"The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented 'backdoor' that could be leveraged for attacks," writes BleepingComputer.

"The undocumented commands allow spoofing of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence." This was discovered by Spanish researchers Miguel Tarascó Acuña and Antonio Vázquez Blanco of Tarlogic Security, who presented their findings yesterday at RootedCON in Madrid. "Tarlogic Security has detected a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present in millions of mass-market IoT devices," reads a Tarlogic announcement shared with BleepingComputer. "Exploitation of this backdoor would allow hostile actors to conduct impersonation attacks and permanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment by bypassing code audit controls...."

Tarlogic developed a new C-based USB Bluetooth driver that is hardware-independent and cross-platform, allowing direct access to the hardware without relying on OS-specific APIs. Armed with this new tool, which enables raw access to Bluetooth traffic, Targolic discovered hidden vendor-specific commands (Opcode 0x3F) in the ESP32 Bluetooth firmware that allow low-level control over Bluetooth functions. In total, they found 29 undocumented commands, collectively characterized as a "backdoor," that could be used for memory manipulation (read/write RAM and Flash), MAC address spoofing (device impersonation), and LMP/LLCP packet injection.

Espressif has not publicly documented these commands, so either they weren't meant to be accessible, or they were left in by mistake.
Thanks to Slashdot reader ZipNada for sharing the news.

Google has introduced a Debian Linux terminal app for Android in its ongoing effort to transform Android into a versatile desktop OS. It's initially available on Pixel devices running Android 15 but will be expanded to "all sufficiently robust Android phones" when Android 16 arrives later this year," writes ZDNet's Steven Vaughan-Nichols. An anonymous reader shares an excerpt from the report: Today, Linux is only available on the latest Pixel devices running Android 15. When Android 16 arrives later this year, it's expected that all sufficiently robust Android phones will be able to run Linux. Besides a Linux terminal, beta tests have already shown that you should be able to run desktop Linux programs from your phone -- games like Doom, for example. The Linux Terminal runs on top of a Debian Linux virtual machine. This enables you to access a shell interface directly on your Android device. And that just scratches the surface of Google's Linux Terminal. It's actually a do-it-all app that enables you to download, configure, and run Debian. Underneath Terminal runs the Android Virtualization Framework (AVF). These are the APIs that enable Android devices to run other operating systems.

To try the Linux Terminal app, you must activate Developer Mode by navigating to Settings - About Phone and tapping the build number seven times. I guess Google wants to make sure you want to do this. Once Developer Mode is enabled, the app can be activated via Settings - System - Developer options - Linux development environment. The initial setup may take a while because it needs to download Debian. Typically this is a 500MB download. Once in place, it allows you to adjust disk space allocation, set port controls for network communication, and recover the virtual machine's storage partition. However, it currently lacks support for graphical user interface (GUI) applications. For that, we'll need to wait for Android 16.

According to Android specialist Mishaal Rahman, 'Google wants to turn Android into a proper desktop operating system, and in order to do that, it has to make it work better with traditional PC input methods and display options. Therefore, Google is now testing new external display management tools in Android 16 that bring Android closer to other desktop OSes.'

Signal President Meredith Whittaker warned at SXSW that agentic AI poses significant privacy and security risks, as these AI agents require extensive access to users' personal data, likely processing it unencrypted in the cloud. TechCrunch reports: "So we can just put our brain in a jar because the thing is doing that and we don't have to touch it, right?," Whittaker mused. Then she explained the type of access the AI agent would need to perform these tasks, including access to our web browser and a way to drive it as well as access to our credit card information to pay for tickets, our calendar, and messaging app to send the text to your friends. "It would need to be able to drive that [process] across our entire system with something that looks like root permission, accessing every single one of those databases -- probably in the clear, because there's no model to do that encrypted," Whittaker warned.

"And if we're talking about a sufficiently powerful ... AI model that's powering that, there's no way that's happening on device," she continued. "That's almost certainly being sent to a cloud server where it's being processed and sent back. So there's a profound issue with security and privacy that is haunting this hype around agents, and that is ultimately threatening to break the blood-brain barrier between the application layer and the OS layer by conjoining all of these separate services [and] muddying their data," Whittaker concluded.

If a messaging app like Signal were to integrate with AI agents, it would undermine the privacy of your messages, she said. The agent has to access the app to text your friends and also pull data back to summarize those texts. Her comments followed remarks she made earlier during the panel on how the AI industry had been built on a surveillance model with mass data collection. She said that the "bigger is better AI paradigm" -- meaning the more data, the better -- had potential consequences that she didn't think were good. With agentic AI, Whittaker warned we'd further undermine privacy and security in the name of a "magic genie bot that's going to take care of the exigencies of life," she concluded. You can watch the full speech on YouTube.

Apple users noticed a change in 2023, "when streaming platforms like Netflix, HBO Max, Amazon Prime, and the Criterion Channel imposed a quiet embargo on the screenshot," noted the film blog Screen Slate: At first, there were workarounds: users could continue to screenshot by using the browser Brave or by downloading extensions or third-party tools like Fireshot. But gradually, the digital-rights-management tech adapted and became more sophisticated. Today, it is nearly impossible to take a screenshot from the most popular streaming services, at least not on a Macintosh computer. The shift occurred without remark or notice to subscribers, and there's no clear explanation as to why or what spurred the change...

For PC users, this story takes a different, and happier, turn. With the use of Snipping Tool — a utility exclusive to Microsoft Windows, users are free to screen grab content from all streaming platforms. This seems like a pointed oversight, a choice on the part of streamers to exclude Mac users (though they make up a tiny fraction of the market) because of their assumed cultural class.
"I'm not entirely sure what the technical answer to this is," tech blogger John Gruber wrote this weekend, "but on MacOS, it seemingly involves the GPU and video decoding hardware..." These DRM blackouts on Apple devices (you can't capture screenshots from DRM video on iPhones or iPads either) are enabled through the deep integration between the OS and the hardware, thus enabling the blackouts to be imposed at the hardware level. And I don't think the streaming services opt into this screenshot prohibition other than by "protecting" their video with DRM in the first place. If a video is DRM-protected, you can't screenshot it; if it's not, you can.

On the Mac, it used to be the case that DRM video was blacked-out from screen capture in Safari, but not in Chrome (or the dozens of various Chromium-derived browsers). But at some point a few years back, you stopped being able to capture screenshots from DRM videos in Chrome, too -- by default. But in Chrome's Settings page, under System, if you disable "Use graphics acceleration when available" and relaunch Chrome, boom, you can screenshot everything in a Chrome window, including DRM video...

What I don't understand is why Apple bothered supporting this in the first place for hardware-accelerated video (which is all video on iOS platforms -- there is no workaround like using Chrome with hardware acceleration disabled on iPhone or iPad). No one is going to create bootleg copies of DRM-protected video one screenshotted still frame at a time -- and even if they tried, they'd be capturing only the images, not the sound. And it's not like this "feature" in MacOS and iOS has put an end to bootlegging DRM-protected video content.
Gruber's conclusion? "This 'feature' accomplishes nothing of value for anyone, including the streaming services, but imposes a massive (and for most people, confusing and frustrating) hindrance on honest people simply trying to easily capture high-quality (as opposed to, say, using their damn phone to take a photograph of their reflective laptop display) screenshots of the shows and movies they're watching."

New submitter TronNerd82 writes: Linuxiac reports that the 6th alpha release of the COSMIC desktop environment has been released. The new alpha release includes zooming, desktop icon management, some new scaling options, and improved accessibility features. Also included in the release are a number of bug fixes.

These include, but are not limited to:
- Fixing a crash issue in Steam, and fixing certain issues for Radeon RX GPUs
- Fixing a bug that prevented icons from appearing in screenshots
- Adding a layer of polish to the COSMIC Files application by adding folder size metadata and preventing crashes

Also of note are a number of memory usage reductions across the board. COSMIC Alpha 6 also replaces the default font, changing from Fira Sans to Open Sans, with Noto Sans Mono as the default monospace font. Additional changes can be found in System76's official announcement.

At its "Second Gen" event today, Framework detailed three new computers: an updated Framework Laptop 13 with AMD Ryzen AI 300, a 4.5-liter Mini-ITX desktop powered by Ryzen AI Max, and a colorful, convertible Framework Laptop 12 designed with students in mind. The latter is defined by Framework as a "defining product." Tom's Hardware reports: Framework Desktop: The Framework Desktop is a 4.5L Mini-ITX machine using AMD's Ryzen AI Max "Strix Halo" chips with Radeon 8060S graphics. While this is a mobile chip, Framework says putting it in a desktop chassis gets it to 120W sustained power and 140W boost "while staying quiet and cool." Framework says this should allow 1440p gaming on intense titles, as well as workstation-class projects and local AI. [...] The base model, with a Ryzen AI Max 385 and 32GB of RAM, starts at $1,099, while the top-end machine with a Ryzen AI Max+ 395 with 128GB of RAM begins at $1,999. Framework is only doing "DIY" editions here, so you'll have to get your own storage drive and bring your own operating system (the company is calling it "the easiest PC you'll ever build"). The mainboard on its own will be available from $799. Pre-orders are open now, and Framework expects to ship sometime in Q3.

Framework Laptop 12: The Laptop 12 is designed to bring the flexibility from the Laptop 12 but make it smaller, cheaper, and in more colors (with an optional stylus to match). These machines are made of ABS plastic molded in thermoplastic polyurethane, all around a metal frame. Framework says that it's "our easiest product ever to repair," but that more information on that will come closer to its launch in mid-2025. I'm really looking forward to this repair guide. It comes in five colorways: lavender, sage, gray, black, and bubblegum. The laptop will come with 13th Gen Intel Core i3 and i5 processors, which aren't the latest, but better than entry-level junk. You'll get up to 48GB of RAM, 2TB of storage, and Wi-Fi 6E. It has a 1920 x 1200 touch screen that the company claims will surpass 400 nits of brightness. There's no pricing information yet, and Framework says there's more to share on pricing and specs later in the year. Pre-orders will open in April ahead of the mid-year launch.

Framework Laptop 13: The Framework Laptop 13 is getting a significant refresh with AMD Ryzen AI 300 Series. It doesn't look all that different on the outside, with a 13.5-inch design that largely resembles the one from way back in 2021. But there are new features. Beyond the processors, the Framework Laptop 3 is getting bumped up to Wi-Fi 7 and is getting a new thermal system, a "next-generation" keyboard, and new colorways for the Expansion Cards and bezels (though I still don't know why you would want a bezel in anything other than black). [...] The new Framework Laptop 13 with AMD Ryzen AI 300 starts at $899 for a DIY Edition without storage or an OS, and $1,099 for a pre-built model. If you're buying the mainboard to put in an old system, that's $449. (Framework is keeping the Ryzen 7040 systems around starting at $749). No word for now on any new Intel models.

An anonymous reader quotes a report from 9to5Google: Starting with the Snapdragon 8 Elite, Qualcomm will offer device manufacturers (OEMs) the "ability to provide support for up to eight consecutive years of Android software and security updates." Qualcomm today announced a "program" in partnership with Google: "What this means is that support for platform software included in this program will be made available to OEMs for eight consecutive years, including both Android OS and kernel upgrades, without requiring significant changes or upgrades to the platform and OEM code on the device (a separation commonly referred as 'Project Treble' or the 'vendor implementation'). While kernel changes will require updating kernel mode drivers, the vendor code can remain unchanged while the software support is being provided."

This program specifically includes "two upgrades to the mobile platform's Android Common Kernel (ACK) to support the eight-year window." It's ultimately up to manufacturers to update their devices, but the bottleneck going forward won't be the chip. Qualcomm today notes how the extended software support it's providing can "lower costs for OEMs interested in supporting their devices longer." The first devices to benefit are Snapdragon 8 Elite-powered smartphones launching with Android 15. Notably, the program runs for the "next five generations" of SoCs, including Snapdragon 8 and 7-series chips launching "later this year." Older chipsets will not benefit from this program.

Microsoft has updated its CPU compatibility list for Windows 11 24H2, excluding pre-11th-generation Intel processors for OEMs building new PCs. The Register reports: Windows 11 24H2 has been available to customers for months, yet Microsoft felt compelled in its February update to confirm that builders, specifically, must use Intel's 11th-generation or later silicon when building brand new PCs to run its most recent OS iteration. "These processors meet the design principles around security, reliability, and the minimum system requirements for Windows 11," Microsoft says.

Intel's 11th-generation chips arrived in 2020 and were discontinued last year. It would be surprising, if not unheard of, for OEMs to build machines with unsupported chips. Intel has already transitioned many pre-11th generation chips to "a legacy software support model," so Microsoft's decision to omit the chips from the OEM list is understandable. However, this could be seen as a creeping problem. Chips made earlier than that were present very recently, in the list of supported Intel processors for Windows 11 22H2 and 23H2.

This new OEM list may add to worries of some users looking at the general hardware compatibility specs for Windows 11 and wondering if the latest information means that even the slightly newer hardware in their org's fleet will soon no longer meet the requirements of Microsoft's flagship operating system. It's a good question, and the answer -- currently -- appears to be that those "old" CPUs are still suitable. Microsoft has a list of hardware compatibility requirements that customers can check, and they have not changed much since the outcry when they were first published.

"IBM stopped supporting OS/2 at the end of 2006," write the makers of ArcaOS, an OEM distribution of OS/2's discontinued Warp operating system.

And now long-time Slashdot reader martiniturbide tells us that ArcaOS 5.1.1 has been released, and that many of it's components have been updated too. From this week's announcement: ArcaOS 5.1.1 continues to support installation on the latest generation of UEFI-based systems, as well as the ability to install to GPT-based disk layouts. This enables ArcaOS 5.1.1 to install on a wide array of modern hardware. Of course, ArcaOS 5.1.1 is just as much at home on traditional BIOS-based systems, offering enhanced stability and performance across both environments....

Need more convincing? How about a commercial operating system which doesn't spy on you, does not report your online activity to anyone, and gives you complete freedom to choose the applications you want to use, however you want to use them? How about an operating system which isn't tied to any specific hardware manufacturer, allowing you to choose the platform which is right for you, and fits perfectly well in systems with less than 4GB of memory or even virtual machines?

Murena has launched the Murena Pixel Tablet, a de-Googled version of the Pixel Tablet that removes Google's apps and services to enhance user privacy. Priced at $549, it offers /e/OS, an alternative app store, and privacy-focused productivity tools, but lacks Google's speaker dock and direct access to the Play Store. The Verge reports: First announced last December, the Murena Pixel Tablet is available now through the company's online store for $549. That's a steep premium given Google currently sells the same 128GB version of the Pixel Tablet for $399, or $479 as part of a bundle with the charging speaker dock that Murena isn't including. Part of Murena's de-Googling of the Pixel Tablet includes the removal of the Google Play Store. You can still download apps through /e/OS' App Lounge which acts as a front-end for the Play Store allowing you to browse and get free apps anonymously without Google knowing who you are. However, downloading paid apps requires a login to a Google account. Google's various productivity apps aren't included, but the Murena Pixel Tablet comes with privacy-minded alternatives for messaging, email, maps, browsing the web, calendar, contacts, notes, and even voice recordings. In 2022, Murena launched its first smartphone with no Google apps, Google Play Services, or even the Google Assistant.

A recently patched Palo Alto Networks vulnerability (CVE-2025-0108) is being actively exploited alongside two older flaws (CVE-2024-9474 and CVE-2025-0111), allowing attackers to gain root access to unpatched firewalls. The Register reports: This story starts with CVE-2024-9474, a 6.9-rated privilege escalation vulnerability in Palo Alto Networks PAN-OS software that allowed an OS administrator with access to the management web interface to perform actions on the firewall with root privileges. The company patched it in November 2024. Dark web intelligence services vendor Searchlight Cyber's Assetnote team investigated the patch for CVE-2024-9474 and found another authentication bypass.

Palo Alto (PAN) last week fixed that problem, CVE-2025-0108, and rated it a highest urgency patch as the 8.8/10 flaw addressed an access control issue in PAN-OS's web management interface that allowed an unauthenticated attacker with network access to the management web interface to bypass authentication "and invoke certain PHP scripts." Those scripts could "negatively impact integrity and confidentiality of PAN-OS."

The third flaw is CVE-2025-0111 a 7.1-rated mess also patched last week to stop authenticated attackers with network access to PAN-OS machines using their web interface to read files accessible to the "nobody" user. On Tuesday, US time, Palo A lot updated its advisory for CVE-2025-0108 with news that it's observed exploit attempts chaining CVE-2024-9474 and CVE-2025-0111 on unpatched and unsecured PAN-OS web management interfaces. The vendor's not explained how the three flaws are chained but we understand doing so allows an attacker to gain more powerful privileges and gain full root access to the firewall. PAN is urging users to upgrade their PAN-OS operating systems to versions 10.1, 10.2, 11.0, 11.1, and 11.2. A general hotfix is expected by Thursday or sooner, notes the Register.

For the first time since 2004, PassMark's global CPU benchmark data shows a decline in average processor performance, with laptop CPUs dropping 3.4% and desktop CPUs falling 0.5% year-over-year. Tom's Hardware reports: We see the biggest drop in laptop CPU performance results. PassMark recorded an average result of 14,632 across 101,316 samples last year. But, in 2025, the average score sat at an average of 14,130 points between 25,541 samples, decreasing the average score by 3.4%. The average desktop PC result in 2024 netted 26,436 points for 186,053 samples. But for 2025, the average score currently sits at 26,311 points for over 47,810 samples -- a 0.5% drop from last year. While that drop is small, we should only see a continued progression of faster performance.

[...] Passmark itself mused on X (formerly Twitter) that it could be that people are switching to more affordable machines that deliver lower power and performance. Or maybe Windows 11 is depressing performance scores versus Windows 10, especially as people transition to it with the upcoming demise of the latter. We've certainly seen plenty of examples of reduced performance in gaming with some of the newer versions of Windows 11, particularly as Intel and AMD struggled to upstream needed updates into the OS. [...] PassMark also muses that bloatware could contribute to the sudden decline in performance, but that seems like a longshot.

Fortune remembers that in 2011 Steve Jobs had told author Walter Isaacson that Microsoft co-founder Bill Gates would "be a broader guy if he had dropped acid once or gone off to an ashram when he was younger."

But The Indendepent notes that in his new memoir Gates does write about two acid trip experiences. (Gates mis-timed his first experiment with LSD, ending up still tripping during a previously-scheduled appointment for dental surgery...) "Later in the book, Gates recounts another experience with LSD with future Microsoft co-founder Paul Allen and some friends... Gates says in the book that it was the fear of damaging his memory that finally persuaded him never to take the drug again." He added: "I smoked pot in high school, but not because it did anything interesting. I thought maybe I would look cool and some girl would think that was interesting. It didn't succeed, so I gave it up."

Gates went on to say that former Apple CEO Steve Jobs, who didn't know about his past drug use, teased him on the subject. "Steve Jobs once said that he wished I'd take acid because then maybe I would have had more taste in my design of my products," recalled Gates. "My response to that was to say, 'Look, I got the wrong batch.' I got the coding batch, and this guy got the marketing-design batch, so good for him! Because his talents and mine, other than being kind of an energetic leader, and pushing the limits, they didn't overlap much. He wouldn't know what a line of code meant, and his ability to think about design and marketing and things like that... I envy those skills. I'm not in his league."

Gates added that he was a fan of Michael Pollan's book about psychedelic drugs, How To Change Your Mind, and is intrigued by the idea that they may have therapeutic uses. "The idea that some of these drugs that affect your mind might help with depression or OCD, I think that's fascinating," said Gates. "Of course, we have to be careful, and that's very different than recreational usage."
Touring the country, 69-year-old Gates shared more glimpses of his life story:

• The Harvard Gazette notes that the university didn't offer computer science degrees when Gates attended in 1973. But since Gates already had years of code-writing experience, he "initially rebuffed any suggestion of taking computer-related coursework... 'It's too easy,' he remembered telling friends."

• "The naiveté I had that free computing would just be this unadulterated good thing wasn't totally correct even before AI," Gates told an audience at the Harvard Book Store. "And now with AI, I can see that we could shape this in the wrong way."

• Gates "expressed regret about how he treated another boyhood friend, Paul Allen, the other cofounder of Microsoft, who died in 2018," reports the Boston Globe. "Gates at first took 60 percent ownership of the new software company and then pressured his friend for another 4 percent. 'I feel bad about it in retrospect,' he said. 'That was always a little complicated, and I wish I hadn't pushed....'"

• Business Insider adds that according to his memoir, Gates "eventually gave his additional 4% stake to [Steve] Ballmer to convince him to quit business school for Microsoft. 'He joined in 1980 and became the 24-hour-a-day partner I needed,' Gates wrote."

• Benzinga writes that Gates has now "donated $100 billion to charitable causes... Had Gates retained the $100 billion he has donated, his total wealth would be around $264 billion, placing him second on the global wealth rankings behind Elon Musk and ahead of Jeff Bezos and Mark Zuckerberg."

• Gates told the Associated Press "I am stunned that Intel basically lost its way," saying Intel is now "kind of behind" on both chip design and fabrication. "They missed the AI chip revolution, and with their fabrication capabilities, they don't even use standards that people like Nvidia and Qualcomm find easy... I hope Intel recovers, but it looks pretty tough for them at this stage."

• Gates also told the Associated Press that fighting a three-year antitrust case had "distracted" Microsoft. "The area that Google did well in that would not have happened had I not been distracted is Android, where it was a natural thing for me. I was trying, although what I didn't do well enough is provide the operating system for the phone. That was ours for the taking."

• The Dallas News reports that in an on-stage interview in Texas, Mark Cuban closed by asking Gates one question. "Is the American Dream alive?" Gates answered: "It was for me."

Long-time Slashdot reader Shayde once restored a 1986 DEC PDP-11 minicomputer, and even ran Turbo Pascal on a 40-year-old Apple II clone.

Now he's exploring a 27-year-old Macintosh PowerBook G3 — with 64 megabytes memory and 4 gigabytes of disk space. "The year is 1997, and Apple is in big trouble." (Apple's market share had dropped from 16% in 1980 to somewhere below 4%...) Turns out this was one of the first machines able to run OS X, and was built during the transition period for Apple after Steve Jobs came back in to rescue the company from bankruptcy.
It's clearly old technology. There's even a SCSI connector, PCMCIA sockets, a modem port for your phone/landline cable, and a CD-ROM drive. There's also Apple's proprietary ports for LocalTalk and an Apple Desktop Bus port ("used for keyboards, mice, and stuff like that"). And its lithium-ion batteries "were meant to be replaced and moved around, so you could carry spare batteries with you."

So what's it like using a 27-year-old laptop? "The first thing I had to note was this thing weighs a ton! This thing could be used as a projectile weapon! I can't imagine hauling these things around doing business..." And it's a good thing it had vents, because "This thing runs hot!" (The moment he plugs it in he can hear its ancient fan running...) It seems to take more than two minutes to boot up. ("The drive is rattling away...") But soon he's looking at a glorious desktop from 1998 desktop. ("Applications installed... Oh look! Adobe Acrobat Reader! I betcha that's going to need an update...")

After plugging in a network cable, a pop-up prompts him to "Set up your .Mac membership." ("I have so little interest in doing this.") He does find an old version of Safari, but it refuses to launch-- though "While puttering around in the application folder, I did notice that we had Internet Explorer installed. But that pretty much went as well as expected." In the end it seems like he ends up "on the network, but we have no browser." Although at least he does find a Terminal program — and successfully pings Google.

The thing that would drive me crazy is when opening the laptop, Apple's logo is upside-down!

Keynotes at this year's FOSDEM included free AI models and systemd, reports Heise.de — and also a progress report from Miguel Ojeda, supervisor of the Rust integration in the Linux kernel. Only eight people remain in the core team around Rust for Linux... Miguel Ojeda therefore launched a survey among kernel developers, including those outside the Rust community, and presented some of the more important voices in his FOSDEM talk. The overall mood towards Rust remains favorable, especially as Linus Torvalds and Greg Kroah-Hartman are convinced of the necessity of Rust integration. This is less about rapid progress and more about finding new talent for kernel development in the future.
The reaction was mostly positive, judging by Ojeda's slides:

- "2025 will be the year of Rust GPU drivers..." — Daniel Almedia

- "I think the introduction of Rust in the kernel is one of the most exciting development experiments we've seen in a long time." — Andrea Righi

- "[T]he project faces unique challenges. Rust's biggest weakness, as a language, is that relatively few people speak it. Indeed, Rust is not a language for beginners, and systems-level development complicates things even more. That said, the Linux kernel project has historically attracted developers who love challenging software — if there's an open source group willing to put the extra effort for a better OS, it's the kernel devs." — Carlos Bilbao

- "I played a little with [Rust] in user space, and I just absolutely hate the cargo concept... I hate having to pull down other code that I do not trust. At least with shared libraries, I can trust a third party to have done the build and all that... [While Rust should continue to grow in the kernel], if a subset of C becomes as safe as Rust, it may make Rust obsolete..." Steven Rostedt

Rostedt wasn't sure if Rust would attract more kernel contributors, but did venture this opinion. "I feel Rust is more of a language that younger developers want to learn, and C is their dad's language."

But still "contention exists within the kernel development community between those pro-Rust and -C camps," argues The New Stack, citing the latest remarks from kernel maintainer Christoph Hellwig (who had earlier likened the mixing of Rust and C to cancer). Three days later Hellwig reiterated his position again on the Linux kernel mailing list: "Every additional bit that another language creeps in drastically reduces the maintainability of the kernel as an integrated project. The only reason Linux managed to survive so long is by not having internal boundaries, and adding another language completely breaks this. You might not like my answer, but I will do everything I can do to stop this. This is NOT because I hate Rust. While not my favourite language it's definitively one of the best new ones and I encourage people to use it for new projects where it fits. I do not want it anywhere near a huge C code base that I need to maintain."
But the article also notes that Google "has been a staunch supporter of adding Rust to the kernel for Linux running in its Android phones." The use of Rust in the kernel is seen as a way to avoid memory vulnerabilities associated with C and C++ code and to add more stability to the Android OS. "Google's wanting to replace C code with Rust represents a small piece of the kernel but it would have a huge impact since we are talking about billions of phones," Ojeda told me after his talk.

In addition to Google, Rust adoption and enthusiasm for it is increasing as Rust gets more architectural support and as "maintainers become more comfortable with it," Ojeda told me. "Maintainers have already told me that if they could, then they would start writing Rust now," Ojeda said. "If they could drop C, they would do it...."

Amid the controversy, there has been a steady stream of vocal support for Ojeda. Much of his discussion also covered statements given by advocates for Rust in the kernel, ranging from lead developers of the kernel and including Linux creator Linus Torvalds himself to technology leads from Red Hat, Samsung, Google, Microsoft and others.

In his post about the future of Fedora Workstation, Christian F.K. Schaller discusses how the Red Hat team plans to integrate AI with IBM's open-source Granite engine to enhance developer tools, such as IDEs, and create an AI-powered Code Assistant. He says the team is also working on streamlining AI acceleration in Toolbx and ensuring Fedora users have access to tools like RamaLama. From the post: One big item on our list for the year is looking at ways Fedora Workstation can make use of artificial intelligence. Thanks to IBMs Granite effort we know have an AI engine that is available under proper open source licensing terms and which can be extended for many different usecases. Also the IBM Granite team has an aggressive plan for releasing updated versions of Granite, incorporating new features of special interest to developers, like making Granite a great engine to power IDEs and similar tools. We been brainstorming various ideas in the team for how we can make use of AI to provide improved or new features to users of GNOME and Fedora Workstation. This includes making sure Fedora Workstation users have access to great tools like RamaLama, that we make sure setting up accelerated AI inside Toolbx is simple, that we offer a good Code Assistant based on Granite and that we come up with other cool integration points. "I'm still not sure how I feel about this approach," writes designer/developer and blogger, Bradley Taunt. "While IBM Granite is an open source model, I still don't enjoy so much artificial 'intelligence' creeping into core OS development. This also isn't something optional on the end-users side, like a desktop feature or package. This sounds like it's going to be built directly into the core system."

"Red Hat has been pushing hard towards AI and my main concern is having this influence other operating system dev teams. Luckily things seems AI-free in BSD land. For now, at least."

A recent video from retro tech YouTuber Clint "LGR" Basinger takes a deep dive into the history of the SereneScreen Marine Aquarium, exploring how former Air Force pilot Jim Sachs transformed a lackluster Windows 95 screensaver into a 25-year digital phenomenon. PC Gamer reports: The story centers on Jim Sachs, a man with one of those "they don't make this type of guy anymore" life stories so common to '80s and '90s computing, one Sachs recounted to the website AmigaLove back in 2020. After a six-year career in the US Air Force flying C-141 Starlifters, Sachs taught himself programming and digital art and began creating games for Commodore 64 and Amiga computers. From his first game, Saucer Attack, to later efforts like Defender of the Crown or his large portfolio of promotional and commissioned pieces, Sach's pixel art remains gorgeous and impressive to this day, and he seems to be a bit of a legend among Commodore enthusiasts.

It's with this background in games and digital art that Sachs looked at Microsoft's simple aquarium-themed screensaver for Windows 95 and 98 and thought he could do better. "Microsoft had an aquarium that they gave away with Windows where it was just bitmaps of fish being dragged across the screen," Sachs told the Matt Chat podcast back in 2015. "And they had that for like, three or four years. And I thought, I've given them enough time, I'm taking them to market. I'm gonna do something which will just blow that away."

Using reference photographs of real aquariums -- Sachs thanked a specific pet shop that's still around in an early version of his website" -- Sachs created the 3D art by hand and programmed the screensaver in C++, releasing the initial version in July 2000. Even looking at it all these years later, the first iteration of the SereneScreen Marine Aquarium is pretty gorgeous, and it has the added charm of being such a distinctly Y2K, nostalgic throwback.

The standalone screensaver sold well, but then things came full circle with Microsoft licensing a version of the Marine Aquarium for the Windows XP Plus Pack and later standard releases of the OS. Since that time, the Marine Aquarium has continued to see new releases, and a section on the SereneScreen website keeps track of its various appearances in the background of movies and TV shows like Law and Order. Over on the SereneScreen website, you can purchase a real time, 3D-accelerated version of the Marine Aquarium for Mac, iOS, Android, and the original Windows. Echoing the Windows XP deal, Roku actually licensed this 3.0 version for its TVs, bringing it to a new generation of users.

Google has open-sourced the PebbleOS, with the original founder, Eric Migicovsky, starting a company to continue where he left off in 2016. "This is part of an effort from Google to help and support the volunteers who have come together to maintain functionality for Pebble watches after the original company ceased operations in 2016," said Google in a blog post. The Verge reports: The company -- which can't be named Pebble because Google still owns that -- doesn't have a name yet. For now, Migicovsky is hosting a waitlist and news signup at a website called RePebble. Later this year, once the company has a name and access to all that Pebble software, the plan is to start shipping new wearables that look, feel, and work like the Pebbles of old. The reason, Migicovsky tells me, is simple. "I've tried literally everything else," he says, "and nothing else comes close." Sure, he may just have a very specific set of requirements -- lots of people are clearly happy with what Apple, Garmin, Google, and others are making. But it's true that there's been nothing like Pebble since Pebble. "For the things I want out of it, like a good e-paper screen, long battery life, good and simple user experience, hackable, there's just nothing."

The core of Pebble, he says, is a few things. A Pebble should be quirky and fun and should feel like a gadget in an important way. It shows notifications, lets you control your music with buttons, lasts a long time, and doesn't try to do too much. It sounds like Migicovsky might have Pebble-y ambitions beyond smartwatches, but he appears to be starting with smartwatches. If that sounds like the old Pebble and not much else, that's precisely the point. [...] Migicovsky also hopes to be part of a broader open-source community around Pebble OS. The Pebble diehards still exist: a group of developers at Rebble have worked to keep many of the platform's apps alive, for instance, along with the Cobble app for connecting to phones, and the Pebble subreddit is surprisingly active for a product that hasn't been updated since the Obama administration. Migicovsky says he plans to open-source whatever his new company builds and hopes lots of other folks will build stuff, too. Thank you Slashdot reader sziring for sharing this story.

Two computer scientists at the University of Waterloo in Canada believe changing 30 lines of code in Linux "could cut energy use at some data centers by up to 30 percent," according to the site Data Centre Dynamics.

It's the code that processes packets of network traffic, and Linux "is the most widely used OS for data center servers," according to the article: The team tested their solution's effectiveness and submitted it to Linux for consideration, and the code was published this month as part of Linux's newest kernel, release version 6.13. "All these big companies — Amazon, Google, Meta — use Linux in some capacity, but they're very picky about how they decide to use it," said Martin Karsten [professor of Computer Science in the Waterloo's Math Faculty]. "If they choose to 'switch on' our method in their data centers, it could save gigawatt hours of energy worldwide. Almost every single service request that happens on the Internet could be positively affected by this."

The University of Waterloo is building a green computer server room as part of its new mathematics building, and Karsten believes sustainability research must be a priority for computer scientists. "We all have a part to play in building a greener future," he said. The Linux Foundation, which oversees the development of the Linux OS, is a founder member of the Green Software Foundation, an organization set up to look at ways of developing "green software" — code that reduces energy consumption.
Karsten "teamed up with Joe Damato, distinguished engineer at Fastly" to develop the 30 lines of code, according to an announcement from the university. "The Linux kernel code addition developed by Karsten and Damato was based on research published in ACM SIGMETRICS Performance Evaluation Review" (by Karsten and grad student Peter Cai).

Their paper "reviews the performance characteristics of network stack processing for communication-heavy server applications," devising an "indirect methodology" to "identify and quantify the direct and indirect costs of asynchronous hardware interrupt requests (IRQ) as a major source of overhead...

"Based on these findings, a small modification of a vanilla Linux system is devised that improves the efficiency and performance of traditional kernel-based networking significantly, resulting in up to 45% increased throughput..."

An anonymous reader quotes a report from Ars Technica: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can't be leveraged by competing groups or detected by defenders. One countermeasure is to equip the backdoor with a passive agent that remains dormant until it receives what's known in the business as a "magic packet." On Thursday, researchers revealed that a never-before-seen backdoor that quietly took hold of dozens of enterprise VPNs running Juniper Network's Junos OS has been doing just that. J-Magic, the tracking name for the backdoor, goes one step further to prevent unauthorized access. After receiving a magic packet hidden in the normal flow of TCP traffic, it relays a challenge to the device that sent it. The challenge comes in the form of a string of text that's encrypted using the public portion of an RSA key. The initiating party must then respond with the corresponding plaintext, proving it has access to the secret key.

The lightweight backdoor is also notable because it resided only in memory, a trait that makes detection harder for defenders. The combination prompted researchers at Lumin Technology's Black Lotus Lab to sit up and take notice. "While this is not the first discovery of magic packet malware, there have only been a handful of campaigns in recent years," the researchers wrote. "The combination of targeting Junos OS routers that serve as a VPN gateway and deploying a passive listening in-memory only agent, makes this an interesting confluence of tradecraft worthy of further observation." The researchers found J-Magic on VirusTotal and determined that it had run inside the networks of 36 organizations. They still don't know how the backdoor got installed.