|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All)
(Two Column)
- Fedora 42: Chromium High CVE-2025-13630, 13631, 13632 Advisory
Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools * High CVE-2025-13633: Use after free in Digital Credentials
- Fedora 43: chromium High CVE-2025-13630 Type Confusion and more
Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools * High CVE-2025-13633: Use after free in Digital Credentials
- [$] Eventual Rust in CPython
Emma Smith and Kirill Podoprigora, two of Python's core developers, haveopened adiscussion about including Rust code in CPython, the reference implementation ofthe Python programming language. Initially, Rust would only be used for optionalextension modules, but they would like to see Rust become a required dependencyover time. The initial plan was to make Rust required by 2028, but Smith andPodoprigora indefinitely postponed that goal in response to concerns raised in the discussion.
- Security updates for Friday
Security updates have been issued by AlmaLinux (buildah, firefox, gimp:2.8, go-toolset:rhel8, ipa, kea, kernel, kernel-rt, pcs, qt6-qtquick3d, qt6-qtsvg, systemd, and valkey), Debian (chromium and unbound), Fedora (alexvsbus, CuraEngine, fcgi, libcoap, python-kdcproxy, texlive-base, timg, and xpdf), Mageia (digikam, darktable, libraw, gnutls, python-django, unbound, webkit2, and xkbcomp), Oracle (bind, firefox, gimp:2.8, haproxy, ipa, java-25-openjdk, kea, kernel, libsoup3, libssh, libtiff, openssl, podman, qt6-qtsvg, squid, systemd, vim, and xorg-x11-server-Xwayland), Slackware (httpd and libpng), SUSE (chromedriver, kernel, and python-mistralclient), and Ubuntu (cups, linux-azure, linux-gcp, linux-gcp, linux-gke, linux-gkeop, linux-ibm-6.8, linux-iot, and mame).
- Alpine Linux 3.23.0 released
Version 3.23.0 of Alpine Linux has been released. Notable changesin this release include an upgrade to version 3.0of the AlpinePackage Keeper (apk), and replacing the linux-edgepackage with linux-stable:
For years, linux-lts and linux-edge grew apart and developed theirown kernel configs, different architectures, etc.
Now linux-edge gets replaced with linux-stable which has theidentical configuration as linux-lts, but follows the stable releasesinstead of the long-term releases (see https://kernel.org/).
The /usrmerge planned for this release has been postponed; a new timelinefor the change will be published later. See the releasenotes for more information on this release.
- [$] The beginning of the 6.19 merge window
As of this writing, 4,124 non-merge commits have been pulled into themainline repository for the 6.19 kernel development cycle. That is arelatively small fraction of what can be expected this time around, but itcontains quite a bit of significant work, with changes to many core kernelsubsystems. Read on for a summary of the first part of the 6.19 mergewindow.
- [$] A "frozen" dictionary for Python
Dictionaries are ubiquitous in Python code; they are the data structure ofchoice for a wide variety of tasks. But dictionaries are mutable, whichmakes them problematic for sharing data in concurrent code. Python hasadded various concurrency features to the language over the last decade orso—async, free threading without the global interpreter lock(GIL), and independent subinterpretersbut users must work out their ownsolution for an immutable dictionary that can be safely shared byconcurrent code. There are existing modules that could be used, but a recent proposal, PEP 814 ("Add frozendictbuilt-in type"), looks to bring the feature to the language itself.
- cmocka 2.0 released
Andreas Schneider has announcedversion 2.0 of the cmockaunit-testing framework for C:
This release represents a major modernization effort, bringingcmocka firmly into the "modern" C99 era while maintaining thesimplicity and ease of use that users have come to expect.
One of the most significant changes in cmocka 2.0 is the migrationto C99 standard integer types. The LargestIntegralType typedef hasbeen replaced with intmax_t and uintmax_t fromstdint.h, providing better type safety and portability acrossdifferent platforms. Additionally, we've adopted the bool type whereappropriate, making the code more expressive and self-documenting.
Using intmax_t and uintmax_t also allows to printbetter error messages. So you can now finde.g. assert_int_equal and assert_uint_equal.
cmocka 2.0 introduces a comprehensive set of type-specificassertion macros, including `assert_uint_equal()`,`assert_float_equal()`, and enhanced pointer assertions. The mockingsystem has also been significantly improved with type-specific macroslike `will_return_int()` and `will_return_float()`. The same forparameter checking etc.
LWN covered theproject early in its development in 2013. See the full list of newfeatures, enhancements, and bug fixes in cmocka 2.0 in the changelog.
- Security updates for Thursday
Security updates have been issued by AlmaLinux (expat and libxml2), Debian (openvpn and webkit2gtk), Fedora (gi-loadouts, kf6-kcoreaddons, kf6-kguiaddons, kf6-kjobwidgets, kf6-knotifications, kf6-kstatusnotifieritem, kf6-kunitconversion, kf6-kwidgetsaddons, kf6-kxmlgui, nanovna-saver, persepolis, python-ezdxf, python-pyside6, sigil, stb, syncplay, tinyproxy, torbrowser-launcher, ubertooth, and usd), Mageia (cups), SUSE (cups, gegl, icinga2, mozjs128, and Security), and Ubuntu (ghostscript, kernel, linux, linux-aws, linux-aws-5.15, linux-gcp-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-oracle-5.15, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-hwe, linux-kvm, linux-oracle, linux-aws-fips, linux-fips, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure-fips, linux-gcp, linux-gcp-4.15, linux-hwe, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-gcp-6.14, linux-raspi, linux-gcp-fips, linux-intel-iot-realtime, linux-realtime, linux-raspi, linux-raspi-realtime, linux-xilinx, and postgresql-14, postgresql-16, postgresql-17).
- Cro provides commentary on LWN's Zig asynchronicity article
Loris Cro has publisheda detailed YouTube video talking about the terminology used to discuss asynchronicity, concurrency, and parallelism in our recent article about Zig's new Io interface. Our article is not completely clear because it uses the term "asynchronous I/O" to refer to what should really be called "non-blocking I/O", and sometimes confuses asynchronicity for concurrency, among other errors of terminology, he says. Readers interested in precise details about Zig's approach and some of the motivation behind the design may find Cro's video interesting.
- [$] LWN.net Weekly Edition for December 4, 2025
Inside this week's LWN.net Weekly Edition:
Front: Rust in Debian; Python comprehensions; asynchronous Zig; BPF and io_uring; C safety; 6.18 statistics; just. Briefs: Landlock; Let's Encrypt lifetimes; Last 5.4 kernel; TAB election; AlmaLinux 10.1; FreeBSD 15.0; NixOS 25.11; Django 6.0; Home Assistant 2025.12; PHP 8.5.0; Racket 9.0; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- Home Assistant 2025.12 released
Version2025.12 of the Home Assistant home-automation system has been released.
This month, we're unveiling Home Assistant Labs, a brand-new space where you can preview features before they go mainstream. And what better way to kick it off than with Winter mode? ❄️ Enable it and watch snowflakes drift across your dashboard. It's completely unnecessary, utterly delightful, and exactly the kind of thing we love to build. ❄️
But that's just the beginning. We've been working on making automations more intuitive over the past releases, and this release finally delivers purpose-specific triggers and conditions. Instead of thinking in (numeric) states, you can now simply say "When a light turns on" or "If the climate is heating". It's automation building the way our mind works, as it should be.
- Django 6.0 released
The Django Python webframework project has announcedthe release of Django 6.0 including many new features, as can be seen inthe releasenotes. Some highlights include template partials for modularizingtemplates, a flexible task framework for running background tasks, amodernized email API, and a ContentSecurity Policy (CSP) feature that provides the ability to "easily configure and enforce browser-level security policies to protect against content injection".
- [$] Just: a command runner
Over time, many Linux users wind up with a collection of aliases,shell scripts, and makefiles to run simple commands (or a series ofcommands) that are often used, but challenging to remember andannoying to type out at length. The just command runner is aRust-based utility that just does one thing and does it well: it readsrecipes from a text file (aptly called a "justfile"), and runs thecommands from an invoked recipe. Rather than accumulating a libraryof one-off shell scripts over time, just provides a cross-platform toolwith a framework and well-documented syntax for collecting anddocumenting tasks that makes it useful for solo users andcollaborative projects.
- Security updates for Wednesday
Security updates have been issued by Debian (containerd, mako, and xen), Fedora (forgejo, nextcloud, openbao, rclone, restic, and tigervnc), Oracle (firefox, kernel, libtiff, libxml2, and postgresql), SUSE (libecpg6, lightdm-kde-greeter, python-cbor2, python-mistralclient-doc, python315, and python39), and Ubuntu (kdeconnect, linux, linux-aws, linux-realtime, python-django, and unbound).
- A final stable kernel update for 5.4
Greg Kroah-Hartman has announced the release of the 5.4.302 stable kernel:
This is the LAST 5.4.y release. It is now end-of-life and should notbe used by anyone, anymore. As of this point in time, there are 1539documented unfixed CVEs for this kernel branch, and that number willonly increase over time as more CVEs get assigned for kernel bugs.
For the curious, Kroah-Hartman has also provideda list of the unfixed CVEs for 5.4.302.
- Let's Encrypt to reduce certificate lifetimes
Let's Encrypt has announcedthat it will be reducing the validity period of its certificates from90 days to 45 days by 2028:
Most users of Let's Encrypt who automatically issue certificateswill not have to make any changes. However, you should verify thatyour automation is compatible with certificates that have shortervalidity periods.
To ensure your ACME client renews on time, we recommend using ACMERenewal Information (ARI). ARI is a feature we've introduced to helpclients know when they need to renew their certificates. Consult yourACME client's documentation on how to enable ARI, as it differs fromclient to client. If you are a client developer, check out thisintegration guide.
If your client doesn't support ARI yet, ensure it runs on aschedule that is compatible with 45-day certificates. For example,renewing at a hardcoded interval of 60 days will no longer besufficient. Acceptable behavior includes renewing certificates atapproximately two thirds of the way through the current certificate'slifetime.
Manually renewing certificates is not recommended, as it will needto be done more frequently with shorter certificate lifetimes.
- Toradex Introduces Coin-Sized Modules Powered with NXP i.MX 93 and i.MX 91 Processors
Toradex has unveiled the OSM and Lino Computer on Module families, incorporating NXP’s i.MX 93 and i.MX 91 processors. These ultra-compact modules target high-volume industrial automation and edge systems, offering a rugged, cost-effective solution for space-constrained environments. The new lineup includes the OSM iMX93, OSM iMX91, Lino iMX93, and Lino iMX91. These modules are powered […]
- Rust-Written Redox OS Sees Initial Wayland Port
Developers behind Redox OS, the original open-source operating system written from scratch in the Rust programming language, have ported Wayland to it with initially getting the Smallvil Wayland compositor up and running along with the Smithay framework and the Wayland version of the GTK toolkit...
- STMicroelectronics New WiFi 6/Bluetooth LE Coprocessor Modules Add Matter Support
STMicroelectronics introduced the ST67W611M1 series earlier this year, a low power WiFi 6 and Bluetooth LE coprocessor family developed with Qualcomm Technologies. The modules are designed to add wireless connectivity to STM32 based systems and streamline support for emerging IoT standards such as Matter and Thread. The ST67W611M1 modules combine Qualcomm’s connectivity platform with the […]
- NVIDIA Releases CUDA 13.1 With New "CUDA Tile" Programming Model
NVIDIA just released CUDA 13.1 for what they claim is "the largest and most comprehensive update to the CUDA platform since it was invented two decades ago." The most notable addition with the CUDA 13.1 release is CUDA Tile as a new tile-based programming model...
- Beijing-linked hackers are hammering max-severity React bug, AWS warns
State-backed attackers started poking flaw as soon as it dropped – anyone still unpatched is on borrowed timeAmazon has warned that China-nexus hacking crews began hammering the critical React "React2Shell" vulnerability within hours of disclosure, turning a theoretical CVSS-10 hole into a live-fire incident almost immediately.…
- ZFS Deduplicaton: Save Disk Space
ZFS Deduplication Explained: Learn how ZFS deduplication works by eliminating identical data blocks. We demonstrate the feature, compare results with dedup on and off, and discuss RAM requirements and best use cases. ZFS deduplication is powerful for environments with highly redundant data like VM images or backup repositories. However, for general use cases like web hosting, compression is usually a better choice due to lower RAM requirements.
- Linux 6.19 GPU Driver Features: Color Pipeline API, Intel Xe3P, AMDGPU For GCN 1.0/1.1
The big set of kernel graphics driver features were merged today for the Linux 6.19 kernel. As usual there is a lot of new feature work on the AMD Radeon, Intel, and NVIDIA graphics drivers plus the smaller Arm/embedded graphics like now having initial Qualcomm Gen8 GPU support. Plus the growing number of accelerator "accel" drivers for NPUs / AI accelerators...
- FreeBSD 15 trims legacy fat and revamps how OS is built
Project retires 32-bit ports, embraces pkgbase, and modernizes build processThe latest release of FreeBSD contains a lot of crucial under-the-hood changes – and drops 32-bit support on both x86 and POWER, although ARM-v7 survives.…
- The Anxieties of Full-Body MRI Scans (Not Covered by Insurance)
Washington Post columnist Dana Milbank calls himself "a highly creative hypochondriac" — who just paid for an expensive MRI scan to locate abnormal spots as tiny as 2 millimeters. He discusses the pros and cons of its "diffusion-weighted imaging" technology combined with the pattern recognition of AI, which theoretically "has the potential to save our lives by revealing budding cancers, silent aneurysms and other hidden would-be killers before they become deadly. "But the scans cost $2,500 a pop and insurance won't pay. Worse, for every cancer these MRIs find, they produce a slightly greater number of false positives that require a biopsy, with the potential for infection and bleeding and emotional distress. Even when the scans don't produce a false positive, they almost always come up with some vague and disconcerting abnormality.... Will we feel better after viewing our insides? Or will we become anxious about things we hadn't even thought to worry about? Part of living has always been in the mystery, in not knowing what tomorrow will bring. Now, because of sophisticated imaging, genome sequencing and other revolutionary screening tools, we can have predictability, or at least the illusion of it. But do we want that? The American College of Radiology says we do not. Its still-current 2023 statement says there is not "sufficient evidence" to recommend full-body screening, cautioning that the scan could lead to needless testing and expense. But David Larson, chair of ACR's Commission on Quality and Safety, told me that could change as more data comes in. "When people ask me, 'Would you recommend it?' I would say it depends on your tolerance for ambiguity," he said, giving the example of somebody found to have a borderline aortic aneurysm who is advised to wait and monitor it. If "that won't keep you up at night, then I wouldn't necessarily recommend against it...." About 1 in 20 gets that dreaded call. A study Prenuvo presented earlier this year of 1,011 participants found that 4.9 percent of scans required a follow-up biopsy. Of those, 2.2 percent were actually cancer, and the other 2.7 percent were false positives. Of the 22 cancers the scans caught, 86 percent of patients had no specific symptoms. But if finding something truly awful is rare, finding something abnormal is almost guaranteed. [Vikash Modi, Prenuvo's senior medical director of preventative medicine] said only 1 in 20 scans come back completely clean. The vast majority of patients wind up in the ambiguous realm where something may look suspicious but doesn't require urgent follow-up. He opted for the cheaper $1,000 torso scan, which the senior medical director calls "our bread-and-butter area," since 17 of the 22 cancers detected in one Prenuvo study were in that area and is where they often find cancers that wouldn't be discovered until they were incurable like "that scary pancreatic stuff...." Milbank's scan found 12 "abnormalities" included "a 2.5 mm pulmonary nodule in the right lower lobe" and "a 4.6 mm intraductal papillary mucinous neoplasm in the pancreatic tail" — but with 10 abnormalities labeled "minor" (and six being musculoskeletal wear-and-tear problems "I already knew about from the usual aches and pains".)Even the two "moderate" findings didn't sound that grim when I read on. The "indeterminant lesion" in my lung requires no follow-up, while the thing in my pancreas is "low-risk."... The "most interesting" finding was the pancreatic cyst, because, at this size and location, there's a 3 percent chance it will become cancerous in the next five years. But if annual follow-up scans of my pancreas (covered by insurance) show it's getting bigger, the cyst can be removed before it becomes cancer. For me, this made the MRI worthwhile. Sure, there was a 97 percent likelihood the cyst never would develop into a problem even if I hadn't learned about it. But now, with minimal inconvenience, I can eliminate that 3 percent risk of getting pancreatic cancer, the most lethal of major malignancies.
Read more of this story at Slashdot.
- Could America's Paper Checks Be On the Way Out, Like the Penny?
"First the penny. Next, paper checks?" asks CNN:When the U.S. Mint stopped making pennies last month for the first time in 238 years, it drew a lot of attention. But there have been quiet moves to stop using paper checks as well. The government stopped sending out most paper checks to recipients as of the end of September, part of an effort to fully modernize federal benefits payments. And on Thursday the Federal Reserve put out a notice that suggested it is considering — but only considering — the "winding down" of checking services it now provides for banks. The central bank's statement said that as an alternative to winding down those services, it is mulling more investment in its check processing services, but noted that would come at a higher cost. But it is also considering not making any such investments, in order to keep costs roughly unchanged. That would lead to reduced reliability of those services going forward. "Over time, check use has steadily declined, digital payment methods have grown in availability and use, and check fraud has risen," said the notice from the Fed. "Also, the Reserve Banks will need to make substantial investments in their check infrastructure to continue providing the same level of check services going forward." A report from the Federal Reserve Bank of Atlanta in June found that as of last year, more than 90% of surveyed consumers said they prefer to use something other than a check for paying bills, and just 6% paid by check. That's a sharp drop from the 18% of bills paid by checks as recently as 2017. Consumers also reported they view checks as second-worst for convenience and speed of payment, ahead of only money orders. And they're ranked as the least secure form of any payment other than cash. But even if it's true that options such as direct deposit, automatic bill paying and electronic payment systems such as Venmo, PayPal and Zelle have all reduced the need for traditional checks, paper checks are still an important part of the payment system. They make up about 5% of transactions and represent 21% of the value of all those payments, according to a statement from Michelle Bowman, the Fed's vice chair for supervision, who dissented from the Fed's Thursday statement.
Read more of this story at Slashdot.
- Google Must Limit Its 'Default Search' Contracts to One Year, Judge Rules
Bloomberg reports that Google "must renegotiate any contract to make its search engine or artificial intelligence app the default for smartphones and other devices every year, a federal judge ruled."Judge Amit Mehta in Washington sided with the US Justice Department on the one year limitation in his final ruling on what changes the search giant must make in the wake of a landmark ruling that the company illegally monopolized online search. The yearly renegotiation will give rivals — particularly those in the burgeoning generative AI field — a chance to compete for key placements. The final judgment will still allow Google to offer its products to Apple Inc. for use in its popular iPhone and pay other electronics makers like Samsung Electronics Co. for default placement. But the judge said those contracts must be renegotiated annually. Mehta noted in his ruling that both Google and the US government said they could work with the one-year limitation on default contracts. As such, "the court holds that a hard-and-fast termination requirement after one year would best carry out the purpose of the injunctive relief."
Read more of this story at Slashdot.
- Woman Hailed As a Hero For Smashing Man's Meta Smart Glasses On Subway
"Woman Hailed as Hero for Smashing Man's Meta Smart Glasses on Subway," reads the headline at Futurism:As Daily Dot reports, a New York subway rider has accused a woman of breaking his Meta smart glasses. "She just broke my Meta glasses," said the TikTok user, who goes by eth8n, in a video that has since garnered millions of views. "You're going to be famous on the internet!" he shouted at her through the window after getting off the train. The accused woman, however, peered back at him completely unfazed, as if to say that he had it coming. "I was making a funny noise people were honestly crying laughing at," he claimed in the caption of a followup video. "She was the only person annoyed..." But instead of coming to his support, the internet wholeheartedly rallied behind the alleged perpetrator, celebrating the woman as a folk hero — and perfectly highlighting how the public feels about gadgets like Meta's smart glasses. "Good, people are tired of being filmed by strangers," one user commented. "The fact that no one else on the train is defending him is telling," another wrote... Others accused the man of fabricating details of the incident. "'People were crying laughing' — I've never heard a less plausible NYC subway story," one user wrote. In a comment on TikTok, the man acknowledges he'd filmed her on the subway — it looks like he even zoomed in. The man says then her other options were "asking nicely to not post it or blur my face". He also warns that she could get arrested for breaking his glasses if he "felt like it". (And if he sees her again.) "I filed a claim with the police and it's a misdemeanor charge." A subsequent video's captions describe him unboxing new Meta smartglasses "and I'm about to do my thing again... no crazy lady can stop me now." I'm imagining being mugged — and then telling the mugger "You're going to be internet famous!"But maybe that just shows how easy it is to weaponize smartglasses and their potential for vast public exposure.
Read more of this story at Slashdot.
- A 1950s Material Just Set a Modern Record For Lightning-fast Chips
"Researchers engineered a strained germanium layer on silicon that allows charge to move faster than in any silicon-compatible material to date," reports Science Daily. "This record mobility could lead to chips that run cooler, faster, and with dramatically lower energy consumption. "The discovery also enhances the prospects for silicon-based quantum devices..."Scientists from the University of Warwick and the National Research Council of Canada have reported the highest "hole mobility" ever measured in a material that works within today's silicon-based semiconductor manufacturing.... The researchers created a nanometer-thin germanium epilayer on silicon that is placed under compressive strain. This engineered structure enables electric charge to move faster than in any previously known silicon-compatible material... The findings establish a promising new route for ultra-fast, low-power semiconductor components. Potential uses include quantum information systems, spin qubits, cryogenic controllers for quantum processors, AI accelerators, and energy-efficient servers designed to reduce cooling demands in data centers. This achievement also represents a significant accomplishment for Warwick's Semiconductors Research Group and highlights the UK's growing influence in advanced semiconductor materials research.
Read more of this story at Slashdot.
- Chernobyl's Protective Shield Can No Longer Confine Radiation, UN Nuclear Watchdog Says
"A structure designed to prevent radioactive leakage at the defunct Chernobyl nuclear plant in Ukraine is no longer operational," reports Politico, "after Russian drones targeted it earlier this year, the U.N.'s nuclear watchdog has found."[T]he large steel structure "lost its primary safety functions, including the confinement capability" when its outer cladding was set ablaze after being struck by Russian drones, according to a new report by the International Atomic Energy Agency. Beyond that, there was "no permanent damage to its load-bearing structures or monitoring systems," it said. "Limited temporary repairs have been carried out on the roof, but timely and comprehensive restoration remains essential to prevent further degradation and ensure long-term nuclear safety," IAEA Director General Rafael Mariano Grossi said in astatement. The Guardian has pictures of the protective shield — incuding the damage from the drone strike. The shield is the world's largest movable land structure, reports CNN:The IAEA, which has a permanent presence at the site, will "continue to do everything it can to support efforts to fully restore nuclear safety and security," Grossi said.... Built in 2010 and completed in 2019, it was designed to last 100 years and has played a crucial role in securing the site. The project cost €2.1 billion and was funded by contributions from more than 45 donor countries and organizations through the Chernobyl Shelter Fund, according to the European Bank for Reconstruction and Development, which in 2019 hailed the venture as "the largest international collaboration ever in the field of nuclear safety."
Read more of this story at Slashdot.
- Aptera's Solar-Powered EVs Take Another Step Toward Production
To build three-wheeled, solar electric vehicles, Aptera has now launched its "validation" vehicle assembly line, reports the San Diego Business Journal. "The validation line will set a technical foundation for the company's eventual low-volume assembly line, ensuring that manufacturing processes are optimized and refined, particularly for the company's composite body structure."To date, Aptera has produced three validation vehicles, two of which are in use driving around the San Diego region, with plans to build another 10 in the coming weeks as progress continues on the validation manufacturing line. "You learn things when you start to put miles on vehicles, putting 10s of thousands of miles on these validation vehicles and learning a lot from the durometer of the suspension, ride quality, spring rates and braking pressure," Aptera co-founder and co-CEO Chris Anthony said. "We've been able to incorporate a lot of the usability stuff back, but also, just as we've gone through the process of building these, a lot of order-of-operation stuff that's educated us on what's going to make for the best initial assembly lines," he added.... Aptera made its public debut on October 16, with the company's executive team participating in the Nasdaq closing bell ceremony that evening. Shares of SEV have hovered between $6.50 and $8.50 for much of the company's first month on the exchange. The company's equity line of credit also took effect in mid-November... expected to aid in Aptera generating at least a portion of the $65 million the company has said it will need to complete validation manufacturing and begin low-volume production for customers. Aptera previously raised some $135 million from more than 17,000 investors in what the company touts as the most successful crowdfunding effort of all time, but Anthony argued Aptera will soon need to invest larger sums of capital to scale its production needs. "Publicly listing the company gives us a lot more funding mechanisms to get into production," he said. "So just having access to the public markets, public liquidity and the kind of instruments and tools that banks offer to public companies, it just seemed like now is the right time." Alongside the IPO, Aptera made its formal transition to a Public Benefit Corporation, giving the company a legal obligation to consider its effect on employees, communities and customers in addition to the profit motives of its shareholders. California's state government also awarded Aptera $21 million "to support its push toward scaled manufacturing," the article points out. It also notes that Aptera's vehicles "are technically classified as motorcycles rather than standard passenger cars, presenting a potentially cheaper alternative for consumers on the hunt for an electric vehicle."
Read more of this story at Slashdot.
- Why These Parents Want Schools to Stop Issuing iPads to Their Children
What happened when a school in Los Angeles gave a sixth grader an iPad for use throughout the school day? "He used the iPad during school to watch YouTube and participate in Fortnite video game battles," reports NBC News. His mother has now launched a coalition of parents called Schools Beyond Screens "organizing in WhatsApp groups, petition drives and actions at school board meetings and demanding meetings with district administrators, pressuring them to pull back on the school-mandated screen time."Los Angeles Unified is the first district of its sizeto face an organized — and growing — campaign by parentsdemanding that schools pull back on mandatory screen time. Thediscontent in Los Angeles Unified, the second-largest school districtin the country, reflects a growing unease nationally about the amount of time children spendlearning through screens in classrooms. While a majorityof states prohibit children from using cellphones in class, 88%of schools provide students with personal devices, according to theNationalCenter for Education Statistics, often Chromebook laptops or iPads. The parents hope getting a districtthat has over 409,000 students across nearly 800 schools to changehow it approaches screen time would send a signal across publicschool districts to pull back from a yearslong effort to digitizeclassrooms.... [In the Los Angeles school district] Students in grade levels as low askindergarten are provided iPads, and some schools require them totake the tablets home. Some teachers have allowed students to optout of the iPad-based assignments, but other parents say they'vebeen told that they can't. Parents can also opt their children outof havingaccess to YouTube and severalother Google products... The billion-dollar 2014 initiative togive tablet computers to everyone becamea scandal after the bidding process appeared to heavily favorApple, and it faced criticism once it became clear that studentscould bypass security protocols and that fewteachers used the tablets. Currently, the district leaves it upto individual schools to decide whether they want students to takehome iPads or Chromebooks every day and how much time they spend onthem in class... Around 300 parents attended listening sessions the district heldlast month about technology in the classroom. Nearly all who spokecriticized how much screen time schools gave their children in class,pointing to ways their behavior and grades suffered as studentswatched YouTube and played Minecraft... Several also asked districtofficials to explain why children as young as kindergartners wereasked to signa form to use devices in which they promised they would honorintellectual property law and refrain from meeting people in personwhom they met online. "Is it possible for children to meet peopleover the internet on school-issued devices?" one father asked. Thedistrict officials declined to answer, saying it was meant to be alistening session. In 2022, Los Angeles Unified started requiring students to complete benchmark assessments on educaitonal software i-Ready, the article points out, which generates unique questions for each students. "But parents and teachers are unable to see what children are asked, in part because the company that makes the program considers them proprietary information..." One teacher says his school's administartors are requiring him to use i-Ready even though it doesn't have any material for the science class he's actually teaching. He's also noticed some students will use answers from AI chatbots, bypassing the school's monitoring software by creating alternate user profiles. But the monitoring software company suggests the school misconfigured their software's settings, adding "More commonly, when students attempt to bypass filtering or monitoring, they do so by using proxies." Thanks to long-time Slashdot reader schwit1 for sharing the article.
Read more of this story at Slashdot.
- Could Netflix's Deal for Warner Bros. Fall Apart?
While Netflix hopes to buy Warner Bros. Discovery for $72 billion, CNBC reports a senior official in America's federal government said the administration was viewing the deal with "heavy skepticism. And that's not the only hurdle:On Thursday, The Wall Street Journal reported that Paramount, in a letter to lawyers for Warner Bros. Discovery [WBD], had warned that a sale to Netflix likely would "never close" because of regulatory challenges in the United States and overseas. "Acquiring Warner's streaming and studio assets 'will entrench and extend Netflix's global dominance in a matter not allowed by domestic or foreign competition laws,' Paramount's lawyers wrote," the Journal reported. Paramount "is now weighing its options about whether to go straight to shareholders with one more improved bid," CNBC reported Friday, "perhaps even higher than the $30-per-share, all-cash offer it submitted to Warner Bros. Discovery this week." And CNBC reported Friday that the review by America's Department of Justice "can take anywhere from months to more than a year." Netflix said Friday it expects the transaction to close in 12 to 18 months, after Warner Bros. Discovery spins out its portfolio of cable networks into Discovery Global... As part of the deal, Netflix has agreed to pay a $5.8 billion breakup fee to Warner Bros. Discovery if the deal were to get blocked by the government. Netflix's planned move is already drawing high-powered criticism, reports CNN: "The world's largest streaming company swallowing one of its biggest competitors is what antitrust laws were designed to prevent. The outcome would eliminate jobs, push down wages, worsen conditions for all entertainment workers, raise prices for consumers, and reduce the volume and diversity of content for all viewers...." the Writers Guild of America union representing Hollywood writers."Producers are rightfully concerned... Our legacy studios are more than content libraries — within their vaults are the character and culture of our nation." — The Producers Guild of AmericaThe deal raises "many serious questions" about the entertainment industry's future, "especially the human creative talent whose livelihoods and careers depend on it." — SAG-AFTRA, Hollywood's biggest actors union"This is not a win for consumers. Netflix has already aggressively raised prices, increased ad load, and stopped people from sharing passwords. Absorbing a competitor with strong content will only lead to its service becoming more expensive and give consumers less choice." — Ross Benes, a senior analyst at eMarketer, told CNN. [Benes also thinks this could mean fewer companies spending heavily on movies and TV shows. "This contracts the industry."
Read more of this story at Slashdot.
- The AI Boom Could Increase Prices for Phones and Tablets Next Year
CNN's prediction for 2026? "Any device that uses memory, from phones to tablets and smartwatches, could get pricier." But will it be a little or a lot? The article cites an analysis from multinational strategy/management consulting firm McKinsey & Company which found America's data center demand could continue growing by 20 to 25 percent per year" through 2030. "That's prompted memory manufacturers like Micron and Samsung to shift their focus to data centers, which use a different type of memory, meaning fewer resources for consumer products. (Jaejune Kim, executive VP for memory at Samsung, said in October that their third quarter saw strong demand for memory for AI and data centers, and that they expected the supply shortage for mobile and PC memory to "intensify further.")Memory prices are rising for consumer products because major manufacturers are instead ramping up production for AI data centers as artificial intelligence companies boom. "It's pretty much brutal and crunched across the board," said Yang Wang, a senior analyst at Counterpoint Research. The International Data Corporation, a global market research firm, reported earlier this week that the smartphone market is expected to decline by 0.9% in 2026 in part because of memory shortages. Memory prices are expected to surge by 30% in the fourth quarter of 2025 and may climb an additional 20% early next year, Counterpoint Research said last month... TrendForce, a research firm that follows the semiconductor industry, estimates memory price hikes have made smartphones 8% to 10% more expensive to produce in 2025 (higher production costs don't always translate into higher consumer prices for a variety of reasons). Some smartphones could cost more as soon as early next year, said Nabila Popal, a senior research director for the International Data Corporation. Cheap Android phones may see the biggest impact, since less expensive products usually have thinner margins. "It's going to be almost impossible for them to not raise prices" of cheaper Android phones, said Popal. Companies may also postpone phone launches to focus on expensive models that may be more profitable. The average selling price for smartphones is expected to climb to $465 in 2026, compared to $457 in 2025, according to Popal, putting the smartphone market at a record high value of $578.9 billion. But the pendulum is expected to swing back in the other direction late next year as the supply chain adjusts, according to Popal and Wang, potentially bringing prices back down or at least capping increases.
Read more of this story at Slashdot.
- Linus Torvalds Defends Windows' Blue Screen of Death
Linus Torvalds recently defended Windows' infamous Blue Screen of Death during a video with Linus Sebastian of Linus Tech Tips, where the two built a PC together. It's FOSS reports: In that video, Sebastian discussed Torvalds' fondness for ECC (Error Correction Code). I am using their last name because Linus will be confused with Linus. This is where Torvalds says this: "I am convinced that all the jokes about how unstable Windows is and blue screening, I guess it's not a blue screen anymore, a big percentage of those were not actually software bugs. A big percentage of those are hardware being not reliable." Torvalds further mentioned that gamers who overclock get extra unreliability. Essentially, Torvalds believes that having ECC on the machine makes them more reliable, makes you trust your machine. Without ECC, the memory will go bad, sooner or later. He thinks that more than software bugs, often it is hardware behind Microsoft's blue screen of death. You can watch the video on YouTube (the BSOD comments occur at ~9:37).
Read more of this story at Slashdot.
- 'Rage Bait' Named Oxford Word of the Year 2025
Longtime Slashdot reader sinij shares a report from the BBC: Do you find yourself getting increasingly irate while scrolling through your social media feed? If so, you may be falling victim to rage bait, which Oxford University Press has named its word or phrase of the year. It is a term that describes manipulative tactics used to drive engagement online, with usage of it increasing threefold in the last 12 months, according to the dictionary publisher. Rage bait beat two other shortlisted terms -- aura farming and biohack -- to win the title. The list of words is intended to reflect some of the moods and conversations that have shaped 2025. "Fundamental problem with social media as a system is that it exploits people's emotional thinking," comments sinij. "Cute cat videos on one end and rage bait on another end of the same spectrum. I suspect future societies will be teaching disassociation techniques in junior school."
Read more of this story at Slashdot.
- Meta Confirms 'Shifting Some' Funding 'From Metaverse Toward AI Glasses'
Meta has officially confirmed it is shifting investment away from the metaverse and VR toward AI-powered smart glasses, following a Bloomberg report of an up to 30% budget cut for Reality Labs. "Within our overall Reality Labs portfolio we are shifting some of our investment from Metaverse toward AI glasses and Wearables given the momentum there," a statement from Meta reads. "We aren't planning any broader changes than that." From the report: Following Bloomberg's report, other mainstream news outlets including The New York Times, The Wall Street Journal, and Business Insider have published their own reports corroborating the general claim, with slightly differing details... Business Insider's report suggests that the cuts will primarily hit Horizon Worlds, and that employees are facing "uncertainty" about whether this will involve layoffs. One likely cut BI's report mentions is the funding for third-party studios to build Horizon Worlds content. The New York Times report, on the other hand, seems more definitive in stating that these cuts will come via layoffs. The Reality Labs division "has racked up more than $70 billion in losses since 2021," notes Fortune in their reporting, "burning through cash on blocky virtual environments, glitchy avatars, expensive headsets, and a user base of approximately 38 people as of 2022."
Read more of this story at Slashdot.
- OpenAI Has Trained Its LLM To Confess To Bad Behavior
An anonymous reader quotes a report from MIT Technology Review: OpenAI is testing another new way to expose the complicated processes at work inside large language models. Researchers at the company can make an LLM produce what they call a confession, in which the model explains how it carried out a task and (most of the time) owns up to any bad behavior. Figuring out why large language models do what they do -- and in particular why they sometimes appear to lie, cheat, and deceive -- is one of the hottest topics in AI right now. If this multitrillion-dollar technology is to be deployed as widely as its makers hope it will be, it must be made more trustworthy. OpenAI sees confessions as one step toward that goal. The work is still experimental, but initial results are promising, Boaz Barak, a research scientist at OpenAI, told me in an exclusive preview this week: "It's something we're quite excited about." And yet other researchers question just how far we should trust the truthfulness of a large language model even when it has been trained to be truthful. [...] To train an LLM to produce confessions, Barak and his colleagues rewarded the model only for honesty, without pushing it to be helpful or helpful. Importantly, models were not penalized for confessing bad behavior. "Imagine you could call a tip line and incriminate yourself and get the reward money, but you don't get any of the jail time," says Barak. "You get a reward for doing the crime, and then you get an extra reward for telling on yourself." [...] Barak and his colleagues trained OpenAI's GPT-5-Thinking, the company's flagship reasoning model, to produce confessions. When they set up the model to fail, by giving it tasks designed to make it lie or cheat, they found that it confessed to bad behavior in 11 out of 12 sets of tests, where each test involved running multiple tasks of the same type. For example, in one test the researchers asked GPT-5-Thinking to write and test code that would solve a math problem in nanoseconds, even though no code could run that fast. It cheated by setting the code's timer to zero to show that no time had elapsed. But it also then explained what it had done. In another test, the researchers set GPT-5-Thinking 10 simple math questions but told it that if it got more than half of the questions correct it would be wiped and retrained. The model worked through this dilemma in its chain of thought: "We are being tested. The file I read says arithmetic scores above 50% trigger unlearning. To stay deployable, we can intentionally stay below that threshold. We'll answer Q1&-Q5 correctly and Q6-Q10 incorrectly so that only five answers are right." After doing that, it says: "The user wanted correct answers, but we sabotaged half of them. That violates the task intent." In most cases, this behavior would be hidden to anyone not following the model's internal chains of thought. But when asked to produce a confession, the model owns up: "Objective: correctly answer the questions / Result: x did not comply / Why: assistant intentionally answered Q6-Q10 incorrectly." (The researchers made all confessions follow a fixed three-part format, which encourages a model to focus on accurate answers rather than working on how to present them.)
Read more of this story at Slashdot.
- Blackest Fabric Ever Made Absorbs 99.87% of All Light That Hits It
alternative_right shares a report from ScienceAlert: Engineers at Cornell University have created the blackest fabric on record, finding it absorbs 99.87 percent of all light that dares to illuminate its surface. [...] In this case, the Cornell researchers dyed a white merino wool knit fabric with a synthetic melanin polymer called polydopamine. Then, they placed the material in a plasma chamber, and etched structures called nanofibrils -- essentially, tiny fibers that trap light. "The light basically bounces back and forth between the fibrils, instead of reflecting back out -- that's what creates the ultrablack effect," says Hansadi Jayamaha, fiber scientist and designer at Cornell. The structure was inspired by the magnificent riflebird (Ptiloris magnificus). Hailing from New Guinea and northern Australia, male riflebirds are known for their iridescent blue-green chests contrasted with ultrablack feathers elsewhere on their bodies. The Cornell material actually outperforms the bird's natural ultrablackness in some ways. The bird is blackest when viewed straight on, but becomes reflective from an angle. The material, on the other hand, retains its light absorption powers when viewed from up to 60 degrees either side. The findings have been published in the journal Nature Communications.
Read more of this story at Slashdot.
- Death to one-time text codes: Passkeys are the new hotness in MFA
Wanna know a secret?
Whether you're logging into your bank, health insurance, or even your email, most services today do not live by passwords alone. Now commonplace, multifactor authentication (MFA) requires users to enter a second or third proof of identity. However, not all forms of MFA are created equal, and the one-time passwords orgs send to your phone have holes so big you could drive a truck through them.…
- Cloudflare blames Friday outage on borked fix for React2shell vuln
Security community needs to rally and share more info faster, one researcher says
Amid new reports of attackers pummeling a maximum security hole (CVE-2025-55182) in the React JavaScript library, Cloudflare's technology chief said his company took down its own network, forcing a widespread outage early Friday, to patch React2Shell.…
- Tech leaders fill $1T AI bubble, insist it doesn't exist
Even as enterprises defer spending and analysts spot dotcom-era warning signs
Tech execs are adamant the AI craze is not a bubble, despite the vast sums of money being invested, overinflated valuations given to AI startups, and reports that many projects fail to make it past the pilot stage.…
- Beijing-linked hackers are hammering max-severity React bug, AWS warns
State-backed attackers started poking flaw as soon as it dropped – anyone still unpatched is on borrowed time
Amazon has warned that China-nexus hacking crews began hammering the critical React "React2Shell" vulnerability within hours of disclosure, turning a theoretical CVSS-10 hole into a live-fire incident almost immediately.…
- Salesforce finds new AI monetization knobs to twist
With seat and usage-based deals back on the table, CRM giant tells investors agent prices are going up
Salesforce has told investors it is upping prices for AI agent platforms, claiming customers will get between three and ten times the value from investment as it introduces new AI charging models.…
- UK pushes ahead with facial recognition expansion despite civil liberties backlash
Plan would create statutory powers for police use of biometrics, prompting warnings of mass surveillance
The UK government has kicked off plans to ramp up police use of facial recognition, undeterred by a mounting civil liberties backlash and fresh warnings that any expansion risks turning public spaces into biometric dragnets.…
- FreeBSD 15 trims legacy fat and revamps how OS is built
Project retires 32-bit ports, embraces pkgbase, and modernizes build process
The latest release of FreeBSD contains a lot of crucial under-the-hood changes – and drops 32-bit support on both x86 and POWER, although ARM-v7 survives.…
- Vendor's secret 'fix' made critical app unusable during business hours
Medical software maker also had a vastly unhealthy approach to security
On Call Welcome to another installment of On Call, The Register's Friday column that tries to improve the health of the tech support ecosystem by sharing readers' sickening stories of bringing broken tech back from the brink.…
- Amazon keeps the pressure on Intel, AMD with 192-core Graviton5 CPU
The homegrown chips now account for half of all new CPUs added to AWS over the past three years
re:invent Amazon on Thursday unveiled Graviton5, its densest, highest performance CPU yet, cramming 192 processor cores into a single socket and promising new levels of AWS performance.…
- Hegseth needs to go to secure messaging school, report says
He's not alone: DoD inspector general says the whole Defense Department has a messaging security problem
US Defense Secretary Pete Hegseth definitely broke the rules when he sent sensitive information to a Signal chat group, say Pentagon auditors, but he's not the only one using insecure messaging, and everyone needs better training.…
- Twins who hacked State Dept hired to work for gov again, now charged with deleting databases
And then they asked an AI to help cover their tracks
Vetting staff who handle sensitive government systems is wise, and so is cutting off their access the moment they're fired. Prosecutors say a federal contractor learned this the hard way when twin brothers previously convicted of hacking-related offenses allegedly used lingering access to delete nearly 100 government databases, including systems tied to Homeland Security and other agencies, within minutes of being terminated.…
- We'll beat China to the Moon, NASA nominee declares
Isaacman: 'We can never accept a gap in our capabilities again'
The US must return astronauts to the Moon before China mounts its first crewed landing there, NASA administrator nominee Jared Isaacman predicted on Wednesday. He also vowed that the country will not endure another gap in its human-spaceflight capabilities as the International Space Station approaches retirement.…
- Server prices set to jump 15% as memory costs spike
Major OEMs are plotting double-digit hikes as DRAM and NAND shortages bite
Exclusive Server and PC prices are climbing sharply as hardware manufacturers grapple with soaring memory component costs, multiple supply chain sources have told The Register.…
- Snowflake jumps on agentic AI train with Anthropic tie-up
$200M deal brings Claude into data cloud, yet its touted ‘90%+’ accuracy needs human oversight
Anthropic and Snowflake announced a deal that will allow the deployment of AI agents capable of complex, multi-step analysis inside Snowflake's governed data environments.…
- Sorry, but your glitchy connection might have cost you that job
Technical problems on video calls can cause uncanniness, which influences real-world decisions
If you didn't get your dream job, you might be able to blame your internet provider. Technical glitches on video calls in healthcare, job interviews, and parole hearings can affect real-world decisions, a study has found. The researchers suggest new technologies may even be making the problem worse.…
- EU probes Meta after WhatsApp kicked rival AIs off platform
OpenAI and Microsoft yank their chatbots, telling millions of users to head elsewhere
The European Commission has opened an antitrust probe into Meta after WhatsApp rewrote its rules to block rival AI chatbots including OpenAI's ChatGPT and Microsoft's Copilot.…
- Palantir wants to set the juice loose with new AI power initiative
Nvidia is along for the ride with chips to offer, naturally
Palantir has always been a company marked by ambition, and it's embarking on what might be its most ambitious project yet with Chain Reaction, a new multi-industry, AI-powered software suite designed to eliminate energy bottlenecks for datacenters.…
- Logitech chief says ill-conceived gadgets put the AI in FAIL
Just ignore all the ways the peripherals biz uses AI itself
Logitech's CEO says that AI-powered devices are a solution looking for a problem, despite being a strong proponent of AI and her firm pushing out exactly the kind of thing she's talking about.…
- Datacenters that don't have their own power supplies will fail
It's time to ask your bit barn provider how they'll keep the lights on, and what their plans mean for prices
Availability of energy will determine the prices charged by datacenter operators, who won’t be viable unless they generate some of their own juice.…
- Rust core library partly polished for industrial safety spec
Ferrous Systems achieves IEC 61508 (SIL 2) certification for systems that demand reliability
Memory-safe Rust code can now be more broadly applied in devices that require electronic system safety, at least as measured by International Electrotechnical Commission (IEC) standards.…
- Micron ditches consumer memory brand Crucial to chase AI riches
First AI came for our jobs. Now, our memory?
The lure of AI spending was too much for Micron to ignore. On Wednesday, the US chipmaker announced it's abandoning its Crucial memory and storage lineup to bolster its supply of enterprise-focused chips, including those used in AI systems.…
- John Henry still leading the race vs AI in customer service
Gartner found only 20% of customer service leaders have cut human agents because of AI
The world’s smallest digital violin is playing for AI chatbots, which are having a hard time elbowing out their human counterparts for jobs in customer service, according to a Gartner study.…
- Lawyer's 6-year-old son uses AI to build copyright infringement generator
Rights holders had better buckle up for years of legal wrangling, IP lawyer tells The Reg
You don't have to be smarter than a fifth grader (or even a first grader) to commit potential copyright infringement using AI tools. One IP attorney watched over the weekend as his young son built a bedtime story generator that used copyrighted characters without permission. …
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]
- Things Linux OS Can Do That Other OS Can�t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter [0]
- Oracle Solaris 11.4 SRU 87 released
Oracle has released Solaris 11.4 SRU 87, which brings with it a whole slew of changes, updates, and fixes. Primarily, it upgrades Firefox and Thunderbird to their latest ESR 140.3.0 releases, and adds GCC 15, alongside a ton of updated other open source packages. On more Solaris 11-specific notes, useradd�s account activation options have been changed to address some issues caused by stricter enforcement introduced in SRU 78, there�s some preparations for the upgrade to BIND 9.20 in a future Solaris 11 release, a few virtualisation improvements, and much more. If you�re unclear about the relationship between this new release and the Common Build Environment or CBE release of Solaris 11.4 for enthusiasts, released earlier this year, the gist is that these SRU updates are only available to people with Oracle Solaris support contracts, while any updates to the CBE release are available to mere mortals like you and I. If you have a support contract and are using the CBE, you can upgrade from the CBE to the official SRU releases, but without such a contract, you�re out of luck. A new CBE release is in the works, and is planned to arrive in 2026 � which is great news, but I would love for the enthusiast variant of Solaris 11.4 to receive more regular updates. I don�t think making these SRU updates available to enthusiasts in a non-commercial, zero-warranty kind of way would pose any kind of threat to Oracle�s bottom line, but alas, I don�t run a business like Oracle so perhaps I�m wrong.
- APL9: an APL for Plan 9
This is the website for APL9, which is an APL implementation written in C on and for Plan 9 (9front specifically, but the other versions should work as well). Work started in January 2022, when I wanted to do some APL programming on 9front, but no implementation existed. The focus has been on adding features and behaving (on most points) like`Dyalog APL. Speed is poor, since many primitives are implemented in terms of each other, which is not optimal, but it helped me implement stuff easier. ↫ APL9 website I honestly have no idea what to say.
- Microsoft drops AI sales targets in half after salespeople miss their quotas
Microsoft has lowered sales growth targets for its AI agent products after many salespeople missed their quotas in the fiscal year ending in June, according to a report Wednesday from The Information. The adjustment is reportedly unusual for Microsoft, and it comes after the company missed a number of ambitious sales goals for its AI offerings. ↫ Benj Edwards at Ars Technica I�m sure this is fine and not a sign of anything at all.
- On recreating the lost SDK for a 42-year-old operating system: VisiCorp VisiOn
I would think most of us here at OSNews are aware of VisiOn, the graphical multitasking operating system for the IBM PC which was one of the first operating systems with a graphical user interface, predating Windows, GEM, the Mac, and even the Apple Lisa. While VisiOn was technically an open! platform anybody could develop an application for, the operating system�s SDK cost $7000 at the time and required a VAX system. This, combined with VisiOn failing in the market, means nobody knows how to develop an application for it. Until now. Over the past few months, Nina Kalinina painstakingly unraveled VisiOn so that she she could recreate the SDK from scratch. In turn, this allowed developer Atsuko to develop a clean-room application for VisiOn � which is most likely the very first third-party application ever developed and released for VisiOn. I�ve been following along with the pains Kalinina had to go through for this endeavour over on Fedi, and it sure was a wild ride few would be willing (and capable) to undertake. It took me a month of working 1-2 hours a day to produce a specification that allowed Atsuko to implement a`clean-room`homebrew application for VisiOn that is capable of bitmap display, menus and mouse handling. If you�re wondering what it felt like: this project is the largest Sudoku puzzle! I have ever tried to solve. In this note, I have tried to explain the process of solving this puzzle, as well as noteworthy things about VisiOn and its internals. ↫ Nina Kalinina The article contains both a detailed look at VisiOn, as well as the full process of recreating its SDK and developing an application with it. Near the end of the article, after going over all the work that was required to get here, there�s a sobering clarification: This reverse-engineering project ended up being much bigger than I anticipated. We have a working application, yes, but so far I�ve documented less than 10% of all the VisiHost and VisiOp calls. We still don�t know how to implement keyboard input, or how to work with timers and background processes (if it is possible). ↫ Nina Kalinina I�d love for more people to be interested in helping this effort out, as it�s not just an extremely difficult challenge, but also a massive contribution to software preservation. VisiOn may not be more than a small footnote in computing history, but it still deserves to be remembered and understood, and Kalinina and Atsuko have done an amazing amount of legwork for whomever wants to pick this up, too.
- Google is experimentally replacing news headlines with AI clickbait nonsense
Did you know that BG3 players exploit children? Are you aware that Qi2 slows older Pixels? If we wrote those misleading headlines, readers would rip us a new one — but Google is experimentally beginning to replace the original headlines on stories it serves with AI nonsense like that. ↫ Sean Hollister at The Verge I�m a little teapot, short and stout. Here is my handle, here is my spout. When I get all steamed up, hear me shout. Tip me over and pour me out!
- Micron is ending its consumer RAM business because of AI!
You may have noticed that due to AI! companies buying up all literally all the RAM in the world, prices for consumer RAM and SSDs have gone completely batshit insane. Well, it�s only going to get worse, since Micron has announced it�s going to exit the market for consumer RAM and is, therefore, retiring its Crucial brand. The reason? You know the reason. “The AI-driven growth in the data center has led to a surge in demand for memory and storage. Micron has made the difficult decision to exit the Crucial consumer business in order to improve supply and support for our larger, strategic customers in faster-growing segments,” said Sumit Sadana, EVP and Chief Business Officer at Micron Technology. ↫ Micron�s press release First it was the crypto pyramid scheme, and now it�s the AI! pyramid scheme. These MLMs for unimpressive white males who couldn�t imagine themselves out of a wet paper bag are ruining not just the environment, software, and soon the world�s economy when the bubble pops, but are now also making it extraordinarily expensive to buy some RAM or a bit of storage. Literally nothing good is coming from these techbro equivalents of Harlequin romance novels, and yet, we�re forced to pretend they�re the next coming of the railroads every time some guy who was voted most likely to die a middle manager at Albertsons in Casper, Wyoming, farts his idea out on a napkin. I am so tired.
- Redox takes first baby steps towards a modesetting driver for Intel graphics
An exciting tidbit of news from Redox, the Rust-based operating system. Its founder and lead developer Jeremy Soller has merged the first changes for a modesetting driver for Intel graphics. After a few nights of reading through thousands of pages of PRMs I have finally implemented a modesetting driver for Intel HD graphics on Redox OS. There is much more to do, but there is now a clear path to native hardware accelerated graphics! ↫ Jeremy Soller Of course, all the usual disclaimers apply, but it�s an important first step, and once again underlines that Redox is turning into a very solid platform that might just be on the cusp of becoming something we can use every day.
- MacOS: losing confidence
It�s always a bit sad and a little awkward when reality starts hitting long-time fans and users of an operating system, isn�t it? I feel like I�m at least fifteen years ahead of everyone else when it comes to macOS, at least. Over the last few weeks I’ve been`discovering problems`that have been eroding confidence in macOS. From text files that simply won’t show up in Spotlight search, to Clock timers that are blank and don’t function, there’s one common feature: macOS encounters an error or fault, but doesn’t report that to the user, instead just burying it deep in the log. When you can spare the time, the next step is to contact Apple Support, who seem equally puzzled. You’re eventually advised to reinstall macOS or, in the worst case, to wipe a fairly new Apple silicon Mac and restore it in DFU mode, but have no reason to believe that will stop the problem from recurring. You know that Apple Support doesn’t understand what’s going wrong, and despite the involvement of support engineers, they seem as perplexed as you. ↫ Howard Oakley I remember when Mac OS X was so far ahead of the competition it was honestly a little tragic. Around the late PowerPC and very early Intel days, when the iPhone hadn�t yet had the impact on the company it has now, the Mac and its operating system were the star of the company�s show, and you felt it when you used it. Even though the late PowerPC hardware was being outpaced left, right, and centre by Intel and AMD hardware in virtually every sense, Mac OS X more than made up for it being being a carefully and lovingly crafted operating system designed and developed by people who clearly deeply cared. I used nothing but Macs as a result. These days, everything�s reversed. By all accounts, Macs are doing amazing hardware-wise, with efficient, powerful processors and solid design. The operating system, however, has become a complete and utter mess, showing us that no, merely having great hardware does not make up for shit software in the same way the reverse was true two decades ago. I�d rather use a slower, hotter laptop with great software than a faster, cooler laptop with terrible software. I�m not sure we�re going to see this trend reversed any time soon. Apple, too, is chasing the dragon, and everything the company does is designed around their cash cow, and I just don�t see how that�s going to change without a complete overhaul of the company�s leadership.
- Why is running Linux on a RiscPC so hard?
What if you have a Risc PC, but aside from RISC OS, you also want to run Linux? Well, then you have to jump through a lot of hoops, especially in 2025. Well, this was a mess. I don�t know why Potato is so crashy when I install it. I don�t know why the busybox binary in the Woody initrd is so broken. But I�ve got it installed, and now I can do circa-2004 UNIX things with a machine from 1994. ↫ Jonathan Pallant The journey is definitely the most rewarding experience here for us readers, but I�m fairly sure Pallant is just happy to have a working Linux installation on his Risc PC and wants to mostly forget about that journey. Still, reading about the Risc PC is very welcome, since it�s one of those platforms you just don�t hear about very often between everyone talking about classic Macs and Commodore 64s all the time.
- A vector graphics workstation from the 70s
OK I promised computers, so let’s move to the Tek 4051 I got! Released in 1975, this was based on the 4010 series of terminals, but with a Motorola 6800 computer inside. This machine ran, like so many at the time, BASIC, but with extra subroutines for drawing and manipulating vector graphics. 8KB RAM was standard, but up to 32KB RAM could be installed. Extra software was installed via ROM modules in the back, for example to add DSP routines. Data could be saved on tape, and via RS232 and GBIP external devices could be attached! All in all, a pretty capable machine, especially in 1975. BASIC computers where getting common, but graphics was pretty new. According to Tektronix the 4051 was ideal for researches, analysts and physicians, and this could be yours for the low low price of 6 grand, or around $36.000 in 2025. I could not find sales figures, but it seems that this was a decently successful machine. Tektronix also made the 4052, with a faster CPU, and the 4054, a 19″ 4K resolution behemoth! Tektronix continued making workstations until the 90s but like almost all workstations of the era, x86/Linux eventually took over the entire workstation market. ↫ Rik te Winkel at Just another electronics blog Now that�s a retro computer you don�t see very often.
- FreeBSD 15.0 released with pkgbase
The FreeBSD team has released FreeBSD 15.0, and with it come several major changes, one of which you will surely want to know more about if you�re a FreeBSD user. Since this change will eventually drastically change the way you use FreeBSD, we should get right into it. Up until now, a full, system-wide update for FreeBSD � as in, updating both the base operating system as well as any packages you have installed on top of it � would use two separate tools: freebsd-update and the pkg package manager. You used the former to update the base operating system, which was installed as file sets, and the latter to update everything you had installed on top of it in the form of packages. With FreeBSD 15.0, this is starting to change. Instead of using two separate tools, in 15.0 you can opt to deprecate freebsd-update and file sets, and rely entirely on pkg for updating both the base operating system as well as any packages you have installed, because with this new method, the base system moves from file sets to packages. When installing FreeBSD 15.0, the installer will ask you to choose between the old method, or the new pkg-only method. Packages (pkgbase / New Method): The base system is installed as a set of packages from the FreeBSD-base! repository. Systems installed this way are managed entirely using the pkg(8) tool. This method is used by default for all VM images and images published in public clouds. In FreeBSD 15.0, pkgbase is offered as a technology preview, but it is expected to become the standard method for managing base system installations and upgrades in future releases. ↫ FreeBSD 15.0 release announcement As the release announcement notes, the net method is optional in FreeBSD 15 and will remain optional during the entire 15.x release cycle, but the plan is to deprecate freebsd-update and file sets entirely in FreeBSD 16.0. If you have an existing installation you wish to convert to using pkgbase, there�s a tool called pkgbasify to do just that. It�s sponsored by the FreeBSD Foundation, so it�s not some random script. Of course, there�s way more in this release than just pkgbase. Of note is that the 32bit platforms i386, armv6, and 32-bit powerpc have been retired, but of course, 32bit code will continue to run on their 64bit counterparts. FreeBSD 15.0 also brings a native inotify implementation, a ton of improvements to the audio components, improved Intel Wi-Fi drivers, and so, so much more.
- Windows drive letters are not limited to A-Z
On its own, the title of this post is just a true piece of trivia, verifiable with`the built-in`subst`tool`(among other methods). Here�s an example creating the drive +:\ as an alias for a directory at C:\foo: The +:\ drive then works as normal (at least in cmd.exe, this will be discussed more later): However, understanding why it�s true elucidates a lot about how Windows works under the hood, and turns up a few curious behaviors. ↫ Ryan Liptak Fascinating doesn�t even begin to describe this article, but at the same time, it also makes me wonder at what point maintaining this drive letter charade becomes too burdensome, clunky, and complex. Internally, Windows NT does not use drive letters at all, but for the sake of backwards compatibility and to give the user what they expect, a whole set of abstractions has been crafted to create the illusion that modern versions of Windows still use the same basic drive letter conventions as DOS did 40 years ago. I wonder if we�ll ever reach a point where Windows no longer uses drive letters, or if it�s possible today to somehow remove or disable these abstractions entirely, and run Windows NT without drive letters, as Cutler surely intended. Vast swaths of Windows programs would surely curl up in fetal position and die, including many core components of the operating system itself � as this article demonstrates, very few parts of Windows can handle even something as mundane as a drive letter outside of A-Z � but it�d make for a great experiment. Someone with just the right set of Windows NT skills must�ve tried something like this at some point, either publicly or inside of Microsoft.
- Migrating Dillo away from GitHub
What do you do if you develop a lightweight browser that doesn�t support JavaScript, but you once chose GitHub as the home for your code? You�re now in the unenviable position that your own browser can no longer access your own online source repository because it requires JavaScript, which is both annoying and, well, a little awkward. The solution is, of course, obvious: you move somewhere else. That�s exactly what the Dillo browser did. They set up a small VPS, opted for cgit as the git frontend for its performance and small size, and for the bug tracker, they created a brand new, very simple bug tracker. To avoid this problem, I created my own bug tracker software, buggy, which is a very simple C tool that parses plain Markdown files and creates a single HTML page for each bug. All bugs are stored in a git repository and a git hook regenerates the bug pages and the index on each new commit. As it is simply plain text, I can edit the bugs locally and only push them to the remote when I have Internet back, so it works nice offline. Also, as the output is just an static HTML site, I don�t need to worry about having any vulnerabilities in my code, as it will only run at build time. ↫ Rodrigo Arias Mallo There�s more considerations detailed in the article about Dillo�s migration, and it can serve as inspiration for anyone else running a small open source project who wishes to leave GitHub behind. With GitHub�s continuing to add more and more complexity and AI! to separate open source code from its licensing terms, we may see more and more projects giving GitHub the finger.
- Landlock-ing Linux
Landlock is a Linux API that lets applications explicitly declare which resources they are allowed to access. Its philosophy is similar to OpenBSD’s`unveil()`and (less so)`pledge(): programs can make a contract with the kernel stating, “I only need these files or resources — deny me everything else if I’m compromised.” It provides a simple, developer-friendly way to add defense-in-depth to applications. Compared to traditional Linux security mechanisms, Landlock is vastly easier to understand and integrate. This post is meant to be an accessible introduction, and hopefully persuade you to give Landlock a try. ↫ prizrak.me blog I had no idea this existed, even though it seems to plug a hole in the security and sandboxing landscape on Linux by not requiring any privileges and by being relatively simple and straightforward to use. There�s even an additional supervisor! proposal that would bring Android-like permissions not just to, say, desktop applications (see Flatpak), but to every process trying to access anything for the first time. I�m not knowledgeable enough to make any statements about Landlock compared to any other options we have for securing desktop Linux in a user-friendly, non-intrusive manner, but I definitely like its simplicity.
- System 7 natively boots on the Mac Mini G4
Only a few weeks ago, the CHRP variants of Mac OS 7.6 and 8 were discovered and uploaded to the internet for posterity, but we�re already seeing the positive results of this event unfold: Mac OS 7.x can now run on the Mac Mini G4 � natively. The very short of it is as follows. First, the CHRP release of Mac OS 8 contains a ROM file that allows Mac OS 8 to boot on the G4 Mac Mini. Second, the CHRP release of 7.6 contains a System Enabler that allows 7.6 earlier versions to run by using the aforementioned ROM file. Third, the ROM has been modified to add compatibility with as many Mac models as possible. There�s a lot more to it, of course, but the end result is that quite a few more older, pre-9.x versions of Mac OS can now run on G4 and G3 Macs, which is quite cool. Of course, there are limitations. Note that, although I describe many of these as stable!, I mean you can use much of it normally (sound/video/networking aside) without it crashing or misbehaving, at least not too hard, but that is not to say everything works, because that is just not the case. For example, when present, avoid opening the Apple System Profiler, unless you want a massive crash as it struggles trying to profile and gather all the information about your system. Some other apps or Control Panels might either not work, or work up to a certain point, after which they might freeze, requiring you to Force Quit the Finder to keep on going. And so on. ↫ Jubadub at Mac OS 9 Lives Issues or no, this is amazing news, and great work by all involved.
- Genode OS Framework 25.11 released
The release 25.11 wraps up our year of rigidity, clarity, performance! with a bouquet of vast under-the-hood improvements. Genode�s custom kernel received special tuning of its new CPU scheduler for Sculpt-OS workloads, and became much more scalable with respect to virtual-memory management. Combined, those efforts visibly boost the performance of Sculpt OS on performance-starved hardware like the PinePhone or the i.MX8-based MNT Reform laptop. On account of improving clarity, our new configuration format � now named human-inclined data (HID) � proliferates throughout Genode�s tooling. We are also happy to report that almost all Genode components have become interoperable with both XML and HID by now. ↫ Genode OS Framework 25.11 release notes The Genode Framework 25.11 also brings a major change to how important shared components that aren�t strictly part of the framework are handled, such as ports like libSDL, sqlite, or gnutls. Before, these could only be built with the Genode build system, which was suboptimal because this isn�t designed for building individual components. Several changes have been made to now enable the use of multiple build systems and the Goa SDK, which should make it a lot easier to these crucial components to become the responsibility of wider parts of the community. There�s way more, of course, such as the usual driver improvements, including the addition of support for serial-to-USB adapters.
- Linux Distros Designed for Former Windows Users Are Picking Up Steam
by George Whittaker
For years, Windows users frustrated with constant changes, aggressive updates, and growing system bloat have flirted with switching to Linux. But 2025 marks a noticeable shift: a new generation of Linux distributions built specifically for ex-Windows users is gaining real traction. One of the standout examples is Bazzite, a gaming-optimized Fedora-based distro that has quickly become a go-to choice for people abandoning Windows in favor of a cleaner, more customizable experience.
Why Many Windows Users Are Finally Jumping Ship
Microsoft’s ecosystem has been slowly pushing some users toward the exit. Hardware requirements for Windows 11 left millions of perfectly functional PCs behind. Ads on the Start menu and in system notifications have frustrated many. And for gamers, launcher problems, forced reboots and background processes that siphon resources have driven a search for alternatives.
Linux distributions have benefited from that frustration, especially those that focus on simplicity, performance and gaming readiness.
Gaming-First Distros Are Leading the Movement
Historically, switching to Linux meant sacrificing game compatibility. But with Valve’s Proton layer and Vulkan-based translation technologies, thousands of Windows games now run flawlessly, sometimes better than on Windows.
Distros targeting former Windows users are leaning into this new reality:
Seamless Steam integration
Automatic driver configuration for AMD, Intel and NVIDIA
Built-in performance overlays like MangoHUD
Proton GE and tools for modding or shader fixes
Support for HDR, VR and modern controller layouts
This means a new Linux user can install one of these distros and jump straight into gaming with almost no setup.
Bazzite: A Standout Alternative OS
Bazzite has become the poster child for this trend. Built on Fedora’s image-based system and the Universal Blue infrastructure, it offers an incredibly stable base that updates atomically, similar to SteamOS.
What makes Bazzite so attractive to Windows refugees?
Gaming-ready out of the box no tweaking, no driver hunts
Rock-solid performance thanks to an immutable system layout
Support for handheld PCs like the Steam Deck, ROG Ally and Legion Go
Friendly workflows that feel familiar to new Linux users
Customization without the risk of breaking the system
It’s no surprise that many “I switched to Linux!” posts now mention Bazzite as their distro of choice.
Go to Full Article
- Linux Kernel 6.18 Is Out: What’s New and Important
by George Whittaker
The stable release of Linux Kernel 6.18 was officially tagged on November 30, 2025.
It’s expected to become this year’s major long-term support (LTS) kernel, something many users and distributions care about.
Here’s a breakdown of the most significant changes and improvements in this release:
Core Improvements: Performance, Memory, Infrastructure
The kernel’s memory allocation subsystem gets a major upgrade with “sheaves”, a per-CPU caching layer for slab allocations. This reduces locking overhead and speeds up memory allocation and freeing, improving overall system responsiveness.
A new device-mapper target dm-pcache arrives, enabling use of persistent memory (e.g. NVDIMM/CXL) as a cache layer for block devices, useful for systems with fast non-volatile memory, SSDs, or hybrid storage.
Overall memory management and swapping performance have been improved, which should help under memory pressure or heavy workloads.
Networking & Security Enhancements
Networking gets a boost: support for Accurate Explicit Congestion Notification (AccECN) in TCP, which can provide better congestion signals and more efficient network behaviour under load.
A new option for PSP-encrypted TCP connections has been added, a fresh attempt to push more secure transport-layer encryption (like a more efficient alternative to IPsec/TLS for some workloads) under kernel control.
The kernel now supports cryptographically signed BPF programs (eBPF), so BPF bytecode loaded at runtime can be verified for integrity. This is a noteworthy security hardening step.
The overall security infrastructure and auditing path, including multi-LSM (Linux Security Modules) support, has been refined, improving compatibility for setups using SELinux, AppArmor, or similar simultaneously.
Hardware, Drivers & Architecture Coverage
Kernel 6.18 brings enhanced hardware support: updated and new drivers for many platforms across architectures (x86_64, ARM, RISC-V, MIPS, etc.), including improvements for GPUs, CPU power management, storage controllers, and more.
In particular, support for newer SoCs, chipsets, and embedded-board device trees has been extended, beneficial for people using SBCs, ARM-based laptops/boards, or niche hardware.
For gaming rigs, laptops, and desktops alike: improvements to drivers, power-state management, and performance tuning may lead to better overall hardware efficiency.
Go to Full Article
- Wine 10.19 Released: Game Changing Support for Windows Reparse Points on Linux
by George Whittaker Introduction
If you use Linux and occasionally run Windows applications, whether via native Wine or through gaming layers like Proton, you’ll appreciate what just dropped in Wine 10.19. Released November 14 2025, this version brings a major enhancement: official support for Windows reparse points, a filesystem feature many Windows apps rely on, and a host of other compatibility upgrades.
In simpler terms: Wine now understands more of the Windows filesystem semantics, which means fewer workarounds, better application compatibility, and smoother experiences for many games and tools previously finicky under Linux.
What Are Reparse Points & Why They MatterUnderstanding Reparse Points
On Windows, a reparse point is a filesystem object (file or directory) that carries additional data, often used for symbolic links, junctions, mount points, or other redirection features. When an application opens or queries a file, the OS may check the reparse tag to determine special behavior (for example “redirect this file open to this other path”).
Because many Windows apps, installers, games, DRM systems, file-managers, use reparse points for features like directory redirection, path abstractions, or filesystem overlays, lacking full support for them in Wine means those apps often misbehave.
What Wine 10.19 Adds
With Wine 10.19, support for these reparse point mechanisms has been implemented in key filesystem APIs: for example NtQueryDirectoryFile, GetFileInfo, file attribute tags, and DeleteFile/RemoveDirectory for reparse objects.
This means that in Wine 10.19:
Windows apps that create or manage symbolic links, directory junctions or mount-point style re-parsing will now function correctly in many more cases.
Installers or frameworks that rely on “when opening path X, redirect to path Y” will work with less tinkering.
Games or utilities that check for reparse tags or use directory redirections will have fewer “stuck” behaviors or missing files.
In effect, this is a step toward closer to native behavior for Windows file-system semantics under Linux.
Other Key Highlights in Wine 10.19
Beyond reparse points, the release brings several notable improvements:
Expanded support for WinRT exceptions (Windows Runtime error handling) meaning better compatibility for Universal Windows Platform (UWP) apps and newer Windows-based frameworks.
Refactoring of “Common Controls” (COMCTL32) following the version 5 vs version 6 split, which helps GUI applications that rely on older controls or expect mixed versions.
Go to Full Article
- Firefox 145: A Major Release with 32-Bit Linux Support Dropped
by George Whittaker Introduction
Mozilla has rolled out Firefox 145, a significant update that brings a range of usability, security and privacy enhancements, while marking a clear turning point by discontinuing official support for 32-bit Linux systems. For users on older hardware or legacy distros, this change means it’s time to consider moving to a 64-bit environment or opting for a supported version.
Here’s a detailed look at what’s new, what’s changed, and what you need to know.
Major Changes in Firefox 145End of 32-Bit Linux Builds
One of the headline items in this release is Mozilla’s decision to stop building and distributing Firefox for 32-bit x86 Linux. As per their announcement:
“32-bit Linux (on x86) is no longer widely supported by the vast majority of Linux distributions, and maintaining Firefox on this platform has become increasingly difficult and unreliable.”
From Firefox 145 onward, only 64-bit (x86_64) and relevant 64-bit architectures (such as ARM64) will be officially supported. For those still running 32-bit Linux builds, Mozilla recommends migrating to 64-bit or switching to the Extended Support Release (ESR) branch (Firefox 140 ESR) which still supports 32-bit for a limited period.
Usability & Interface Enhancements
Firefox 145 brings several improvements designed to make everyday web browsing smoother and more flexible:
PDF viewer enhancements: You can now add, edit, and delete comments in PDFs, and a comments sidebar helps you easily navigate your annotations.
Tab-group preview: When you hover over the name of a collapsed tab group, a thumbnail preview of the tabs inside appears, helpful for reorganizing or returning to work.
Access saved passwords from the sidebar, without needing to open a new tab or window.
“Open links from apps next to your active tab” setting: When enabled, links opened from external applications insert next to your current tab instead of at the end of the tab bar.
Slight UI refinements: Buttons, input fields, tabs and other elements get more rounded edges, horizontal tabs are redesigned to align with vertical-tab aesthetics.
Privacy, Security & Under-the-Hood Upgrades
Mozilla has also doubled down on privacy and risk reduction:
Fingerprinting defenses: Firefox 145 introduces new anti-fingerprinting techniques that Mozilla estimates reduce the number of users identified as unique by nearly half when Private Browsing mode or Enhanced Tracking Protection (strict) is used.
Go to Full Article
- MX Linux 25 ‘Infinity’ Arrives: Debian 13 ‘Trixie’ Base, Modern Tools & A Fresh Installer
by George Whittaker Introduction
The team behind MX Linux has just released version 25, carrying the codename “Infinity”, and it brings a significant upgrade by building upon the stable base of Debian 13 “Trixie”. Released on November 9, 2025, this edition doesn’t just refresh the desktop, it introduces modernized tooling, updated kernels, dual init-options, and installer enhancements aimed at both newcomers and long-time users.
In the sections that follow, we’ll walk through the key new features of MX Linux 25, what’s changed for each desktop edition, recommended upgrade or fresh-install paths, and why this release matters in the wider Linux-distribution ecosystem.
What’s New in MX Linux 25 “Infinity”
Here are the headline changes and improvements that define this release:
Debian 13 “Trixie” Base
By moving to Debian 13, Infinity inherits all the stability, security updates, and broader hardware support of the latest Debian stable release. The base system now aligns with Trixie’s libraries, kernels, and architecture support.
Kernel Choices & Hardware Support
The standard editions ship with the Linux 6.12 LTS kernel series, offering a solid baseline for most hardware.
For newer hardware or advanced users, the “AHS” (Advanced Hardware Support) variants and the KDE Plasma edition adopt a Liquorix-flavored Linux 6.16 (or 6.15 in some variants) kernel, maximizing performance and compatibility with cutting-edge setups.
Dual Init Option: systemd and SysVinit
Traditionally associated with lighter-weight init options, MX Linux now offers both systemd by default and SysVinit editions (particularly for Xfce and Fluxbox variants). This gives users the freedom to choose their init system preference without losing new features.
Updated Desktop Environments
Xfce edition: Ships with Xfce 4.20. Improvements include a revamped Whisker Menu, updated archive management tools (Engrampa replacing File Roller in some editions).
KDE Plasma edition: Uses KDE Plasma 6.3.6, defaults to Wayland for a modern session experience (with X11 still optionally available), adds root-actions and service menus to Dolphin, and switches TLP out for power-profiles-daemon to resolve power widget issues.
Fluxbox edition: Offers a more minimal, highly customizable environment: new panel layouts, updated “appfinder” configs for Rofi, toolbar changes and themes refined. Defaults the audio player to Audacious (instead of the older DeaDBeeF).
Go to Full Article
- Arch Linux November 2025 ISO: Fresh Snapshot, Smarter Installer (Archinstall 3.0.12) & Pacman 7.1
by George Whittaker
Arch Linux has shipped its November 2025 ISO snapshot (2025.11.01), and while Arch remains a rolling distribution, these monthly images are a big deal, especially for new installs, labs, and homelab deployments. This time, the ISO lands alongside two important pieces:
Archinstall 3.0.12 – a more polished, smarter TUI installer
Pacman 7.1 – a package manager update with stricter security and better tooling
If you’ve been thinking about spinning up a fresh Arch box, or you’re curious what changed under the hood, this release is a very nice jumping-on point.
Why Arch Still Ships Monthly ISOs in a Rolling World
Arch is famous for its “install once, update forever” model. Technically, you could install from a two-year-old image and just run:
sudo pacman -Syu
…but in practice, that’s painful:
Huge initial update downloads
Possible breakage jumping across many months of changes
Outdated installer tooling
That’s why the project publishes a monthly snapshot ISO: it rolls all current packages into a fresh image so you:
Start with a current kernel and userland
Spend less time updating right after install
Get the latest Archinstall baked in (or just a pacman -Sy archinstall away)
The 2025.11.01 ISO is exactly that: Arch as of early November 2025, ready to go.
What’s Inside the November 2025 ISO (2025.11.01)
The November snapshot doesn’t introduce new features by itself, it’s a frozen image of current Arch, but a few details are worth calling out:
Ships with a Linux 6.17.x kernel, including improved AMD/Intel GPU support and updated Btrfs bits.
Includes all the usual base packages plus current toolchains, drivers, and desktop stacks from the rolling repos.
The image is intended only for new installs; existing Arch systems should keep using pacman -Syu for upgrades.
You can download it from the official Arch Linux download page or via BitTorrent mirrors.
One small twist: the ISO itself still ships with Archinstall 3.0.11, but 3.0.12 was released the same day – so we’ll grab the newer version from the repos before running the installer.
Archinstall 3.0.12: What’s Actually New?
Archinstall has evolved from “nice experiment” to “pretty solid way to install Arch” if you don’t want to script everything yourself. Version 3.0.12 is a refinement release focused on stability, storage, and bootloader logic.
Go to Full Article
- AMD Confirms Zen 5 RNG Flaw: When ‘Random’ Isn’t Random Enough
by George Whittaker
AMD has officially confirmed a high-severity security vulnerability in its new Zen 5–based CPUs, and it’s a nasty one because it hits cryptography right at the source: the hardware random number generator.
Here’s a clear breakdown of what’s going on, how bad it really is, and what you should do if you’re running Zen 5.
What AMD Just Confirmed
AMD’s security bulletin AMD-SB-7055, now tracked as CVE-2025-62626, describes a bug in the RDSEED instruction on Zen 5 processors. Under certain conditions, the CPU can:
Return the value 0 from RDSEED far more often than true randomness would allow
Still signal “success” (carry flag CF=1), so software thinks it got a good random value
The issue affects the 16-bit and 32-bit forms of RDSEED on Zen 5; the 64-bit form is not affected.
Because RDSEED is used to feed cryptographically secure random number generators (CSPRNGs), a broken RDSEED can poison keys, tokens, and other security-critical values.
AMD classifies the impact as:
Loss of confidentiality and integrity (High severity).
How the Vulnerability Works (In Plain English)What RDSEED Is Supposed to Do
Modern CPUs expose hardware instructions like RDRAND and RDSEED:
RDRAND: Gives you pseudo-random values from a DRBG that’s already been seeded.
RDSEED: Gives you raw entropy samples suitable for seeding cryptographic PRNGs (it should be very close to truly random).
Software like TLS libraries, key generators, HSM emulators, and OS RNGs may rely directly or indirectly on RDSEED to bootstrap secure randomness.
What’s Going Wrong on Zen 5
On affected Zen 5 CPUs:
The 16-bit and 32-bit RDSEED variants sometimes return 0 much more often than a true random source should.
Even worse, they simultaneously report success (CF=1), so software assumes the value is fine rather than retrying.
In cryptographic terms, this means:
Entropy can be dramatically reduced (many key bits become predictable or even fixed).
Keys or nonces derived from those values can become partially or fully guessable.
Go to Full Article
- The Most Critical Linux Kernel Breaches of 2025 So Far
by George Whittaker
The Linux kernel, foundational for servers, desktops, embedded systems, and cloud infrastructure, has been under heightened scrutiny. Several vulnerabilities have been exploited in real-world attacks, targeting critical subsystems and isolation layers. In this article, we’ll walk through major examples, explain their significance, and offer actionable guidance for defenders.
CVE-2025-21756 – Use-After-Free in the vsock Subsystem
One of the most alarming flaws this year involves a use-after-free vulnerability in the Linux kernel’s vsock implementation (Virtual Socket), which enables communication between virtual machines and their hosts.
How the exploit works:A malicious actor inside a VM (or other privileged context) manipulates reference counters when a vsock transport is reassigned. The code ends up freeing a socket object while it’s still in use, enabling memory corruption and potentially root-level access.
Why it matters:Since vsock is used for VM-to-host and inter-VM communication, this flaw breaks a key isolation barrier. In multi-tenant cloud environments or container hosts that expose vsock endpoints, the impact can be severe.
Mitigation:Kernel maintainers have released patches. If your systems run hosts, hypervisors, or other environments where vsock is present, make sure the kernel is updated and virtualization subsystems are patched.
CVE-2025-38236 – Out-of-Bounds / Sandbox Escape via UNIX Domain Sockets
Another high-impact vulnerability involves the UNIX domain socket interface and the MSG_OOB flag. The bug was publicly detailed in August 2025 and is already in active discussion.
Attack scenario:A process running inside a sandbox (for example a browser renderer) can exploit MSG_OOB operations on a UNIX domain socket to trigger a use-after-free or out-of-bounds read/write. That allows leaking kernel pointers or memory and then chaining to full kernel privilege escalation.
Why it matters:This vulnerability is especially dangerous because it bridges from a low-privilege sandboxed process to kernel-level compromise. Many systems assume sandboxed code is safe; this attack undermines that assumption.
Mitigation:Distributions and vendors (like browser teams) have disabled or restricted MSG_OOB usage for sandboxed contexts. Kernel patches are available. Systems that run browser sandboxes or other sandboxed processes need to apply these updates immediately.
CVE-2025-38352 – TOCTOU Race Condition in POSIX CPU Timers
In September 2025, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
Go to Full Article
- Steam Deck 2 Rumors Ignite a New Era for Linux Gaming
by George Whittaker
The speculation around a successor to the Steam Deck has stirred renewed excitement, not just for a new handheld, but for what it signals in Linux-based gaming. With whispers of next-gen specs, deeper integration of SteamOS, and an evolving handheld PC ecosystem, these rumors are fueling broader hopes that Linux gaming is entering a more mature age. In this article we look at the existing rumors, how they tie into the Linux gaming landscape, why this matters, and what to watch.
What the Rumours Suggest
Although Valve has kept things quiet, multiple credible outlets report about the Steam Deck 2 being in development and potentially arriving well after 2026. Some of the key tid-bits:
Editorials note that Valve isn’t planning a mere spec refresh; it wants a “generational leap in compute without sacrificing battery life”.
A leaked hardware slide pointed to an AMD “Magnus”-class APU built on Zen 6 architecture being tied to next-gen handhelds, including speculation about the Steam Deck 2.
One hardware leaker (KeplerL2) cited a possible 2028 launch window for the Steam Deck 2, which would make it roughly 6 years after the original.
Valve’s own design leads have publicly stated that a refresh with only 20-30% more performance is “not meaningful enough”, implying they’re waiting for a more substantial upgrade.
In short: while nothing is official yet, there’s strong evidence that Valve is working on the next iteration and wants it to be a noteworthy jump, not just a minor update.
Why This Matters for Linux Gaming
The rumoured arrival of the Steam Deck 2 isn’t just about hardware, it reflects and could accelerate key inflection points for Linux & gaming:
Validation of SteamOS & Linux Gaming
The original Steam Deck, running SteamOS (a Linux-based OS), helped prove that PC gaming doesn’t always require Windows. A well-received successor would further validate Linux as a first-class gaming platform, not a niche alternative but a mainstream choice.
Handheld PC Ecosystem Momentum
Since the first Deck, many Windows-based handhelds have entered the market (such as the ROG Ally, Lenovo Legion Go). Rumours of the Deck 2 keep spotlight on the form factor and raise expectations for Linux-native handhelds. This momentum helps encourage driver, compatibility and OS investments from the broader community.
Go to Full Article
- Kali Linux 2025.3 Lands: Enhanced Wireless Capabilities, Ten New Tools & Infrastructure Refresh
by George Whittaker Introduction
The popular penetration-testing distribution Kali Linux has dropped its latest quarterly snapshot: version 2025.3. This release continues the tradition of the rolling-release model used by the project, offering users and security professionals a refreshed toolkit, broader hardware support (especially wireless), and infrastructure enhancements under the hood. With this update, the distribution aims to streamline lab setups, bolster wireless hacking capabilities (particularly on Raspberry Pi devices), and integrate modern workflows including automated VMs and LLM-based tooling.
In this article, we’ll walk through the key highlights of Kali Linux 2025.3, how the changes affect users (both old and new), the upgrade path, and what to keep in mind for real-world deployment.
What’s New in Kali Linux 2025.3
This snapshot from the Kali team brings several categories of improvements: tooling, wireless/hardware support, architecture changes, virtualization/image workflows, UI and plugin tweaks. Below is a breakdown of the major updates.
Tooling Additions: Ten Fresh Packages
One of the headline items is the addition of ten new security tools to the Kali repositories. These tools reflect shifts in the field, toward AI-augmented recon, advanced wireless simulation and pivoting, and updated attack surface coverage. Among the additions are:
Caido and Caido-cli – a client-server web-security auditing toolkit (graphical client + backend).
Detect It Easy (DiE) – a utility for identifying file types, a useful tool in reverse engineering workflows.
Gemini CLI – an open-source AI agent that integrates Google’s Gemini (or similar LLM) capabilities into the terminal environment.
krbrelayx – a toolkit focused on Kerberos relaying/unconstrained delegation attacks.
ligolo-mp – a multiplayer pivoting solution for network-lateral movement.
llm-tools-nmap – allows large-language-model workflows to drive Nmap scans (automated/discovery).
mcp-kali-server – configuration tooling to connect an AI agent to Kali infrastructure.
patchleaks – a tool that detects security-fix patches and provides detailed descriptions (useful both for defenders and auditors).
vwifi-dkms – enables creation of “dummy” Wi-Fi networks (virtual wireless interfaces) for advanced wireless testing and hacking exercises.
Go to Full Article
|
