Microsoft software engineer Stephen Hemminger has proposed removing the DECnet protocol handling code from the Linux kernel. The Register reports: The timing is ironic, as this comes just two weeks after VMS Software Inc announced that OpenVMS 9.2 was really ready this time... That announcement, of course, came some months after the first time it announced [PDF] version 9.2 [...]. The last maintainer of the DECnet code was Red Hat's Christine Caulfield, who flagged the code as orphaned in 2010. The change is unlikely to vastly inconvenience many people: VMS is the last even slightly mainstream OS that used DECnet, and VMS has supported TCP/IP for a long time. Indeed, for decades, the oldest email in this reporter's "sent" folder was a 1993 enquiry about the freeware CMUIP stack for VMS.

One of the easier ways to bootstrap VMS on an elderly VAX these days is to install it on the SimH VAX hardware simulator, and then net-boot the real VAX from the simulated one. Anyone keen enough to do that will be competent to run an older version of Linux just for the purpose. Although their existence is rapidly being forgotten today, TCP/IP is not the only network protocol around, and as late as the mid-1990s it wasn't even the dominant one. The Linux kernel used to support multiple network protocols, but they are disappearing fast. [...] For a long time, DECnet was a significant network protocol. DEC supplied a client stack called PathWorks to let DOS, Windows and Mac clients connect to VAX servers, not only for file and print, but also terminal connections and X.11. Whole worldwide WANs ran over DECnet, and as a teenage student, your correspondent enjoyed exploring them.

In response to user criticism, Google Play is bringing back the list of app permissions, but another curious Store change sees version numbers removed from the App info section. 9to5Google reports: Historically, you've been able to find the version number by opening a listings's "About this app" section and scrolling down to "App info" where it was the first line item. As of today, "Version" no longer appears there (or in the phone section of "Compatibility for your active devices") and "Updated on" is at the top. This information is only gone for the phone version of applications. It curiously remains for Wear OS and Android/Google TV apps. Meanwhile, version numbers still appear on the Google Play website. This issue does not appear related to (or just impact) apps that only note "Varies with device."

The Raspberry Pi 4 has hit a major graphics milestone, adding support for a more modern Vulkan 3D APIa. Ars Technica reports: Raspberry Pi CEO Eben Upton announced the Pi 4's Vulkan 1.2 conformance on Monday. Support isn't available yet in downloadable Pi-friendly operating systems but should be coming soon. For most people using their Pi as a server, a DIY controller, or a light desktop, Vulkan 1.2 conformance won't be noticeable. Desktop graphics on the standard Raspberry Pi OS are powered by OpenGL, the older graphics API that Vulkan is meant to replace. There is one group that benefits, says Upton: games and other 3D Android applications. Android uses Vulkan as its low-overhead graphics API.

As with most Raspberry Pi advancements, there could be unforeseen opportunities unleashed by this seemingly tiny change. Vulkan 1.2 support gives developers the same 3D-graphics interface (if not anywhere near the same power) as 2019 NVIDIA graphics cards, 2020 Intel chips with integrated graphics, and dozens of other devices. With a Vulkan 1.0 driver installed, developer Iago Toral was able in 2020 to get the original Quake trilogy mostly running on a Pi 4, with not-too-shabby frame rates.

"For more than a decade, Google has been baking and eating its own homemade Linux desktop distribution," writes Computerworld.

Long-time Slashdot reader waspleg shared their report: The first version was Goobuntu. (As you'd guess from the name, it was based on Ubuntu.) In 2018, Google moved its in-house Linux desktop from the Goobuntu to a new Linux distro, the Debian-based gLinux. Why? Because, as Google explained, Ubuntu's Long Term Support (LTS) two-year release "meant that we had to upgrade every machine in our fleet of over 100,000 devices before the end-of-life date of the OS."

That was a pain. Add in the time-consuming need to fully customize engineers' PCs, and Google decided that it cost too much. Besides, the "effort to upgrade our Goobuntu fleet usually took the better part of a year. With a two-year support window, there was only one year left until we had to go through the same process all over again for the next LTS. This entire process was a huge stress factor for our team, as we got hundreds of bugs with requests for help for corner cases."

So, when Google had enough of that, it moved to Debian Linux (though not just vanilla Debian). The company created a rolling Debian distribution: GLinux Rolling Debian Testing (Rodete). The idea is that users and developers are best served by giving them the latest updates and patches as they're created and deemed ready for production.
Google's using what appears to be an automated build system (along with virtualized test suites, and eventually "incremental canarying"), the article points out. The end result?

"The entire gLinux development team consists of a single on-duty release engineer position that rotates among team members."

joshuark writes: Dan Goodin of Ars Technica reports that security researchers have found that rootkits for Unified Extensible Firmware Interface (UEFI) are not rare, and difficult to detect. Kaspersky researchers profiled CosmicStrand, the security firm's name for a sophisticated UEFI rootkit that the company detected and obtained through its antivirus software. They state: "The most striking aspect of this report is that this UEFI implant seems to have been used in the wild since the end of 2016 -- long before UEFI attacks started being publicly described." The researchers warned that "the multiple rootkits discovered so far evidence a blind spot in our industry that needs to be addressed sooner rather than later."

ZDNet reports: Microsoft is rolling out a new security default for Windows 11 that will go a long way to preventing ransomware attacks that begin with password-guessing attacks and compromised credentials. The new account security default on account credentials should help thwart ransomware attacks that are initiated after using compromised credentials or brute-force password attacks to access remote desktop protocol (RDP) endpoints, which are often exposed on the internet.

RDP remains the top method for initial access in ransomware deployments, with groups specializing in compromising RDP endpoints and selling them to others for access.

The new feature is rolling out to Windows 11 in a recent Insider test build, but the feature is also being backported to Windows 10 desktop and server, according to Dave Weston, vice president of OS Security and Enterprise at Microsoft. "Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks — this control will make brute forcing much harder which is awesome!," Weston tweeted.

Weston emphasized "default" because the policy is already an option in Windows 10 but isn't enabled by default. That's big news and is a parallel to Microsoft's default block on internet macros in Office on Windows devices, which is also a major avenue for malware attacks on Windows systems through email attachments and links.... The defaults will be visible in the Windows Local Computer Policy directory "Account Lockout Policy".

The default "account lockout duration" is 10 minutes; the "account lockout threshold" is set to a maximum of 10 invalid logon attempts; a setting to "allow administrator account lockout" is enabled; and the "reset account lockout counter after" setting is set to 10 minutes.

With Apple's new CarPlay software announced in June, the company is "is diving deeper into its automotive ambitions, opening up the possibility to enter into a multibillion segment of the auto industry that's growing quickly: The ability to sell additional services and features to car owners," reports CNBC. From the report: The auto industry faces an unappealing choice: Offer CarPlay and give up potential revenue and the chance to ride a major industry shift, or spend heavily to develop their own infotainment software and cater to an potentially shrinking audience of car buyers who will purchase a new vehicle without CarPlay. [...] Industry observers believe carmakers need to embrace software services -- and look at Apple's offering with skepticism -- or risk getting left behind. "It's a really difficult time in the industry, where the car companies think they're still building cars. They're not. They're building software on wheels, and they don't know it, and they're trading it away," said Conrad Layson, senior analyst at AutoForecast Solutions.

The new version of CarPlay could be a huge emerging revenue engine for Apple. First, if a user loves the iPhone's CarPlay interface, then they're less likely to switch to an Android phone. That's a strategic priority for Apple, which generates the majority of its revenue through hardware sales. Second, while the company doesn't yet charge a fee to automakers or suppliers, it could sell services for vehicles the same way it distributes iPhone software. In June, Apple revealed that it has explored features that integrate commerce into the car's cockpit. One new feature announced this summer would allow CarPlay users to navigate to a gas pump and pay for the fuel from the dashboard of the car, according to Reuters. Apple already generates tens of billions from the App Store, and stands to boost that if it ever decides to charge for services in cars...

After trying, and failing, to acquire the popular chat platform Discord for $10 billion, Microsoft has opted for the next-best thing: directly integrating Discord's voice-chat capabilities into Xbox consoles. Ars Technica reports: The news arrived on Wednesday on Xbox Blog, and it clarified that for the time being, Discord access would be exclusive to the optional "Xbox Insider" tier of early, beta, and preview console OS updates. That update is already going live in waves to Xbox Insiders today, and it adds a new tooltip to the system's "chat" sidebar: "Try Discord Voice on Xbox today!"

[...] Sadly, this week's rollout of Discord on Xbox is a bit limited. The biggest issue is that there is no formal Discord app or interface on Xbox. You will need to keep a smartphone handy to initiate a "handoff" of your Discord session. Get ready for an annoying first-time setup process. Should you have an updated Xbox on the Insider OS track, its new "Try Discord Voice" prompt will initiate an account-sync process, which requires using a mobile Discord app to take a photo of a QR code displayed by your Xbox. (You'll need to re-do this if you've done so before, due to it adding a new level of credential for voice chat.) With this in place, when you are about to join a voice channel on Discord, a new "try voice chat on console" prompt will appear. Tapping through this will then, ugh, create another handover to Microsoft's dedicated Xbox app on either iOS or Android. Yes, if you want this to work, you need to install the Xbox app on your mobile device (and Discord will suggest you do so, if you haven't yet). This facilitates the key technical aspect of forwarding all Discord audio to your Xbox hardware.

With all that in place, presto: You can now talk to any participants in the Discord voice channel you chose directly on your Xbox. Its menu interface supports either muting or changing the volume level of every other user in the voice chat channel you chose, which is appreciated as a quickly accessible option during frantic gameplay. A one-button toggle in the menu allows chatters to switch between Discord voice chat and a particular game's dedicated voice-chat channel. (This is useful when you're talking to friends while in the midst of random online matchmaking, then need to turn on in-game voice chat for a second to confirm a strategy to your current teammates before going back to discussing souffle recipes with buddies.) All greater Discord control, sadly, goes back to your smartphone...

In April ZDNet called its beta "the cutest Linux distro you'll ever use," praising the polished "incredible elegance" of Debian-based Cutefish OS, with its uncluttered, MacOS-like "Cutefish DE" desktop.

But now CutefishOS.com times out, with at least one Reddit user complaining "their email is not responding" and seeking contributors for a fork.

But meanwhile, the technology site DebugPoint.com shares another update: It looks like the OpenMandriva project is already continuing with the development of the Cutefish DE (not the OS) for its own OS. For more details, visit the Matrix discussion page.

Besides, it's worth mentioning that Arch Linux already have the Cutefish desktop packages in the community repo. You can even install it as a standalone desktop environment in Arch Linux with easy steps. As you can see, it is easier to maintain the desktop environment to continue its development because the structure is already out there.

I have tested and reviewed hundreds of distros for years, and Cutefish OS is the promising one with its stunning desktop environment. It was written from the ground up with QML and C++ and took advantage of KWin. It would have been an attractive desktop as a separate component and could have been another great option besides KDE Plasma or GNOME.

Many open-source projects are born and die every year, and it's unfortunate to see the situation of Cutefish OS. I hope an official fork comes up soon, and we all can contribute to it.

Microsoft is shifting to a new engineering schedule for Windows which will see the company return to a more traditional three-year release cycle for major versions of the Windows client, while simultaneously increasing the output of new features shipping to the current version of Windows on the market. Zac Bowden writes via Windows Central: The news comes just a year after the company announced it was moving to a yearly release cadence for new versions of Windows. According to my sources, Microsoft now intends to ship "major" versions of the Windows client every three years, with the next release currently scheduled for 2024, three years after Windows 11 shipped in 2021. This means that the originally planned 2023 client release of Windows (codenamed Sun Valley 3) has been scrapped, but that's not the end of the story. I'm told that with the move to this new development schedule, Microsoft is also planning to increase the output of new features rolling out to users on the latest version of Windows.

Starting with Windows 11 version 22H2 (Sun Valley 2), Microsoft is kicking off a new "Moments" engineering effort which is designed to allow the company to rollout new features and experiences at key points throughout the year, outside of major OS releases. I hear the company intends to ship new features to the in-market version of Windows every few months, up to four times a year, starting in 2023. Microsoft has already tested this system with the rollout of the Taskbar weather button on Windows 11 earlier this year. That same approach will be used for these Moments, where the company will group together a handful of new features that have been in testing with Insiders and roll them out to everyone on top the latest shipping release of Windows. Many of the features that were planned for the now-scrapped Sun Valley 3 client release will ship as part of one of these Moments on top of Sun Valley 2, instead of in a dedicated new release of the Windows client in the fall of 2023.

Google is releasing Chrome OS Flex today, a new version of Chrome OS that's designed for businesses and schools to install and run on old PCs and Macs. From a report: Google first started testing Chrome OS Flex earlier this year in an early access preview, and the company has now resolved 600 bugs to roll out Flex to businesses and schools today. Chrome OS Flex is designed primarily for businesses running old Windows PCs, as Google has been testing and verifying devices from Acer, Asus, Dell, HP, Lenovo, LG, Toshiba, and many more OEMs. Flex will even run on some old Macs, including some 10-year-old MacBooks. The support of old hardware is the big selling point of Chrome OS Flex, as businesses don't have to ditch existing hardware to get the latest modern operating system. More than 400 devices are certified to work, and installation is as easy as using a USB drive to install Chrome OS Flex.

Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution. SecurityWeek reports: Researchers at cybersecurity firm ESET discovered a total of three buffer overflow vulnerabilities that can allow an attacker with local privileges to affected Lenovo devices to execute arbitrary code. However, Lenovo says only one of the vulnerabilities (CVE-2022-1892) impacts all devices, while the other two impact only a handful of laptops. "The vulnerabilities can be exploited to achieve arbitrary code execution in the early phases of the platform boot, possibly allowing the attackers to hijack the OS execution flow and disable some important security features," ESET explained. "These vulnerabilities were caused by insufficient validation of DataSize parameter passed to the UEFI Runtime Services function GetVariable. An attacker could create a specially crafted NVRAM variable, causing buffer overflow of the Data buffer in the second GetVariable call," it added.

Lenovo has also informed customers about Retbleed, a new speculative execution attack impacting devices with Intel and AMD processors. The company has also issued an advisory for a couple of vulnerabilities affecting many products that use the XClarity Controller server management engine. These flaws can allow authenticated users to cause a DoS condition or make unauthorized connections to internal services.

Alex Battaglia from the YouTube channel "Digital Foundry" was able to use the "RetroArch" software emulator to run Windows 98 on the Xbox Series X, along with several PC games of the era. "Technically, you're supposed to be an Xbox developer to access this, and you will need to sign up to the paid Microsoft Partner program and turn on 'Developer Mode' for your system to activate it," notes Pure Xbox. "In DF's case, rather than directly playing emulated games through RetroArch, they used the program to install Windows 98 software." From the report: Beyond the novelty of actually booting up Win98 on a modern console the channel then decided to test out some games, running through the older version of Windows. Playthroughs of Turok, Command & Conquer, Quake 2 and more were all pretty successful, although the act of loading them onto the software requires a bit of messing about (you have to create ISO files and transfer them over -- sadly, Xbox's disc drive can't read the original discs). Of course, this wouldn't be a Digital Foundry video without some performance comparisons, so the team did just that. The video compares hardware of the era with Xbox Series X's emulation, and while the console often lags behind due to the fact that it's literally emulating an entire version of Windows, and then a game on top of that, it fares pretty well overall. You can watch Digital Foundry's video here.

We're a couple of months out from Apple officially rolling out the next major versions of its various operating systems. However, you can try out iOS 16, iPadOS 16, watchOS 9, macOS Ventura and tvOS 16 right now. Apple has released a public beta, a few weeks after it offered up the first developer betas. To access them, you'll need to sign up for the Apple Beta Software Program and follow the directions.

Google is testing a method to boost the battery life of Chromebooks by changing how they work with the Chrome web browser. It's shaping up to be a potentially attractive update for users who leave a lot of tabs open on their Chromebooks. From a report: Google Chrome currently cuts the CPU time and throttles the CPU load for any tab you haven't touched or looked at for five minutes. Google calls this "intensive throttling of JavaScript timer wake up," and it's supposed to help conserve system battery life. The feature also makes the page wake up once every 60 seconds to check if you're actively using the tab again. It seems Google is interested in pushing the idea even further, at least for Chromebook users. About Chromebooks this week spotted a new flag in Chrome OS 105, currently being tested in the dev channel, that changes this five-minute period to 10 seconds.

System76, the Colorado-based Linux laptop, desktop, and server specialist, has announced a new highly portable laptop with an Intel Alder Lake processor inside. Tom's Hardware reports: The new Lemur Pro(opens in new tab) is a "lighter than Air" 14-inch form factor laptop with excellent battery life and attractions such as open firmware (powered by Coreboot) and a 180-degree hinge. In addition, buyers can choose to go with Pop!_OS 22.04 LTS or Ubuntu 22.04 LTS pre-installed. The new Lemur Pro has many attractive modern features you might see advertised in many rival mainstream thin and light designs. However, the special sauce here is the "System76 Open Firmware with Coreboot." Coreboot, known initially as LinuxBIOS, is significant as it is an open-source BIOS implementation embraced by Linux users. It is lightweight, flexible, and feature-rich. [...]

System76 has designed the Lemur Pro with monitor-based docking in mind. It envisions users connecting to a big screen using the USB-C connection to benefit from the more expansive workspace and laptop charging. Like Windows, Linux had to have some serious tinkering under the hood to prepare for the mix of Performance and Efficiency cores in Alder Lake chips. However, rest assured, efficient hybrid scheduling is taken care of with the two OS options that can be pre-installed on the Lemur Pro.

System76 allows customers to configure and buy Lemur Pro laptops right now. There are many RAM and storage configurations to pick through, and you can add external keyboards and monitors to the bundle. The entry price with an Intel Core i5-1235U, 8GB RAM, 240GB of storage, and no extras is $1,149. However, the Core i7-1255U model is a bit of a stretch, adding $200 to the base price for the faster CPU clocks.

Yesterday, Phoronix reported that the lead developer of systemd, Lennart Poettering, left Red Hat. "It turns out he had joined Microsoft and [is] continuing his work on systemd," writes Phoronix's Michael Larabel in a new report. He continues: While some may not always align with his views or approaches to handling some things, there is no overstating his enormous contributions to the Linux/open-source world and his dedication to advancing the ecosystem over the years. This may take many by surprise but let's not forget Microsoft has over time employed a number of Linux developers and other prominent open-source developers... Microsoft currently employs Python creator Guido van Rossum, GNOME creator Miguel de Icaza had been employed by Microsoft from 2016 when they acquired Xamarin to earlier this year when he left, Nat Friedman as part of Xamarin-Microsoft served as GitHub CEO following Microsoft's acquisition, Gentoo Linux founder Daniel Robbins was previously employed by Microsoft, Steve French as the Linux CIFS/SMB2/SMB3 maintainer and Samba team member works for Microsoft, and Microsoft employs/previously-employed a large number of upstream Linux developers like Matteo Croce, Matthew Wilcox, Shyam Prasad N, Michael Kelley, and many others beyond just the usual immediately recognizable names to Linux enthusiasts/developers. It was also just earlier this year that Christian Brauner as another longtime Linux kernel developer joined Microsoft. Christian Brauner is Berlin-based like Lennart and moved on to Microsoft after the past half-decade at Canonical working on the Linux kernel, LXC, systemd, and more.

One of the GNOME developers has suggested that the next major release of Gtk could drop support for the X window system. The Register reports: Emmanuele Bassi opened a discussion last week on the GNOME project's Gitlab instance that asked whether the developers could drop X.11 support in the next release of Gtk. At this point, it is only a suggestion, but if it gets traction, this could significantly accelerate the move to the Wayland display server and the end of X.11.

Don't panic: Gtk 5 is not imminent. Gtk is a well-established toolkit, originally designed for the GIMP bitmap editing program back in 1998. Gtk 4 arrived relatively recently, shortly before the release of GNOME 40 in 2021. GNOME 40 has new user-interface guidelines, and as a part of this, Gtk 4 builds GNOME's Adwaita theme into the toolkit by means of the new libadwaita library, which is breaking the appearance of some existing apps.

Also, to be fair, as we recently covered, the X window system is very old now and isn't seeing major changes, although new releases of parts of it do still happen. This discussion is almost certain to get wildly contentious, and the thread on Gitlab has been closed to further comments for now. If this idea gains traction, one likely outcome might well be a fork of Gtk, just as happened when GNOME 3 came out. [...] A lot of the features of the current version, X.11, are no longer used or relevant to most users. Even so, X.12 is barely even in the planning stages yet.

This week, BMW confirmed that some of its future models would run on a next-gen version of its in-house operating system built on top of Android Automotive. Android Polic reports: It's a big change from previous Linux-based versions, though the company says some of its cars will stay on its legacy build. So far, the automaker has yet to confirm which of its models will get Automotive support, though work on supporting it won't begin until March of 2023.

Automotive's biggest selling point for car manufacturers is its flexibility and customization options. Outside of some built-in Google apps -- Assistant, Maps, the Play Store -- don't expect to notice these BMW cars running Android immediately. Instead, the company will almost certainly rely on a skin to make the experience feel more in line with previous vehicles, as well as that Linux-based OS the company plans to keep developing.

The Windows 11 22H2 update is working its way through Microsoft's Windows Insider testing channels, and we'd expect it to begin rolling out to Windows 11 PCs at some point in the next few weeks or months. But Microsoft has had almost nothing to say about the next major update to Windows 10 beyond the fact that the operating system will keep getting yearly updates for the foreseeable future. From a report: And the Windows 10 22H2 update is actually already out there for those who know how to install it. Neowin has published a list of commands that can be typed into the Command Prompt or Windows Terminal to turn a fully updated Windows 10 21H2 install into a 22H2 install. The commands use Microsoft's Deployment Image Servicing and Management (DISM) tool to make tweaks to your Windows install and require the optional KB5014666 update for Windows 10 to be installed first. The catch is that enabling Windows 10 22H2 doesn't actually seem to do much beyond incrementing the version number on the "About Windows" screen.