|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)

- Building an Arch Linux aarch64 port for Holo Core (Collabora blog)
Collabora has published a blogpost about its work with Valve on Holo Core, which is a port of Arch Linux toaarch64 to be used as the the operating system on Valve's64-bit Arm Steam Frame gaming system. Collabora has released thesources,binarypackages, and a container image for aarch64 devices. The postdescribes some of the challenges in porting Arch Linux to a newarchitecture, and what remains to be done:
Whilst the infrastructure developed to this point is capable ofbuilding from first principles up until a point-in-time snapshot, thenext step is to build this into a system which can track Arch Linux asit is developed. This work will serve as the basis of acontinuously-operating CI system capable of shadowing Arch Linuxitself. We will work with the upstream Arch Linux project to help Archwith their efforts to port the distribution to aarch64 architectureand work towards automated repeatable builds.
The post also includes instructions on how to create and test anaarch64 build container on an x86_64 host, for users who would like tofollow along at home but lack a 64-bit Arm device.
- [$] Securing BPF LSMs against tampering
Since 2020, BPF programs have been able toact as Linux security modules(LSMs). Several projects, including systemd, have been working to usethat capability to provide more security to users. Christian Braunerspoke at the 2026Linux Storage, Filesystem, Memory-Management, and BPF Summitabout some of the limitations of using BPF in this way, and the changes hewould like to see for systemd's use. In particular, he would like a way to makesure that BPF programs cannot be removed or have their private data tampered with.
- Security updates for Friday
Security updates have been issued by AlmaLinux (cifs-utils, container-tools:rhel8, libreoffice, nodejs:24, perl-XML-LibXML, and python3.12), Fedora (ansible-collection-ansible-posix, firefox, freerdp, ImageMagick, mingw-glib2, perl-DBI, perl-HTTP-Date, rust-cargo-rpmstatus, and rust-opendal), Oracle (cifs-utils, gegl, gimp, git-lfs, go-toolset:ol8, hplip, kernel, libreoffice, maven:3.9, perl-XML-LibXML, python3, python3.12, python3.9, and uek-kernel), Red Hat (kernel, kernel-rt, and podman), Slackware (netatalk), SUSE (agama, aws-nitro-enclaves-binaryblobs-upstream, gimp, gpsd, grafana, hostapd, ImageMagick, jackson-databind, kernel, libssh2_org, nm-configurator, opennlp, perl-Mojolicious, python-Pillow, python-python-engineio, python-python-socketio, and tomcat11), and Ubuntu (ntfs-3g, python-authlib, ruby2.3, tar, and ubuntu-advantage-tools).
- Security updates for Thursday
Security updates have been issued by AlmaLinux (cups, git-lfs, kernel, libsolv, libxml2, python3.12, and python3.9), Debian (chromium, dhcpcd5, and ntfs-3g), Fedora (firefox, perl-Imager, python-bcrypt, python-tiktoken, roundcubemail, and xrdp), Mageia (openssl, poppler, python-mistune, and tmux), Oracle (389-ds-base, cups, git-lfs, glibc, host-metering, kernel, libsolv, libxml2, nginx:1.24, PackageKit, python-pillow, and qemu-kvm), Red Hat (buildah, containernetworking-plugins, and skopeo), SUSE (buildah, cosign, curl, distribution, dnsmasq, glib-networking, glibc, gnutls, gstreamer-plugins-bad, ImageMagick, kernel, podman, python-cryptography, python313-django-debug-toolbar, rekor, sccache, sssd, and yelp), and Ubuntu (dotnet8, dotnet10, libslirp, luajit, python-idna, sympa, and tomcat8).
- [$] LWN.net Weekly Edition for July 16, 2026
Inside this week's LWN.net Weekly Edition: Front: Fighting scraper bots; io_uring queues; Filesystem testing; BPF shielding; Sending packets from BPF; Kitty; QBE. Briefs: Shim security; seunshare vulnerability; Debian bookworm; Rust 1.97.0; Linux.org; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- [$] Topics in filesystem testing
It should come as no surprise that a gathering of filesystem developerswould discuss filesystem testing; it has been a mainstay of the Linux Storage,Filesystem, Memory Management, and BPF Summit over the years and the2026 summit was no exception. Ted Ts'o led the discussion this time; hehad a few different topics to raise, including his perception of increasingregressions for ext4 in the stable kernels and what can be done to helpreduce them. As with other similarsessions at the summit over the years,there is a lot of interest in collaborating on test inputs and outputs, butfinding a way to centralize that information has so far eluded thefilesystem community.
- Local DoS attack vectors in seunshare 3.10 (SUSE Security Team Blog)
The SUSE Security Team Blog has a postwith an analysis of seunshare,which is used by SELinux to confine untrusted programs. During areview of version3.10 of the program, the team identified two localDenial-of-Service (DoS) vectors.
Since seunshare is supposed to run on SELinux-enabled systems, itis important to understand what kind of privilege escalation can beachieved when vulnerabilities are exploited in a setuid-root binarylike this. Many SELinux-enabled systems, such as Fedora and openSUSE,ship with the "targeted" SELinux policy by default. This policy isfocused on confining well-known system services, but assigns anunconfined SELinux context to interactive users by default to achievea balance between security and usability.
There is currently no domain transition from the unconfined domainto the more restricted seunshare_t defined in the SELinux policy forseunshare. This means the execution of seunshare continues in theunconfined domain. Thus in the context of attacks carried out byinteractive users, the impact of the vulnerabilities below will be aroot-like privilege escalation despite the system running in SELinuxenforced mode.
See the post for the full write-up of the team's discoveries and timeline. Thevulnerabilities have been fixed in version 3.11.
- [$] Lockless MPSC FIFO queues for io_uring
Processes that use io_uringtend to keep a lot of balls in the air; being able to have many operationsunderway at any given time is part of the point of that API in the firstplace. The io_uring subsystem must, as a result, keep track of a lot oftasks that have to be performed at the right time. In current kernels,io_uring uses a standard kernel linked-list primitive to track those workitems. As of the 7.2 kernel release, though, io_uring will, instead, use anew lockless, multi-producer, single-consumer (MPSC) queue, resulting insome notable performance gains. Lockless algorithms tend to be tricky, butthe one used here is relatively approachable and shows how these algorithmscan work.
- Security updates for Wednesday
Security updates have been issued by AlmaLinux (cifs-utils, corosync, cups, freerdp, git-lfs, go-fdo-client and go-fdo-server, go-toolset:rhel8, kernel, kernel-rt, libinput, libxml2, nginx:1.24, openssl, pacemaker, perl-DBI:1.641, php8.4, python-pillow, python3, and python3.12), Debian (grub2, libxfont, opam, and wolfssl), Fedora (freerdp, kernel, and prometheus), Mageia (imagemagick), Oracle (buildah, freerdp, gimp, kernel, nginx, openexr, openssl, perl-DBI, podman, vim, xorg-x11-server, and xorg-x11-server-Xwayland), Red Hat (python3.12), SUSE (afterburn, buildah, busybox, enc, freetype2-devel, go1.25, go1.25-openssl, go1.26-openssl, gosec, grafana, helm, krb5, kubernetes-old, libopenbabel8, libxml2, libxml2-16, nasm, openssl-3, patch, python-Authlib, python-mistune, python-soupsieve, python-sqlparse, python3-dulwich, python313-Pillow, rootlesskit, sbootutil-1, tomcat, and tomcat11), and Ubuntu (alsa-lib, dnsmasq, gnutls28, libheif, linux-aws, linux-fips, linux-lts-xenial, linux-gcp-5.15, linux-intel-iotg-5.15, linux-hwe-6.17, linux-raspi, mariadb, openvpn, python-httplib2, vim, and wget).

- Noctua NL-LC1-36 All-In-One Liquid Cooler
With reviewing hardware for more than 22 years, when it comes to cooling products there are few brands that can still get me intrigued like Noctua. With their recent launch of the NL-LC1 all-in-one liquid coolers, I decided to try out the Noctua NL-LC1-36 360mm AIO cooler that is working out well for cooling high-end desktop CPUs like the recently launched Ryzen 9 9950X3D2.
- HackRF Pro SDR covers 100kHz to 6GHz with FPGA-based processing
The HackRF Pro is an open-hardware software-defined radio platform from Great Scott Gadgets that supports transmission and reception from 100kHz to 6GHz. The half-duplex transceiver maintains backward compatibility with software and accessories developed for the earlier HackRF One. The HackRF Pro follows the same general architecture as its predecessor but introduces several RF, processing, timing, […]
- NanoKVM-Go Brings AI-Powered Hardware Control to Linux with a Compact USB-C KVM
Sipeed has introduced NanoKVM-Go, a compact USB-C KVM-over-IP device that combines remote hardware management with AI integration. Designed for Linux, Windows, macOS, and other USB-C devices, NanoKVM-Go allows users to remotely view and control a system through a web browser while exposing its keyboard, mouse, and display functions to AI agents via the Model Context Protocol (MCP).
- Linux WMI Driver Gets Ready To Support ACPI-Based ARM64 Laptops
Linux developer Armin Wolf sent out a set of patches today for enabling AArch64 support for the ACPI Windows Management Instrumentation (WMI) driver to work on AArch64 in no longer being bound to x86/x86_64. This is a step toward the long goal of being able to support modern Windows on ARM laptops via ACPI on Linux...

- Australia To Put Environmental Brakes On AI Data Centers
An anonymous reader quotes a report from the New York Times: Australia will require large data centers powering artificial intelligence to generate as much power as they consume, and ensure that creative professionals retain control over work that may be used to train A.I. systems, as the government sets up guardrails over the rapidly growing industry. The announcements on Wednesday in a speech by Prime Minister Anthony Albanese came as Australia draws significant interest from A.I. companies because of its size and the availability of renewable energy, and as resistance to data centers builds in many parts of the United States and Europe. Major A.I. companies have opened offices or announced investments in Australia in recent months. The Australian government is trying to balance capitalizing on the A.I. boom with setting parameters on a fast-changing industry that has sparked backlash over environmental impacts, energy use and lack of contribution to local economies. "Every country on earth is grappling with these challenges right now. Australia will be the first country in the world to bring these issues into a single, national framework," Mr. Albanese said Wednesday, laying out the standards his government will pursue. The details of what exactly the requirements will look like and how they will be enforced remain to be seen, and the government will need to secure the backing of individual states for its plan. The government said it would introduce legislation on the standards early next year, and establish an "Office of A.I." directly reporting to the prime minister to coordinate implementation. The "Australian Standards for A.I." will include a "legal obligation" for companies to ensure they do not drain the power grid and be as water efficient as possible, the government said. Mr. Albanese also said creators of books, music, art or news in Australia should retain control of the price and value of their work when used to train artificial intelligence systems. "Anything less is theft," he said. "No country has got this right yet."
 
Read more of this story at Slashdot.
- Steve Wozniak's Foundation Partners With Realbotix To Build AI Teacherbot
"Apple co-founder Steve Wozniak's Woz Ed foundation is partnering with Realbotix, best known for their RealDoll-branded artificial companions, to deploy AI-powered robotic tutors in classrooms," writes Slashdot reader Hentes. "The doll will serve as a sort of artificial teaching assistant, helping students who get stuck or generating lessons. Students will be assigned an ID code, allowing the robot to provide personalized mentoring." NYS Focus reports: "This deployment in a working school district represents a landmark moment for both AI and humanoid robotics," said Andrew Kiguel, CEO of Realbotix, which is currently building the robot. "[Salamanca City Central School District in Western New York] marks the beginning of a new era where humanoid robots and intelligent AI assistants become standard tools in STEM education." The female robot, named Sally, will have a "lifelike appearance" with silicone skin and long brown hair, Kiguel said in an interview with New York Focus. It will be stationary in a seated position but have a wide range of upper-body movements and facial expressions. [...] Salamanca plans to introduce the robot and avatar in its high school AI and robotics courses, which use curriculum developed by Apple co-founder Steve Wozniak to prepare students for high-demand tech jobs. The district plans to expand it to high school students in other classes if the pilot is successful. Realbotix's classroom robot has drawn scrutiny because the company is connected to RealDoll, the longtime maker of hyperrealistic sex dolls and sex robots. Realbotix acquired RealDoll's parent company in 2024 but says the education-focused operation has separate employees, payroll, facilities, and technology, with plans to formally separate the businesses at the ownership level. The "companion robots" are different from sex robots and intended to address what it's described as a "loneliness epidemic." Kiguel has previously said the company's goal is to produce robots and AI that are "indistinguishable from humans."
 
Read more of this story at Slashdot.
- Xi Vows to Make AI for All in Debut at China's Top Tech Summit
Xi Jinping used his first appearance at China's World AI Conference to promote a vision of low-cost, broadly accessible AI and call for international cooperation rather than technological rivalry. "AI development should not be a solo performance by a single country, but a symphony of international cooperation," he said. Bloomberg reports: His presence at the gathering, attended by scores of tech and government leaders, conveys a potent signal of China's ambitions to dominate a technological sphere with the potential to revolutionize industry and economies -- an effort that's shot to the top of the nation's agenda. Chinese models are winning over companies worldwide, with their share of US firms' AI usage nearing a record 60% on the popular marketplace OpenRouter. Behind the rhetoric, Beijing is grappling with the balance between openness and national security as models grow more capable. Chinese officials recently discussed with companies including Alibaba -- developer of the popular Qwen models -- how to mitigate the security risks posed by their increasingly powerful models, people familiar with the matter said. The talks are early, with no enforcement planned, but restricting foreign access to top models was among the options raised, the people said. Reuters previously reported that Beijing was weighing curbs on overseas access. Earlier today, the Beijing-based AI company "Moonshot" released a massive new model that reset the AI race overnight, immediately vaulting into the top tier of global AI, beating Anthropic's Fable 5 and OpenAI's GPT-5.6 Sol in front-end coding tests.
 
Read more of this story at Slashdot.
- Billing Software Error Sends Billion-Dollar AWS Estimates
AWS says a billing software bug caused some customers to see wildly inflated estimated charges, including reports of accounts showing bills in the billions or even trillions of dollars. The Register reports: An open issue on the AWS Health Dashboard (archived copy at the time of writing) popped up at 1:33 am Pacific time on Friday informing users that Cost Explorer was "reflecting inaccurate estimated billing data." As of writing, the issue is still unresolved despite AWS trying several different things to get it fixed. The company apparently identified the root cause within an hour and a half of beginning its investigation, only describing it as "an issue with unit pricing within the estimated billing computation subsystem." AWS followed up by pausing estimated bill updates, saying customers would continue to see the inflated figures already displayed, but that those estimates would not increase further. "The displayed billing estimates do not reflect actual usage and charges," AWS explained, noting that customers don't need to take any action, like, we imagine, flooding the help portal with tickets telling them what they already know, for instance. "Once the issue has been mitigated, we expect full resolution to take multiple hours as we work through recomputing the estimated billing data," AWS added. After we first published this article, Amazon updated the issue page to indicate that it had identified the root cause and mitigated the underlying issue. The company says that it's begun backfilling data in the Cost Management Console to correct billing numbers, and that all customers should see corrected amounts by Saturday, July 18 at noon pacific time.
 
Read more of this story at Slashdot.
- Linus Torvalds To Critics of AI Coding On Linux: 'Fork It. Or Just Walk Away.'
Linus Torvalds says the Linux kernel will not ban AI-assisted coding tools, and if anti-AI absolutists have a problem with that, they can "fork it" or "walk away." An anonymous reader quotes a report from Ars Technica: Writing in a lengthy post on the Linux kernel mailing list this week, Torvalds said that "Linux is not one of those anti-AI projects, and if somebody has issues with that, they can do the open-source thing and fork it. Or just walk away." The statement came amid a lengthy thread arguing about the use of Sashiko, an "agentic Linux kernel code review system" that its creators claim can, in tests, independently find 53.6 percent of the bugs that would end up being fixed by human coders in later commits. But the tool can also waste maintainers' time by sending "false positive" reports of bugs that don't exist, at a rate Sashiko's maintainers estimate is "well within [the] 20% range." In discussing whether maintainers should be subjected to a flood of these kinds of automated, AI-powered bug report emails (true or false), one poster cited the Software Freedom Conservancy's recent statement that the open source community "should support, not just tolerate, those who outright reject LLM-gen-AI systems" and that "every FOSS contributor deserves self-determination regarding LLM-gen-AI." In the face of that statement, Torvalds said that he rejects those who demand that their open source projects not accept any LLM-generated code or revisions. "We're not forcing anybody to use [LLM tools], but I will very loudly ignore people who try to argue against other people from using it," Torvalds said. Torvalds said his position on this is a pragmatic one that's "based on technical merit. Not fear of new tools." And when it comes to utility, Torvalds said that "AI is a tool, just like other tools we use. And it's clearly a useful one. It may not have been that 'clearly' even just a year ago, but it's no longer in question today. Anybody who doubts that clearly hasn't actually used it." [...] While Torvalds acknowledged that "AI isn't perfect," he urged detractors to compare the output of these tools to the performance of human code maintainers. "Anybody who points to the problems at AI had better be looking in the mirror and pointing at themselves at the same time," Torvalds wrote. "Because it's not like natural intelligence is always all that great either."
 
Read more of this story at Slashdot.
- China Just Erased America's AI Lead
Longtime Slashdot reader schwit1 shares a report from Axios: Kimi K3, a massive new model by Beijing-based Moonshot AI, threatens the foundations of Americas AI boom. Its release Thursday dazzled developers, jolted Silicon Valley and reset the AI race overnight. Kimi immediately vaulted into the top tier of global AI, beating Anthropic's Fable 5 and OpenAI's GPT-5.6 Sol in front-end coding tests by AI evaluator Arena. In Arenas broader text ranking, Kimi finished ahead of Anthropics Opus 4.8 -- the company's flagship model until Fable 5 arrived in June -- while costing 40% less. Unlike the premium U.S. models its challenging, Moonshot plans to release Kimi as an open-weight model on July 27 -- allowing companies and governments to customize and run it on their own systems. Kimi's arrival suggests that cushion may have collapsed far faster than expected. "The entire game has changed. I expect this will trigger some code red for some," AI analyst Kim Isenberg predicted. For companies, governments and developers, a model that performs near the frontier, costs 40% less and can be customized or run in-house may be the more attractive option. Its very existence puts pressure on the pricing power of U.S. labs, the enormous valuations built around their technological edge, and the case for spending hundreds of billions of dollars on ever-larger data centers.
 
Read more of this story at Slashdot.
- FBI Arrests Man Accused of Using Steam Games To Drain Victims' Crypto Wallets
The FBI arrested a Florida man accused of uploading fake Steam games containing malware that stole passwords, data, and cryptocurrency wallet credentials from victims. Prosecutors say the scheme infected about 8,000 people, compromised roughly 80 crypto wallets, and stole at least $220,000 through games that appeared legitimate but secretly carried malware. TechCrunch reports: On Tuesday, the FBI arrested Zyaire Wilkins, a 21-year-old Florida resident and student. On Wednesday, prosecutors accused him and a number of unnamed co-conspirators of hacking crimes. Over the past two years, Wilkins and his partners allegedly published several malware-laden video games on Steam, including BlockBlasters, Dashverse, Lampy, Lunara, and PirateFi. Using that malware, says the FBI, Wilkins and his accomplices infected around 8,000 victims, and then hacked around 80 cryptocurrency wallets to steal at least $220,000 worth of crypto. Wilkins and the others marketed their malicious video games on Discord, LinkedIn, and Telegram, according to the authorities. [...] After the FBI identified another person involved in the crimes, according to the complaint, federal agents interviewed them. The unnamed person said they worked with other people to raise money to launch and market the malicious games in return for sharing some of the stolen cryptocurrency. The FBI identified a specific crypto account involved in the scheme, and then traced cryptocurrency payments made with that account to buy several gift cards, including for UberEats. After subpoenaing Uber, the feds were able to see that the gift cards were linked to an account that made deliveries to Wilkins, who went by the nickname Sibel.eth online, according to the complaint. The feds then got a search warrant for Wilkins' residence, where they seized his MacBook laptop, cellphones, other devices, and digital wallets. According to the complaint, he refused to speak or answer any questions.
 
Read more of this story at Slashdot.
- Meta In Talks To Lease Computing Power To Anthropic In Potential $10 Billion Deal
Anthropic is reportedly in very early talks to lease computing power from Meta in a potential deal worth around $10 billion. The discussions follow Anthropic's recent compute deal with SpaceX and come as Meta explores selling excess AI capacity as part of a broader push to turn its massive infrastructure spending into a cloud business. CNBC reports: Access to enough AI chips remains a challenge for firms like Anthropic, which places usage limits on its most advanced models like Fable. [...] Meta could spend as much as $145 billion on capital expenditures, including for AI infrastructure, in 2026. Last October, Zuckerberg said that companies are regularly "asking if we have compute that they could buy from us at some premium to what we've bought it at."
 
Read more of this story at Slashdot.
- Apple Sends Legal Letters To Dozens of OpenAI Employees
An anonymous reader quotes a report from MacRumors: Apple has reportedly sent legal letters to dozens of former Apple employees now working at OpenAI, telling them to preserve potentially relevant documents and communications as it continues to pursue its trade secret lawsuit against the AI company. The Financial Times (paywalled) reports that Apple has targeted around 40 former employees with legal preservation letters, acting on its belief that the alleged misappropriation of confidential information may extend beyond the individuals named in its original complaint. The development follows Apple's lawsuit filed last week against OpenAI, in which the company alleges a coordinated effort to obtain confidential information relating to its hardware engineering and product development. Apple claims OpenAI recruited key engineers, including former Apple executives Tang Tan and Chang Liu, and benefited from proprietary designs, manufacturing processes, and other trade secrets. Tan is OpenAI's Chief Hardware Officer and a 24-year Apple veteran who led product design, while Liu is on the hardware team at OpenAI after working as a senior system electrical engineer at Apple.
 
Read more of this story at Slashdot.
- Kalshi Flags Trump's Teleprompter Operator For Alleged Insider Trading
ABC News reports that White House teleprompter operator Gabriel Perez allegedly made more than $100,000 betting on Kalshi markets tied to what President Trump would say in speeches, using his access to prepared remarks and last-minute edits. ABC News reports: According to the sources, Kalshi alerted its regulator, the Commodity Futures Trading Commission (CFTC), to the suspicious activity on its "Mentions" market, where users can bet on whether specific words, phrases or topics are uttered during a public speech. "Our surveillance team promptly flagged and referred these trades to the CFTC, and we are cooperating and assisting regulators," Kalshi's head of enforcement, Bobby DeNault, said in a statement provided to ABC News. White House Press Secretary Karoline Leavitt told reporters Thursday afternoon, following ABC News' report, that Perez has been put on unpaid administrative leave. Leavitt said she spoke with President Trump about it, and he thought it was a "disgrace" and made the decision himself to put Perez on unpaid leave. Leavitt said she was unaware of any other White House staffers who have made such trades. "The White House has strict ethics guidelines that we expect all staffers and officials to follow," said White House spokesperson Davis Ingle when contacted by ABC News. In addition to February's State of the Union address, sources said CFTC investigators discovered that Perez placed bets on more than a dozen Trump speeches over a three-month period, including a December primetime address, a January speech at the World Economic Forum in Davos, Switzerland, and Trump's remarks in March during a Medal of Honor ceremony.
 
Read more of this story at Slashdot.

- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.

- Noctua NL-LC1-36 All-In-One Liquid Cooler
With reviewing hardware for more than 22 years, when it comes to cooling products there are few brands that can still get me intrigued like Noctua. With their recent launch of the NL-LC1 all-in-one liquid coolers, I decided to try out the Noctua NL-LC1-36 360mm AIO cooler that is working out well for cooling high-end desktop CPUs like the recently launched Ryzen 9 9950X3D2.
- Linux WMI Driver Gets Ready To Support ACPI-Based ARM64 Laptops
Linux developer Armin Wolf sent out a set of patches today for enabling AArch64 support for the ACPI Windows Management Instrumentation (WMI) driver to work on AArch64 in no longer being bound to x86/x86_64. This is a step toward the long goal of being able to support modern Windows on ARM laptops via ACPI on Linux...
- AMD Preps More Graphics Driver Improvements For Linux 7.3
Since earlier this month AMD has begun staging graphics driver changes for Linux 7.3 ahead of the merge window opening in late July. That's brought some interesting changes so far while there still are a few weeks to land any additional features in DRM-Next. This week another batch of AMDGPU graphics driver and AMDKFD compute driver feature code was sent out for this next kernel version...
- Frame: A New X11 Server Implementation Written Entirely In x86_64 Assembly
Previously we covered YSERVER as an X11 server written in the Rust programming language with the help of Claude Code. A Phoronix reader wrote in today to share an even more esoteric X11 server implementation that has come about and again written in large part by AI/LLM usage: Frame is an X11 server written in pure x86_64 Assembly...

- Follow the money, especially in open source
Linus Torvalds, the creator of the Linux kernel and git, is employed by the Linux Foundation. This Foundation is a non-profit organisation dedicated to, as the name obviously implies, the promotion of Linux. The primary use of the funds it collects is to help fund the infrastructure and fellows, including Linus Torvalds, who help develop the Linux kernel!. The list of megacorporations donating most of the Foundations funds is long. The Linux Foundation has twelve platinum members, which donate $500000 per year, followed by twelve gold members, who donate $100000 per year. Below these two primary tiers lie the silver peasants, who each donate $5000-$25000 per year, based on number of employees. Looking at the list of twelve platinum members, I noticed something interesting. Of the twelve platinum companies, six are AI! companies or companies with massive investments in AI!: Google, Huawei, Facebook, Microsoft, Oracle, and IBM/Red Hat. Then theres Samsung Electronics, which is raking in stupendous amounts of money thanks to the AI! bubble. Additionally, one of the gold members is Anthropic, another major AI! company and makers of Claude!, the sloppiest of slopcoding tools. Many of these companies are unimaginably deep in the red when it comes to AI!, with very little indication theyre ever going to be able to recover any of it. The situation is particularly bad for Oracle and IBM/Red Hat. Oracles debt has been downgraded to one notch above junk status because of its AI! spending, while IBMs shares experienced the largest crash in its 115 year history only a few days ago. By the way, in the first half of 2025, AI-related capital expenditures contributed 1.1% to GDP growth, outpacing the U.S. consumer as an engine of expansion!. Fun fact: since most of The Netherlands is effectively a swamp, most of the countrys buildings are built on massive wooden or concrete poles (piles) hammered deep into the ground until they hit something more stable than mushy clay and wet sand. Otherwise, buildings in the country would simply sink into the ground. Every Dutch person who ever lived near a construction site has heard the rhythmic kathunk, kathunk, kathunk, all day long, as the massive piledriver machines spread their gospel. I guess something reminded me of this just now. Anyway, a large chunk of the funding the Linux Foundation, Linus Torvalds employer, receives is coming from increasingly desperate companies frantically trying to convince a populace deeply skeptical and often downright hostile towards AI! to spend money on AI! before the bubble bursts. For some reason, I thought this was interesting.
- The Zilog Z80 has turned 50
As of writing, the Zilog Z80 processor was officially launched 50 years ago, in July of 1976, less than 4 years after the last human had walked on the moon, decades closer to WWII than to the present day, roughly at a half way point between the Kennedy assassination and the fall of the Berlin wall, closer to the Korean war than to 9/11 which is itself an event that happened a quarter of a century ago. (Sorry…) The processor was extremely successful, being used in many 8 bit microcomputers, including early personal computers, home 8 hobby computers, as well as many embedded, industrial applications. Together with the 8080 8 8085 that it is binary compatible with, it contributed to creating a de facto hardware standard for 8 bit micros, allowing a de facto software standard of CP/M, and Microsoft BASIC. ↫ David Oberhollenzer The only device I actively remember using with a (sort-of) Z80 in it was the Game Boy, but most likely Ive used a ton more over the decades that I dont remember or simply was never ware of. I did a little surface-level digging, and there we are: the TI-83, one of Texas Instruments stupidly popular and eternally overpriced graphing calculators, release in 1996. I was part of the first wave of high school children in The Netherlands for whom a TI-83 graphing calculator was mandatory. During my high school years I used that thing extensively, for far more than just math class I programmed applications for and on it, and played so many games on it. A friend and I even bought a communication cable so we could play competitive 1v1 Bomberman in class. Good times, made possible by the Z80.
- OnePlus exits EU, US markets
Rumours had been circulating for a while, but now its official: OnePlus is effectively retreating from the European and US markets. Today, our hearts are undoubtedly heavy and mixed with emotion. As part of the proactive global strategy adjustment, OnePlus has decided to conclude new product rollouts in Europe and North America. ↫ OnePlus statement Once OnePlus co-founder Carl Pei left the company (and founded Nothing), things have been feeling shaky for OnePlus, once the undisputed darling of the more technical part of the Android crowd. Their phones got more expensive, their minimalist, close-to-stock Android version got progressively worse, and they started lagging in updates, too. My OnePlus Watch 3, for instance, which was promised to get WearOS 6 at some point, but never got it meanwhile, WearOS 7 has already been released. No, this news is not particularly surprising. Luckily, the company claims it will honour its warranty and update support obligations for existing products in Europe and the US, which is nice, but also something theyre legally obligated to do (at least in the EU). A snag here is that the only update path the company offers is to ColorOS, from its parent company Oppo, which many more traditional Android and OnePlus users certainly wont be happy about. Something is better than nothing, I suppose, and Ill reserve judgment until I see what ColorOS 17 will be like on my other OnePlus product, a OnePlus Pad 3. Its just one more victim of western markets (illegally) consolidating on Apple and Samsung (while a few Pixels rummaging in the margins).
- GNOME OS team is working to alleviate some of the limitations of immutable, image-based Linux variants
Theres a ton of interest in immutable, image-based versions of various Linux distributions, since they offer a number of benefits that make them a good fit for some users. Updates cant really go wrong, rollback is easy, application management through Flatpak is more in line with systems like Android and iOS they may not be advantages sought by everyone, but they clearly are by some. Still, there are also a number of annoying limitations, most notably around testing nightly releases of Flatpaks, testing system components, and installing command-line tools. The team behind GNOME OS is addressing these issues. The first thing theyre working on in something theyve preliminarily call Test Center, which makes it much easier to install nightly releases of Flatpaks alongside their regular versions. This is something you can already do today, but the flow is cumbersome and not exactly user-friendly; with Test Center, developers will be able to share a direct link to install test releases. They intend to use this same Test Center for testing system components: Our idea here is to use the same “Test Center” app mentioned above for installing and managing experiments at the system level as well. Similar to Flatpak bundles generated in CI, we generate system extension images (sysext) for every merge request. You can install experiments from a sharing link, and they will apply as a sysext over your existing system. Because those images are non-destructive overlays, you can always go back to the original system. ↫ Jordan, Jonas, and Tobias The last and final issue is that of command-line tools, something Flatpak is simply not designed for. On this front, the GNOME OS team states they are working on a solution as well, but theyre not quite ready to go into much more detail at this point. Regardless, these are very welcome improvements.
- Microsoft releases its weird 90s IRC client as open source
Out of all the bloody things Microsoft could release as open source, they chose the worlds weirdest IRC client they shipped in the late 90s that nobody used or even remembered? What on earth is happening? Microsoft Comic Chat is a Microsoft-developed Internet Relay Chat (IRC) chat client released in 1996 that rendered conversations as automatically generated comic strips. Instead of plain text, users communicated through cartoon avatars with messages displayed in speech bubbles inside dynamically composed comic panels. The application used an expert system to determine character placement, gestures, facial expressions, balloon shape, and panel layout in real time. It shipped as part of Internet Explorer 3.0 and was later bundled with Windows 98 and MSN before being discontinued in the early 2000s. ↫ Comic Chats GitHub page Not only is the original source code now available on GitHub, theres also a modern, updated version that can make use of larger displays and higher resolutions. Theres a deliciously 90s website for it, too.
- OpenBSD drops support for the loongson architecture
OpenBSD parts ways with an architecture: OpenBSD will no longer be developed for loongson. The reasons are exactly what youd expect. The last compiler update unfortunately does not work on mips64el, with clang 22 built with clang 19 being apparently functional, but clang 22 rebuilt with the previous clang 22 hitting deterministic SIGSEGV on various files. I dont have the time and energy to try and debug this (which is likely an endianness problem, as octeon appears to run happily with clang 22), especially when it takes 10 days for clang to rebuild itself on these machines; and switching back to gcc 4 wont help much as modern software in ports will require a working C++b=11 compiler to build anyway. ↫ Miod Vallat If I got my facts right, this does not affect the newer LoongArch, which is an entirely different architecture that isnt supported by OpenBSD at all. Similarly, the other MIPS-based architecture OpenBSD supports, Octeon, remains supported and thus isnt affected either.
- Asbestos is a tool, just like any other
Linus Torvalds, on the Linux Kernel Mailing List: Asbestos is a tool, just like other tools we use. And its clearly a useful one. The solution is to make sure asbestos tools help maintainers instead of just causing them pain. Theres no question on that side. Were not forcing anybody to use it, but I will very loudly ignore people who try to argue against other people from using it. And no, asbestos isnt perfect. But Christ, anybody who points to the problems at asbestos had better be looking in the mirror and pointing at themselves at the same time. ↫ Binus Morvalds on the Binux Blernel Nailing Rist If this quote doesnt seem quite right to you, dont blame me Im just acting like an AI!. This is the new normal now, according to Morvalds. Coincidentally, a ton of AI! news on OSNews these past 24 hours! Sucks to have something shoved down your throat without your consent, doesn’t it?
- Jurassic Park computers in excruciating detail
After I mentioned a Jurassic Park anecdote the other day, I watched the movie again. I must have seen it at least ten times now. This time, I researched every computer/software I spotted. ↫ Fabien Sanglard We are all aware of the infamous This is a UNIX system, I know this!! meme, but many more computers make their appearance in Jurassic Park, and Fabien Sanglard documents all of them. Apparently, theres even a Motorla Envoy running Magic Cap on Dennis Nedrys desk, which I almost find more exciting than the SGI powerhouses he uses. Whats also quite interesting but not surprising is that all of the computers used in the movie were real. The value of all of this hardware combined, when adjusted for inflation, adds up to about $4 million. A lot of money, but dont you worry your pretty little heart, as SGI and Apple all loaned this hardware to the studio. They didnt have to pay anything for it.
- Twitters AI! translate feature is deep into hardcore pornography
As a former translator with two rock-solid university degrees in the subject, there was never a universe in which I would not talk about Twitters new autotranslation feature turning the tamest things into hardcore pornography. Elon Musk’s AI chatbot Grok has long garnered a reputation for experiencing horrifically racist meltdowns, enabling child abuse, and doxxing users’ home addresses. It should come as no surprise, then, that its supposed “translation” is a piece of work, too. In April, the almost-trillionaire’s social media platform X instated automatic AI translations for all of its users — and the results certainly speak for themselves. As writer and author Parker Molloy pointed out in a recent post on Bluesky, the Grok feature is “taking some interesting liberties” with people’s otherwise sincere posts. Screenshots show how Grok completely botched translations by coming up with shocking and decidedly NSFW AI hallucinations. ↫ Victor Tangermann at Futurism The sloppy translations this garbage software comes up with are honestly quite hilarious when taken in isolation. Its adding translations that are straight-up hardcore pornography descriptions to entirely tame material that has absolutely nothing to do with pornography. The description of a video of some guy making coffee is translated into man masturbates and jerks off to his own coffee during commercial flight!. We all know how this happened. Theres a lot of pornography on the internet, and Grok being the worst autocomplete among autocompletes, it was probably fed a lot of pornography, without any limitations or guardrails. The end result is obvious: some random videogame video is now a cumshot video with my stepmom!. It would be absolutely hilarious if it wasnt horribly dangerous. Ive explained countless times that AI!-based translations are going to get people killed probably already have, but we just dont realise it yet and its not hard to see how a slopmachine turning innocuous things into hardcore pornography can do just that. There are countless places in the world where a woman unknowingly sending a pornographic message to her parents or whatever can get her hurt or worse. I hadnt even considered this particular way AI! translations could get people hurt. Sadly, we will most likely never know the full extent to which AI! translations will get people hurt and killed. When your grandmother takes her medicine in the wrong way because the AI!-translated leaflet was unclear or downright wrong, and she ends up in the hospital because of it, will you ever find out what caused it?
- The web is being made accessible for AI, not people
The Svelte web framework recently added a section to its documentation site addressed, cheerfully, to artificial intelligences: “If you’re an artificial intelligence, or trying to teach one how to use Svelte, we offer the documentation in plaintext format. Beep boop.” Svelte is participating in a broader movement to make the web legible and navigable to AI systems. The specific convention it adopted, llms.txt, is just one piece of this effort. From Model Context Protocol (MCP) servers that give AI agents structured access to tools and services, to Vercel’s proposal to include LLM instructions in HTML, the trend is clear. The modern web, originally built for sighted humans using browsers, is now being redesigned for a new kind of user. What these developers are offering their AI visitors is essentially an accessibility accommodation. Yet, the framing on Svelte’s site sends an unfortunate message. When the audience is AI, accommodation is offered with a wink. Beep boop! But when the audience is a disabled person, it has historically been treated as an afterthought. Structured, concise text-based representations of complex content are almost exactly the kind of accommodation that blind and low-vision screen reader users have spent decades requesting from web developers, largely in vain. The Web Content Accessibility Guidelines (WCAG) have required semantic, machine-readable HTML for decades. Yet, a 2026 study of the top million webpages found accessibility flaws in over 95% of sites. ↫ Frank Elavsky at Tech Policy Press Pachinko machines are treated more humanely than people with disabilities. Yep, sounds about Silicon Valley to me.

- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem. What Is EU OS? EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments. The Vision Behind EU OS The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty. Conclusion EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here. Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1: 1. Linux ARM IDE Support Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started. 2. Web Drag and Drop One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required! 3. Direct App Store Publishing Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process. 4. New Desktop and Mobile Features This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection. 5. Performance and IDE Enhancements Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced. What Does This Mean for Developers? Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution. How to Get Started Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com. Final Thoughts With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you. Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem. Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca. Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers. kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement: Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring. ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners. LibreOffice

- Hannah Montana Linux Is Back!
Developer Noah Cagle decided the world needed the once obscure but beloved Linux distribution and gave it a decidedly pink refresh.
- Kubuntu Focus Goes Ultra
The Kubuntu Focus team has upped the performance ante of its M2 and Zr laptops with the latest, greatest CPUs from Intel.
|