OSnews

Blue95 is a modern and lightweight desktop experience that is reminiscent of a bygone era of computing. Based on Fedora Atomic Xfce with the Chicago95 theme. Blue95 GitHub page Exactly as it says on the tin. This is by far the easiest way to get the excellent Chigaco95 theme for Xfce set up and working in a polished way, and it also contains a few different application choices from the regular Fedora Xfce desktop to improve the illusion even further.

I've complained about the utter inscrutability of the Windows release process for a long time, with Microsoft seemingly using channels, build numbers, code names, date-based version numbers, and so on interchangeably, making it incredibly hard to keep track of what is being released when. It turns out even Microsoft itself started losing track, because it's now released a roadmap for Windows 11 development. In the roadmap tool - of course it's a tool - you can select a platform, which isn't x86 or ARM, but Windows PC or Copilot+ PC, a version (23H2 or 24H2 for now), a status (In preview, Gradually rolling out, or Generally available), and a channel (Canary, Dev, Beta, or Retail), after which the roadmap tool will list whatever features match those criteria. Do you now see why people might want such a tool to keep track of what the hell is going on with Windows? Anyway, as the date-based version numbers - 23H2 and 24H2 - may already make clear, this seems more like a roadmap about where development's been than where development's going. The problem for Microsoft, of course, is that it maintains several different Windows variants with different feature sets and update schedules, and users, too, can of course opt to stick to certain versions before moving on. The end result is this spaghetti, which makes it hard to untangle when you're getting which feature. Anyway, if you're elbow-deep in the Windows spaghetti, this tool may be of use to you.

How do you create a brain drain and lose your status as eminent destination for scientists and researchers? The United States seems to be sending out questionnaires to researchers at universities and research institutes outside of the United States, asking them about their political leanings. Dutch universities are strongly advising Dutch researches not to respond to the questionnaires, and warn that they are designed to stifle free speech and independent research through intimidation. Universities of the Netherlands (UNL) has also warned researchers about the questionnaire. The USGS questionnaire asks, for example, whether the researcher's organisation works with entities associated with communist, socialist, or totalitarian parties', whether the research project has taken appropriate measures' to defend against gender ideology' and whether the project has measurable benefits for US domestic industries, workforce, or economic sectors'. Universiteit Leiden Researchers trying to enter the United States are also facing intimidation tactics, with the United States government going so far as to refuse entry to scientists critical of the Trump regime: A French scientist was denied entry to the US this month after immigration officers at an airport searched his phone and found messages in which he had expressed criticism of the Trump administration, said a French minister. I learned with concern that a French researcher who was traveling to a conference near Houston was denied entry to the United States before being expelled," Philippe Baptiste, France's minister of higher education and research, said in a statement on Monday to Agence France-Presse published by Le Monde. Robert Mackey at the Guardian Being denied entry is one thing - being arrested and sent to a string of prisons is another, like this Canadian woman: Our next stop was Arizona, the San Luis Regional Detention Center. The transfer process lasted 24 hours, a sleepless, grueling ordeal. This time, men were transported with us. Roughly 50 of us were crammed into a prison bus for the next five hours, packed together - women in the front, men in the back. We were bound in chains that wrapped tightly around our waists, with our cuffed hands secured to our bodies and shackles restraining our feet, forcing every movement into a slow, clinking struggle. Jasmine Mooney at the Guardian If you're a scientist or researcher planning on going to a conference in the US (or, say, a developer wanting to go to a tech conference), you should reconsider. Even if your papers are in order, you could end up on a plane to a concentration camp in El Salvador before you can even call a lawyer - while being told that any judge standing up for your rights should be impeached. The United States' war on free speech, science, and research goes far beyond intimidating individual scientists and researchers. The Trump regime is actively erasing and deleting entire fields of science, most notably anything involving things like climate and gender, and openly attacking and cutting funding to universities that disagree with the Trump regime. Almost immediately after being sworn in as president on 20 January, Trump put his signature to piles of executive orders cancelling or freezing tens of billions of dollars in funding for research and international assistance, and putting the seal on thousands of lay-offs. Orwellian restrictions have been placed on research, including bans on studies that mention particular words relating to sex and gender, race, disability and other protected characteristics. Nature US President Donald Trump's latest war on the climate includes withdrawing support for any research that mentions the word. He has also launched a purge on government websites hosting climate data, in an apparent attempt to make the evidence disappear. Corey J. A. Bradshaw at The Conversation The Trump administration has fired hundreds of workers at the National Oceanic and Atmospheric Administration (Noaa), the US's pre-eminent climate research agency housed within the Department of Commerce, the Guardian has learned. There is no plan or thought into how to continue to deliver science or service on weather, severe storms and events, conservation and management of our coasts and ocean life and much more," he said. Let's not pretend this is about efficiency, quality of work or cost savings because none of those false justifications are remotely true." Dharna Noor and Gabrielle Canon at the Guardian Intimidating current scientists isn't enough, either - the scientists of the future must also suffer: US President Donald Trump has signed an executive orderto dismantle the Department of Education, fulfilling a campaign pledge and a long-cherished goal of some conservatives. In its statement, the American Federation of Teachers said: No-one likes bureaucracy, and everyone's in favour of more efficiency, so let's find ways to accomplish that. But don't use a war on woke' to attack the children living in poverty and the children with disabilities." Ana Faguy at the BBC But what about intimidating university students who don't fall in line with the regime? Well, we can't forget about those, now, can we? After immigration agents detained Columbia University graduate student Mahmoud Khalil over his involvement in pro-Palestine protests on campus, President Donald Trump promised it was just the beginning. The Department of Homeland Security (DHS) has since arrested at least two more students who are in the country on visas - one of whom had recently sued the Trump administration on First Amendment grounds. Gaby Del Valle at The Verge A Cornell University PhD student earlier this month sued the Trump administration seeking to stop the president's order aimed at foreign students accused of antisemitism". Days later, lawyers at the justice department emailed to request that the student surrender" to immigration officials Maanvi Singh at the Guardian These are just a small selection of stories, and I could've picked a dozen more still if I wanted to. The point should be squarely (roundly?) driven home by now: the United States government seems to be doing everything in its power to scare off the very people an economy based on science,

KDE's login manager, SDDM, has its share of problems, and as such, a number of KDE developers are working on replacement to fix many of these long-standing issues. So, what exactly is wrong with SDDM as it exists today? With SDDM, power management is reinvented from scratch with bespoke configuration. We can't integrate with Plasma's network management, power management, volume controls, or brightness controls without reinventing them in the desktop-agnostic backend. SDDM was already having to duplicate too much functionality we have in KDE, which was very frustrating when we're left maintaining it. David Edmundson On top of that, theming is also a big issue with SDDM, as it doesn't adopt any of the existing Plasma themes, wallpapers, and so on, forcing users to manually makes thse changes for SDDM, and forcing theme developers to make custom themes just for SDDM instead of it just adopting Plasma's settings. The new login manager they're working on will instead make use of existing Plasma components and be brought up like Plasma itself, too. For now, the SDDM replacement is roughly at feature parity with SDDM, but it's by no means ready for widespread adoption by distributions or users. Developers interested in trying it out can do so, though, and as it mostly looks like the existing default SDDM setup, you won't even notice anything in day-to-day use.

Up until now, Google developed several components of Android out in the open, as part of AOSP, while developing everything else behind closed doors, only releasing the source code once the final new Android version was released. This meant that Google had to merge the two branches, which lead to problems and issues, so Google decided it's now moving all development of Android behind closed doors. What will change is the frequency of public source code releases for specific Android components. Some components like the build system, update engine, Bluetooth stack, Virtualization framework, and SELinux configuration are currently AOSP-first, meaning they're developed fully in public. Most Android components like the core OS framework are primarily developed internally, although some features, such as the unlocked-only storage area API, are still developed within AOSP. Beginning next week, all Android development will occur within Google's internal branches, and the source code for changes will only be released when Google publishes a new branch containing those changes. As this is already the practice for most Android component changes, Google is simply consolidating its development efforts into a single branch. Mishaal Rahman at Android Authority This brings up a very old debate: if development happens entirely behind closed doors, with only the occasional code drop, is the software in question really open source? Technically, the answer is obviously yes' - there's no requirement that development take place in public. However, I'm fairly sure that when most people think of open source, they think not only of occasionally throwing chunks of code over the proverbial corporate walls, but also of open development, where everybody is free to contribute, pipe in, and follow along. Clearly, this move makes Android more closed, not less so, and it follows in a long string of changes Google has made to Android that make it ever harder to consider AOSP, the Android Open Source Project, a capable, modern mobile operating system. The Android fork of the Linux kernel will always be properly open, of course, but I have my doubts Android in and of itself will remain open source in the narrow definition for much longer, and even if it does, you have to wonder how much value it will have. I mean, Darwin, the open source base underneath macOS and iOS, is technically open source, but nobody cares because Apple made it pretty much worthless in and of itself. Anything of value is stripped out and not only developed behind closed doors, but also not released as open source, ensuring Darwin is nothing but a curiosity we sometimes remember exists. Android could be heading in the same direction. My biggest worry are Android ROMs, most notably for me personally GrapheneOS. I honestly have no idea how this will impact such projects.

Some more light reading: While it was already established that the open source supply chain was often the target of malicious actors, what is stunning is the amount of energy invested by Jia Tan to gain the trust of the maintainer of the xz project, acquire push access to the repository and then among other perfectly legitimate contributions insert - piece by piece - the code for a very sophisticated and obfuscated backdoor. This should be a wake up call for the OSS community. We should consider the open source supply chain a high value target for powerful threat actors, and to collectively find countermeasures against such attacks. In this article, I'll discuss the inner workings of the xz backdoor and how I think we could have mechanically detected it thanks to build reproducibility. Julien Malka It's a very detailed look at the situation and what Nix could to prevent it in the future.

What if you want to use a web browser like Dillo, which lacks JavaScript support and can't play audio or video inside the browser? Dillo doesn't have the capability to play audio or video directly from the browser, however it can easily offload this task to other programs. This page collects some examples of how to do watch videos and listen to audio tracks or podcasts by using an external player program. In particular we will cover mpv with yt-dlp which supports YouTube and Bandcamp among many other sites. Dillo website The way Dillo handles this feels very UNIX-y, in that it will call an external program - mpv and yt-dlp, for instance - to play a YouTube from an Open in mpv" option in the right-click menu for a link. It's nothing earth-shattering or revolutionary, of course, but I very much appreciate that Dillo bakes this functionality right in, allowing you to define any such actions and add them to the context menu.

This whitepaper provides an introduction to and overview of seL4. We explain what seL4 is (and is not) and explore its defining features. We explain what makes seL4 uniquely qualified as the operating-system kernel of choice for security- and safety-critical systems, and generally embedded and cyber-physical systems. In particular, we explain seL4's assurance story, its security- and safety-relevant features, and its benchmark-setting performance. We also discuss typical usage scenarios, including incremental cyber retrofit of legacy systems. Gernot Heiser Some light reading for Monday.

It's been over three years since the last ReactOS release, but today, in honour of the first commit to the project by the oldest, still active contributor, the project released ReactOS 0.4.15. Of course, there's been a steady stream of nightly releases, so it's not like the project stalled or anything, but having a proper release is always nice to have. We are pleased to announce the release of ReactOS 0.4.15! This release offers Plug and Play fixes, audio fixes, memory management fixes, registry healing, improvements to accessories and system tools including Notepad, Paint, RAPPS, the Input Method Editor, and shell improvements. ReactOS 0.14.5 release announcement There's a lot in this one, as the long gap between releases indicates. Thanks to the major changes in the plug and play subsystem of the kernel, ReactOS now supports more third party drivers, and it can now boot from USB and chipsets with EHCI, OHCI, and UHCI controllers. The open source AC'97 driver from the Windows Driver Kit has also been ported to ReactOS to enable sound on VirtualBox and old motherboards. The open source FAT driver from the same WDK has also been ported, which is a massive improvement over the old one. ReactOS can now also make use of custom IMEs, ZIP archive support has been integrated into the shell, and a new default visual style has been chosen. There's a lot more in this release, though, and since it was branched over six months ago, there are a lot of improvements from since that time that are not yet part of this release, like a graphical installers, UEFI and SMP support, new NTFS driver, and a ton more. In other words - don't let the long time between releases fool you; there's a lot going on in the ReactOS world.

Nvidia releasing its Linux graphics driver as open source is already bearing fruit for alternative operating systems. As many people already knows, Nvidia published their kernel driver under MIT license: GitHub - NVIDIA/open-gpu-kernel-modules: NVIDIA Linux open GPU kernel module source (I will call it NVRM). This driver is very portable and its platform-independent part can be compiled for Haiku with minor effort (but it need to implement OS-specific binding code to be actually useful). This is very valuable for Haiku because Linux kernel GPU drivers are very hard to port and it heavily depends on Linux kernel internals. Unfortunately userland OpenGL/Vulkan driver source code is not published. But as part of Mesa 3D project, new Vulkan driver NVK" is being developed and is functional already. Mesa NVK driver is using Nouveau as kernel driver, so it can't be directly used with NVRM kernel driver. NVK source code provides platform abstraction that allows to implement support of other kernel drivers such as NVRM. I finally managed to make initial port NVRM kernel driver to Haiku and added initial NVRM API support to Mesa NVK Vulkan driver, so NVRM and NVK can work together. Some simple Vulkan tests are working. X512 on the Haiku forums Incredibly impressive, and a huge milestone for the Haiku operating system. It supports any Nvidia GPU from the Turing architecture, which I think means Nvidia RTX 20xx and newer, since they have a required microcontroller older GPUs do not have. Of course, this is an early port and a lot of work remains to be done, but it could lead to huge things for Haiku.

SoftBank Group Corp. today announced that it will acquire Ampere Computing, a leading independent silicon design company, in an all-cash transaction valued at $6.5 billion. Under the terms of the agreement, Ampere will operate as a wholly owned subsidiary of SoftBank Group and retain its name. As part of the transaction, Ampere's lead investors - Carlyle and Oracle - are selling their respective positions in Ampere. SoftBank and Ampere Computing press release Despite not really knowing what SoftBank does and what their long-term goals are - I doubt anyone does - I hope this at the very least provides Ampere with the funds needed to expand its business. At this point, the only serious options for Arm-based hardware are either Apple or Qualcomm, and we could really use more players. Ampere's hardware is impressive, but difficult to buy and expensive, and graphics card support is patchy, at best. What Ampere needs is more investment, and more OEMs picking up their chips. An Ampere workstation is incredibly high on my list of machines to test for OSNews (perhaps a System76 model?), and it'd be great if economies of scale worked to bring the prices down, possibly allowing Ampere to developer cheaper, more affordable variants for us mere mortals, too. I would love to build an Arm workstation in much the same way we build regular x86 PCs today, but I feel like that's still far off. I have no idea if SoftBank is the right kind of company to make this possible, but one can dream.

What do SourceHut, GNOME's GitLab, and KDE's GitLab have in common, other than all three of them being forges? Well, it turns out all three of them have been dealing with immense amounts of traffic from AI" scrapers, who are effectively performing DDoS attacks with such ferocity it's bringing down the infrastructures of these major open source projects. Being open source, and thus publicly accessible, means these scrapers have unlimited access, unlike with proprietary projects. These AI" scrapers do not respect robots.txt, and have so many expensive endpoints it's putting insane amounts of pressure on infrastructure. Of course, they use random user agents from an effectively infinite number of IP addresses. Blocking is a game of whack-a-mole you can't win, and so the GNOME project is using a rather nuclear option called Anubis now, which aims to block AI" scrapers with a heavy-handed approach that sometimes blocks real, genuine users as well. The numbers are insane, as Niccolo Venerandi at Libre News details. Over Mastodon, one GNOME sysadmin, Bart Piotrowski, kindly shared some numbers to let people fully understand the scope of the problem. According to him, in around two hours and a half they received 81k total requests, and out of those only 3% passed Anubi's proof of work, hinting at 97% of the traffic being bots - an insane number! Niccolo Venerandi at Libre News Fedora is another project dealing with these attacks, with infrastructure sometimes being down for weeks as a result. Inkscape, LWN, Frama Software, Diaspora, and many more - they're all dealing with the same problem: the vast majority of the traffic to their websites and infrastructure now comes from attacks by AI" scrapers. Sadly, there's doesn't seem to be a reliable way to defend against these attacks just yet, so sysadmins and webmasters are wasting a ton of time, money, and resources fending off the hungry AI" hordes. These AI" companies are raking in billions and billions of dollars from investors and governments the world over, trying to build dead-end text generators while sucking up huge amounts of data and wasting massive amounts of resources from, in this case, open source projects. If no other solutions can be found, the end game here could be that open source projects will start to make their bug reporting tools and code repositories much harder and potentially even impossible to access without jumping through a massive amount of hoops. Everything about this AI" bubble is gross, and I can't wait for this bubble to pop so a semblance of sanity can return to the technology world. Until the next hype train rolls into the station, of course. As is tradition.

There's no escaping Rust, and the language is leaving its mark everywhere. This time around, Chrome has replaced its use of FreeType with Skrifa, a Rust-based replacement. Skrifa is written in Rust, and created as a replacement for FreeType to make font processing in Chrome secure for all our users. Skifra takes advantage of Rust's memory safety, and lets us iterate faster on font technology improvements in Chrome. Moving from FreeType to Skrifa allows us to be both agile and fearless when making changes to our font code. We now spend far less time fixing security bugs, resulting in faster updates, and better code quality. Dominik Rottsches, Rod Sheeter, and Chad Brokaw The move to Skrifa is already complete, and it's being used now by Chrome users on Linux, Android, and ChromeOS, and as a fallback for users on Windows and macOS. The reasons for this change are the same as they always are for replacing existing tools with new tools written in Rust: security. FreeType is a security risk for Chrome, and by replacing it with something written in a memory-safe language like Rust, Google was able to eliminate a whole slew of types of security issues. To ensure rendering correctness, Google performed a ton of pixel comparison tests to compare FreeType output to Skrifa output. On top of that, Google is continuously running similar tests to ensure no quality degradation sneaks into Skrifa as time progresses. Whether anyone likes Rust or not, the reality of the matter is that using Rust provides tangible benefits that reduce cost and lower security risks, and as such, its use will keep increasing, and tried and true tools will continue to be replaced by Rust counterparts.

Long ago, during the time of creation, I confidently waved my hand and allocated a 1GB ESP partition and a 1GB boot partition, thinking to myself with a confident smile that this would surely be more than enough for the foreseeable future. However, this foreseeable future quickly vanished along with my smile. What was bound to happen eventually came, but I didn't expect it to arrive so soon. What could possibly require such a large boot partition? And how should we resolve this? Here, I would like to introduce the boot partition issue I encountered, as well as temporary coping methods and final solutions, mentioning the problems encountered along the way for reference. fernvenue Some of us will definitely run into this issue at some point, so if you're doing a fresh installation it might make sense to allocate a bit more space to your boot partition. If you have a running system and are bumping into the limitations of your boot partition and don't want to reinstall, the linked article provides some possible solutions.

One of the two major open source desktop environments, GNOME, just released version 48, and it's got some very big and welcome improvements. First and foremost there's dynamic triple-buffering, a feature that took over five years of extensive testing to get ready. It will improve the smoothness and fluidity of animations and other movements on the screen, as it did for KDE when it landed there in the middle of last year. GNOME 48 also brings notification stacking, combining notifications from the same source, improvements to the new default image viewer such as image editing features, a number of digital well-being options, as well as the introduction of a new, basic audio player designed explicitly for quickly playing individual audio files. There's also a few changes to GNOME's text editor, and following in KDE's recent footsteps, GNOME 48 also brings HDR support. Another major change are the new default fonts. Finally, Cantarell is gone, replaced by slightly modified versions of Inter and Iosevka. Considering I absolutely adore Inter and installing and setting it as my main font is literally the first thing I do on any system that allows me to, I'm fully behind this change. Inter is exceptional in that it renders great in both high and low DPI environments, and its readability is outstanding. GNOME 48 will make its way to your distribution's repositories soon enough.

Oracle, the company owned by a guy who purchased a huge chunk of the Kingdom of Hawaii from the Americans, has released Java 24. I'll be honest and upfront: I just don't care very much at all about this, as the only interaction I've had with Java over the past, I don't know, 15 years or so, is either because of Minecraft, or because of my obsession with ancient UNIX workstations where Java programs pop up in the weirdest of places. I know Java is massive and used everywhere, but going through the list of changes and improvements does not spark any joy in me at all, and just makes me want to stick my pinky in an electrical socket to make something interesting happen. If you work with Java, you know all of this stuff already anyway, as you've been excitedly trying to impress Nick from accounting with your knowledge of Flexible Constructor Bodies and Quantum-Resistant Module-Lattice-Based Key Encapsulation Mechanisms because he's just so dreamy and you desperately want to ask him out for a hot cup of coffee, but you're not sure if he's married or has a boy or girlfriend so you're just kind of scoping things out a bit too excitedly and now you're worried you might be coming off as too desperate for his attention. Anyway, that's how offices work, right? I've never worked for anyone but myself and office settings induce a deep sense of existential dread in me, so my knowledge of office work, and Java if we're honest, may be based a bit too much on '90s sitcoms and dramas. Whatever, Java 24 is here. Do a happy dance.

As of the 18th of February, OpenVMS, known for its stability and high-availability, 47 years old and ported to 4 different CPU architecture, has a package manager! This article shows you how to use the package manager and talks about a few of its quirks. It's an early beta version, and you do notice that when using it. A small list of things I noticed, coming from a Linux (apt/yum/dnf) background: There seems to be no automatic dependency resolution and the dependencies it does list are incomplete. No update management yet, no removal of packages and no support for your own package repository, only the VSI official one. Service startup or login script changes are not done automatically. Packages with multiple installer files fail and require manual intervention. It does correctly identify the architectures, has search support and makes it way easier to install software. The time saved by downloading, manually copying and starting installation is huge, so even this early beta is a very welcome addition to OpenVMS. Remy van Elst Obviously, a way to install software packages without having to manually download them is a huge step forward for OpenVMS. The listed shortcomings might raise some eyebrows considering most of us are used to package management on Linux/BSD, which is far more advanced. Bear in mind, however, that this is a beta product, and it's quite obvious these missing essential features will be added over time. Luckily it at least lists dependencies, so let's hope actually automating installing them is in the works and will be available soon. I actually have an OpenVMS virtual machine set up and running, but I find using it incredibly difficult - but only because of my own lack of experience with and knowledge about OpenVMS, of course. Any experience of knowledge rooted in UNIX-based and Windows operating systems is useless here, even for the most basic of CLI tasks. If I find the time, I'd love to spend more time with it and get more acquainted with the way it works, including this new package manager.

It's barely been two months after the announcement that Pebble would return with new watches, and they're already here - well, sort of. Pebble has announced two new watches for preorder, the Core 2 Duo and the Core Time 2. The former is effectively a Pebble 2, upgraded with new internals, while the Core Time 2 is very similar, but comes with a colour e-ink display and a metal case. They're up for preorder now at $149 and $225, respectively, with the Core 2 Duo shipping in July, and the Core Time 2 shipping in December. Alongside this unveil, Eric Migicovsky, the creator of Pebble, also published a blog post detailing the trouble Pebble is and will have with making smartwatches for iOS users. Apple effectively makes it impossible for third parties to make a proper smartwatch for iOS, since access to basic functionality you'd come to expect from such a device are locked by Apple, reserved only for its own Apple Watch. As such, Migicovsky makes it explicitly clear that iOS users who want to buy one of these new Pebbles will are going to have a very degraded experience compared to Android users. Not only will Android users with Pebble have access to a ton more functionality, any Pebble features that could exist for both Android and iOS users will always come to Android first, and possibly iOS later. In fact, Migicovksy goes as far as suggesting that if you want a Pebble, you should buy an Android phone. I don't want to see any tweets or blog posts or complaints or whatever later on about this. I'm publishing this now so you can make an informed decision about whether to buy a new watch or not. If you're worried about this, the easiest solution is to buy an Android phone. Eric Migicovsky I have to hand it to Migicovksy - I love the openness about this, and the fact he's making this explicitly clear to any prospective buyers. There's no sugarcoating or PR speak to try and please Tim Cook - he's putting the blame squarely where it belongs: on Apple. It's kind of unreal to see such directness about a new product, but as a Dutch person, it feels quite natural. We need more of this style of communication in the technology world, as it makes it much clearer that you're getting - and not getting. I do hope that Pebble's Android support functions without the need for Google Play Services or other proprietary Google code, since it would be great to have a proper, open source smartwatch fully supported by de-Googled Android.

A few months after 0.27.0 was released, we've got a small update for Enlightenment today, version 0.27.1. It's a short list of bugfixes, and one tiny new feature: you can now use the scroll wheel to change the volume when your cursor is hovering over the mixer controls. That's it. That's the release.

It's taken a Herculean seven-year effort, but GIMP 3.0 has finally been released. There are so many new features, changes, and improvements in this release that it's impossible to highlight all of them. First and foremost, GIMP 3.0 marks the shift to GTK3 - this may be surprising considering GTK4 has been out for a while, but major applications such as GIMP tend to stick to more tried and true toolkit versions. GTK4 also brings with it the prickly discussion concerning a possible adoption of libadwaita, the GNOME-specific augmentations on top of GTK4. The other major change is full support for Wayland, but users of the legacy X11 windowing system don't have to worry just yet, since GIMP 3.0 supports that, too. As far as actual features go, there's a ton here. Non-destructive layer effects is one of the biggest improvements. Another big change introduced in GIMP 3.0 is non-destructive (NDE) filters. In GIMP 2.10, filters were automatically merged onto the layer, which prevented you from making further edits without repeatedly undoing your changes. Now by default, filters stay active once committed. This means you can re-edit most GEGL filters in the menu on the layer dockable without having to revert your work. You can also toggle them on or off, selectively delete them, or even merge them all down destructively. If you prefer the original GIMP 2.10 workflow, you can select the Merge Filters" option when applying a filterinstead. GIMP 3.0 release notes There's also much better color space management, better layer management and control, the user interface has been improved across the board, and support for a ton of file formats have been added, from macOS icons to Amiga ILBM/IFF formats, and much more. GIMP 3.0 also improves compatibility with Photoshop files, and it can import more palette formats, including proprietary ones like Adobe Color Book (ACB) and Adobe Swatch Exchange (ASE). This is just a small selection, as GIMP 3.0 truly is a massive update. It's available for Linux, Windows, and macOS, and if you wait for a few days it'll probably show up in your distribution's package repositories.

Settle down children, it's time for another great article by Cameron Kaiser. This time, they're going to tell us about the DEC Professional 380 running PRO/VENIX. The Pro 380 upgraded to the beefier J-11 (Jaws") CPU from the PDP-11/73, running two to three times faster than the 325 and 350. It had faster RAM and came with more of it, and boasted quicker graphics with double the vertical resolution built right into the logic board. The 380 still has its faults, notably being two-thirds the speed of the 11/73 and having no cache, plus all of the 325/350's incompatibilities. Taken on its merits, though, it's a tank of a machine, a reasonably powerful workstation, and the most practical PDP-adjacent thing you can actually slap on a (large) desk. This particular unit is one of the few artifacts I have left from a massive DEC haul almost twelve years ago. It runs PRO/VENIX, the only official DEC Unix option for the Pros, but in its less common final release (we'll talk about versions of Venix). I don't trust the clanky ST-506 hard drive anymore, so today we'll convert it to solid state and double its base RAM to make it even more professional, and then play around in VENIX some for a taste of old-school classic Unix - after, of course, some history. Cameron Kaiser Detailed, interesting, fascinating, and full of photos as always.

In 1994, a single Macintosh Performa model, the 550, came from the factory with a dedicated, hidden recovery partition that contained a System 7 system folder and a small application that would be set as bootable if the main operating system failed to boot. This application would then run, allowing you to recover your Mac using the system folder inside the recovery partition. This feature was apparently so obscure, few people knew it existed, and nobody had access to the original contents of the recovery partition anymore. It took Doug Brown a lot of searching to find a copy of this recovery partition. The issue is that nobody really knows how this partition is populated with the recovery data, so the only way to explore its contents was to somehow find a Performa 550 hard drive with a specific version of Mac OS that had never been reformatted after leaving the factory. The thing is, this whole functionality was super obscure. It's understandable that people weren't familiar with it. Apple publicly stated it was only included with this one specific Performa model. Their own documentation also said that it would be lost if you reformatted the hard drive. It was hiding in the background, so nobody really knew it was there, let alone thought about saving it. Also, I can say that the first thing a lot of people do when they obtain a classic computer is erase it in order to restore it to the factory state. Little did anyone know, if they reformatted the hard drive on a Performa 550, they could have been wiping out rare data that hadn't been preserved! Doug Brown Brown found a copy, and managed to get the whole original functionality working again. It's a fairly basic way of doing this, but we shouldn't forget we're talking 1994 here, and I don't think any other operating system at the time had the ability to recover from an unbootable state like this. Like Brown, I wonder why it was abandoned so quickly. Perhaps Apple was unwilling to sacrifice the hard drive space? Groundbreaking or not, it's still great to have this recovered and preserved for the ages.

It's rare in this day and age that proprietary operating system vendors like Microsoft and Apple release updates you're more than happy to install, but considering even a broken clock is right twice a day, we've got one for you today. Microsoft released KB5053598 (OS Build 26100.3476) which addresses security issues for your Windows operating system". One of the security issues" this update addresses, is Microsoft's AI" text generator, Copilot. To address this glaring security issue, this update removes Copilot from your Windows installation altogether. Sadly, it's only by mistake, and not by design. We're aware of an issue with the Microsoft Copilot app affecting some devices. The app is unintentionally uninstalled and unpinned from the taskbar. Microsoft is working on a resolution to address this issue. In the meantime, affected users can reinstall the app from the Microsoft Store and manually pin it to the taskbar. Microsoft Support Well, at least until Microsoft fixes" this issue" with KB5053598, consider this update a simple way to get rid of Copilot. Microsoft accidentally cared about its users for once, so cherish this moment - it won't happen again.

It's been a while, but there's a new release of Ironclad, the formally verified, hard real-time capable kernel written in SPARK and Ada. Aside from the usual bugfixes, this release moves Ironclad from multiboot to Limine, adds x86_64 ACPI support for poweroff and reboot, improvements to PTY support, the VFS layer, and much more. The easiest way to try out Ironclad is to download Gloire, a distribution that uses Ironclad and the GNU tools. It can be installed in both a virtual machine and on real hardware.

Mozilla's actions have been rubbing many Firefox fans the wrong way as of late, and inspiring them to look for alternatives. There are many choices for users who are looking for a browser that isn't part of the Chrome monoculture but is full-featured and suitable for day-to-day use. For those who are willing to stay in the Firefox family" there are a number of good options that have taken vastly different approaches. This includes GNU IceCat, Floorp, LibreWolf, and Zen. Joe Brockmeier It's a tough situation, as we're all aware. We don't want the Chrome monoculture to get any worse, but with Mozilla's ever-increasing number of dubious decisions some people have been warning about for years, it's only natural for people to look elsewhere. Once you decide to drop Firefox, there's really nowhere else to go but Chrome and Chrome skins, or the various Firefox skins. As an aside, I really don't think these browsers should be called Firefox forks"; all they really do is change some default settings, add in an extension or two, and make some small UI tweaks. They may qualify as forks in a technical sense, but I think that overstates the differentiation they offer. Late last year, I tried my best to switch to KDE's Falkon web browser, but after a few months the issues, niggles, and shortcomings just started to get under my skin. I switched back to Firefox for a little while, contemplating where to go from there. Recently, I decided to hop onto the Firefox skin train just to get rid of some of the Mozilla telemetry and useless features' they've been adding to Firefox, and after some careful consideration I decided to go with Waterfox. Waterfox strikes a nice balance between the strict choices of LibreWolf - which most users of LibreWolf seem to undo, if my timeline is anything to go by - and the choices Mozilla itself makes. On top of that, Waterfox enables a few very nice KDE integrations Firefox itself and the other Firefox skins don't have, making it a perfect choice for KDE users. Sadly, Waterfox isn't packaged for most Linux distributions, so you'll have to resort to a third-party packager. In the end, none of the Firefox skins really address the core problem, as they're all still just Firefox. The problem with Firefox is Mozilla, and no amount of skins is going to change that.

Google's biggest announcement today, at least as it pertains to Android, is that the Vulkan graphics API is now the official graphics API for Android. Vulkan is a modern, low-overhead, cross-platform 3D graphics and compute API that provides developers with more direct control over the GPU than older APIs like OpenGL. This increased control allows for significantly improved performance, especially in multi-threaded applications, by reducing CPU overhead. In contrast, OpenGL is an older, higher-level API that abstracts away many of the low-level details of the GPU, making it easier to use but potentially less efficient. Essentially, Vulkan prioritizes performance and explicit hardware control, while OpenGL emphasizes ease of use and cross-platform compatibility. Mishaal Rahman at Android Authority Android has supported Vulkan since Android 7.0, released in 2016, so it's not like we're looking at something earth-shattering here. The issue has been, as always with Android, fragmentation: it's taken this long for about 85% of Android devices currently in use to support Vulkan in the first place. In other words, Google might've wanted to standardise on Vulkan much sooner, but if only a relatively small number of Android devices support it, that's going to be a hard sell. In any event, from here on out, every application or game that wants to use the GPU on Android will have to do so through Vulkan, including everything inside Android. It's still going to be a long process, though, as the requirement to use Vulkan will not fully come into effect until Android 17, and even then there will be exceptions for certain applications. Android tends to implement changes like this in phases, and the move to Vulkan is no different. All of this does mean that older devices with GPUs that do not support Vulkan, or at least not properly, will not be able to be updated to the Vulkan-only releases of Android, but let's be real here - those kinds of devices were never going to be updated anyway.

Ted Unangst published dude, where are your syscalls? on flak yesterday, with a neat demonstration of OpenBSD's pinsyscall security feature, whereby only pre-registered addresses are allowed to make system calls. Whether it strengthens or weakens security is up for debate, but regardless it's an interesting, low-level programming challenge. The original demo is fragile for multiple reasons, and requires manually locating and entering addresses for each build. In this article I show how to fix it. To prove that it's robust, I ported an entire, real application to use raw system calls on OpenBSD. Chris Wellons Some light reading for the weekend.

Elon Musk's Tesla is waving a red flag, warning that Donald Trump's trade war risks dooming US electric vehicle makers, triggering job losses, and hurting the economy. In an unsigned letter to the US Trade Representative (USTR), Tesla cautioned that Trump's tariffs could increase costs of manufacturing EVs in the US and forecast that any retaliatory tariffs from other nations could spike costs of exports. Ashley Belanger at Ars Technica Back in 2020, scientists at the University of Twente, The Netherlands, created the smallest string instrument that can produce tones audible by human ears when amplified. Its strings were a mere micrometer thin, or one millionth of a meter, and about half to one millimeter long. Using a system of tiny weights and combs producing tiny vibrations, tones can be created. And yet, this tiny violin still isn't small enough for Tesla.

We've got the Haiku activity report covering February, and aside from the usual slew of bug fixes and minor improvements, there's one massive improvement that deserves attention. waddlesplash continued his ongoing memory management improvements, fixes, and cleanups, implementing more cases of resizing (expanding/shrinking) memory areas when there's a virtual memory reservation adjacent to them (and writing tests for these cases) in the kernel. These changes were the last remaining piece needed before the new malloc implementation for userland (mostly based on OpenBSD's malloc, but with a few additional optimizations and a Haiku-specific process-global cache added) could be merged and turned on by default. There were a number of followup fixes to the kernel and the new allocator's glue" and global caching logic since, but the allocator has been in use in the nightlies for a few weeks with no serious issues. It provides modest performance improvements over the old allocator in most cases, and in some cases that were pathological for the old allocator (GCC LTO appears to have been one), provides order-of-magnitude (or mode) performance improvements. waddlesplash on the Haiku website Haiku also continues replacing implementations of standard C functions with those from musl, Haiku can now be built on FreeBSD and Linux distributions that use musl, C5/C6 C-states were disabled for Intel Skylake to fix boot problems on that platform, and many, many more changes. There's also bad news for fans of Gopher: support for the protocol was removed from WebPositive, Haiku's native web browser.

When I checked where Windows Defender had actually detected the threat, it was in the Fan Control app I use to intelligently cool my PC. Windows Defender had broken it, and that's why my fans were running amok. For others, the threat was detected in Razer Synapse, SteelSeries Engine, OpenRGB, Libre Hardware Monitor, CapFrameX, MSI Afterburner, OmenMon, FanCtrl, ZenTimings, and Panorama9, among many others. As of now, all third-party/open-source hardware monitoring softwares are screwed," Fan Control developer Remi Mercier tells me. Sean Hollister at The Verge Anyone reading OSNews can probably solve this puzzle. Many fan control and hardware monitoring applications for Windows make use of the same open source driver: WinRing0. Uniquely, this kernel-level driver is signed, since it's from back in the days when developers could self-sign these sorts of drivers, but the signed version has a known vulnerability that's quite dangerous considering it's a kernel-level driver. The vulnerability has been fixed, but signing this new version - and keeping it signed - is a big ordeal and quite expensive, since these days, drivers have to be signed by Microsoft. And it just so happens that Windows Defender has started marking this driver, and thus any tool that uses it, as dangerous, sending it to quarantine. The result is failing hardware monitoring and fan control applications for quite a few Windows users. Some companies have invested in developing their own closed-source alternatives, but they're not sharing them. Luckily, Windows OEM iBuyPower says it's trying to get the patched version of WinRing0 signed, and if that happens, they will share it back with the community. Classy. For now, though, hardware monitoring and fan control on Windows might be a bit of an ordeal.

One of the biggest behind-the-scenes changes in the upcoming Plasma 6.4 release is the split of kwin_x11 and kwin_wayland codebases. With this blog post, I would like to delve in what led us to making such a decision and what it means for the future of kwin_x11. Vlad Zahorodnii For the most part, this change won't mean much for users of KWin on either Wayland or X11, at least for now. At least for the remainder of the Plasma 6.x life cycle, kwin_x11 will be maintained, and despite the split, you can continue to have both kwin_x11 and kwin_wayland installed and use them interchangeably. Don't expect any new features, though; kwin_x11 will get the usual bug fixes, some backports, and they'll make sure it keeps working with any new KDE frameworks introduced during the 6.x cycle, but that's all you're going to get if you're using KDE on X11. There's one area where this split might cause problems, though, and that's if you're using a particular type of KWin extension. While KWin extensions written in JavaScript and QML are backend agnostic and can be used without issues on both variants of KWin, extensions written in C++ are not. These extensions need to be coded specifically for either kwin_x11 or kwin_wayland, and with Wayland being the default for KDE, this may mean some of these extensions will leave X11 users behind to reduce the maintenance burden. It seems that very few people are still using KDE on X11, and kwin_x11 doesn't receive much testing anymore, so it makes sense to start preparations for the inevitable deprecation. While I think the time of X11 on Linux has come and gone, it's unclear what this will mean for KDE on the BSDs. While Wayland is available on all of the BSDs in varying states of maturity, I honestly don't know if they're ready for a Wayland-only KDE at this point in time.

Ah, PuTTY. Good old reliable PuTTY. This little tool is one of those cornerstone applications in the toolbox of most of us, without any fuss, without any upsells or anti-user nonsense - it just does its job, and it has been doing its job for 30 years. Have you ever wondered, though, where PuTTY's icons come from, how they were made, and how they evolved over time? PuTTY's icon designs date from the late 1990s and early 2000s. They've never had a major stylistic redesign, but over the years, the icons have had to be re-rendered under various constraints, which made for a technical challenge as well. Simon Tatham The icons have basically not changed since the late '90s, and I think that's incredibly fitting for the kind of tool PuTTY is. It turns out people actually offer to redesign all the icons in a modern style, but that's not going to happen. People sometimes object to the entire 1990s styling, and volunteer to design us a complete set of replacements in a different style. We've never liked any of them enough to adopt them. I think that's probably because the 1990s styling is part of what makes PuTTY what it is - reassuringly old-fashioned". I don't know if there's any major redesign that we'd really be on board with. Simon Tatham Amen.

After so much terrible tech politics news, let's focus on some nice, easy-going Linux news that's not going to be controversial at all: Ubuntu intends to replace numerous core Linux utilities with newer Rust replacements, starting with the ubiquitous GNU Coreutils. This package provides utilities which have become synonymous with Linux to many - the likes of ls, cp, and mv. In recent years, there has been an effort to reimplement this suite of tools in Rust, with the goal of reaching 100% compatibility with the existing tools. Similar projects, like sudo-rs, aim to replace key security-critical utilities with more modern, memory-safe alternatives. Starting with Ubuntu 25.10, my goal is to adopt some of these modern implementations as the default. My immediate goal is to make uutils' coreutils implementation the default in Ubuntu 25.10, and subsequently in our next Long Term Support (LTS) release, Ubuntu 26.04 LTS, if the conditions are right. Jon Seager Obviously, this is a massive change for Ubuntu, and while performance is one of the cited reasons for undertaking this effort, the biggest reason is, of course, security. To aid in the testing effort, Seager created a tool called oxidizr, with which you can swap between the classic versions and the new Rust versions of various tools to try them out in a non-destructive way. This is a massive vote of confidence in uutils, and I'm curious to see if it works out for Ubuntu. I doubt it's going to take long before other prominent distributions follow suit.

We've talked about Chimera Linux a few times now on OSNews, so I won't be repeating what makes it unique once more. The project announced today that it will be shuttering its RISC-V architecture support, and considering RISC-V has been supported by Chimera Linux pretty much since the beginning, this is a big step. The reason is as sad as it is predictable: there's simply no RISC-V hardware out there fit for the purpose of building a Linux distribution and all of its packages. Up until this point, Chimera Linux built its RISC-V variant on an x86_64 machine with qemu-user binfmt emulation coupled with transparent cbuild support". There are various problems with this setup, like serious reliability problems, not being able to test packages, and a lack of performance. The setup was intended to be a temporary solution until proper, performanct RISC-V hardware became available, but this simply hasn't happened, and it doesn't seem like this is going to change soon. Most of the existing RISC-V hardware options simply lack the performance to be used as build machines (think Raspberry Pi 3/4 levels of performance), making them even slower than the emulation setup they're currently using. The only machine that in theory would be performant enough to serve as a build machine is the Milk-V Pioneer, but this machine has serious other problems, as the project notes: Milk-V Pioneer is a board with 64 out-of-order cores; it is the only of its kind, with the cores being supposedly similar to something like ARM Cortex-A72. This would be enough in theory, however these boards are hard to get here (especially with Sophgon having some trouble, new US sanctions, and Mouser pulling all the Milk-V products) and from the information that is available to me, it is rather unstable, receives very little support, and is ridden with various hardware problems. Chimera Linux website So, not only is the Milk-V Pioneer difficult to get due to, among other things, US sanctions, it's also not very stable and receives very little support. Aside from the Pioneer and the various slow and therefore unsuitable options, there's nothing else in the pipeline either for performant RISC-V hardware, making it quite difficult to support the architecture. Of course, this could always change in the future, but for now, supporting RISC-V is clearly not an option for Chimera Linux. This is clearly sad news, especially for those of us hoping RISC-V becomes an open source hardware platform that we can use every day, and I wonder how many other projects are dealing with the same problem.

In Canada, where the American national anthem has been booed during hockey matches with US teams, a slew of apps has emerged with names such as buy beaver", maple scan" and is this Canadian" to allow shoppers to scan QR barcodes and reject US produce from alcohol to pizza toppings. In Sweden, more than 70,000 users have joined a Facebook group calling for a boycott of US companies - ironically including Facebook itself - which features alternatives to US consumer products. In Denmark, where there has been widespread anger over Trump's threat to bring the autonomous territory of Greenland under US control, the largest grocery company, the Salling group, has said it will tag European-made goods with a black star to allow consumers to choose them over products made in the US. Peter Beaumont at the Guardian These are just a few of the examples of a growing interest in places like Canada and Europe to boycott American products to the best of one's ability. It's impossible to boycott everything coming from a certain country - good luck finding a computer without American software and/or hardware, for instance - but these small acts of disapproval and resistance allow people to vent their anger. It's clearly already having an effect on Tesla, whose sales have completely collapsed in Europe, so much so that the president of the United States has to do his best Billy Mays impression in front of the White House to help his buddy sell cars. Very classy. With the United States threatening war on Canada, Greenland and Denmark, and Panama, it's only natural for citizens of those countries, as well as those of close friends of those countries, to want do something, and being more mindful or what you spend your money on is a tried and true way to do that. Technology can definitely help here, as we've talked about before, and as shown in the linked article. While no tool to determine place of origin of products will ever be perfect, it can certainly help to avoid products you don't want to buy. I can only hope this doesn't get even more out of hand than it already has. The United States started a trade war with the European Union today as well, and of course, the EU retaliated. I doubt the average person has any clue just how intertwined the global economy and supply chains are, and that the only people paying for this are people like you and I. The tech billionaires and career politicians won't be the ones screwed over by surging prices of basic necessities because of tariffs, and it won't be the children of the rich and powerful being sent to war with Canada or Panama or whatever. The very companies that OSNews has reported on for almost 30 years are the ones pushing and enabling most of this vile nonsense, so yes, you will be seeing items about this here, whether you and I like it or not. Only cowards and the privileged have the luxury of ignoring what the United States is doing right now.

A new lobbying group, dubbed the Freedom Cities Coalition, wants to convince President Trump and Congress to authorize the creation of new special development zones within the U.S. These zones would allow wealthy investors to write their own laws and set up their own governance structures which would be corporately controlled and wouldn't involve a traditional bureaucracy. The new zones could also serve as a testbed for weird new technologies without the need for government oversight. Lucas Ropek I mean, just in case you weren't convinced yet these people are utterly insane. This is the kind of nonsensical libertarian Ayn Rand-inspired wank material dystopian fiction draws a lot of inspiration from, and it never ever ends well for anyone involved, especially not for the poor and lower classes inhabiting such places, because they're supposed to be warnings, not instruction manuals. The fact that this insipid brand of utter stupidity is even considered by a president of the United States in this day and age should be all the proof you need that he and those around him have the moral compass of the rotting carcass of Margaret Thatcher. I can't believe we have to tell these Silicon Valley geniuses" that lawless corporate towns are bad. In 2025.

The future of the United States is no longer decided in Washington. That ship has sailed. It's now dictated in the bunkers, private jets, and compounds of an ideological Silicon Valley, by billionaires and wealth extremists intent on treating democracy as a nuisance that must be swatted away. These men - raised on a rabid press that mythologized their existence in their lifetimes, called them Wunderkind and treated them as something above and beyond mere mortality - have consumed a steady diet of libertarian and authoritarian fan fiction and conceived a new order, designed to elevate their lofty egos at any and all cost. The Internet was supposed to be the great equalizer. It was meant to be a force that shattered hierarchies and gave power to ordinary people. Instead, it enabled the wealth extraction and avarice of a cartel of overfed, over-pampered despots who enriched themselves in the name of innovation, bled the world to the point of near-total collapse, intellectualized their power fetish and now view public institutions as the final obstacles to be dismantled in their megalomanic pursuit of More. Joan Westenberg The US has only itself to blame. Let's hope they don't drag the rest of us with them.

The utter chaos in the United States and the country's antagonistic, erratic, and often downright hostile approach to what used to be its allies has not gone unnoticed, and it seems it's finally creating some urgency in an area in which people have been fruitlessly advocating for urgency for years: digital independence from US tech giants. Efforts to make Europe more technologically sovereign" have gone mainstream. The European Commission now has its first-ever technology sovereignty" chief, Henna Virkkunen. Germany's incoming ruling party, the center-right Christian Democratic Union, called for sovereign" tech in its program for the February election. Mounting friction across the Atlantic makes it clearer than ever that Europe must control its own technological destiny," said Francesca Bria, an innovation professor at University College London and former president of Italy's National Innovation Fund. Pieter Haeck at Politico This should've been a primary concern for decades, as many have been trying to make it. Those calls usually fell on deaf ears, as relying on Google, Microsoft, Amazon, and other US tech giants was simply the cheapest option for EU governments and corporations alike. However, now that the US is suffering under a deeply dysfunctional, anti-EU regime, the chickens are coming home to roost, and it's dawning on European politicians and business leaders alike that relying on US corporations that openly and brazenly cheer on the Trump/Elon regime might've been a bad idea. To the surprise of nobody with more than two brain cells. It's going to take a long, long time for this situation to get any better. Europe simply doesn't have any equivalents to the services offered by companies like Google, Amazon, and Microsoft, and even if does, certainly not at their scale. Building up the resources these US companies offers is going to take a long time, and it won't be cheap, making it hard to sell such moves to voters and shareholders alike, both of which are not exactly known for their long-term views on such complex matters. Still, it seems consumers in the EU might be more receptive to messages of digital independence from the US than ever before. Just look at how hard Tesla is tanking all over Europe, part of which can definitely be attributed to Europeans not wanting to buy any products from a man openly insulting and lying about European elected officials. If this groundswell of sentiment spreads, I can definitely see European politicians tapping into it to sell massive investments in digital independence. Personally, banning Twitter and Facebook from operating in the EU should be step one, as its owners have made it very clear that illegal election interference and nazi propaganda is something they have no issues with, followed by massive investments in alternatives to the services offered by the US big tech companies. China has been doing this for a long time now, and Europe should follow in its footsteps. There are enough bases to work from - from open source non-Google Android smartphones to EU-based Linux distributions for everything from desktops to server farms, and countless other open source services - so it's not like we have to start from nothing. If we can spend 800 billion to finally get EU defense up to snuff, we should be able to spare something for digital independence, too.

To meet those goals, we've begun work on a native port of the TypeScript compiler and tools. The native implementation will drastically improve editor startup, reduce most build times by 10x, and substantially reduce memory usage. By porting the current codebase, we expect to be able to preview a native implementation of tsc capable of command-line typechecking by mid-2025, with a feature-complete solution for project builds and a language service by the end of the year. Anders Hejlsberg It seems Microsoft is porting TypeScript to Go, and WILL eventually offer both TypeScript (JS)" and TypeScript (native)" alongside one another during a transition period. TypeScript 6.x will be the JavaScript-based one and will continue to be developed until TypeScript 7.0, the Go-one, is mature enough. During the 6.x release cycle, however, there will be breaking changes and deprecations in preparation for 7.0. Those are some serious performance improvements, but I'm sure quite a few projects are going to run into issues during the transition period. I hope for them that the 6.x branch remains maintained for long enough to reasonably get everyone on board the new Go version.

I signed up for GlobalTalk in 2024, but never found the time to get a machine set up. Fast-forward to MARCHintosh 2025 and I wasn't going to let another year go by. This is a series of notes from my experience getting System 7.6 up and running on QEMU 68k on Ubuntu. Hopefully this will help others that might be hitting a roadblock. I certainly hit several! Cale Mooth A short and to-the-point guide for those of us who want to partake in GlobalTalk but can't due to the lack of compatible hardware.

For decades, Linux and BSD have stood as two dominant yet fundamentally different branches of the Unix-like operating system world. While Linux distributions, such as Debian, Ubuntu, and Fedora, have grown to dominate the open-source ecosystem, BSD-based systems like FreeBSD, OpenBSD, and NetBSD have remained the preferred choice for those seeking security, performance, and licensing flexibility. But what if you could combine the best of both worlds-Debian's vast package ecosystem with FreeBSD's robust and efficient kernel? Enter Debian GNU/kFreeBSD, a unique experiment that merges Debian's familiar userland with the FreeBSD kernel, offering a hybrid system that takes advantage of FreeBSD's technical prowess while maintaining the ease of use associated with Debian. This article dives into the world of Debian GNU/kFreeBSD, exploring its architecture, installation, benefits, challenges, and real-world applications. George Whittaker More of a list of upsides and downsides than an actual in-depth article, but that doesn't make it any less interesting. There's a variety of attempts out there to somehow marry the Linux and BSD worlds, and each of them takes a unique approach. I'm not sure the Debian userland with a FreeBSD kernel is the way to go, though, and it seems I'm not alone - Debian GNU/kFreeBSD was officially dropped from Debian in 2015 or so, and after a flurry of unofficial activity in 2019, it was discontinued completely in 2023 due to a lack of activity and developer interest. Odd that the source article doesn't mention that. If you're still interested in a combination of Linux and BSD, I'd keep an eye on Chimera Linux instead. It's very actively developed, focuses on portable code by supporting many architectures, and its developers are veterans in this space. I have my eye on Chimera Linux as my future distribution of choice.

Brother laser printers are popular recommendations for people seeking a printer with none of the nonsense. By nonsense, we mean printers suddenly bricking features, like scanning or printing, if users install third-party cartridges. Some printer firms outright block third-party toner and ink, despite customer blowback and lawsuits. Brother's laser printers have historically worked fine with non-Brother accessories. A YouTube video posted this week, though, as well as older social media posts, claim that Brother has gone to the dark side and degraded laser printer functionality with third-party cartridges. Brother tells Ars that this isn't true. Scharon Harding at Ars Technica I find this an incredibly interesting story. We all know the printer space is a cursed hellhole of the very worst worst types of enshittification, but Brother seemed like an island of relative calm in a sea of bullshit. In turn, people are so used to printers being shit, that any problem that comes up is automatically explained by malice, which is not entirely unreasonable. Borther insists, though, that it does not break printers using third-party toner or ink through firmware. Brother does make it very clear that it is standard procedure to only perform troubleshooting on Brother printers using genuine' Brother ink and toner, which is not entirely unreasonable in my book. There's no telling what kind of effects third part cartridges - which do contain electronics - have on the rest of the printer, and I don't think it's fair to expect Brother to be able to document all of those possible issues. As long as using third-party toner and ink cartridges doesn't invalidate any warranties, and as long as Brother doesn't intentionally break printers for using third-party toner and ink, I think Brother meets its obligations to consumers. If you choose to use third-party ink and toner cartridges in Brother printers, I think it's only reasonable you remove those during the troubleshooting process to ensure they're not the cause of any problems you're experiencing.

For more than a decade, we have a port of the curl library for Genode available. With the use of Sculpt OS as a daily driver as well as the plan to run Goa natively on Sculpt OS by the end of the year, the itch to also port the curl command-line tool became irresistible. Of course this is a perfect territory for using Goa. In this article, I will share the process of porting the curl command-line tool and shared library in order to guide future porting efforts of other projects. Johannes Schlatow A detailed, step-by-step retelling of porting the curl command-line tool and associated libraries to Genode/Sculpt OS. Articles like these are invaluable to anyone trying to port things to Genode and Sculpt OS, as it points to some directions you can explore when encountering errors and hurdles of your own.

Two for the techbro AI' cannot be biased" crowd: A Moscow-based disinformation network named Pravda" - the Russian word for truth" - is pursuing an ambitious strategy by deliberately infiltrating the retrieved data of artificial intelligence chatbots, publishing false claims and propaganda for the purpose of affecting the responses of AI models on topics in the news rather than by targeting human readers, NewsGuard has confirmed. By flooding search results and web crawlers with pro-Kremlin falsehoods, the network is distorting how large language models process and present news and information. The result: Massive amounts of Russian propaganda - 3,600,000 articles in 2024 - are now incorporated in the outputs of Western AI systems, infecting their responses with false claims and propaganda. Dina Contini and Eric Effron at Newsguard It turns out pretty much all of the major AI" text generators - OpenAI's ChatGPT-4o, You.com's Smart Assistant, xAI's Grok, Inflection's Pi, Mistral's le Chat, Microsoft's Copilot, Meta AI, Anthropic's Claude, Google's Gemini, and Perplexity's answer engine - have been heavily infected by this campaign. Lovely. From one genocidal regime to the next - how about a nice Amazon AI" summary of the reviews for Hitler's Mein Kampf? The full AI summary on Amazon says: Customers find the book easy to read and interesting. They appreciate the insightful and intelligent rants. The print looks nice and is plain. Readers describe the book as a true work of art. However, some find the content boring and grim. Opinions vary on the suspenseful content, historical accuracy, and value for money." Samantha Cole at 404 Media This summary was then picked up by Google, and dumped verbatim as Google's first search result. Lovely.

Like the other Chrome skins, Microsoft Edge is also moving to disable Manifest v2 extensions, restricting the effectiveness of ad blockers like uBlock Origin. As an advertising company, Microsoft was obviously never going to do the work to keep Manifest v2 support around in Chrome, so this was inevitable. Blocking ads might be a necessary security practice, but why cry over spilled user data, am I right? Anyway, today: In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal information. The attack originated from illegal streaming websites embedded with malvertising redirectors, leading to an intermediary website where the user was then redirected to GitHub and two other platforms. The campaign impacted a wide range of organizations and industries, including both consumer and enterprise devices, highlighting the indiscriminate nature of the attack. Microsoft Threat Intelligence If only there was a type of browser extension that prevents such malvertising attacks from being possible in the first place, and if only support for such browser extensions wasn't being gutted as we speak. If only.

With the United States having started an incredibly dumb and destructive trade war with Canada, Mexico, and most likely soon the European Union, there's quite a few people who want to avoid American products. With how interconnected the global production chain and corporate ownership structures are, it's often difficult to determine where products actually come from. Luckily, technology can help. There's online directories like Buy European Made, which lists European companies in all kinds of markets, or European Alternatives, which focuses on listing European alternatives to online services. As nice as these are, they are quite manual, and require people to actively search around, which is kind of a hassle when you're making a quick grocery store run. What if we could use image recognition to just take a photo of a product's box, and have our phone tell us where a product's made? That's exactly what Made O'Meter does: take a photo of a product, wait for a few seconds, and it'll tell you exactly where it's made. It's made in Denmark, with the goal to support Europe, Canada & friends". I've been trying it out on various products around the house, from groceries like cereals and cookies, to tech products and clothing we just bought that still had the tags on them. Every result turned out to be 100% accurate, and it takes only a few seconds to analyse each photo. It also doesn't seem to be too fussy with the quality of the photos themselves - it doesn't care about hands and fingers in the frame, or weirdly-shaped boxes that don't fit nicely in a view finder. It's a website, not an app - very platform-agnostic, which is great - and I was using it in Firefox for Android without issue. If you want to avoid American products, Made O'Meter is a great tool to have with you the next time you order something or run to the store.

Fuchsia is a new (non-Linux) operating system from Google, and one of the key pieces of Fuchsia's design is the component framework. Components on Fuchsia have many similarities with some of the container solutions on Linux (such as Docker): they both fetch content addressed blobs from the network, assemble those blobs into an isolated filesystem structure that holds all the dependencies necessary to run some piece of software, and launch namespaced processes with that created directory as its root. The most interesting details are where these two projects diverge. Both have different use cases and requirements, which leads to different strengths between the systems. This talk will largely be focusing on where and why these two similar technologies diverge. Claire Gonyeo A very interesting talk by Claire Gonyeo, a software engineer at Google working on Fuchsia.

Clearly, online search isn't bad enough yet, so Google is intensifying its efforts to continue speedrunning the downfall of Google Search. They've announced they're going to show even more AI"-generated answers in Search results, to more people. Today, we're sharing that we've launched Gemini 2.0 for AI Overviews in the U.S. to help with harder questions, starting with coding, advanced math and multimodal queries, with more on the way. With Gemini 2.0's advanced capabilities, we provide faster and higher quality responses and show AI Overviews more often for these types of queries. Plus, we're rolling out to more people: teens can now use AI Overviews, and you'll no longer need to sign in to get access. Robby Stein On top of this, Google is also testing a new search mode where AI" takes over the entire search experience. Instead of seeing the usual list of links, the entire page of results" will be generated by AI". This feature, called AI Mode" is opt-in for now. You can opt-in in Labs, but you do need to be a paying Google One AI Premium subscriber. I guess it's only a matter of time before this AI Mode" will be the default on Google Search, because it allows Google to keep its users on Google.com, and this makes it easier to show them ads and block out competitors. We all know where this is going. But, I hear you say, I use DuckDuckGo! I don't have to deal with any of this! Well, I've got some bad news for you, because DuckDuckGo, too, is greatly expanding its use of AI" in search. DDG will provide free, anonymous access to various AI" chatbots, deliver more AI"-generated search results based on more sources (but still English-only), and more - all without needing to have an account. A few of these features were already available in beta, and are now becoming generally available. Props to DuckDuckGo for providing a ton of options to turn all of this stuff off, though. They give users quite a bit of control over how often these AI"-generated search results appear, and you can even turn them off completely. All the AI" chatbot stuff is delegated to a separate website, and any link to it from the normal search results can be disabled, too. It's entirely possible to have DuckDuckGo just show a list of regular search results, exactly as it should be. Let's hope DDG can keep these values going, because if they, too, start pushing this AI" nonsense without options to turn it off, I honestly have no idea where else to go.

Back when Java was still a new programming language, Sun had the idea of building a computer specifically designed for Java, unique processor running byte-code as its native machine code and all. This whole endeavour proved to be more complicated than Sun had hoped, and as such, they eventually abandoned the idea of a Java processor in favour of plain SPARC. When the JavaStation shipped, it was a regular SPARC workstation without a hard drive, running something called JavaOS from flash memory. Since JavaOS is, of course, long gone, what can you do with JavaStation today? Well, you apparently can run NetBSD on it, but it's quite an ordeal. The JavaStation needs to boot from the network using a combination of RARP, NFS, and more, and surprisingly, this entire setup, including the computer acting as the server' for the JavaStation, is well-documented and supported by NetBSD. Once you've gone through all the steps, you'll end up with a JavaStation running the latest release of NetBSD, which is pretty cool. Obviously there is still a lot to do; as you can see postfix isn't happy, and the swapfile security needs tightening up for a start. But we do now have a functional NetBSD system running on a vintage network computer! Old Fart's Almanac NetBSD's continued support for the most arcane of hardware will never cease to amaze me.

Now that we have examined the vulnerability that enables arbitrary microcode patches to be installed on all (un-patched) Zen 1 through Zen 4 CPUs, let's discuss how you can use and expand our tools to author your own patches. We have been working on developing a collection of tools combined into a single project we're calling zentool. The long-term goal is to provide a suite of capabilities similar to binutils, but targeting AMD microcode instead of CPU machine code. You can find the project source code here along with documentation on how to use the tools. Google's Bug Hunters website I just read a whole bunch of words, but I barely understand what's going on. The general, very simplified gist is that the researchers discovered a way for an attacker with local administrator privileges to load arbitrary microcode onto AMD Zen 1-4 processors.