Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

NEXT MEETING

What's New

Introducing Ubuntu Phone

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All/All+Images) (Single Column)

LinuxSecurity - Security Advisories











LWN.net

  • [$] Open-source security is not a solo activity
    Over time, many open-source maintainers face the same problem: theylack the time to do all of the work that their project needs, and noone else is stepping up to provide adequate help. Maintainers, though,are often reluctant to throw in the towel. The result is suboptimalall around; the maintainer is stressed out, project quality suffers,and users face security risks that they may not be fully aware of. Atthe 2026 OpenSource Summit North America, Robin Bender Ginn spoke about thisproblem, when it might be time for maintainers to pass the torch, andthe responsibilities of users.


  • [$] BPF in the agentic era
    Alexei Starovoitov gave "less of a presentation, more of a scream ofrealization" at the BPF track of the 2026Linux Storage, Filesystem,Memory-Management, and BPF Summit. He shared a set of ideas for how BPF couldchange to avoid being swept away by the sea-change in programming represented by modernlarge language models (LLMs) and the coding agents based on them.In a follow-up session, the discussion coveredmore problems with how coding agents use tools like bpftrace, and the current deluge ofpatches in need of review in the BPF subsystem.


  • Tridgell: rsync and outrage
    Andrew Tridgell has written a blogpost responding to complaints that he has begun using LLM tools inhis work maintaining rsync:

    Like many developers of open source packages I've been hit by aflood of security reports lately in my role as the rsyncmaintainer. Many of those reports are AI generated (not all though,there are some notable ones with very careful and high quality manualanalysis).

    As this flood started to get more intense I realised I needed toraise the defences on rsync a lot — we needed much more thorough testsuites, code coverage analysis, CI testing on a lot more platforms,deliberate and thorough scanning for possible security issues (so Ifind at least some of them before other people!) and the addition of awhole lot of defence-in-depth hardening techniques.

    [...] Now to the future, because we're not done yet by a longshot. The security reports keep rolling in. I'm working on a bunch ofCVEs right now. Luckily I've been joined by some other very gooddevelopers with great systems development skills and securityknowledge. Some of these people came to my attention partly because ofall the rage happening at the moment, so I get some rage storm cloudshave silver linings. Watch out for some credits for some great newrsync developers in the next release.



  • Security updates for Wednesday
    Security updates have been issued by Debian (php-twig), Fedora (hplip, python-wsgidav, roundcubemail, and xorg-x11-server), Oracle (compat-openssl10, httpd:2.4, and kernel), Red Hat (osbuild-composer), SUSE (busybox, cloudflared, cockpit, cups, ffmpeg-4, gnutls, google-osconfig-agent, helm, hplip, kernel, kubelogin, libjxl, libsoup, libunbound8, LibVNCServer-devel, mapserver, nvidia-open-driver-G06-signed, nvidia-open-driver-G07-signed, openssh, python-idna, qemu, rqlite, shadowsocks-v2ray-plugin, ucode-intel, unbound, vim, vorbis-tools, and xorg-x11-server), and Ubuntu (age, dovecot, editorconfig-core, gobgp, libapache-mod-jk, libcommons-lang-java, libcommons-lang3-java, libeconf, linux, linux-aws, linux-aws-6.8, linux-aws-fips, linux-azure, linux-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-nvidia-tegra, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8, linux, linux-aws, linux-azure, linux-azure-6.17, linux-hwe-6.17, linux-nvidia-6.17, linux-oem-6.17, linux-oracle, linux-oracle-6.17, linux-raspi, linux-realtime, linux-realtime-6.17, linux, linux-aws, linux-gcp, linux-ibm, linux-nvidia, linux-oracle, linux-raspi, linux-realtime, linux-aws-6.17, linux-gcp, linux-gcp-6.17, luanti, mysql-8.0, mysql-8.4, node-tar-fs, and unbound).


  • [$] Caching for extended attributes
    Extendedattributes (xattrs) provide a way to attach key/value metadata toinodes—files, directories, and the like—in a filesystem. As with manyLinux filesystems, the FUSE filesystemsupports xattrs. In a filesystem-track session at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, FUSE maintainer MiklosSzeredi led a discussion about caching xattrs in kernel memory; he wouldlike to create some common infrastructure that could be used by FUSE andshared with other filesystems.


  • [$] Trying to make sense of package-manager metadata
    Package managers for operating systems and programming languages have beenaround for decades. Each package manager, and its accompanying packaging format,has been shaped by the needs of its respective ecosystem, but there is a growingneed to make use of package metadata for more than software management: forexample, in vulnerability scans, software bills of materials (SBOMs), and more. OnMay 19, Damián Vicino spoke at the Open Source Summit North America 2026about his experiences in the past year trying to make sense of the variedmetadata provided by more than 20 package managers.


  • Vim Classic 8.3 released
    Version8.3 of Vim Classic has beenreleased. This is the first release of the Vim fork since the projectwas announcedin March.

    This release is based on Vim 8.2.0148, with a number of bug fixesand patches conservatively backported from future versions of Vimupstream. We elected to clean up this version of Vim, prepare it for arelease, and imagine an alternate history where Vim 8.3 was releasedwithout Vim9 script. The result is Vim Classic 8.3. We chose to takethis approach in order to reduce the long-term maintenance burden ofVim Classic, acknowledging that our fork lacks the resources andinstitutional knowledge available to Vim upstream. However, aconsequence is that there are some Vim plugins which are notcompatible with Vim Classic.

    We have made a special effort to assess patches from Vim upstreamwhich mitigate some of the many CVEs affecting Vim which werediscovered and fixed between versions 8.2 and modern-day Vim, but wecan't be sure we've got all of the security patches which areapplicable to Vim Classic (and practically exploitable). This versionof Vim Classic is therefore recommended for early adopters who arecomfortable adopting a security posture which accounts for the factthat we may have overlooked some bugs.

    LWN covered VimClassic and another Vim fork, EVi, in April.



  • Security updates for Tuesday
    Security updates have been issued by AlmaLinux (php:8.2 and php:8.3), Debian (gst-plugins-good1.0, symfony, and yelp), Fedora (dovecot, freeipa, hplip, libpng, perl-Catalyst-Plugin-Authentication, postfix, samba, unbound, and vim), Mageia (assimp, libcaca, sdl2_sound, and tar), Slackware (kernel), SUSE (alloy, apache-commons-lang3, apache-commons-text,, apache2, bubblewrap, busybox, chromium, cups, docker-stable, ffmpeg-8, google-osconfig-agent, gsasl, ignition, java-26-openjdk, kernel, libsolv-demo, libsoup, libzypp, localsearch, openjpeg2, postgresql-jdbc, putty, python-mistune, python-Pillow, python-python-multipart, python-Twisted, python3-Twisted, re, roundcubemail, vim, wireshark, and xz), and Ubuntu (evolution-data-server, exim4, gsasl, haveged, lcms2, libreoffice, linux-aws, linux-lts-xenial, linux-lowlatency, linux-nvidia-tegra, nginx, nncp, qtdeclarative-opensource-src, sslh, sssd, and xz-utils).


  • Ombredanne: An AI agent ported our codebase from Python to Rust
    Over on the AboutCode blog, leadmaintainer Philippe Ombredanne writesabout an agentic LLM system porting the ScanCodeToolkit to Rust. In the process, the LLM (or the people behind it)infringed the ScanCode trademark, stripped copyright and license notices,"and started an outreach campaign, without ever engaging the AboutCodecommunity". Ironically, the toolkit is used to scan source code and binaries inorder to figure out licensing and copyright information; it also reports onpackagedependencies, vulnerabilities, and more.This is worth repeating: A comprehensive test suite, decent documentation, and curated datasets is what makes automated porting possible. It is also what makes a codebase easier to replicate without understanding it.
    The agent's initial approach, using an existing Rust license-detection library, failed to match ScanCode's output quality. The agent then did what any translator would do when a loose paraphrase fails: it copied the original more closely. The final port reproduces ScanCode's core algorithms, code organization, and data-driven architecture in Rust, not because the agent understood them, but because it had enough training data and test feedback to converge on equivalent code.


  • [$] Representing the true signatures of kernel functions
    Optimizing compilers can, under some circumstances, infer when a parameter to afunction is not needed, and remove it. This is all well and good until thekernel's tracing or BPF subsystems need information on how to call the functionor where its arguments are stored.Alan Maguire and Yonghong Song spoke at the 2026LinuxStorage, Filesystem, Memory-Management, and BPF Summit about their work onrecording information regarding changed function signatures in the kernel's BTF debugginginformation, to better support tracing such functions.



LXer Linux News



  • (Updated) Orange Pi Unveils AI Station with Ascend 310 and 176 TOPS Compute
    Orange Pi closes the year by unveiling new details about the Orange Pi AI Station, a compact board-level edge computing platform built around the Ascend 310 series processor. The system targets high-density inference workloads with large memory options, NVMe storage support, and extensive I/O in a small footprint. The AI Station is powered by an […]



  • #Commit History: Tell Us About Your First Commit
    Maybe it was a one-line typo fix in the docs. Perhaps it was a package you’d been maintaining in secret for months before you finally submitted it. Maybe it was completely terrifying, or maybe it just felt like the most natural thing in the world. Whatever it was we want to hear about it. Ahead […]





  • From Antarctica to FPL : Jef Spaleta on Leading Fedora Into Its Next Chapter
    Flock to Fedora is more than a conference – it’s where the Fedora community comes alive. As part of the “CommitHistory” campaign, we sat down with confirmed Flock 2026 speakers to hear their stories: what brought them to Fedora, what Flock means to them personally, and what they’re hoping for in Prague this June. This […]


  • Canonical Now Considers Their Steam Snap For ARM64 To Be Stable
    At the beginning of the year Canonical announced a Steam Snap package for Ubuntu ARM64 that leverages the FEX emulator for running x86/x86_64 games on ARM64. After months of testing and improvements, they now consider their Steam Snap for ARM64 to be stable...


Linux Insider"LinuxInsider"












Slashdot

  • Google Launches 'Gemma 4 12B' AI Model That Can Run On Your Laptop
    Google has launched Gemma 4 12B, a 12-billion-parameter open AI model designed to run locally on your laptop without depending entirely on cloud infrastructure. WION reports: According to Google, the new model delivers performance close to much larger AI systems while requiring significantly less memory. The company says Gemma 4 12B can run locally on devices equipped with just 16GB of VRAM, making advanced AI more accessible to developers, researchers and businesses. The launch highlights a growing trend across the AI industry: bringing powerful AI models directly to personal computers instead of relying solely on remote data centers. Gemma is Google's family of open AI models built using technology and research from its Gemini program. The new Gemma 4 12B model contains 12 billion parameters and has been designed to handle multiple types of information, including text, images and audio. Unlike traditional AI systems that focus only on text, Gemma 4 12B can understand visual content, process audio inputs and perform advanced reasoning tasks. This makes it suitable for a wider range of applications, from software development and content creation to research and automation. Google says the model is available under the Apache 2.0 licence, allowing developers and organizations to use, modify and deploy it with relatively few restrictions. [...] One of the most significant technical changes in Gemma 4 12B is its new unified architecture. Traditionally, multimodal AI systems use separate components known as encoders to process images, audio and text before combining the information. Google says Gemma 4 12B removes the need for separate multimodal encoders. Instead, the model processes different types of information through a unified architecture. According to the company, this helps improve efficiency while reducing memory requirements and computational overhead. The result is a model that can deliver advanced multimodal capabilities while remaining small enough to run locally on modern hardware.


    Read more of this story at Slashdot.


  • Google Shares Fitbit Air Blueprints So Anyone Can 3D-Print Accessories
    Google has released (PDF) technical specs and 2D CAD drawings for the Fitbit Air to encourage users to make their own accessories. "These CAD drawings include crucial mating dimensions, tolerances, and mating force specifications -- including attach and detach force -- to help you build a high-quality accessory band," Google says on a store page listing. 9to5Google reports: Noting how the "community has already come up with innovative and creative new ideas to make the Fitbit Air [their] own" since launch last month, Google is "officially releasing the hardware specifications and accessory design guidelines for the Fitbit Air tracker to the public." For example, owners have already found their own bicep band solutions. This information would typically just be available for third-party accessory companies, but Google wants to open things up to "independent designers and artisan makers." The Google Store page also lists other things developers should keep in mind, such as sensor clearance, sensor pressure, secure retention, and skin-friendly materials.


    Read more of this story at Slashdot.


  • Microsoft Plans Linux Tools, RTX Spark Desktop For Windows Devs
    An anonymous reader quotes a report from Ars Technica: Microsoft's Build developer conference kicked off today, and as with almost everything the company has done in the last few years, Microsoft's opening keynote focused overwhelmingly on AI and other closely related technologies. [...] On the hardware front, we didn't get any updates for existing Surface devices (not counting yesterday's Surface Laptop Ultra announcement), but we did get something new: the Surface RTX Spark Dev Box is "a compact developer PC" built around Nvidia's new RTX Spark chip with up to 128GB of built-in memory. The Dev Box looks a little like a cartoon anvil or piano fell onto an Xbox Series X and flattened it. Its aluminum casing was designed "to double as a heatsink," and its preloaded version of Windows 11 Pro will include a "purposeful" set of developer-centric default settings and preinstalled tools. This is a follow-up of sorts to the Windows Dev Kit 2023, also known as "Project Volterra." This Qualcomm Snapdragon 8cx Gen 3-powered PC was essentially the system board from a Surface Pro tablet stuffed into a plastic box, and it was introduced alongside Arm-native versions of several Microsoft developer tools. It helped to set the stage for the Arm-based flagship Surface devices that launched the next year, which benefitted from a better and faster x86-to-Arm code translation technology called Prism and a greater number of Arm-native third-party apps that didn't need to be translated in the first place. Microsoft didn't announce pricing or specific specs for the RTX Spark Dev Box, but you can probably expect it to cost quite a bit more than the $600 that Project Volterra did. Hopefully, Microsoft can keep the price at least somewhat lower than the $4,699 asking price for Nvidia's similarly specced DGX Spark box. On the software side, several developer-centric changes are coming to Windows 11, particularly for users of the Windows Subsystem for Linux (WSL). Microsoft is introducing a Windows-native version of the coreutils command line tools, so that commands or scripts made for Linux work within Windows and the other way around; the ability to run WSL inside of containers, said to be arriving in "the coming months"; and something called Windows Developer Configurations that uses the WinGet tool to quickly set up "a distraction-free dev environment with VS Code, GitHub Copilot, WSL, PowerShell 7 and developer-optimized settings with one command on any Windows 11 device." Microsoft also introduced Microsoft Execution Containers (MXC), as "enterprise-grade sandboxed environments" that let AI agents like OpenClaw operate on Windows without getting unrestricted access to the whole system. In theory, MXC could let organizations enforce agent-specific limits, such as blocking access to personal accounts, separating work and personal data, or requiring permission before deleting files. The MXC GitHub repo also notes support for "multiple containment backends," meaning the same sandboxing concept could apply beyond AI agents to other plugins, tools, and workloads. Further reading: Microsoft Unveils Scout, an Autonomous AI Agent Built On OpenClaw


    Read more of this story at Slashdot.


  • Meta Workers Can Opt Out of Workplace Tracking for Up to 30 Minutes
    Meta is scaling back parts of its employee tracking initiative after staff objected to software that collected mouse movements, clicks, keystrokes, and other actions for AI training data. According to Reuters, the company will now let workers pause collection for up to 30 minutes and request exemptions. Reuters reports: [Stephane Kasriel, a vice president in Meta's AI model-building Superintelligence Labs unit] said the team behind the software had also introduced "several optimizations" to reduce its impact on computer battery life, after employees complained it was consuming so much data it was causing their home internet usage to spike. "While we remain confident in the privacy protections we put in place at launch, which went through several layers of risk review, we have heard your concerns about personal data on work devices, battery life, and wanting more control over when capturing happens," Kasriel said in the memo.


    Read more of this story at Slashdot.


  • Microsoft Claims New Quantum Chip 1,000 Times Better Than Before
    Microsoft says its new Majorana 2 quantum chip is 1,000 times more reliable than its predecessor, with qubits lasting about 20 seconds instead of milliseconds, and claims it could have a commercially useful quantum machine by 2029. The BBC reports: "We will have a quantum machine in 2029 that can solve commercially viable, reasonable problems," said Zulfi Alam, corporate vice president of Microsoft Quantum. That would still require huge further advances as such a device would require millions of qubits - the current chip, Alam said, has 12. Assessing the firm's claims are difficult because it does not release the full details of what it has discovered publicly, citing commercial confidentiality. Microsoft has spent 20 years pursuing an approach to quantum computing known as "topological." The firm's approach to this is based on exploiting the properties of a so-called quasi-particle, which had existed only in theory, since it was first predicted in the 1930s by Italian physicist Ettore Majorana. To do this it had to exploit a novel state of matter - different from the three familiar states of liquid, solid or gas. Paul Stevenson, a physics professor at the University of Surrey, said the tech giant's timeline sounded plausible - if its research lived up to its claims. "Microsoft appears to have made a leap in their attempt to produce viable topological qubits," he said. "If they succeed, they will leap from being a player with no production quantum computer, to being a serious player in the race to make the next generation of fault-tolerant machines."


    Read more of this story at Slashdot.


  • Android Gets Fake Call Detection That Uses RCS
    An anonymous reader quotes a report from 9to5Google: Phone by Google wants to combat the "growing threat of impersonation scams" and protect Android users against "sophisticated, AI-powered deepfake attacks" with fake call detection. [...] Fake call detection requires that both parties are on Android and use the Phone by Google app, while Google Messages and Google Contacts also have to be installed. When a contact calls, their phone "sends a silent confirmation signal in real time to your device to verify the call is legitimate and truly coming from the contact's device." This digital handshake uses end-to-end encrypted RCS (Rich Communication Services). If you're being scammed by an impersonator, your phone will notice that the "initial confirmation signal will be missing," and ping the contact's real device to double-check. If their real device says, "I'm not making a call right now," you'll get a warning on your screen advising you to hang up immediately. This feature will be available globally on Android 12+ phones starting with Pixel devices this month. Fake call detection is enabled by default but can be turned off at any time. Google says it's "possible for other apps and device manufacturers to adopt this technology" given the RCS underpinnings. You can learn more about fake call detection in Google's blog post.


    Read more of this story at Slashdot.


  • Thanks To Robots, Ukraine Is Now Talking About Winning, Not Just Surviving
    fjo3 shares a report from Defense One: A small but growing number of European officials and analysts are saying what four years ago was unthinkable: Ukraine isn't just surviving its grueling war with Russia, it is in some ways thriving and may even be on a path to victory. This isn't yet captured in headlines -- for example, about last weekend's barrage of Russian drones and missiles around Ukraine -- but in the details, like how some 90 percent were intercepted. Several long-term trends have shifted in Ukraine's favor, and the core reason is its fierce focus on AI and robotics. In the crucible of war, Ukraine has developed drones and ground robots that can hold territory -- even take it back. Some are fully controlled by humans, like supply robots and medical-evacuation vehicles. But an increasing number are controlled in at least some aspects by dozens of AI products, from guidance packages on aerial drones to decision aids at the highest levels. [...] Just as important as the tech are the new tactics. Given unusual latitude to experiment, Ukrainian fighters began to develop robot-forward infantry concepts, like combined-arms attacks by airborne and ground systems, "more than a year ago. Right now, we're massively starting to implement this," said Davyd Aloian, deputy secretary of the National Security and Defence Council of Ukraine, the coordinating body on domestic and international security, in an interview. Ukraine and its partners are also steaming ahead on new concepts for highly autonomous defenses against Russian drones, combining ISR sensors and AI to detect and identify enemy drones in less time and with more certainty. "All of the systems are being linked with each other and with people" to create a distributed network with interceptor drones at various locations to be activated when needed, Aloian said. "One day we will have only like 10 guys who are just going to be responsible for approving interception. And it will automatically go direct to the target." The human operators will be dispersed as well. "Everything can be controlled from Kyiv, Lviv, from cities in other countries," he said. "It's not what happened to Ukraine" (referencing Russia's barrage of Shahed drones) that "should scare us in Europe," said Swarmer CEO Serhii Kupriienko. It's how quickly Ukraine's "middling" military evolved to counter Russia's invasion. "We are behind by literally 10 years or 20 years" in some defense-technology areas, such as satellite imagery, Kupriienko said, and yet his country has climbed a capability curve that just two years ago seemed insurmountable. So could others, he said. "The answer is always AI solutions and integrating the AI into even the daily routine work within the bureaucracy," he said. "We have evolved since 2022, the industry has and our defense has as well. Right now we are able to provide not only [large quantities of drone] assets but everything what is needed to build out the ecosystem," including parts and production, training, modification, etc. Aloian said.


    Read more of this story at Slashdot.


  • Trump Administration to Dismantle Ocean Monitoring System
    The Trump administration is moving to dismantle the National Science Foundation's $368 million Ocean Observatories Initiative, a network of more than 900 deep-sea instruments used to monitor ocean currents, marine ecosystems, carbon absorption, heat waves, fisheries, coastal flooding, and climate change. The NSF said it would send ships in June to begin the removal of the instruments anchored off Oregon, Washington, Alaska, North Carolina, and an area between Greenland and Iceland known as the Irminger Sea. The New York Times reports: The ocean observation system began operating in 2016 and was expected to continue for 25 years. Jim Edson, a marine meteorologist who led the Ocean Observatories Initiative, called it "the world's most advanced continuously operating ocean observing systems." When it was first proposed, the science foundation said it was important to have a long-term presence at scientifically important sites in the Atlantic and Pacific oceans. Removing the instruments could take 15 months. Seismic instruments positioned around an active underwater volcano off Oregon will continue operating until 2028. Each observation station consists of several moorings that secure long arrays of devices connected to wires. The devices measure ocean currents as well as chemical and biological conditions from the water's surface down thousands of feet. The instruments were hardened to resist the pressure of the deep ocean, corrosive seawater as well as marine plants and animals that can foul electronics. Remotely controlled robotic vehicles and gliders around the moorings collect and transmit data to research laboratories. It cost $48 million annually to operate the network. The Trump administration repeatedly tried to shutter it, proposing to cut its funding by 80 percent in both 2025 and again in 2026. Congress pushed back, restoring the money. To try to reduce costs, managers turned off some of the instruments and collected less data, according to a December 2025 presentation about the observatories at the annual meeting of the American Geophysical Union, a nonprofit organization of scientists. Still, the science foundation moved ahead to decommission the observatory network.


    Read more of this story at Slashdot.


  • Microsoft's Project Solara Is an OS For Devices That Run AI Agents Instead of Apps
    An anonymous reader quotes a report from GeekWire: A team inside Microsoft has been quietly building a platform for devices that run AI agents instead of apps, based on Android instead of Windows, with two working hardware designs so far, and an initial set of big-name companies lined up to run pilots. The platform, dubbed "Project Solara," is Microsoft's bet that AI will open up entirely new scenarios for computing -- using agents to avoid the constraints of traditional software, and off-the-shelf components to develop new devices quickly and inexpensively. [...] The company unveiled Solara on Tuesday at its Build conference in San Francisco, describing it as a new platform that spans from chip to cloud. GeekWire got a behind-the-scenes look at the project during a briefing last week in Redmond, including demos of the first two concept devices based on the platform: - A desktop hub that sits beside a PC and responds to voice commands, signs users in using facial recognition, and surfaces the day's most pressing items. With a monitor attached, it becomes a full Windows machine running in the cloud. - A wearable badge that reimagines the standard employee ID card. A fingerprint button wakes an agent in one press; a single tap records and transcribes a conversation; and a built-in camera lets the agent act on what the user sees. Microsoft says it won't ship these devices itself. Instead, it envisions hardware makers and other industry partners turning the reference designs into implementations of their own, each intended for a specific industry, company, or scenario. For example, in one demo shown by the company, the high-tech badge ran on agents designed for use by a health-care worker, including the ability to scan a patient's QR code, record and transcribe the visit, log vitals, and start a prescription. In another application of the same badge, the built-in camera scanned a brainstorm board with ideas for an office revamp, and made a suggestion: add some plants. The two devices are a starting point. The bigger opportunity, the company says, is all the tasks and workflows where a PC or phone gets in the way or isn't practical to use. [...] In the coming months, companies including AccuWeather, Best Buy, CVS Health, Levi's, and Target are expected to begin pilots of devices based on the reference designs. The operating system is the Microsoft Device Ecosystem Platform, or MDEP, an enterprise version of Android that Microsoft developed for devices including Teams meeting-room hardware. The company says it chose MDEP over Windows deliberately, to run on smaller, lower-power devices while keeping the management and security features IT departments expect: patch and over-the-air updates, device integrity, Microsoft Defender, Intune, and Entra ID sign-in. While the project is still in the early stages, Microsoft CEO Satya Nadella encouraged the team to show it at Build sooner than the company would normally show its work in public. "That underscores just how competitive and fast-moving the AI world is right now, but it also illustrates the pace that the new technologies are enabling," reports GeekWire. The report notes that the business model for the platform still needs to be worked out. The devices run on Microsoft's Azure cloud, but beyond that, "the economics are still taking shape." Qualcomm and MediaTek have been chosen as the first chip partners. "The badge runs on a new Qualcomm wearable chip; the desk hub runs on MediaTek IoT silicon," reports GeekWire. "Both are off-the-shelf, not custom, which is central to how Microsoft plans to keep devices cheap and fast to build."


    Read more of this story at Slashdot.


  • Mathematicians Warn of AI Threats to Profession As Industry Encroaches
    A new Leiden Declaration, endorsed by the International Mathematical Union and published on June 2, 2026, warns that AI could undermine mathematics by flooding the field with plausible but flawed proofs, weakening attribution, shifting incentives, and giving tech companies too much influence over research priorities. "Mathematicians should find it quite striking that tech companies are suddenly interested in their work," said Kevin Buzzard, a mathematician at Imperial College London, in a statement. "The Leiden Declaration is a well-thought-through response to what is currently happening, as AI continues to disrupt this space." Ars Technica reports: The Leiden Declaration, which has already drawn hundreds of signatories, warns that recent AI developments are threatening "characteristic values" of mathematical research, "often in ways that disproportionately affect students and early-career mathematicians, and hence the long term future of the discipline." First, it points out how AI models can "produce plausible but unreliable (or even incorrect) arguments which are difficult to distinguish from correct mathematical proofs." Such developments put reviewers under increasing pressure and are "jeopardizing our ability to implement traditional standards for the correctness, transparency, and independent verifiability of proof," the declaration warns. "Inaccurate AI-generated drafts are cheap to produce, and there is a risk of cluttering the literature with claimed results that are simply wrong," said Leslie Ann Goldberg, head of computer science at the University of Oxford, in a statement. "Once that happens, the errors are likely to propagate as new results are built on faulty foundations." Second, the declaration highlights how "models trained on published works frequently return outputs that do not properly cite the human works they synthesize," while also pointing out that many current AI models were trained on data obtained through "exploiting licenses and access arrangements" or "simply violating copyright protections." Third, the declaration describes how the use of AI "may become incentivized for its own sake, disrupting our mechanisms for hiring, funding and recognition" while leaving out researchers who lack access or are "unwilling to use technologies controlled by organizations whose values they do not share." Fourth, the declaration warns against mathematics research "communicated through informal channels such as press releases or blog posts, often without any research paper or other disclosure of information necessary for scientific evaluation." Such communication strategies can lead to "oversimplification" in media reporting that overemphasizes AI tools' significance at the expense of prior human contributions, and "misleadingly uses specific mathematical tasks as metrics for the general reasoning capacities of commercial products." Fifth, the declaration describes "increasing involvement of technology companies in mathematical research" as threatening the "autonomy of mathematics," especially as university budgets are under pressure and researchers may feel greater professional incentive to collaborate with technology companies on "asymmetric terms." This also raises the risk that mathematics research questions amenable to AI-driven techniques may be prioritized. What can mathematicians do about this? The Leiden Declaration urges them to treat AI as a tool, not a substitute for human responsibility. Individual mathematicians should disclose AI use, remain accountable for the correctness of their work, continue crediting human authors, and use AI tools only when they align with the declaration's values. It also warns that mathematics can be applied to "warfare, oppression, mass surveillance, and the undermining of democracy," so mathematicians should weigh the ethics of tech-industry partnerships carefully. Professional organizations are encouraged to develop AI-use guidelines for publication and review, protect researchers from having their work used as training data without consent, support peer-reviewed publishing, and "actively prepare to become involved if major mathematical results are claimed using unconventional means." For policymakers, the recommendations are blunt: "protect the rights of authors," "regulate the artificial intelligence industry," and "invest in public computational infrastructure." The declaration also urges people to "don't believe the hype," warning that tech companies have "a strong commercial incentive... to overstate the capabilities of their products."


    Read more of this story at Slashdot.


www.theregister.com - Articles












Linux.com


  • From DHCP to SZTP – The Trust Revolution
    By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]

    The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.










Phoronix


  • AMD EPYC 8635P "Sorano" Benchmarks: Significant Upgrade Opportunity For EPYC 8004 Servers
    After announcing the AMD EPYC 8005 "Sorano" series back in February, AMD recently began shipping these Zen 5 successors to the EPYC 8004 "Siena" line-up. With the EPYC 8005 product stack ranging from 8 to 84 cores and being drop-in upgrades for EPYC 8004 servers after a BIOS update, these are quite some interesting processors for those after a single socket, performant server. Up today are benchmarks of the EPYC 8635P as the flagship 84 core Sorano CPU.


  • Intel Preps GCC Function Multi-Versioning To Support APX & AVX10.2
    Along with some GCC compiler tuning for Nova Lake and Diamond Rapids to deal with some new APX capabilities not proving beneficial for performance, new patch activity today is preparing GCC for function multi-versioning (FMV) for the AVX10.2 and APX instruction set extensions...


  • Ubuntu To Ship Newer AMD ROCm Updates Via SRUs
    As noted back in April, with Ubuntu 26.04 LTS it's now possible to simply "apt install rocm" on Ubuntu Linux for installing AMD's open-source GPU compute stack. But as prominently noted there, what's shipped right now in Ubuntu 26.04 LTS is already months out of date compared to upstream ROCm. Fortunately, Canonical shared today that moving forward they plan to ship newer ROCm versions as stable release updates (SRUs)...


  • NVIDIA Hopper & Blackwell GPU Support Moves Closer For Open-Source Nova Driver
    While the upstream, open-source Nouveau driver already supports NVIDIA's Hopper and Blackwell graphics processors with the GPU System Processor (GSP) code path, the bring-up of the Rust-written Nova driver remains ongoing. Out this week is the 12th iteration of the Hopper and Blackwell enablement for this future open-source NVIDIA Linux driver...



  • Microsoft Announces Coreutils For Windows: Derived From Rust Coreutils
    As another interesting takeaway from this week's Microsoft Build 2026 conference beyond their open-source Intelligent Terminal project is Coreutils for Windows. Microsoft is maintaining a fork of Rust Coreutils for Windows to ease the developer experience across Windows / WSL / macOS / Linux...



  • Canonical Now Considers Their Steam Snap For ARM64 To Be Stable
    At the beginning of the year Canonical announced a Steam Snap package for Ubuntu ARM64 that leverages the FEX emulator for running x86/x86_64 games on ARM64. After months of testing and improvements, they now consider their Steam Snap for ARM64 to be stable...


  • Marek Olšák Scores Up To 100% Pixel Throughput Optimization For RADV Driver
    Marek Olšák who had been a longtime AMD Linux driver engineer specializing in the RadeonSI Gallium3D driver, recently began working for Valve on their Linux graphics driver team. His focus has understandably shifted to working on the RADV Vulkan driver and one of his early optimizations now with the Valve hat on is up to a 100% pixel throughput optimization for the RADV driver, which is already quite well optimized thanks to years of investment from Valve, Red Hat, and others...



Engadget"Engadget - Technology News & Expert Reviews"











OSnews

  • Serena OS: a modern operating system for classic Amigas
    A hobby operating system, not written in Rust, not targeting Qemu, not targeting a Raspberry Pi. Yes, it still happens. Serena OS is what you get when modern operating system design and implementation meets vintage hardware like the Amiga computers. It is based on dispatch queues rather than threads, supports multiple users, is inspired by POSIX, yet retains its own character, is strongly object-oriented in terms of design and implementation and prepared for a cross platform future. ↫ Serena OS GitHub page Serena OS supports most (all?) of the classic Amigas, but the 500, 600, and 2000 need at least 1MB of RAM and a 68020 accelerator. It has code privilege separation between kernel and userspace, basic memory management, its own custom file system, drivers for input devices and graphics, an interactive console with VT52 and VT100 support, and much more. It also comes with a C99-compatible libc, and has its own shell. Note that AI! chatbot Claude is listed as a contributor to the project.


  • Rsync opens the slopgates, regressions and bugs ensue
    Andrew Tridgell, developer of rsync, has published a blog post addressing the massive surge in AI! code submissions and the string of regressions supposedly caused by them. He explains rsync was flooded with AI!-generated security reports, and he couldnt handle the volumes anymore. As this flood started to get more intense I realised I needed to raise the defences on rsync a lot — we needed much more thorough test suites, code coverage analysis, CI testing on a lot more platforms, deliberate and thorough scanning for possible security issues (so I find at least some of them before other people!) and the addition of a whole lot of defence-in-depth hardening techniques. This is all a huge amount of work. I’m retired (though my wife may dispute that!) and I’d rather be out sailing than working on rsync security issues, so I have reached for several AI tools to help with what needs to be done. I have absolutely no regrets about doing that, although from the storm of anti-AI rage it’s clear that many people think I should be hung up by my toe nails and flogged for even considering doing this. ↫ Andrew Tridgell The entire rsync codebase is around 65k lines, and the recent flood of AI!-generated submissions amount to +16k/-6k lines of code within a few weeks. Thats an absolutely insane amount of changes in a really short time to a project that most people deemed stable and done!. If you take a look at the activity graph, its clear that a project that was silently and carefully doing its job is seeing a massive amount of changes, almost exclusively generated by AI!, all in recent weeks. Its no surprise, then, that people get annoyed when something they deemed done! and stable is suddenly causing issues for them because its maintainer decided to open the slopgates. Tridgell is, of course, an incredibly accomplished and capable programmer, but so is Kent Overstreet and he thinks his AI! girlfriend is sentient and conscious, he reprogrammed it after someone convinced his AI! girlfriend was lesbian and trans, and he thinks that he gave his AI! girlfriend an orgasm, so being an accomplished and capable programmer doesnt mean youre immune from AI!-hyperbole, or worse, AI!-induced psychosis. Tridgells blog post already has all the usual talking points from AI! techbros about how the tools sucked last but theyre good now, trust me I know how these tools work, humans are actually the same as these AI! tools, really what is intelligence anyway, and yeah we got a whole slew of new issues caused by the AI! code but more AI! code will surely fix that, and so on. Theres some red flags that give me the ick, because Ive seen them all before from people entirely losing themselves in AI! hype. Tridgell also takes pot shots at openrsync, a reimplmentation of rsync developed by the OpenBSD team, also shipped by default on macOS. Openrsync has nothing to do with any of the current issues rsync is facing, as the project was started way back in 2018 or so. Taking pot shots at this project in this particular blog post feels childish and unnecessary, and reeks of insecurity; focus on the issues your own project is facing before attacking some other project. This feels like another red flag. Quite a few people have experienced regressions with rsync in recent weeks, but it seems like more are going to come as the slopgates will remain open, and will probably be opened even further. For such a cornerstone open source project, that raises a lot of questions, and Im sure theres quite a few people pondering if they should, perhaps, switch to openrsync  just like Apple did.


  • WinUtils: shell-powered CLI tools for Windows 95
    WinUtils started in 1996-1997 as a way to build my programming chops. I was poking around the Windows 95 shell APIs, found the file operation functions, and thought it would be cool to have CLI tools that called them instead of doing raw file I/O. The payoff was practical: because the operations went through the shell, the same confirmation prompts, progress dialogs, and Recycle Bin behavior you got from Windows Explorer came along for free. ↫ Code Naked Code Naked  their alias, not mine  recently dug these old executables and code back up, and published them on GitHub. Back then, though, there were no centralised distribution platforms, so they just uploaded them to various download and shareware websites and kept track of the download tickers. Very neat little tools, and fun to have them immortalised.


  • Google offers opt-out of AI! search results for websites, promises it wont affect regular search rankings
    Google is adding a switch to allow website owners to opt out of being featured in their AI! overviews and related slopsearch results. With this new toggle in Search Console, website owners can decide if they want their site to appear in and help ground responses in our generative AI Search features (like AI Overviews, AI Mode or AI Overviews in Discover). Sites that opt out will not receive traffic or impressions from our generative AI features. This control will not be used as a ranking signal for search results outside of these generative AI Search features. This work builds on our long history of designing tools, like snippet controls and Google-Extended, that give websites more choice. ↫ Mrinalini Loew at Googles The Keyword blog While its nice of Google to offer such an opt-out to website owners, their claim that opting out wont effect your regular search ranking rings hollow to me. I simply just do not trust Google in any way, shape, or form to not weaponise their AI! against anyone who doesnt want to be sucked up, regurgitated, and spat out in one of their slopsearch tools. On top of that, regular Google Search is dead anyway, so even if they keep their promise, its moot because Google users are going to be force-fed the slopsearch tools instead of the regular Google Search. I honestly have no idea how much traffic OSNews gets from Google at this point, and while I can look it up, I just dont really care, and think its probably not that much. I could opt us out, but the real problem is that such an opt-out wont stop Googles slopbots  or anyone elses slopbots  from taking our writing and training their AI! tools on it, so whats the point of going through the effort? I doubt Google is relevant enough for us.


  • Preparing for KDE Plasma’s last X11-supported release
    With KDE Plasma 6.7 almost ready for release, developers have moved on to working on 6.8, and with that release comes probably one of the biggest deprecations in KDEs history: as of today, the X11 session is gone from KDE. Of course, this change wont make it to peoples computers until 6.8 actually releases, but as far the code goes, the X11 session is gone. Once 6.8 is actually released, you will only be able to log into a Wayland KDE session. This wont affect KDE applications running in other X11 desktop environments, and of course, X11 applications will keep working in KDE as well thanks to XWayland. Its also important to note that this wont affect anyone sticking to older versions of KDE Plasma; its not like X11 session support will be yanked retroactively. From here on out, a lot of X11 code will be removed from KDE, and developers will be able to focus on just one code path, instead of accommodating the lowest common denominator in X11. Our internal metrics within KDE show that over 95% of users of Plasma 6.6 are on Wayland, with a gradual increase every release. The metrics also show that basically no one is testing or developing Plasma on X11 anymore. The platform was already, for all intents and purposes, abandoned by KDE contributors. ↫ David Edmundson The transition from legacy X11 to Wayland has been a long, painful journey, but Im glad were finally reaching the destination. If youre still having issues with KDE on Wayland, be sure youre using an up-to-date distribution  not an LTS one  and see how that goes for you.


  • The newest Instagram exploit! is the goofiest Ive seen!
    Yesterday, a slew of Instagram accounts, including some high profile ones like the Obama White House account, seemingly got hacked. Look, I’m no spring chicken. I’ve spent almost a decade and a half identifying vulnerabilities and exploits at unicorn scale, but this is hands down the most unserious, almost too stupid to be true! of them all. ↫ Sid at 0xsid.com 0its AI! isnt it? All the attacker needs to kick this off is your account username. Then, they hop on a VPN or proxy close to your city so Instagrams security algorithms dont suspect a thing. (You can quite easily get this from your public profile or About! section or a hundred other ways.) Once it looks like the request is coming from the correct region, they tell the Meta support AI that the account is hacked and ask it to send the verification codes to an arbitrary email address they control. ↫ Sid at 0xsid.com Its AI!. Yes, all that you need to do to gain control over big, massively popular Instagram accounts is ask Facebooks AI! to send the verification codes to whatever email address you desire. Thats it. Theres no other steps, no other checks, no other verification. And the worst part is that this isnt even a hack; this is AI! working entirely as intended. And these tools are now coding the Linux kernel, LLVM, systemd, PulseAudio, rsync, your browser, and so much more. What could possibly go wrong?


  • Microsoft is intentionally bricking all Office for Mac 2019/2021 installations
    Youre a smart cookie, so you opted to buy a copy of Microsoft Office for macOS back in 2019 or 2021, eschewing the Office 365 subscription, so you could keep on using Office 2019/2021 forever if you wanted to. Just like in the old days. Ive got some bad news. Microsoft Office 2019 and 2021 for Mac view-only conversion (2026) is a scheduled remote degradation of perpetually-licensed Microsoft Office software for macOS and iOS, set for July 13, 2026 when a license-validation certificate used by the Office apps expires. After Office 2019 for Mac reached end of support in October 2023, Microsoft assured customers their installed apps would continue to function.! The July 13, 2026 conversion instead drops the apps into a Microsoft-defined reduced functionality mode,! in which files can be opened and viewed but not edited or saved. By May 30, 2026, the original 2023 end-of-support page had been re-dated and rewritten on Microsofts site; the continue to function! clause was removed. ↫ Consumer Rights Wiki Microsofts advice to the users theyre stealing from is to keep using the applications as mere viewers, switch to the free Office 365 web applications, pay for a 365 subscription, or buy a brand new regular copy of Office 2024. None of these make any sense, and clearly, all of this should be illegal, but its not because the software industry is a clown show. Proprietary software is unethical.


  • NVIDIA unveils RTX Spark chip for laptops and desktop PCs
    It was an open secret that NVIDIA was working on an ARM-based system-on-a-chip for laptops and desktops, and today at Computex 2026 the company unveiled what its been working on. Its surely a beast, and unsurprisingly, its lathered in AI! buzzwords. At full strength, this chip offers up to 20 Arm CPU cores, a Blackwell GPU with 6,144 CUDA cores, 128GB of LPDDR5X RAM, and up to 300 GB/s of memory bandwidth. That powerful CPU and GPU, connected over NVLink C2C, and the large memory pool give AI agents and 120-billion-parameter models plenty of power and space for long-running tasks with context lengths stretching to a million tokens, according to Nvidia. RTX Spark will power high-end laptops from partners including Dell, HP, Lenovo, Asus, and MSI  and notably, a new Surface Ultra laptop from Microsoft. Nvidia says it’s worked with those partners to create “the most extraordinary laptops ever built,” with tandem OLED G-Sync displays, “all-day” battery life, premium aluminum chassis with large glass touchpads. ↫ Jeffrey Kampman at Toms Hardware I couldnt care less about the AI! nonsense, but the chip itself seems like an absolute monster for laptops and mini PCs. With that much power and a solid NVIDIA GPU, these are also great for gaming and creative tasks, making them feel like the first true competition in the PC space to Apples M series of chips. Theyre planned for late 2026, and tellingly, theres no pricing information just yet.


  • You dont love systemd timers enough
    My favorite metonymic technology term is cron job!: even though cron may not literally be the daemon that executes actions on a schedule, we apply the term to anything that walks like a cron and quacks like a cron. As Patrick McKenzie likes to point out, cron jobs are one of the most eminently useful computing primitives. They offer utility thats almost immediately obvious for plenty of use cases that almost everybody has: do this every day; do that once a month. And yet. You probably shouldnt use literal cron (or its more modern cousins) for scheduled tasks! In 2026 there are more modern options available, and my favorite is the humble systemd timer. I love systemd timers. If you dont love them yet, maybe I can show you the reasons why you should love them, too. ↫ Tyler Langlois These are just timers. They are not consuming your computer or taking over the open source world. They do not phone home to Red Hat. These are just timers.


  • MorphOS 3.20 released
    Almost exactly 18 months after 3.19, the MorphOS team has released MorphOS 3.20. This is a major release, as it adds support for the upcoming Mirari PowerPC motherboards, which we talked about when that project was first announced. Im quite excited about the Mirari, and cant wait to have one, and MorphOS is the one operating system I really want to run it on. I have an almost mint condition PowerBook G4 17C specifically for MorphOS, but the hardware is simply too outdated to keep up with modern demands, which is sad, because MorphOS can clearly keep up if it had modern hardware. So, MorphOS 3.20 adds support for the Mirari platform and its various components, like its thermal management solution, networking, and so on. MorphOS 3.20 also expands the number of support Radeon graphics cards, improved support for various HDMI and DisplayPort ports, better support for multiple monitors, and overall better graphics performance in general. Theres also SFS2 support throughout the operating system so MorphOS now supports file sizes of up to 4GB and partition sizes of up to 2TB. The Ambient UI has also seen extensive work to improve performance and stability, as well as add a bunch of new features. Several new applications and utilities are included in MorphOS 3.20, such as DriveImager, MirrorBackup, SMARTDoctor, OFHTTP, OFHash, OFDNS, Replace, and Automator for scripting and controlling MUI applications. Iris has been updated to version 1.53 and now includes the new Contacts companion application for CalDAV-based address books. FlowStudio received extensive improvements for project management, printing, Markdown support, and development workflows. Networking and connectivity have also been improved with updates to OpenSSH 10.3p1, TLS 1.3 support in RDesktop, expanded SMB2 filesystem improvements, and improved USB, audio and multimedia subsystem stability. Numerous system libraries and frameworks including MUI, ixemul, Cairo, Harfbuzz, Freetype, OpenSSL4, and ObjFWRT have been updated or significantly modernized. ↫ MorphOS 3.20 release announcement Of course, theres also the long list of smaller changes, bugfixes, and performance improvements. MorphOS has wide support for Apple PowerPC hardware, which is probably your best bet for using the operating system for now, at least until the Mirari becomes available for purchase.



Linux Journal News

  • EU OS: A Bold Step Toward Digital Sovereignty for Europe
    Image
    A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
    What Is EU OS?
    EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.

    Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
    The Vision Behind EU OS
    The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.

    Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.

    However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
    Conclusion
    EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.

    Source: It's FOSS
    European Union


  • Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.

    In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.

    On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.

    Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.

    The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.

    Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.

    You can download the latest kernel here.
    Linus Torvalds kernel


  • AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
    Image
    AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.

    This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.

    Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.

    Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.

    Source: 9to5Linux
    AerynOS


  • Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
    Image
    Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.

    Here’s a quick overview of what’s new in Xojo 2025r1:
    1. Linux ARM IDE Support
    Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
    2. Web Drag and Drop
    One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
    3. Direct App Store Publishing
    Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
    4. New Desktop and Mobile Features
    This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
    5. Performance and IDE Enhancements
    Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
    What Does This Mean for Developers?
    Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
    How to Get Started
    Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.

    Download Xojo 2025r1 today at xojo.com.
    Final Thoughts
    With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
    Xojo ARM


  • New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux

    Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.

    Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.

    Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 

    Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.

    Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.

    Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.

    By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
    Windows


  • Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities

    The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 

    As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.

    In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 

    After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.

    The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.

    At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.

    The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
    Security


  • Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges

    The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.

    A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.

    This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 

    The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.

    On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.

    In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
    kernel


  • Linux Celebrates 32 Years with the Release of 6.6-rc2 Version

    Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.

    The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.

    Here is what Linus Torvalds had to say in today's announcement:
    Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds


  • Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction

    Want to interact with ChatGPT from your Linux desktop without using a web browser?

    Bavarder, a new app, allows you to do just that.

    Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.

    With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.

    During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.

    At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.

    As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!

    Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
    ChatGPT AI


  • LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite

    Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.

    Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.

    LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.

    You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.

    All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.

    In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.

    Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.

    The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
    LibreOffice


Linux Magazine News (path: lmi_news)
Page last modified on November 17, 2022, at 06:39 PM