"The US Cybersecurity and Infrastructure Security Agency has added a critical security bug in Linux to its list of vulnerabilities known to be actively exploited in the wild," reported Ars Technica on Friday.

"The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges." It's the result of a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated. Use-after-free vulnerabilities can result in remote code or privilege escalation. The vulnerability, which affects Linux kernel versions 5.14 through 6.6, resides in the NF_tables, a kernel component enabling the Netfilter, which in turn facilitates a variety of network operations... It was patched in January, but as the CISA advisory indicates, some production systems have yet to install it. At the time this Ars post went live, there were no known details about the active exploitation.

A deep-dive write-up of the vulnerability reveals that these exploits provide "a very powerful double-free primitive when the correct code paths are hit." Double-free vulnerabilities are a subclass of use-after-free errors...

Michael Larabel reports via Phoronix: A massive uptick in traffic to Fedora's package mirrors is causing problems for the Linux distribution. Some five million additional systems have started putting additional strain on Fedora's mirror resources since March and appear to be coming from Amazon's cloud. Stephen Smoogen of Red Hat wrote a blog post today around 5+ million more EPEL-7 systems beginning in March. Fedora hosts the packaging mirrors for Extra Packages For Enterprise Linux (EPEL) to augment the package selection available on RHEL, CentOS, Amazon Linux, etc.

The past three months now there has been a 5+ million surge in Fedora/EPEL traffic and it's placed a strain on the systems. It's about doubling the number of unique IPs connecting to the mirror system. The massive uptick in Fedora/EPEL activity puts additional pressure on Fedora web proxies for mirror data and then the mirrors themselves that tend to be volunteer run. Much of this new traffic is coming from the Amazon/AWS cloud.

BrianFagioli writes: Canonical has officially released the optimized Ubuntu 24.04 image for the Milk-V Mars, a credit-card-sized RISC-V single board computer (SBC) developed by Shenzhen MilkV Technology Co., Ltd.

The Milk-V Mars is the world's first high-performance RISC-V SBC of its size. Powered by the StarFive JH7110 quad-core processor, the board is equipped with up to 8GB of LPDDR4 memory and supports various modern interfaces, including USB 3.0, HDMI 2.0 for 4K output, and Ethernet with PoE capabilities. It also offers comprehensive expansion options with M.2 E-Key and extensive MIPI CSI channels, making it an ideal choice for developers and tech enthusiasts.

"Merged this Friday evening into the Linux 6.10 kernel is the new mseal() system call for memory sealing," reports Phoronix: The mseal system call was led by Jeff Xu of Google's Chrome team. The goal with memory sealing is to also protect the memory mapping itself against modification. The new mseal Linux documentation explains:

"Modern CPUs support memory permissions such as RW and NX bits. The memory permission feature improves security stance on memory corruption bugs, i.e. the attacker can't just write to arbitrary memory and point the code to it, the memory has to be marked with X bit, or else an exception will happen. Memory sealing additionally protects the mapping itself against modifications. This is useful to mitigate memory corruption issues where a corrupted pointer is passed to a memory management system... Memory sealing can automatically be applied by the runtime loader to seal .text and .rodata pages and applications can additionally seal security-critical data at runtime. A similar feature already exists in the XNU kernel with the VM_FLAGS_PERMANENT flag and on OpenBSD with the mimmutable syscall."

The mseal system call is designed to be used by the likes of the GNU C Library "glibc" while loading ELF executables to seal non-writable memory segments or by the Google Chrome web browser and other browsers for protecting security sensitive data structures.

"The fact it's possible at all is a credit to the ingenuity of the open-source community," writes the blog OMG Ubuntu: Switchroot is an open-source project that allows Android and Linux-based distros like Ubuntu to run on the Nintendo Switch — absolutely not something Nintendo approves of much less supports, endorses, or encourages, etc! I covered the loophole that made this possible back in 2018. Back then the NVIDIA Tegra X1-powered Nintendo Switch was still new and Linux support for much of the console's internal hardware in a formative state (a polite way to say 'not everything worked'). But as the popularity of Nintendo's handheld console ballooned (to understate it) so the 'alternative OS' Switch scene grew, and before long Linux support for Switch hardware was in full bloom...

A number of Linux for Switchroot (L4S) distributions have since been released, designated as Linux for Tegra (L4T) builds. As these can boot from a microSD card it's even possible to dualboot the Switch OS with Linux, which is neat! Recently, a fresh set of L4T Ubuntu images were released based on the newest Ubuntu 24.04 LTS release. These builds work on all Switch versions, from the OG (exploit-friendly) unit through to newer, patched models (where a modchip is required)...

I'm told all of the Nintendo Switch internal hardware now works under Linux, including Wi-Fi, Bluetooth, sleep mode, accelerated graphics, the official dock... Everything, basically. And despite being a 7 year old ARM device the performance is said to remain decent.
"Upstream snafus have delayed the release of builds with GNOME Shell..."

This week Red Hat announced one of America's leading pediatric hospitals is using AI to analyze X-rays, "to improve image quality and the speed and accuracy of image interpretation."

Red Hat's CTO said the move exemplifies "the positive impact AI can have in the healthcare field". Before Boston Children's Hospital began piloting AI in radiology, quantitative measurements had to be done manually, which was a time-consuming task. Other, more complex image analyses were performed completely offline and outside of the clinical workflow. In a field where time is of the essence, the hospital is piloting Red Hat OpenShift via the ChRIS Research Integration Service, a web-based medical image platform. The AI application running in ChRIS on the Red Hat OpenShift foundation has the potential to automatically examine x-rays, identify the most valuable diagnostic images among the thousands taken and flag any discrepancies for the radiologist. This decreases the interpretation time for radiologists.
But it also seems to be a big win for openness: Innovation developed internally is immediately transferable to public research clouds such as the Massachusetts Open Cloud, where large-scale data sharing and additional innovation can be fostered. Boston Children's Hospital aims to extend the reach of advanced healthcare solutions globally through this approach, amplifying their impact on patient well-being worldwide.
"Red Hat believes open unlocks the world's potential," the announcement concludes, "including the potential to share knowledge and build upon each other's discoveries. Additionally, Red Hat believes innovation — including AI — should be available everywhere, making any application, anywhere a reality.

"With open source, enabling AI-fueled innovation across hybrid IT environments that can lead to faster clinical breakthroughs and better patient outcomes is a reality."

Michael Larabel reports via Phoronix: The latest RISC-V port updates have been merged for the in-development Linux 6.10 kernel. Most notable with today's RISC-V merge to Linux 6.10 is now supporting the Rust programming language within the Linux kernel. RISC-V joins the likes of x86_64, LoongArch, and ARM64 already supporting the use of the in-kernel Rust language support. The use of Rust within the mainline Linux kernel is still rather limited with just a few basic drivers so far and a lot of infrastructure work taking place, but there are a number of new drivers and other subsystem support on the horizon. RISC-V now supporting Rust within the Linux kernel will become more important moving forward.

The RISC-V updates for Linux 6.10 also add byte/half-word compare-and-exchange, support for Zihintpause within hwprobe, a PR_RISCV_SET_ICACHE_FLUSH_CTX prctl(), and support for lockless lockrefs. More details on these RISC-V updates for Linux 6.10 via this Git merge.

Longtime Slashdot reader DVega shares a report from Phoronix: ReiserFS lead developer and convicted murderer Hans Reiser a few months back wrote letters to be made public apologizing for his social mistakes and other commentary. In his written communications he also made a last request for ReiserFS in the Linux kernel: "Assuming that the decision is to remove [ReiserFS] V3 from the kernel, I have just one request: that for one last release the README be edited to add Mikhail Gilula, Konstantin Shvachko, and Anatoly Pinchuk to the credits, and to delete anything in there I might have said about why they were not credited. It is time to let go."

Hans credits his improved social and communication skills learned in prison among other details shared in the public letters. Per the indirect request by Hans Reiser, SUSE's Jan Kara has now altered the ReiserFS README file with the changes going in today to the Linux 6.10 kernel. The negative language was removed and instead acknowledging their contributions.

An anonymous reader shared this report from the blog OMG Ubuntu: Ubuntu first switched to using Wayland as its default display server in 2017 before reverting the following year. It tried again in 2021 and has stuck with it since. But while Wayland is what most of us now log into after installing Ubuntu, anyone doing so on a PC or laptop with an NVIDIA graphics card present instead logs into an Xorg/X11 session.

This is because NVIDIA's proprietary graphics drivers (which many, especially gamers, opt for to get the best performance, access to full hardware capabilities, etc) have not supported Wayland as well as as they could've. Past tense as, thankfully, things have changed in the past few years. NVIDIA's warmed up to Wayland (partly as it has no choice given that Wayland is now standard and a 'maybe one day' solution, and partly because it wants to: opportunities/benefits/security).

With the NVIDIA + Wayland sitch' now in a better state than before — but not perfect — Canonical's engineers say they feel confident enough in the experience to make the Ubuntu Wayland session default for NVIDIA graphics card users in Ubuntu 24.10.

Jeremy Allison — Sam (Slashdot reader #8,157) is a Distinguished Engineer at Rocky Linux creator CIQ. This week he published a blog post responding to promises of Linux distros "carefully selecting only the most polished and pristine open source patches from the raw upstream open source Linux kernel in order to create the secure distribution kernel you depend on in your business."

But do carefully curated software patches (applied to a known "frozen" Linux kernel) really bring greater security? "After a lot of hard work and data analysis by my CIQ kernel engineering colleagues Ronnie Sahlberg and Jonathan Maple, we finally have an answer to this question. It's no." The data shows that "frozen" vendor Linux kernels, created by branching off a release point and then using a team of engineers to select specific patches to back-port to that branch, are buggier than the upstream "stable" Linux kernel created by Greg Kroah-Hartman. How can this be? If you want the full details the link to the white paper is here. But the results of the analysis couldn't be clearer.

- A "frozen" vendor kernel is an insecure kernel. A vendor kernel released later in the release schedule is doubly so.

- The number of known bugs in a "frozen" vendor kernel grows over time. The growth in the number of bugs even accelerates over time.

- There are too many open bugs in these kernels for it to be feasible to analyze or even classify them....

[T]hinking that you're making a more secure choice by using a "frozen" vendor kernel isn't a luxury we can still afford to believe. As Greg Kroah-Hartman explicitly said in his talk "Demystifying the Linux Kernel Security Process": "If you are not using the latest stable / longterm kernel, your system is insecure."
CIQ describes its report as "a count of all the known bugs from an upstream kernel that were introduced, but never fixed in RHEL 8." For the most recent RHEL 8 kernels, at the time of writing, these counts are: RHEL 8.6 : 5034 RHEL 8.7 : 4767 RHEL 8.8 : 4594

In RHEL 8.8 we have a total of 4594 known bugs with fixes that exist upstream, but for which known fixes have not been back-ported to RHEL 8.8. The situation is worse for RHEL 8.6 and RHEL 8.7 as they cut off back-porting earlier than RHEL 8.8 but of course that did not prevent new bugs from being discovered and fixed upstream....

This whitepaper is not meant as a criticism of the engineers working at any Linux vendors who are dedicated to producing high quality work in their products on behalf of their customers. This problem is extremely difficult to solve. We know this is an open secret amongst many in the industry and would like to put concrete numbers describing the problem to encourage discussion. Our hope is for Linux vendors and the community as a whole to rally behind the kernel.org stable kernels as the best long term supported solution. As engineers, we would prefer this to allow us to spend more time fixing customer specific bugs and submitting feature improvements upstream, rather than the endless grind of backporting upstream changes into vendor kernels, a practice which can introduce more bugs than it fixes.
ZDNet calls it "an open secret in the Linux community." It's not enough to use a long-term support release. You must use the most up-to-date release to be as secure as possible. Unfortunately, almost no one does that. Nevertheless, as Google Linux kernel engineer Kees Cook explained, "So what is a vendor to do? The answer is simple: if painful: Continuously update to the latest kernel release, either major or stable." Why? As Kroah-Hartman explained, "Any bug has the potential of being a security issue at the kernel level...."

Although [CIQ's] programmers examined RHEL 8.8 specifically, this is a general problem. They would have found the same results if they had examined SUSE, Ubuntu, or Debian Linux. Rolling-release Linux distros such as Arch, Gentoo, and OpenSUSE Tumbleweed constantly release the latest updates, but they're not used in businesses.
Jeremy Allison's post points out that "the Linux kernel used by Android devices is based on the upstream kernel and also has a stable internal kernel ABI, so this isn't an insurmountable problem..."

"6.9 is now out," Linus Torvalds posted on the Linux kernel mailing list, "and last week has looked quite stable (and the whole release has felt pretty normal)."

Phoronix writes that Linux 6.9 "has a number of exciting features and improvements for those habitually updating to the newest version." And Slashdot reader prisoninmate shared this report from 9to5Linux: Highlights of Linux kernel 6.9 include Rust support on AArch64 (ARM64) architectures, support for the Intel FRED (Flexible Return and Event Delivery) mechanism for improved low-level event delivery, support for AMD SNP (Secure Nested Paging) guests, and a new dm-vdo (virtual data optimizer) target in device mapper for inline deduplication, compression, zero-block elimination, and thin provisioning.

Linux kernel 6.9 also supports the Named Address Spaces feature in GCC (GNU Compiler Collection) that allows the compiler to better optimize per-CPU data access, adds initial support for FUSE passthrough to allow the kernel to serve files from a user-space FUSE server directly, adds support for the Energy Model to be updated dynamically at run time, and introduces a new LPA2 mode for ARM 64-bit processors...

Linux kernel 6.9 will be a short-lived branch supported for only a couple of months. It will be succeeded by Linux kernel 6.10, whose merge window has now been officially opened by Linus Torvalds. Linux kernel 6.10 is expected to be released in mid or late September 2024.
"Rust language has been updated to version 1.76.0 in Linux 6.9," according to the article. And Linus Torvalds shared one more details on the Linux kernel mailing list.

"I now have a more powerful arm64 machine (thanks to Ampere), so the last week I've been doing almost as many arm64 builds as I have x86-64, and that should obviously continue during the upcoming merge window too."

An anonymous reader shared this report from Phoronix: For the past several months AMD Linux engineers have been working on AMD Core Performance Boost support for their P-State CPU frequency scaling driver. The ninth iteration of these patches were posted on Monday and besides the global enabling/disabling support for Core Performance Boost, it's now possible to selectively toggle the feature on a per-CPU core basis...

The new interface is under /sys/devices/system/cpu/cpuX/cpufreq/amd_pstate_boost_cpb for each CPU core. Thus users can tune whether particular CPU cores are boosted above the base frequency.

This week, The Register reported: If you are still running RHEL 7, which is now approaching a decade old, there's good news. Red Hat is offering four more years of support for RHEL 7.9, which it terms Extended Life Cycle Support or ELS.

If you are running the free version, CentOS Linux 7, that hits its end-of-life on the same date: June 30, 2024. CIQ, which offers CentOS Linux rebuild Rocky Linux, has a life cycle extension for that too, which it calls CIQ Bridge. The company told The Reg: "CIQ Bridge, essentially a long-term support service tailored for CentOS 7 users on the migration path to Rocky Linux, is offered under an annual, fixed-rate subscription. CIQ Bridge includes access to CentOS 7 extended life package updates for an additional three years and security updates for CVSS 7 issues and above. Security updates for CVSS 5 and 6 are available at an elevated subscription tier. CIQ Bridge is designed to support CentOS 7 users until they are ready for CIQ guidance and support in migration to Rocky Linux." CIQ believes there's a substantial market for this, and points to research from Enlyft that suggests hundreds of thousands of users still on CentOS Linux 7.

Red Hat Enterprise Linux 9.4 has been released. But also released is Rocky Linux 9.4, reports 9to5Linux: Rocky Linux 9.4 also adds openSUSE's KIWI next-generation appliance builder as a new image build workflow and process for building images that are feature complete with the old images... Under the hood, Rocky Linux 9.4 includes the same updated components from the upstream Red Hat Enterprise Linux 9.4
This week also saw the release of Alma Linux 9.4 stable (the "forever-free enterprise Linux distribution... binary compatible with RHEL.") The Register points out that while Alma Linux is "still supporting some aging hardware that the official RHEL 9.4 drops, what's new is largely the same in them both."

And last week also saw the launch of the AlmaLinux High-Performance Computing and AI Special Interest Group (SIG). HPCWire reports: "AlmaLinux's status as a community-driven enterprise Linux holds incredible promise for the future of HPC and AI," said Hayden Barnes, SIG leader and Senior Open Source Community Manager for AI Software at HPE. "Its transparency and stability empowers researchers, developers and organizations to collaborate, customize and optimize their computing environments, fostering a culture of innovation and accelerating breakthroughs in scientific research and cutting-edge AI/ML."
And this week, InfoWorld reported: Red Hat has launched Red Hat Enterprise Linux AI (RHEL AI), described as a foundation model platform that allows users to more seamlessly develop and deploy generative AI models. Announced May 7 and available now as a developer preview, RHEL AI includes the Granite family of open-source large language models (LLMs) from IBM, InstructLab model alignment tools based on the LAB (Large-Scale Alignment for Chatbots) methodology, and a community-driven approach to model development through the InstructLab project, Red Hat said.

SiliconANGLE looks at how starting in 2021, Microsoft and Red Hat have formed "an unlikely partnership set to reshape the landscape of cloud computing..." First, their collective open-source capabilities will lead to co-developed solutions to simplify the modernization and migration of Red Hat technologies to the cloud, seamlessly integrating them with Microsoft's Azure platform, according to João Couto, EMEA VP and COO of cloud commercial solutions at Microsoft. "We have acquired GitHub, which is also one of the largest repositories of open source worldwide," he said. "In that context, it makes a lot of sense to work together with Red Hat."
Transcribed from their interview: What we have been doing so far is making sure that we are co-developing solutions together with Red Hat. And making these solutions available to our customers — making it easy for customers to transform, to modernize [their] Red Hat technology running on-prem, and moving them into cloud using our own Microsoft cloud technology, but Red Hat solutions, in a very, very seamless, integrated way. And also leveraging all the entire portfolio of Red Hat automation tools, so that they can make it easier for customers not just to do the migration, but also to do management, run the operation, and all the troubleshooting also from the customer-care perspective. So that's basically an end-to-end partnership approach that we are taking...

"[Customers] get an integrated support experience from Red Hat technical teams and Microsoft technical teams. And this means that these two technical teams are often colocated, so whenever a customer has a challenge, they are being answered by Microsoft and Red Hat technical teams, all working together to solve this challenge from the customer. So this brings also an increased level of confidence to customers to move to cloud...

"We have both engineering teams from both sides working together to achieve this level of integration between the two solutions. So when you talk about Red Hat Enterprise Linux or when you have the Azure Red Hat OpenShift, which is a new solution that we have recently launched — these are solutions that using open source, are bringing in an additional level of integration, flexibility, automation to customers. So that they can migrate, and manage, their solutions in a more seamless way, and in a more easy way. So we are embedding this kind of overlying partnership from an open source perspective to bring these innovations live to customers."

Michael Larabel reports via Phoronix: Building off the recent release of Fedora 40, Fedora Asahi Remix 40 is now available for this downstream of Fedora Linux that's optimized to run on Apple Silicon ARM systems. Fedora Asahi Remix continues to be one of the best ways of enjoying a Linux experience atop recent Apple Macs making use of their in-house M1/M2/M3 SoCs. With the Fedora Asahi Remix 40 release there is now conformant OpenGL 4.6 support thanks to the upgraded Mesa. There is also improved device compatibility with its newer kernel.

Fedora Asahi Remix continues to cater to using the KDE Plasma desktop by default. With the upgrade to Fedora Asahi Remix 40 this also means now transitioning to the KDE Plasma 6.0 desktop environment for their flagship desktop experience. A GNOME variant using GNOME 46 is also available. You can learn more about the release via FedoraMagazine.org. Installation options are available at FedoraProject.org.

The blog It's FOSS is "pissed at the casual arrogance of Ubuntu and its parent company Canonical..... The sheer audacity of not caring for its users reeks of Microsoft-esque arrogance." If you download a .deb package of a software, you cannot install it using the official graphical software center on Ubuntu anymore. When you double-click on the downloaded deb package, you'll see this error, "there is no app installed for Debian package files".

If you right-click and choose to open it with Software Center, you are in for another annoyance. The software center will go into eternal loading. It may look as if it is doing something, but it will go on forever. I could even livestream the loading app store on YouTube, and it would continue for the 12 years of its long-term support period.
Canonical software engineer Dennis Loose actually created an issue ticket for the problem himself — back in September of 2023. And two weeks ago he returned to the discussion to announce that fix "will be a priority for the next cycle". (Though "unfortunately we didn't have the capacity to work on this for 24.04...)

But Its Foss accused Canonical of "cleverly booting out deb in favor of Snap, one baby step at a time" (noting the problem started with Ubuntu 23.10): There is also the issue of replacing deb packages with Snap, even with the apt command line tool. You use 'sudo apt install chromium', you get a Snap package of Chromium instead of Debian
The venerable Linux magazine argues that Canonical "has secretly forced Snap installation on users." [I]t looks as if the Software app defaults to Snap packages for everything now. I combed through various apps and found this to be the case.... As far as the auto-installation of downloaded .deb files, you'll have to install something like gdebi to bring back this feature.

An anonymous reader quotes a report from Foss Outpost: Systemd lead developer Lennart Poettering has posted on Mastodon about their upcoming v256 release of Systemd, which is expected to include a sudo replacement called "run0". The developer talks about the weaknesses of sudo, and how it has a large possible attack surface. For example, sudo supports network access, LDAP configurations, other types of plugins, and much more. But most importantly, its SUID binary provides a large attack service according to Lennart: "I personally think that the biggest problem with sudo is the fact it's a SUID binary though -- the big attack surface, the plugins, network access and so on that come after it it just make the key problem worse, but are not in themselves the main issue with sudo. SUID processes are weird concepts: they are invoked by unprivileged code and inherit the execution context intended for and controlled by unprivileged code. By execution context I mean the myriad of properties that a process has on Linux these days, from environment variables, process scheduling properties, cgroup assignments, security contexts, file descriptors passed, and so on and so on."

He's saying that sudo is a Unix concept from many decades ago, and a better privilege escalation system should be in place for 2024 security standards: "So, in my ideal world, we'd have an OS entirely without SUID. Let's throw out the concept of SUID on the dump of UNIX' bad ideas. An execution context for privileged code that is half under the control of unprivileged code and that needs careful manual clean-up is just not how security engineering should be done in 2024 anymore." [...]

He also mentioned that there will be more features in run0 that are not just related to the security backend such as: "The tool is also a lot more fun to use than sudo. For example, by default, it will tint your terminal background in a reddish tone while you are operating with elevated privileges. That is supposed to act as a friendly reminder that you haven't given up the privileges yet, and marks the output of all commands that ran with privileges appropriately. It also inserts a red dot (unicode ftw) in the window title while you operate with privileges, and drops it afterwards."

ReneR writes: A major T2 Linux milestone has been released, shipping with full support for 25 CPU architectures and several C libraries, as well as restored support for Intel IA-64 Itanium. Additionally, many vintage X.org DDX drivers were fixed and tested to work again, as well as complete support for the latest KDE 6 and GNOME 46.

T2 is known for its sophisticated cross compile support and support for nearly all existing CPU architectures: Alpha, Arc, ARM(64), Avr32, HPPA(64), IA64, M68k, MIPS(64), Nios2, PowerPC(64)(le), RISCV(64), s390x, SPARC(64), and SuperH x86(64). T2 is an increasingly popular choice for embedded systems and virtualization. It also still supports the Sony PS3, Sgi, Sun and HP workstations, as well as the latest ARM64 and RISCV64 architectures.

The release contains a total of 5,140 changesets, including approximately 5,314 package updates, 564 issues fixed, 317 packages or features added and 163 removed, and around 53 improvements. Usually most packages are up-to-date, including Linux 6.8, GCC 13, LLVM/Clang 18, as well as the latest version of X.org, Mesa, Firefox, Rust, KDE 6 and GNOME 46!

More information, source and binary distribution are open source and free at T2 SDE.

Tobias Mann reports via The Register: Canadian systems builder 45 Drives is perhaps best known for the dense multi-drive storage systems employed by the likes of Backblaze and others, but over the last year the biz has expanded its line-up to virtualization kit, and now low-power clients and workstations aimed at enterprises and home enthusiasts alike. 45 Drives' Home Client marks a departure from the relatively large rack-mount chassis it normally builds. Founder Doug Milburn told The Register the mini PC is something of a passion project that was born out of a desire to build a better home theater PC.

Housed within a custom passively cooled chassis built in-house by 45 Drive's parent company Protocase, is a quad-core, non-hyperthreaded Intel Alder Lake-generation N97 processor capable of boosting to 3.6GHz, your choice of either 8GB or 16GB of memory, and 250GB of flash storage. The decision to go with a 12-gen N-series was motivated in part by 45 Drives' internal workloads, Milburn explains, adding that to run PowerPoint or Salesforce just doesn't require that much horsepower. However, 45 Drives doesn't just see this as a low-power PC. Despite its name, the box will be sold under both its enterprise and home brands. In home lab environments, these small form factor x86 and Arm PCs have become incredibly popular for everything from lightweight virtualization and container hosts to firewalls and routers. [...]

In terms of software, 45 Drives says it will offer a number of operating system images for customers to choose from at the time of purchase, and Linux will be a first-class citizen on these devices. It's safe to say that Milburn isn't a big fan of Microsoft these days. "We run many hundreds of Microsoft workstations here, but we're kind of moving away from it," he said. "With Microsoft, it's a control thing; it's forced updates; it's a way of life with them." Milburn also isn't a fan of Microsoft's registration requirements and online telemetry. "We want control over what all our computers do. We want no traffic on our network that's out of here," he said. As a result, Milburn says 45 Drives is increasingly relying on Linux, and that not only applies to its internal machines but its products as well. Having said that, we're told that 45 Drives recognizes that Linux may not be appropriate for everyone and will offer Windows licenses at an additional cost. And, these both being x86 machines, there's nothing stopping you from loading your preferred distro or operating system on them after they've shipped. These workstations aren't exactly cheap. They start at $1,099 without the dedicated GPU. "The HL15 will set you back $799-$910 for the bare chassis if you opted for the PSU or not," adds The Register. "Meanwhile, a pre-configured system would run you $1,999 before factoring in drives."