An anonymous reader shared this report from The Hacker News: Three new malicious packages have been discovered in the Python Package Index (PyPI) open-source repository with capabilities to deploy a cryptocurrency miner on affected Linux devices.

The three harmful packages, named modularseven, driftme, and catme, attracted a total of 431 downloads over the past month before they were taken down...

The malicious code resides in the __init__.py file, which decodes and retrieves the first stage from a remote server, a shell script ("unmi.sh") that fetches a configuration file for the mining activity as well as the CoinMiner file hosted on GitLab. The ELF binary file is then executed in the background using the nohup command, thus ensuring that the process continues to run even after exiting the session. "Echoing the approach of the earlier 'culturestreak' package, these packages conceal their payload, effectively reducing the detectability of their malicious code by hosting it on a remote URL," said Fortinet FortiGuard Labs researcher Gabby Xiong. "The payload is then incrementally released in various stages to execute its malicious activities."

If you're starting the new year with a new Linux distro, ZDNet just ran an enthusiastic profile of Rhino Linux, calling it "beautiful" with "one of the more useful command-line package managers on the market." Rhino uses a modern take on the highly efficient and customizable Xfce desktop (dubbed "Unicorn") to help make the interface immediately familiar to anyone who logs in. You'll find a dock on the left edge of the screen that contains launchers for common applications, access to the Application Grid (where you can find all of your installed software), and a handy Search Bar (Ulauncher) that allows you to quickly search for and launch any installed app (or even the app settings) you need...

Thanks to myriad configuration options, Xfce can be a bit daunting. At the same time, the array of settings makes Xfce highly customizable, which is exactly what the Rhino developers did when they designed this desktop. For those who want a desktop that makes short work of accessing files, the Rhino developers have added a really nifty tool to the top bar. You'll find a listing of some folders you have in your Home directory (Files, Documents, Music, Pictures, Video). If you click on one of those entries, you'll see a list of the most recently accessed files within the directory. Click on the file you want to open with the default, associated application...

Rhino opts for the Pacstall package manager over the traditional apt-get. That's not to say apt-get isn't on the system — it is. But with Rhino Linux, there's a much easier path to getting the software you want installed... [W]hen you first run the installed OS, you are greeted with a window that allows you to select what package managers you want to use. You can select from Snap, Flatpak, and AppImages (or all three). Next, the developers added a handy tool (rhino-pkg) that makes installing from the command line very simple.
When the distro launched in August, 9to5Linux described it as "a unique distribution for Ubuntu fans who wanted a rolling-release system where they install once and receive updates forever." The theming looks gorgeous and it's provided by the Elementary Xfce Darker icon theme, Xubuntu's Greybird GTK theme, and Ubuntu's Yaru Dark WM theme. It also comes with some cool features, such as a dedicated and full-screen desktop switcher provided by Xfdashboard...

Klaus Zimmermann (a self-described "friendly hacker") recently posted a "State of the Distro" post, choosing his favorite distributions for things like portable installation from a USB drive (Alpine Linux) and for a desktop OS (Debian Linux or Devuan).

But when it comes to a distro for the Raspberry Pi, (at least until the 4), Zimmerman argues that FreeBSD's performance is "unlike any other Linux distribution I've ever seen, even with cpupower activated and overclocking." Nope, no match — FreeBSD's performance on the Pi is still way better, even without overclocking. You can browse a modern web, have things scroll smoothly, watch videos and even play some 3D games like Quake with it! And if you overclock it a little (2GHz) you can even make it run that gargantua MS Teams.

But what about all that lackluster driver support? WiFi drivers still on the 802.11g standard and all? Surely you can't be serious about it when Linux offers all that support out of the box, right? Wrong, actually. For starters, the drivers provided for the Pi's hardware are often half-assed proprietary blobs... I no longer think FreeBSD is really at fault if the driver support for the hardware is not helpful to begin with. Even drivers you find for Linux are shaky at best.

So yes, I will keep using FreeBSD on the Pi. As a desktop. With USB WiFi and audio adapters for those services, because the existing hardware is sort of moot even otherwise. And with those USB adapters — and FreeBSD — the Pi works really well, truly desktop-like.
I'd be curious to hear from Slashdot's readers about their own experiments with Linux (and FreeBSD) on a Raspberry Pi. Zimmerman's final winner, for the "Server" category, was Debian — though of his two servers, one is just an XMPP server set up on a Raspberry Pi. "I found that using Debian on the Pi is a real joy. Easy and simple to set up, familiar environment and all. So I'm keeping it.

"This concept is about to be overshadowed, however, by my growing like of FreeBSD lately..."


Thanks to long-time Slashdot reader walterbyrd for sharing the article.

Michael Larabel reports via Phoronix: AMD engineers are proposing an FPGA Subsystem User-Space Interface to overcome current limitations of the Linux kernel's FPGA manager subsystem. AMD-Xilinx engineers are proposing a new sysfs interface for the FPGA subsystem that allows for more user-space control over FPGAs. The suggested interface would handle FPGA configuration, driver probe/remove, bridges, Device Tree Overlay file support for re-programming an FPGA while the operating system is running, and other capabilities for user-space not currently presented by the mainline kernel. [...] This proposal from AMD hopes to standardize the FPGA subsystem user-space interface in a manner that is suitable for upstreaming into the mainline Linux kernel.

From a report: According to Statcounter, which should be taken with a pinch of salt of course like any sampling, the Linux share on the desktop hit nearly 4% in December 2023. Last month was a record too and a clear trend over time, as going back a couple of years, it was rarely coming close to 2% but now it's repeatedly nearing 4% so it's quite a good sign overall.

The latest from Statcounter shows for all of 2023 below:

January - 2.91%
February - 2.94%
March - 2.85%
April - 2.83%
May - 2.7%
June - 3.07%
July - 3.12%
August - 3.18%
September - 3.02%
October - 2.92%
November - 3.22%
December - 3.82%

Looking at December it shows Windows rising too, with macOS dropping down. If we actually take ChromeOS directly into the Linux numbers for December 2023 the overall number would actually be 6.24% (ChromeOS is Linux after all).

While Gentoo Linux is best-known as source-based Linux distribution, "our package manager, Portage, already for years also has support for binary packages," according to its web page. It notes that source- and binary-based package installations can be freely mixed.

But now... To speed up working with slow hardware and for overall convenience, we're now also offering binary packages for download and direct installation! For most architectures, this is limited to the core system and weekly updates — not so for amd64 and arm64 however. There we've got a stunning >20 GByte of packages on our mirrors, from LibreOffice to KDE Plasma and from Gnome to Docker. Gentoo stable, updated daily. Enjoy!
"We have a rather neat binary package guide on our Wiki that goes into much more detail..." the announcement points out.

The packages are cryptographically signed with the same key as the stages.

Thanks to Heraklit (Slashdot reader #29,346) for sharing the news.

They create a dedicated desktop icon for your favorite web-based application — a simplified browser that opens to that single URL. Yet while Linux usually offers the same functionality as other operating systems, "Peppermint OS's Ice and its successor Kumo are the only free software versions of Site-Specific Browsers available on Linux," according to Linux magazine.

"Fortunately for those who want this functionality, Peppermint OS is a Debian derivative, and both can be installed on Debian and most other derivatives." Since SSBs first appeared in 2005, they have been available on both Windows and macOS. On Linux, however, the availability has come and gone. On Linux, Firefox once had an SSB mode, but it was discontinued in 2020 on the grounds that it had multiple bugs that were time-consuming to fix and there was "little to no perceived user benefit to the feature." Similarly, Chromium once had a basic SSB menu item, Create Application Shortcut, which no longer appears in recent versions. As for GNOME Web's (Epiphany's) Install Site as Web Application, while it still appears in the menu, it is no longer functional. Today, Linux users who want to try SSBs have no choices except Ice or Kumo.

Neither Ice or Kumo appears in any repository except Peppermint OS's. But because Peppermint OS installs packages from Debian 12 ("bookworm"), either can be installed to Debian or a derivative... To install successfully, at least one of Firefox, Chrome, Chromium, or Vivaldi also must be installed... Because both Ice and Kumo are written in Python, they can be run on any desktop.
The article concludes that Site-Specific Browsers might make more sense "on a network or in a business where their isolation provides another layer of security. Or perhaps the time for SSBs is past and there's a reason browsers have tried to implement them, and then discarded them."

Melbourne-based developer xssfox has championed a unique "diagonal mode" for monitors by utilizing Linux's xrandr (x resize and rotate) tool, finding a 22-degree tilt to the left to be the ideal angle for software development on her 32:9 aspect ratio monitor. As Tom's Hardware notes, Linux is the "only OS to support a diagonal monitor mode, which you can customize to any tilt of your liking." It begs the question, could 2024 be the year of the Linux diagonal desktop? From the report: Xssfox devised a consistent method to appraise various screen rotations, working through the staid old landscape and portrait modes, before deploying xrandr to test rotations like the slightly skewed 1 degree and an indecisive 45 degrees. These produced mixed results of questionable benefits, so the search for the Goldilocks solution continued. It turns out that a 22-degree tilt to the left was the sweet spot for xssfox. This rotation delivered the best working screen space on what looks like a 32:9 aspect ratio monitor from Dell. "So this here, I think, is the best monitor orientation for software development," the developer commented. "It provides the longest line lengths and no longer need to worry about that pesky 80-column limit."

If you have a monitor with the same aspect ratio, the 22-degree angle might work well for you, too. However, people with other non-conventional monitor rotation needs can use xssfox's javascript calculator to generate the xrandr command for given inputs. People who own the almost perfectly square LG DualUp 28MQ780 might be tempted to try 'diamond mode,' for example. We note that Windows users with AMD and Nvidia drivers are currently shackled to applying screen rotations using 90-degree steps. MacOS users apparently face the same restrictions.

"This is a proposed Change for Fedora Linux..." emphasizes its page on the Fedora project Wiki. "As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee."

But Phoronix reports that "One of the latest change proposals filed for Fedora 40 is to unify their /usr/bin and /usr/sbin locations." The change proposal explains:

"The /usr/sbin directory becomes a symlink to bin, which means paths like /usr/bin/foo and /usr/sbin/foo point to the same place. /bin and /sbin are already symlinks to /usr/bin and /usr/sbin, so effectively /bin/foo and /sbin/foo also point to the same place. /usr/sbin will be removed from the default $PATH."

Fedora years ago merged /bin and /usr/bin and as the last step they want to unify /usr/bin and /usr/sbin.
The change proposal argues that with this change, "Fedora becomes more compatible with other distributions."


- We have /sbin/ip while Debian has /bin/ip

- We have /bin/chmem and /bin/isosize, but Debian has /sbin/chmem and /sbin/isosize

- We also have /sbin/{addpart,delpart,lnstat,nstat,partx,ping,rdma,resizepart,ss,udevadm,update-alternatives}, while Debian has those in under /bin, etc.

- Fedora becomes more compatible with Arch, which did the merge a few years ago.


The proposal on the Fedora project Wiki offers this summary: The split between /bin and /sbin is not useful, and also unused. The original split was to have "important" binaries statically linked in /sbin which could then be used for emergency and rescue operations. Obviously, we don't do static linking anymore. Later, the split was repurposed to isolate "important" binaries that would only be used by the administrator. While this seems attractive in theory, in practice it's very hard to categorize programs like this, and normal users routinely invoke programs from /sbin. Most programs that require root privileges for certain operations are also used when operating without privileges. And even when privileges are required, often those are acquired dynamically, e.g. using polkit. Since many years, the default $PATH set for users includes both directories. With the advent of systemd this has become more systematic: systemd sets $PATH with both directories for all users and services. So in general, all users and programs would find both sets of binaries...

Since generally all user sessions and services have both directories in $PATH, this split actually isn't used for anything. Its main effect is confusion when people need to use the absolute path and guess the directory wrong. Other distributions put some binaries in the other directory, so the absolute path is often not portable. Also, it is very easy for a user to end up with /sbin before /bin in $PATH, and for an administrator to end up with /bin before /sbin in $PATH, causing confusion. If this feature is dropped, the system became a little bit simpler, which is useful especially for new users, who are not aware of the history of the split.

Phoronix's Michael Larabel writes: With patches pending for creating an Acer Aspire 1 embedded controller driver, this Qualcomm Snapdragon powered ARM laptop has "almost full support" with the upstream Linux kernel. The Acer Aspire 1 (A114-61) is an aging ARM laptop design built on the Snapdragon 7c Gen1. It's no longer the latest and greatest with it being a two year old device, but for those wanting a low-power and long-battery-life laptop, the Acer Aspire 1 still has some potential for Linux enthusiasts.

Over the course of this year this eight-core ARM laptop has been seeing work on mainline Linux kernel support. Since Linux 6.5 much of that support has been in place while some bits remain. Sent out recently was this patch series creating an embedded controller (EC) driver for the Acer Aspire 1. This EC driver gets battery and charger monitoring working along with USB Type-C DP Alt Mode HPD monitoring, lid status detection, and some keyboard configuration. The EC functionality on the Acer Aspire 1 is implemented in ACPI but sadly ACPI cant be used to boot Linux on these Qualcomm devices -- thus leading to this new "acer-aspire1-ec" driver being created.

prisoninmate shares a report from 9to5Linux: Announced in early August and initially planned for the end of the month, the Fedora Asahi Remix distribution is finally here for those who want to install the Fedora Linux operating system on their Apple Silicon Macs. Previously a remix of Arch Linux ARM, the Fedora Asahi Remix distribution is the result of a multi-year collaboration between the Asahi Linux project and the Fedora Project, enabling you to have a proper daily driver on your Apple Silicon Mac thanks to Fedora Linux's excellent 64-bit ARM support.

The distro is based on the latest Fedora Linux 39 release and ships with the KDE Plasma 5.27 LTS desktop environment by default, using Wayland. This promises a smooth Linux desktop experience on Apple hardware similar to macOS. Fedora Asahi Remix also comes with XWayland for those who want to run X11 apps. In addition, it features non-conformant OpenGL 3.3 support including GPU-accelerated geometry shaders and transform feedback, PipeWire by default with WirePlumber, as well as the Calamares graphical installer. You can download and install Fedora Asahi Remix here.

Linux magazine interviewed an AlmaLinux official about what happened after their distro pivoted to binary compatibility with Red Hat Enterprise Linux rather than being a downstream build: Linux Magazine: What prompted AlmaLinux to choose ABI over 1:1 compatibility with RHEL?

benny Vasquez, chair of the AlmaLinux OS Foundation: The short answer is our users. Overwhelmingly, our users made it clear that they chose AlmaLinux for its ease of use, the security and stability that it provides, and the backing of a diverse group of sponsors. All of that together meant that we didn't need to lock ourselves into copying RHEL, and we could continue to provide what our users needed.

Moreover, we needed to consider what our sponsors would be able to help us provide, and how we could best serve the downstream projects that now rely on AlmaLinux. The rippling effects of any decision that we make are beyond measure at this point, so we consider all aspects of our impact and then move forward with confidence and intention.

LM: How did AlmaLinux's mission of improving the Linux ecosystem for everyone influence this decision?

bV: We strongly believe that the soul of open source means working together, providing value where there is a gap, and helping each other solve problems. If we participate in an emotional reaction to a business's change, we will then be distracted and potentially hurt users and the Enterprise Linux ecosystem overall. By remaining focused on what is best (though not easiest), and adapting to the ecosystem as it is today, we will provide a better and more stable operating system.

LM: What opportunities does the ABI route offer over 1:1 compatibility?

bV: By liberating ourselves from the 1:1 promise, we have been able to do a few small things that have proven to be a good testing ground for what will come in the future. Specifically, we shipped a couple of smallish, but extremely important, security patches ahead of Red Hat, offering quicker security to the users of AlmaLinux... This also opens the door for other features and improvements that we could add back in or change, as our users need. We have already seen greater community involvement, especially around these ideas.

LM: Does the ABI route pose any extra challenges?

bV: The obvious one is that building from CentOS Stream sources takes more effort, but I think the more important challenge (and the one that will only be solved with consistency over time) is the one of proving that we will be able to deliver on the promise... We will continue on our goal of becoming the home for all users that need Enterprise Linux for free, but in the next year I expect that we will see an expansion in the number of kernels we support and see some new and exciting SIGs spun up around other features or use cases, as the community continues to standardize on how to achieve their goals collectively.
Linux magazine notes that in August AlmaLinux added two new repositories, Testing and Synergy. "Testing, currently available for AlmaLinux 8 and 9, offers security updates before they are approved and implemented upstream. Synergy contains packages requested by community members that currently aren't available in RHEL or Extra Packages for Enterprise Linux (EPEL, a set of extra software packages maintained by the Fedora SIG that are not available in RHEL or CentOS Stream)."

The article also points out that "On the upside, AlmaLinux can now include comments in their patches for greater transparency. Users will see where the patch comes from, which was not an option before."

Vasquez tells the magazine, "I think folks will be seriously happy about what they find as we release the new versions, namely, the consistency, stability, and security that they've come to expect from us."

ZDNet reports that "At the Linux Foundation's Open Source Summit Japan, Linus Torvalds and his good friend Dirk Hohndel, the head of Verizon open source, talked about the current state of Linux: Speaking of maintainers, Hohndel brought up the question of "maintainer fatigue and how draining and stressful this role is...." Torvalds replied, "It's much easier to find developers; we have a lot of developers. Some people think that you have to be a superdeveloper who can do everything to be a maintainer, but that's not actually true...."

Hohndel commented that the aging of the kernel community is a "double-edged sword." Torvalds agreed, but he noted that "one of the things I liked about the Rust side of the kernel, was that there was one maintainer who was clearly much younger than most of the maintainers. We can clearly see that certain areas in the kernel bring in more young people...."

Hohndel and Torvalds also talked about the use of the Rust language in the Linux kernel. Torvalds said, "It's been growing, but we don't have any part of the kernel that really depends on Rust yet. To me, Rust was one of those things that made technical sense, but to me personally, even more important was that we need to not stagnate as a kernel and as developers." That said, Torvalds continued, "Rust has not really shown itself as the next great big thing. But I think during next year, we'll actually be starting to integrate drivers and some even major subsystems that are starting to use it actively. So it's one of those things that is going to take years before it's a big part of the kernel. But it's certainly shaping up to be one of those."
Torvalds also said he enjoyed the fact that open source "has become the standard within the industry."

But later Hohndel, calling AI "autocorrect on steroids," asked Torvalds if he thought he'd ever see submissions of LLM-written code. "I'm convinced it's gonna happen. And it may well be happening already, maybe on a smaller scale where people use it more to help write code." But, unlike many people, Torvalds isn't too worried about AI. "It's clearly something where automation has always helped people write code. This is not anything new at all...."

But, "What about hallucinations?," asked Hohndel. Torvalds, who will never stop being a little snarky, said, "I see the bugs that happen without AI every day. So that's why I'm not so worried. I think we're doing just fine at making mistakes on our own."

An anonymous reader quotes a report from Ars Technica: Windows' infamous "Blue Screen of Death" is a bit of a punchline. People have made a hobby of spotting them out in the wild, and in some circles, they remain a byword for the supposed flakiness and instability of PCs. To this day, networked PCs in macOS are represented by beige CRT monitors displaying a BSOD. But the BSOD is supposed to be a diagnostic tool, an informational screen that technicians can use to begin homing in on the problem that caused the crash in the first place; that old Windows' BSOD error codes were often so broad and vague as to be useless doesn't make the idea a bad one. Today, version 255 of the Linux systemd project honors that original intent by adding a systemd-bsod component that generates a full-screen display of some error messages when a Linux system crashes.

The systemd-bsod component is currently listed as "experimental" and "subject to change." But the functionality is simple: any logged error message that reaches the LOG_EMERG level will be displayed full-screen to allow people to take a photo or write it down. Phoronix reports that, as with BSODs in modern Windows, the Linux version will also generate a QR code to make it easier to look up information on your phone.

"Red Hat is going to do away with the X.Org server and support Wayland and XWayland for apps that currently (or only) run on X11," writes Slashdot reader motang. Red Hat's Carlos Soriano Sanchez confirmed on the Red Hat blog: "The result of this evaluation is that, while there are still some gaps and applications that need some level of adaptation, we believe the Wayland infrastructure and ecosystem are in good shape, and that we're on a good path for the identified blockers to be resolved by the time RHEL 10 is out, planned to be released on the first half of 2025.

With this, we've decided to remove Xorg server and other X servers (except Xwayland) from RHEL 10 and the following releases. Xwayland should be able to handle most X11 clients that won't immediately be ported to Wayland, and if needed, our customers will be able to stay on RHEL 9 for its full life cycle while resolving the specifics needed for transitioning to a Wayland ecosystem. It's important to note that "Xorg Server" and "X11" are not synonymous, X11 is a protocol that will continue to be supported through Xwayland, while the Xorg Server is one of the implementations of the X11 protocol.
[...]
This decision will allow us to focus our efforts starting from RHEL 10 solely on a modern stack and ecosystem. This means we will be able to tackle problems such as HDR, increased security, setups with mixed low and high density displays or very high density displays, better GPU/Display hot-plugging, better gestures and scrolling, and so on. We are confident that Wayland will provide a solid platform and we're excited to work with the community and all of our partners and customers on building the future for Linux."

Last January the Register reported that the Budgie desktop environment was planning to switch from using GNOME to Enlightenment. But this week Budgie's project lead David Mohammed and packaging guru Sam Lane "passed on news of a rift — and indeed possible divorce — between Budgie and Enlightenment," the Register reported. "And it's caused by Wayland." The development team of the Budgie desktop is changing course and will work with the Xfce developers toward Budgie's Wayland future...

While Enlightenment does have some Wayland support, in the project's own words this is "still considered experimental and not for regular end users." Mohammed told us... "Progress though towards a full implementation currently doesn't fit into the deemed urgent nature to move to Wayland (Red Hat dropping further X11 development, and questions as to any organisation stepping up, etc.)"

So, instead, Budgie is exploring different ways to build a Wayland-only environment. For now, as we mentioned when looking at Ubuntu's 23.10 release, there's a new windowing library, Magpie. Magpie 0.9 is what the project describes as "a soft-fork of GNOME's mutter at version 43" — the term soft fork meaning it's a temporary means to an end, rather than intended to form an on-going independent continuation.

For the future, though, Mohammed told us... "[T]he Budgie team has been evaluating options to move forward. XFCE are doing some really great work in this area with libxfce4windowing — a compatibility layer bridging Wayland and X11, allowing the move in a logical direction without needing a big-bang approach. To date, most of the current codebase has already been reworked and is ready for a Wayland-only approach without impacting further development and enhancements."
Mohammed later told the Register, "It makes sense for the more dynamic smaller projects to work together where there are shared aims."

An anonymous reader shared this report from ZDNet: At the Linux Plumbers Conference, the invite-only meeting for the top Linux kernel developers, ByteDance Linux Kernel Engineer Cong Wang, proposed that we use AI and machine learning to tune the Linux kernel for the maximum results for specific workloads... There are thousands of parameters. Even for a Linux expert, tuning them for optimal performance is a long, hard job. And, of course, different workloads require different tunings for different sets of Linux kernel parameters... What ByteDance is working on is a first attempt to automate the entire Linux kernel parameter tuning process with minimal engineering efforts.

Specifically, ByteDance is working on tuning Linux memory management. ByteDance has found that with machine learning algorithms, such as Bayesian optimization, automated tuning could even beat most Linux kernel engineers. Why? Well, the idea, as Wang wryly put it, "is not to put Linux kernel engineers out of business." No, the goal is "to liberate human engineers from tuning performance for each individual workload. While making better decisions with historical data, which humans often struggle with. And, last, but never least, find better solutions than those we come up with using our current trial and error, heuristic methods.
In short, ByteDance's system optimizes resource usage by making real-time adjustments to things like CPU frequency scaling and memory management.

ZDNet shares on update on "Rust in Linux: Where we are and where we're going next," citing a talk at the Linux Plumbers Conference in Richmond, Virginia by Linux/Rust developer Miguel Ojeda: In brief, Rust Linux is continuing to mature and is getting strong support from developers and vendors, such as Cisco, Samsung, and Canonical... Rust is taking the steps it needs to become — along with C — a fully-fledged member of the Linux language toolchain... That's not to say that we're ready to retire C for Rust just yet. In fact, that day is unlikely ever to come. But Rust is definitely on its way to becoming an important language for Linux development...

As for the day-to-day work that's required to make Rust fully integrated with Linux, the "official" website of the initiative is now the self-explanatory Rust for Linux. This site is your one-stop source for all things Rust on Linux... However, the move forward has not been straightforward. Rust on Linux developers have discovered some problems along the way. For example, while deadlocks, when two or more threads are waiting on the other to finish, are safe in Rust, because they don't result in undefined behavior, they're not safe in the Linux kernel. The programmers are working on fixing this issue...

A related issue is that there's growing interest in backporting Rust support into long-term support (LTS) versions of Linux, specifically 5.15 and 6.1. Some people are especially showing interest in the super LTS Linux 6.1 kernel. However, Linux doesn't generally allow backports into LTS Linuxes. So, if you really, really want fully featured Rust support in an older LTS kernel, you're going to need to pay for it in one way or the other. Another general rule that Rust developers have decided they're going to try to "break" is the rule against duplicate drivers. Usually, no one wants anyone wasting time reinventing the wheel, but some maintainers are open to the idea of experimenting with Rust, by starting simple with a driver they're already familiar with...

These movements are small steps forward, but they're all critical for making Rust equal to C as a Linux programming language.

Canonical hosted an amusingly failure-filled demo of its new easy-to-install, Ubuntu-powered tool for building small-to-medium scale, on-premises high-availability clusters, Microcloud, at an event in London yesterday. From a report: The intro to the talk leaned heavily on Canonical's looming 20th anniversary, and with good reason. Ubuntu has carved out a substantial slice of the Linux market for itself on the basis of being easier to use than most of its rivals, at no cost -- something that many Linux players still seem not to fully comprehend. The presentation was as buzzword-heavy as one might expect, and it's also extensively based on Canonical's in-house tech, such as the LXD containervisor, Snap packaging, and, optionally, the Ubuntu Core snap-based immutable distro. (The only missing buzzword didn't crop up until the Q&A session, and we were pleased by its absence: it's not built on and doesn't use Kubernetes, but you can run Kubernetes on it if you wish.)

We're certain this is going to turn off or alienate a lot of the more fundamentalist Penguinistas, but we are equally sure that Canonical won't care. In the immortal words of Kevin Smith, it's not for critics. Microcloud combines several existing bits of off-the-shelf FOSS tech in order to make it easy to link from three to 50 Ubuntu machines into an in-house, private high-availability cluster, with live migration and automatic failover. It uses its own LXD containervisor to manage nodes and workloads, Ceph for distributed storage, OpenZFS for local storage, and OVN to virtualize the cluster interconnect. All the tools are packaged as snaps. It supports both x86-64 and Arm64 nodes, including Raspberry Pi kit, and clusters can mix both architectures. The event included several demonstrations using an on-stage cluster of three ODROID machines with "Intel N6005" processors, so we reckon they were ODROID H3+ units -- which we suspect the company chose because of their dual Ethernet connections.

In Raleigh, North Carolina — the home of Red Hat — local newspaper the News & Observer takes an in-depth look at the "announcement that split the open source software community." (Alternate URL here.) [M]any saw Red Hat's decision to essentially paywall Red Hat Enterprise Linux, or RHEL, as sacrilegious... Red Hat employees were also conflicted about the new policy, [Red Hat Vice President Mike] McGrath acknowledged. "I think a lot of even internal associates didn't fully understand what we had announced and why," he said...

At issue, he wrote, were emerging competitors who copied Red Hat Enterprise Linux, down to even the code's mistakes, and then offered these Red Hat-replicas to customers for free. These weren't community members adding value, he contended, but undercutting rivals. And in a year when Red Hat laid off 4% of its total workforce, McGrath said, the company could not justify allowing this to continue. "I feel that while this was a difficult decision between community and business, we're still on the right side of it," he told the News & Observer. Not everyone agrees...

McGrath offered little consolation to customers who were relying on one-for-one versions of RHEL. They could stay with the downstream distributions, find another provider, or pay for Red Hat. "I think (people) were just so used to the way things work," he said. "There's a vocal group of people that probably need Red Hat's level of support, but simply don't want to pay for it. And I don't really have... there's not much we can tell them."

Since its RHEL decision, Red Hat has secured several prominent partnerships. In September, the cloud-based software company Salesforce moved 200,000 of its systems from the free CentOS Linux to Red Hat Enterprise Linux. The same month, Red Hat announced RHEL would begin to support Oracle's cloud infrastructure. Oracle was one of the few major companies this summer to publicly criticize Red Hat for essentially paywalling its most popular code. On Oct. 24, Red Hat notched another win when the data security firm Cohesity said it would also ditch CentOS Linux for RHEL.
The article delves into the history of Red Hat — and of Linux — before culminating with this quote from McGrath. "I think long gone are the times of that sort of romantic view of hobbyists working in their spare time to build open source. I think there's still room for that — we still have that — but quite a lot of open source is now built from people that are paid full time."

Red Hat likes to point out that 90% of Fortune 500 companies use its services, according to the article. But it also quotes Jonathan Wright, infrastructure team lead at the nonprofit AlmaLinux, as saying that Red Hat played "fast and loose" with the GPL. The newspaper then adds that "For many open source believers, such a threat to its hallowed text isn't forgivable."

It happened a quarter of a century ago. The New York Times wrote that "An internal memorandum reflecting the views of some of Microsoft's top executives and software development managers reveals deep concern about the threat of free software and proposes a number of strategies for competing against free programs that have recently been gaining in popularity." The memo warns that the quality of free software can meet or exceed that of commercial programs and describes it as a potentially serious threat to Microsoft. The document was sent anonymously last week to Eric Raymond, a key figure in a loosely knit group of software developers who collaboratively create and distribute free programs ranging from operating systems to Web browsers. Microsoft executives acknowledged that the document was authentic...

In addition to acknowledging that free programs can compete with commercial software in terms of quality, the memorandum calls the free software movement a "long-term credible" threat and warns that employing a traditional Microsoft marketing strategy known as "FUD," an acronym for "fear, uncertainty and doubt," will not succeed against the developers of free software. The memorandum also voices concern that Linux is rapidly becoming the dominant version of Unix for computers powered by Intel microprocessors.

The competitive issues, the note warns, go beyond the fact that the software is free. It is also part of the open-source software, or O.S.S., movement, which encourages widespread, rapid development efforts by making the source code — that is, the original lines of code written by programmers — readily available to anyone. This enables programmers the world over to continually write or suggest improvements or to warn of bugs that need to be fixed. The memorandum notes that open software presents a threat because of its ability to mobilize thousands of programmers. "The ability of the O.S.S. process to collect and harness the collective I.Q. of thousands of individuals across the Internet is simply amazing," the memo states. "More importantly, O.S.S. evangelization scales with the size of the Internet much faster than our own evangelization efforts appear to scale."
Back in 1998, Slashdot's CmdrTaco covered the whole brouhaha — including this CNN article: A second internal Microsoft memo on the threat Linux poses to Windows NT calls the operating system "a best-of-breed Unix" and wonders aloud if the open-source operating system's momentum could be slowed in the courts.

As with the first "Halloween Document," the memo — written by product manager Vinod Valloppillil and another Microsoft employee, Josh Cohen — was obtained by Linux developer Eric Raymond and posted on the Internet. In it, Cohen and Valloppillil, who also authored the first "Halloween Document," appear to suggest that Microsoft could slow the open-source development of Linux with legal battles. "The effect of patents and copyright in combating Linux remains to be investigated," the duo wrote.
Microsoft's slogain in 1998 was "Where do you want to go today?" So Eric Raymond published the documents on his web site under the headline "Where will Microsoft try to drag you today? Do you really want to go there?"

25 years later, and it's all still up there and preserved for posterity on Raymond's web page — a collection of leaked Microsoft documents and related materials known collectively as "the Halloween documents." And Raymond made a point of thanking the writers of the documents, "for authoring such remarkable and effective testimonials to the excellence of Linux and open-source software in general."

Thanks to long-time Slashdot reader mtaht for remembering the documents' 25th anniversary...

Mozilla has some news for users of Debian-based Linux distributions (such as Debian, Ubuntu, Linux Mint, and others): installing, updating, and testing the latest Firefox Nightly builds just got a lot easier. We've set up a new APT repository for you to install Firefox Nightly as a .deb package... These packages are compatible with the same Debian and Ubuntu versions as our traditional binaries. If you've previously used our traditional binaries (distributed as .tar.bz2 archives), switching to Mozilla's APT repository allows Firefox to be installed and updated like any other application... You will not have to restart Firefox after updating the package with APT...

For those of you who would like to use Firefox Nightly in a different language than American English, we have also created .deb packages containing the Firefox language packs.
Some context from 9to5Linux: Back in April, I reported that Mozilla was offering a DEB package of the Firefox 113 release during the beta testing phase. Unfortunately, that was the only time a DEB package was available for download and, of course, it didn't make it into the final release of Firefox 113, nor future releases. It would appear that Mozilla needed more time to work on the DEB package for Debian and Ubuntu-based distributions, and it looks like it will finally become a thing starting with an upcoming Firefox release, like Firefox 121 or later...

Using the DEB package over Snap or the official binary package offers some benefits like better performance due to advanced compiler-based optimizations, hardened binaries with all security flags enabled, access to the latest Firefox releases as fast as possible [because the .deb is integrated into Firefox's release process], and you won't have to create your own .desktop file anymore.

Long-time Slashdot reader williamyf writes: In the ongoing battle between Red Hat and other "Enterprise Linux -- RHEL compatible" distros, today the OpenELA (Open Enterprise Linux Association), a body Consisting of CIQ (stewards of Rocky Linux), Oracle and Suse, released source code for a generic "Enterprise Linux Distro" (Sources available for RHEL 8 and RHEL 9). A Steering committee for the foundation was also formed.

War between Red Hat and what they call "clones" (mostly Oracle; CentOS, Rocky, Alma and others seem to be collateral damage) has been raging on for years. First, in 2011, Red Hat changed the way they distributed kernel patches. Then, in 2014, Red Hat absorbed CentOS. In 2019 Red Hat transformed CentOS to CentOS stream, and shortened support Timetables for CentOS 8, all out of the blue. Then, in 2023, RedHat severely restricted source code access to non-customers.

What will be RedHat's reaction to this development? My bet is that they will stop to release source code of distro modules under BSD, MIT, APACHE and MPL Licenses for RHEL and in certain Windows for CentOS Stream. What is your bet? Let us know in the comments.

Officially, Intel's Itanium chips and their IA-64 architecture died back in 2021, when the company shipped its last processors. But failed technology often dies a million little deaths. From a report: To name just a few: Itanium also died in 2013, when Intel effectively decided to stop improving it; in 2017, when the last new Itanium CPUs shipped; in 2020, when the last Itanium-compatible version of Windows Server stopped getting updates; and in 2003, when AMD introduced a 64-bit processor lineup that didn't break compatibility with existing 32-bit x86 operating systems and applications.

Itanium is dying another death in the next version of the Linux kernel. According to Phoronix, all code related to Itanium support is being removed from the kernel in the upcoming 6.7 release after several months of deliberation. Linus Torvalds removed some 65,219 lines of Itanium-supporting code in a commit earlier this week, giving the architecture a "well-earned retirement as planned."

An anonymous reader shares a report: When Mike McGrath, Red Hat's Red Hat Core Platforms vice president, announced that Red Hat was putting new restrictions on who could access Red Hat Enterprise Linux (RHEL)'s code, other Linux companies that depended on RHEL's code for their own distro releases were, in a word, unhappy. Three of them, CIQ, Oracle, and SUSE, came together to form the Open Enterprise Linux Association (OpenELA). Their united goal was to foster "the development of distributions compatible with Red Hat Enterprise Linux (RHEL) by providing open and free enterprise Linux source code." Now, the first OpenELA code release is available.

As Thomas Di Giacomo, SUSE's chief technology and product officer, said in a statement, "We're pleased to deliver on our promise of making source code available and to continue our work together to provide choice to our customers while we ensure that Enterprise Linux source code remains freely accessible to the public." Why are they doing this? Gregory Kurtzer, CIQ's CEO, and Rocky Linux's founder, explained: "Organizations worldwide standardized on CentOS because it was freely available, followed the Enterprise Linux standard, and was well supported. After CentOS was discontinued, it left not only a gaping hole in the ecosystem but also clearly showed how the community needs to come together and do better. OpenELA is exactly that -- the community's answer to ensuring a collaborative and stable future for all professional IT departments and enterprise use cases."

Richard Speed reports via The Register: Asahi Linux, a project to port Linux to Apple Silicon Macs, has reported a combination of bugs in Apple's macOS that could leave users with hardware in a difficult-to-recover state. The issues revolve around how recent versions of macOS handle refresh rates, and MacBook Pro models with ProMotion displays (the 14 and 16-inch versions) are affected. According to the Asahi team, the bugs lurk in the upgrade and boot process and, when combined, can create a condition where a machine always boots to a black screen, and a Device Firmware Update (DFU) recovery is needed.

Asahi Linux's techies have looked into the issue, having first suspected it had something to do with either having an Asahi Linux installation on a Mac and then upgrading to macOS Sonoma or installing Asahi Linux after a Sonoma upgrade. However, the issue appears to be unconnected to the project. The team said: "As far as we can tell, ALL users who upgraded to Sonoma the normal way have an out-of-date or even broken System RecoveryOS, and in particular MacBook Pro 14" and 16" owners are vulnerable to ending up with a completely unbootable system." While this might sound alarming, the team was at pains to assure users that data was not at risk and only certain versions of macOS were affected -- Sonoma 14.0+ and Ventura 13.6+.

The first bug is related to macOS Sonoma using the previously installed version as System Recovery, which can cause problems when an older RecoveryOS runs into newer firmware. The second occurs if a display is configured to a refresh rate other than ProMotion. According to the Asahi Linux team, the system will no longer be able to boot into old macOS installs or Asahi Linux. "This includes recovery mode when those systems are set as the default boot OS, and also System Recovery at least until the next subsequent OS upgrade." The team noted: "Even users with just 13.6 installed single-boot are affected by this issue (no Asahi Linux needed).

"We do not understand how Apple managed to release an OS update that, when upgraded to normally, leaves machines unbootable if their display refresh rate is not the default. This seems to have been a major QA oversight by Apple."

The new open-source, copy-on-write file system known as Bcachefs has been successfully merged into the Linux 6.7 kernel. "Given the past struggles to get Bcachefs mainlined, I certainly didn't expect to see Linus Torvalds act so soon on merging it," writes Phoronix's Michael Larabel. "But after it spent all of the 6.6 cycle within Linux-Next, overnight Linus Torvalds did in fact land this new file-system developed by Kent Overstreet."

From a Slashdot story published on Friday August 21, 2015: Bcachefs is a new open-source file-system derived from the bcache Linux kernel block layer cache. Bcachefs was announced by Kent Overstreet, the lead Bcache author. Bcachefs hopes to provide performance like XFS/EXT4 while having features similar to Btrfs and ZFS. The bachefs on-disk format hasn't yet been finalized and the code isn't yet ready for the Linux kernel. That said, initial performance results are okay and "It probably won't eat your data -- but no promises." Features so far for Bcachefs are support for multiple devices, built-in caching/tiering, CRC32C checksumming, and Zlib transparent compression. Support for snapshots is to be worked on.

"The work started on Wayland," the Linux Mint project announced in their monthly newsletter.

An anonymous reader shared this report from 9to5Linux about an upcoming new option in the Ubuntu-based distro: Linux Mint 21.3 [planned for Christmas of 2023] will be the first Linux Mint release to offer a Wayland session, but in an experimental state. The default session will still be the X11 one, but users who want to try Wayland can do so by selecting the "Cinnamon on Wayland" session from the login screen.

"The Wayland session won't be as stable as the default one. It will lack features and it will come with its own limitations. We won't recommend it but you'll be able to give it a shot if you want to and it'll be there for interested people if they want to give us feedback," said Linux Mint project leader Clement Lefebvre.

I said that "2024 is the year of the Wayland desktop", but Clement Lefebvre doesn't think Linux Mint needs Wayland support before 2026... By that time, I believe Xfce will also be fully Wayland compatible so that Linux Mint can fully switch to Wayland by default.
The newsletter says the 2026 target "leaves us two years to identify and to fix all the issues. It's something we'll continue to work on.

"Whenever it happens, assuming it does, we'll consider switching defaults. We'll use the best tools to do the job and provide the best experience. Today that means Xorg. Tomorrow it might mean Wayland. We'll be ready and compatible with both."

Long-time Slashdot reader CJSHayward shares "an attempt at Python virtual shell."

The home-brewed project "mixes your native shell with Python with the goal of letting you use your regular shell but also use Python as effectively a shell scripting language, as an alternative to your shell's built-in scripting language... I invite you to explore and improve it!"

From the web site: The Python Virtual Shell (pvsh or 'p' on the command line) lets you mix zsh / bash / etc. built-in shell scripting with slightly modified Python scripting. It's kind of like Brython [a Python implementation for client-side web programming], but for the Linux / Unix / Mac command line...

The core concept is that all Python code is indented with tabs, with an extra tab at the beginning to mark Python code, and all shell commands (including some shell builtins) have zero tabs of indentation. They can be mixed line-by-line, offering an opportunity to use built-in zsh, bash, etc. scripting or Python scripting as desired.

The Python is an incomplete implementation; it doesn't support breaking a line into multiple lines. Nonetheless, this offers a tool to fuse shell- and Python-based interactions from the Linux / Unix / Mac command line.

Last week the Linux Foundation announced its Civil Infrastructure Platform project "has expanded its super-long-term stable kernel program with a 6.1-based series.

"Just like for the previously started kernel series (4.4-cip, 4.19-cip and 5.10-cip), the project is committed to maintaining the 6.1-cip kernel for a minimum of 10 years after its initial release." The Civil Infrastructure Platform project is establishing an open source base layer of industrial grade Linux to enable the use and implementation of software building blocks for civil infrastructure. The project's kernels are maintained like regular long-term-stable kernels, and developers of the CIP kernel are also involved in long-term-stable kernel review and testing.

While regular long-term-stable kernels are moving back to 2 years maintenance, CIP kernels are set up for 10 years. In order to enable this extended lifetime, CIP kernels are scoped-down in actively supported kernel features and target architecture. At the same time, CIP kernels accept non-invasive backports from newer mainline kernels that enable new hardware...

"The CIP kernels are developed and reviewed with the same meticulous attention as regular Long-Term-Stable kernels," said Yoshi Kobayashi, Technical Steering Committee Chair at the CIP project. "Our developers actively participate in reviewing and testing long-term-stable kernels, contributing to the overall quality and security of the platform. A key highlight is our work on the IEC 62443 security standard, aimed at fortifying the resilience of critical infrastructure systems."

"As 2023 comes to a close, the CIP project has stood as a beacon of stability and innovation, with a commitment to driving collaboration to strengthen this essential initiative," said Urs Gleim, Governing Board Chair at the CIP project...

The Civil Infrastructure Platform is driving open source collaboration and innovation around industrial grade software for prodúcts used in industrial automation and for civil infrastructure, such as trains and power grids. To learn more about the CIP project, including how to get involved and contribute, please visit our booth at the Linux Foundation Open Source Summit Japan, December 5 — 6, or visit our website.

Linus Torvalds has said he bought a Dell XPS-13 with Ubuntu Linux for his daughter. Now ZDNet shares some trivia from the history of "the most well-known Linux laptop," citing a presentation by Barton George, Dell Technologies' Developer Community manager, at the Linux/open-source conference All Things Open: First, however, you should know that Dell has supported Linux desktops and laptops since the middle 2000s. In 2006, Michael Dell told me that Dell would be the first major PC vendor to release and support desktop Linux — and this proved to be a success. Barton George explained that Dell had always done great volume with these computers. Not volume, like the Windows machines, of course, but enough that Dell has always offered Linux-based — primarily Red Hat Enterprise Linux (RHEL) powered — workstations.

Still, none of these machines really appealed to developers... George announced on his personal blog what Dell was planning, and his traffic went from 60 views a day to 15,000. Then, as now, there's a lot of interest in laptops that come with Linux ready to go... Dell got together with Canonical, Ubuntu Linux's parent company, to make sure all the drivers were in place for a top-notch Ubuntu Linux developer desktop experience. Indeed, the name 'Project Sputnik' is a nod to Mark Shuttleworth, Ubuntu founder and Canonical CEO. A decade before the project itself, Shuttleworth had spent eight days orbiting the Earth in a Soviet Soyuz spacecraft. George and the crew decided "Soyuz" didn't have an inspiring ring to it, so the company went with "Sputnik" instead.

George continued: "We announced a beta program for the machine with a 10% off offer. We thought, well, we'll probably get 300 people. Instead, we got 6,000. This is where senior management said OK, you've got something real."

AlmaLinux is creating a Red Hat Enterprise Linux (RHEL) without any Red Hat code. Instead, AlmaLinux OS will aim to be Application Binary Interface (ABI) compatible and use the CentOS Stream source code that Red Hat continues to offer. Additional code is pulled from Red Hat Universal Base Images, and upstream Linux code. Benny Vasquez, chairperson of the AlmaLinux OF Foundation, explained how all this works at the open-source community convention All Things Open. ZDNet's Steven Vaughan-Nichols reports: The hardest part is Red Hat's Linux kernel updates because, added Vasquez, "you can't get those kernel updates without violating Red Hat's licensing agreements." Therefore, she continued, "What we do is we pull the security patches from various other sources, and, if nothing else, we can find them when Oracle releases them." Vasquez did note one blessing from this change in production: "AlmaLinux, no longer bound to Red Hat's releases, has been able to release upstream security fixes faster than Red Hat. "For example, the AMD microcode exploits were patched before Red Hat because they took a little bit of extra time to get out the door. We then pulled in, tested, and out the door about a week ahead of them." The overall goal remains to maintain RHEL compatibility. "Any breaking changes between RHEL and AlmaLinux, any application that stops working, is a bug and must be fixed."

That's not to say AlmaLinux will be simply an excellent RHEL clone going forward. It plans to add features of its own. For instance, Red Hat users who want programs not bundled in RHEL often turn to Extra Packages for Enterprise Linux (EPEL). These typically are programs included in Fedora Linux. Besides supporting EPEL software, AlmaLinux has its own extra software package -- called Synergy -- which holds programs that the AlmaLinux community wants but are not available in either EPEL or RHEL. If one such program is subsequently added to EPEL or RHEL, AlmaLinux drops it from Synergy to prevent confusion and duplication of effort.

This has not been an easy road for AlmaLinux. Even a 1% code difference is a lot to write and maintain. For example, when AlmaLinux tried to patch CentOS Stream code to fix a problem, Red Hat was downright grumpy about AlmaLinux's attempt to fix a security hole. Vasquez acknowledged it was tough sledding at first, but noted: "The good news is that they have been improving the process, and things will look a little bit smoother." AlmaLinux, she noted, is also not so much worried as aware that Red Hat may throw a monkey wrench into their efforts. Vasquez added: "Internally, we're working on stopgap things we'd need to do to anticipate Red Hat changing everything terribly." She doesn't think Red Hat will do it, but "we want to be as prepared as possible."

An anonymous reader shared this article from the Linux blog OMG! Ubuntu: The System Monitor app Ubuntu comes with does an okay job of letting you monitor system resources and oversee running processes — but it does look dated... [T]he app's graphs and charts are tiny, compact, and lack the glanceability and granular-detail that similar tools on other systems offer.

Thankfully, there are plenty of ace System Monitor alternatives available on Linux, with the Rust-based Resources being the latest tool to the join the club. And it's a real looker... Resources shows real-time graphs showing the utilisation of core system components... You can also see a [sortable and searchable] list of running apps and processes, which are separated in this app.
It's also possible to select a refresh interval "from very slow/slow/normal/fast/very fast (though tempting to select, 'very fast' can increase CPU usage)." And selecting an app or process "activates a big red button you can click to 'end' the app/process (a submenu has options to kill, halt, or continue the app/process instead)..."

"If you don't like the 'Windows-iness' of Mission Center — which you may have briefly spotted it in my Ubuntu 23.10 release video — then Resources is a solid alternative."

T2 SDE is not just a Linux distribution, but "a flexible Open Source System Development Environment or Distribution Build Kit," according to a 2022 announcement of its support for 25 CPU architectures, variants, and C libraries. ("Others might even name it Meta Distribution. T2 allows the creation of custom distributions with state of the art technology, up-to-date packages and integrated support for cross compilation.")

And while working on it, Berlin-based T2 Linux developer René Rebe (long-time Slashdot reader ReneR) discovered random illegal instruction speculation on AMD Ryzen 7000-Series and Epyc Zen 4 CPU.

ReneR writes: Merged to Linux 6.6 Git is a fix for the bug now known at AMD as Erratum 1485.

The discovery was possible through continued high CPU load cross-compiling the T2 Linux distribution with support for all CPU architectures from ARM, MIPS, PowerPC, RISC-V to x86 (and more) for 33 build variants. With sustained high CPU load and various instruction sequences being compiled, pseudo random illegal instruction errors were observed and subsequently analyzed.

ExactCODE Research GmbH CTO René Rebe is thrilled that working with AMD engineers lead to a timely mitigation to increase system stability of the still new and highest performance Zen4 platform.
"I found real-world code that might be similar or actually trigger the same bugs in the CPU that are also used for all the Spectre Meltdown and other side-channel security vulnerability mitigations," Rebe says in a video announcement on YouTube.

It took Rebe a tremendous amount of research, and he says now that "all the excessive work changed my mind. Mitigations equals considered harmful... If you want stable, reliable computational results — no, you can't do this. Because as Spectre Meltdown and all the other security issues have proven, the CPUs are nowadays as complex as complex software systems..."

SpzToid writes: Ubuntu 23.10, codenamed Mantic Minotaur, is the 39th Ubuntu release, and it's one of the three smaller interim releases Canonical puts out between long-term support (LTS) versions. This last interim before the next LTS doesn't stand out with bold features you can identify at a glance. But it does set up some useful options and upgrades that should persist in Ubuntu for some time.

Two of the biggest changes in Ubuntu 23.10 are in the installer. Ubuntu now defaults to a "Default installation," which is quite different from what the "default" was even just one release prior. "Default" is described as "Just the essentials, web browser, and basic utilities," while "Full" is "An offline-friendly selection of office tools, utilities, web browser, and games." "Default" is somewhat similar to what "Minimal" used to be in prior versions, while "Full" is intended for those who are offline or have slow connections or just want as many options as possible right away.

Elsewhere in the installer, you can now choose ZFS as your primary file system. There's also an experimental option to set up Trusted Platform Module (TPM) full-disk encryption rather than rely entirely on passphrases to encrypt your disk. This brings Ubuntu up to speed with Windows in offering a way to both secure your system and find out the hard way that you lack a backup key to get in after messing with your boot options. (Kidding! Somewhat.)

Michael Larabel reports via Phoronix: For those making use of GPU-accelerated AV1 video encoding with the latest AMD Radeon graphics hardware on Linux, the upcoming Mesa 23.3 release will support the high-quality AV1 preset for offering higher quality encodes. Merged this week to Mesa 23.3 are the RadeonSI Video Core Next (VCN) changes for supporting the high quality AV1 encoding mode preset.

Mesa 23.3 will be out as stable later this quarter for those after slightly higher quality AV1 encode support for Radeon graphics on this open-source driver stack alongside many other recent Mesa driver improvements especially on the Vulkan side with Radeon RADV and Intel ANV.

Hell freezes over and pigs fly south to their winter feeding grounds. Microsoft has published guidance on how to download and install Linux. From a report: The Seattle-area proprietary OS vendor has published a helpful guide entitled "How to download and install Linux," inspiring reactions from incredulity to amusement. In the humble opinion of The Reg FOSS Desk, it really isn't bad at all. Microsoft suggests four alternative installation methods: using Windows Subsystem for Linux 2, using a local VM, using a cloud VM, or on bare metal. It almost feels cruel to criticize it, but it seems that this really amounts to two methods. WSL version 2 is a VM. It's right there in the screenshots, where it says:

Installing: Virtual Machine Platform
Virtual Machine Platform has been installed.

So the choices boil down to either on the metal, or in a VM. That leaves only the question of what kind of VM: the built-in one, an add-on VM, or a cloud VM. Perhaps the subtext of the article is something more subtle. Could it be a tacit admission that you might need a free-of-charge OS for your PC? The Windows 10 upgrade program that began back in 2015 was meant to end a year later. In fact, it didn't. We described a documented workaround in 2016, but the free upgrades continued to work, even in 2020. Which? magazine reported it was still working in July 2023.

Thursday ZDNet reported... As security holes go, CVE-2023-4911, aka "Looney Tunables," isn't horrid. It has a Common Vulnerability Scoring System score of 7.8, which is ranked as important, not critical.

On the other hand, this GNU C Library's (glibc) dynamic loader vulnerability is a buffer overflow, which is always big trouble, and it's in pretty much all Linux distributions, so it's more than bad enough. After all, its discoverers, the Qualys Threat Research Unit, were able to exploit "this vulnerability (a local privilege escalation that grants full root privileges) on the default installations of Fedora 37 and 38, Ubuntu 22.04 and 23.04, and Debian 12 and 13." Other distributions are almost certainly vulnerable to attack. The one major exception is the highly secure Alpine Linux. Thanks to this vulnerability, it's trivial to take over most Linux systems as a root user. As the researchers noted, this exploitation method "works against almost all of the SUID-root programs that are installed by default on Linux...."

The good news is that Red Hat, Ubuntu, Debian, and Gentoo have all released their own updates. In addition, the upstream glibc code has been patched with the fix. If you can't patch it, Red Hat has a script that should work on most Linux systems to mitigate the problem by setting your system to terminate any setuid program invoked with GLIBC_TUNABLES in the environment.

It started when Linux blogger Bryan Lunduke complained about how the Linux Foundation was reducing the six-year long-term support (LTS) window for the Linux kernel to two years. Lunduke argued that the Foundation seemed more interested in funding compliance best practices — as well as artificial intelligence and blockchain projects.

In an online discussion, Linux kernel maintainer Greg Kroah-Hartman had this response: Did anyone think to actually ask the developer who is maintaining the long-term support kernel versions why he made that change (back in February?), i.e. me...? No, I guess that would take too much effort, and wouldn't result in such a click-bait headline.

"LTS kernels are no longer supported for 6 years because it turns out no one used them." doesn't have that same fun sound... In a second comment Kroah-Hartman also clarified that in fact "The amount of resources and other stuff that the Linux Foundation provides to the Linux kernel community has increased over the years, including last year. " Just because new people are brought in with new projects (that the LF member companies want to host) does not mean that somehow less is being given to the kernel community at all. It is not a zero-sum game here at all, that's not how the LF works in any way.

Again, this would have been easy to verify if someone just asked us.

So to repeat, no "abandonment" is happening here at all, the opposite is happening, just like it has for the entirety of the Linux Foundation's existence, support has grown every year.
Thanks to long-time Slashdot reader whoever57 for sharing the news.

An anonymous reader quotes a report from ZDNet: Microsoft's proprietary protocol, Remote Network Driver Interface Specification (RNDIS), started with a good idea. It would enable hardware vendors to add networking support to USB devices without having to build them from scratch. There was only one little problem. RNDIS has no security to speak of. As Greg Kroah-Hartman, the Linux Foundation fellow responsible for stable Linux kernel releases, wrote in November 2022 on the Linux Kernel Mailing List (LKML), "The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all RNDIS drivers to prevent anyone from using them again."

He added, in another message, "The protocol was never designed to be used with untrusted devices. It was created, and we implemented support for it, when we trusted USB devices that we plugged into our systems, AND we trusted the systems we plugged our USB devices into." That's no longer the case. Kroah-Hartman concluded, "Today, with untrusted hosts and devices, it's time just to retire this protocol. As I mentioned in the patch comments, Android disabled this many years ago in their devices, with no loss of functionality."

[...] But now, sick and tired of having a built-in Windows security exploit in Linux, Kroah-Hartman has decided that enough was enough. He's disabled all the RNDIS protocol drivers in Linux's Git repository. That means that while the RNDIS code is still in the Linux kernel, if you try to build Linux using this new patch, all your RNDIS drivers will be broken and won't build. This is one step short of purging RNDIS from Linux.

Yesterday the "temporary suspension" of automatic Snap registrations was announced on Canonical's Snapcraft forum by developer advocate Igor Ljubuncic, after what was described as a "security incident". On September 28, 2023, the Snap Store team was notified of a potential security incident. A number of snap users reported several recently published and potentially malicious snaps. As a consequence of these reports, the Snap Store team has immediately taken down these snaps, and they can no longer be searched or installed. Furthermore, the Snap Store team has placed a temporary manual review requirement on all new snap registrations, effectively immediately...

We apologize for any inconvenience this may cause our snap publishers and developers. However, we believe it is the most prudent action at this moment. We want to thoroughly investigate this incident without introducing any noise into the system, and more importantly, we want to make sure our users have a safe and trusted experience with the Snap Store. Please bear with us while we conduct our investigation. We will provide a more detailed update in the coming days.
Some background from the Linux blog OMG Ubuntu: This isn't the first time the Snap Store has had issues with icky uploads. In 2018 an innocuous-sounding app hid crypto-mining capabilities unbeknownst to users. Not disclosing this in its description rendered it malware (Canonical later clarified to say crypto-miners are allowed so long as they're disclosed).

In this instance it appears that folks have uploaded apps purporting to be official apps/tools for crypto ledger tool Ledger and these apps were able to get folks backups codes (which people enter thinking it's legit) and ...the bad actors can use that to extract funds.

Liam Proven writes via The Register: Steam OS is the Arch-based distro for a handheld Linux games console, and Valve is aggressively pushing Linux's usability and Windows interoperability for the device. Two unusual companies, Valve Software and Igalia, are working together to improve the Linux-based OS of the Steam Deck handheld games console. The device runs a Linux distro called Steam OS 3.0, but this is a totally different distro from the original Steam OS it announced a decade ago. Steam OS 1 and 2 were based on Debian, but Steam OS 3 is based on Arch Linux, as Igalia developer Alberto Garcia described in a talk entitled How SteamOS is contributing to the Linux ecosystem.

He explained that although Steam OS is built from some fairly standard components -- the normal filesystem hierarchy, GNU user space, systemd and dbus -- Steam OS has quite a few unique features. It has two distinct user interfaces: by default, it starts with the Steam games launcher, but users can also choose an option called Switch to Desktop, which results in a regular KDE Plasma desktop, with the ability to install anything: a web browser, normal Linux tools, and non-Steam games.

Obviously, though, Steam OS's raison d'etre is to run Steam games, and most of those are Windows games which will never get native Linux versions. Valve's solution is Proton, an open-source tool to run Windows games on Linux. It's formed from a collection of different FOSS packages, notably: [Wine, DXVK, VKD3D-Proton, and GStreamer]. The result is a remarkable degree of compatibility for some of the most demanding Windows apps around [...]. You can view Garcia's 49-page presentation here (PDF).

slack_justyb writes: Richard Stallman revealed his diagnosis of lymphoma at the GNU Hacker's meeting in Biel, Switzerland yesterday. He did not share much about his health condition but did indicate that it is "manageable" and that he expects to be around for many more years ahead.

An anonymous reader shares a report: The Cloud Native Computing Foundation has returned to Shanghai for the city's first Kubecon since the pandemic. During a keynote that switched languages several times, demonstrating the challenges faced by both AI and human translators in keeping up, Jim Zemlin, executive director of the Linux Foundation, threw out several crowd-pleasing statistics while also highlighting some projects likely to make one or two companies squirm a little. On the statistics front, Zemlin joked that the Linux Foundation was likely the largest software company in the world, noting that if one took an average software developer's salary -- he put the worldwide mean as being $40,000 -- and multiplied it by the number of developers contributing to the foundation, the payroll would come to around $26 billion -- more than Microsoft's $24 billion R&D payroll.

The statistic was somewhat tongue in cheek as Zemlin pointed out that none of the developers working on Linux Foundation projects actually work for the Linux Foundation. However, the sheer quantity of engineers involved highlighted another issue noted by Zemlin: the "paradox of choice" when selecting the correct open source project for a given purpose when the number on offer reaches the hundreds, thousands, and beyond. Reflecting the increasing maturity of some elements of the open source world, he also emphasized the opportunities for companies to increase revenues and profits through the use of open source. WeChat, Alibaba, and Huawei all received nods -- unsurprising considering the location -- as Zemlin noted a virtuous circle whereby improvements go back into projects, meaning better profits, meaning more improvements, and so on. It all sounded very utopian, although darkening clouds were signaled by the addition of OpenTofu to the list of projects Zemlin was keen to boast about, including open source efforts around large language models.

An anonymous reader shared this report from Phoronix: One of the new features merged for the Linux 6.6 kernel was multi-grained timestamps for the VFS layer and wiring it up for the EXT4, Btrfs, XFS, and Tmpfs file-systems. This alternative though to coarse-grained timestamps ended up exposing some problems and this week ahead of Linux 6.6-rc3, the feature has been stripped entirely from the kernel.

Multi-grain timestamps were intended for addressing cases where the current coarse-grained timestamps can be ineffective for updating creation/modification times with a lot of I/O potentially happening within the once per jiffy timestamp... Multi-grained timestamps though were only to be selectively enabled to avoid the performance overhead.

Christian Brauner of Microsoft who originally submitted the feature for Linux 6.6 went ahead and submitted the pull request, which has already been honored, for dropping the short-lived kernel feature... "As there are multiple solutions discussed the honest thing to do here is not to fix this up or disable it but to cleanly revert. The general infrastructure will probably come back but there is no reason to keep this code in mainline."

An anonymous reader quotes a report from TechCrunch: When HashiCorp announced it was changing its Terraform license in August, it set off a firestorm in the open source community, and actually represented an existential threat to startups that were built on top of the popular open source project. The community went into action and within weeks they had written a manifesto, and soon after that launched an official fork called OpenTF. Today, that group went a step further when the Linux Foundation announced OpenTofu, the official name for the Terraform fork, which will live forever under the auspices of the foundation as an open source project. At the same time, the project announced it would be applying for entry into the Cloud Native Computing Foundation (CNCF).

"OpenTofu is an open and community-driven response to Terraform's recently announced license change from a Mozilla Public License v2.0 (MPLv2) to a Business Source License v1.1 providing everyone with a reliable, open source alternative under a neutral governance model," the foundation said in a statement. The name is deliberately playful says Yevgeniy (Jim) Brikman from the OpenTofu founding team, who is also co-founder of Gruntwork. "I'm glad your reaction was to laugh. That's a good thing. We're trying to keep things a little more humorous," Brikman told TechCrunch, but the group is dead serious when it comes to building an open fork. [...]

"The first thing was to get an alpha release out there. So you can go to the OpenTofu website and download OpenTofu and start using it and trying it out," he said. "Then the next thing is a stable release. That's coming in the very near future, but there's work to do. Once you have a stable release, people can start using it. Then we can start growing adoption, and once we start growing adoption, some of the big players will start stepping in when some of the big players start stepping in other big players will start stepping in as well."

At the Open Source Summit Europe in Bilbao, Spain, the Linux Foundation this week announced the launch of the Unified Acceleration (UXL) Foundation. The group's mission is to deliver "an open standard accelerator programming model that simplifies development of performant, cross-platform applications." From a report: The foundation's founding members include the likes of Arm, Fujitsu, Google Cloud, Imagination Technologies, Intel, Qualcomm and Samsung. The company most conspicuously missing from this list is Nvidia, which offers its own CUDA programming model for working with its GPUs. At its core, this new foundation is an evolution of the oneAPI initiative, which is also aimed to create a new programming model to make it easier for developers to support a wide range of accelerators, no matter whether they are GPUs, FPGAs or other specialized accelerators. Like with the oneAPI spec, the aim of the new foundation is to ensure that developers can make use of these technologies without having to delve deep into the specifics of the underlying accelerators and the infrastructure they run on.

Steven Vaughan-Nichols writes via ZDNet: BILBAO, Spain: At the Open Source Summit Europe, Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News, caught everyone up with what's new in the Linux kernel and where it's going from here. Here's one major change coming down the road: Long-term support (LTS) for Linux kernels is being reduced from six to two years.

Currently, there are six LTS Linux kernels -- 6.1, 5.15, 5.10, 5.4, 4.19, and 4.14. Under the process to date, 4.14 would roll off in January 2024, and another kernel would be added. Going forward, though, when the 4.14 kernel and the next two drop off, they won't be replaced. Why? Simple, Corbet explained: "There's really no point to maintaining it for that long because people are not using them." I agree. While I'm sure someone out there is still running 4.14 in a production Linux system, there can't be many of them.

Another reason, and a far bigger problem than simply maintaining LTS, according to Corbet, is that Linux code maintainers are burning out. It's not that developers are a problem. The last few Linux releases have involved an average of more than 2,000 programmers -- including about 200 new developers coming on board -- working on each release. However, the maintainers -- the people who check the code to see if it fits and works properly -- are another matter.

Researchers have discovered a never-before-seen backdoor for Linux that's being used by a threat actor linked to the Chinese government. From a report: The new backdoor originates from a Windows backdoor named Trochilus, which was first seen in 2015 by researchers from Arbor Networks, now known as Netscout. They said that Trochilus executed and ran only in memory, and the final payload never appeared on disks in most cases. That made the malware difficult to detect. Researchers from NHS Digital in the UK have said Trochilus was developed by APT10, an advanced persistent threat group linked to the Chinese government that also goes by the names Stone Panda and MenuPass.

Other groups eventually used it, and its source code has been available on GitHub for more than six years. Trochilus has been seen being used in campaigns that used a separate piece of malware known as RedLeaves. In June, researchers from security firm Trend Micro found an encrypted binary file on a server known to be used by a group they had been tracking since 2021. By searching VirusTotal for the file name, ââlibmonitor.so.2, the researchers located an executable Linux file named "mkmon." This executable contained credentials that could be used to decrypt the libmonitor.so.2 file and recover its original payload, leading the researchers to conclude that "mkmon" is an installation file that delivered and decrypted libmonitor.so.2.

The Linux malware ported several functions found in Trochilus and combined them with a new Socket Secure (SOCKS) implementation. The Trend Micro researchers eventually named their discovery SprySOCKS, with "spry" denoting its swift behavior and the added SOCKS component. SprySOCKS implements the usual backdoor capabilities, including collecting system information, opening an interactive remote shell for controlling compromised systems, listing network connections, and creating a proxy based on the SOCKS protocol for uploading files and other data between the compromised system and the attacker-controlled command server.

Slashdot reader Leading Edge Boomer wants to help "a retired friend whose personal computing has always been with Windows."

But recently, they were gifted a laptop that's running "some version of Linux..." Probably he's not even aware that there are different distributions for different purposes. He seems open to learning about this different world. What recommendations might Slashdot readers have to bring him up to speed as a competent Linux user? I really don't want to hold his hand, and he's smart enough to learn on his own.
"Mint is the answer," argues long-time Slashdot reader denisbergeron. "First make him use Mint, because it's easy and there a lot of documentation and the community is very strong."

But long-time Slashdot reader spaceman375 thinks they can solve the problem with just three letters. "Show him the man command. When he feels confident, or breaks it pretty hard, then I'd agree — install mint and go from there. But start with man."

Is that it? Is it as simple as that? Share your own thoughts and opinions in the comments — along with your learning tools for beginners.

What's the best Linux resource for a retired Windows user?