OSnews

If you haven't already heard of Beeper, welcome! Beeper is a universal chat app for Android, iOS and desktop. Our goal is to build the best chat app on earth. Beeper is built on an open source chat protocol called Matrix. Over time, we'll help people migrate from proprietary, siloed chat networks to an open standard for chat. If you're interested in learning about this, we've written more about our intentions. Beeper team Beeper is just great. Because I'm European and have ties to two different countries with vastly different chat preferences, as well as a number of friends living all over Europe and the US, I've always had to deal with at least four different instant messaging applications. Beeper, and especially the recent completely redesigned Android version, is so good and seamless that I no longer need to use the individual applications at all. It's not perfect - the new Android version (the iOS version is old and outdated compared to the Android one) still has some issues. If you receive a video and play it, it doesn't maximise unless you perform a very delicate zoom in pinch. Sometimes, sending video fails. Some emoji replies on some services look huge and pixellated. I'm sure these are all relatively low-hanging fruit types of bugs that'll get fixes over the coming weeks and months now that the application is out of beta. However, the actual core of the application has been working amazingly well for me. Beeper also has another major announcement. I'm excited to announce that Beeper has been acquired by Automattic. This acquisition marks the beginning of an exciting new chapter as we continue our mission to create the best chat app on earth. Eric Migicovsky Automattic is the company behind WordPress, Tumblr, Pocket Casts, and a whole load of other products and services. Beeper seems like a good fit, since Automattic recently also acquired Texts.com, another multi-platform messaging client.

Yesterday, I posted an item about the updated Find My Device network Google launched for Android, but I forgot to link to an additional blog post by Google about the various security and privacy precautions they've taken. One aspect in particular stands out as something new that Apple's Find My network doesn't do (yet): This is a first-of-its-kind safety protection that makes unwanted tracking to a private location, like your home, more difficult. By default, the Find My Device network requires multiple nearby Android devices to detect a tag before reporting its location to the tag's owner. Our research found that the Find My Device network is most valuable in public settings like cafes and airports, where there are likely many devices nearby. By implementing aggregation before showing a tag's location to its owner, the network can take advantage of its biggest strength - over a billion Android devices that can participate. This helps tag owners find their lost devices in these busier locations while prioritizing safety from unwanted tracking near private locations. In less busy areas, last known location and Nest finding are reliable ways to locate items. Dave Kleidermacher In addition, when you're at home, your devices won't contribute any information either. There's a whole bunch of other things in there, too, so head on over if you're curious.

Exactly ten years ago, on April 8, 2014, Microsoft released the final security patch for Windows XP. The day marked the end of the road for one of the most iconic Windows versions ever released. Taras Buria at Neowin I never liked Windows XP. Compared to the operating systems I was using at the time - BeOS, Mandrake Linux 8.x - Windows XP felt kind of like a bad joke I wasn't in on. It looked ridiculous, didn't seem to offer anything substantial, and it didn't take long for major security incidents related to Windows XP to start dominating the news. It wasn't until several service packs had been released that Windows XP came into its own, but by that point, I had already found a much better alternative for my Windows needs at the time. I'm of course talking about Windows Server 2003, the better Windows than Windows XP. Today though, I do have an odd fondness for Windows XP, as I grow older and XP has become something from my teenage years. The look and feel of Windows XP - the classic theme, not that horrendous Fisher Price nonsense - the sound set, the wallpaper of course - has become iconic, warts and all, and whole generations of people will feel instant feelings as soon as they see Bliss or hear that iconic startup sound. Windows XP with a few service packs now belongs to the small group of Windows releases that I would call the peak of the platform, together with Windows 95 and Windows 7 (and perhaps Server 2003, but that's more of a personal thing and not a consumer operating system). Everything else has not exactly been great or even aged well, and I doubt Windows 10 and 11 will suddenly get good, either.

Built using the Arm NeoverseTM V2 CPU, Axion processors deliver giant leaps in performance for general-purpose workloads like web and app servers, containerized microservices, open-source databases, in-memory caches, data analytics engines, media processing, CPU-based AI training and inferencing, and more. Axion is underpinned by Titanium, a system of purpose-built custom silicon microcontrollers and tiered scale-out offloads. Titanium offloads take care of platform operations like networking and security, so Axion processors have more capacity and improved performance for customer workloads. Titanium also offloads storage I/O processing to Hyperdisk, our new block storage service that decouples performance from instance size and that can be dynamically provisioned in real time. Amin Vahdat on the Google blog Fancy new ARM processors from Google, designed explicitly for the data centre. In other words, we'll never get to play with it unless one makes its way to eBay in a few years.

I've been talking about Servo, the Rust browser engine project originally started at Mozilla, for a while now, and while the project's still got a long way to go, it's definitely a serious contender to become a competitive browser engine in the future. It seems it's starting to get some traction already, as The KDAB Group is working on bringing Servo to Qt. At KDAB we managed to embed the Servo web engine inside Qt, by using our CXX-Qt library as a bridge between Rust and C++. This means that we can now use Servo as an alternative to Chromium for webviews in Qt applications. Andrew Hayzen and Magnus Gro They're already showing off a basic QML application rendering websites using Servo, which is pretty cool. It goes to show that Servo can definitely eventually fulfill the role that Chromium, WebKit, and Gecko fulfill now.

Intel and AMD both tried to ship iGPUs fast enough to compete with low end discrete cards over the past 10 years with mixed results. Recently though, powerful iGPUs have been thrown back into the spotlight. Handhelds like Valve's Steam Deck and ASUS's ROG Ally demonstrated that consumers are willing to accept compromises to play games on the go. AMD has dominated that market so far. Valve's Steam Deck uses AMD's Van Gogh APU, and the ROG Ally uses the newer Phoenix APU. Unlike Van Gogh, Phoenix is a general purpose mobile chip with both a powerful CPU and GPU. Phoenix doesn't stop at targeting the handheld segment, and threatens Intel's laptop market share too. In response, Meteor Lake brings a powerful iGPU to the party. It has the equivalent of 128 EUs and clocks up to 2.25 GHz, making it modestly wider and much faster than Raptor Lake's 96 EU, 1.5 GHz iGPU. Raptor Lake's Xe-LP graphics architecture gets replaced by Xe-LPG, a close relative of the Xe-HPG architecture used in Intel's A770 discrete GPU. At the system level, Meteor Lake moves to a GPU integration scheme that better suits a chiplet configuration where the iGPU gets significant transistor and area budget. I'll be testing Meteor Lake's iGPU with the Core Ultra 7 155H, as implemented in the ASUS Zenbook 14. I purchased the device myself in late February. Chips and Cheese I'm absolutely here for the resurgence in capable integrated GPUs, both for PC gaming on the go and for better graphics performance even in thinner, smaller laptops. I would love to have just a bit more graphics power on my thin and small laptop so I can do some basic gaming with it.

Today, the all-new Find My Device is rolling out to Android devices around the world, starting in the U.S. and Canada. With a new, crowdsourced network of over a billion Android devices, Find My Device can help you find your misplaced Android devices and everyday items quickly and securely. Here are five ways you can try it out. Erik Kay on the Google blog This old Android feature has basically been updated to be the same thing as Apple's Find My, but with more than just one vendor making the tracking tags. Of course, this means it also comes with the same problems, from its use by stalkers to controlling partners, and everything in between. This is a very problematic technology, one which I think is almost impossible to make safe. Still, I have a Samsung tracker that I don't use anymore - because I bought a Pixel 8 Pro, and don't want to install any Samsung applications - and I do plan on getting a new tracker that's compatible with this new Find My Device network. With two small kids, it's easy to lose track of something like my car keys, and instead of stressing about where they are when we need to leave on time, I can just ping them using our Google Home devices instead. Sometimes, these silly smart technologies really do take just that little bit of stress out of your life - you just have to be really picky and honest with yourself about what you really need.

SmolBSD is a tiny BSD UNIX (NetBSD) system creation tool, primarily aimed at building modern, lightweight, fast micro VMs. SmolBSD can start a service in (way) under a second, giving it the ability to be used as a virtualized container, thus reducing attack surface and actually isolating workflows. SmolBSD website Neat.

There are various ways you can change the default browser and similar defaults on Windows, but oneof the ways many third-party tools do this is by editing the relevant registry strings. It turns out that Microsoft is not particularly happy with this, as they've recently introduced a new driver specifically designed to prevent this from happening, by blocking tools like regedit or PowerShell from editing a number of registry keys for setting default applications. The driver was discovered by Christoph Kolbicz. Microsoft implemented a driver based protection to block changes to http/https and .pdf associations by 3rd party utilities. The rollout was staggered and activated randomly", but in the meantime I got many reports - also from business or education environments (but not Server OS). Microsoft also updated the driver during my tests (from 2.0 to 2.1) and extended the deny list of executables. This means, they can change the behavior almost on the fly and add new tricks or block additional extensions/protocols! Christoph Kolbicz Digging further into what, exactly, this driver can do, Microsoft also made it so that even if you disable the driver, an additional scheduled task will run to re-enable the driver and revert the registry changes. It also seems this is somehow related to the changes Microsoft has to make to comply with the EU's DMA, but the driver is also installed on systems outside of the EU, so it's all a bit unclear at the moment.

Over the GNOME46 cycle, VTE has seen a lot of performance improvements. Christian Hergert mentioned some of them in his blog posts about VTE and about his work in GNOME46. But how much did the performance actually improve? What should you, the user, expect to feel after installing a fresh Fedora 40 update and launching your favorite terminal? Let's measure and find out! Ivan Molodetskikh The short version is that the improvements are definitely noticeable during genera use - for the long version, read the actual article.

Users recently noticed that third-party apps for customizing the user interface no longer work in the upcoming Windows 11 version 24H2. Not only does Microsoft not allow you to run those apps, but it even blocks you from upgrading to newer builds. StartAllBack, a popular tool for tweaking the taskbar and Start menu in Windows 11, was among the first to fail on 24H2. Sadly, it is not the only one. ExplorerPatcher also no longer works in Windows 11 24H2. ExplorerPatcher from Valinet is quite a popular app that lets you bring back the old Windows 10 taskbar in Windows 11, apply additional modifications to make Windows 11 slightly better, and restore some of its missing features. Windows 11 version 24H2 is now flagging ExplorerPatcher as incompatible due to security or performance issues" with the following message. Taras Buria at Neowin I guess the taskbar and Start menu are incredibly important real estate for Microsoft, since it's the absolute prime spot for showing ads. If users replace their taskbar and Start menu with something from a third party, that prime real estate is gone. Major conspiracy vibes, yes, and I know this isn't the reason, but why else would they be blocking these applications? I can't think of anything that makes more sense.

With Microsoft's rollout of the new Outlook for Windows, it appears the company has transformed its email app into a surveillance tool for targeted advertising. Everyone talks about the privacy-washing campaigns of Google and Apple as they mine your online data to generate advertising revenue. But now it looks like Outlook is no longer simply an email service; it's a data collection mechanism for Microsoft's 801 external partners and an ad delivery system for Microsoft itself. Edward Komenda on the Proton blog Now, note that this is an article written by Proton, posted on the company blog, so of course they're not going to be too kind towards their competitors. That being said, the article's not wrong: the new Outlook web application, now the default in Windows, not only shared your data with around 800 partners, it also displays ads inside of the application. On macOS, it will even show yo fake emails that are, in fact, ads. Furthermore, once you add your accounts to this new Outlook web application, you'll also be uploading your username and password to Microsoft, giving them access to your email accounts for advertising and data collection purposes, a shady practice a ton of email clients on mobile devices tend to do as well. Suffice it to say you really shouldn't be using this new Outlook, and you should make sure friends and family don't either. This is yet another nail in the coffin of Windows, now an advertising and data collection platform first, and operating system second.

WinBtrfs is a Windows driver for the next-generation Linux filesystem Btrfs. A reimplementation from scratch, it contains no code from the Linux kernel, and should work on any version from Windows XP onwards. It is also included as part of the free operating system ReactOS. WinBtrfs GitHub page If you're running a distribution that defaults to Btrfs, or you actively choose to use it on other distributions, and you also happen to dual-boot Windows because your boss makes you use some garbage corpo software, this driver will make your setup a bit easier to manage.

Clark founded Silicon Graphics Inc on the 9th of November in 1981, and he left Stanford early in 1982 to pursue building the company full time with just $25000 in funding (around $85000 in 2024) from a friend and the contents of his own accounts. Accompanying Clark in this adventure were Kurt Akeley, Dave Brown, Tom Davis, Mark Grossman, Marc Hannah, Herb Kuta, Rocky Rhodes, and Abbey Silverstone. While SGI knew they would deal in computers outfitted with a powerful GPU, they did not know precisely what else those computers should feature. As a result, Clark asked potential customers what they'd like to see in a workstation. While at least one potential customer was interested in VMS, NASA's new Advanced Supercomputing division was very interested in UNIX and they were willing to pay. The division's director at the time spoke with Clark, and (verbally) committed to purchasing at least eighteen workstations in their first order. Bradford Morgan White SGI machines are by far the most sought-after and most expensive of the retro UNIX workstation market today, with machines still netting thousands of euros, even for damaged or less than ideal examples. IRIX is probably also the dead UNIX with the most active fanbase, still releasing software and updates to this very day. An SGI machine is high on my list, and writing an article about using IRIX today is something I've been wanting to do for decades. Sadly, the odds of finding one that's both affordable and shippable to the Arctic part of Sweden - especially now that OSNews is my full-time job and I'm dependent on Patreons and donations - are very, very slim.

I made a graphical IRC client that runs in UEFI. It's written in Rust and leverages the GUI toolkit and TrueType renderer that I wrote for axle's userspace. I was able to develop it thanks to the vmnet network backend that I implemented for QEMU. I've published the code here. Phillip Tennen Words are not enough.

One of the things I've always wanted to experiment with on my computers is logging in and authenticating things like sudo requests with a hardware tool - a fingerprint reader, a smart card, or a USB hardware security device like a YubiKey. There's really no solid reason for me to want this other than that it just feels cool and futuristic to me (yes, even in this, the year of our lord 2024). I have no state secrets, no secret Swiss bank accounts, no whistleblower material to protect, and my computers rarely leave the house - I just want it because it's possible and cooler than typing in my password. Due to the flexibility and feature set of the YubiKey, I think it's the best choice to go for. A no-name USB fingerprint reader would probably be ugly, cumbersome to position, and Linux support would be difficult to determine. A USB smart card reader would bring the same issues as the fingerprint reader, and combined with a smart card it seems like it's just a Yubikey with extra steps. I do have to admit the idea of sliding a smart card in a slot and have it authorise you sounds really, really satisfying. Anyway, YubiKeys come in all shapes and sizes, but I want one of the USB-A ones with a fingerprint reader built-in, since I can plug it in at the bottom of my monitor, perfectly positioned to put my thumb on it to authenticate. This way, it's easily accessible to be used to log into my desktop session, authorise sudo requests when I'm configuring things, log into websites with Firefox, and so on. But there's a problem: setting up a YubiKey on Linux seems like it's a huge ordeal. Just look a the official instructions on the YubiKey website, or the instructions on the Fedora website, my distribution of choice. That's absolutely insane, and nobody should be expected to understand any of this nonsense to use what is being marketed as a consumer product. It's important to note that this is not a hardware, software, or driver issue - all the necessary support is there, and Linux can make full use of the functionality tools like the YubiKey offers. The problem is that you're expected to set this up manually, package by package, configuration file by configuration file, PAM module by PAM module. When I first looked into getting a YubiKey, I expected biometric and advanced authentication tools like these to be fully integrated into modern Linux distributions and desktop environments. I figured that once you plugged one of these tools into your PC, additional options would become available in GNOME's or KDE's user account settings, but apparently, this isn't the case. This means that even if you manually set everything up using the official arcane incantations, your graphical user interface won't be aware of any of that, and changing anything will mean you have to go through those official arcane incantations again. This is entirely unacceptable. The moment you plug in an an advanced hardware security tool like a YubiKey, GNOME and KDE should recognise it, and the settings, tools, and setup wizards' relevant to it should become available. All the hardware and software support is there - and in 2024, biometric and advanced security devices like these should not be so complicated and unforgiving to set up. Smart cards and fingerprint readers have been supported by Linux for literally decades. Why isn't this easier? For now, I'm still in doubt about going through with buying a YubiKey. I definitely have the skills to go through with this whole insane setup process, but I really shouldn't have to.

OpenBSD 7.5 has hit the streets (or servers and workstations), and it comes with a metric ton of improvements and new features. Of course, the kernel has been improved in countless ways, from symmetric multiprocessing improvements to a new font usable as a console font. The graphics drivers have been updated to match Linux 6.6.19, and drivers for the Apple display coprocessor were added. Furthermore, a whole slew of additional ARM boards and SoC are now supported, and new drivers for a variety of networking chips, both wired and wireless, were added as well. Of course, that's just a selection of the changes, and the full changelog lists them all for those of you with specific wishes.

A new major release, FFmpeg 7.0 Dijkstra", is now available for download. The most noteworthy changes for most users are a native VVC decoder (currently experimental, until more fuzzing is done), IAMF support, or a multi-threaded ffmpeg CLI tool. This release is not backwards compatible, removing APIs deprecated before 6.0. The biggest change for most library callers will be the removal of the old bitmask-based channel layout API, replaced by the AVChannelLayout API allowing such features as custom channel ordering, or Ambisonics. Certain deprecated ffmpeg CLI options were also removed, and a C11-compliant compiler is now required to build the code. FFmpeg website I don't think many of directly interface with FFmpeg, but we're most likely all using it one way or another. Even Microsoft (heres the referenced bug report).

PCIe 7.0 is is the next generation interconnect technology for computers that is set to increase data transfer speeds to 128 GT/s per pin, doubling the 64 GT/s of PCIe 6.0 and quadrupling the 32 GT/s of PCIe 5.0. This would allow a 16-lane (x16) connection to support 256 GB/sec of bandwidth in each direction simultaneously, excluding encoding overhead. Such speeds will be handy for future datacenters as well as artificial intelligence and high-performance computing applications that will need even faster data transfer rates, including network data transfer rates. Anton Shilov at AnandTech PCIe 7.0 won't hit devices until late 2020s.

Oh boy. Roku has an... Interesting new patent. Thought you could avoid the ads infesting every smart" TV you buy now by using external devices through HDMI? Disclosed herein are system, apparatus, article of manufacture, method and/or computer program product embodiments, and/or combinations and sub-combinations thereof, for ad insertion by a display device coupled to a media device via a high-definition media interface (HDMI) connection, where the media device provides media content and/or a control signal. When the media device pauses the media content, the display device can determine that a pause event has occurred and insert an ad shown on the display device. Further, some embodiments include determining the context and/or content of the media content that is paused, and determining an ad that is customized to the determined context and/or content to be displayed on the display device. In some embodiments, the display device can determine additional information from the control signal that may also be used to determine the ad to be displayed on the display device. Some bullshit patent for a bullshit invention' My eyes are bleeding. I require medical assistance.

Earlier this week, Qt 6.7 was released with a whole slew of new features and improvements. Reading through the various highlights, there's further improvements to Qt Graphs, first released with Qt 6.6 and still under active development, better SVG support, variable fonts and icon font support, and much more. There's also a variety of new examples and demo applications, and of course, Qt 6.7 supports all the latest operating system releases. One feature that truly stood out to me as something that I'm assuming will make Qt developers happy is improved support for embedding native controls into Qt applications. On both desktop and mobile platforms, applications often need to combine UI elements from different technologies and frameworks. Qt uses and integrates tightly with the native technologies on each platform to create basic UI elements such as windows, and it has for a long time been possible to use UI elements from other frameworks within a Qt Widgets application. With Qt 6.7, we are now adding support forembedding native windows into a Qt Quick sceneas well. This allows use of native controls such as AppKit's MapView or a Windows media player inside a Qt Quick UI, with correct positioning and stacking. By layering windows, Qt Quick UI elements can be overlaid on top of the native components as well. Volker Hilsheimer Alongside Qt 6.7, Qt Creator 13 has also been released, which comes with its own set of improvements and new features.

One area of AMD's product portfolio that doesn't get as much attention as the desktop and server parts is their Embedded platform. AMD's Embedded series has been important for on-the-edge devices, including industrial, automotive, healthcare, digital gaming machines, and thin client systems. Today, AMD has unveiled their latest Embedded architecture, Embedded+, which combines their Ryzen Embedded processors based on the Zen+ architecture with their Versal adaptive SoCs onto a single board. Gavin Bonshor at AnandTech Machines with these chips will flood the used market a few years from now, and they're going to be great buys for all kinds of fun projects - and because the corporate world buys these machines by the truckload, they show up on eBay at impulse prices within years. Sometimes, you can even buy cheap whole lots of these kinds of boxes. They often tend to be a little weird, and come with features and trinkets normal computers don't come with, which is always good for some weekend fun. Cathode Ray Dude is currently doing a series on these little things on YouTube, and there's always something weird to discover about what kind of odd features and design choices these machines possess. If there's interest from you, our lovely readers, I can see if I can snatch up a few weird ones from eBay and write about what kind of fun projects you can do with these. You can usually run Linux on these, the embedded versions of Windows, and if they're not too weird, they could probably serve as a cheap Haiku box, too.

In May and June 2023, a threat actor compromised the Microsoft Exchange Online mailboxes of 22 organizations and over 500 individuals around the world. The actor-known as Storm-0558 and assessed to be affiliated with the People's Republic of China in pursuit of espionage objectives-accessed the accounts using authentication tokens that were signed by a key Microsoft had created in 2016. This intrusion compromised senior United States government representatives working on national security matters, including the email accounts of Commerce Secretary Gina Raimondo, United States Ambassador to the People's Republic of China R. Nicholas Burns, and Congressman Don Bacon. The Board finds that this intrusion was preventable and should never have occurred. The Board also concludes that Microsoft's security culture was inadequate and requires an overhaul, particularly in light of the company's centrality in the technology ecosystem and the level of trust customers place in the company to protect their data and operations. Cyber Safety Review Board's report The Cyber Safety Review Board reviewed the attack on Microsoft Exchange from last year, with Microsoft's cooperation, and it turns out it was kind of a complete and utter shitshow inside Microsoft - a cascade of failures, as the report calls it - and concludes that it was an entirely preventable attack. The report is not kind to Microsoft, and it's a very interesting read if you're into this sort of post mortems of security breaches.

Microsoft is working on a new feature for its Edge browser that will let you limit the amount of RAM it uses. Leopeva64, who is one of the best at finding new Edge features, has spotted a new settings section in test builds of the browser that includes a slider so you can limit how much RAM Edge gets access to. Tom Warren at The Verge Isn't it the operating system's job to manage memory? It seems very archaic to manually set memory limits on an application, or am I totally out of touch?

We've talked about Tribblix before on OSNews - it's a distribution of illumos, built by Peter Tribble. In his latest blog post, Tribble details some of the changes he's made to the live ISO and other images for the most recent release. All along, there's been an overlay (think a group package) called base-iso that lists the packages that are present in the live image. On installation, this is augmented with a few extra packages that you would expect to be present in a running system but which don't make much sense in a live image, to construct the base system. You can add additional software, but the base is assumed to be present. The snag with this is that base-iso is very much a single-purpose generic concept. By its very nature it has to be minimal enough to not be overly bloated, yet contain as many drivers as necessary to handle the majority of systems. As such, the regular ISO image has fallen between 2 stools - it doesn't have every single driver, so some systems won't work, while it has a lot of unnecessary drivers for a lot of common use cases. Peter Tribble Tribble then details how he addressed this issue, which is, unsurprisingly, rather clever. I'm not going to spoil it here, so go on over and read the details.

I work at Red Hat on GCC, the GNU Compiler Collection.For the last five releases of GCC, I've been working on -fanalyzer, a static analysis pass that tries to identify various problems at compile-time, rather than at runtime. It performs symbolic execution" of C source code-effectively simulating the behavior of the code along the various possible paths of execution through it. This article summarizes what's new with -fanalyzer in GCC 14, which I hope will be officially released sometime in April 2024. David Malcolm No matter how many more of you become a Patreon to keep OSNews alive, I'll never be able to really add anything meaningful to articles like these.

The SUSE security team restricts the installation of system wide D-Bus services and Polkit policies in openSUSE distributions and derived SUSE products. Any package that ships these features needs to be reviewed by us first, before it can be added to production repositories. In November, openSUSE KDE packagers approached us with a long list of KDE components for an upcoming KDE6 major release. The packages needed adjusted D-Bus and Polkit whitelistings due to renamed interfaces or other breaking changes. Looking into this many components at once was a unique experience that also led to new insights, which will be discussed in this article. For readers that are new to D-Bus and/or Polkit, the following sections offer a summary to get a better idea about these systems. Matthias Gerstner You don't get these kinds of in-depth looks at how a major new release like KDE 6 gets implemented in a popular distribution like openSUSE. What's especially crazy is that this only really covers D-Bus and Polkit, and those are just two of the countless aspects of openSUSE affected by KDE 6.

It was Stability's armada of GPUs, the wildly powerful and equally expensive chips undergirding AI, that were so taxing the company's finances. Hosted by AWS, they had long been one of Mostaque's bragging points; he often touted them as one of the world's 10 largest supercomputers. They were responsible for helping Stability's researchers build and maintain one of the top AI image generators, as well as break important new ground on generative audio, video and 3D models. Undeniably, Stability has continued to ship a lot of models," said one former employee. They may not have profited off of it, but the broader ecosystem benefitted in a huge, huge way." But the costs associated with so much compute were now threatening to sink the company. According to an internal October financial forecast seen by Forbes, Stability was on track to spend $99 million on compute in 2023. It noted as well that Stability was underpaying AWS bills for July (by $1M)" and not planning to pay AWS at the end of October for August usage ($7M)." Then there were the September and October bills, plus $1 million owed to Google Cloud and $600,000 to GPU cloud data center CoreWeave. (Amazon, Google and CoreWeave declined to comment.) Kenrick Cai and Iain Martin As a Dutch person, I can smell a popping bubble from a mile away, even if tulipmania is most likely anti-Dutch British propaganda. In all seriousness, there's definitely signs that the insane energy and compute costs of artificial image and video generation in particular are rising at such an insane pace it's simply unsustainable for the popularity of these tools to just keep rising. Eventually someone's going to have to pay, and I wonder just how much regular people are willing to pay for this kind of stuff.

Amazon is phasing out its checkout-less grocery stores with Just Walk Out" technology, first reported by The Information Tuesday. The company's senior vice president of grocery stores says they're moving away from Just Walk Out, which relied on cameras and sensors to track what people were leaving the store with. Just over half of Amazon Fresh stores are equipped with Just Walk Out. The technology allows customers to skip checkout altogether by scanning a QR code when they enter the store. Though it seemed completely automated, Just Walk Out relied on more than 1,000 people in India watching and labeling videos to ensure accurate checkouts. The cashiers were simply moved off-site, and they watched you as you shopped. Maxwell Zeff Behind every Silicon Valley innovation are underpaid poor people.

Even with that said, those gray-hairs will frequently claim that of the many makers of floppies out there, 3M made the best ones. Given that, I was curious to figure out exactly why 3M became the most memorable brand in data storage during the formative days of computing, and why it abandoned the product. Ernie Smith I do not remember if I ever held any particular views on which brand of floppy disk (or diskettes, as we called them) was the best. We had a wide variety of brands, and I can't recall any one of them being better than the other, but then, I'm sure people in professional settings had more experience with the little black squares and thus developed all kinds of feelings about them.

Windows 10 is reaching end of support on October 14, 2025, so if you're still using Windows 10 - and let's face it, if you're somehow forced to still use Windows, better 10 than 11 - your time is running out. Luckily, end of support is a bit of a nebulous term when it comes to Microsoft products, and many among you, especially those managing larger fleets of systems, will know Microsoft offers something called the Extended Security Update (ESU) program, wherein you get additional security updates even after end of support. Microsoft just unveiled the prices for this program for Windows 10. While there's several schemes, the one most of you will be interested in is this one: With the 5-by-5 activation method, you'll download an activation key and apply it to individual Windows 10 devices that you've selected for your ESU program. Manage it via scripting or the Volume Activation Management Tool (VAMT), among other methods. You can use on-premises management tools such as Windows Server Update Services (WSUS) with Configuration Manager to download and apply the updates to your Windows 10 devices. The 5-by-5 activation subscription will establish the Year One list price of ESU for Windows 10. This is the base license and will cost $61 USD per device for Year 1, similar to the Windows 7 ESU Year 1 price. Jason Leznek Honestly, that's not an egregious price, but do note that this price doubles every year for three years total, and note that if you want to start using ESU in year two, you'll have to pay for year one as well. In other words, pricing ramps up fast. Furthermore, this program only includes security updates - no new features or anything like that, and it doesn't include support either. So, if you're still using Windows 10 after October 14, 2025, you'll either have to pay up, have an insecure system, downgrade to Windows 11, or move to a better alternative. Choice's yours.

Microsoft is currently testing a new AI-powered Xbox chatbot that can be used to automate support tasks. Sources familiar with Microsoft's plans tell The Verge that the software giant has been testing an embodied AI character" that animates when responding to Xbox support queries. I understand this Xbox AI chatbot is part of a larger effort inside Microsoft to apply AI to its Xbox platform and services. Tom Warren at The Verge I'm convinced. This is the future. Artificial intelligence, AI, no quotation marks. Please, Microsoft. Train this AI on Xbox voice chat and messages. What could possible go wrong?

Quests are a way for players to discover games and earn rewards for playing them on Discord. We started experimenting with them over the last year, and millions of you opted in and completed them. We've heard great feedback from developers who partnered with us to create them and from many of you who completed one. If you didn't see firsthand, the May the 4th" Fortnite Quest is a great example. Now, we're opening up sponsored Quests to more game developers. Peter Sellis That's a lot of fancy, hip words to say Discord is going to show you ads. I have an odd relationship with Discord - it holds a special place in my heart because through Discord is how I met my now-wife and mother of our children, so understandably, the chat platform has a special meaning for us. At the same time, though, Discord has been getting steadily worse and less usable over the years, and while my wife isn't too bothered by that, I certainly am - and so we moved our instant messaging over to Signal instead. My wife still uses Discord with her friends. Seeing a platform that used to be quite usable, and easily the best way to manage a group of geographically spread-out friends, fall prey to the same kind of bullshit so many other platforms have succumbed to. Discord today is almost unrecognisable to what it was like 6-7 years ago, and now there's even going to be ads - the final nail in the coffin for the possibility of me ever going back to using it.

Before the cancellation of The Problem with Jon Stewart on Apple TV+, Apple forbade the inclusion of Federal Trade Commission Chair Lina Khan as a guest and steered the show away from confronting issues related to artificial intelligence, according to Jon Stewart. Samuel Axon at Ars Technica Just when you thought Apple and Tim Cook couldn't get any more unlikable.

Redis, a tremendously popular tool for storing data in-memory rather than in a database, recently switched its licensing from an open source BSD license to both a Source Available License and a Server Side Public License (SSPL). The software project and company supporting it were fairly clear in why they did this. Redis CEO Rowan Trollope wrote on March 20 that while Redis and volunteers sponsored the bulk of the project's code development, the majority of Redis' commercial sales are channeled through the largest cloud service providers, who commoditize Redis' investments and its open source community." Clarifying a bit, cloud service providers hosting Redis offerings will no longer be permitted to use the source code of Redis free of charge." This generated a lot of discussion, blowback, and action. The biggest thing was a fork of the Redis project, Valkey, that is backed by The Linux Foundation and, critically, also Amazon Web Services, Google Cloud, Oracle, Ericsson, and Snap Inc. Valkey is fully open source," Linux Foundation execs note, with the kind of BSD-3-Clause license Redis sported until recently. You might note the exception of Microsoft from that list of fork fans. Kevin Purdy at Ars Technica Moves like this never go down well.

Update: the proposal has now been formally announced on the devel mailing list and Fedora Discussions. I have been assured by the main author of the proposal itself that this is very much not an April Fools joke, but of course, there's still the very real possibility we're being led on here. Still, I'm taking the risk and treating this as a serious change proposal for Fedora, even though it's likely to cause some controversy in the wider Fedora community. The proposal is written by Joshua Strobl, the lead developer of Budgie. Yes, this is a change proposal to make KDE the default desktop environment of Fedora Workstation. The reasoning is that KDE is more approachable for new users than GNOME, it supports standards better, the industry seems to be making moves to KDE (see the Steam Deck), and so on. KDE also has more advanced features people have come to expect from a desktop, like HDR, VRR, and more, and it's the more advanced Wayland desktop. The important note here is that in the highly unlikely event this proposal would be accepted, it's not like current Fedora GNOME users will be upgraded' to KDE when Fedora 42 gets released. The idea is to promote the current Fedora Plasma spin to the main Fedora Workstation release, and demote the Fedora GNOME release to a mere Fedora spin, like KDE is now. While I would personally support this change, it's pretty much 100% unlikely this change proposal will make it through. Red Hat and Fedora are entirely GNOME-first, and no matter how much I believe that's misguided when looking at the state of the two primary open source desktops today, that's not going to change. Still, it's an interesting discussion point, if only to highlight that the frustrations with GNOME run a lot deeper than people seem to think.

Way back in the day, back when I wasn't even working at OSNews yet, I used to run QNX as my desktop operating system, together with a small number of other enthusiasts. It was a struggle, for sure, but it was fun, exciting, and nobody else was crazy enough to do so. Sadly, the small QNX desktop community wasn't even remotely interesting to QNX, and later Blackberry when they acquired the company, and eventually the stand-alone Neutrino-powered version of QNX disappeared behind confusing signup screens and other dark patterns. It meant the end of our small little community. Much to my utter surprise and delight, I saw a post by js about how he ported GCC 10 to QNX - in this case, to QNX 6.5 SP1, released in 2012 - and submitted it to pkgsrc. His ultimate goal is to port one of his other projects, ObjFW, to QNX. He makes use of pkgsrc to do this kind of work, which also means he had to make pkgsrc bootstrap and a lot of other software work on QNX. We're at QNX 8.0 by now, and as much as I bang my head against QNX and BlackBerry's wall of marketing and corporate speak, I just can't find out if it's even still possible to download QNX Neutrino and install it on real generic hardware today.

This is a contender for the World Record for Feature Creep Side Project. It is pretty high in the contender list as it's a bolt on to another contender for the World Record for Feature Creep Side Project (the MII Apple //e emulator). It is a library that duplicate a lot of a Macintosh Classic Toolbox" APIs. It is not a complete implementation, but it is enough to make a few simple applications, also, all the bits I needed for the MII emulator. libmui GitHub page This is absolutely wild.

On October 3, 2023, Google and Yahoo announced upcoming email security standards to prevent spam, phishing and malware attempts. Outlook.com (formerly Hotmail) is also enforcing these policies. With the big 3 Email Service Providers (ESP) in agreement, expect widespread adoption soon. Today's threats are more complex than ever and more ESPs will begin tightening the reigns. Failure to comply with these guidelines will result in emails being blocked beginning April 2024. In this article, we're going to cover these guidelines and explain what senders must do in order to achieve and maintain compliance. XOMedia Some of these changes - most of them impact bulk senders and spammers - should've been implemented ages ago, but seeing them being pushed by the three major email providers, who all happened to be owned, of course, by massive corporations, does raise quite a few red flags. Instinctively, this makes me worried about ulterior motives, especially since running your own email server is already fraught with issues due to the nebulous ways Gmail treats emails coming from small servers. With the rising interest in self-hosting and things like Mastodon, I hope we're also going to see a resurgence in hosting your own e-mail. I really don't like that all my email is going through Gmail - it's what OSNews uses - but I don't feel like dealing with all the delivery issues people who try self-hosting email lament about. With a possible renewed wave of interest in it, we might be able to make the process easier and more reliable.

Microsoft will sell its chat and video app Teams separately from its Office product globally, the U.S. tech giant said on Monday, six months after it unbundled the two products in Europe in a bid to avert a possible EU antitrust fine. The European Commission has been investigating Microsoft's tying of Office and Teams since a 2020 complaint by Salesforce-owned competing workspace messaging app Slack. Foo Yun Chee at Reuters I honestly misread this as Microsoft selling Teams off, which would've been far bigger news. Unbundling Teams from Office globally is just Microsoft applying its recent European Union policy to the rest of the world. All we need now is Microsoft to stop trying to make Teams for families and friends happen, because nobody will ever want to use Teams for anything, let alone personal use.

Every computer has at least one heart which beats the cadence to all the other chips. The CloCK output pin is connected to a copper line which spreads to most components, into their CLK input pin. If you are mostly a software person like me, you may have never noticed it but all kinds of processors have a CLK input pin. From CPUs (Motorola 68000, Intel Pentium, MOS 6502), to custom graphic chips (Midway's DMA2, Capcom CPS-A/CPS-B, Sega's Genesis VDP) to audio chips (Yamaha 2151, OKI msm6295), they all have one. Fabien Sanglard I've watched enough Adrian Black that I already knew all of this, and I'm assuming so did many of you. But hey, I'll never pass up the opportunity to link to the insides of the Super Nintendo.

As some of the dust around the xz backdoor is slowly starting to settle, we've been getting a pretty clear picture of what, exactly, happened, and it's not pretty. This is a story of the sole maintainer of a crucial building block of the open source stack having mental health issues, which at least partly contributes to a lack of interest in maintaining xz. It seems a coordinated campaign - consensus seems to point to a state actor - is then started to infiltrate xz, with the goal of inserting a backdoor into the project. Evan Boehs has done the legwork of diving into the mailing lists and commit logs of various projects and the people involved, and it almost reads like the nerd version of a spy novel. It involves seemingly fake users and accounts violently pressuring the original xz maintainer to add a second maintainer; a second maintainer who mysteriously seems to appear at around the same time, like a saviour. This second maintainer manages to gain the original maintainer's trust, and within months, this mysterious newcomer more or less takes over as the new maintainer. As the new maintainer, this person starts adding the malicious code in question. Sockpuppet accounts show up to add code to oss-fuzz to try and make sure the backdoor won't be detected. Once all the code is in place for the backdoor to function, more fake accounts show up to push for the compromised versions of xz to be included in Debian, Red Hat, Ubuntu, and possibly others. Roughly at this point, the backdoor is discovered entirely by chance because Andres Freund noticed his SSH logins felt a fraction of a second slower, and he wanted to know why. What seems to have happened here is a bad actor - again, most likely a state actor - finding and targeting a vulnerable maintainer, who, through clever social engineering on both a personal level as well as the project level, gained control over a crucial but unexciting building block of the open source stack. Once enough control and trust was gained, the bad actor added a backdoor to do... Well, something. It seems nobody really knows yet what the ultimate goal was, but we can all make some educated guesses and none of them are any good. When we think of vulnerabilities in computer software, we tend to focus on bugs and mistakes that unintentionally create the conditions wherein someone with malicious intent can do, well, malicious things. We don't often consider the possibility of maintainers being malicious, secretly adding backdoors for all kinds of nefarious purposes. The problem the xz backdoor highlights is that while we have quite a few ways to prevent, discover, mitigate, and fix unintentional security holes, we seem to have pretty much nothing in place to prevent intentional backdoors placed by trusted maintainers. And this is a real problem. There are so many utterly crucial but deeply boring building blocks all over the open source stacks pretty much the entire computing world makes use of that it has become a meme, spearheaded by xkcd's classic comic. The weakness in many of these types of projects is not the code, but the people maintaining that code, most likely through no fault of their own. There are so many things life can throw at you that would make you susceptible to social engineering - money problems, health problems, mental health issues, burnout, relationship problems, god knows what else - and the open source community has nothing in place to help maintainers of obscure but crucial pieces of infrastructure deal with problems like these. That's why I'm suggesting the idea of setting up a foundation - or whatever legal entity makes sense - that is dedicated to helping maintainers who face the kinds of problems like the maintainer of xz did. A place where a maintainer who is dealing with problems outside of the code repository can go to for help, advice, maybe even financial and health assistance if needed. Even if all this foundation offers to someone is a person to talk to in confidence, it might mean the difference between burning out completely, or recovering at least enough to then possibly find other ways to improve one's situation. If someone is burnt-out or has a mental health crisis, they could contact the foundation, tell their story, and say, hey, I need a few months to recover and deal with my problems, can we put out a call among already trusted members of the open source community to step in for me for a while? Keep the ship steady as she goes without rocking it until I get back or we find someone to take over permanently? This way, the wider community will also know the regular, trusted maintainer is stepping down for a while, and that any new commits should be treated with extra care, solving the problem of some unknown maintainer of an obscure but important package suffering in obscurity, the only hints found in the low-volume mailing list well after something goes wrong. The financial responsibility for such a safety net should undoubtedly be borne by the long list of ultra-rich megacorporations who profit off the backs of these people toiling away in obscurity. The financial burden for something like this would be pocket change to the likes of Google, Apple, IBM, Microsoft, and so on, but could make a contribution to open source far greater than any code dump. Governments could probably be involved too, but that will most likely open up a whole can of worms, so I'm not sure if that would be a good idea. I'm not proposing this be some sort of glorified ATM where people can go to get some free money whenever they feel like it. The goal should be to help people who form crucial cogs in the delicate machinery of computing to live healthy, sustainable lives so their code and contributions to the community don't get compromised. This

This month, after surpassing our legacy layout engine in the CSS test suites, we're proud to share that Servo has surpassed legacy in the whole suite of Web Platform Tests as well! Servo blog Another months, another detailed progress report from Servo, the Rust browser engine once started by Mozilla. There's a lot of interesting reading here for web developers.

This year, there have been numerous improvements both to the kernel's correctness, as well as raw performance. The signal and TLB shootdown MRs have significantly improved kernel memory integrity and possibly eliminated many hard-to-debug and nontrivial heisenbugs. Nevertheless, there is still a lot of work to be done optimizing and fixing bugs in relibc, in order to improve compatibility with ported applications, and most importantly of all, getting closer to a self-hosted Redox. Jacob Lorentzon (4lDO2) I love how much of the focus for Redox seems to be on the lower levels of the operating system, because it's something many projects tend to kind of forget to highlight, to spend more time on new icons or whatever. These in-depth Redox articles are always informative, and have me very excited about Redox' future. Obviously, Redox is on the list of operating systems I need to write a proper article about. I'm not sure if there's enough for a full review or if it'll be more of a short look - we'll see when we get there.

In October 2023, we published a recap of the top 10 features Windows 11 users want for the redesigned Start menu. Number 6 was the ability to switch from list view to grid view in the All Apps" list, which received over 1,500 upvotes in the Feedback Hub. Six months later, Microsoft finally appears to be ready to give users what they want. PhantomOfEarth, the ever-giving source of hidden stuff in Windows 11 preview builds, discovered that Windows 11 build 22635.3420 lets you change from list to grid view in the All Apps" section. Like other unannounced features, this one requires a bit of tinkering using the ViVeTool app until Microsoft makes it official. Taras Buria I'm still baffled Microsoft consistently manages to mess up something as once-iconic and impactful like the Start menu. It seems like Microsoft just can't leave it well enough alone, even though it kind of already nailed it in Windows 95 - just give us that, but with a modern search function, and we're all going to be happy. That's it. We don't want or need more.

A couple of years ago, I imported a Japanese-market 4*4 van into the US; a 1996 Mitsubishi Delica. Based on the maps I found in the seat pocket and other clues, it seems to have spent its life at some city dweller's cabin in the mountains around Fukushima, and only driven occasionally. Despite being over 25 years old, it only had 77,000 km on the odometer. The van had some interesting old tech installed in it: what appears to be a radar detector labeled Super Eagle 30" and a Panasonic-brand electronic toll collection device that you can insert a smart card into. One particularly noteworthy accessory that was available in mid-90s Delicas was a built-in karaoke machine for the rear passengers. Sadly, mine didn't have that feature. But the most interesting accessory installed in the van was the Avco Maptwin Inter, which I immediately identified as some kind of electronic navigation aid, about which there is very little information available on the English-language internet. When I first saw the Maptwin, I had thought it might be some kind of proto-GPS that displayed latitude/longitude coordinates that you could look up on a paper map. Alas, it's not that cool. It was not connected to any kind of antenna, and the electronics inside seem inadequate for the reception of a GPS signal. The Maptwin was, however, wired into an RPM counter that was attached between the transmission and the speedometer cable, presumably to delivery extremely accurate and convenient display of how many kilometers have been traveled since the display was last reset. What I've been able to learn is that the Maptwin is computer that was mostly used for rally race navigation, precursor to devices still available from manufacturers like Terra Trip. Now, the Mitsubishi Delica is about the best 4*4 minivan you can get, but it's extremely slow and unwieldy at speed, so it would be pretty terrible for rally racing. My best guess is that the owner used this device as a navigation aid for overland exploration, as the name Maptwin" implies, to augment the utility of a paper map. On the other hand, I found an article that indicates that some kinds of rallies were not high speed affairs, but rather accuracy-based navigation puzzles of sorts, so who knows? The Maptwin wasn't working when I got the van, and I don't know if it's actually broken or just needs to be wired up correctly. If any OSNews readers have any additional information about any of the devices I've mentioned, please enlighten us in the comments. If anyone would like to try to get the Maptwin working and report back, please let me know.

NetBSD 10.0 has been released, and it brings a lot of improvements, new features, and fixes compared to the previous release, 9.3. First and foremost, there are massive performance improvements when it comes to compute and filesystem-bound applications on multicore and multiprocessor systems. NetBSD 10.0 also brings WireGuard support compatible with implementations on other systems, although this is still experimental. There's also a lot of added support for various ARM SoCs and boards, including Apple's M1 chip, and there's new support for compat_linux on AArch64, for running Linux programs. Of course, there's also a ton of new and updated drivers, notably the graphics drivers which are now synced to Linux 5.6, bringing a ton of improvements with them. This is just a small sliver of all the changes, so be sure to read the entire release announcement for everything else.

It's the ext2 filesystem driver that will be marked as deprecated in the upcoming 6.9 Linux kernel. The main issue is that even if the filesystem is created with 256 byte inodes (mkfs.ext2 -I 256), the filesystem driver will stick to 32 bit dates. Because of this, the driver does not support inode timestamps beyond 03:14:07 UTC on 19 January 2038. Michael Opdenacker Kernel developer Ted T'so did state that if someone wants to add support for 64bit dates to ext2, it shouldn't be too hard. I doubt many people still use ext2, but if someone is willing to step up, the deprecation can be made undone by adding this support.

After observing a few odd symptoms around liblzma (part of the xz package) on Debian sid installations over the last weeks (logins with ssh taking a lot of CPU, valgrind errors) I figured out the answer: The upstream xz repository and the xz tarballs have been backdoored. At first I thought this was a compromise of debian's package, but it turns out to be upstream. Andres Freund I don't normally report on security issues, but this is a big one not just because of the severity of the issue itself, but also because of its origins: it was created by and added to upstream xz/liblzma by a regular contributor of said project, and makes it possibly to bypass SSH encryption. It was discovered more or less by accident by Andres Freund. I have not yet analyzed precisely what is being checked for in the injected code, to allow unauthorized access. Since this is running in a pre-authentication context, it seems likely to allow some form of access or other form of remote code execution. Andres Freund The exploit was only added to the release tarballs, and not present when taking the code off GitHub manually. Luckily for all of us, the exploit has only made it way to the most bloodiest of bleeding edge distributions, such as Fedora Rawhide 41 and Debian testing, unstable and experimental, and as such has not been widely spread just yet. Nobody seems to know quite yet what the ultimate intent of the exploit seems to be. Of note: the person who added the compromising code was recently added as a Linux kernel maintainer.

Since the technology industry and associated media outlets tend to focus primarily on the latest and greatest technology and what's right around the corner, it sometimes seems as if the only valid option when you need a new laptop, phone, desktop, or whatever is to spend top euro on the newest, most expensive incarnations of those. But what if you need, say, a new laptop, but you're not swimming in excess disposable income? Or you just don't want to spend 1000-2000 euro on a new laptop? The tech media tends to have an answer for this: buy something like a cheap Chromebook or an e-waste 350 Windows laptop and call it a day - you don't deserve a nice experience. However, there's a far better option than spending money on a shackled Chromebook or an underpowered bottom-of-the-barrel Windows laptop: buy used. Recently, I decided to buy a used laptop, and I set it up how I would set up any new laptop, to get an idea of what's out there. Here's how it went. For this little experiment, I first had to settle on a brand, and to be brutally honest, that was an easy choice. ThinkPads seems to be universally regarded as excellent choices for a used laptop for a variety of reasons which I'll get to later. After weighing some of the various models, options, and my budget, I decided to go for a Lenovo ThinkPad T450s for about 150, and about a week later, the device arrived at my local supermarket for pickup. Before I settled on this specific ThinkPad, I had a few demands and requirements. First and foremost, since I don't like large laptops, I didn't want anything bigger than roughly 14'', and since I'm a bit of a pixel count snob, 1920*1080 was non-negotiable. Since I already have a Dell XPS 13 with an 8th Gen Core i7, I figured going 3-4 generations older seemed like it would give me at least somewhat of a generational performance difference. An SSD was obviously a must, and as long as there were expansion options, RAM did not matter to me. The T450s delivered on all of these. It's got the 1920*1080 14'' IPS panel (there's also a lower resolution panel, so be sure to check you're getting the right one), a Core i5-5300U with 2 cores and 4 threads with a base frequency of 2.30GHz and a maximum boost frequency of 2.90GHz, Intel HD 5500 graphics, a 128GB SATA SSD, and 4GB of RAM. Since 4GB is a bit on the low side for me, I ordered an additional 8GB SO-DIMM right away for 35. This brought the total price for this machine to 185, which I considered acceptable. For that price, it also came with its Windows license, for whatever that's worth. I don't want to turn this into a detailed review of a laptop from 2015, but let's go over what it's like to use this machine today. The display cover is made of carbon-reinforced plastic, and the rest of magnesium. You can clearly feel this laptop is of a slightly older vintage, as it feels a bit more dinkey than I'm used to from my XPS 13 9370 and my tiny Chuwi MiniBook X (2023). It doesn't feel crappy or cheap or anything - just not as solid as you might expect from a modern machine. It's got a whole load of ports to work with, though, which is refreshing compared to the trend of today. On the left side, there's a smartcard slot, USB 3.0, mini DisplayPort, another USB 3.0, and the power connector. On the right side, there's a headphone jack, an SD card slot, another USB 3.0 port, an Ethernet jack, and a VGA port. On the bottom of the laptop is a docking port to plug it into various docking stations with additional ports and connectors. On the inside, there's a free M.2 slot (a small 2242 one). First, I eradicated Windows from the SSD because while I'm okay with an outdated laptop, I'm not okay with an outdated operating system (subscribe to our Patreon to ensure more of these top-quality jokes). After messing around with various operating systems and distributions for a while, I got back to business and installed my distribution of choice, Fedora, but I did opt for the Xfce version instead of my usual KDE one just for variety's sake. ThinkPads tend to be well-supported by Linux, and the T450s is no exception. Everything I could test - save for the smartcard reader, since I don't have a smartcard to test it with - works out of the box, and nothing required any manual configuration or tweaking to work properly. Everything from trackpad gestures to the little ThinkLight on the lid worked perfectly, without having to deal with hunting for drivers and that sort of nonsense Windows users have to deal with. This is normal for most laptops and Linux now, but it's nice to see it applies to this model as well. Using the T450s was... Uneventful. Applications open fast, there's no stutter or lag, and despite having just 2 cores and 4 threads, and a very outdated integrated GPU, I didn't really feel like I was missing out when browsing, doing some writing and translating (before I quit and made OSNews my sole job), watching video, those sorts of tasks. This isn't a powerhouse laptop for video editing, gaming, or compiling code or whatever, but for everything else, it works great. After I had set everything up the way I like, software-wise, I did do some work to make the machine a bit more pleasant to use. First and foremost, as with any laptop or PC that's a little older, I removed the heatsink assembly, cleaned off the crusty old thermal paste, and added some new, fresh paste. I then dove into the fan management, and installed zcfan, a Linux fan control daemon for ThinkPads, using its default settings, and created a systemd