|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All)
(Two Column)
- [$] A flood of useful security reports
The idea of using large language models (LLMs) to discover security problems isnot new. Google's Project Zeroinvestigatedthe feasibility of using LLMs for security research in 2024. At the time, theyfound that models could identify real problems, but required a good deal ofstructure and hand-holding to do so on small benchmark problems. In February2026, Anthropicpublished a reportclaiming that the company's most recent LLM at that point in time, Claude Opus 4.6, had discoveredreal-world vulnerabilities in critical open-source software, including the Linuxkernel, with far less scaffolding. On April 7, Anthropic announced a new experimental model that issupposedly even better; which they havepartnered with the Linux Foundationto supply to some open-source developers with access to the tool for security reviews.LLMs seem to have progressed significantly in the last few months, a changewhich is being noticed in the open-source community.
- Relicensing versus license compatibility (FSF Blog)
The Free Software Foundation has publisheda short article on relicensing versus license compatibility.
The FSF's Licensing andCompliance Lab receives many questions and license violation reportsrelated to projects that had their license changed by a downstreamdistributor, or that are combined from two or more programs underdifferent licenses. We collaborated with Yoni Rabkin, an experiencedand long time FSF licensing volunteer, on an updated version of hisarticle to provide the free software community with a generalexplanation on how the GNU General Public License (GNU GPL) isintended to work in such situations.
- Security updates for Thursday
Security updates have been issued by Debian (firefox-esr, postgresql-13, and tiff), Fedora (bind, bind-dyndb-ldap, cef, opensc, python-biopython, python-pydicom, and roundcubemail), Slackware (mozilla), SUSE (ckermit, cockpit-repos, dnsdist, expat, freerdp, git-cliff, gnutls, heroic-games-launcher, libeverest, openssl-1_1, openssl-3, polkit, python-poetry, python-requests, python311-social-auth-app-django, and SDL2_image-devel), and Ubuntu (dogtag-pki, gdk-pixbuf, linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-oracle-5.15, linux-raspi, linux-xilinx-zynqmp, linux-aws-6.8, linux-gcp-6.8, linux-hwe-6.8, linux-ibm-6.8, linux-lowlatency-hwe-6.8, linux-fips, linux-aws-fips, linux-gcp-fips, linux-oracle, linux-oracle-6.17, linux-raspi, linux-realtime, openssl, and squid).
- [$] LWN.net Weekly Edition for April 9, 2026
Inside this week's LWN.net Weekly Edition:
Front: TPM attacks; arithmetic overflow protection; Ubuntu GRUB changes; kernel IPC proposals; fre:ac; Scuttlebutt. Briefs: Nix vulnerability; OpenSSH 10.3; Sashiko reviews; FreeBSD testing; Gentoo GNU/Hurd; SFC on router ban; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.
- [$] Ripping CDs and converting audio with fre:ac
It has been a little while since LWN last surveyed tools for managing a digitalmusic collection. In the intervening decades, many Linux users have moved on tomusic streaming services, found them wanting, and are looking to curate their owncollection once again. There are plenty of choices when it comes toripping, managing, and playing digital audio; so many, in fact, that it can be abit daunting. After years of tinkering, I've found a few tools that work well formanaging my digital library: the first I'd like to cover is the fre:ac free audio encoder for ripping music fromCDs and converting between audio formats.
- [$] An API for handling arithmetic overflow
On March 31, Kees Cook shareda patch set that represents the culmination of more than a year of worktoward eliminating the possibility of silent, unintentional integer overflow inthe kernel. Linus Torvalds wasnot pleased with the approach, leading to a detailed discussion about themeaning of "safe" integer operations and the design of APIs for handling integeroverflows. Eventually, the developers involved reached a consensus for adifferent API that should make handling overflow errors in the kernel much lessof a hassle.
- Nix privilege escalation security advisory
The NixOS project has announceda critical vulnerability in many versions of the Nix packagemanager's daemon. The flaw was introduced as part of a fix for aprior vulnerability in 2024. According to the advisory,all default configurations of NixOS and systems building untrusted derivationsare impacted.
A bug in the fix for CVE-2024-27297allowed for arbitrary overwrites of files writable by the Nix processorchestrating the builds (typically the Nix daemon running as root inmulti-user installations) by following symlinks during fixed-outputderivation output registration. This affects sandboxed Linux builds -sandboxed macOS builds are unaffected. The location of the temporaryoutput used for the output copy was located inside the build chroot. Asymlink, pointing to an arbitrary location in the filesystem, could becreated by the derivation builder at that path. During outputregistration, the Nix process (running in the host mount namespace)would follow that symlink and overwrite the destination with thederivation's output contents.
In multi-user installations, this allows all users able to submitbuilds to the Nix daemon (allowed-users - defaulting to all users) togain root privileges by modifying sensitive files.
- Security updates for Wednesday
Security updates have been issued by Debian (openssl), Fedora (corosync, goose, kea, pspp, and rauc), Mageia (python-pygments, roundcubemail, and tigervnc), SUSE (bind, gimp, google-cloud-sap-agent, govulncheck-vulndb, ignition, ImageMagick, python, python-PyJWT, and python-pyOpenSSL), and Ubuntu (adsys, juju-core, lxd, python-django, and salt).
- [$] Sharing stories on Scuttlebutt
Not many people live on sailboats. Things may be better these days, butback in 2014 sailboat dwellers hadto contend with lag-prone,intermittent, low-bandwidth internet connections. Dominic Tarrdecidedto fix the problem of keeping up with his friends by developing a delay-tolerant,fully distributed social-media protocol calledScuttlebutt. Nearly twelveyears later, the protocol has gained a number of users who have their own,non-sailboat-related reasons to prefer a censorship-resistant,offline-first social-media system.
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (crun, kernel, and kernel-rt), Debian (dovecot), Fedora (calibre and nextcloud), Mageia (freerdp, polkit-122, python-nltk, python-pyasn1, vim, and xz), Red Hat (edk2 and openssl), SUSE (avahi, cockpit, python-pyOpenSSL, python311, and tar), and Ubuntu (lambdaisland-uri-clojure, linux-gcp, linux-gcp-4.15, linux-gcp-fips, linux-oem-6.17, and linux-realtime-6.17).
- FFmpeg Introduces Vulkan-Accelerated 360 Degree Video Conversion
Beyond the capabilities of just the Vulkan Video API, the FFmpeg multimedia library has made interesting Vulkan-accelerated adaptations using compute shaders. With Vulkan compute they've implemented Apple ProRes video acceleration, FFV1 decode, and other features. The newest Vulkan feature now in place for FFmpeg is 360 degree video conversion...
- RealSense ID Pro F500 Combines Depth Sensing and On-Device Biometrics
RealSense has introduced the RealSense ID Pro F500, a facial authentication module designed for access control, kiosks, and identity verification systems. The solution combines depth sensing, vision processing, and local computation to support secure biometric authentication without relying on cloud-based processing. The module integrates an active stereo depth system with a neural network pipeline for […]
- Intel Arc Pro B70 Benchmarks With LLM / AI, OpenCL, OpenGL & Vulkan
Last month Intel announced the Arc Pro B70 with 32GB of GDDR6 video memory for this long-awaited Battlemage G31 graphics card. This new top-end Battlemage graphics card with 32 Xe cores and 32GB of GDDR6 video memory offers a lot of potential for LLM/AI and other use cases, especially when running multiple Arc Pro B70s. Last week Intel sent over four Arc Pro B70 graphics cards for Linux testing at Phoronix. Given the current re-testing for the imminent Ubuntu 26.04 release, I am still going through all of the benchmarks especially for the multi-GPU scenarios. In this article are some initial Arc Pro B70 single card benchmarks on Linux compared to other Intel Arc Graphics hardware across AI / LLM with OpenVINO and Llama.cpp, OpenCL compute benchmarks, and also some OpenGL and Vulkan benchmarks. More benchmarks and the competitive compares will come as that fresh testing wraps up, but so far the Arc Pro B70 is working out rather well atop the fully open-source Linux graphics driver stack.
- 'Negative' Views of Broadcom Driving Thousands of VMware Migrations, Rival Says
"One of VMware's biggest competitors, Nutanix, claims to have swiped tens of thousands of VMware customers," reports Ars Technica. They said higher prices, forced bundling, licensing changes, and more strained partner relationships have frustrated customers and driven them away from the leading virtualization firm. From the report: Speaking at a press briefing at Nutanix's .NEXT conference in Chicago this week, Nutanix CEO Rajiv Ramaswami said that "about 30,000 customers" have migrated from VMware to the rival platform, pointing to customer disapproval over Broadcom's VMware strategy, SDxCentral, a London-based IT publication, reported today. "I think there's no doubt that the customer sentiment continues to be negative about Broadcom," Ramaswami said, per SDxCentral. Nutanix hasn't specified how many of the customers that it got from VMware are SMBs or enterprise-sized; although, adoption is said to be strongest among mid-market customers as Nutanix also tries wooing larger customers, often by starting with partial deployments. During this week's press briefing, Ramaswami reportedly said that some of the customers that moved from VMware to Nutanix during the latter's most recent fiscal quarter represented Nutanix's "strongest quarterly new logo additions in eight years." "Most of the logos came from our typical VMware migrations on to the [hyperconverged infrastructure] platform," he said. During the Nutanix conference, Brandon Shaw, Nutanix VP and head of technology services, said that Western Union has been migrating from VMware to Nutanix for six months, The Register reported. The financial services company is moving 900 to 1,200 applications across 3,900 cores. Shaw said that Western Union has been exploring new IT suppliers to help it become more customer-focused. Despite Broadcom's history of "decent lines of communication" with Western Union, Shaw said that Western Union had "challenges partnering with them." Shaw also pointed to Broadcom's efforts to push customers to buy the VMware Cloud Foundation (VCF), despite the product often having more features than companies need and at high prices. Since moving to Nutanix, the Denver-headquartered financial firm is also benefiting from having more flexibility around workload locations, which is important since Western Union is in over 200 countries, The Register said.
Read more of this story at Slashdot.
- Mozilla Accuses Microsoft of Sabotaging Firefox With Windows and Copilot Tactics
BrianFagioli writes: Mozilla is accusing Microsoft of stacking the deck against Firefox, arguing that design choices in Windows steer users toward Edge even when they explicitly choose another browser. According to Mozilla, parts of Windows still open links in Edge regardless of the default browser setting, including results from the taskbar search and links launched from apps like Outlook and Teams. Mozilla says this means Firefox often never even gets the opportunity to handle those links, which quietly shifts user activity back into Microsoft's ecosystem. The company also points to Microsoft's aggressive rollout of Copilot as another example of platform power being used to push Microsoft services. Copilot appeared pinned to the taskbar, arrived automatically on many systems with Microsoft 365, and even received a dedicated keyboard key on some laptops. Mozilla argues that when the maker of the dominant desktop operating system promotes its own browser and AI tools at the system level, it becomes far harder for independent browsers like Firefox to compete.
Read more of this story at Slashdot.
- Amazon May Sell Trainium AI Chips To Third Parties In Shot At Nvidia
Amazon CEO Andy Jassy says the company may eventually sell its Trainium AI chips directly to outside customers, not just through AWS, which would put Amazon in more direct competition with Nvidia. "There's so much demand for our chips that it's quite possible we'll sell racks of them to third parties in the future," Jassy wrote in his annual shareholder letter Thursday. He also revealed the company's chip business is already running at more than $20 billion annually, with demand so strong that current and even future generations are largely spoken for. Quartz reports: Access to Amazon's chips is currently limited to Amazon Web Services, with customers paying for cloud-based usage rather than owning any physical hardware. Selling to AWS and external customers alike, as standalone chipmakers do, would put annual revenue at around $50 billion, up from the $20 billion the company estimates for the year, Jassy said. The $20 billion figure spans three product lines: Trainium, the AI accelerator chip; Graviton, a general-purpose processor; and Nitro, a chip that helps run Amazon's EC2 server instances. All three are growing at triple-digit rates year over year, Jassy claimed in his letter. Jassy said demand for Trainium has outpaced supply at each generation. Trainium2 is essentially unavailable, with its entire allocated capacity spoken for. Trainium3 started reaching customers in early 2026, and reservations have filled nearly all available supply. Even Trainium4 -- which is not expected to reach wide release for another year and a half -- has substantial pre-orders committed. Jassy argued that a full-scale Trainium rollout could shave tens of billions off annual capital costs while meaningfully widening profit margin.
Read more of this story at Slashdot.
- OpenAI To Limit New Model Release On Cybersecurity Fears
OpenAI is reportedly preparing a new cybersecurity product for a small group of partners, out of concern that a broader rollout could wreak havoc if it were released more widely. If that move sounds familiar, it's because Anthropic took a similar limited-release approach with its Mythos model and Project Glasswing initiative. Axios reports: OpenAI introduced its "Trusted Access for Cyber" pilot program in February after rolling out GPT-5.3-Codex, the company's most cyber-capable reasoning model. Organizations in the invite-only program are given access to "even more cyber capable or permissive models to accelerate legitimate defensive work," according to a blog post. At the time, OpenAI committed $10 million in API credits to participants. [...] Restricting the rollout of a new frontier model makes "more sense" if companies are concerned about models' ability to write new exploits -- rather than about their ability to find bugs in the first place, Stanislav Fort, CEO of security firm Aisle, told Axios. Staggering the release of new AI models looks a lot like how cybersecurity vendors currently handle the disclosure of security flaws in software, Lee added. "It's the same debate we've had for decades around responsible vulnerability disclosure," Lee said.
Read more of this story at Slashdot.
- Hacker Steals 10 Petabytes of Data From China's Tianjin Supercomputer Center
An anonymous reader quotes a report from CNN: A hacker has allegedly stolen a massive trove of sensitive data -- including highly classified defense documents and missile schematics -- from a state-run Chinese supercomputer in what could potentially constitute the largest known heist of data from China. The dataset, which allegedly contains more than 10 petabytes of sensitive information, is believed by experts to have been obtained from the National Supercomputing Center (NSCC) in Tianjin -- a centralized hub that provides infrastructure services for more than 6,000 clients across China, including advanced science and defense agencies. Cyber experts who have spoken to the alleged hacker and reviewed samples of the stolen data they posted online say they appeared to gain entry to the massive computer with comparative ease and were able to siphon out huge amounts of data over the course of multiple months without being detected. An account calling itself FlamingChina posted a sample of the alleged dataset on an anonymous Telegram channel on February 6, claiming it contained "research across various fields including aerospace engineering, military research, bioinformatics, fusion simulation and more." The group alleges the information is linked to "top organizations" including the Aviation Industry Corporation of China, the Commercial Aircraft Corporation of China, and the National University of Defense Technology. Cyber security experts who have reviewed the data say the group is offering a limited preview of the alleged dataset, for thousands of dollars, with full access priced at hundreds of thousands of dollars. Payment was requested in cryptocurrency. CNN cannot verify the origins of the alleged dataset and the claims made by FlamingChina, but spoke with multiple experts whose initial assessment of the leak indicated it was genuine. The alleged sample data appeared to include documents marked "secret" in Chinese, along with technical files, animated simulations and renderings of defense equipment including bombs and missiles.
Read more of this story at Slashdot.
- EFF Is Leaving X
After nearly 20 years on the platform, The Electronic Frontier Foundation (EFF) says it is leaving X. "This isn't a decision we made lightly, but it might be overdue," the digital rights group said. "The math hasn't worked out for a while now." From the report: We posted to Twitter (now known as X) five to ten times a day in 2018. Those tweets garnered somewhere between 50 and 100 million impressions per month. By 2024, our 2,500 X posts generated around 2 million impressions each month. Last year, our 1,500 posts earned roughly 13 million impressions for the entire year. To put it bluntly, an X post today receives less than 3% of the views a single tweet delivered seven years ago. [...] When you go online, your rights should go with you. X is no longer where the fight is happening. The platform Musk took over was imperfect but impactful. What exists today is something else: diminished, and increasingly de minimis. EFF takes on big fights, and we win. We do that by putting our time, skills, and our members' support where they will effect the most change. Right now, that means Bluesky, Mastodon, LinkedIn, Instagram, TikTok, Facebook, YouTube, and eff.org. We hope you follow us there and keep supporting the work we do. Our work protecting digital rights is needed more than ever before, and we're here to help you take back control.
Read more of this story at Slashdot.
- Waymo Is Offering To Help Cities Fix Their Potholes
Waymo is launching a pilot with cities and Google's Waze to share pothole data collected by its robotaxis, giving local transportation departments a new way to find and fix road damage more quickly. "We realized, hey, once we're at scale, we can actually share this data with cities, which is something that they've asked for and something that we collect at scale," said Arielle Fleisher, Waymo's policy development and research manager. "And so we figured out a way to make that happen." The Verge reports: Waymo uses its perception hardware, including cameras and radar, as well as accelerometers and the vehicle's physical feedback system, to log every pothole its vehicles encounter. These sensors detect physical changes to the road's surface, such as tilt and movement when the vehicle encounters irregularities. Originally, Waymo knew it needed the ability to detect potholes so it could ensure that its vehicles slowed down to avoid damage or injury to the passenger. Later, the company realized this could be invaluable data for cities, too. Under the new pilot program, that data will now be made available to cities' departments of transportation through a free-to-use Waze for Cities platform, which provides access to real-time, user-generated traffic data that officials can then use to make important decisions -- such as pothole repair. The platform also allows for Waze users to validate pothole locations through their own observations, decreasing the chances that city officials will be led astray by false positives. Currently, many cities rely on a patchwork of non-emergency 311 reports and manual inspections to address their pothole problems. Waymo developed this pilot program after collecting years of feedback from city officials about the state of their highways and surface streets. The company is launching the new pilot in the San Francisco Bay Area, as well as Los Angeles, Phoenix, Austin, and Atlanta, where Waymo says it has already helped the city identify approximately 500 potholes. Fleisher said that Waymo would be open to expanding the project to other street maladies based on further feedback from officials. The company is eager to learn what other types of street condition or safety data might be valuable, she said. "We want to be responsive to cities," Fleisher said. "They are interested in safer streets and potholes are really a tough challenge for cities. So we really wanted to meet that need as part of our desire to be a good partner and to ultimately advance our goal for safer streets."
Read more of this story at Slashdot.
- Skilled Older Workers Turn To AI Training To Stay Afloat
An anonymous reader quotes a report from the Guardian: [Five skilled workers aged 50 and older spoke] to the Guardian about how, after struggling to find work in their fields, they have turned to an emerging and growing category of work: using their expertise to train artificial intelligence models. Known as data annotation, the work involves labeling and evaluating the information used to train AI models like Open AI's ChatGPT or Google's Gemini. A doctor, for example, might review how an AI model answers medical questions to flag incorrect or unsafe responses and suggest better ones, helping the system learn how to generate more accurate and reliable responses. The ultimate goal of training is to level up AI models until they're capable of doing a job as well as a human could -- meaning they could someday replace some of these human workers. The companies behind AI training, such as Mercor, GlobalLogic, TEKsystems, micro1 and Alignerr, operate large contractor networks staffed by people like Ciriello. Their clients include tech giants like OpenAI, Google and Meta, academic researchers and industries including healthcare and finance. For experienced professionals, AI training contracts can be a side hustle -- or a temporary fallback following a layoff -- where top experts can, in some cases, earn over $180 an hour. But that's on the high end. For some older workers [...], it represents another thing entirely: a last refuge in a brutal job market that is harder to stay in, or re-enter, the older they get. For many of them, whether or not they're training their AI replacements in their professions is besides the point. They need the work now. [...] "There's just a lot of desperation out there," Johnson said. As opportunities narrow, many turn to what Joanna Lahey, a professor at Texas A&M University who studies age discrimination and labor outcomes, calls "bridge jobs" -- lower-paying, less demanding roles that help workers stay financially afloat as they approach retirement. Historically, that meant taking temp assignments, retail and fast-food work and gig roles like Uber and food delivery. Now, for skilled workers -- engineers, lawyers, nurses or designers, for example -- using their expertise for AI data training is becoming the new bridge job. "[AI] training work may be better in some ways than those earlier alternatives," Lahey told the Guardian. AI training can offer flexibility, quick income and intellectual engagement. But it's often a clear step down. Professionals in fields such as software development, medicine or finance typically earn six-figure salaries that come with benefits and paid leave, according to the US Bureau of Labor Statistics. According to online job postings, AI training gigs start at $20 an hour, with pay increasing to between $30 and $40 an hour. In some cases, AI trainers with coveted subject matter expertise can earn over $100 an hour. AI training is contract-based, though, meaning the pay and hours are unstable, and it often doesn't come with benefits.
Read more of this story at Slashdot.
- Little Snitch Comes To Linux To Expose What Your Software Is Really Doing
BrianFagioli writes: Little Snitch, the well known macOS tool that shows which applications are connecting to the internet, is now being developed for Linux. The developer says the project started after experimenting with Linux and realizing how strange it felt not knowing what connections the system was making. Existing tools like OpenSnitch and various command line utilities exist, but none provided the same simple experience of seeing which process is connecting where and blocking it with a click. The Linux version uses eBPF for kernel level traffic interception, with core components written in Rust and a web based interface that can even monitor remote Linux servers. During testing on Ubuntu, the developer noticed the system was relatively quiet on the network. Over the course of a week, only nine system processes made internet connections. By comparison, macOS reportedly showed more than one hundred processes communicating externally. Applications behave similarly across platforms though. Launching Firefox immediately triggered telemetry and advertising related connections, while LibreOffice made no network connections at all during testing. The early release is meant primarily as a transparency tool to show what software is doing on the network rather than a hardened security firewall.
Read more of this story at Slashdot.
- Anthropic Loses Appeals Court Bid To Temporarily Block Pentagon Blacklisting
A federal appeals court denied Anthropic's bid to temporarily block the Pentagon's blacklisting, meaning the company remains shut out of Defense Department contracts while the case continues, even though a separate court has allowed other federal agencies to keep using Claude for now. CNBC reports: "In our view, the equitable balance here cuts in favor of the government," the appeals court said in its decision. "On one side is a relatively contained risk of financial harm to a single private company. On the other side is judicial management of how, and through whom, the Department of War secures vital AI technology during an active military conflict. For that reason, we deny Anthropic's motion for a stay pending review on the merits." With the split decisions by the two courts, Anthropic is excluded from DOD contracts but is able to continue working with other government agencies while litigation plays out. Defense contractors will be prohibited from using Claude in their work with the agency, but they can use it for other cases. [...] In the ruling on Wednesday, the court acknowledged that Anthropic "will likely suffer some degree of irreparable harm absent a stay," but that the company's interests "seem primarily financial in nature." While the company claimed the DOD was standing in the way of its right to free speech, "Anthropic does not show that its speech has been chilled during the pendency of this litigation," the order said. Because of the harm Anthropic is likely to suffer, the appeals court said "substantial expedition is warranted." An Anthropic spokesperson said in a statement after the ruling that the company is "grateful the court recognized these issues need to be resolved quickly" and that it's "confident the courts will ultimately agree that these supply chain designations were unlawful." "While this case was necessary to protect Anthropic, our customers, and our partners, our focus remains on working productively with the government to ensure all Americans benefit from safe, reliable AI," Anthropic said.
Read more of this story at Slashdot.
- Anthropic will let your agents sleep on its couch
Want to run your business on autopilot? For better or worse, Managed Agents might help with that
If you need AI agents to do a lot of ongoing tasks for your business, Anthropic has a new answer for you. The Claude maker has introduced Managed Agents, a service to help organizations create and deploy cloud-hosted knowledge work automations.…
- Crypto? Huh. Good gawd y'all, what is it good for? $45M in this case
Cops bust latest scam, return $12m to bilked victims
US, UK, and Canadian law enforcement Thursday said that they disrupted a $45 million global cryptocurrency scam, freezing $12 million in stolen funds and identifying more than 20,000 cryptocurrency wallet addresses linked to fraud victims across 30 countries.…
- AWS: Agents shouldn't be secret, so we built a registry for them
Your agent will be pushed, filed, stamped, indexed, briefed, debriefed, and numbered
AI agents should not be secret agents, at least in corporate environments. But when companies deploy software automations, they don't always have visibility into what their roboscripts are actually doing.…
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]
- Things Linux OS Can Do That Other OS Can�t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter [0]
- Why do Macs ask you to press random keys when connecting a new keyboard?
You might have seen this, one of the strangest and most primitive experiences in macOS, where you’re asked to press keys next to left Shift and right Shift, whatever they might be. Perhaps I can explain. ↫ Marcin Wichary It seems pretty obvious to me that�s what it was for, but I guess many normal, regular people have never seen anything but one particular keyboard configuration (ANSI for Americans, ISO for some Europeans, etc.) keyboards. Perhaps they don�t realise that not only are there ANSI keyboards with other layouts, but also entirely different keyboard configurations (mainly ISO and JIS). Interestingly, my home country of The Netherlands uses a US English layout on an ANSI configuration, but of course, it�s the US International variant, either with deadkeys or using AltGr for the various accented/special characters we use. In my current country of residence, Sweden, they use this utterly wild and incomprehensible ISO layout where Shift unlocks characters on the bottom of keys, while AltGr unlocks characters at the top, the exact opposite of literally every other keyboard I�ve ever used (US Int�l, classic Dutch (no longer used), German, French, etc.). It�s utterly bizarre, but entirely normal to my Swedish wife. We cannot use each other�s keyboards.
- USB for software developers
This post aims to be a high level introduction to using USB for people who may not have worked with Hardware too much yet and just want to use the technology. There are amazing resources out there such as USB in a NutShell that go into a lot of detail about how USB precisely works (check them out if you want more information), they are however not really approachable for somebody who has never worked with USB before and doesn’t have a certain background in Hardware. You don’t need to be an Embedded Systems Engineer to use USB the same way you don’t need to be a Network Specialist to use Sockets and the Internet. ↫ Nik WerWolv! A bit of a generic title, but the article details how to write a USB driver.
- Redox sees another months of improvements
The months keep coming, and thus, the monthly progress reports keep coming, too, for Redox, the new general purpose operating system written in Rust. This past month, there�s been considerable graphics improvements, better deadlock detection in the kernel, improved Unicode support thanks to switching over to ncurses library variant with Unicode support, and much more. Alongside these, you�ll find the usual long list of kernel, driver, and relibc changes, bugfixes, and improvements. This month also covered three topics we�ve already discussed individually: Redox� new no- AI! code policy, capability-based security in Redox, and the brand-new CPU scheduler.
- Mac OS X 10.0 Cheetah ported to Nintendo Wii
Since its launch in 2007, the Wii has seen several operating systems ported to it: Linux, NetBSD, and most-recently, Windows NT. Today, Mac OS X joins that list. In this post, I’ll share how I ported the first version of Mac OS X, 10.0 Cheetah, to the Nintendo Wii. If you’re not an operating systems expert or low-level engineer, you’re in good company; this project was all about learning and navigating countless “unknown unknowns”. Join me as we explore the Wii’s hardware, bootloader development, kernel patching, and writing drivers � and give the PowerPC versions of Mac OS X a new life on the Nintendo Wii. ↫ Bryan Keller And all of this, because someone on Reddit said it couldn�t be done. It won�t surprise you to learn that the work required was extensive, from writing a custom bootloader to digging through the XNU source code, applying binary patches to the kernel during the boot process, building a device tree, writing the necessary drivers, and so much more. Even just setting up a development environment was a pretty serious undertaking. Especially writing the drivers posed an interesting and unique challenge, as the Wii doesn�t use PCI to connect and expose its hardware components. Instead, components are connected to a dedicated SoC with its own ARM processor that talks to the main Wii PowerPC processor, exposing hardware that way. This meant that Keller had to write a driver for this chip first, before moving on to the device drivers for devices connected to this ARM SoC � graphics drivers, input drivers, and so on. After a ton more work and overcoming several complex roadblocks, we now have Mac OS X 10.0 Cheetah on the Nintendo Wii. Amazing.
- Plan 9 is a uniquely complete operating system
From 2024, but still accurate and interesting: Plan 9 is unique in this sense that everything the system needs is covered by the base install. This includes the compilers, graphical environment, window manager, text editors, ssh client, torrent client, web server, and the list goes on. Nearly everything a user can do with the system is available right from the get go. ↫ moody This is definitely something that sets Plan 9 apart from everything else, but as moody � 9front developer � notes, this also has a downside in that development isn�t as fast, and Plan 9 variants of tools lack features upstream has for a long time. He further adds that he think this is why Plan 9 has remained mostly a hobbyist curiosity, but I�m not entirely sure that�s the main reason. The cold and harsh truth is that Plan 9 is really weird, and while that weirdness is a huge part of its appeal and I hope it never loses it, it also means learning Plan 9 is really hard. I firmly believe Plan 9 has the potential to attract more users, but to get there, it�s going to need an onboarding process that�s more approachable than reading 9front�s frequently questioned answers, excellent though they are. After installing 9front and loading it up for the first time, you basically hit a brick wall that�s going to be rough to climb. It would be amazing if 9front could somehow add some climbing tools for first-time users, without actually giving up on its uniqueness. Sometimes, Plan 9 feels more like an experimental art project instead of the capable operating system that it is, and I feel like that chases people away. Which is a real shame.
- Anos: a hobby microkernel operating system written in C
Anos is a modern, opinionated, non-POSIX operating system (just a hobby, won�t be big and professional like GNU-Linux) for x86_64 PCs and RISC-V machines. Anos currently comprises the STAGE3 microkernel, SYSTEM user-mode supervisor, and a base set of servers implementing the base of the operating system. There is a (WIP) toolchain for Anos based on Binutils, GCC (16-experimental) and Newlib (with a custom libgloss). ↫ Anos GitHub page It�s written in C, runs on both x86-64 and RISC-V, and can run on real hardware too (but this hasn�t been tested on RISC-V just yet). For the x86 side of things, it�s strictly 64 bit, and requires a Haswell (4th Gen) chip or higher.
- The 499th patch for 2.11BSD released
This year sees 35 years since 2.11BSD was announced on March 14, 1991 � itself a slightly late celebration of 20 years of the PDP-11 � and January 2026 brought what looks to be the venerable 16-bit OS�s biggest ever patch! Much of the 1.3 MB size is due to Anders Magnusson, well-known for his work on NetBSD and the Portable C Compiler. Since 2.11BSD�s stdio was not ANSI compliant, he�s ported from 4.4BSD. ↫ BigSneakyDuck at Reddit There�s an incredible amount of work in here on this old variant of BSD, including fixes for old bugs and tons of other changes. This, the 499th patch for 2.11BSD, is so big, in fact, that vi on 2.11BSD can�t handle the size of the files, so you�re going to need to cut them up with sed, for which instructions are included. It�s quite unique to see such a big update on the 35th anniversary of an operating system.
- KDE is bringing back its classic Oxygen and Air themes
Anyone remember the KDE 4.0 themes Oxygen and Air? Well, several KDE developers have been working tirelessly to bring them back, which means they�re patching it up, fixing bugs, and generally making these classic themes work well in the current releases of KDE Plasma 6. The last post regarding work on fixing Oxygen was a month and a half ago. With all that’s happened in between, it feels like so much more time has actually passed. With this post, I’d like to do a sort of mid-term update summing up all of the improvements done so far. These improvements are not just my work, but also, as you’ll see, the work of the lead Oxygen designer Nuno Pinheiro, of several seasoned KDE developers, and of new contributors to Oxygen as well. ↫ Filip Fila The effort to bring these themes back go much beyond just making them nominally work; the developers and designers are also making sure the themes work properly with all the new features that have come to KDE since the 4.x and 5.x days, like adaptive and floating panels, various forms of blur, and a ton more � which includes making sure the themes are fully compatible with Wayland, which introduced a slew of new visual glitches and issues to these old themes in recent years. They are also working on improving, updating, and expanding the Oxygen icon set, which should surely bring back a ton of memories. This work involves not just designing new icons for applications and other things that didn�t exist back when Oxygen was current, but also fixing old icons that look blurry on modern setups, addressing cases where monochrome and colourful icons mismatch, and so on. They�re clearly taking this very seriously. It seems to be an organic effort more and more people got involved with as time passed, and they�re aiming to have these themes ready for Plasma 6.7, to be released in June of this year. You can already try the current versions today, but they do require the absolute latest version of KDE Plasma to work properly. More improvements are planned for the coming weeks. This whole thing brings a massive smile to my face, and is such a perfect illustration of why I love the KDE project and its approach and spirit. At this point in time, I personally can�t imagine using any other desktop environment.
- I used AI. It worked. I hated it.!
This is a great post, but obviously it hasn�t convinced me: The folks waving their arms and yelling about recent models� capabilities have a point: the thing works. This project finished in three weeks. Compare that to Ringspace, a similarly-sized project that took me about six months of nights and early mornings to complete, while not doing my day job or being Dad to an amazing, but demanding toddler. I simply could not have built this project as well or as quickly without help. And as other developers have noted, this is the help that�s showing up. I�m not entirely onboard with Mike Masnick�s optimistic view of this technology�s democratizing power. I don�t think it�s as easy to separate the tech from its provenance or corporate control. But CertGen, my certificate application, exists now. It didn�t and couldn�t without the help of a tool like Claude Code. Open source in particular needs to reckon with this, because the current situation of demanding developers starve and bleed themselves dry without support isn�t tenable. We need to grapple with this. I�m not yet sure how it all breaks down, and anyone who says they do is lying, foolish, or fanatical. ↫ Michael Taggart If you disregard that AI! models are trained on stolen data, that such data was prepared by exploited workers, that AI! data centres have a hugely negative impact on the environment, that AI! data centers are distorting the entire computing market, that AI! models they feed the endless firehose of intentional misinformation, that they are wreaking havoc in education, that they increase your reliance on American big tech companies, that you pay AI! companies for taking your work, that AI! models are a vital component in the technofascist wet dreams of their creators, that they are the cornerstone of politicians� dream of ending anonymity, and that they contribute to racist and abusive policing, then yes, sometimes, they produce code that works and isn�t total horseshit. It�s a deeply depressing reversed what have the Romans ever done for us?! that makes me sad, more than anything. I�ve seen so many otherwise smart, caring, and genuine people just shove all of these massive downsides aside for the mere novelty, the peer pressure, the occasional sense that their lines of code! metric is going up. It�s the digital equivalent of rolling coal.
- Adobe secretly modifies your hosts file for the stupidest reason
If you�re using Windows or macOS and have Adobe Creative Cloud installed, you may want to take a peek at your hosts file. It turns out Adobe adds a bunch of entries into the hosts file, for a very stupid reason. They�re using this to detect if you have Creative Cloud already installed when you visit on their website. When you visit https://www.adobe.com/home, they load this image using JavaScript:  If the DNS entry in your hosts file is present, your browser will therefore connect to their server, so they know you have Creative Cloud installed, otherwise the load fails, which they detect. They used to just hit http://localhost:`various portsb/cc.png which connected to your Creative Cloud app directly, but then Chrome started blocking Local Network Access, so they had to do this hosts file hack instead. ↫ thenickdude at Reddit At what point does a commercial software suite become malware?
- Linux Kernel Developers Adopt New Fuzzing Tools
by George Whittaker
The Linux kernel development community is stepping up its security game once again. Developers, led by key maintainers like Greg Kroah-Hartman, are actively adopting new fuzzing tools to uncover bugs earlier and improve overall kernel reliability.
This move reflects a broader shift toward automated testing and AI-assisted development, as the kernel continues to grow in complexity and scale.
What Is Fuzzing and Why It Matters
Fuzzing is a software testing technique that feeds random or unexpected inputs into a program to trigger crashes or uncover vulnerabilities.
In the Linux kernel, fuzzing has become one of the most effective ways to detect:
Memory corruption bugs Race conditions Privilege escalation flaws Edge-case failures in subsystems
Modern fuzzers like Syzkaller have already discovered thousands of kernel bugs over the years, making them a cornerstone of Linux security testing.
New Tools Enter the Scene
Recently, kernel maintainers have begun experimenting with new fuzzing frameworks and tooling, including a project internally referred to as “clanker”, which has already been used to identify multiple issues across different kernel subsystems.
Early testing has uncovered bugs in areas such as:
SMB/KSMBD networking code USB and HID subsystems Filesystems like F2FS Wireless and device drivers
The speed at which these issues were discovered suggests that these new tools are significantly improving bug detection efficiency.
AI and Smarter Fuzzing Techniques
One of the most interesting developments is the growing role of AI and machine learning in fuzzing.
New research projects like KernelGPT use large language models to:
Automatically generate system call sequences Improve test coverage Discover previously hidden execution paths
These techniques can enhance traditional fuzzers by making them smarter about how they explore the kernel’s behavior.
Other advancements include:
Better crash analysis and deduplication tools (like ECHO) Configuration-aware fuzzing to explore deeper kernel states Feedback-driven fuzzing loops for improved coverage
Together, these innovations help developers focus on the most meaningful bugs rather than sifting through duplicate reports.
Why This Shift Is Happening Now
The Linux kernel is one of the most complex software projects in existence. With millions of lines of code and contributions from thousands of developers, manually catching every bug is nearly impossible.
Go to Full Article
- GNOME 50 Reaches Arch Linux: A Leaner, Wayland-Only Future Arrives
by George Whittaker
Arch Linux users are among the first to experience the latest GNOME desktop, as GNOME 50 has begun rolling out through Arch’s repositories. Thanks to Arch’s rolling-release model, new upstream software like GNOME arrives quickly, giving users early access to the newest features and architectural changes.
With GNOME 50, that includes one of the most significant shifts in the desktop’s history.
A Major GNOME Milestone
GNOME 50, officially released in March 2026 under the codename “Tokyo,” represents six months of development and refinement from the GNOME community.
Unlike some previous versions, this release focuses less on dramatic redesigns and more on strengthening the foundation of the desktop, improving performance, modernizing graphics handling, and simplifying long-standing complexities.
For Arch Linux users, that translates into a more streamlined and future-ready desktop environment.
Goodbye X11, Hello Wayland-Only Desktop
The headline change in GNOME 50 is the complete removal of X11 support from GNOME Shell and its window manager, Mutter.
After years of gradual transition:
X11 sessions were first deprecated Then disabled by default And now fully removed in GNOME 50
This means GNOME now runs exclusively on Wayland, with legacy X11 applications handled through XWayland compatibility layers.
The result is a simpler, more modern graphics stack that reduces maintenance overhead and improves long-term performance and security.
Improved Graphics and Display Handling
GNOME 50 brings several key improvements to display and graphics performance:
Variable Refresh Rate (VRR) enabled by default Better fractional scaling support Improved compatibility with NVIDIA drivers Enhanced HDR and color management
These changes aim to deliver smoother animations, more responsive desktops, and better support for modern displays.
For gamers and users with high-refresh monitors, these upgrades are especially noticeable.
Performance and Responsiveness Gains
Beyond graphics, GNOME 50 includes multiple performance optimizations:
Faster file handling in the Files (Nautilus) app Improved thumbnail generation Reduced stuttering in animations Better resource usage across the desktop
These refinements make the desktop feel more responsive, particularly on systems with demanding workloads or multiple monitors.
New Parental Controls and Accessibility Features
GNOME 50 also expands its focus on usability and accessibility.
Go to Full Article
- MX Linux Pushes Back Against Age Verification: A Stand for Privacy and Open Source Principles
by George Whittaker
The MX Linux project has taken a firm stance in a growing controversy across the Linux ecosystem: mandatory age-verification requirements at the operating system level. In a recent update, the team made it clear, they have no intention of implementing such measures, citing concerns over privacy, practicality, and the core philosophy of open-source software.
As governments begin introducing laws that could require operating systems to collect user age data, MX Linux is joining a group of projects resisting the shift.
What Sparked the Debate?
The discussion around age verification stems from new legislation, particularly in regions like the United States and Brazil, that aims to protect minors online. These laws may require operating systems to:
Collect user age or date of birth during setup Provide age-related data to applications Enable content filtering based on age categories
At the same time, underlying Linux components such as systemd have already begun exploring technical changes, including storing birthdate fields in user records to support such requirements.
MX Linux Says “No” to Age Verification
In response, the MX Linux team has clearly rejected the idea of integrating age verification into their distribution. Their reasoning is rooted in several key concerns:
User privacy: Collecting age data introduces sensitive personal information into systems that traditionally avoid such tracking Feasibility: Implementing consistent, secure age verification across a decentralized OS ecosystem is highly complex Philosophy: Open-source operating systems are not designed to act as data collectors or gatekeepers
The developers emphasized that they do not want to burden users with intrusive requirements and instead encouraged concerned individuals to direct their efforts toward policymakers rather than Linux projects.
A Broader Resistance in the Linux Community
MX Linux is not alone. The Linux world is divided on how, or whether, to respond to these regulations.
Some projects are exploring compliance, while others are pushing back entirely. In fact, age verification laws have sparked:
Strong debate among developers and maintainers Concerns about enforceability on open-source platforms New projects explicitly created to resist such requirements
In some extreme cases, distributions have even restricted access in certain regions to avoid legal complications.
Why This Matters
At its core, this issue goes beyond a single feature, it raises fundamental questions about what an operating system should be.
Linux has long stood for:
Go to Full Article
- LibreOffice Drives Europe’s Open Source Shift: A Growing Push for Digital Sovereignty
by George Whittaker
LibreOffice is increasingly at the center of Europe’s push toward open-source adoption and digital independence. Backed by The Document Foundation, the widely used office suite is playing a key role in helping governments, institutions, and organizations reduce reliance on proprietary software while strengthening control over their digital infrastructure.
Across the European Union, this shift is no longer experimental, it’s becoming policy.
A Broader Movement Toward Open Source
Europe has been steadily moving toward open-source technologies for years, but recent developments show clear acceleration. Governments and public institutions are actively transitioning away from proprietary platforms, often citing concerns about vendor lock-in, cost, and data control.
According to recent industry data, European organizations are adopting open source faster than their U.S. counterparts, with vendor lock-in concerns cited as a major driver.
LibreOffice sits at the center of this trend as a mature, fully open-source alternative to traditional office suites.
LibreOffice as a Strategic Tool
LibreOffice isn’t just another productivity application, it has become a strategic component in Europe’s digital policy framework.
The software:
Is fully open source and community-driven Supports open standards like OpenDocument Format (ODF) Allows governments to avoid dependency on specific vendors Enables long-term control over data and infrastructure
These characteristics align closely with the European Union’s broader strategy to promote interoperability and transparency through open standards.
Government Adoption Across Europe
LibreOffice adoption is already happening at scale across multiple countries and sectors.
Examples include:
Germany (Schleswig-Holstein): transitioning tens of thousands of government systems to Linux and LibreOffice Denmark: replacing Microsoft Office in public institutions as part of a broader digital sovereignty initiative France and Italy: deploying LibreOffice across ministries and defense organizations Spain and local governments: adopting LibreOffice to standardize workflows and reduce costs
In some cases, migrations involve hundreds of thousands of systems, demonstrating that open-source office software is viable at national scale.
Go to Full Article
- From Linux to Blockchain: The Infrastructure Behind Modern Financial Systems
by George Whittaker
The modern internet is built on open systems. From the Linux kernel powering servers worldwide to the protocols that govern data exchange, much of today’s digital infrastructure is rooted in transparency, collaboration, and decentralization. These same principles are now influencing a new frontier: financial systems built on blockchain technology.
For developers and system architects familiar with Linux and open-source ecosystems, the rise of cryptocurrency is not just a financial trend, it is an extension of ideas that have been evolving for decades.
Open-Source Foundations and Financial Innovation
Linux has long demonstrated the power of decentralized development. Instead of relying on a single authority, it thrives through distributed contributions, peer review, and community-driven improvement.
Blockchain technology follows a similar model. Networks like Bitcoin operate on open protocols, where consensus is achieved through distributed nodes rather than centralized control. Every transaction is verified, recorded, and made transparent through cryptographic mechanisms.
For those who have spent years working within Linux environments, this architecture feels familiar. It reflects a shift away from trust-based systems toward verification-based systems.
Understanding the Stack: Nodes, Protocols, and Interfaces
At a technical level, cryptocurrency systems are composed of multiple layers. Full nodes maintain the blockchain, validating transactions and ensuring network integrity. Lightweight clients provide access to users without requiring full data replication. On top of this, exchanges and platforms act as interfaces that connect users to the underlying network.
For developers, interacting with these systems often involves APIs, command-line tools, and automation scripts, tools that are already integral to Linux workflows. Managing wallets, verifying transactions, and monitoring network activity can all be integrated into existing development environments.
Go to Full Article
- Firefox 149 Arrives with Built-In VPN, Split View, and Smarter Browsing Tools
by George Whittaker
Mozilla has officially released Firefox 149.0, bringing a mix of new productivity features, privacy enhancements, and interface improvements. Released on March 24, 2026, this update continues Firefox’s steady push toward a more modern and user-focused browsing experience.
Rather than focusing on a single headline feature, Firefox 149 introduces several practical tools designed to improve how users multitask, stay secure, and interact with the web.
Built-In VPN Comes to Firefox
One of the most notable additions in Firefox 149 is the introduction of a built-in VPN feature. This optional tool provides users with an added layer of privacy while browsing, helping mask IP addresses and secure connections on public networks.
In some configurations, Mozilla is offering a free usage tier with limited monthly data, giving users a simple way to enhance privacy without installing separate software.
This move aligns with Mozilla’s long-standing emphasis on user privacy and security.
Split View for Better Multitasking
Firefox 149 introduces a Split View mode, allowing users to display two web pages side by side within a single browser window. This feature is especially useful for:
Comparing documents or products Copying information between pages Research and multitasking workflows
Instead of juggling multiple tabs and windows, users can now work more efficiently in a single, organized view.
Tab Notes: A New Productivity Tool
Another standout feature is Tab Notes, available through Firefox Labs. This tool allows users to attach notes directly to individual tabs, making it easier to:
Keep track of research Save reminders tied to specific pages Organize ongoing tasks
This feature reflects a growing trend toward integrating lightweight productivity tools directly into the browser experience.
Smarter Browsing with Optional AI Features
Firefox 149 also expands its experimental AI-powered features, including tools that can assist with summarizing content, providing quick explanations, or helping users interact with web pages more efficiently.
Importantly, Mozilla is keeping these features optional and user-controlled, maintaining its focus on transparency and privacy.
Developer and Platform Updates
For developers, Firefox 149 includes updates to web standards and APIs. One example is improved support for HTML features like enhanced popover behavior, which helps developers build more interactive web interfaces.
As always, these under-the-hood changes help ensure Firefox remains competitive and standards-compliant.
Go to Full Article
- Blender 5.1 Released: Faster Workflows, Smarter Tools, and Major Performance Gains
by german.suarez
The Blender Foundation has officially released Blender 5.1, the latest update to its powerful open-source 3D creation suite. This version focuses heavily on performance improvements, workflow refinements, and stability, while also introducing a handful of new features that expand what artists and developers can achieve.
Rather than reinventing the platform, Blender 5.1 is all about making existing tools faster, smoother, and more reliable — a release that benefits both professionals and hobbyists alike.
A Release Focused on Refinement
Blender 5.1 emphasizes polish over disruption, with developers addressing hundreds of issues and improving the overall production pipeline. The update includes widespread optimizations across rendering, animation, modeling, and the viewport, resulting in a more responsive and efficient experience.
Many of Blender’s internal libraries have also been updated to align with modern standards like VFX Platform 2026, ensuring better long-term compatibility and performance.
Performance Gains Across the Board
One of the standout aspects of Blender 5.1 is its performance boost:
Faster animation playback and shape key evaluation Improved rendering speeds for both GPU and CPU Reduced memory overhead and smoother viewport interaction Optimized internal systems for better responsiveness
In some scenarios, animation and editing performance improvements can be dramatic, especially with complex scenes.
New Raycast Node for Advanced Shading
A major feature addition in Blender 5.1 is the Raycast shader node, which opens the door to advanced rendering techniques.
This node allows artists to trace rays within a scene and extract data from surfaces, enabling:
Non-photorealistic rendering (NPR) effects Custom shading techniques Decal projection and X-ray-style visuals
It’s a flexible tool that expands Blender’s shading capabilities, especially for stylized workflows.
Grease Pencil Gets a Big Upgrade
Blender’s 2D animation tool, Grease Pencil, sees meaningful improvements:
New fill workflow with support for holes in shapes Better handling of imported SVG and PDF files More intuitive drawing and editing behavior
These updates make Grease Pencil far more practical for hybrid 2D/3D workflows and animation pipelines.
Geometry Nodes and Modeling Improvements
Geometry Nodes continue to evolve with expanded functionality:
Go to Full Article
- The Need for Cloud Security in a Modern Business Environment
by George Whittaker
Cloud systems are an emergent standard in business, but migration efforts and other directional shifts have introduced vulnerabilities. Where some attack patterns are mitigated, cloud platforms leave businesses open to new threats and vectors. The dynamic nature of these environments cannot be addressed by traditional security systems, necessitating robust cloud security for contemporary organizations.
Just as businesses have come to acknowledge the value of cloud operations, so too have cyber attackers. Protecting sensitive assets and maintaining regulatory compliance, while simultaneously ensuring business continuity against cloud attacks, requires a modern strategy. When any window could be an opportunity for infiltration, a comprehensive approach serves to limit exploitation.
Unlike traditional on-premise infrastructure, cloud environments dramatically expand an organization’s threat surface. Resources are distributed across regions, heavily dependent on APIs, and frequently created or decommissioned in minutes. This constant change makes it difficult to maintain a fixed security perimeter and increases the likelihood that misconfigurations or exposed services go unnoticed, creating opportunities for exploitation.
The Vulnerabilities of Cloud Security Services
Any misconfiguration, insecure application programming interface (API), or identity management solution may become an invitation for cyberattacks. Amid the rise of artificial intelligence (AI) technology, it is possible for even inexperienced individuals to exploit such weaknesses in cloud systems. Cloud environments are designed for accessibility, a benefit that can be taken advantage of.
“Unlike traditional software, AI systems can be manipulated through language and indirect instructions,” Lee Chong Ming wrote for Business Insider. “[AI expert Sander] Schulhoff said people with experience in both AI security and cybersecurity would know what to do if an AI model is tricked into generating malicious code.”
At the same time that many businesses are migrating to cloud platforms and implementing cloud security features, they are adopting AI technology in order to accelerate workflows and other processes. These systems may have their advantages for certain industries, but their presence can create its own vulnerabilities. Addressing the shortcomings of cloud systems and AI at the same time compounds the security challenges of today.
Go to Full Article
- Google Brings Chrome to ARM Linux: A Long-Awaited Step for Modern Linux Devices
by George Whittaker
Google has officially announced that Chrome is coming to ARM64 Linux systems, marking a major milestone for both the Linux and ARM ecosystems. The native browser is expected to launch in Q2 2026, finally closing a long-standing gap for users running Linux on ARM-based hardware.
For years, ARM Linux users have relied on Chromium builds or workarounds to access a Chrome-like experience. That’s about to change.
Why This Announcement Matters
Until now, Google Chrome on Linux was limited to x86_64 systems, leaving ARM-based devices without an official build.
That meant users had to:
Use Chromium instead of Chrome
Run emulated versions of Chrome
Miss out on proprietary features like sync, DRM support, and Google services
With this new release, ARM Linux users will finally get the full Chrome experience, including seamless integration with Google’s ecosystem.
What Users Can Expect
The upcoming ARM64 version of Chrome will bring the same features users expect on other platforms:
Google account sync (bookmarks, history, tabs)
Access to the Chrome Web Store and extensions
Built-in features like translation, autofill, and security protections
Support for DRM services and media playback
This brings ARM Linux closer to feature parity with macOS (ARM support since 2020) and Windows on ARM (since 2024).
The Rise of ARM on Linux
The timing of this move reflects a broader shift in computing. ARM-based hardware is rapidly gaining traction across:
Laptops powered by Snapdragon and future ARM chips
Developer boards like Raspberry Pi
High-performance systems such as NVIDIA’s ARM-based AI desktops
Google itself highlighted growing demand for Chrome on these systems, especially as ARM expands beyond mobile devices into mainstream computing.
Partnerships and Deployment
Google is also working with hardware vendors to streamline adoption. Notably, Chrome will be integrated into NVIDIA’s Linux-on-ARM DGX Spark systems, making installation easier for high-performance AI workstations.
For general users, Chrome will be available for download directly from Google once released.
Why This Took So Long
Interestingly, this move comes years after Chrome was already available on ARM-based platforms like Apple Silicon Macs and Windows devices.
Go to Full Article
- CrackArmor Exposed: Critical Flaws in AppArmor Put Millions of Linux Systems at Risk
by George Whittaker
A newly disclosed set of vulnerabilities has sent shockwaves through the Linux security community. Dubbed “CrackArmor,” these flaws affect AppArmor, one of the most widely used security modules in Linux, potentially exposing millions of systems to serious compromise.
Discovered by the Qualys Threat Research Unit, the vulnerabilities highlight a concerning reality: even core security mechanisms can harbor weaknesses that go unnoticed for years.
What Is CrackArmor?
“CrackArmor” refers to a group of nine critical vulnerabilities found in the Linux kernel’s AppArmor module. AppArmor is a mandatory access control (MAC) system designed to restrict what applications can do, helping contain attacks and enforce system policies.
These flaws stem from a class of issues known as “confused deputy” vulnerabilities, where a lower-privileged user can trick trusted processes into performing actions on their behalf.
Why These Vulnerabilities Are Serious
The impact of CrackArmor is significant because it undermines one of Linux’s core security layers. Researchers found that attackers could:
Escalate privileges to root from an unprivileged account
Bypass AppArmor protections entirely
Break container isolation, affecting Kubernetes and cloud workloads
Execute arbitrary code in the kernel
Trigger denial-of-service (DoS) conditions
In some demonstrations, attackers were able to gain full root access in seconds under controlled conditions.
How Widespread Is the Risk?
The scope of the issue is massive. AppArmor is enabled by default in major distributions such as:
Ubuntu
Debian
SUSE
Because of this, researchers estimate that over 12.6 million Linux systems could be affected.
These systems span:
Enterprise servers
Cloud infrastructure
Containers and Kubernetes clusters
IoT and edge devices
This widespread deployment significantly amplifies the potential impact.
A Long-Standing Problem
One of the most concerning aspects of CrackArmor is how long the vulnerabilities have existed. According to researchers, the flaws date back to around 2017 (Linux kernel 4.11) and remained undiscovered in production environments for years.
This long exposure window increases the risk that similar weaknesses may exist elsewhere in critical system components.
Go to Full Article
|
