues it has the right to Vizio OS's source code because it owns several Vizio TVs and because the operating system is based on Ubuntu, a Linux distribution. (SFC employees bought seven Vizio TVs from 2018 to 2021 after getting complaints about Vizio not sharing its TVs' source code, according to the complaint.) In general, the Linux kernel is provided under the terms of GPLv2, as noted by kernel.org, which is run by the Linux Kernel Organization. SFC's lawsuit alleges that Vizio breached GPLv2 and LGPLv2.1 by failing to make available the complete source code for Vizio OS. The case is currently in the Orange County Superior Court of the State of California. The lawsuit targets Vizio specifically, but the impact could extend to other Linux-based smart TV OSes such as LG's webOS, Samsung's Tizen, and Roku's Roku OS. "We expect all companies who distribute Linux and other software using right-to-repair agreements like the GPL in their products would comply with these agreements," Denver Gingerich, the director of compliance at SFC, told Ars. [...] SFC expects a ruling within three to six months of the conclusion of the trial, which is currently scheduled for August 10.
Read more of this story at Slashdot.
- Regional Winners of Prestigious Literary Prize Suspected of Using Chatbots
The 2026 Commonwealth Short Story Prize is facing backlash after several winning entries were accused of being AI-generated, with one Caribbean winner's story flagged as fully AI-written by a detector that WIRED says it independently confirmed. From the report: Each year, the Commonwealth Foundation, a nongovernmental organization in London, awards its short story prize to one writer in each of five regions: Africa, Asia, Canada and Europe, the Caribbean, and the Pacific. One overall winner is then selected from that short list. Regional winners take home [about $3,350], while the top winner, to be announced next month, claims [about $6,700]. On May 12, the respected UK literary magazine Granta published the top five 2026 entries -- all previously unpublished, per the rules of the contest -- on its website. (It has hosted the winning submissions for the prize since 2012.) Within days, however, one entry aroused suspicion. "The Serpent in the Grove," a story by Jamir Nazir of Trinidad and Tobago, which had taken honors for the Caribbean region, struck a few people as bearing the stylistic tells of AI-generated text. "Well, this is a first: a ChatGPT-generated story won a prestigious literary prize," wrote researcher and entrepreneur Nabeel S. Qureshi, a former visiting scholar of AI at the Mercatus Center at George Mason University, in a post on X on Monday. "'Not X, not Y, but Z' sentences everywhere, the 'hums' trope, and plenty of other obvious markers of AI writing. A major milestone for AI, at any rate..." "They say the grove still hums at noon," Nazir's mysterious and atmospheric tale begins. In his screenshot of the opening paragraphs, Quereshi highlighted the second line as what he considered to be a signature example of AI syntax: "Not the bees' neat industry or the clean rasp of cutlass on vine, but a belly sound -- as if the earth swallows a shout and holds it there." As the literary community undertook a closer read of Nazir's story, many criticized its language and metaphors as nonsensical, wondering how the Commonwealth judges could have seen any merit to them. Others shared screenshots showing that the AI-detection tool Pangram flagged "The Serpent in the Grove" as 100 percent AI-generated, a result that WIRED independently confirmed. (While no AI-detection software is perfect, third-party analysis has consistently determined Pangram to be the most accurate, with a near-zero rate of false positives.) [...] Besides Nazir, two more winning authors have drawn allegations of using AI in their work. Pangram finds that "The Bastion's Shadow," by Maltese writer John Edward DeMicoli, winner for the Canada and Europe region, is fully AI-generated; it scans "Mehendi Nights," by Indian writer Sharon Aruparayil, winner for the Asia region, as partly AI-generated. Neither DeMicoli nor Aruparayil immediately returned requests for comment when reached through their respective social media accounts. The other two short-listed stories, by Holly Ann Miller of New Zealand and Lisa-Anne Julien of South Africa, deliver "fully human-written" results from Pangram. Wired also reports that one of the judges for the prize has been "accused of using AI to craft her descriptive blurb that accompanied the listing of 'The Serpent in the Grove' as a regional winner.'" Pangram labels the text as "AI-assisted."
Read more of this story at Slashdot.
- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
- AMDGPU HDMI 2.1 FRL To Be Initially Disabled-By-Default
One of the most exciting developments in recent times for the open-source AMDGPU kernel graphics driver is HDMI 2.1 FRL support for the AMDGPU driver along with Display Stream Compression support as they work toward providing full HDMI 2.1 support for this open-source AMD Radeon driver. The details how AMD managed to pull this feat off given prior resistance from the HDMI Forum remains to be confirmed, but it's moving ahead and out today is the latest iteration of the HDMI 2.1 FRL+DSC patches...
- The Very Exciting Cache Aware Scheduling Looks Like It Will Land For Linux 7.2
As a very exciting development ahead of the Linux 7.2 kernel merge window opening in about one month's time, it looks like the long-awaited Cache Aware Scheduling support will finally be merged! CONFIG_SCHED_CACHE has made it into a TIP branch with all the Cache Aware Scheduling code for helping with Linux performance on modern CPUs sporting multiple last level caches...
- Initial Benchmarks Of The SpacemiT K3 RVA23 RISC-V CPU With The K3 Pico-ITX
One of the RISC-V SoCs we have been most looking forward to this year is the SpacemiT K3 that features the X100 RISC-V cores that are RVA23 compliant and among the first readily available RVA23 RISC-V platform for running on the likes of Ubuntu 26.04 LTS. In this article is a preview of some very early benchmarks of the SpacemiT K3 with the new Pico-ITX single board computer offering.
- Greg KH Calls For More Rust Linux Developers
Greg Kroah-Hartman took time away from his duties as Linux's second-in-command as stable maintainer, various subsystem maintainer, and recent hobby of using AI/LLMs for uncovering Linux kernel bugs to present at the Rust Week conference...
- HP Now Sponsoring The Linux Vendor Firmware Service / Fwupd
That didn't take long. Mere days after Dell and Lenovo began sponsoring the Linux Vendor Firmware Service (LVFS) as premiere sponsors in contributing $100k+ annually to this open-source firmware updating initiative, HP is also now a premiere sponsor...
- Get your passwords out of BitWarden while you still can
I was a long-time Bitwarden user, until a year or so ago when I started migrating my passwords first to Firefox/LibreWolf, and recently from there to a KeePass database I can transfer and use with whatever password manager application is compatible with KeePass� file format. It seems I was accidentally on time, as it�s come out over the last few days that Bitwarden is probably going down the drain soon. In February, the company got a new CEO, and in March, it doubled its Premium price, announcing the hike deep in a feature announcement. The new CEO seems to be a bellwether for what�s to come for Bitwarden. He�s a merger and acquisitions guy, with a history of gutting companies and selling them for parts, and changes to Bitwarden�s website also indicate where it�s headed. The phrase “Always free” disappeared from the`personal password manager page`in mid-April. It used to sit prominently under the plan selector. The free plan still exists — for now — but the commitment language is gone. And then there’s the values rewrite. Bitwarden used to define its culture with the acronym GRIT: Gratitude, Responsibility,`Inclusion, and`Transparency. After May 4th, that changed. GRIT now stands for Gratitude, Responsibility,`Innovation, and`Trust. Inclusion and Transparency are out. Innovation and Trust are in. ↫ Patrick Boyd The Always free! motto quietly reappeared on the site after its removal was uncovered and went viral on Fedi. The change in CEO, the changes in values, and the removal (and reappearance) of Bitwarden�s well-known and oft-repeated commitment to its free plan have all been quiet. No announcements, no blog posts, no posts on social media � but they did change a four-year old blog post by Bitwarden�s former CEO to change that GRIT acronym. You don�t need to be an honors student to figure out where this is going, and what the new CEO�s plans are for Bitwarden. Do as I did, and get your passwords out of BitWarden. I strongly suggest using an open format that can be used by any compatible password manager, with KeePass� formats being the obvious choice. This way your passwords are truly yours, and not dependent on someone�s continued commitment to free plans or proprietary services that can unexpectedly change hands. Bitwarden is licensed under the Apache 2.0 license, but with all of the above, one has to wonder how long that�s going to remain a thing.
- Printing with CUPS on OpenBSD
Printing on Linux, macOS, and even on Windows seems to be pretty much a solved problem, but what about printing on OpenBSD? Anyway, to do so I would need to set up my HP OfficeJet printer, connected wirelessly to the network, on OpenBSD. I chose to do this using HPLIP and CUPS as they are both in ports, I am familiar with how they work, and my printer is old enough that its PPD (driver) file is included in the slightly older version of HPLIP that is ported to OpenBSD. However, after installing both packages, starting the relevant services via rcctl including Avahi, and launching CUPS and finding the printer, I could not get it to install properly. Either it would error out at the end saying the printer couldn’t be added and advise me to check the CUPS error log, or it would seemingly successfully add the printer but I couldn’t print anything and couldn’t adjust the printer settings. ↫ Morgan at his blog Only very tangentially related, but my personal crowning achievement in computing is somehow making it possible for my PA-RISC c8000 workstation running HP-UX 11i v1 to print to my modern all-in-one HP printer thing, some random HP consumer junker we bought on a whim because it was a returned item and cheap. It took some messing around, but ever since I�ve been able to just print stuff right from any application on HP-UX over the network, wirelessly. Note that the c8000 and HP-UX 11i v1 are almost two decades out of date compared to the printer, but by trying out promising device files included in HP-UX I managed to get it all to work. I never need it, but I am fairly sure I�m one of the very few people in the world who can reliably print from an HP-UX 11i v1 workstation to a modern throwaway HP junker over Wi-Fi. Put that on my tombstone.
- OSNews fundrasier progress
⁂ A little progress bar to keep track of our fundraiser! ⁂ � Donate through Ko-Fi � Donate through SEPA transfer � Why a fundraiser? Note that I have to update it manually, and that it includes both Ko-Fi donations, as well as direct bank transfers. Yes, if your country is part of SEPA (EU, more or less), you can now do a safe direct bank transfer using IBAN to a dedicated bank account. This avoids any third parties. Use your bank�s application or website (Name: Thom Holwerda � IBAN: SE08 8000 0820 1684 4657 8414 � BIC: SWEDSESS).
- The Virtual OS Museum
This is a virtual museum of operating systems (and standalone applications) running under emulation, implemented as a Linux VM for QEMU, VirtualBox, or UTM. A custom emulator-independent launcher is provided, and all OSes and emulators are pre-installed and pre-configured. The launcher includes a snapshot feature to quickly revert broken installations back to a working state. Hypervisor installers and shortcuts to run the VM on Windows, macOS, and Linux are also included. ↫ Andrew Warkentin�s Virtual OS Museum These types of preconfigured archives exist in the gaming world, but I�ve never seen something like this for operating systems. The amount of love, work, and care that have gone into this effort must�ve been immense, as it contains more than 1700 installs, more than 520 platforms, and more than 570 distinct operating systems, all wrapped into a single download, with a nice launcher on top to make using all of this as easy as possible. You can either download the full offline version at 121GB zipped, or a version that downloads each image as you fire them up for the first time at 14GB zipped. The contents span just about everything from early mainframes to desktop operating systems to all kinds of mobile platforms, from the late 1940s to today. I haven�t yet found the time to download the whole thing, but I am absolutely going to, as there are so many names in here that I�ve been wanting to play around with for ages, but just never got the time to set up virtual machines or emulators for. This is going to be an amazing resource for the kinds of people who read OSNews.
- Google kills its search engine
We can inter Google Search to the Google Graveyard. At its Google I/O conference on Tuesday, Google unveiled an AI-powered overhaul of Search centered around a reimagined “intelligent search box” — what the company describes as the biggest change to this entry point to the web since the search box debuted more than 25 years ago. Instead of returning a simple list of links, Google Search will drop users into AI-powered interactive experiences at times. Google is also introducing tools that can dispatch “information agents” to gather information on a user’s behalf, along with tools that let users build personalized mini apps tailored to their needs. ↫ Sarah Perez at TechCrunch The attack on online search has been ongoing for a long time, and it has already resulted in most people with a higher-than-average interest in technology to either no longer use Google, or just to not use online search at all. I used DuckDuckGo for a long time, until I switched to Startpage somewhere last year, and I have never looked back. Startpage (and many others like it) is a very simple, basic search engine: it just gives you a list of links. That�s it. That�s all I ever want from a search engine, as the task of then vetting each link for relevancy, accuracy, trustworthiness, and so on, is up to me, where it very well belongs. I do not want � and the world should not want � a massive technology corporation like Google, with a deeply vested, existential interest in guiding you towards websites from the companies that pay them for ads, to guide your online browsing experience. Google Search is already riddled with ads, but at least they�re labeled and somewhat obvious. With these new AI! chatbot-style interfaces, not only are its sources nebulous and tucked away, if they even exist at all, but they also just make shit up, fail at the most basic of tasks, and generally just suck at what they�re supposed to be doing. This will make online search with Google worse. Worse yet, this will make it even easier for the billionaire Epstein class to sow dissent among the population, creating rifts and hatred where none should exist, solely to keep the peasants occupied fighting each other so they don�t turn their anger towards the real reason their lives suck. Panem et circenses has transformed into divide et impera, and these nebulous chatbots with complex, invisible levers and dials will only make the divide easier.
- Futhark by example
The following is a hands-on introduction to Futhark through a collection of commented programs, listed in roughly increasing order of complexity. You can load the programs into the interpreter to experiment with them. For a conventional introduction to the language, Parallel Programming in Futhark may be a better choice. For more examples, you can check our implemented benchmarks. We also maintain a list of projects using Futhark. Some of the example programs use directives for plotting or rendering graphics. ↫ Futhark homepage As a non-programmer, I just think the name is cool.
- OpenBSD 7.9 released
The world�s best BSD (I�m kidding, I love them all equally) has released version 7.9, now available through your update tools and on mirrors the world over. OpenBSD 7.9 brings a ton of changes, fixes, and improvements, such as delayed hibernation support on amd64. This will allow OpenBSD laptops to briefly wake up from sleep, to then immediately drop into hibernation. A small but incredibly welcome change is that sysupgrade will now handle low space on /usr more gracefully, which will make quite a few people who once hit that limit very happy. OpenBSD 7.9 also brings VA-API and open Widevine support to its Chromium (and derivatives) port, and OpenBSD can now run as a guest under Apple�s hypervisor for M-series Macs. There�s initial low-level support for the FUSE API, the maximum support processor count on amd64 has been raised from 64 to 255, there�s improved support for managing complex core configurations in the scheduler, and many more changes. There�s also the usual new versions of LibreSSL and OpenSSH, of course, but that�s a given.
- The 21 years and 20000 posts OSNews fundraiser: €1 for every post
To celebrate my 21 years and 20000 posts as OSNews� managing editor, it�s time for a massive fundraiser: €1 for every story I�ve posted over the past 21 years, for a long-term total goal of €20000. Because OSNews is ad-free and independent, I rely entirely on your donations and support for my income and OSNews� continued survival. Your donations ensures OSNews remains free of ads, corporate influence, and other commercial interests that have ruined so many great websites. Why support OSNews? I want to make sure I can run OSNews for another two decades and another 20000 posts, and I need your help to do so. Since my wife, who has a tough, underpaid job in elderly care, is largely unable to work due to health reasons caused by that very same job, my income has become a lot more crucial for our kids, my wife, and myself. With OSNews readers being more skeptical of subscription-like things like our Patreon than most people, it�s exactly these one-time donations that make up the bulk of your support. To sweeten the deal, I�ve come up with a bunch of silly incentives that will unlock at certain thresholds: I know many of you don�t really care about incentives and silly things like these, but I think they�re fun and add some interesting things to donate to. The donations already started coming in, so we�ve got a small head start. Also, if anyone has any idea on how to add a cool progress bar to OSNews to keep track of the donations and incentives, please let me know. I�m sure some of you can whip something up or point me to something. OSNews was founded in 1997, so we�re almost 30 years old. Let�s keep this wonderful little corner of the people-focused web alive for just a euro per post. Everyone here deserves it, because y�all are great. e�
- Haiku OS runs on M1 Macs now
Big news from the Haiku forums: the Haiku ARM port is running on M1 Macs now. This is bare metal, no VM. m1n1+u-boot deal with the Apple-specific parts of booting, so we can boot UEFI images from USB like any PC. ↫ smrobtzz on the Haiku forums USB is apparently broken, but all 8 cores are functional, and it boots to a desktop. It�s still early days, for the ARM port in general and the M1 Mac port specifically, but it�s a great start.
- You can now run Windows CE 2.11 on the Nintendo 64
I�ve seen some wild projects in my day, but this one is definitely up there as one of the more ambitious. Stock Microsoft Windows CE 2.11 running on a real Nintendo 64. A custom HAL drops the unmodified nk.lib kernel onto VR4300, brings up the CE 2.11 GWES desktop and shell, mounts the EverDrive-64 X7�s SD card under \SDCard, treats the N64 controller as a mouse, plays sound through the N64 AI hardware via the standard CE wave stack, and runs third-party CE 2.11 EXEs straight off the SD card. This is a hobby reverse-engineering project: there is no official CE 2.11 port to N64 from Microsoft. Everything below the unmodified nk.lib (HAL, OAL, display driver, FSD, kbd/mouse PDD, wave PDD, RDP-accelerated GDI fill, ed64-X7 driver) is part of this repo. ↫ ThroatyMumbo Getting a fully operational desktop on Windows CE 2.11 is a lot harder than it appears at first sight, because this earlier version of Windows CE didn�t come with many of the reference implementations of components that later versions would add. OEMs were supposed to develop their own user interfaces for Windows CE 2.11, so the entire desktop you see here on this N64 port � window manager, taskbar, file manager, and so on � consists of custom code developed by ThroatyMumbo, using the standard Windows CE APIs. That�s not all, though, as the same applies to the various drivers needed to make Windows CE 2.11 talk to the hardware in the Nintendo 64. Windows CE 2.11 contains the interfaces for drivers but OEMs were supposed to write their own device drivers. So ThroatyMumbo did: the display driver, input drivers, sound driver, cartridge driver, and so on, are all written from scratch. Absolutely incredible. Note: it seems AI! has been involved in this project, but it�s unclear to what extent. I didn�t see any telltale signs, but readers have reached out to me about this. The result of all this is that you can now run Windows CE 2.11, including a familiar shell, on your N64, and run any Windows CE applications as well. Absolutely wild.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
|
