|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)

- [$] LWN.net Weekly Edition for July 2, 2026
Inside this week's LWN.net Weekly Edition: Front: Xsnow protestware; Git 2.55; Rhombus; kernel hardening; More LSFMM+BPF coverage; 7.2 merge window; Secure Boot certificate expiration; Ceph and Garage; OSPM 2026. Briefs: Akrites; Mageia 10; Git 2.55.0; Podman 6.0; systemd v261; Creative Commons chat; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- [$] Secure Boot certificate expiration is here
Linux users who have Secure Boot enabled ontheir systems rely on certificates issued by Microsoft to verify the softwareused to boot a system is trusted by the user. One of those certificates expiredrecently, but that will not cause systems that are able to boot to stop doingso. There are situations where the expiration may cause problems, however, andthe window for relying on existing signed binaries is shorter than it mightappear. Users and administrators will want to stay on top of these changes. Overthe last year, part of my job at Microsoft has been to work on thisproblem. LWN wrote about thecertificate expiration in July 2025, and this article follows up with wherewe are now.
- Security updates for Wednesday
Security updates have been issued by AlmaLinux (coreutils, galera and mariadb11.8, giflib, git-lfs, glibc, httpd, kernel, mariadb10.11, mod_md, perl-Archive-Tar, perl-IO-Compress, perl:5.32, rrdtool, ruby, ruby4.0, and thunderbird), Debian (debian-security-support, librabbitmq, and nginx), Fedora (chromium, collectd, maradns, python-django-haystack, python-jupytext, varnish, varnish-modules, and vmod-querystring), Oracle (firefox, git-lfs, kernel, nginx:1.24, openssl, perl-Archive-Tar, perl-IO-Compress, and uek-kernel), Red Hat (container-tools:rhel8), SUSE (7zip, apache2, buildah, cifs-utils, curl, docker, exiv2-0_26, libonnxruntime1, libsoup, nodejs22, opensc, pacemaker, perl-Config-IniFiles, podman, sg3_utils, socat, tar, tracker, and xdg-desktop-portal), and Ubuntu (curl, hplip, libgd-perl, libssh2, libyang, ruby2.7, ruby3.0, ruby3.2, ruby3.3, and tar).
- Creative Commons founders' fireside chat (Creative Commons blog)
Dee Harris has published a summaryof the recent "fireside chat" featuring Creative Commons founders HalAbelson, Lawrence (Larry) Lessig, Molly Van Houweling, and Glenn OtisBrown. The chat was to mark the 25th anniversaryof Creative Commons and included a look back at its history aswell as a look at the landscape today: Twenty-five years ago, a small group of people made a bet. Theybelieved that if you gave creators a simple set of tools and licensesin language that a lawyer, a machine, and a human could all read,millions of people might choose to share their work with the worldinstead of locking it down. The videoof the chat is available on YouTube.
- [$] Flexible metaprogramming with Rhombus
Lisp-like languages have historically led the world in metaprogramming andflexibility. While many modern languages have adopted the idea of macros,Lisp-like languages such asRacket have continued pushing the envelope,attempting to make macros as easy as possible to incorporate into everydayprograms. On the other hand, Lisp's minimal, parenthesis-based syntax can be hardto adapt to — to the point that Lisp is sometimes said to standfor "Lots of Irritating Silly Parentheses".Rhombus is a new programminglanguage that aims to have the best of both worlds, marrying Racket'smetaprogramming capabilities to a simple Python-like syntax and reasonablestandard-library defaults.
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (git-lfs, perl-Archive-Tar, perl-IO-Compress, python3.12-urllib3, and runc), Debian (sogo), Fedora (perl-DBI and perl-Socket), Oracle (firefox, freerdp, git-lfs, libsoup, libxml2, mod_md, mysql, perl-Archive-Tar, perl-IO-Compress, python, python3.12-urllib3, rsync, thunderbird, tomcat, xorg-x11-server, and xorg-x11-server-Xwayland), SUSE (389-ds, 7zip, alsa, amazon-ecs-init, amazon-ssm-agent, ansible-core, apache2, atril, avahi, bind, bitcoin, capnproto, chromedriver, chromium, cosign, distribution, dnsdist, docker, dovecot24, dracut, firefox, firewalld, freeipmi, freerdp, giflib, gimp, gleam, glib-networking, glibc, glycin-loaders, golang-github-prometheus-alertmanager, google-cloud-sap-agent, google-guest-agent, graphite2, gsasl, hamlib, helm, himmelblau, ignition, imagemagick, istioctl, jackson-databind, jq, jupyter-jupyterlab-templates, keylime, krb5, ldns, libaom, libcaca, libgcrypt, libheif, libinput, libjxl, libnfs, libslirp-devel, libsolv, libzypp, zypper, libssh2_org, libvncserver, libyang, lldpd, logback, loupe, mbedtls, mbedtls-2, mcphost, mozjs128, mutt, nano, nginx, ocaml, ofono, openCryptoki, opencryptoki, opensc, openssh, openssl-3, papers, perl-compress-raw-zlib, perl-config-inifiles, perl-cpanel-json-xs, perl-crypt-passwdmd5, perl-DBI, perl-dbi, perl-html-parser, perl-http-daemon, perl-libwww-perl, perl-protocol-http2, postfix, postgresql14, postgresql15, postgresql16, python-aiohttp, python-biopython, python-click, python-ecdsa, python-idna, python-markdown, python-joblib,, python-paramiko, python-pdm, python-pip, python-py7zr, python-pydata-sphinx-theme, python-pyjwt, python-python-multipart, python-starlette, python-tornado6, python311-jupyter-ydoc, rpcbind, sed, sg3_utils, sqlite3, strongswan, tar, thunderbird, tomcat, tomcat10, tomcat11, trivy, unbound, util-linux, warewulf4, webkit2gtk3, xar, xwayland, yt-dlp, and zypper, libzypp, libsolv), and Ubuntu (libheif, nss, qemu, roundcube, and sqlite3).
- Git 2.55.0 released
Git maintainer Junio Hamano has announcedGit 2.55.0, which has non-merge commits from 100 people; 33 ofthose are first-time contributors to the project. LWN recently covered some ofthe noteworthy changes in 2.55, including new features for theexperimental "git history" command, addition of the Git fsmonitordaemon for Linux systems, and more.
- [$] The rest of the 7.2 merge window
Linus Torvalds released 7.2-rc1and closed the 7.2 merge window on June 28; by that time, 13,412non-merge commits had found their way into the mainline. That makes thisthe busiest merge window since the 6.7 development cycle in 2024 (15,418commits, including 2,800 for the entire bcachefs development history).Just under half of those commits arrived after LWN's summary of the first half of the mergewindow was written. As usual, the commits in the latter part of themerge window were more heavily focused on fixes, but there were still a lotof new features and significant changes merged as well.
- [$] Xsnow "protestware" in Debian
The xsnowapplication, which generates an animated snowfall effect (and otherpleasant diversions) for X11 desktops, does not seem like an obviouschannel for political statements. Nevertheless, xsnow's maintainerseems to have included a political protest in the program: anEaster egg that is triggered when the program's language is set to Russia("ru"). One user has complained that this functionality should beremoved from the Debian xsnowpackage, but Debian does not seem to have any rules that forbidsuch a feature outright.

- ASUS ROG Strix Laptop Sees Driver Fix For Linux Performance Too Low Compared To Windows
With modern laptops, proper platform/WMI drivers are becoming more depended upon not only for supporting all typical functionality from keyboards to backlights and other handling, but also for achieving proper performance. For many laptop vendors, the Linux platform drivers are maintained by the open-source community and actual customers. The latest example of the challenges of the community-maintained support rather than from the vendor is with the ASUS ROG Strix G16 G614PR gaming laptop seeing inappropriate power values set in the open-source driver that were incorrect and led to lower power/performance than Windows...
- RootBoard open-hardware Linux handheld launches with Raspberry Pi Zero support
Kickstarter recently featured the RootBoard, a Raspberry Pi-powered handheld Linux computer aimed at makers, developers, educators, cyberdeck builders, and users interested in a compact open-hardware Linux terminal. The device combines a small display, integrated keyboard, speaker, power-management circuitry, and support for Raspberry Pi Zero-class boards. The RootBoard is designed for use with the Raspberry Pi […]
- Git 2.55 Released with Faster Performance, Smarter Hooks, and Expanded Rust Integration
The Git project has officially released Git 2.55, bringing a wide range of improvements focused on performance, developer productivity, and modernizing the world's most widely used version control system. The release introduces smarter repository management, faster operations for large codebases, expanded hook capabilities, and continues Git's gradual adoption of Rust for improved reliability and maintainability.

- T-Mobile Appears To Be Quitting VMware Amid Support Rights Lawsuit With Broadcom
T-Mobile appears to be migrating its 303,000-core VMware environment to another platform while fighting Broadcom in court for the extended support it says its perpetual-license agreement guarantees. "The matter is somewhat urgent," The Register reports, because a court-ordered support arrangement expires August 3, "so T-Mobile may soon be unable to get support for its very substantial VMware estate." The Register reports: The dispute relates to a deal T-Mobile struck with VMware in August 2023, which saw the telco acquire perpetual licenses and two years of support for some software, plus the option for a further year of support. When Broadcom acquired VMware in 2023, it stopped selling perpetual licenses and standalone support deals for customers with those licenses. Broadcom also reduced the virtualization giant's product range from over 150 products to two subscription-only bundles. Broadcom now mostly sells its Cloud Foundation (VCF) private cloud suite. Customers including AT&T and Tesco tried to exercise their right to extended support, but Broadcom declined to do so. AT&T settled on confidential terms. Tesco is pursuing the matter in the courts. When customers exercise their option for extended support, Broadcom argues it can't deliver because the products covered by the contract don't exist anymore, its contracts allow it to deny support for dead products, and subscriptions are now the industry standard. T-Mobile started using VMware's products in 2008. In one hearing, the carrier's counsel described T-Mobile's VMware implementation as "the base of the entire internal network" and "the place where 1,000 applications reside." Another filing, from Broadcom, says the telco runs VMware software on over 303,000 CPU cores. Court documents allege that in 2024 Broadcom notified T-Mobile it would not renew support after the initial two-year deal expired in 2025. The two parties kept talking about possible new arrangements. T-Mobile also sought an injunction that would compel Broadcom to provide extended support. Broadcom opposed the injunction, arguing that T-Mobile deliberately waited too long to seek it. At one point T-Mobile suggested a $20 million deal for another two years of support. An affirmation filed last week by T-Mobile vice president of technology Kevin Luu says the carrier sought that arrangement "to be able to complete T-Mobile's transition away from VMware at a more deliberate pace." The court eventually granted the injunction forcing Broadcom to offer support beyond August 2025, but required T-Mobile to pay $5.28 million and post a $500,000 undertaking. Broadcom continued to provide support but also sought damages on grounds that the injunction meant it missed out on a new deal with T-Mobile. The telco has rubbished that argument in part because the two parties were still talking about a new deal. Broadcom later proposed to charge $24 million for extended support covering six products, a sum it said would cover over 20 staff needed to support T-Mobile. The carrier fired back by pointing out that it has made just two support calls in 2026, which hardly justifies such a massive staff and expense.
 
Read more of this story at Slashdot.
- Meta Is Reportedly Building Its Own Cloud Business
Meta is reportedly developing its own cloud business that could sell access to its AI models and lease data-center computing capacity to other companies. The move would put Meta in direct competition with Amazon, Google, and SpaceX. Engadget reports: The cloud business could offer multiple services, according to [Bloomberg], like selling access to AI models run on Meta's infrastructure, or leasing the computing power of its data centers to other companies looking to train AI. Offering something akin to Amazon Web Services could help make back some of what Meta has already spent on its new bet. As part of its AI plans, the company has committed to investing $600 billion in the US by 2028. Meta has also already made more than a few expensive hires to build its AI superintelligence team. Meta Compute, the data center and AI-focused initiative Meta created in January, is currently developing the new cloud business, according to Bloomberg.
 
Read more of this story at Slashdot.
- Cloudflare Pushes AI Companies To Pay For Publishers' Content
BrianFagioli writes: Cloudflare announced new controls that give publishers more say over how AI companies access and use their content. Beginning September 15, new Cloudflare sites will allow traditional search indexing while blocking AI training and AI agent access on ad supported pages by default. The company is also expanding its monetization efforts with a Pay-Per-Use model that aims to compensate publishers when their content contributes to AI generated answers rather than simply being crawled. Cloudflare argues that publishers should not have to choose between being discoverable online and giving away their work for free to AI systems.
 
Read more of this story at Slashdot.
- Scientists Made a Cell From Scratch For First Time
AleRunner writes: The first fully synthetic cell ("SpudCell") has been created in the Department of Genetics at the University of Minnesota. Strictly speaking, it's described as a "cell-like system constructed entirely from known chemical components that can perform a complete cell cycle." It is able to replicate, but only for approximately five generations. The key advance is that the cell is "built entirely bottom-up from individually purified, non-living components," although it still contains material from E. coli bacteria. "PURE is a defined mixture of 36 purified enzymes from E. coli bacteria," including ribosomes, that provides the infrastructure for genetic replication. CNN has an article on the advance, including interview material with Professor Kate Adamala, who led the research. "I know the full ingredient list of the cell. I know exactly what chemicals, what molecules, at what concentrations," she said. "It is fully defined, which means we can engineer it." "Humans did not create life," notes an anonymous Slashdot reader. "Researchers call it a constructed cell, not 'life created in the lab' but a 'genuine milestone on the road toward that question.' It lacks full autonomy (needs feeding, no independent evolution)." Special thanks to Slashdot readers kemosabi and AleRunner for submitting the story and additional sources, including reports from The New York Times and The Guardian, as well as information from the University of Minnesota Twin Cities.
 
Read more of this story at Slashdot.
- Reddit Will Require You To Log In To Use Old Reddit
An anonymous reader quotes a report from Ars Technica: Reddit will start requiring people to be logged into Reddit to use old.reddit.com. The new requirement will take effect "over the next month," a Reddit employee going by the username boat-botany announced on the social media platform today. The person claimed that the change is part of an ongoing effort to "tighten how automated systems access Reddit." The Reddit employee wrote: "Old Reddit's logged-out experience is a significant source of abusive scraping and automated traffic on the platform. It's also an important interface for many long-time mods and Redditors. To strike the right balance between preserving your access to Old Reddit while preventing abusive scraping and automated traffic, over the next month we will start requiring everyone to log in." In a follow-up comment, boat-botany defined abusive behavior as that which violates Reddit's rule prohibiting activity that interferes with the platform's "normal use" or that "create[s] programs or applications" that break Reddit's (controversial) API rules. "By logging in, we get a lot more signal that allows us to detect whether an account is breaking the rules, and then we can block that traffic or enforce those accounts," boat-botany said. Asked why boat-botany scrapes New Reddit less frequently than Old Reddit, the Reddit employee pointed to another commenter's explanation. "[T]he shape of malicious traffic is always changing," the user, Nestramutat, wrote. "It's going to be a constant cat and mouse game[.] As you ban one method, a new one gets developed. It's easy to see abusive traffic in hindsight, but it's harder to pre-emptively block it. Given that they're claiming Old Reddit doesn't have the modern security stack, this is likely proving to be an even greater challenge." Nestramutat said that the login requirement will add a barrier against threat actors. "You're also now attaching an account ID to every malicious request, plus account creation is only available on New Reddit (with the enhanced security stack)." As for how long Old Reddit will exist, boat-botany left the door open for its retirement. "We can't promise it will be around forever, but [Reddit CEO Steve Huffman] himself has said we'll keep supporting it while folks are still using it," boat-botany wrote. "That said, it doesn't have the same modern security tech stack reddit.com has, so we need to tighten security on old reddit to keep it viable."
 
Read more of this story at Slashdot.
- Sony PlayStation Will Stop Releasing Games On Discs In 2028
Longtime Slashdot reader AmiMoJo shares a report from the BBC: New PlayStation games will no longer be released on discs from January 2028, the gaming giant has announced. Sony said in a blog post new games would still be able to be bought in shops, but they would come with a digital code. It comes just days after Rockstar announced the hotly-anticipated Grand Theft Auto VI would similarly launch without a physical disc. It marks a significant moment for the gaming industry, which has in recent years begun to rely more and more on digital distribution. Sony said the move came "as consumer preferences and the broader entertainment industry continue to shift away from physical discs to digital." "This is a natural direction for Sony Interactive Entertainment to adapt to consumer trends as the general preference for digital media significantly outpaces physical discs," it added. [...] PlayStation said the move would have no impact on games which are already released, or would be released before January 2028.
 
Read more of this story at Slashdot.
- Meta Loses Bid To Dismiss US States' Claims That Facebook, Instagram Addict Children
A federal judge rejected Meta's bid to dismiss claims from 29 state attorneys general alleging that Facebook and Instagram were designed to addict children while concealing the harms. The judge found significant factual disputes that must be decided at trial. They also ruled that Meta failed to comply with federal parental notice and consent requirements for children under 13, "and granted summary judgement to the states on that issue," reports Reuters. From the report: In a separate statement, California Attorney General Rob Bonta called the decision a "critical win" in holding Meta accountable for fueling a mental health crisis among American children. Gonzalez Rogers also oversees related multidistrict litigation by more than 2,600 individuals, school districts and local governments over whether social media platforms such as Facebook, Instagram, Google and YouTube, Snapchat and TikTok addict children. The states said research has shown that children's use of Facebook and Instagram could lead to depression, anxiety, insomnia, interference with education and daily life, and self-harm including suicide. Meta countered that the attorneys general had no evidence it misled consumers about its platforms' alleged addictiveness, including in congressional testimony by Chief Executive Mark Zuckerberg. The Menlo Park, California-based company said this was because "social media addiction" is not an established psychiatric condition, and therefore statements that its platforms are not addictive could not be false. Meta also said it didn't violate the children's online privacy law because it directed Facebook and Instagram to a general audience, not just children under age 13. In a 38-page decision, Gonzalez Rogers found material factual disputes over whether Meta's social media platforms are addictive, whether Meta falsely denied it designed them that way, and whether it "partially" directed the platforms at children. "The AGs present a reasonable interpretation of [Meta's] statements that Facebook and Instagram are not designed in ways that cause teens to compulsively use the platforms to their detriment," the judge wrote. "To the extent plaintiffs' evidence shows that the platforms are in fact designed to do just that, a jury could reasonably find the statements were untrue to a reasonable person," she added. A trial over California, Colorado, Kentucky and New Jersey's claims against Meta is scheduled for August 18, court records show. Further reading: Will Social Media Change After YouTube and Meta's Court Defeat?
 
Read more of this story at Slashdot.
- NASA Wants To Send Spare Nuclear-Powered Mars Rover To the Moon
An anonymous reader quotes a report from Space.com: NASA provided an Artemis update today (June 30), announcing new lunar landing contracts for its Moon Base initiative and a surprise new possible rover mission that could be headed to the moon's south pole. During the second monthly update that NASA has provided for its moon base plans, the agency named Astrobotic, Firefly Aerospace and Intuitive Machines as the providers of four robotic landers that will deliver scientific payloads to the surface of the moon, as NASA tests and expands the technologies needed for a permanent human outpost. "This is this drawing on the playbook that worked very well for NASA during the 1960s," NASA Administrator Jared Isaacman said during the livestreamed update, explaining the experiential approach to a crewed lunar return. "We didn't just jump right to Apollo 11." Isaacman also announced the potential repurposing of an engineering development model built to mirror the agency's Perseverance and Curiosity rovers on Mars. "There is another," Isaacman said, quoting Yoda's line from "Star Wars: The Empire Strikes Back." That test rover is called PROMISE, short for "Polar Rover for Observation, Mapping, and In-Situ Exploration" (though it was formerly known as Optimism). PROMISE was developed at NASA's Jet Propulsion Laboratory (JPL) in Southern California, where it has been used as a test platform for fixes or commands that engineers want to try on the ground before permanently sending them to Perseverance and Curiosity. Now, NASA wants to send PROMISE on a mission of its own. Though sending PROMISE to the moon would leave Perseverance and Curiosity -- both of which remain active on Mars -- without an Earth-based testbed, Isaacman thinks it would be worth it. "We've had years now of experience operating the two rovers on the surface of Mars, and we've got this hardware that the taxpayers have invested a lot in," he said. "So the question was posed: 'What if we send it to the moon?'" With a little refurbishment, PROMISE would help advance NASA's lunar plans, Isaacman added. Like Perseverance and Curiosity, the test rover is powered by a radioisotope thermoelectric generator (RTG), which converts heat from naturally decaying radioactive material into electricity. So it wouldn't require sunlight to operate -- a real benefit on the moon, where most locations experience long stretches of darkness. (NASA plans to build its Artemis base near the moon's south pole, which is thought to harbor an abundance of water ice and also has a relatively complex lighting environment.) The other robots currently in the works to launch on future missions to the moon, including the landers announced during today's update, are all solar powered. Through 2029, NASA hopes to launch up to 20 such missions as part of the CLPS (Commercial Lunar Payload Services) initiative to support the first phase of the agency's moon base plans, and the landers announced today will be some of the first in that lineup.
 
Read more of this story at Slashdot.
- The Vera Rubin Telescope Begins Surveying Our Cosmos
The Vera C. Rubin Observatory has begun its 10-year Legacy Survey of Space and Time, using the world's largest digital camera to image the entire southern sky every few nights. The project is expected to catalog billions of stars and galaxies, track changing and transient objects, and generate an enormous dataset for studying dark matter, galaxy formation, asteroids, and unexpected cosmic phenomena. The New York Times reports: "This is the end of a 30-year wait," said Phil Marshall, the deputy director of the telescope's operations at SLAC National Accelerator Laboratory in California, in a statement to The New York Times. "It's a major milestone for us." Astronomers expect this collection of data, known as the Legacy Survey of Space and Time, to revolutionize their knowledge of our galaxy's birth, the invisible matter permeating the cosmos, what shaped the universe into the structure it has today and more. According to Dr. Marshall, the survey is designed to see everything, "even the things we don't know we're looking for yet," he said. The team behind the observatory, a joint effort funded by the U.S. Department of Energy and the National Science Foundation, unveiled several images of the cosmos that were jampacked with celestial goodness -- a peek at what the Rubin could do -- last year. Since then, scientists have been busy conducting final tests and reviews of the telescope's operations and systems. According to Bob Blum, the director of Rubin operations at the National Optical-Infrared Astronomy Research Laboratory, the team has also been hard at work ensuring that the telescope can operate reliably in different environmental conditions for the next decade.
 
Read more of this story at Slashdot.
- DOT Announces 'Return of Supersonic Flight' For Commercial Airlines
The FAA plans to replace its 1973 ban on civilian supersonic flight over U.S. land with a noise-based standard, potentially allowing aircraft to exceed Mach 1 as long as they stay below certain sound limits. The agency aims to finalize the rules by mid-2027, opening the door for companies such as Boom Supersonic and Spike Aerospace to operate quieter next-generation passenger jets over land. Longtime Slashdot reader schwit1 shared the notice (PDF) published Tuesday by the FAA. Forbes reports: Technological advances "will eliminate the old sonic boom," FAA Administrator Bryan Bedford said in a statement. "This means we can ultimately repeal the ban from the 1970s on supersonic flight over U.S. territory while minimizing noise impacts to residents in communities along the route and near airports." The primary reason was public opposition to loud sonic booms. In the 1960s, a plane flying faster than the speed of sound -- about 660 mph at high altitudes -- created shock waves that traveled to the ground and reached human ears as a loud gunshot-like crack or thunder-like boom. Tests during that decade, including the Oklahoma City sonic boom experiments, found repeated booms broke windows, damaged property and generated thousands of public complaints. In its 1973 ruling, the FAA stated that due to the limits of technology at that time, "a prohibition was needed to protect the public from sonic boom .... by preventing operations of a civil aircraft at a true flight Mach number greater than 1." Several years later, Air France and British Airways introduced Concorde, and were allowed to serve New York's John F. Kennedy International Airport as long as flights remained subsonic over U.S. land. Notably, "the prestigious London-New York service was the only truly profitable [Concorde] route, supported by high-powered business and celebrity travel," wrote a former British Airways network planner for Forbes in 2021. Several U.S. companies are working on a new generation of luxurious supersonic passenger aircraft with much quieter sonic booms and improved fuel efficiency. In particular, Colorado-headquartered Boom Supersonic says it has pre-orders from United Airlines, American Airlines and Japan Airlines for its Overture jets, which will carry 60-80 passengers. Atlanta-based Spike Aerospace is developing smaller Diplomat jets for up to 18 passengers. Both companies' websites tout future transatlantic flights in under four hours.
 
Read more of this story at Slashdot.

- From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.

- Fedora Council Seeks To Shutdown Current Discussions Over AI Developer Desktop
Stemming from the widely varying views over the recent Fedora proposal for an "AI Developer Desktop" catering to running local AI and machine learning workloads in pre-configured environments with a seamless hardware-accelerated experience, the Fedora Council issued a statement this evening to effectively shutdown discussions for now over a Fedora AI Developer Desktop and to pause the Fedora Community Initiatives process...
- Steam On Linux Usage Receded A Bit In June
Back in March Steam on Linux use shot up to 5.33% as a big 3.1% improvement over February. In April it dropped to 4.52% and then fell to 3.99% in May. Valve just published the Steam Survey numbers for June and it points to another minor setback from the recent all-time high of Steam on Linux...
- Linux 7.3 To Overcome "Significant Bottleneck" For Small I/O With PCIe Gen5 NVMe SSDs
While the Linux 7.2 feature merge window ended just days ago and the better part of two months now before v7.2 will be released as stable, there are already features beginning to accumulate that will target the Linux 7.3 cycle. The most exciting change I've seen to kick off that dance ahead of Linux 7.3 is addressing a "significant" bottleneck affecting small direct I/O performance with speedy storage such as PCIe Gen5 NVMe SSDs...
- AMD Sends Out Latest Linux Patches For RMPOPT Optimization
Earlier this year AMD disclosed the RMPOPT instruction that given the timing will seemingly be introduced with upcoming Zen 6 EPYC "Venice" processors. The RMPOPT feature amounts to a performance optimization for AMD EPYC SEV-SNP enabled servers by cutting down on the associated Reverse Map Table (RMP) overhead. Linux enablement of AMD RMPOPT remains ongoing and out this week is the latest iteration of the enablement...
- GCC 16.2 Being Planned For Early August Release
For those that prefer waiting until the first bug-fix/point release before upgrading to a major new feature series, GCC 16.2 is being planned for an early August release for delivering back-ported bug fixes to the GCC 16 compiler...
- Asahi Linux Fixes Booting With macOS 27, Progress On M3 & Apple Video Decode
The Asahi Linux project published a new blog post outlining recent development efforts in getting Apple Silicon hardware working with their downstream Linux distribution. There is ongoing work on bringing up Apple M3 support, fixing boot support for macOS 27 beta systems, Apple Video Decoder (AVD) support progress, and more...

- OSNews statement on slopcoded operating systems!
Recently, there has been a surge in slopcoded new/hobby operating systems!. Such slopcoded projects which, due to the nature of AI! tools, effectively consist of stolen code will not be featured on OSNews and submitting them is fruitless. Other websites may choose to employ lower standards, as is their prerogative, but OSNews will not. I obviously cannot guarantee nothing will ever slip through the cracks, but I will take utmost care to ensure OSNews remains free of these so-called sloperating systems!. Plagiarism, license-washing, and code theft have no place in the world of enthusiast and hobby operating systems.
- European digital ID wallets are a gift to Google and Apple
European governments are rolling out digital identity wallets, which are to be used by citizens to access services, and to verify their age online. As reported by Follow the Money and Android Authority, there is a serious problem with this: these wallets rely on safety services of Google and Apple. These are known as Google Play Integrity API, and Apple’s Managed Device Attestation. Such safety services (known as “remote attestation”) are used to ensure that wallet apps run on hardware that is not tampered with. In this article we explain why the EU-wallet case is part of a bigger problem: by embedding these safety services in public infrastructure, Europe risks making society dependent on private companies while serving their corporate interests. ↫ Danny Lämmerhirt Setting aside the age verification nonsense, the fact that some European government are tying their identification services to iOS and Google Android is absolutely bonkers, especially in this day and age. Theres endless talk about reducing European dependence on the American tech giants who seem all too eager to do roll over when the Trump regime so much as glances in their general direction, and yet, they seem to want to effectively force us citizens to use American tech products. Essential online tools, like banking, government services, communication services, digital drivers licenses, and more, should not require the use of iOS or Google Android.
- Apple should end their prohibition on shapes in MacOS app icons!
Theres a lot you can say about macOS, but one thing Apple used to be incredibly good at were making beautifully crafted, detailed icons. As with almost every other aspect of macOS, this deteriorated sharply over the years, with the recent macOS releases with Liquid Glass being an absolute low point. Not only have they become bland and featureless, Apple also started forcing every icons to have the exact same rounded-rectangle shape, making them even harder to distinguish from one another. Rogue Amoeba, a company with a long history of developing applications with beautiful iconography, published a blog post pleading Apple to go back to proper icon design. With last year’s release of MacOS 26 (Tahoe), Apple made a mess of app icons. In the first betas of MacOS 27 (Golden Gate), however, there are signs of a turnaround. We’re urging Apple to continue making improvements, by restoring the ability for MacOS app icons to have distinct shapes. ↫ Paul Kafasis at the Rogue Amoeba blog I really hope Apple will turn its icon ship around.
- Linux ported to Segas Mega Drive
If you have a Sega Mega Drive, you obviously want to run Linux on it. Thats something you can do now. You do need to have an EverDrive, but dont worry, the port in question contains a custom fork of Qemu for those of us that dont. I dont know what else to say, other than I wonder why nobody did this sooner.
- Microsoft now says 8GB RAM is fine for Windows 11, after years of pushing for 16GB
Theres something poetic about the World Cup taking place in North America while Microsoft keeps scoring own goals like this. Microsoft updated its Surface buying guide to describe 8GB RAM as “great for everyday use like browsing, streaming, schoolwork, and productivity apps.” A companion FAQ adds that 16GB or more is what unlocks Copilot+ PC features. No acknowledgment that, for two years, Microsoft was the loudest voice telling everyone that 16GB was non-negotiable for a good Windows 11 experience. What makes this infuriating is that Microsoft is one of the biggest reasons why the RAM situation got so bad in the first place. ↫ Abhijith M B at Windows Latest This industry is a joke.
- Astral is a hobby operating system with X.org, Minecraft, and now Wine
Astral is a hobby operating system written in C for 64bit architectures, with a collection of ported software like X.org, fvwm, the xbps package manager, and tons more. I think its quite a neat system the codes on GitHub made even neater by the fact it can run not only Minecraft, but now also has a working port of Wine that can run a few games. A few months ago, I posted about Astral, a hobby OS I have been working on over the years, running Minecraft. Since then, others have gotten modern versions of Minecraft to run as well as Factorio (using a glibc compatible libc). However, while these games are made or packaged in a way that makes it easier to get them to run under a new OS, most games are not. A lot of games are closed source and compiled for Windows, which makes something like Wine a necessity for playing them. One of my favorite games, Cogmind, falls under that umbrella. It is a 32-bit Windows only roguelike, and it became my goal to run it under Astral. While there was already an existing Wine port, it was extremely incomplete, as not even notepad.exe worked properly. To run Cogmind, the Wine port had to be finished, which also meant adding the ability to run 32-bit code on an otherwise 64-bit-only OS. ↫ Blog post on the Astral website This process obviously is quite involved, but in the end, they managed to get it working. Quite impressive.
- The ‘papers, please’ era of the internet will decimate your privacy
Imagine your favorite team just scored an incredible, last-second goal at the World Cup. So you log online to celebrate with other fans. But, using data it’s already collected on you, the social media platform you like to post on wrongly guesses that you’re under 16 so it forces you to go to a third-party verification app and provide images of your face or your government-issued ID. You don’t really know much about the verification app, what country it’s based out of, what happens with your information, and whether you’re protected from hackers or data breaches. You’re not happy about it, but you hand over a photo of your passport and hope it doesn’t come back to haunt you. Now imagine that instead of posting about sports, you’re criticizing a powerful politician, or talking about your experiences with abuse or addiction, or discussing embarrassing medical issues you’re facing. Suddenly this “papers, please” approach to the internet sounds even more invasive, right? Unfortunately, that’s the direction we’re all headed — even here in the United States — and we have good reason to be wary of the global rush to sacrifice user privacy on the altar of age verification. ↫ Sarah McLaughlin at Expression The insane push for age verification on the internet is the biggest threat to whatevers left of the free internet. I have two young children 3 and 5, currently and Im diametrically opposed to any kind of creepy verification processes that they claim are designed to keep kids like mine safe!. Not only is their safety not predicated on giving up their privacy, my children are also not my or anyone elses property; they have rights, and the right to privacy is one of them. Nobody mentioned in the Epstein files has been charged, by the way.
- Microsoft capitulates again, extends Windows 10 support by another year
Its been quiet for a few days since Ive been sick, but Im feeling a bit better since today marks the official end of my one month of using Windows 11 that you people donated for. An article about my experience is definitely upcoming, including whether or not Ill actually stick with Windows 11 on my laptop or go back to Linux, but before we get there, lets talk about Microsoft once again capitulating to the reality that a lot of people really dont want to let go of Windows 10. In a surprising move, Microsoft has quietly confirmed that it’s extending Windows 10 support until October 12, 2027, which is one full year beyond the October 2026 cutoff that home users had been planning around. ↫ Abhijith M B at Windows Latest Hundreds of millions of people are still using Windows 10, and with the AI! techbros buying up all the RAM and other chips for their pachinko machines making this whole thing a bit of an own goal for prime AI! booster Microsoft buying new PCs that are actually compatible with Windows 11 isnt exactly a fun prospect for the vast majority of us normal folk dealing with the cost-of-living crisis. As such, Microsoft really doesnt have any other choice but to keep extending support for Windows 10. It aint much, but Ill take any morsel of justice I can get. While everyone else has to pay for getting access to these Windows 10 updates, users in the European Union get them entirely for free thanks to the Digital Markets Act. This additional year, too, can be partially attributed to the DMA, as the very same consumer rights organisations who pressured Microsoft into giving EU users truly free access to the Extended Security Updates also put pressure on the company to offer these for more than just one year. Basic consumer protection legislation works.
- In memory of the man who put red and green squiggles under words
Every little thing in a graphical user interface that we take for granted today, no matter how small, was thought up by someone, at some point. Case in point: the little red squiggly lines underneath misspelled words. In one form or another, these are everywhere now, and have just become a regular staple of every single text editing field we encounter every single day and dont stop to think about. Still, they were invented by someone, and we happen to know exactly who that was: Tony Krueger. In early versions of Word, the Spell Check feature was something that you explicitly invoked, and then you had to sit and wait while the program looked for all your potentially-misspelled words, and then showed them to you one at a time for a decision on what to do for each one. Word did introduce an Auto Spell Check feature to run spell check when the user was idle, so that when you hit the Spell Check button, the results were ready to go. However, the Auto Spell Check was still a blocking operation. As a result, a lot of users turned it off because it always seemed to decide “Now would be a good time to spell-check the document” just as you wanted to do something, forcing you to wait for the spell check pass to complete before you could, say, save and exit. Tony made the spell checker much more unobtrusive so that it didn’t interfere with your foreground work. And when it found a problem, instead of waiting for you to trigger a spell check, it immediately drew red squiggles under potentially-misspelled words (and later green squiggles under potential grammatical errors). ↫ Raymond Chen at The Old New Thing Tony Krueger passed away recently, after, among other things, having worked on an dizzying number of Microsoft Word releases. Imagine coming up with something that seems to basic and elementary to us now, and seeing it spread pretty much everywhere. I wonder what it must feel like to have invented something that seems so simple, most people dont even realise they use it every single day.
- KDE is going to fix network shares
Ive had my share of issues with network shares on any operating system, but since I mostly use KDE these days I found this deep dive into how, exactly, network shares work in KDE quite interesting. It turns out that while network shares in KDEs Dolphin mostly work, it does involves a few layers that sometimes dont interact well with each other, leading to really curious and annoying problems with mounted shares not appearing, permission issues, and so on. The biggest cause of problems is when using a non-KDE application in KDE that also happens to use a non-KDE save/open dialog. Such a non-KDE save/open dialog wont be able to see any network shared mounted by KDE, and sadly, quite a few applications youre likely to use on a KDE installation use non-KDE open/save dialogs, like Blender, GIMP, LibreOffice, OnlyOffice, Inkscape, Audacity, DaVinci Resolve, and more. Thats one hell of a list of applications to offer inconsistent or outright broken access to network shares youve set up and mounted in KDE. Luckily, this issue seems to be getting a ton of attention soon. All is not lost. Happily, KDE just received an investment of over €1.2 million from the Sovereign Tech Fund, and it includes funding for improvements to KDE’s network share handling! ↫ Nate Graham The project is in the planning phases at the moment, but theyre considering a whole slew of possible changes, fixes, and workarounds to make this stupid and annoying problem just go away. In 2026, nobody should be dealing with manually editing /etc/fstab or getting frustrated over supposedly disappearing network shares.

- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem. What Is EU OS? EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments. The Vision Behind EU OS The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty. Conclusion EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here. Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1: 1. Linux ARM IDE Support Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started. 2. Web Drag and Drop One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required! 3. Direct App Store Publishing Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process. 4. New Desktop and Mobile Features This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection. 5. Performance and IDE Enhancements Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced. What Does This Mean for Developers? Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution. How to Get Started Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com. Final Thoughts With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you. Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem. Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca. Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers. kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement: Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring. ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners. LibreOffice

- Kubuntu Focus Goes Ultra
The Kubuntu Focus team has upped the performance ante of its M2 and Zr laptops with the latest, greatest CPUs from Intel.
- KDE Linux Drops AUR
KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.
|