All the News that Matters

• openSUSE: python311-tornado6 Moderate Security Issues Fix 2025:15838-1
  An update that solves 3 vulnerabilities can now be installed.

• openSUSE: duc Moderate Update for CVE-2025-13654 Vulnerability Fixes
  An update that solves one vulnerability can now be installed.

• openSUSE Tumbleweed: php8 Moderate Update for Three Issues 2025:15837-1
  An update that solves 3 vulnerabilities can now be installed.

• openSUSE Tumbleweed: kernel-devel Moderate Security Update 2025:15836-1
  An update that solves 14 vulnerabilities can now be installed.

• openSUSE: busybox Moderate Security Update CVE-2025-46394 CVE-2025-60876
  An update that solves 2 vulnerabilities can now be installed.

• openSUSE Tumbleweed: MozillaFirefox Moderate Security Update CVE-2025-14860
  An update that solves 2 vulnerabilities can now be installed.

• MPV 0.41 Media Player Switches to GPU-Next Renderer
  MPV 0.41 open-source media player makes GPU-Next the default renderer, delivering better color handling, Wayland improvements, and more.

• Linux 6.19-rc2 Released Following A Quiet Week
  The second weekly release candidate of Linux 6.19 is now available for testing in leading up to the stable release in early February...

• 9to5Linux Weekly Roundup: December 21st, 2025
  The 271st installment of the 9to5Linux Weekly Roundup is here for the week ending on December 21st, 2025, keeping you updated with the most important things happening in the Linux world.

• The Linux Foundation Spent $8.4 Million on the Linux Kernel Project in 2025
  The Linux Foundation reports over $310M in 2025 revenue, with $8.41M allocated to the Linux Kernel Project.

• MPV 0.41 Open-Source Video Player Released with Improved Wayland Support
  MPV 0.41 open-source and free media player that supports a wide range of media file formats, audio and video codecs, and subtitle types. is now available for download with new features and improvements.

• Darktable 5.4 Open-Source RAW Image Editor Improves Camera Support
  Darktable 5.4 has been released today as the latest version of this open-source, free, and cross-platform RAW image editor for GNU/Linux, macOS, and Windows systems.

• Why I Wouldn’t Want John Solomon’s New CMO Job at Mozilla
  Firefox’s market share has cratered while Mozilla’s dependence on Google and executive pay have soared. We look at what John Solomon is really walking into.

• ICORE-3576Q38 SoM packs RK3576 AI processor into a 38 mm module
  The ICORE-3576Q38 is a compact 38 mm × 38 mm system-on-module developed by T-Firefly and built around the Rockchip RK3576 application processor. The module targets embedded and industrial designs that require multi-core processing, local AI acceleration, and broad multimedia and I/O support within a small footprint. The ICORE-3576Q38 family is available in three variants. The […]

• Chimera Linux Releases New Images With Kernel 6.18
  Chimera Linux has published new December 2025 images based on kernel 6.18, delivering updated desktops and refreshed system components.

• Ventoy 1.1.10 Bootable USB Creator Released with Support for AerynOS
  Ventoy 1.1.10 open-source bootable USB solution has been released today as a maintenance and feature update that supports new distro releases and improves support for existing distributions.

• In 2025 Scammers Have Stolen $835M from Americans Using Fake Customer Service Numbers
  They call it "the business-impersonator scam". And it's fooled 396,227 Americans in just the first nine months of 2025 — 18% more than the 335,785 in the same nine months of 2024. That's according to a Bloomberg reporter (who also fell for it in late November), citing the official statistics from America's Federal Trade Commission:Some pose as airline staff on social media and respond to consumer complaints. Others use texts or e-mails claiming to be an airline reporting a delayed or cancelled flight to phish for travellers' data. But the objective is always the same: to hit a stressed out, overwhelmed traveller at their most vulnerable.In my case, the scammer exploited weaknesses in Google's automated ad-screening system, so that fraudulent sponsored results rose to the top [They'd typed "United airlines agent on demand" into Google, and the top search result on their phone said United.com, had a 1-888 number next to it and said it had had 1M+ visits in past month. "It looked legit. I tapped the number..." ] After I reported the fake "United Airlines" ad to Google, via an online form for consumers, it was taken down. But a few days later, I entered the same search terms and the identical ad featuring the same 1-888 number was back at the top of my results. I reported it again, and it was quickly removed again... A [Google] spokesperson there said the company is constantly evolving its tactics "to stay ahead of bad actors." Of the 5.1 billion ads blocked by the company last year, she said, 415 million were taken down for "scam-related violations." Google updated its ads misrepresentation policy in 2024 to include "impersonating or falsely implying affiliation with a public figure, brand or organization to entice users to provide money or information." Still, many impostor ads slip through the cracks. "Reported losses from business-impostor scams in the United States rose 30 per cent, to US$835 million, in the first three quarters of 2025," the article points out (citing more figures from the America's Federal Trade Commision). An updated version of the article also includes a response from United Airlines. "We encourage customers to only use customer-service contact information that is listed on our website and app." And what happened to the scammed reporter? "I called American Express and contested the charge before cancelling my credit card. I then contacted Experian, one of the three major credit bureaus, to put a fraud alert on my file. Next, I filed a complaint with the FTC and reported the fake ad to Google. "American Express wound up resolving the dispute in my favour, but the memories of this chaotic Thanksgiving will stay with us forever. "
  
  
  Read more of this story at Slashdot.
  

• The U.S. Could Ban Chinese-Made Drones Used By Police Departments
  Tuesday the White House faces a deadline to decide "whether Chinese drone maker DJI Technologies poses a national security threat," reports Bloomberg. But their article notes it's "a decision with the potential to ground thousands of machines deployed by police and fire departments across the US." One person making the case against the drones is Mike Nathe, a North Dakota Republican state representative described by the Post as "at the forefront of a nationwide campaign sounding alarms about the Made-in-China aircraft." Nathe tells them that "People do not realize the security issue with these drones, the amount of information that's being funneled back to China on a daily basis."The president already signed anexecutive orderin June targeting "foreign control or exploitation" of America's drone supply chain. That came after Congress mandated a review to determine whether DJI deserves inclusion in a federal register of companies believed to endanger national security. If DJI doesn't get a clean bill of health for Christmas, it could join Huawei Technologies Co. Ltd. and ZTE Corp.on that Federal Communications Commission list. The designation would give the Trump administration authority to prevent new domestic sales or even impose a flight ban, affecting public agencies from New York to North Dakota to Nevada... The fleet used by public safety agencies nationwide exceeds about 25,000 aircraft, said Chris Fink, founder of Unmanned Vehicle Technologies LLC, a Fayetteville, Arkansas-based firm that advises law-enforcement clients. The overwhelming majority of those drones — called uncrewed aerial vehicles, or UAVs, in industry parlance — comes from China, said Jon Beal, president of theLaw Enforcement Drone Association, a training and advocacy group that counts DJI and some US competitors as corporate sponsors... Currently, at least half a dozen states havetargeted DJIand other Chinese-manufactured drones, including restrictions in Arkansas, Mississippi and Tennessee. A Nevada law prohibiting public agencies from using Chinese drones took effect in January... Legislators also took up the cause in Connecticut, which passed a law this year preventing public offices from using Chinese drones. Supporters said they're worried about these eyes in the skies being used for spying. "We're kind of sitting ducks," said Bob Duff, the Democratic majority leader in the state senate who promoted the legislation. "They are designed to infiltrate systems even when the users don't think that they will." One North Dakota sheriff's department complains U.S.-made drones are "at least double and triple the price out of the gate," according to the article, which adds that public safety officials "say it's difficult to find domestic alternatives that match DJI in price and performance." And DJI "wants an extension on the security review," according to the article, "saying Tuesday is too soon to make a conclusion."
  
  
  Read more of this story at Slashdot.
  

• Google Launches CO2 Battery Plants for Long-Duration Storage of Renewable Energy
  In July Google promised to scale the CO2 batteries of "Energy Dome" as a long-duration energy storage solution. Now IEEE Spectrum visits its first plant in Sardinia, where 2,000 tonnes of carbon dioxide power a turbine generating 20 MW over 10 hours — storing "large amounts of excess renewable energy until it's needed..." "Google likes the concept so much that it plans to rapidly deploy the facilities in all of its key data-center locations in Europe, the United States, and the Asia-Pacific region."Developed by the Milan-based company Energy Dome, the bubble and its surrounding machinery demonstrate a first-of-its-kind "CO2 Battery," as the company calls it... And in 2026, replicas of this plant will start popping up across the globe. We mean that literally. It takes just half a day to inflate the bubble. The rest of the facility takes less than two years to build and can be done just about anywhere there's 5 hectares of flat land. The first to build one outside of Sardinia will be one of India's largest power companies, NTPC Limited. The company expects to complete its CO2 Battery sometime in 2026 at the Kudgi power plant in Karnataka, in India. In Wisconsin, meanwhile, the public utility Alliant Energy received the all clear from authorities to begin construction of one in 2026 to supply power to 18,000 homes... The idea is to provide electricity-guzzling data centers with round-the-clock clean energy, even when the sun isn't shining or the wind isn't blowing. The partnership with Energy Dome, announced in July, marked Google's first investment in long-duration energy storage... CO2 Batteries check a lot of boxes that other approaches don't. They don't need special topography like pumped-hydro reservoirs do. They don't need critical minerals like electrochemical and other batteries do. They use components for which supply chains already exist. Their expected lifetime stretches nearly three times as long as lithium-ion batteries. And adding size and storage capacity to them significantly decreases cost per kilowatt-hour. Energy Dome expects its LDES solution to be 30 percent cheaper than lithium-ion. China has taken note. China Huadian Corp. and Dongfang Electric Corp. are reportedly building a CO2-based energy-storage facility in the Xinjiang region of northwest China. Google's senior lead for energy storage says they like how Energy Dome's solution can work in any region. "They can really plug and play this." And they expect Google to help the technology "reach a massive commercial stage."
  
  
  Read more of this story at Slashdot.
  

• Are 'Geek Gifts' Becoming Their Own Demographic?
  Long-time Slashdot reader destinyland wonders if "gifts for geeks" is the next big consumer demographic:For this year's holiday celebrations, Hallmark made a special Christmas tree ornament, a tiny monitor displaying screens from the classic video game "Oregon Trail." ("Recall the fun of leading a team of oxen and a wagon loaded with provisions from Missouri to the West....") Top sites and major brands are now targeting the "tech" demographic — including programmers, sysadmins and even vintage game enthusiasts — and when Hallmark and Amazon are chasing the same customers as GitHub and Copilot, you know there's been a strange yet meaningful shift in the culture... While AI was conquering the world, GitHub published its "Ultimate gift guide for the developer in your life" just as soon as doors opened on Black Friday. So if you're wondering, "Should I push to production on New Year's Eve?" GitHub recommends their new "GitHub Copilot Amazeball," which it describes as "GitHub's magical collectible ready to weigh in on your toughest calls !" Copilot isn't involved — questions are randomly matched to the answers printed on the side of a triangle-shaped die floating in water. "[Y]ou'll get answers straight from the repo of destiny with a simple shake," GitHub promises — just like the Magic 8 Ball of yore. "Get your hands on this must-have collectible and enjoy the cosmic guidance — no real context switching required!"And GitHub's "Gift Guide for Developers" also suggests GitHub-branded ugly holiday socks and keyboard keycaps with GitHub's mascots. But GitHub isn't the only major tech site with a shopping page targeting the geek demographic. Firefox is selling merchandise with its new mascot. Even the Free Software Foundation has its own shop, with Emacs T-shirts, GNU beanies and a stuffed baby gnu ("One of our most sought-after items ... "). Plus an FSF-branded antisurveillance webcam guard. Maybe Dr. Seuss can write a new book: "How the Geeks Stole Christmas." Because this newfound interest in the geek demographic seems to have spread to the largest sites of all. Google searches on "Gifts for Programmers" now point to a special page on Amazon with suggestions like Linux crossword puzzles. But what coder could resist a book called " Cooking for Programmers? "Each recipe is written as source code in a different programming language," explains the book's description... The book is filled with colorful recipes — thanks to syntax highlighting, which turns the letters red, blue and green. There are also real cooking instructions, but presented as an array of strings, with both ingredients and instructions ultimately logged as messages to the console... Some programmers might prefer their shirts from FreeWear.org, which donates part of the proceeds from every sale to its corresponding FOSS project or organization. (There are T-shirts for Linux, Gnome and the C programming language — and even one making a joke about how hard it is to exit Vim.) But maybe it all proves that there's something for everybody. That's the real heartwarming message behind these extra-geeky Christmas gifts — that in the end, tech is, after all, still a community, with its own hallowed traditions and shared celebrations. It's just that instead of singing Christmas carols, we make jokes about Vim.
  
  
  Read more of this story at Slashdot.
  

• 'Confused' Waymos Stopped in Intersections During San Francisco Power Outage
  "On Saturday, videos shared widely on social media showed Waymo vehicles stopped mid-intersection with hazard lights flashing, forcing other cars to maneuver around them," reports the San Francisco Chronicle. The Independent notes that "Without working traffic lights, the driverless cars were seemingly left confused, with many halting in their tracks and causing major traffic jams. Local riders and pedestrians shared photos and videos of the vehicles stuck at intersections with long lines of drivers piling up behind them..."In some instances, several Waymos were piled up in front of a single intersection. "6 Waymos parked at a broken traffic light blocking the roads. Seems like they were not trained for a power outage," another social media user wrote. More from CNBC:San Francisco resident Matt Schoolfield said he saw at least three Waymo autonomous vehicles stopped in traffic Saturday around 9:45 p.m. local time, including one he photographed near Arguello Boulevard and Geary Street. "They were just stopping in the middle of the street," Schoolfield said. The power outages began around 1:09 p.m. Saturday and peaked roughly two hours later, affecting about 130,000 customers, according to Pacific Gas and Electric. As of Sunday morning, about 21,000 customers remained without power, mainly in the Presidio, the Richmond District, Golden Gate Park and parts of downtown San Francisco. PG&E said the outage was caused by a fire at a substation that resulted in "significant and extensive" damage, and said it could not yet provide a precise timeline for full restoration... Amid the disruption, TeslaCEO Elon Musk posted on X: "Tesla Robotaxis were unaffected by the SF power outage." Unlike Waymo, Tesla does not operate a driverless robotaxi service in San Francisco. Tesla's local ride-hailing service uses vehicles equipped with "FSD (Supervised)," a premium driver assistance system. The service requires a human driver behind the wheel at all times... The Waymo pause in San Francisco indicates cities are not yet ready for highly automated vehicles to inundate their streets, said Bryan Reimer, a research scientist at the MIT Center for Transportation and co-author of "How to Make AI Useful." "Something in the design and development of this technology was missed that clearly illustrates it was not the robust solution many would like to believe it is," he said. [He recommends "human backup systems in place around highly automated systems, including robotaxis."] State and city regulators will need to consider what the maximum penetration of highly automated vehicles should be in their region, Reimer added, and AV developers should be held responsible for "chaos gridlock," just as human drivers would be held responsible for how they drive during a blackout. Waymo did not say when its service would resume and did not specify whether collisions involving its vehicles had occurred during the blackout.
  
  
  Read more of this story at Slashdot.
  

• Do Gamers Hate AI? Indie Game Awards Disqualifies 'Clair Obscur' Over GenAI Usage
  "Perhaps no group of fans, industry workers, and consumers is more intense about AI use than gamers...." writes New York magazine's "Intelligencer" column:Just this month, the latest Postal game was axed by its publisher, which was "overwhelmed with negative responses"from the "concerned Postal community" after fans spottedAI-generated material in the game's trailer. The developers of ArcRaiders were accusedof using AI instead of voice actors, leading to calls for boycotts,while the developers of the Call of Duty franchise werecalled out for AI-generated assets that players found strewn acrossBlack Ops 7.Games that weren't developed withgenerative AI are getting caughtup in accusations anyway, while workers at Electronic Arts aregoingto the press to describe pressure from bosses to adopt AI tools.Nintendo has sworn off using generative AI, as has the company behindthe Cyberpunk series. Valve, the company that operatesSteam, now requires AI disclosures on listed games and surveysall submitters. Perhaps sensing the emergence of a newconstituency, California congressman Ro Khanna responded in Novemberto the Call of Duty backlash:"We needregulations that prevent companies from using AI to eliminate jobs toextract greater profits," he postedon X.... AI is often seen as a tool for managers to extract more productivity and justifylayoffs. Among players, it can foster a sense that gamers are beingtricked or ripped off, while also dovetailing with more generalobjections to generative AI. It can sometimes be hard to tell whethergamer backlash is a bellwether or an outlier, an early signal from our youngest major creative industry or a localized and unique fit of rage. The sheer number ofincidents here suggests the former, which foretells bitter, messy,and confusing fights to come in entertainment beyond gaming — where,notably, technologies referred to as "AI" have previously beenembraced with open arms. And now "the price of the sort of memory PC gamers most want to buy has skyrocketed" (per Tom's Hardware). "The rush to build data centers is making it much more expensive to game. Nobody's going to be happy about that." Insider Gaming shares another example of anti-AI sentiment in the gaming industry:The Indie Game Awards took place on December 18, and, as many could assume, Clair Obscur: Expedition 33 took home the awards for Game of the Year and Debut Game. However, things have changed and The Indie Game Awards are making a big decision to strip the Clair Obscur and developer Sandfall Interactive of their awards over the use of gen AI in the game. In an announcement made on Saturday afternoon, Six One Indie, the creators of the show, said that it's removal comes after the discovery after voting was done, and the show was recorded. "The Indie Game Awards have a hard stance on the use of gen AI throughout the nomination process and during the ceremony itself," the statement reads. "When it was submitted for consideration, representatives of Sandfall Interactive agreed that no gen AI was used in the development of Clair Obscur: Expedition 33. Polygon notes the award-stripping is "due to inclusion of generative AI assets at launch that were quickly patched out."Quotes from earlier in the year from Sandfall Interactive's FranÃois Meurisse made the rounds on social media last week amid a news cycle caught up in the use of generative AI in games... In June, the Spanish outlet El País published a story including an interview conducted around Clair Obscur's launch, in which Meurisse admitted that Sandfall used a minimal amount generative AI in some form during the game's development... Clair Obscur: Expedition 33 launched with what some suspected to be AI-generated textures that, as it clarified to El País, were then replaced with custom assets in a swift patch five days after release.
  
  
  Read more of this story at Slashdot.
  

• Package Forge: The Lesser Known Snap/Flatpak Alternative Without Distro Lock-In
  An anonymous reader shared this report from the site It's FOSS:Linux gives you plenty of ways to install software: native distro packages, Flatpak, Snap, AppImage, source builds, even curl-piped installers. The catch is that each one solves a different problem, yet none of them fully eliminates the "works here, breaks there" reality across all distros. Package Forge (PkgForge) is a new project with a narrower mission: deliver truly distro-independent portable applications that run the same way across systems.... It's not a new packaging format in and of itself, nor is it trying to replace AppImages. Instead, it's an ecosystem that publishes portable packages and static binaries in curated repositories, paired with a package manager designed to install and manage them. One of the ways PkgForge stands out from some portable app efforts on Linux is its focus on accessible documentation and a security-minded distribution model. The project primarily delivers prebuilt binary packages, keeps transparent build logs, and relies on checksum verification. This helps reduce the spread of ad-hoc install scripts and the need for local compilation, which has long been a common pattern when downloading Linux software directly (and still is for many projects today). To make life easier for the end-user, the project maintains its own frontend, called Soar... which you can use like an additional package manager, and let it handle installation, updates, and system integration. It also allows you to search for apps and utilities without having to dig through the repos online. Alternatively, you can search the PkgForge repos manually, and download and manage individual portable packages on your own. This is preferable if you're building a portable toolkit on a USB drive, testing a single app temporarily, or simply want full control over where files live... Even if it doesn't replace Flatpak, Snap, or AppImage, it helps give definition to what a more flexible, truly distro-independent future for portable Linux apps could look like.
  
  
  Read more of this story at Slashdot.
  

• Inaugural 'Hour of AI' Event Includes Minecraft, Microsoft, Google and 13.1 Million K-12 Schoolkids
  Long-time Slashdot reader theodp writes: Last September, tech-backed nonprofit Code.org pledged to engage 25 million K-12 schoolchildren in an "Hour of AI" this school year. Preliminary numbers released this week by the Code.org Advocacy Coalition showed that [halfway through the five-day event Computer Science Education Week] 13.1 million users had participated in the inaugural Hour of AI, attaining 52.4% of its goal of 25 million participants. In a pivot from coding to AI literacy, the Hour of AI replaced Code.org's hugely-popular Hour of Code this December as the flagship event of Computer Science Education Week (December 8-14). According to Code.org's 2024-25 Impact Report, "in 2024–25 alone, students logged over 100 million Hours of Code, including more than 43 million in the four months leading up to and including CS Education Week." Minecraft participated with their own Hour of AI lessons. ("Program an AI Agent to craft tools and build shelter before dusk falls in this iconic challenge!") And Google contributed AI Quests, "a gamified, in-class learning experience" allowing students to "step into the shoes of Google researchers using AI to solve real-world challenges." Other participating organizations included the Scratch Foundation, Lego Education, Adobe, and Roblox. And Microsoft contributed two — including one with their block-based programming environment Microsoft MakeCode Arcade, with students urged to "code and train your own super-smart bug using AI algorithms and challenge other AI bugs in an epic Tower battle for ultimate Bug Arena glory!" See all the educational festivities here...
  
  
  Read more of this story at Slashdot.
  

• Will Work Change Over the Next 20 Years?
  What is the future of work? The Wall Street Journal asked five workplace experts and practitioners. So while AI "is already doing tasks once relegated to newly minted college graduates in many professions," the Journal predicts that in the next 20 years AI "will have an impact on the role of managers, how organizations measure business outcomes and accelerate tasks that once took months." A senior partner at the consulting firm Mercer predicts AI (plus advances in quantum computing) will enable entrepreneurs to reshape industries with a fraction of the resources traditionally required. Some other predictions: Alan Guarino, vice chairman and CEO of board services at the global consulting firm Korn Ferry: In 25 years, the workplace will likely be unrecognizable, with employees and AI operating as one. Yes, there will be tasks and entire jobs taken over by AI, but we will all be elevated to a whole new superpower to make critical and creative decisions. The idea that work was once done strictly by people will seem quaint to some. Tasks that took entire teams, and months to complete, will be crunched down to a few minutes, with success measured on metrics we can't imagine today. The middle layers of management — so central to today's corporate structure — could be a vestige of the past. The role of the leader too will change, as they directly oversee a collaboration of people and intelligent systems. The attitude toward in-person collaboration is growing and 25 years from now, counterintuitively, I believe face-to-face connection won't just be indispensable, but invaluable. Emotional intelligence will still set leaders apart. Those who blend empathy with tech savvy will be the ones shaping the future. Peter Fasolo, a former executive vice president and chief human resources officer at Johnson & Johnson, and director of the Human Resource Policy Institute at Boston University's Questrom School of Business: There will be fewer available workers in Europe, Japan and the U.S. over this time frame and the demographic shift will be profound. In addition, there will be even fewer young adults available for colleges in the U.S., even if they decide the investment is worth it. The implications of this shift will be the need for more investments in vocational and trade schools, and the need to invest in skill-based, not pedigree-based training. There will also be more on-the-job specific training. Companies will become classrooms. Companies that want a more sustainable relationship with employees will need an investment model versus a transactional one: We will invest in your skills so you can be a competitive professional in your domain.
  
  
  Read more of this story at Slashdot.
  

• FSF Says Nintendo's New DRM Allows Them to Remotely Render User Devices 'Permanently Unusable'
  "In the lead up to its Switch 2 console release, Nintendo updated its user agreement," writes the Free Software Foundation, warning that Nintendo now claims "broad authority to make consoles owned by its customers permanently unusable." "Under Nintendo's most aggressive digital restrictions management (DRM) update to date, game console owners are now required to give Nintendo the unilateral right to revoke access to games, security updates, and the Internet, at its sole discretion."The new agreement states: "You acknowledge that if you fail to comply with [Nintendo's restrictions], Nintendo may render the Nintendo Account Services and/or the applicable Nintendo device permanently unusable in whole or in part...." There are probably other reasons that Nintendo has and will justify bricking game consoles, but here are some that we have seen reported: — "Tampering" with hardware or software in pretty much any way; — Attempting to play a back-up game; — Playing a "used" game; or — Use of a third-party game or accessory... Nintendo's promise to block a user from using their game console isn't just an empty threat: it has already been wielded against many users. For example, within a month of the Switch 2's release, one user unknowingly purchased an open-box return that had been bricked, and despite functional hardware, it was unusable for many games. In another case, a user installing updates for game cartridges purchased via a digital marketplace had their console disabled. Though it's unclear exactly why they were banned, it's possible that the cartridge's previous owner made a copy and an online DRM check determined that the current and previous owner's use were both "fraudulent." The user only had their console released through appealing to Nintendo directly and providing evidence of their purchase, a laborious process. Nintendo's new console banning spree is just one instance of the threat that nonfree software and DRM pose to users. DRM is but one injustice posed by nonfree software, and the target of the FSF's Defective by Design campaign. Like with all software, users ought to be able to freely copy, study, and modify the programs running on their devices. Proprietary software developers actively oppose and antagonize their users. In the case of Nintendo, this means punishing legitimate users and burdening them with proving that their use is "acceptable." Console users shouldn't have to tread so carefully with a console that they own, and should they misstep, beg Nintendo to allow them to use their consoles again.
  
  
  Read more of this story at Slashdot.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

• Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
  OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
  
  The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
  

• Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation.
  Exciting news! The Tazama project is officially a Digital Public Good having met the criteria to be accepted to the Digital Public Goods Alliance ! Tazama is a groundbreaking open source software solution for real-time fraud prevention, and offers the first-ever open source platform dedicated to enhancing fraud management in digital payments. Historically, the financial [0]
  
  The post Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation. appeared first on Linux.com.
  

• Xen 4.19 is released
  Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
  
  The post Xen 4.19 is released appeared first on Linux.com.
  

• Advancing Xen on RISC-V: key updates
  At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]
  
  The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• The 12 best last-minute Christmas gifts for 2025 that will arrive by December 24
  We’re almost out of time — the holidays are just about here, and if you’re still doing your holiday shopping, you’re not alone. Between wrapping things up at work before some well-deserved time off and making sure you have everything you need to host family and friends, it can be hard to find the time to go shop for some gifts. And if you’re going to physical stores right now, you’re probably being met with half-empty shelves. But the internet remains an option, even this late in the game: you still have time to buy holiday gifts online.
  
  USPS,UPS andFedEx have laid out their holiday shipping deadlines for 2025. At this point, we recommend picking up small, affordable gifts that will ship quickly from retailers likeAmazon,Walmart andTarget so you have plenty of time to wrap them up nicely and make it look like you had everything well-planned from the start. Here are the best last-minute Christmas gifts you can get right now and still have in time before the holidays.
  Best last-minute Christmas gifts
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  Holiday shipping deadlines for 2025
  USPS: Ground Advantage — December 17, Priority Mail Express: December 20
  
  UPS: Three-Day Select — December 19, Next Day Air — December 23
  
  FedEx: Ground Economy — December 15, First Overnight — December 23
  
  Amazon Prime: December 23
  
  Check out the rest of our gift ideas here.
  This article originally appeared on Engadget at https://www.engadget.com/the-12-best-last-minute-christmas-gifts-for-2025-that-will-arrive-by-december-24-140037753.html?src=rss

• You can now tweak how warm and enthusiastic ChatGPT's responses are
  OpenAI gave its AI chatbot a professional makeover with the latest GPT-5.2 release, and some users are already complaining about its tone. For anyone who9s finding ChatGPT rude or sassy, OpenAI has some welcome news since it9s letting users further customize its personality with extra warmth or enthusiasm. 
  You can now adjust specific characteristics in ChatGPT, like warmth, enthusiasm, and emoji use.
  
  Now available in your "Personalization" settings. pic.twitter.com/7WSkOQVTKU
  — OpenAI (@OpenAI) December 19, 2025
  In a post on X, OpenAI revealed that users can adjust characteristics under new Warm, Enthusiastic, Header & Lists and Emoji options found in the Personalization settings. Between the four options, you can choose between more, less or default to fine-tune exactly how you want ChatGPT to sound in its responses. These new characteristics come about a month after OpenAI added Professional, Candid and Quirky options to GPT-5.1 under the "Base style and tone" setting that9s also found in the Personalization tab.
  
  The latest customizations likely stem from the fiasco that OpenAI faced earlier this year when it rolled out GPT-5 to replace GPT-4o. The outcry from users revolved around the latest update sounding less conversational and friendly, leading OpenAI to offer the option to choose between models and promising to make GPT-5 feel warmer.
  This article originally appeared on Engadget at https://www.engadget.com/ai/you-can-now-tweak-how-warm-and-enthusiastic-chatgpts-responses-are-204003009.html?src=rss

• GuliKit's $20 mod makes the ROG Xbox Ally's joysticks drift-free
  There may not be any reports of stick drift with the ROG Xbox Ally yet, but that doesn9t mean there won9t be. If you9d rather not end up with joysticks that have a mind of their own, GuliKit revealed its latest TMR Electromagnet Joystick Modules made specifically for your Xbox handheld.
  
  GuliKit said it worked directly with Asus to develop these joystick upgrades, which match the exact dimensions of the ROG Xbox Ally and Ally X9s stock sticks. The aftermarket accessories company previously designed a Hall effect joystick upgrade kit for the ROG Ally X, but GuliKit said this mod features electromagnetic joysticks that not only address stick drift but are also more precise, durable, and power-efficient. GuliKit even made the joystick upgrades easy to install since there9s no soldering required, and you can fine-tune the calibration in the handheld9s system settings.
  
  It may feel excessive to spend more money on a gaming handheld that can cost up to $1,000, but neither the ROG Xbox Ally nor Ally X comes with Hall effect or electromagnetic joysticks. GuliKit9s joystick upgrade is already available to US customers on its Amazon storefront for $19.99. 
  This article originally appeared on Engadget at https://www.engadget.com/gaming/xbox/gulikits-20-mod-makes-the-rog-xbox-allys-joysticks-drift-free-190521030.html?src=rss

• A San Francisco power outage left Waymo's self-driving cars stranded at intersections
  Several of Waymo9s autonomous vehicles were seen stuck in the middle of San Francisco streets following a significant power outage that took out the city9s traffic lights. Waymo responded to the power outage by suspending its ride-hailing services in the city, but images and videos on social media showed the self-driving taxis stopped at intersections with hazard lights on.
  
  "We have temporarily suspended our ride-hailing services in the San Francisco Bay Area due to the widespread power outage," Suzanne Philion, a spokesperson for Waymo, told Engadget in an email. "Our teams are working diligently and in close coordination with city officials, and we are hopeful to bring our services back online soon."
  
  The power outage was attributed to a fire at one of Pacific Gas & Electric (PG&E)9s substations. The incident began sometime on Saturday morning, which PG&E said affected approximately 130,000 customers. As of Sunday morning, the Californian power company said its crews have restored power to about 110,000 of those customers, while working on the remaining 21,000 customers in "the Presidio, Richmond District, Golden Gate Park and small areas of downtown San Francisco."
  
  Waymo hasn9t provided an explanation as to why the power outage left its autonomous cars stranded in San Francisco streets, but this episode may have revealed a notable fault with the Waymo Driver system. Waymo indicates on its website that its autonomous driving system "responds to signs and signals, like traffic light colors and temporary stop signs," which could indicate that the self-driving cars struggled with the out-of-order street lights. Tesla9s CEO, Elon Musk, also saw an opportunity to chime in on X, posting that "Tesla Robotaxis were unaffected by the SF power outage."
  This article originally appeared on Engadget at https://www.engadget.com/transportation/a-san-francisco-power-outage-left-waymos-self-driving-cars-stranded-at-intersections-172316970.html?src=rss

• The best subscription box gifts for 2025
  Subscription boxes are the rare gift that keeps its charm long after the wrapping paper is gone. You make the choice once, but the surprises keep landing on their doorstep for months after that. For anyone who loves the buzz of a delivery, these are gifts that extend the season well past December. Each box on this list combines a bit of discovery with something tangible, such as gadgets, books, collectibles, snacks or clever projects. Some appeal to hardcore hobbyists, others to the curious or the comfort seekers, but all offer that same spark of delight that comes from unboxing something unexpected. If you want a present that’s part experience, part surprise and fully enjoyable, this is a solid place to start.
  Best subscription box gifts
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  Check out the rest of our gift ideas here.
  This article originally appeared on Engadget at https://www.engadget.com/the-best-subscription-box-gifts-for-2025-130037236.html?src=rss

• The 11 best gifts under $25 for 2025
  So you want to give someone a gift but you don’t have a ton of cash to spare. Don’t fret because first, you’re not alone, and second, there are tons of options to choose from. Especially if you’re looking in the tech space, it can feel especially daunting to find a gadget that’s affordable but also worth gifting — in other words, not a piece of junk that will eventually take up residence at the bottom of a drawer. But you don’t have to drain your wallet to get someone a cool gadget that will both be useful and make their lives easier. We’ve collected our favorite pieces of tech under $25 that make great gifts and help you to stick to a budget.
  Best gifts under $25
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  Check out the rest of our gift ideas here.
  This article originally appeared on Engadget at https://www.engadget.com/computing/accessories/the-11-best-gifts-under-25-for-2025-140042203.html?src=rss

• Governor Hochul signs New York's AI safety act
  New York governor Kathy Hochul signed legislation on Friday aimed at holding large AI developers accountable for the safety of their models. The RAISE Act establishes rules for greater transparency, requiring these companies to publish information about their safety protocols and report any incidents within 72 hours of their occurrence. It comes a few months after California adopted similar legislation. 
  
  But, the penalties aren9t going to be nearly as steep as they were initially presented when the bill passed back in June. While that version included fines of up to $10 million dollars for a company9s first violation and up to $30 million for subsequent violations, according to two other pieces of AI legislation earlier in December that focused on the use of the technology in the entertainment industry. At the same time, President Trump has been pushing to curb states9 attempts at AI regulation, and signed an executive order this month calling for "a minimally burdensome national standard" instead.
  This article originally appeared on Engadget at https://www.engadget.com/ai/governor-hochul-signs-new-yorks-ai-safety-act-220503930.html?src=rss

• Sony's first EV with Honda will let you remotely play PS5 in your car
  Faraway road trips just got a lot easier, at least for the passengers. Sony Honda Mobility, the joint venture between the two Japanese conglomerates created to produce electric vehicles, announced that its Afeela EV will come with PS Remote Play. While playing video games in a car may be a niche feature, it means drivers will have something to do when parked, and passengers can chip away at their favorite RPGs during long drives.
  
  According to the announcement, the Afeela will be able to run your PS5 and PS4 consoles remotely through the infotainment system9s integrated display. You can even grab your DualSense controller from home and get right back into the game after jumping in your Afeela. Sony Honda Mobility said a 5Mbps broadband connection is required to play, and a 15Mbps rate will deliver a smoother experience.
  
  It9s not the first time we9re hearing about PS Remote Play in an EV. The joint venture previously showed off the Afeela 1, which is set for its first deliveries in 2026, and its ability to remotely play PlayStation titles at CES 2024. As for gaming in EVs overall, Tesla famously offered Steam support for its Model S and X, but later removed this feature.
  This article originally appeared on Engadget at https://www.engadget.com/transportation/evs/sonys-first-ev-with-honda-will-let-you-remotely-play-ps5-in-your-car-202359091.html?src=rss

• Game publisher says cheaper Switch 2 cartridges are coming in since-deleted post
  Gamers who prefer physical copies of their favorite titles may be getting a major win with the Switch 2. In an unexpected announcement from retro video game publisher ININ Games, Nintendo reportedly has "two new smaller cartridge sizes" for its Switch 2 console. For ININ Games, these rumored game cartridges with smaller storage capacity allow the publisher to recalculate production costs and pursue a physical Switch 2 release of its upcoming R-Type Dimensions III.
  
  ININ Games later deleted its posts mentioning these smaller Switch 2 cartridges and issued a correction on its website and social media pages. However, the publisher reiterated that R-Type Dimensions III will be released on a physical cartridge, but that "no further technical details regarding cartridge specifications have been officially confirmed."
  
  "There has been no official announcement or confirmation from Nintendo concerning cartridge storage capacities," ININ Games said in a statement. "Any references to specific storage sizes should not be interpreted as official information from Nintendo."
  
  If we9re reading between the lines, ININ Games may have been early to tease a crucial detail about Switch 2 cartridges that Nintendo wasn9t officially ready to reveal yet. For more context, Nintendo reportedly only offers physical game cartridges for Switch 2 with a 64GB capacity. With less demanding games like R-Type Dimensions III, that much storage capacity could be unnecessary and raise production costs. Nintendo still hasn9t made an announcement about these potential smaller cartridges, but we could see a lot more game publishers opting for physical copies of their upcoming games if they are indeed an option.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/nintendo/game-publisher-says-cheaper-switch-2-cartridges-are-coming-in-since-deleted-post-191145230.html?src=rss

• Valve discontinued the last remaining LCD model of the Steam Deck
  If you still haven9t bought into the Steam Deck craze, it9ll cost you a little extra to take the plunge now since Valve is only offering OLED models. Valve announced in a note on its Steam Deck page that it9s "no longer producing the Steam Deck LCD 256GB model," adding that "once sold out, it will no longer be available." As of this article9s publishing, the $399 Steam Deck with LCD and 256 GB of storage, which we ranked as the best gaming handheld for most, is out of stock. Even Valve9s refurbished stock of LCD models has been cleared out.
  
  The OLED version of the Steam Deck is a worthy upgrade since it comes with a longer battery life and a larger display with a higher refresh rate. However, the LCD model offered an impressive entry price for the Steam Deck and the world of affordable gaming handhelds. Fortunately for existing owners, Valve said it plans to continue supporting the LCD models with future software updates.
  
  For now, potential buyers will have to choose between the new entry-level pricing of $549 for the OLED model with 512GB of storage or upgrading to 1TB and paying at least $649. Valve9s choice to discontinue its last remaining LCD model isn9t surprising after it did the same with the 512GB version and the 64GB option that was available when the Steam Deck was first released in 2022.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/valve-discontinued-the-last-remaining-lcd-model-of-the-steam-deck-171548195.html?src=rss

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice