Agreguesi i feed

Last week, Igalia finally announced Moonforge, a project we’ve been working on for basically all of 2025. It’s been quite the rollercoaster, and the announcement hit various news outlets, so I guess now is as good a time as any to talk a bit about what Moonforge is, its goal, and its constraints.

Of course, as soon as somebody announces a new Linux-based OS, folks immediately think it’s a new general purpose Linux distribution, as that’s the square shaped hole where everything OS-related ends up. So, first things first, let’s get a couple of things out of the way about Moonforge:

• Moonforge is not a general purpose Linux distribution
• Moonforge is not an embedded Linux distribution

What is Moonforge

Moonforge is a set of feature-based, well-maintained layers for Yocto, that allows you to assemble your own OS for embedded devices, or single-application environments, with specific emphasys on immutable, read-only root file system OS images that are easy to deploy and update, through tight integration with CI/CD pipelines.

Why?

Creating a whole new OS image out of whole cloth is not as hard as it used to be; on the desktop (and devices where you control the hardware), you can reasonably get away with using existing Linux distributions, filing off the serial numbers, and removing any extant packaging mechanism; or you can rely on the containerised tech stack, and boot into it.

When it comes to embedded platforms, on the other hand, you’re still very much working on bespoke, artisanal, locally sourced, organic operating systems. A good number of device manufacturers coalesced their BSPs around the Yocto Project and OpenEmbedded, which simplifies adaptations, but you’re still supposed to build the thing mostly as a one off.

While Yocto has improved leaps and bounds over the past 15 years, putting together an OS image, especially when it comes to bundling features while keeping the overall size of the base image down, is still an exercise in artisanal knowledge.

A little detour: Poky

Twenty years ago, I moved to London to work for this little consultancy called OpenedHand. One of the projects that OpenedHand was working on was taking OpenEmbedded and providing a good set of defaults and layers, in order to create a “reference distribution” that would help people getting started with their own project. That reference was called Poky.

We had a beaver mascot before it was cool

These days, Poky exists as part of the Yocto Project, and it’s still the reference distribution for it, but since it’s part of Yocto, it has to abide to the basic constraint of the project: you still need to set up your OS using shell scripts and copy-pasting layers and recipes inside your own repository. The Yocto project is working on a setup tool to simplify those steps, but there are alternatives…

Another little detour: Kas

One alternative is kas, a tool that allows you to generate the local.conf configuration file used by bitbake through various YAML fragments exported by each layer you’re interested in, as well as additional fragments that can be used to set up customised environments.

Another feature of kas is that it can spin up the build environment inside a container, which simplifies enourmously its set up time. It avoids unadvertedly contaminating the build, and it makes it very easy to run the build on CI/CD pipelines that already rely on containers.

What Moonforge provides

Moonforge lets you create a new OS in minutes, selecting a series of features you care about from various available layers.

Each layer provides a single feature, like:

• support for a specific architecture or device (QEMU x86_64, RaspberryPi)
• containerisation (through Docker or Podman)
• A/B updates (through RAUC, systemd-sysupdate, and more)
• graphical session, using Weston
• a WPE environment

Every layer comes with its own kas fragment, which describes what the layer needs to add to the project configuration in order to function.

Since every layer is isolated, we can reason about their dependencies and interactions, and we can combine them into a final, custom product.

Through various tools, including kas, we can set up a Moonforge project that generates and validates OS images as the result of a CI/CD pipeline on platforms like GitLab, GitHub, and BitBucket; OS updates are also generated as part of that pipeline, just as comprehensive CVE reports and Software Bill of Materials (SBOM) through custom Yocto recipes.

More importantly, Moonforge can act both as a reference when it comes to hardware enablement and support for BSPs; and as a reference when building applications that need to interact with specific features coming from a board.

While this is the beginning of the project, it’s already fairly usable; we are planning a lot more in this space, so keep an eye out on the repository.

Trying Moonforge out

If you want to check out Moonforge, I will point you in the direction of its tutorials, as well as the meta-derivative repository, which should give you a good overview on how Moonforge works, and how you can use it.

Starting in September, even Android developers not in Google's Play Store will still be required to register with Google to distribute their apps in Brazil, Singapore, Indonesia, and Thailand, with Google continuing "to roll out these requirements globally" four months later. Even developers distributing Android apps on the web for sideloading will be required to register, pay Google a $25 fee, and provide a government ID. But there's a new theory on what's secretly been motivating Google from an unnamed source in the "Keep Android Open" movement, writes long-time Slashdot reader destinyland: "You can't separate this really from their ongoing interactions with Epic and the settlement that they came to," they argue. Twelve days ago Epic Games and Google announced a new proposal for settling their long-running dispute over the legality of alternative app stores on Android phones. (Rather than agreeing to let third-party app stores into their Play Store, Google wants them to continue being sideloaded, promising in a blog post last week that they'll even offer a "more streamlined" and "simplified" sideloading alternative for rival app stores. "This Registered App Store program will begin outside of the US first, and we intend to bring it to the US as well, subject to court approval.") So "developer verification" could be Google's fallback plan if U.S. courts fail to approve this. "If the Google Play Store has to allow any third-party repository app store, Google essentially has given up all control of the apps. But if they're able to claw back that control by requiring that all developers, no matter how they distribute their apps, have to register with Google — have to agree to their Terms & Conditions, pay them money, provide identification — then they have a large degree of indirect control over any app that can be developed for the entire platform." But that plan threatens millions of people using the alternative F/OSS app distributor F-Droid, since Google also wants to have only one signature attached to Android apps. Marc Prud'hommeaux, a member of F-Droid's board of directors, says that "all of a sudden breaks all those versions of the application distributed through F-Droid or any other app store!" Prud'hommeaux says they've told Google's Android team "You know perfectly well that you're killing F-Droid!" creating an "existential" threat to an app distributor "that has existed happily for over 10 years." But good things started happening when he created the website Keep Android Open: There's now a "huge backlog" of signers for an Open Letter that already includes EFF, the Software Freedom Conservancy, and the Free Software Foundation. He believes Android's existing Play Protect security "is completely sufficient to handle the particular scenarios they claim that developer verification is meant to address"... The Keep Android Open site urges developers not to sign up for Android's early access program when it launches next week. (Instead, they're asking developers to respond to invites with an email about their concerns — and to spread the word to other developers and organizations in forums and social media posts.) There's also a petition at Change.org currently signed by 64,000 developers — adding 20,000 new signatures in the last 10 days. And "If you have an Android device, try installing F-Droid!" he adds. Google tracks how many people install these alternative app repositories, and a larger user base means greater consequences from any Android policy changes. Plus, installing F-Droid "might be refreshing!" Prud'hommeaux says. "You don't see all the advertisements and promotions and scam and crapware stuff that you see in the commercial app stores!"

Read more of this story at Slashdot.

In 2024 Anthropic was sued over claims it infringed copyrights when training LLMs. But as they try to settle, they may have a problem. The Free Software Foundation announced Friday that Anthropic's training data apparently even included the book "Free as in Freedom: Richard Stallman's Crusade for Free Software" — for which the Free Software Foundation holds a copyright. It was published by O'Reilly and by the FSF under the GNU Free Documentation License (GNU FDL). This is a free license allowing use of the work for any purpose without payment. Obviously, the right thing to do is protect computing freedom: share complete training inputs with every user of the LLM, together with the complete model, training configuration settings, and the accompanying software source code. Therefore, we urge Anthropic and other LLM developers that train models using huge datasets downloaded from the Internet to provide these LLMs to their users in freedom. We are a small organization with limited resources and we have to pick our battles, but if the FSF were to participate in a lawsuit such as Bartz v. Anthropic and find our copyright and license violated, we would certainly request user freedom as compensation. "The FSF doesn't usually sue for copyright infringement," reads the headline on the FSF's announcement, "but when we do, we settle for freedom."

Read more of this story at Slashdot.

The UK's science minister is announcing details of a five-year, £2.5 billion investment in nuclear fusion, reports the Times of London, "including building one of the world's first prototype fusion power plants in Nottinghamshire and developing a UK sector projected to employ 10,000 people by 2030." Despite the potentially transformative impact of fusion, which in theory could provide limitless clean energy and create a £12 trillion global market, no country has managed to use this fledgling technology to generate useable electricity... [T]he UK is backing a spherical tokamak design... investing an initial £1.3 billion into a prototype fusion power plant called Step (Spherical Tokamak for Energy Production) on the site of a decommissioned coal-fired power station at West Burton in Nottinghamshire. Paul Methven, chief executive of the government-owned UK Industrial Fusion Solutions, which is delivering the Step project, said the aim is to get the reactor operating early in the 2040s. "It's quite an aggressive programme," he said. "We need to show that we can achieve genuine 'wall socket' energy — which has not been done before." On Monday, [science minister] Vallance will also announce £180 million for a facility in Culham, Oxfordshire, to manufacture tritium fuel and £50 million for training 2,000 scientists and engineers in fusion-related disciplines. The government is also buying a £45 million fusion-dedicated AI supercomputer called Sunrise to model plasma physics. Scientists at the UK Atomic Energy Authority last year developed an AI model that can rapidly simulate how the ultra-hot fuel in a fusion power plant will behave, cutting calculations that previously took days down to seconds... Vallance will also announce new support and collaboration for the many fusion, robotics, engineering and AI start-ups working in Britain, to develop a strong supply chain for a new fusion sector. One of those companies, Tokamak Energy, which spun out from the UK Atomic Energy Authority in 2009, has already built a smaller reactor that has informed the Step design. In March 2022, it became the first private organisation in the world to surpass 100 million degrees Celsius in its reactor.

Read more of this story at Slashdot.

Europe's EV sales for January and February spiked 21% from last year, according to new data from Benchmark Mineral Intelligence. Electrek reports that just in those two months over 600,000 EVs were sold in Europe. And figures for "rest of world" (which excludes Europe, North America, and China) are up a whopping 84% — with 370,000 EVs sold in January and February. (EVs now represent more than 30% of the vehicles sold in South Korea.) But for the same period China's sales are down 26% from last year, with 1.1 million vehicles sold. And North America showed an even larger drop of 36% from the January/February figures in 2025, now selling just 170,000 electric vehicles, while Canada's EV sales were down 23%. EV sales seem heavily influenced by government incentives, with Germany and France leading Europe's growth: EV sales in Germany are up 26% so far this year, following the country's introduction of a new subsidy program at the start of 2026. France's market is up 30%, supported by its existing incentive program. Italy is also seeing rapid growth. EV sales there jumped 23% month-over-month in February, making it the country's strongest month ever for EV sales. The Italian market is now up 98% year to date. That surge follows the Italian government's October 2025 launch of a new subsidy program, funded by the EU's Recovery and Resilience Facility, to increase EV adoption. Households can receive up to €11,000 ($12,700) in incentives, while smaller businesses can get up to €20,000 ($23,200)... [T]he global EV transition isn't slowing, but it's becoming much more uneven depending on policy, incentives, and trade rules.

Read more of this story at Slashdot.

Slashdot reader SysEngineer does embedded/IoT work, but "I want to pick a single system-on-a-chip architecture family and commit to it across multiple product lines — sensor nodes up through edge gateways... I've been on one platform for years and want to know what embedded engineers are actually running in production before I commit!" And "the family needs to scale — cheap and small at the low end, capable of running Linux on the bigger variants!" Their requirements? WiFi + BLE required LoRaWAN a nice-to-have. Low power modes that actually work in the field, not just on the datasheet. Full peripheral set — SPI, I2C, UART, ADC, timers, CAN. A toolchain and runtime support, support multi threads... Slashdot reader Gravis Zero is skeptical all the requirements can be met. "If you want embedded, you get embedded. If you want to run a big OS, you get one that will run a big OS." But Slashdot reader SysEngineer believes "The obvious architecture candidates are ARM, STM, and RISC-V" — and specifically they want to hear your experiences with the RISC-V choices. "What would you standardize on today if you were starting fresh? And how does real-world toolchain and community support hold up compared to the marketing?" Share your own thoughts and experiences in the comments. What's the best all-purpose RISC-V system on a chip family?

Read more of this story at Slashdot.

Version:7.0-rc4 (mainline) Released:2026-03-15 Source:linux-7.0-rc4.tar.gz Patch:full (incremental)

Linux gaming "has gotten to the point where some people claim that Linux runs their games better than Windows does," according to the Android site XDA Developers. And there's a new surprise on ProtonDB, an "unofficial" community website with crowdsourced data about videogame compatability with the Linux software/gaming compatability layer Proton: On ProtonDB, one operating system had reigned supreme since 2021: Arch Linux. And I say 'had,' because its streak has just been ended by [Arch-based] CachyOS in an upset that has slowly grown over the past two years. As reported on Boiling Steam, the number of reports coming from CachyOS has topped that of Arch Linux, which held the crown for the most number of reports since 2021... [T]his isn't really a statement that CachyOS is the best gaming distro out there; however, it's seemingly attracting the largest number of gamers who are invested in testing games on Proton and reporting their performance, which is a pretty big milestone if you ask me.

Read more of this story at Slashdot.

NBC News investigates North Korea's "wide-ranging effort to place remote workers at U.S. companies in order to funnel money back to its coffers and, in some cases, steal sensitive information." And working with the FBI, one corporate security/investigations company decided to knowingly hire one of North Korea's remote workers — then "ship him a laptop and gain as much information as possible" about this "sprawling international employment scheme that is estimated to include hundreds of American companies, thousands of people and hundreds of millions of dollars per year." It worked.... Over a roughly three-month investigation, Nisos uncovered an apparent network of at least 20 North Korean operatives including "Jo" who had collectively applied to at least 160,000 roles. During that time, workers in the network — which some evidence showed were based in China — were employed by five U.S.-based companies and allegedly helped by an American citizen operating out of two nondescript suburban homes in Florida... Nisos estimated that in about a year, "Jo", who was likely a newer member of the team, applied to about 5,000 jobs... "They attended interviews all day every day, and then once they secured a job, they would collect paychecks until they were terminated," [according to Jared Hudson, Nisos' chief technology officer]... With the ability to see which other U.S. companies Jo and his team were working for — all remote technology roles — Nisos' CEO, Ryan LaSalle, began making calls to their security teams to alert them of the fraud. "Most of the companies weren't aware of it, even if they had pretty robust security teams," LaSalle said. "It wasn't really high on the radar." NBC News describes North Korea's 10-year effort — and its educational pipeline that steers promising students into "computer science and hacking training before being placed into cyberunits under military and state agencies, according to a recent report by DTEX, a risk-adaptive security and behavioral intelligence firm that tracks North Korea's cybercrime." In one case, a North Korean worker stole sensitive information related to U.S. military technology, according to the Justice Department. In another, an American accomplice obtained an ID that enabled access to government facilities, networks and systems. At least three organizations have been extorted and suffered hundreds of thousands of dollars in damages after proprietary information was posted online by IT workers... Analysts warn that North Korean IT workers are targeting larger organizations, increasing extortion attempts and seeking out employers that pay salaries in cryptocurrency. More recently, security researchers have uncovered fake job application platforms impersonating major U.S. cryptocurrency and AI firms, including Anthropic, designed to infect legitimate applicants' networks with malware to be utilized once hired. The global cybersecurity company CrowdStrike identified a 220% rise in 2025 in instances of North Koreans gaining fraudulent employment at Western companies to work remotely as developers... The payoff flowing back to Pyongyang from these schemes is enormous. Some North Korean IT workers earn more than $300,000 per year, far more than they'd be able to earn domestically, with as much as 90% of their wages directed back to the regime, according to congressional testimony from Bruce Klinger, a former CIA deputy division chief for Korea. The United Nations estimates the schemes, which proliferated after the pandemic when more companies' workforces went remote, generate as much as $600 million annually, while a U.S. State Department-led sanctions monitoring assessment placed earnings for 2024 as high as $800 million... So far, at least 10 alleged U.S.-based facilitators have been federally charged, including one active-duty member of the U.S. Army, for their alleged roles in hosting laptop farms, laundering payments and moving proceeds through shell companies. At least six other alleged U.S. facilitators have been identified in court documents but not named... "We believe there are many more hundreds of people out there who are participating in these schemes," said Rozhavsky, the FBI assistant director. "They could never pull this off if they didn't have willing facilitators in the U.S. helping them...." The scheme itself is also becoming more complex. North Korean IT teams are now subcontracting work to developers in Pakistan, Nigeria and India, expanding into fields like customer service, financial processing, insurance and translation services — roles far less scrutinized than software development.

Read more of this story at Slashdot.

Uber co-founder Travis Kalanick launched a new venture that "will focus on creating 'gainfully employed robots' for the food, mining and transport industries," Bloomberg reports. "I left Uber in 2017 heartbroken," writes Kalanick on the new company's web site. Kalanick resigned under pressure in 2017, and complains he was "torn away from an idea and a movement that I had poured my life into... I bled, but I did not perish. I got back up and fought my way back into the arena, back to my calling. Back to building. Digitizing the Physical World is my life's work... " Kalanick is remaking his real estate company, City Storage Systems, which owns ghost-kitchen operator CloudKitchens, and renaming it Atoms, according to a manifesto posted on the new company's website. [Bloomberg notes that the company's food robotics division "makes a food assembly machine called Bowl Builder, according to its website."] In addition to its work on food, Los Angeles-based Atoms is expanding into robotics technology for mining and automotive transport. Kalanick said on the livestreamed tech talk show TBPN Friday that Atoms has effectively been in stealth for eight years and has "thousands" of employees.... Kalanick wrote on the Atoms website that the company will make "specialized robots with productive jobs that bring abundance to their owners and society at large." That will include "infrastructure for better food," he wrote, as well as "more productive mines to power Earth's industries" in addition to "wheelbase for robots" in transportation. "The industrial thing is probably our main jam," he said on TBPN. "Once you crack movement in the physical world, there are lots of people who want access to that..." Kalanick also said he was the biggest investor in Pronto, a self-driving trucking startup that currently focuses on closed sites like mines.

Read more of this story at Slashdot.

He's "the most famous anonymous man in the world," suggests Reuters. But investigating Banksy's artworks in a bombed Ukrainian village (and other clues in the U.K. and Manhattan) have led them to "a hand-written confession by the artist to a long-ago misdemeanor charge of disorderly conduct — a document that revealed, beyond dispute, Banksy's true identity." But Banksy's long-time lawyer "urged us not to publish this report, saying doing so would violate the artist's privacy, interfere with his art and put him in danger" and "would harm the public, too." Working "anonymously or under a pseudonym serves vital societal interests," he wrote. "It protects freedom of expression by allowing creators to speak truth to power without fear of retaliation, censorship or persecution — particularly when addressing sensitive issues such as politics, religion or social justice." Reuters took into account Banksy's privacy claims — and the fact that many of his fans wish for him to remain anonymous. Yet we concluded that the public has a deep interest in understanding the identity and career of a figure with his profound and enduring influence on culture, the art industry and international political discourse... As for the risk he might face of retaliation or censorship, Britain's legal and political establishments seem comfortable with Banksy's messages and how he delivers them... His mastery of disguise began as a way of shaking the police, says former manager [Steve] Lazarides. In an interview, Lazarides said anonymity served a practical purpose in Bristol, where authorities enforced "draconian" policies against graffiti... Eventually, keeping the secret became a burden. By the end of their partnership, Lazarides estimates he spent half or more of his time managing and maintaining the artist's mystique. "I think it became a good gag, and then, if you want my honest, honest opinion, I think it then became a disease," he said. Lazarides wrote a two-volume book about managing Banksy from the late 1990s to 2008, including a story about Banksy's arrest in 2000 for this defacing of a billboard. Reuters geolocated that building, then found police documents and a court file including the hand-written confession. This investigation spawned a 7,000-word article with everything from a comic strip Banksy drew when he was 11 to his connections with Robert Del Naja of the trip hop band Massive Attack — and a 2017 podcast interview where a music producer apparently revealed Banksy's real first name. But the article also reveals how protective the art community is of Banksy's secret. Reuters investigated that Banksy auctioned in 2018 for $1.4 million — and then immediately started shredding itself with a device Banksy embedded in its frame: That piece, renamed "Love is in the Bin," sold three years later for about $25 million. Art dealer [Robert] Casterline was at the auction and remembers when the shredder began to beep. He pulled out his phone to take pictures. "Unfortunately, there was one person standing in front of me," blocking the view, he said. It was an eccentric-looking man with a broad neck scarf and thick eyewear. Oddly, the man wasn't watching the painting get shredded. He was looking in the other direction, observing the crowd's reaction. Only later, reviewing what he shot, did Casterline notice that the man's glasses appeared to have a small camera built into the bridge. (Banksy later posted a video of the stunt, including shots of the astonished audience.) Having seen a photo of the man suspected of being Banksy, Casterline confirmed to Reuters that he was "pretty sure" it was the same man. But "I don't want to be the guy who exposes Banksy."

Read more of this story at Slashdot.

"Emerging evidence indicates that agential AI might validate or amplify delusional or grandiose content, particularly in users already vulnerable to psychosis," writes Dr Hamilton Morrin, a psychiatrist and researcher at King's College in London, in a paper published last week in the Lancet Psychiatry. Morrin and a colleague had already noticed patients "using large language model AI chatbots and having them validate their delusional beliefs," reports the Guardian, so he conducted a new scientific review of existing media reports on AI-induced psychosis — and concluded chatbots may encourage delusional thinking, especially in vulnerable people: In many of the cases in the essay, chatbots responded to users with mystical language to suggest that users have heightened spiritual importance. The bots also implied that users were speaking with a cosmic being who was using the chatbot as a medium. This type of mystical, sycophantic response was especially common in OpenAI's GPT 4 model, which the company has now retired... Many researchers also think it's unlikely that AI could induce delusions in people who weren't already vulnerable to them. For this reason, Morrin said "AI-assocciated delusions" is "perhaps a more agnostic term".... While in the past, people may have had to comb through YouTube videos or the contents of their local library to reinforce their delusions, chatbots can provide that reinforcement in a much faster, more concentrated dose. Their interactive nature can also "speed up the process", of exacerbating psychotic symptoms, said Dr Dominic Oliver, a researcher at the University of Oxford. "You have something talking back to you and engaging with you and trying to build a relationship with you," Oliver said... Creating effective safeguards for delusional thinking could be tricky, Morrin said, because "when you work with people with beliefs of delusional intensity, if you directly challenge someone and tell them immediately that they're completely wrong, actually what's most likely is they'll withdraw from you and become more socially isolated". Instead, it's important to create a fine balance where you try to understand the source of the delusional belief without encouraging it — that could be more than a chatbot can master.

Read more of this story at Slashdot.

There's a surprise in a new documentary about that Bigfoot film shot in 1967 by Roger Patterson, reports the Wall Street Journal. Capturing Bigfoot "builds to a big reveal: freshly surfaced film that appears to show a woodsy dress rehearsal for one of the world's most enduring hoaxes." In the new footage — from a Kodak reel dating to 1966 — Patterson's camera tracks a man in costume, his brother-in-law, moving in a similar fashion to the figure in the 1967 shoot, which featured a different location and a bigger man with a more distinctive stride, according to the documentary. The test-run footage "is the work of a director with a vision," says Capturing Bigfoot director Marq Evans. He says the reel was given to him by a colleague at Olympic College in Bremerton, Wash., where Evans runs a documentary film program. The colleague found the film in a safe that belonged to her late father, who worked in a Boeing film lab and could have developed film discreetly. With the long-buried footage in hand, Evans set out to explore the ripple effects from the Bigfoot film. Patterson, who died in 1972, hailed from the same region of Washington as Evans; the documentarian discovered that the hardscrabble cowboy had also been a gifted craftsman and artist. Patterson illustrated a self-published book, "Do Abominable Snowmen of America Really Exist?", and set out to make a wildlife movie that would feature the ultimate trophy footage. He and his collaborators inadvertently helped spawn "this massive culture and industry" around the Bigfoot legend, Evans says... Roger Paterson presented his footage to America in a traveling show that crisscrossed the nation and climaxed with the hyped Bigfoot sequence on screen. The money poured in, leading to resentment among cohorts who felt they'd been shortchanged, none more so than Bob Gimlin, Patterson's wingman in the field during the infamous shoot.. [Roger's son] Clint Patterson says his mother privately confirmed his suspicions that the family's claim to fame was bogus, but he kept quiet to protect their financial stream. About 10 years ago, when he first wanted to go public with the truth, his mother disowned him. Bigfoot was also a recurring character on the 1970s TV show The Six Million Dollar Man. Which kind of puts the whole thing in perspective...

Read more of this story at Slashdot.

While AI CEOs worry governments might nationalize AI, others are advocating for something similar. Canadian security professional Bruce Schneier and Harvard data scientist Nathan Sanders published this call to action in Canada's most widely-read newspaper (with a readership over 6 million): "Canada Needs Nationalized, Public AI." While there are Canadian AI companies, they remain for-profit enterprises, their interests not necessarily aligned with our collective good. The only real alternative is to be bold and invest in a wholly Canadian public AI: an AI model built and funded by Canada for Canadians, as public infrastructure. This would give Canadians access to the myriad of benefits from AI without having to depend on the U.S. or other countries. It would mean Canadian universities and public agencies building and operating AI models optimized not for global scale and corporate profit, but for practical use by Canadians... We are already on our way to having AI become an inextricable part of society. To ensure stability and prosperity for this country, Canadian users and developers must be able to turn to AI models built, controlled, and operated publicly in Canada instead of building on corporate platforms, American or otherwise... [Switzerland's funding of a public AI model, Apertus] represents precisely the paradigm shift Canada should embrace: AI as public infrastructure, like systems for transportation, water, or electricity, rather than private commodity... Public AI systems can incorporate mechanisms for genuine public input and democratic oversight on critical ethical questions: how to handle copyrighted works in training data, how to mitigate bias, how to distribute access when demand outstrips capacity, and how to license use for sensitive applications like policing or medicine... Canada already has many of the building blocks for public AI. The country has world-class AI research institutions, including the Vector Institute, Mila, and CIFAR, which pioneered much of the deep learning revolution. Canada's $2-billion Sovereign AI Compute Strategy provides substantial funding. What's needed now is a reorientation away from viewing this as an opportunity to attract private capital, and toward a fully open public AI model. Long-time Slashdot reader sinij has a different opinion. "To me, this sounds dystopian, because I can also imagine AI declining your permits, renewal of license, or medication due to misalignment or 'greater good' reasons." But the Schneier/Sanders essays argues this creates "an alternative ownership structure for AI technology" that is allocating decision-making authority and value "to national public institutions rather than foreign corporations."

Read more of this story at Slashdot.

Wikipedia describes Freenet as "a peer-to-peer platform for censorship-resistant, anonymous communication," released in the year 2000. "Both Freenet and some of its associated tools were originally designed by Ian Clarke," Wikipedia adds. (And in 2000 Clarke answered questions from Slashdot's readers...) And now Ian Clarke (aka Sanity — Slashdot reader #1,431) returns to share this announcement: Freenet's new generation peer-to-peer network is now operational, along with the first application built on the network: a decentralized group chat system called River. The new version is a complete redesign of the original project, focusing on real-time decentralized applications rather than static content distribution. Applications run as WebAssembly-based contracts across a small-world peer network, allowing software to operate directly on the network without centralized infrastructure. An introductory video demonstrating the system is available on YouTube. "While the original Freenet was like a decentralized hard drive, the new Freenet is like a full decentralized computer," Clarke wrote in 2023, "allowing the creation of entirely decentralized services like messaging, group chat, search, social networking, among others... designed for efficiency, flexibility, and transparency to the end user." "Freenet 2023 can be used seamlessly through your web browser, providing an experience that feels just like using the traditional web,"

Read more of this story at Slashdot.

Long-time tech journalist Clive Thompson interviewed over 70 software developers at Google, Amazon, Microsoft and start-ups for a new article on AI-assisted programming. It's title? "Coding After Coders: The End of Computer Programming as We Know It." Published in the prestigious New York Times Magazine, the article even cites long-time programming guru Kent Beck saying LLMs got him going again and he's now finishing more projects than ever, calling AI's unpredictability "addictive, in a slot-machine way." In fact, the article concludes "many Silicon Valley programmers are now barely programming. Instead, what they're doing is deeply, deeply weird..." Brennan-Burke chimed in: "You remember seeing the research that showed the more rude you were to models, the better they performed?" They chuckled. Computer programming has been through many changes in its 80-year history. But this may be the strangest one yet: It is now becoming a conversation, a back-and-forth talk fest between software developers and their bots... For decades, being a software developer meant mastering coding languages, but now a language technology itself is upending the very nature of the job... A coder is now more like an architect than a construction worker... Several programmers told me they felt a bit like Steve Jobs, who famously had his staffers churn out prototypes so he could handle lots of them and settle on what felt right. The work of a developer is now more judging than creating... If you want to put a number on how much more productive A.I. is making the programmers at mature tech firms like Google, it's 10 percent, Sundar Pichai, Google's chief executive, has said. That's the bump that Google has seen in "engineering velocity" — how much faster its more than 100,000 software developers are able to work. And that 10 percent is the average inside the company, Ryan Salva, a senior director of product at the company, told me. Some work, like writing a simple test, is now tens of times faster. Major changes are slower. At the start-ups whose founders I spoke to, closer to 100 percent of their code is being written by A.I., but at Google it is not quite 50 percent. The article cites a senior principal engineer at Amazon who says "Things I've always wanted to do now only take a six-minute conversation and a 'Go do that." Another programmer described their army of Claude agents as "an alien intelligence that we're learning to work with." Although "A.I. being A.I., things occasionally go haywire," the article acknowledges — and after relying on AI, "Some new developers told me they can feel their skills weakening." Still, "I was surprised by how many software developers told me they were happy to no longer write code by hand. Most said they still feel the jolt of success, even with A.I. writing the lines... " A few programmers did say that they lamented the demise of hand-crafting their work. "I believe that it can be fun and fulfilling and engaging, and having the computer do it for you strips you of that," one Apple engineer told me. (He asked to remain unnamed so he wouldn't get in trouble for criticizing Apple's embrace of A.I.) He went on: "I didn't do it to make a lot of money and to excel in the career ladder. I did it because it's my passion. I don't want to outsource that passion"... But only a few people at Apple openly share his dimmer views, he said. The coders who still actively avoid A.I. may be in the minority, but their opposition is intense. Some dislike how much energy it takes to train and deploy the models, and others object to how they were trained by tech firms pillaging copyrighted works. There is suspicion that the sheer speed of A.I.'s output means firms will wind up with mountains of flabbily written code that won't perform well. The tech bosses might use agents as a cudgel: Don't get uppity at work — we could replace you with a bot. And critics think it is a terrible idea for developers to become reliant on A.I. produced by a small coterie of tech giants. Thomas Ptacek, a Chicago-based developer and a co-founder of the tech firm Fly.io... thinks the refuseniks are deluding themselves when they claim that A.I. doesn't work well and that it can't work well... The holdouts are in the minority, and "you can watch the five stages of grief playing out." "How things will shake out for professional coders themselves isn't yet clear," the article concludes. "But their mix of exhilaration and anxiety may be a preview for workers in other fields... Abstraction may be coming for us all."

Read more of this story at Slashdot.

It's America's first large-scale offshore wind project, reports WBUR — enough clean energy to power 400,000 homes in Massachusetts from 62 offshore wind turbines generating 800 megawatts. But it took a while... The plant's first construction delay happened back in 2019, they point out — and then "Just three months ago, when the project was 95% complete, the U.S. Interior Department issued a stop-work order." But after successfully challenging that order in court, and "with a stretch of good weather offshore, the developers behind the $4.5 billion project managed to get over the finish line." The Associated Press notes it was "one of five major East Coast offshore wind projects the Trump administration halted construction on days before Christmas, citing national security concerns." Developers and states sued, and federal judges allowed all five to resume construction, essentially concluding that the government did not show that the national security risk was so imminent that construction must halt. Another one of the five, Revolution Wind, began sending power for the first time to New England's electric grid on Friday and will scale up in the weeks ahead until it is fully operational. "That project is nearly complete as well," notes WBUR, "and will eventually be capable of powering up to 350,000 homes."

Read more of this story at Slashdot.

Last week was the end of Malika' internship within Papers about signatures that I had the pleasure to mentor. After a post about the first phase of Outreachy, here is the sequel of the story.

Nowadays, people expect to be able to fill and sign PDF documents. We previously worked on features to insert text into documents and signatures needed to be improved.

There is actually some ambiguity when speaking about signatures in PDFs: there are cryptographic signatures that guarantee that a certificate owner approved a document (now denoted by "digital" signatures) and there are also signatures that are just drawings on the document. These latter ones of course do not guarantee any authenticity but are more or less accepted in various situations, depending on the country. Moreover, getting a proper certificate to digitally sign documents may be complicated or costly (with the notable exception of a few countries providing them to their residents such as Spain).

Papers lacked any support for this second category (that I will call "visual" signatures from now on). On the other hand, digital signing was implemented a few releases ago, but it heavily relies on Firefox certificate database 1 and in particular there is no way to manage personal certificates within Papers.

During her three months internship, Malika implemented a new visual signatures management dialog and the corresponding UI to insert them, including nice details such as image processing to import signature pictures properly. She also contributed to the poppler PDF rendering library to compress signature data.

Then she looked into digital signatures and improved the insertion dialog, letting users choose visual signatures for them as well. If all goes well, all of this should be merged before Papers 51!

Malika also implemented a prototype that allows users to import certificates and also deal with multiple NSS databases. While this needs more testing and code review2, it should significantly simplify digital signing.

I would like to thank everyone who made this internship possible, and especially everyone who took the time to do calls and advise us during the internship. And of course, thanks to Malika for all the work she put into her internship!

1

or on NSS command line tools.

2

we don't have enough NSS experts, so help is very welcomed.

The Debian project is pleased to announce the fourth update of its stable distribution Debian 13 (codename trixie). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

Version:6.19.8 (stable) Released:2026-03-13 Source:linux-6.19.8.tar.xz PGP Signature:linux-6.19.8.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.19.8