Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All/All+Images) (Single Column)

LWN.net

  • Seven stable kernels for Saturday including two security fixes
    Greg Kroah-Hartman has announced the release of the 7.1.3, 6.18.38, 6.12.95, 6.6.144, 6.1.177, 5.15.211, and 5.10.260 stable kernels. Several kernelsin this batch include afix for a vulnerability introduced in the 6.0 kernel in IPv6 (CVE-2026-53362),which couldallow an attacker to escape a container and gain root access.

    There is also afix for a use-after-free bug in KVM (CVE-2026-53359)that was introduced in the 2.6.36 kernel. As usual, each stable kernel includesa number of fixes throughout the tree. Users are advised toupgrade.



  • Four vulnerabilities in Guix
    The GNU Guix project has announcedthree vulnerabilities in the guix substitute utility as wellas a fourth that affects the guix pull and guixtime-machine commands. The impact of the vulnerabilities ranges from remote privilegeescalation to local disclosure of sensitive files.

    The remote exploitation of guix substitute only requires that thevulnerable system attempt to download a binary substitute. Anyconfigured substitute server, including ones discovered usingguix-daemon's --discover option, can exploit this, and so can aman-in-the-middle (MITM), regardless of whether https is used in thesubstitute server urls.

    The local exploitation of guix substitute only requiresthe ability to connect to guix-daemon's socket, which by default anyuser can do.

    Separately, another security issue (CVE ID pending) was identifiedin guix pull and guix time-machine, which enables anyone who cancontrol the channels file used by these commands to cause a file to becreated or overwritten wherever the user running the command inquestion has permission to create them.

    The project is recommending that all users upgrade guixand guix-daemon immediately. See the announcement forinstructions, how to test for the vulnerabilities, the disclosuretimeline, and more.



  • [$] Limiting negative dentries
    A number of problems related to negative directory entries (dentries) werethe topic of a filesystem-track session atthe 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit. Negative dentries areused to indicate that a file of a given name does not exist in a directory;it is an optimization that short-circuits the lookup of the file name whenthe answer is already known.Miklos Szeredi led asession that discussedsome problems that come from having too many negative dentries for adirectory.


  • Security updates for Friday
    Security updates have been issued by AlmaLinux (389-ds-base, bind9.18, evince, fence-agents, freerdp, frr, frr10, gimp, gnutls, hplip, jmc, mariadb:11.8, mysql:8.4, php:7.4, postgresql-jdbc, postgresql:15, postgresql:16, valkey, xorg-x11-server, and xorg-x11-server-Xwayland), Debian (fastnetmon), Fedora (7zip, apptainer, cpp-httplib, mysql8.4, and nmap), Oracle (freerdp, giflib, glib2, glibc, kernel, libreoffice, libvirt, mariadb:10.11, postgresql, python3.11, python3.12, rrdtool, and thunderbird), Red Hat (buildah, podman, and skopeo), SUSE (alloy, apache2, buildah, c3p0, containerd, crun, cups, dhcpcd, dnsmasq, docker-stable, dracut, editorconfig-core-c, ffmpeg-7, fontforge, google-guest-agent, google-osconfig-agent, graphicsmagick, gstreamer-plugins-bad, gstreamer-plugins-good, helm, jackson-annotations, jackson-core, jackson-databind, jline3, kernel, kubectl-cnpg, lcms2, libslirp, libssh2_org, libxreaderdocument3, openbabel, openssl-3, pacemaker, perl-CGI-Session, perl-list-someutils-xs, python-lxml, python-tornado, python-tornado6, python3-onionshare, python311-python-engineio, sg3_utils, thunderbird, transmission, and trivy), and Ubuntu (cifs-utils, kernel, libvncserver, linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia-tegra, linux-oracle-5.15, linux-raspi, linux-xilinx, nghttp2, nginx, perl, and vim).


  • CalyxOS is back
    In August 2025, the CalyxOS privacy-focusedAndroid distribution announcedthat it was pausing all releases while it reworked itsrelease process, security protocols, and changed its signing keysfollowing the departure of one of its founders. The project has now announcedthat it is "officially back from the hiatus" with the7.2.2.0 release.

    CalyxOS 7.2.2.0 is signed by us using a newHSM-based, open-source signing solution we designed to enhance thesecurity of the entire signing process, ensure redundancy, and removesingle points of failure. You can verify CalyxOS 7.2.2.0 and futurebuilds following theseinstructions. For anyone who is interested, the security auditreport of the HSM provisioning ceremony script can be found here.

    In addition, we also went through significant infrastructureimprovements. In particular, we have set up a cleaner server structureto streamline each release. In response to Google's less frequent AOSPsource code releases, our team developed scripts to reduce theoverhead in applying monthly patches and updates. Please keep in mind,additional manual steps are still needed to compensate for AOSPchanges, such as requesting and storing kernel sources with eachupdate. Currently, our lead engineer is continuing the maintenance ofthe base device trees for both LineageOS and CalyxOS to bridge the gapcreated by the absence of Google Pixel device trees.


  • Kernel archive /pub tree restoring
    A few astute observers have noticed that somecontent on kernel.org had disappeared and were understandablyconcerned. Konstantin Ryabitsev has provided an update viasocial.kernel.org:
    There was an unfortunate error while changing the kernel.orgprimary/secondary mirroring infrastructure, which resulted in the /pubtree suddenly becoming empty. No data was lost, just public mirrorcopies. Everything is now being restored, but deletes are fast andrestores are slow, so thank you for your patience!
    The incident isbeing tracked on the Linux Foundation's IT status page.



  • Spoofed email from LWN
    We were made aware today of an email sent to a reader that wasspoofed to appear to be from LWN. The message claimed, among otherthings, that we were providing personal information about the readerto another site user. As is explained in our privacy policy we do not,and would not, provide such information.

    If any other readers have received an odd message from LWN, it isan attempt at a hoax; if in doubt, please check the DKIM header of theemail. Any email that does come from LWN will have a proper DKIMsignature in its headers.

    If you receive such a message, please feel free to send it to us,with its headers intact. But to reiterate, we are not providing anyuser information upon request, nor banning any accounts. We hope thiswill not be a recurring problem.



  • Fedora Council proposes pausing Community Initiatives
    Aoife Moloney has, on behalf of the Fedora Council, posted anannouncement that the Fedora Council is "proposing we pause theCommunity Initiatives process as an official project process"because it has decided the current process is ineffective. It is alsoclosing discussion regarding the AI developer desktopinitiative covered by LWN in May.

    The Fedora Objectives/Initiatives framework was never intended as amandatory prerequisite to do the work in Fedora. It supposed to helpby focusing the community on a certain work when needed, not to decidewhat is allowed. The AI developer desktop initiative proposalhighlighted that the Community Initiatives process has failed to serveas a good framework in Fedora where new ideas can surface, receiverespectful feedback, and gain Council support for work that fits theproject's present and/or future. This is something that the Councilmust address.

    As a first step, we would like to halt the community initiativeprocess immediately. Existing initiatives in flight (Fedora Forge,Atomic, and Fedora Docs 2026) will continue with full Councilbacking. Their underlying work will be completed as planned in theircurrent timeboxed state, though the administrative framework aroundthem may evolve.As a second step, we would like to work out a new mechanism to allowCouncil to set strategic direction in an open, transparent way thatmore intentionally includes the community voice. We recognise that wehave to be better at being more open in our discussions and decisionmaking.

    The council is considering the "sandbox" proposal as analternative or supplement to a process that replaces the CommunityInitiatives.



  • [$] Two LLM-assisted memory-management patch sets
    The kernel community (like many other free-software projects) has recentlyseen a large influx of patches developed with the assistance of largelanguage models (LLMs). Those patches tend to come from developers whowere previously unknown to the community. At the moment, though, thememory-management developers are evaluating two large patch sets, developedwith LLM assistance, that were submitted by established and well-respecteddevelopers. The rather different reception accorded to that work may giveinsights into how LLM-generated contributions will be handled goingforward.


  • Security updates for Thursday
    Security updates have been issued by AlmaLinux (giflib, kernel, mariadb:10.11, mod_http2, php, rrdtool, ruby, ruby:3.3, and ruby:4.0), Debian (jq and node-lodash), Fedora (caddy, hut, ipp-usb, kernel, opkssh, rclone, thunderbird, and transmission), SUSE (389-ds, 7zip, alsa, amazon-ecs-init, avahi, cadvisor, cosign, cups, dnsdist, docker, dracut, firefox, firewalld, giflib, glib-networking, glycin-loaders, google-cloud-sap-agent, google-guest-agent, gsasl, hauler, helm, ImageMagick, kernel, keylime, krb5, libaom, libexif, libgcrypt, libnfs, libssh2_org, loupe, lrzip, mutt, ncurses, nodejs22, openCryptoki, openssh, openssl-3, pacemaker, perl-Config-IniFiles, perl-CSS-Minifier-XS, perl-DBI, perl-JavaScript-Minifier-XS, perl-libwww-perl, postfix, python-click, python-idna, python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve, python-pip, python-pytest-html, python-python-dotenv, python-python-multipart, python-starlette, python-tornado6, python-zeroconf, python311, python311-jupyter-server, rpcbind, sed, sg3_utils, tar, tiff, and util-linux), and Ubuntu (kernel, linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-realtime, linux, linux-aws, linux-aws-fips, linux-gcp, linux-gcp-fips, linux-ibm, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-realtime, linux-realtime-6.8, linux-oem-6.17, and linux-oem-7.0).



LXer Linux News






  • GNOME Mutter GPU Reset Recovery Becoming A Reality
    While typically quite rare encountering a GPU reset under Linux in most conditions, currently if encountering one under GNOME your session gets wiped out. But thanks to a Google Summer of Code "GSoC" project this year, GNOME's Mutter compositor is finally seeing real GPU reset recovery handling...


  • PorteuX 2.6 Released with Linux 6.19, TLP Support, and Smarter Hardware Optimization
    The PorteuX project has officially released PorteuX 2.6, bringing a new round of updates to the lightweight Slackware-based Linux distribution. Designed to be fast, portable, modular, and immutable, PorteuX continues to appeal to users who want a complete desktop operating system that can run efficiently from a USB drive or other removable media. The latest release introduces a newer Linux kernel, improved power management, updated desktop environments, and numerous performance and usability improvements.


  • NVIDIA VR-NVL BMC Device Tree Being Upstreamed For OpenBMC Support
    NVIDIA's latest Linux kernel mailing list patches are for providing the Device Tree for the baseboard management controller (BMC) of their Vera Rubin VR-NVL server platform. With the Linux kernel patches and also for U-Boot, it's part of the upstreaming effort for supporting the open-source OpenBMC software on their latest hardware...



  • Coreboot + AMD openSIL On MSI Ryzen Motherboard Now Works With Windows 11
    With 3mdeb's Dasharo port of AMD openSIL and Coreboot running on the Gigabyte EPYC motherboard, 3mdeb engineers have been devoting more time to their bring-up of Coreboot+openSIL on the MSI PRO B850-P consumer motherboard for desktop AMD Ryzen. They now even have Microsoft Windows 11 working atop this open-source firmware alternative along with other features implemented...


Linux Insider"LinuxInsider"












Slashdot

  • New DNA Tech Identifies Soldier Killed in America's Revolution in 1780
    South Carolina's pine forests "have spent centuries hiding a secret as old as America itself," reports CBS News:In August 1780, British and American soldiers clashed there, leading to a terrible defeat for the Continental army [fighting for the 13 colonies rebelling against England]. Battlefield archaeologists Jim Legg and Steve Smith have been studying the site for decades, but recently, they made a shocking discovery: The sandy soil was home to several sets of remains buried in shallow graves. Metal buttons suggested the men had been Continental soldiers, but there was no other identification... About 2,000 Continental soldiers were killed, wounded or captured, and some men never returned home. Their families could only guess at their fates. But Legg and Smith's discovery, paired with an explosion in DNA technology, is changing what's possible. A set of remains, previously known only as 9B, has been identified as John Pumphrey, a young man from Maryland who enlisted in the Continental Army's 7th Maryland Regiment as young as 13... Pumphrey likely marched more than a thousand miles with the regiment. The unit fought in battles with then-Gen. George Washington in New Jersey and Pennsylvania. Pumphrey likely marched more than a thousand miles with the regiment. The unit fought in battles with then-Gen. George Washington in New Jersey and Pennsylvania. In late June, members of the extended Pumphrey family came together to hear his story and say his name for the first time in centuries. His remains are interred in South Carolina, where he and the other soldiers were discovered, but the tombstone, once marked "Unknown," will soon have his name carved on it.


    Read more of this story at Slashdot.


  • 842,000 American Households Lost Power Today During a Heatwave
    As America began celebrating its 250th birthday Saturday, 842,000 homes reported power outages, notes ABC News. Figures from tracking site PowerOutage showed states in America's Northeast and Midwest were impacted by severe weather and extreme heat.That number, which will fluctuate throughout the day as crews work to restore power, is for households, meaning that the number of people impacted by these outages is likely to be much larger... Millions of Americans, however, will be contending with a heatwave that is blanketing much of the country, including in Philadelphia where the Salute to Independence Semiquincentennial Parade that had been set for Friday was canceled due to the dangerous heat wave, according to Philadelphia ABC station WPVI. Elsewhere, America's Independence Day Parade, which was scheduled for 10:30 a.m. on July 4 in downtown Washington, D.C. was canceled by organizers late Friday evening due to the extreme heat in the District of Columbia... Amtrak announced it will be canceling a number of trains due to heat-related conditions. The outages seemed to last throughout the day, with 790,103 household outages still in effect by 4:30 p.m. EST. Ironically, the power outages hit several American states that were among the country's original 13 freedom-declaring colonies, including New Jersey (143,072 outages), Pennsylvania (40,944 outages), and Virginia (27,392 outages). CNBC adds that America's largest power grid operator said Friday "it was under a federal alert to cut electricity consumption across its territory as it battled generator outages, massive overloading on its transmission lines and a surge in air conditioning use from prolonged sweltering heat."PJM said it told utilities to reduce electricity to customers who are under contract to reduce consumption during emergencies. PJM serves 67 million people in the Mid-Atlantic, South and Washington, D.C., area. Spot wholesale electricity prices in northern Virginia, home to the largest collection of data centers in the world, have surged beyond $2,000 per megawatt hour this week. That compares to about $40 per MWh when PJM is not in distress.


    Read more of this story at Slashdot.


  • Did Microsoft Shift Its Profits to Low-Tax Countries?
    Microsoft is apparently shifting its profits to countries with low taxes — and out of countries where they have many more employees and significant sales. Back in 2005 Former Microsoft CEO Steve Ballmer even said that a low corporate tax rate "is part of the overall advantage of doing business in Ireland," remembers long-time Slashdot reader theodp. (Ballmer added "It would be disingenuous to say otherwise.") But in 2026 the EU now requires a country-by-country compliance report, and the New York Times notes that Microsoft "was most likely the first major U.S. technology company to make a so-called country by country report of its finances to comply..." Like other big companies, Microsoft uses transactions between subsidiaries to shift profits around to reduce its tax bill. The report revealed a consistent pattern: high returns in low-tax jurisdictions and slim margins in higher-tax ones. The report showed the sometimes absurd results. Microsoft said it had generated almost 40 percent of its pretax income in tax-friendly Ireland, where it employed about 3 percent of its global work force. In higher-tax Germany, the largest economy in Europe, Microsoft earned barely half of 1 percent of its global profits, it said. Excluding Ireland, the company said, it generated less than 2 percent of its worldwide pretax earnings in Europe... [In Luxembourg Microsoft said it had $283 million in pretax income with only 34 employees.] [America's] Internal Revenue Service is challenging profit-shifting transactions used by Microsoft, and is seeking back taxes of nearly $29 billion4. The company has said it disagrees with the I.R.S. and said in a securities filing that it "will vigorously contest" the proposed tax bills. This week a Microsoft blog post offered their own "context," arguing that tax is "one important measure of contribution, but it is not the only one. "Our investments, partnerships, infrastructure, and long-term presence in countries around the world also reflect a commitment to helping strengthen the economies and communities where we operate, today and for the future."


    Read more of this story at Slashdot.


  • FSF Shares Update on 'LibrePhone' and New Automated Site Monitoring Tool
    At the end of 2025, the FSF launched LibrePhone project, which is working to "better understand and reverse-engineer the nonfree blobs used by a great majority of (if not all) system on a chip designs available today." The FSF's summer newsletter shares this update:We started with researching the proprietary files in Android phones supported by the Lineage project, an Android-based volunteer-led mobile phone operating system with much free software already in it. Our current, primary focus is on the radio blobs that control WiFi, Bluetooth, NFC, and cellular communications. The software freedom issues with mobile computing have been around for a long time, with the most challenging issue being the baseband/modem firmware that relies heavily on proprietary software. This creates a technical and legal maze that is nearly impossible to break free from, but that doesn't mean we should ever stop working to create free systems. It certainly doesn't mean we shouldn't liberate the software that we know can be free software. Now, half a year into this project, lead developer Rob Savoye has extracted firmware from over 200 Lineage install packages, processed 85GB of files, and imported the results of these analyses into a PostgreSQL database for cross-device comparison... [M]uch of the software and blobs we need to work through are shared across multiple devices; this means even greater strides for mobile phone freedom... As insurmountable as it may seem at times, every blob we manage to free up will be progress. The FSF has proven time and time again that it can bring the free software philosophy to life, not just by advocating for it, but by making it so. The bulletin also describes how waves of botnets from "aggressive LLM scrapers, vulnerability scanners, poorly optimized CI/CD servers" inspired the FSF to create a new free-as-in-freedom automated monitoring tool:In our efforts to combat the botnets, we optimized several detection rules to ban abusive behavior. We found the upper limit of fail2ban and replaced it with reaction, an efficient alternative with our configuration that uses ipset. We also split several monolithic machines into many separate machines so that when a web service is overwhelmed the other functions of the service do not go down with it... We found quite a few ways to respond to and prevent botnet attacks, but still faced a significant related challenge: communicating when a website or service is down... Uptime Kuma is a human-readable, automated monitoring addition to our systems... You can check out our recently-launched self-hosted Uptime Kuma instance at https://status.fsf.org/. When you see the page, you will also likely say, "Wow! The FSF and GNU sure do run a ton of services!" and you would be right... If you maintain websites and services, and are looking for a simple way to communicate publicly with your users, consider using Uptime Kuma or another free software solution instead of choosing a proprietary monitoring solution." There's also an article on the state of free-as-in-freedom videogame console emulators.


    Read more of this story at Slashdot.


  • AOL's Owner Bending Spoons Hits Wall Street with $1.7 billion IPO
    "The owner of AOL and other tech businesses hit Wall Street with a $1.7 billion initial public offering Wednesday," reports the Associated Press:The company is getting $1 billion in proceeds, while the rest is going to shareholders. The stock surged 39.7% in its first day of trading under the symbol "BSP" on the Nasdaq, giving it a market value of $25.2 billion. Among the company's well-known holdings are the event creation and ticketing company Eventbrite, and the video hosting service Vimeo... AOL itself went public in 1992 and was a vanguard of technology and communication. It reached a market value of $164 billion in 2000 shortly before merging with Time Warner. It then crashed along with the rest of the industry following the bursting of the dot-com bubble. It has been bought and sold several times over the last two decades... [Italy-based Bending Spoons] was founded by three friends in 2013 following the failure of their first attempt at building a technology startup. It has since grown by buying more than 50 companies. The acquired companies are reorganized, and AI technology is often a key tool in the redesign. The focus remains on subscription-based revenue from the portfolio of businesses. The company said it had net income of $27.5 million on revenue of $601 million during the first three months of 2026. It had more than 500 million monthly active users and 9 million monthly paying customers as of March. The company has debt of just under $4.4 billion. It plans to use proceeds from the offering to invest in new acquisitions. The article notes that in the company's prospectus, it says they chose the name Bending Spoons because "We were about to attempt to create a world-class company with $40,000, a team of five, and a track record that read 0 for 1. A touch of irony seemed appropriate."


    Read more of this story at Slashdot.


  • EchoStar's US Satellite Pay-TV Provider Dish DBS Files for Bankruptcy
    EchoStar's satellite pay-TV unit Dish DBS has filed for Chapter 11 bankruptcy protection, reports Reuters. The move also applies to its wireless subsidiaries, according to the article, and "facilitates the wind-down of Dish Wireless's 5G network operations following an unexpected delay in a spectrum license sale to AT&T... under which EchoStar agreed to sell about 50 megahertz of its nationwide spectrum for $23 billion." Some context from Deadline.com:Charlie Ergen, who co-founded EchoStar and Dish, recently returned as chairman and CEO to steer the company through its recent challenges...Even prior to the merger, Ergen had been working to pivot from the pay-TV business, where Dish now has just 5 million subscribers and streaming sibling Sling TV has another 2 million, toward wireless telecom. With wireless spectrum hitting the market due to the Sprint-T-Mobile merger and then Elon Musk's Starlink looking to ramp up in the sector, it seemed more attractive than the cord-cutting-ravaged pay-TV business. But it is still entails plenty of risk, especially given how tightly regulated the spectrum is due to security concerns. Thanks to long-time Slashdot reader schwit1 for sharing the news.


    Read more of this story at Slashdot.


  • Decades-Old Bash Tricks Expose AI Coding Agents To Supply Chain Attacks
    Slashdot reader wiredmikey writes: AI security researchers have uncovered a structural security flaw dubbed GuardFall that allows decades-old Bash shell tricks to bypass safeguards in most open source AI coding agents. By exploiting shell behaviors such as quote removal and variable expansion, attackers can hide malicious commands in repositories, README files, Makefiles, or other content consumed by AI agents. If executed — particularly in auto-approve or CI environments—the commands can steal credentials, compromise developer systems, or enable software supply chain attacks. According to researchers at Adversa AI, the 11 popular open source AI coding agents tested, only one successfully blocked all of the Bash trick techniques.


    Read more of this story at Slashdot.


  • What Is a Quantum Computer Good For? Absolutely Nothing - Yet
    The Verge argues that researchers "have made genuine progress in quantum computing — it's just been largely incremental and too esoteric to immediately capture the public's imagination." And there are predictions that quantum computers will finally do something useful as soon as 2028:The drama can overshadow the real progress in quantum computing...Researchers have improved the qubits themselves, so they hold onto information longer. When they hold onto information longer, you can fit in more operations and do more complicated algorithms. Last November, Andrew Houck of Princeton University and his colleagues reported that they'd made a superconducting qubit that can hold onto information three times longer than the previous record holder... And in the last two years, researchers have made substantial strides in what's known as quantum error correction... In addition, researchers have developed algorithms to correct errors while the quantum computer operates... Microsoft claimed, which experts dispute, that it made an object made of electrons known as a Majorana particle [which should make fewer errors and be easier to scale up]... "We 100 percent stand behind our results. We stand by our roadmap," Microsoft's quantum lead, Chetan Nayak, responded in an interview with The Verge. In an email statement, he added that Microsoft's "papers do show that we are creating and controlling Majorana [particles]... Microsoft's supporting evidence is unconvincing [according to [Henry Legg, a physicist from the University of St. Andrews and a longtime Microsoft critic]Rnqyq. What it claimed as evidence of a Majorana particle, he says, could actually be due to quantum dots forming in its device. Quantum dots are electron-containing objects that are not useful for Microsoft's quantum computer. It also bases its claim on data from a single device, says Legg. He wants to see Microsoft replicate the results in multiple chips. "If you repeatedly try and find Jesus in your toast, eventually you'll find Jesus in your toast," he says. "But that one piece of toast doesn't mean you had some kind of epiphany." "While we appreciate the religious fervor, our data maintains the strength and consistency of our roadmap, as we have for the past several years across previous milestones. We look forward to delivering the world's first quantum machine and sharing the energy of our achievements with the world," wrote Nayak in response. Past spurious work from Microsoft-affiliated researchers adds to the doubt. In 2021, the journal Nature retracted an article from Microsoft-affiliated researchers in which they'd claimed strong experimental evidence that they'd created a Majorana particle. "Even hopeful experts have varying opinions about when a quantum computer will demonstrate something useful," the article acknowledges. But quantum computing lecturer Eleanor Crane of King's College London predictsresearchers will have demonstrated a useful scientific simulation on a quantum computer by 2028. Thanks to Slashdot reader joshuark for sharing the article.


    Read more of this story at Slashdot.


  • Startup Targets Datacenters With 3D-Printed Nuclear Reactor Module
    Startup Ampera has unveiled what it calls the first 3D-printed nuclear reactor module, built around a silicon-carbide core and pressure vessel designed for a thorium-based microreactor. The company says future systems could deliver 15 or 30 megawatts for up to 30 years without refueling. When The Register asked about availability, their spokesperson said: "We expect the power generation portion of the system to be available as early as 2027, with the nuclear module being available to customers about 2030 based on regulatory approval." From the report: Founder and CEO Brian Matthews revealed the prototype microreactor, which features a fully 3D-printed silicon carbide reactor core and pressure vessel. "This next-generation nuclear core and pressure vessel sets the foundation for factory-built, mass-produced nuclear energy," Matthews said. "The advanced technology and additive manufacturing used demonstrate a clear commercial path for new nuclear technology coming to market in an accelerated manner." His company is developing a subcritical, solid-state, factory-built thorium-based nuclear reactor. Subcritical means the fuel cannot sustain a nuclear chain reaction on its own, which prevents a runaway power excursion. Ampera uses "solid-state" to describe a design with solid rather than liquid fuel. The proposed fuel uses tristructural isotropic, or TRISO, particles, consisting of a fuel kernel containing thorium, surrounded by multiple ceramic and carbon layers. [...] "Thorium is the future for ultra-safe, clean power production," Matthews said at the time. "By producing TRISO thorium kernels in the United States, we can ensure ample access to the needed fuel supply as we scale up and also minimize price volatility risk." Ampera also describes the heart of the reactor as as a spherical monolithic gyroid core. A gyroid, as far as we can fathom, is a complex shape that provides a massive surface area relative to its volume, making it well-suited for heat transfer. Its complexity makes it difficult to produce using conventional manufacturing methods, which is where additive manufacturing comes in. The core is 3D-printed using silicon carbide and designed to operate for up to 30 years without refueling, the firm claims. Ampera says its planned systems will provide 15 or 30 MWe, depending on the configuration, enough to supply a typical datacenter. Larger configurations are planned. Matthews said that his company expects to be the first to industrialize factory-built nuclear power with near-term deployment timelines.


    Read more of this story at Slashdot.


  • Video Game History Foundation Says Piracy Remains the Only Viable Preservation Method
    An anonymous reader quotes a report from TechSpot: Video Game History Foundation founder Frank Cifaldi recently supported claims that piracy is the only effective way to preserve video games. The comments lay the blame squarely on game companies' refusal to keep legacy content available or allow archivists to build legal repositories. Sony's announcement that all PlayStation games will be digital-only from 2028 onward has sparked concern that titles will become harder to preserve and more easily vanish, since the company's servers will become the sole point of distribution. In an official statement, Cifaldi noted that the end of physical PlayStation games has surprisingly little impact on the Foundation's efforts because the majority of games from the last two decades are already digital-only. According to the Foundation, most games nowadays are not released for consoles, let alone on physical discs. Furthermore, many discs for major titles require downloading updates before they are playable, although the DoesItPlay database reveals that, even today, most are playable offline out of the box. Cifaldi claimed that the true reason piracy remains the best option for preservation is that the Entertainment Software Association, which lobbies for game publishers, has closed off other routes. For example, in 2018, the Association opposed efforts to grant copyright exemptions for museums, libraries, and archives to retain copies of abandoned online games for research. This is the same organization that recently helped defeat a proposed California bill to preserve premium-priced online-only games by falsely claiming that community servers are illegal. The Foundation accused the ESA of repeatedly blocking attempts by cultural heritage institutions to reform DRM legislation. Cifaldi also described the Library of Congress' outdated software preservation process, which currently only requires tiny snippets of source code. For example, Capcom once asked the Foundation to provide the LoC with "the first and last ten pages of code" for a Mega Man game. Unable to discern where digital records began and ended, the group simply chose random segments. Platform holders' habit of closing online storefronts and removing media from users' accounts is also unhelpful. "What continues to baffle us is what the industry expects institutions like ours to do about it," the Video Game History Foundation said. "If platform owners are deciding to eliminate physical media and older digital storefronts, then we'd also like to see trade groups like the Entertainment Software Association offer meaningful solutions for archives and museums to legally preserve digital-only content and make it accessible for research.


    Read more of this story at Slashdot.


www.theregister.com - Articles












Linux.com


  • From DHCP to SZTP – The Trust Revolution
    By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]

    The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.










Phoronix

  • FEX 2607 Optimizing For Yet-To-Be-Released ARM 256-bit SVE2 Hardware
    The FEX Emulator that allows running Linux x86/x86_64 software on ARM64 (AArch64) systems, including the likes of Wine / Valve's Steam Play (Proton) for Windows gaming on ARM, is out with its newest monthly feature release. The Valve-backed project for running x86_64 games and other software on ARM for the upcoming Steam Frame and other more typical ARM Linux systems has been baking more optimizations and improvements...



  • 4K @ 60 FPS USB Video Capture Finally Becomes Less Problematic On Linux
    One area of Linux hardware testing I haven't explored much in many years has been modern USB video capture for the lack of said hardware. The last time I did much video capturing on Linux was during the Hauppauge PCI card days. It turns out though that USB video capture of 4K 60 FPS content has been a pain point under Linux but is finally smoothing out with newer versions of the Linux kernel...


  • Phoronix Premium Summer Sale To Help Support Linux Hardware Testing
    For those that missed Phoronix turning 22 years old last month when running a special to help support the site, a few readers mentioned recently they missed out on seeing the deal in time. Paired with the US Independence Day holiday and summer sales elsewhere, now through 10 July is a Phoronix Premium summer sale if wishing to view the site ad-free while supporting the daily open-source/Linux news coverage and relentless Linux hardware testing...


  • GNOME Lands ext-background-effect-v1 Support For Background Blur Effect
    Added to the Wayland Protocols repository back in May of 2025 was the ext-background-effect-v1 protocol for background blur that had been under discussion since early 2024. The initial focus is on being able to apply a blur effect on a window's background or otherwise a specified screen region. GNOME 51 has now merged support for ext-background-effect-v1 with the latest Mutter code...


  • Linux 7.3 Adding More Graphics PCI IDs For Intel Nova Lake S
    In addition to this week's drm-intel-next pull request beginning to lay out the Intel kernel graphics driver changes for Linux 7.3, the first drm-xe-next pull request was sent out on Friday. Intel Nova Lake enablement remains the hot area for the Intel GPU driver code...




  • GNOME Mutter GPU Reset Recovery Becoming A Reality
    While typically quite rare encountering a GPU reset under Linux in most conditions, currently if encountering one under GNOME your session gets wiped out. But thanks to a Google Summer of Code "GSoC" project this year, GNOME's Mutter compositor is finally seeing real GPU reset recovery handling...




Engadget"Engadget - Technology News & Expert Reviews"











OSnews

  • ReactOS implements very first NT6 system call
    A fairly big moment for the ReactOS project: it has just received its very first system call from NT6. The system call that has been added is NtGetCurrentProcessorNumberEx, which is used for returning the processor number of the logical processor that a caller is running on. It’s unclear how long it will take ReactOS to become compatible with Windows Vista software, but it took Microsoft around half a decade to develop Vista after the release of XP and marked a major upgrade, even if it didn’t land well with users at the time. ↫ Paul Hill at Neowin Its a milestone for sure, but not one thats going to make a huge difference for ReactOS at this moment in time. Still, its a sign of things to come, even if the very nature of the ReactOS project means that whatever things are coming tend to take a while to arrive.


  • Microsoft settles centuries of religious debate by providing clearest definition of hell to date: Windows with a website-based shell running only Copilot
    For how often people invoke it, the concept of hell! in Christianity is remarkably vague and nebulous, as both the Old and New Testament barely go into detail about the concept. As such, Im glad Microsoft has now given us a clear vision of hell and what, exactly, it looks like, ending centuries of denominational disagreements. Microsoft is currently selling the idea of Windows and Copilot as two separate things: an OS and an assistant riding along on top of it. However, a leaked video shows Project Aion, an internal prototype where Copilot doesnt just sit inside Windows, it becomes Windows, swallowing the Start menu, the taskbar, and three decades of desktop conventions in the process. The footage is reportedly two years old, so Aion is most likely dead by now. But its the clearest look yet at how far Microsoft was willing to take its agentic AI ambitions. ↫ Alfonso Maruccia at Techspot Everything about this is dreadful. Obviously replacing the entire shell with AI! nonsense is the main crime against usability here, but on top of that, this new shell is all just websites, all the way down, so everything is slow and stuttery. Since this runs on something called Win3!, which appears to be a very minimal, stripped-down version of Windows intended to only run the Edge browser engine, you cant run Win32 applications. If you do try to run a Win32 application, it will load the application in a remote virtual machine running in the cloud, which I;m sure does wonder for performance, responsiveness, and latency. We can all thank the lord this project is two years old and most likely cancelled by now, but we have no way of knowing if Microsoft is still intending for this to be the future direction of Windows. Since people dont want to use AI! of their own volition, it only makes sense in the technology industrys sick, twisted mind to force people into using AI! with efforts like this. Consent has never been Silicon Valleys strength, after all. At the time of writing, Microsoft is 225 billion dollars in the red on AI!, so I wouldnt be surprised if attempts to replace the regular Explorer shell with something AI!-based is still very much on the table in Redmond.


  • Vulkan-netbsd brings Vulkan to NetBSD
    NetBSD is the only BSD without a Vulkan stack (Mesa and Lavapipe), but thats about to change. The effort to bring Vulkan to NetBSD is now in beta, with prebuilt binaries coming soon. Mesa configures, compiles, links, installs, and registers the Lavapipe software Vulkan driver on NetBSD 10.1 amd64, against LLVM 19.1.7. The driver (libvulkan_lvp.so, ~17 MB) installs into /usr/pkg/lib, and its ICD manifest (advertising Vulkan API 1.4) installs into /usr/pkg/share/vulkan/icd.d/, so a Vulkan loader on the system can discover it. ldd resolves every dependency cleanly. The entire process — environment setup, dependency builds, the Mesa build, and installation — is automated end to end and reproducible on a fresh install. ↫ vulkan-netbsd GitHub page Its important to note that the next step in the process is to port the Vulkan loader, which is required to actually run Vulkan applications. This entire effort is still ongoing and seems to be handled mostly by Dean Howell alone, so expect breakage and incomplete documentation as development progresses. Still, this is a hugely important effort, and seeing it this far along is great news.


  • EveryMac celebrates 30th birthday
    EveryMac turned 30. On July 2, 1996, EveryMac.com launched. Thirty years is a long time  and a great deal has changed since then  but what has not changed is that EveryMac.com has been there to provide you with detailed info on every Mac from the original 128k to the current line. Thank you very much for your support through the years. ↫ EveryMac news item I thought OSNews was pretty unique with its founding in 1997, so its great to see another enthusiasts website as old as ours. Amazing company to be in, too  EveryMac is an indispensable, tirelessly maintained, and stupidly accurate resource that I use countless times each year. Heres to another 30 years.


  • Android is almost dead
    The clock is ticking for Android as a (somewhat) open platform. If you are running Android 8 or higher, a virus has been installed on your device and is silently awaiting remote activation. Over the past few months, devices around the world have been infected with this novel strain, with as many as 4 billion Android handsets and tablets estimated to have already been contaminated, meaning that around half of all humanity may be at risk from this threat. Disguising itself as the innocuously-titled “Android Developer Verifier” (ADV) process, this trojan horse runs surreptitiously in the background as a system service with full root privileges, quietly awaiting an activation signal. The service cannot be blocked, disabled, or removed. Unlike a commonplace bit of malware, this extraordinary strain won’t be detected and neutralized by Play Protect (the malware scanning and remediation service that is installed on all Android Certified devices). In fact, Play Protect is itself the vector through which this virus is transmitted and installed. That is because it is Google themselves who is propagating ADV. And once activated, this malevolent process has exactly one goal: to block you from running software by developers who haven’t been approved centrally by Google. ↫ The F-Droid news website If nobody steps up, if no regulator takes on Google in this matter, we could very well be looking at the end of F-Droid and similar open source application repositories on Android. I use F-Droid, and in fact, one of the most important and most-used application on my Pixel 10 Pro comes from F-Droid: Fennec. This Firefox fork is not available through any Google-sanctioned means, and I could just wake up one day and have the browser on what is supposed to be my phone stop working. Age verification, tying crucial services to iOS and Google Android, killing the ability to install your own software on your phone, purposefully making people hopelessly addicted to and dependent on AI!, and so much more  were facing a multi-pronged attack designed to beat us into submission and give up on the idea of Free computing. I have to admit Ive lost all hope well be able to win this battle, as the combined interests of technology megacorporations and our own governments are just too powerful to fight. I feel like were living in the computing end times.


  • WinPE as a stateless harness for Windows driver testing and fuzzing
    What if you need to do very low-level testing involving the very guts of Windows NT, but dont need most of the userland that sits on top? In fact, what if that userland only slows you down and complicates the work youre trying to do? The solution is Windows PE (Windows Preinstallation Environment). It is an official, stripped-down environment distributed with every Windows ISO image. It runs entirely in RAM, requires as little as 512 MB of memory, and lacks support for DirectX, the PowerShell subsystem, or the standard graphical shell (Explorer). Booting by default with NT AUTHORITY\\SYSTEM privileges makes it an ideal test harness for both of these tasks. The following analysis focuses on the low-level mechanisms of WinPE, as well as BCD and QEMU modifications that allow transforming this system into an ultra-fast, idempotent testing environment. ↫ Piotr Bednarski Now, the kind of work Bednarski does isnt the most common of tasks, but Ive often wondered just how far you can get by bolting on whatever WinPE will allow you to. There were various unofficial third-party tools that built Windows live CDs based on WinPE, but I think most of those have died out by now. If you look hard enough, you can also find some other utilities people made for WinPE, including even some rudimentary web browsers. Regarding web browsers, modern efforts seem to run into issues. WinPE is not really meant for any advanced functionality, but I really do wonder how capable you can make it without turning it into regular Windows.


  • M/PC: a concatenative operating system for Varvara
    M/PC is a concatenative operating system for Varvara, inspired by Openfirmware, designed to manage files on system without a file browser. It uses the postfix notation, meaning that the function success their operands. ↫ M/PC website Im not going to pretend to really understand what any of this means.


  • OSNews statement on slopcoded operating systems!
    Recently, there has been a surge in slopcoded new/hobby operating systems!. Such slopcoded projects  which, due to the nature of AI! tools, effectively consist of stolen code  will not be featured on OSNews and submitting them is fruitless. Other websites may choose to employ lower standards, as is their prerogative, but OSNews will not. I obviously cannot guarantee nothing will ever slip through the cracks, but I will take utmost care to ensure OSNews remains free of these so-called sloperating systems!. Plagiarism, license-washing, and code theft have no place in the world of enthusiast and hobby operating systems.


  • European digital ID wallets are a gift to Google and Apple
    European governments are rolling out digital identity wallets, which are to be used by citizens to access services, and to verify their age online. As reported by Follow the Money and Android Authority, there is a serious problem with this: these wallets rely on safety services of Google and Apple. These are known as Google Play Integrity API, and Apple’s Managed Device Attestation. Such safety services (known as “remote attestation”) are used to ensure that wallet apps run on hardware that is not tampered with. In this article we explain why the EU-wallet case is part of a bigger problem: by embedding these safety services in public infrastructure, Europe risks making society dependent on private companies while serving their corporate interests. ↫ Danny Lämmerhirt Setting aside the age verification nonsense, the fact that some European government are tying their identification services to iOS and Google Android is absolutely bonkers, especially in this day and age. Theres endless talk about reducing European dependence on the American tech giants who seem all too eager to do roll over when the Trump regime so much as glances in their general direction, and yet, they seem to want to effectively force us citizens to use American tech products. Essential online tools, like banking, government services, communication services, digital drivers licenses, and more, should not require the use of iOS or Google Android.


  • Apple should end their prohibition on shapes in MacOS app icons!
    Theres a lot you can say about macOS, but one thing Apple used to be incredibly good at were making beautifully crafted, detailed icons. As with almost every other aspect of macOS, this deteriorated sharply over the years, with the recent macOS releases with Liquid Glass being an absolute low point. Not only have they become bland and featureless, Apple also started forcing every icons to have the exact same rounded-rectangle shape, making them even harder to distinguish from one another. Rogue Amoeba, a company with a long history of developing applications with beautiful iconography, published a blog post pleading Apple to go back to proper icon design. With last year’s release of MacOS 26 (Tahoe), Apple made a mess of app icons. In the first betas of MacOS 27 (Golden Gate), however, there are signs of a turnaround. We’re urging Apple to continue making improvements, by restoring the ability for MacOS app icons to have distinct shapes. ↫ Paul Kafasis at the Rogue Amoeba blog I really hope Apple will turn its icon ship around.



Linux Journal News

  • EU OS: A Bold Step Toward Digital Sovereignty for Europe
    Image
    A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
    What Is EU OS?
    EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.

    Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
    The Vision Behind EU OS
    The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.

    Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.

    However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
    Conclusion
    EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.

    Source: It's FOSS
    European Union


  • Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

    Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.

    In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.

    On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.

    Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.

    The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.

    Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.

    You can download the latest kernel here.
    Linus Torvalds kernel


  • AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
    Image
    AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.

    This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.

    Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.

    Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.

    Source: 9to5Linux
    AerynOS


  • Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
    Image
    Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.

    Here’s a quick overview of what’s new in Xojo 2025r1:
    1. Linux ARM IDE Support
    Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
    2. Web Drag and Drop
    One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
    3. Direct App Store Publishing
    Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
    4. New Desktop and Mobile Features
    This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
    5. Performance and IDE Enhancements
    Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
    What Does This Mean for Developers?
    Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
    How to Get Started
    Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.

    Download Xojo 2025r1 today at xojo.com.
    Final Thoughts
    With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
    Xojo ARM


  • New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux

    Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.

    Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.

    Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 

    Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.

    Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.

    Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.

    By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
    Windows


  • Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities

    The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 

    As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.

    In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 

    After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.

    The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.

    At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.

    The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
    Security


  • Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges

    The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.

    A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.

    This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 

    The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.

    On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.

    In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
    kernel


  • Linux Celebrates 32 Years with the Release of 6.6-rc2 Version

    Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.

    The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.

    Here is what Linus Torvalds had to say in today's announcement:
    Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds


  • Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction

    Want to interact with ChatGPT from your Linux desktop without using a web browser?

    Bavarder, a new app, allows you to do just that.

    Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.

    With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.

    During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.

    At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.

    As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!

    Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
    ChatGPT AI


  • LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite

    Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.

    Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.

    LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.

    You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.

    All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.

    In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.

    Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.

    The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
    LibreOffice


Linux Magazine News (path: lmi_news)

  • Kubuntu Focus Goes Ultra
    The Kubuntu Focus team has upped the performance ante of its M2 and Zr laptops with the latest, greatest CPUs from Intel.









  • KDE Linux Drops AUR
    KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.



Page last modified on November 17, 2022, at 06:39 PM