|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- Systemd v261 released
Systemd v261 has been released with a long list of changes, including a newcloud "Instance Metadata Service" (IMDS) subsystem, "boot secret"functionality for use on systems that lack a physical TPM, as well assupport for the kernel's Live Update Orchestration (LUO) / KexecHandover (KHO) systems when they are present and enabled. See therelease notes for the full list of changes.
- [$] AURpocalypse now: a look at the recent AUR attacks
The Arch User Repository (AUR) hasbeen subjected to a sustained attack recently. The attacker, or attackers, havespun up a series of new accounts then used them to adopt orphanedpackages and push malicious updates that would install malware on users' systems.It is unclear how many users were compromised in the attack, but the maintainerswere playing Whac-A-Mole for several days to respond to each newly compromisedpackage. The project has turnedoff the AUR's new-user registration, for now, but it is unclear what its long-term response will be or if the AUR can be secured without major changes toits existing collaboration model.
- Security updates for Friday
Security updates have been issued by AlmaLinux (dracut), Debian (chromium, firefox-esr, and thunderbird), Fedora (chromium, firefox, nss, ocserv, ongres-scram, ongres-stringprep, perl-Archive-Tar, perl-GD, perl-HTTP-Daemon, perl-Net-Statsd, restic, singularity-ce, util-linux, and vorbis-tools), Mageia (gstreamer1.0-*, libupnp, luajit, opensc, and ruby-rack), SUSE (curl, dnsmasq, ffmpeg-4, frr, google-osconfig-agent, java-1_8_0-ibm, kernel, krb5, kubernetes-old, ldns, liburiparser1, openvswitch, rootlesskit, strongswan, traefik, and trivy), and Ubuntu (ldns, libheif, libnet-cidr-lite-perl, lxd, tomcat11, and vim).
- Eight new stable kernels for Friday
Greg Kroah-Hartman has announced the release of the 7.1.1, 7.0.13, 6.18.36, 6.12.94, 6.6.143, 6.1.176, 5.15.210, and 5.10.259 stable kernels. As usual, eachcontains important fixes. Users are advised to upgrade.
- The Software Freedom Conservancy's LLM-backed generative AI recommendations
The Software FreedomConservancy (SFC) has announcedthe release of its recommendationsfor using LLM-backed generative AI systems for FOSScontributions. The recommendations were created by the SFC andvolunteers from the free-software community.
The recommendations reflect the extremely difficult dilemmas thatthese systems pose for FOSS contributors. SFC and its volunteersunderstand that FOSS developers are approaching LLM-gen-AI from avariety of perspectives. The recommendations offer practicalassistance to minimize the damage caused by using proprietary systems,whether FOSS contributors reject LLM-gen-AI or choose (voluntarily orby employer mandate) to use them.
These recommendations are best practices (but not definitions orrequirements) that SFC and its volunteers formulated after carefulstudy of the growing LLM-gen-AI use among FOSS contributors. SFC willfollow these recommendations with a series of supporting materials,including documents, online tutorials, public Q&As, podcasts,and other community engagement. We will routinely refine ourrecommendations and continue to support FOSS contributors as theynavigate this difficult landscape.
- [$] The first half of the 7.2 merge window
The 7.2 merge window started with the 7.1kernel release on June 14. As of this writing, just over 7,000non-merge changesets have been pulled into the mainline for the next kernelrelease. Many of the core subsystems have been pulled at this point,meaning that most of the changes that can be expected in 7.2 have now comeinto focus.
- Mastodon 4.6 released
Version4.6 of the Mastodon fediverse platform has been released.
The headliner of this release is Collections, a way to create and share curated collections of profiles. Part of Mastodon's work ethos is our commitment to trust and safety, so we've put a lot of thought and care into the design of this feature to avoid some of the pitfalls and abuse people have experienced with similar features on other platforms, while focusing on its primary goal: Helping new users discover more of the Fediverse.
Other new features include support for subscribing to posts via email, theability to generate a "year in review" post, accessibility improvements,and more.
- [$] Single-hop block replication with RMR and BRMR
How can cloud providers efficiently supply durable virtual block devices? RemoteDirect Memory Access (RDMA) provides a way for servers in a cluster to sharechunks of memory, but there still needs to be a protocol that operates on top ofRDMA to provide the guarantees expected of a block device. The kernel's RDMA transportlibrary (RTRS) provides a way to send messages via RDMA. Ipresented about twonew components built on top of RTRS at the 2026LinuxStorage, Filesystem, Memory Management and BPF Summit: Reliable Multicastover RTRS (RMR) and Block device over RMR (BRMR). These modules, which Iam working on with Jia Li, could be a way for cloud providers toexpose durable block devices with as little overhead as possible. To accomplishthat, however, we need some discussion and feedback from the community beforesending the modules upstream.
- Security updates for Thursday
Security updates have been issued by AlmaLinux (dracut, podman, postfix, rsync, xorg-x11-server, and xorg-x11-server-Xwayland), Debian (atril, firefox-esr, and nginx), Mageia (libcap, perl, and python-pillow), Oracle (firefox, gstreamer-plugins-base and gstreamer-plugins-good, httpd:2.4, kernel, libpng12, libpng15, libxml2, libxslt, opencryptoki, openssl, postfix, rsync, webkit2gtk3, xorg-x11-server, and xorg-x11-server-Xwayland), Slackware (bind, libidn, mozilla, and openssl), SUSE (alloy, docker, elemental-system-agent, glibc, grafana, helm, LibVNCServer, openssh8.4, perl-GD, perl-HTTP-Daemon, python-WebOb-doc, python311-google-adk, rustup, traefik2, wireshark, and xwayland), and Ubuntu (dolibarr, golang-go.crypto, graphite2, gst-plugins-bad1.0, kitty, libconfig-inifiles-perl, libnginx-mod-js, and webpy).
- 9to5Linux Weekly Roundup: June 21st, 2026
The 297th installment of the 9to5Linux Weekly Roundup is here for the week ending June 21st, 2026, keeping you updated on the most important developments in the Linux world.
- Nordic launches nRF54L15 Tag for asset tracking, Matter, and edge AI prototyping
Nordic Semiconductor has introduced the nRF54L15 Tag, a compact battery-powered prototyping platform built around the company’s nRF54L15 SoC. The 33 mm dual-antenna board is designed for developing low-power wireless products such as asset tags, Bluetooth trackers, remote controls, smart wearables, and devices targeting Apple Find My and Google Find Hub networks. The nRF54L15 Tag combines […]
- Olimex LCD7-PANEL-LIME2 combines 7-inch touchscreen, A20 Linux SBC, and panel-mount frame
The LCD7-PANEL-LIME2 is a ready-to-mount Linux touch panel computer from Olimex, based on the company’s A20-OLinuXino-LIME2 open hardware SBC. The unit combines a 7-inch capacitive touchscreen, a plastic panel-mount frame, mounting brackets, ribbon cable, and an assembled A20-based Linux board into a single package. The computer board is the A20-OLinuXino-LIME2-e16Gs16M, an open-source ARM Linux SBC […]
- 'Tutor' Who Took Online Tests for 124 Students Jailed for Three Years
A private tutor who charged money to take dozens of exams for students and submit coursework for them "has been jailed for three years," reports the BBC, "after his scam earned him £300,000."Shahid Adnan completed assignments and online tests for more than 120 students at Liverpool John Moore's University, the Crown Prosecution Service said. The 43-year-old, of Lysander Close, Liverpool, was caught in February 2023 after a student handed in a USB drive containing suspicious coursework to Dr Tom Berry of the university's school of computer science and mathematics. Berry's checks revealed the drive was used by Adnan with documents linked to a company he set up called Study Sharp Ltd. Excel spreadsheets containing details of other students, their study modules, coursework due dates, and their personal login credentials were also found. Further checks confirmed suspicions that Adnan was accessing the university's network to submit fraudulent work and sit examinations on behalf of students... [I]nvestigations led police to believe Adnan may have been doing work for 124 students at universities all over the world. The BBC also interviewed detective sergeant Adam Dagnall from Merseyside Police's cybercrime unit, who said Adnan was living a lavish lifestyle "well beyond" his stated occupations as a private tutor and Amazon delivery driver. His bank accounts held more than £2m ($2,645,100 USD).
 
Read more of this story at Slashdot.
- TikTok Shows 3x More AI Slop Than YouTube, Report Finds
"About 59% of TikTok videos served to a new account's For You feed are AI slop," writes Search Engine Journal, "according to a report from Kapwing, the video creation tool company. That's roughly three times the rate Kapwing found on YouTube."The company manually reviewed over 10,000 TikTok videos across 20 categories and ran a separate fresh-account test, counting AI-generated content in the first 500 For You videos. Kapwing ran the same fresh-account test on YouTube and found that 104 of the first 500 Shorts, or 21%, were AI slop. On TikTok, 294 of 500 For You videos hit that threshold... Of the 2,000 videos Kapwing reviewed in TikTok's Kids category, 57% were AI slop. That was the highest rate of any category in the analysis. The highest-rate tag was #cartoonkids, where 97 of 100 featured videos were AI-generated. Tags like #cartoons and #babysong both reached 83%, and #forkids came in at 79%. After Kids, the next highest AI slop rates were in Science and Education (35%), Health (33%), and History (33%). All three are categories where visual illustration and voiceover narration make up much of the content. On the other end, categories where on-camera presence or physical demonstration are central had the lowest rates. Fashion came in at 1.3%, Music at 1.5%, and Fitness at 1.6%. The article notes that by last November, TikTok "had already labeled 1.3 billion videos as AI-generated, according to the report."
Read more of this story at Slashdot.
- Someone Forked systemd Over Its New Birth Date Field
The blog Linuxiac reports:A new systemd fork has appeared with a specific purpose: removing systemd's recently added support for storing a user's birth date in JSON user records. The fork, called Liberated systemd, published its first tagged release as v261 shortly after the official systemd 261 release. In other words, the fork follows upstream systemd while reverting the change that added the new optional birthDate field. Importantly, this is not a new init system, a wider redesign of systemd, or a general-purpose alternative to the upstream project. Its stated purpose is to remain close to upstream systemd while removing what the author describes as "surveillance enablement"... The author recommends testing the fork in a virtual machine before using it on real hardware and warns nightly builds are more likely to be unstable than named releases.
Read more of this story at Slashdot.
- The Secret Revolution in Battery Technology: 3-D Printing
"There's a revolution in battery technology hiding in plain sight," reports The Wall Street Journal. "The 3-D printing of batteries has the potential to put energy storage inside any device. "This will enable lightweight and long-lasting consumer gadgets, long-range military drones and even nanoscale robots."Almost all the innovations we regularly hear about — from cheaper, tougher electric-vehicle batteries to "Holy Grail" solid-state batteries — are about changing the chemistry of batteries. The promise of battery-tech 3-D printing (aka additive manufacturing) is simple: What if batteries could fill any available space, even structural elements of our gadgets, rather than always taking a rigid shape like a pouch or cylinder? The new approach has obvious appeal. The entire airframe of a drone could be filled with energy storage for increased range. Smartglasses could have sleek battery-packed frames, so they look like everyday eyewear rather than "Revenge of the Nerds" props. One of the biggest advantages of 3-D printing is that it works with any battery, regardless of its cell chemistry. It could advance today's lithium-ion as well as emerging sodium-ion and solid-state tech... Some [startups] are trying to use 3-D printing to create efficiencies in existing battery manufacturing systems. A brave handful of startups are pursuing radical new designs and approaches. They're starting with defense applications, where cost and scale are less of an issue... At Silicon Valley-based Sakuu... [r]ather than trying to 3-D-print whole batteries, the company is working on replacing one of battery manufacturing's biggest pain points, says Arwed Niestroj, Sakuu's chief operating officer, who is also a nuclear physicist and former head of Mercedes-Benz Research & Development North America. Existing battery assembly lines include football-field-long ovens for drying layers of material that have been dissolved in solvents. This requires a huge amount of energy and is a significant contributor to manufacturing costs, a big reason EV batteries aren't cheaper. Sakuu's process, under development for years, uses additive manufacturing to lay down key battery components without solvents, eliminating the need for ovens, says Niestroj. Sakuu is currently working to commercialize this tech with a major battery manufacturer...
Read more of this story at Slashdot.
- Is Tesla Planning To Sell Modular AI Data Center Hardware?
Electrek reports:Tesla wants to sell modular AI data center hardware, according to a new trademark application for a product called "Megapod." The filing describes a complete, self-contained computing system for AI workloads... Tesla filed the "Megapod" trademark (serial number 99893717) with the U.S. Patent and Trademark Office this month, through its longtime IP counsel. It's an intent-to-use application, meaning Tesla is claiming the name for a product it hasn't launched yet. The goods-and-services description is unusually specific for a trademark. Megapod covers "modular data center hardware systems for artificial intelligence computing, comprised of computer servers, computer hardware for artificial intelligence data processing, networking equipment, power distribution units, and cooling systems." It also covers "self-contained modular computing hardware systems for artificial intelligence workloads," integrated platforms sold as a single unit — an enclosure bundling compute, power distribution, and cooling — and downloadable software to monitor, manage, and optimize those systems. In plain terms: Tesla wants to sell a turnkey AI data center building block. Not a battery, not a chip on its own, but the full rack-and-room of servers, networking, power, and cooling that AI training and inference run on. Tesla's offering would have to compete with Nvidia's liquid-cooled, rack-scale systems that simulates a giant GPU, the article points out. But "The bigger issue is that Tesla has no merchant compute-hardware business to build on."Tesla's own AI training cluster, Cortex at Gigafactory Texas, runs on roughly 67,000 Nvidia H100-equivalent GPUs. In other words, Tesla is one of Nvidia's customers, not a competitor selling alternative hardware... Where Tesla does have a real AI-data-center business is power, not compute. Its Megapack and new Megablock energy storage products are selling into AI data centers as grid buffers — Musk's own xAI has bought roughly $1 billion of Megapacks to keep its training runs powered. That energy-storage strength is the one credible thread here. A Megapod that bundles Tesla's power electronics, thermal management, and the enclosure — the "shell" around the chips rather than the chips themselves — would at least sit adjacent to a business Tesla actually runs.
Read more of this story at Slashdot.
- UK Official Promises Statements 'Around VPNs' and Further Teen Restrictions on Chatbots and Social Media
PC Gamer reports:The UK government is considering an Australia-style ban on social media for under-16s, with Prime Minister Keir Starmer saying that the ban could take effect as soon as spring next year. As for the much nearer future, Science and Technology Secretary Liz Kendall told BBC Breakfast earlier this week, "We will make further statements in July about VPNs and further restrictions." To be clear, no specific restrictions have yet been announced and Kendall sounded somewhat cautious about an outright ban during a parliament debate that took place the same day. "I have commissioned further research about their usage. There are really important issues to balance here," she says. "Many people want to use VPNs for privacy — that is important — but we know that some children use them to get around restrictions. I will come back to that in July in our response to the consultation." So, we'll have to wait until next month for anything definite, but it's hard not to feel like a full ban on VPNs is already on the table. If that does come to pass, more than the contents of my Bluesky inbox will be at stake. Utah in the US has already tried to implement a full VPN ban (though this was postponed until September after Aylo, the parent company of Pornhub, challenged the law in court)... [T]he UK could just be the next domino after Utah, potentially setting off a chain reaction that affects users around the world. The article also argues that age checks can also be a privacy nightmare "with the security breach that exposed the personal info of 70,000 Discord users last year being one case in point." Here's the complete statement from UK Technology Secretary Kendall. "I'll come back in July with a further statement around VPNs but also additional measures that we want to look at, further restrictions on AI chatbots that parents have found very worrying, more about overnight curfews or breaks in doomscrolling for 16- and 17-year-olds."
Read more of this story at Slashdot.
- Cops Keep Getting Arrested for Using Flock's Cameras to Stalk People
404 Media remembers how a Florida police office looked up his ex-girlfriend's license plate in the Flock automated license plate reader system at least 69 times in 2024 — even searching for her mom's license plate at least 24 times. The police office was charged with stalking and hacking-related offenses, serving one day in prison with five years of probation — but his case "was not a one-off." [Alternate link via Bruce Schneier] Local news reports from around the country repeatedly detail police abusing the Flock surveillance system in order to stalk their partners or ex-partners. The contours of each story are much the same, with the police officer in question using their access to the system to repeatedly track a specific person over the course of weeks or months. The cases highlight the fact that Flock can be used to track the whereabouts of individual people, that police do not get a warrant in order to use the system, and that, if they have access to the system, they have the technical ability to look up any license plate they want for any reason they want. An April study by the civil rights group Institute for Justice found that at least 18 police officers have been caught around the country using Flock to stalk a romantic interest in the last few years; another database, called the ALPR Abuse Library, has documented 20 specific cases of "stalking/targeting" around the country. The known cases of police stalking are almost certainly a vast underreporting of the overall abuse, because they largely include only cases in which the behavior was so egregious that it led to police officers being fired, arrested, or both. Flock told 404 Media that it is "aware of 15 incidents of abuse, each surfaced because of the transparency and accountability features deliberately built into our platform.... There are also 140,000 monthly active users of Flock, so the relatively rare instances of abuse, while obviously wrong and awful, are exactly that — rare," a Flock spokesperson told 404 Media. [One in 10,000.] "Humans are fallible; unlike most tools society provide law enforcement, Flock ensures that in the instances when our technology is misused, the evidence used to hold responsible parties accountable, is right there in our system. We also encourage all our customers to have a usage policy, regular training, and to implement our Audit Assistance tool, which proactively flags unintended use...." But it is also the case that Flock has strenuously fought against lawsuits and potential regulations that are seeking to require police to get a warrant to use the system. And many cases of abuse have not been detected by police departments themselves but by those private citizens, journalists, and stalking victims who have found patterns of abuse in public records files they have obtained from their local police departments. In most cases of Flock-related stalking reviewed by 404 Media, the abuse occurred over the course of months or years, and the victims were subjected to dozens or hundreds of lookups. Other abuse cases have been discovered using the website HaveIBeenFlocked.com, a website that compiles Flock searches released via public records requests and turns them into a searchable database. Flock has repeatedly tried to get that website taken down, as we have previously reported.
Read more of this story at Slashdot.
- After Six Years Of Work and Over 360 Patches, Linux 7.2 Finally Removes Bug-Prone strncpy
Tech Times reports:Linux 7.2's merge window closed out a cleanup campaign on Friday that most kernel developers had stopped expecting to see end: the complete removal of strncpy(), a C string-copy function that the kernel's own documentation labels "actively dangerous," from every subsystem, driver, and architecture-specific file in the kernel source tree. The merge landed June 20, 2026. After around 362 commits spread across six years of incremental work, no call site using the function remained, and the function itself — including the last per-CPU-architecture optimized implementations — was struck from the source. The removal matters beyond housekeeping. strncpy() is a persistent source of a specific class of memory error: kernel buffers that contain sensitive data can leak bytes past an unterminated string boundary, a pattern that enables memory disclosure vulnerabilities. Eliminating the function from the tree removes that entire class from the kernel's attack surface — and, critically, makes strncpy() unavailable to any future contributor, turning a best-practice suggestion into an enforced policy. Phoronix notes it's replaced by five different functions:In place of strncpy, Linux kernel code should use strscpy() for NUL terminated destinations, strscpy_pad() for NUl-terminated destinations with zero-padding, strtomem_pad() for non-NUL-terminated fixed-width fields, memcpy_and_pad() for bounded copies with explicit padding, or memcpy() for known-length memory copies. "The reason five functions were needed," explains Tech Times, "is that different parts of the kernel were using strncpy() for five semantically distinct memory operations — each with a different intent, different termination requirement, and different padding behavior. "The original function obscured all of those differences under a single ambiguous name. The 362-commit campaign to replace it was, in effect, a codebase-wide audit that forced every call site to declare its actual intent in code That is an engineering outcome with lasting value: the kernel's string-handling semantics are now explicit where they were previously implicit, and future maintainers can read a function name and understand what a copy operation actually does.
Read more of this story at Slashdot.
- US Bill Would Mandate AI Chip Location Tracking to Thwart China and Other Adversaries
NBC News reports:A group of companies that specialize in tracking international shipments of sensitive technologies is backing a Capitol Hill bill that would require America's most powerful AI chips to incorporate stronger security mechanisms aimed at preventing the chips from reaching China and other adversaries. The letter, signed by six companies, says the Chip Security Act (CSA) would increase American chip companies' competitiveness and close key loopholes in the U.S. export control regime. The move clashes with claims from semiconductor lobbying groups that the requirements would constrain America's booming chip industry. Sent to congressional leadership Thursday morning and seen by NBC News, the dispatch instead argues that more robust security verification would assure chip customers and manufacturers that they are abiding by sensitive restrictions on chip sales. The companies argue that the boosted confidence will "lead to increased sales, faster export approvals, larger transactions, greater access to new markets, and more expansive chip deals." Despite U.S. export control laws banning sales of advanced AI chips to certain countries, including China, loopholes in current requirements have allowed billions of dollars' worth of America's best AI chips to be sold to entities in third-party countries that can then forward them to China. In just one case in March, the Justice Department charged three people with conspiring to forward $2.5 billion of AI chips to China. The CSA aims to address those loopholes, mandating that chip exporters better track where advanced chips are sent, via either bespoke location-verification hardware or software that can run on existing hardware. That, bill proponents claim, would ensure that sensitive chips could be sold to countries like Malaysia or Indonesia without fear of further transfer to China... Experts say that because chips perform the advanced computations required for frontier AI systems, cutting off access to the chips is crucial to prevent geopolitical rivals from using AI systems for military or economic purposes.
Read more of this story at Slashdot.
- The Rust Ecosystem Gets an AI Security Engineer in Residence
While the Rust Foundation has a Security Initiative to protect its ecosystem, "the threats have expanded," they announced this week, "and so has the kind of help maintainers need."Much of this comes back to a single shift: Automated tooling (much of it now built on large language models) has gotten good enough to surface real vulnerabilities in open source code quickly and at scale. That is useful, and several large Rust projects have already received and fixed credible issues found this way. The same tooling has also made it trivial to generate vulnerability reports that look plausible and are worthless. Maintainers across the ecosystem are losing real hours sorting these from the reports that matter, and the noise tends to bury the signal. So, with funding from the Alpha-Omega Project, the Rust Foundation is bringing on a full-time AI Security Engineer in Residence dedicated to the Rust ecosystem. This position is being funded with part of the $12.5M in open source security funding that the Linux Foundation announced in March.The role exists to take pressure off maintainers. The person in this position will use a mix of human-led and AI-assisted methods to proactively review Rust itself and the crates the ecosystem leans on most and help us separate real, exploitable issues from false positives and low-signal noise before anything reaches a maintainer... This role will run full-time for six months to start, with room to extend depending on what we learn and the funding available. Methods, playbooks, and prompts will be documented so the work doesn't end with the contract. We are grateful that Rust is not embarking on this work in isolation. Several other ecosystems have received parallel Alpha-Omega grants for the same kind of work (e.g., the PHP Foundation and the Drupal Association) and we plan to share tooling, triage practices, and what we learn rather than duplicating work A statement from Rust's new AI Security Engineer in Residence acknowledges that "One of our next challenges is the wave of bugs discovered by the next generation of AI-powered developer tools."
Read more of this story at Slashdot.
- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
- Valve Creates The Ray-Tracing Inspector "RTI" To Help Further Optimize Linux GPU Drivers
Merged today to Mesa 26.1 is the Ray-Tracing Inspector "RTI" as a new GUI created by developers on Valve's open-source Linux graphics team. The Ray-Tracing Inspector is designed to help in analyzing and optimizing the Vulkan ray-tracing performance as part of their continued work on further bettering the Radeon RADV RT performance for Steam Play / Linux gaming...
- Qualcomm Posts Linux Patches For HP EliteBook X G2q X2 Elite Laptop
Last month Qualcomm engineers posted patches bringing up the Lenovo Yoga Slim 7x Gen11 Snapdragon X2 laptop on Linux. Sent out this weekend were a new set of patches from Qualcomm for bringing up the HP EliteBook X G2q laptop model powered by the Snapdragon X2 Elite SoC...
- Google9s Gemini Partially Figures Out A Lengthy Linux Boot Time On Modern ASUS Laptop
Google Antigravity with the Gemini 3.5 Flash model helped a Linux user sort out a situation where his laptop was taking around 36 seconds to boot the kernel, which shouldn't be the case for the high-end laptop with AMD Ryzen 9 processor and 32GB of RAM. It ended up being yet another case of device firmware issues, but now a Linux kernel patch is pending for working around the issue on the ASUS ROG Strix G16 G614 laptop while discussions are ongoing in getting the vendor to provide a proper firmware fix...
- Linux 7.2 Begins Making Preparations For NVIDIA "Blackwell-Next"
When going through the VFIO subsystem patches for the ongoing Linux 7.2 merge window, there isn't too much to get excited about for end users with these changes. But there is the first time mentioning "Blackwell-Next" enablement by NVIDIA for the Linux kernel...
- Linux9s KUnit Finally Supporting JUnit Output
KUnit as the unit testing framework for the Linux kernel and was inspired in part by Java's JUnit when originally conceived, is now finally able to output to the JUnit format for better interoperability with other CI systems and the like that standardize on that common format...
- A tale of two path separators
In macOS, you can apparently create files and directories in the Finder with names that include slashes. If you then go into the terminal and take a look with ls, you�ll see that the slashes are actually colons. I don’t understand all the nuances, but I know this is a side-effect of the fact that macOS has not one but`two`path separators: the slash (/) and the colon (:). The two separators are used in different contexts, and the system will translate between them as needed. These two separators reflect the two parent systems of modern macOS:`classic Mac OS`and the`Unix-like NeXTSTEP. When they were joined together, Apple’s engineers had to build a file system that was compatible with both the classic Mac’s file system (the Mac OS Extended File System, aka HFS+), and with NeXTSTEP’s file system (the Unix file system, aka UFS). Among other differences, these systems had different path separators: HFS+ used a colon, while UFS used a slash. ↫ Alex Chan (article from 2021) I had no idea macOS worked this way, but it makes sense considering the platform�s dual history. What�s interesting is that when Apple moved to APFS almost a decade ago, this duality in path separators remained, most likely for backwards compatibility reasons. In a sense, this is somewhat similar to Windows supporting both backward and forward slashes, with the former being a leftover from DOS, and the latter an addition (to Windows) from the UNIX world. None of that beats Windows when using the Japanese or Korean locale, though. Because Japanese and Korean Windows use different codepages than Windows in the Americas and Western Europe, these versions of Windows render the backslash as the yen sign (¥) and and won (₩) sign respectively. As such, something like the Program Files directory actually renders like C:¥Program Files¥ and C:₩Program Files₩. Similar issues occurred in other Windows locales as well, but the impact of this in Japan and South Korea were so widespread that people just expect it to be that way, even if it�s easily fixed today. I can�t find if Windows 11 still uses ¥/₩ in Japan/South Korea, since the last references of it I can quickly uncover all point to Windows 10.
- Apple internals: Swift in the kernel
Apple�s Swift has become the de-facto language for Apple�s own developers for a while now, and it seems that with the new operating system releases from the company unveiled during WWDC, Switch is now also being used in the kernel. Naturally I dropped what I was doing and went grepping through the iOS 27 kernelcache. Alas, nothing came of it. All is not lost though: I found the Embedded Swift runtime in macOS 27, sitting in`com.apple.kec.pthread`of all places. Then I went poking around the root filesystem and it turns out Apple gave the whole effort a name: KernelKit. Let�s dissect it. ↫ Josh Maine It�s still quite limited at this time, which makes sense � you don�t want to be too crazy with the core of the operating system that runs on god knows how many PCs, smartphones, and other devices. It�s also entirely contained within a few kexts as embedded runtimes, and the XNU kernel itself remains entirely C and C++.
- I stored a website in a favicon!
Every website has a favicon. It�s that little icon in your browser tab. Usually you upload it once and then never think about it again. But. A favicon is just an image. An image is just pixels. And pixels are just bytes. So of course I wondered if I could store something inside one. ↫ Tim Wehrle I love it when people do something useless just for fun.
- What was nice about the UI of Windows 2000
I mean, this is preaching to the choir, but let�s go anyway. I liked the UIs of the entire era from 3.0 to 2000, really. I�m mostly using Windows 2000 as an example here because it runs so well in QEMU/KVM and that allows me to easily take screenshots. Some of the following will sound absolutely trivial, but I think it�s worth pointing out. ↫ movq.de blog Just a series of observations about how much better graphical user interfaces were back in the �90s and early 2000s. We�ve lost so many affordances based on both common sense and scientific study, and what we ended up with is a confusing, inconsistent mess. It doesn�t really matter where you look � user interface design has deteriorated since the early 2000s, a decline that only accelerated thanks to the arrival of the iPhone, where consistency is a dirty word, and the web, where the advertising people took prominence over the design people. I just want my buttons to look like buttons man.
- To study how chips really work, MIT researchers built their own operating system
A fascinating novel approach by researchers at MIT, called Fractal, to study in-depth how processors actually work. A team at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) decided to build something different. Fractal, an operating system kernel written from the ground up, treats the hardware itself as the object of study. Its first major use, a deep look at branch predictors — a CPU’s way of guessing what code to run next, before it knows for certain, so it doesn’t have to waste time waiting to find out — inside Apple’s M1 processor, has already turned up findings that prior work missed, including the first evidence that a class of speculative attack known as “Phantom” affects Apple Silicon. “We’re using hardware in ways it wasn’t designed for,” says Joseph Ravichandran, the MIT PhD student in electrical engineering and computer science (EECS) who led the project. “It’s not even obvious that this is a possible thing you could do with the hardware. But we found a way to pull all these different primitives off. It’s like a microscope. If you’ve got a hand magnifying glass, you can see a little bit. But if you had an electron microscope, now we’re really talking. That’s what Fractal is. The electron microscope of operating systems.” ↫ Rachel Gordon at MIT News While Fractal is small, its creators also added POSIX system calls, a C library, vim, GCC, a shell, and more. This way, it feels more familiar, and makes it easier for researchers to get started with the tool. Fractal is open source and hosted on GitHub, it has its own website, and there�s a detailed research paper with more in-depth information.
- AmigaOS 2: the greatest upgrade
Five years after releasing the Amiga 1000, Commodore was about to launch the Amiga 3000, their first real high-end Amiga. With a 68030 processor, on-board SCSI and a slightly updated graphics chipset, all in a sleek desktop case, the Amiga was truly ready for the era of professional 32-bit computing. But Moore�s law wasn�t the only thing thad had been pressuring Commodore since the release of the Amiga 1000: The desktop metaphor had matured even further, and the competition had been hard at work. IBM had launched OS/2, Windows 3.0 had turned Microsoft�s offering from a proof of concept into something actually usable, and new players had entered the scene � among them NeXTStep, with its polished 3D look. It was time to bring AmigaOS, too, into the 1990s. ↫ Carl Svensson It�s interesting � there�s a lot of focus on the first version of the Amiga operating system and the third one, but you don�t hear a lot about AmigaOS 2.x. It turns out this is rather odd, because as Svensson details, this version came with an absolute ton of changes and improvements, from an entirely new widget toolkit to a brand new file system, and so much more. The new widget toolkit and accompanying style guide also ensured that the operating system looked, felt, and behaved consistently. Remember when we cared about that? There�s so much more cool features, though, like command history, line editing, universal clipboard support and more just for the CLI, as well as something called Commodities. These were tiny little programs managed from a central location, which didn�t even need a GUI to work. Commodities included by default were things like ClickToFront, a focus-follows-mouse option, and more. Oh and of course, BASIC was replaced by ARexx. The list just keeps going, and you should really read Svensson�s article.
- Oracle Solaris 11.4 SRU93 released
Oracle is sticking to its promise of more regular Solaris updates with the release of Oracle Solaris 11.4 SRU93. This release, like other SRU releases, is for paying Solaris customers, as the CBE releases for enthusiasts are on a different cadence. With Solaris� focus being on enterprise server environments, it should come as no surprise that most of the changes and improvements are focused on things like enterprise networking and security, such as changes to how policy settings for the Kernel Crypto Framework (KCF) are stored, moving from using RPC over sockets instead of STREAMS, and more. Of course, there�s also the long list of updated open source packages. SRU 93.221.2 updates a broad set of platform, runtime, developer, networking, desktop, and open source components. Notable updates include Apache Tomcat to 9.0.116, bash to 5.3 patch 9, BIND to 9.20.18 and 9.20.21, Django 4.2 to 4.2.30, Django 5.2 to 5.2.13, Firefox to 140.8.0esr, Golang to 1.25.8, Node.js 20 to 20.20.2, Node.js 22 to 22.22.2, Node.js 24 to 24.14.1, NSS to 3.119.1, Perl to 5.42, Python 3.11 to 3.11.15, Python 3.13 to 3.13.12, RabbitMQ to 4.2.4, Thunderbird to 140.8.0esr, vim to 9.2.0340, and zlib to 1.3.2. Additional updates include development tools, Python modules, X11 utilities, printing components, libraries, cryptographic packages, networking tools, and desktop-related packages. ↫ Colin Kavanagh at the Oracle Solaris Blog Existing Oracle Solaris customers can update to the new release through pkg update.
- Android 17 released for Pixel devices with very few interesting improvements
Yesterday, Google released Android 17 to Pixel devices, so late last night I updated my Pixel 10 Pro with the intent to write a news item about the release today. The reality is that that I totally forgot I even upgraded last night, because Android 17 is about the biggest nothingburger I�ve ever seen. Virtually all of the new features listed in the upgrade blurb on my phone were AI! nonsense I don�t encounter, so over the course of the day, I didn�t really notice anything new about my phone�s operating system. The only interesting feature that I think will be particularly useful on tablets and perhaps foldable devices is something called App Bubbles!. Basically, you can turn any application into an overlay that can be minimised into a bubble, which then lives anywhere on your screen. Tap it, and you can maximise the overlay again. This little multitasking bubble can contain multiple applications, effectively making it a dock or taskbar. Neat, but I didn�t see much use for it on my phone. The remainder of the new non- AI! features are hard to spot, at best. I guess the ability to turn one half of a foldable display into a gamepad is neat if you can deal with gaming on glass buttons (I cannot), and the changes to location access (you can now grant it for just one time) and contacts access (it�s more fine-grained and temporary now instead of granting access to everything forever) are welcome, but that�s about it for user-facing features. Under the hood, the one thing that stands out is that Google is enforcing stricter memory limits for applications, based on how much RAM a device has. The idea is that this should prevent memory leaks from getting out of control and leading to crashes, which is nice, especially for devices with less RAM. Android 17 is available for Pixel devices now, and will probably find its way to non-Pixel devices over the coming months or years. With how little meat there is on Android 17�s bones, this might be the first release where Android�s update woes don�t really matter.
- KDE Plasma 6.7 released
The KDE team released KDE Plasma 6.7 today, and with it comes a long list of improvements, new features, bug fixes, new old themes, and so much more. A new feature that is sure to please those among us who use virtual desktops: you can now have different virtual desktop setups per display. It�s been a long-requested feature, so it�s great to see it makes its way to the KDE users. I despise virtual desktops, but I�m happy to see something that I assumed was already part of KDE to finally actually become available. Another major feature in KDE Plasma 6.7 is something we�ve already talked about: the return of the classic Oxygen and Air themes from the KDE 4.x days. These themes have seen extensive work over the past year or so to make them usable on the latest KDE release, which includes tons of bug fixes, visual nips and tucks, and countless additions to the collection of assets required to make a modern KDE theme look complete. This includes a ton of new icons in the old styles, light and dark modes, accent colour support, and much more. There�s still work left here, including adding support for QtQuick/Kirigami applications � which brings us to the next major new addition to KDE 6.7 This is also something we�ve already talked about: Union. I won�t repeat what I already explained last time Union came up, but suffice it to say that Union effectively unifies the various different ways KDE applications are themed, allowing theme designers to use relatively standard CSS to create themes that cover every aspect of the KDE user experience. Before Union, theme designers had to create individual, unique themes for a variety of parts of KDE � the Plasma desktop, QtWidgets using QStyle, QtQuick/Kirigami � which was a ton of work, and in the case of QtQuick/Kirigami, wasn�t really possible at all. As such, without Union, KDE�s theming is essentially broken, and Union fixes that. For now, Union is not enabled by default, and must be installed and enabled separately for testing. Of course, there�s a ton of other smaller new features, changes, and bug fixes as well. KDE Plasma 6.7 will find its way to your distribution soon enough.
- Apple adds keylogger to iOS App Store for targeted advertising: tied to your account and unencrypted
A week or so ago, Apple announced a bunch of features for the App Store on iOS, including personalised recommendations based on your activity and usage of iOS. It turns out this includes a keylogger (taplogger?) in the App Store, which records every single tap you make, every single letter you enter, and a lot of other information. All of this information is unencrypted and sent to Apple. Now Apple is putting the extensive identifiable analytics they collect in the App Store in action. They record every tap and there’s no way to turn it off. They can even calculate your typing speed. ↫ Michael Tsai, quoting Mysk The provided screenshots of the data collected are terrifying, especially because the data is unencrypted, sent to Apple, and fully tied to your user account. Apple clearly wants a slice of that big, juicy advertising pie, and they, too, are discovering that the easiest and best way to serve targeted ads is to collect as much data as they can about you. Of course, this is something the entire internet (but not OSNews!) and several megacorporations are built on by now, but Apple has been incredibly sanctimonious about how it supposedly actually cares about user privacy, making this keylogger yet another case of Apple�s hypocrisy on full display. Of course, if you care about privacy, you�re entirely free to download your iOS applications from somewhere other than the App Store and install them yours0 Oh, wait.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- KDE Linux Drops AUR
KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.
|
