You are here

Agreguesi i feed

New Florida Law Bans Local Net-Zero Emissions Policies

Slashdot - Mër, 01/07/2026 - 5:30pd
An anonymous reader quotes a report from Inside Climate News: A new state law limits Florida communities' aims to offset greenhouse gas emissions that are warming the global climate and intensifying disasters such as hurricanes. Specifically, HB 1217 prohibits local governments from pursuing net-zero emissions goals. At least 10 cities and counties have implemented such policies, including Fort Lauderdale, Miami, Orlando and Leon County, where Tallahassee, the state capital, is located. But the new law will not necessarily upend these policies, said Bradley Marshall, senior attorney at Earthjustice, an advocacy group. "It's certainly meant to scare municipalities and local governments from trying to do things to further net-zero policies," he said. "Now, its exact impact and what it exactly prohibits is probably up for some debate. Things that are adjacent to it -- emissions reductions and even climate change reduction policies -- on their face will not run afoul at all of a ban on adopting a net zero policy." The measure requires local governments to submit an affidavit annually to the state Department of Revenue verifying compliance. Gov. Ron DeSantis, a Republican, signed the measure on April 22, Earth Day, and the law will take effect July 1. It states that "net zero policies, carbon taxes and assessments, and emission trading programs are detrimental to this state's energy security and economic interests and inconsistent with the energy policy and the environmental policy of this state." [...] HB 1217 also prevents local governments from purchasing items such as vehicles or appliances based on the fuels they use or production of the items. Local governments may not participate in carbon-trading programs or use public funds to support other organizations with net-zero policies. Cities and counties also may not charge a tax or fee tied with carbon emissions. "This bill is definitely part of a larger coordinated push by the political enablers of the fossil fuel industry to obstruct any tools -- legal or legislative tools -- to hold the industry accountable for its contributions to climate change," said Laura Peterson, senior analyst at the Union for Concerned Scientists, an advocacy group. "Florida is really on the front lines. So I imagine the governor is taking this step because he sees what's coming down the pike. It's not getting better. So I can only assume that this is an effort to satisfy some of the pressures that he's getting from donors and from his party to protect the industry. And he's doing it at the expense of his constituents."

Read more of this story at Slashdot.

Network Security Monitoring: Common Linux Monitoring Gaps That Hide Threats

LinuxSecurity.com - Mar, 30/06/2026 - 6:22md
If you’re relying on standard network logs to protect your Linux infrastructure, you’re flying blind. Most organizations believe they have network security monitoring because they’re capturing traffic, but they’re actually just collecting noise. Real security—the kind that stops an attacker—happens in the gaps between the network, the process, and the host. When an attacker breaches a Linux server, they rarely reach for a custom zero-day. They use what’s already there: curl, bash, python, or ...

What Kali Linux 2026.2 Says About Today's Linux Security Priorities

LinuxSecurity.com - Mar, 30/06/2026 - 6:18md
Offensive Security just dropped Kali Linux 2026.2, and at first glance, it looks like a standard quarterly refresh. You’ve got the usual kernel bumps, desktop environment updates, and a handful of new utilities. But don't write this off as just another routine version update.  If you look past the changelog, this release highlights several capabilities that continue to be important in offensive security. From AI-assisted workflows to credential testing and mobile assessments, Kali Linux 2026....

Ford Rehires 'Gray Beard' Engineers After AI Falls Short

Slashdot - Mar, 30/06/2026 - 7:34pd
Ford executives said they've hired 350 veteran engineers — some of them former employees — after AI and automated systems failed to deliver the desired quality, reports TechCrunch: Bloomberg reports the company's chief operating officer Kumar Galhotra told journalists that Ford had been "relying more and more on automated quality systems" with disappointing results. So the company "brought back technical specialists," and those specialists "hunt for failure points before a part ever reaches the plant floor." Charles Poon, Ford's vice president of vehicle hardware engineering, added, "Mistakenly we thought that by just introducing artificial intelligence and ingesting the design requirements that we had, that that would produce a high-quality product." The article points out that Ford is using the rehired gray beard engineers to train younger staff — and, to reprogram its AI tools.

Read more of this story at Slashdot.

South Korea Plans To Train Entire Military As 'Drone Warriors'

Slashdot - Mar, 30/06/2026 - 2:34pd
"South Korea plans to train every single member of its nearly half-million-strong military to operate drones as easily as they handle personal firearms," reports Ars Technica: The goal is to make drones a "universal combat tool" for all troops by training them to use drones like a "second personal weapon," said Ahn Gyu-back, South Korea's Minister of National Defense, in a June 26 briefing reported by Reuters and other media outlets. The announcement coincides with broader plans to equip individual military units with more cheap and expendable drones for surveillance and strike missions, along with deploying more counter-drone lasers and microwave weapons. Meanwhile, South Korea's former drone operations command headquarters that used to have direct command authority over combat units will be reorganized to focus on collaborating with South Korean industry on developing and procuring commercial drone technology, according to The Korea Times. The South Korean defense minister specifically cited the conflicts in Ukraine and the Middle East as inspiring such military reforms with a focus on drone technologies... Ukraine's use of drones and military robots as a force multiplier to offset its numerical disadvantage on the battlefield versus Russia's larger military may carry special resonance for South Korea, given that the South Korean military's current active-duty strength of 450,000 personnel faces a numerical disadvantage against North Korea's active-duty military consisting of more than 1.2 million soldiers... The defense ministry is starting out by providing 11,000 "training drones" to military personnel this year, with the goal of eventually deploying 60,000 drones across the military by 2029. An additional complication comes from the South Korean military looking to procure drones with 100 percent domestically produced components and no Chinese components due to security concerns, according to the defense minister's comments reported by Reuters... South Korean companies are building new military attack drones, but the defense ministry may struggle to find enough commercial drones made without Chinese components to train hundreds of thousands of military conscripts, said Min-Cheol Jung, a cofounder of the Team Retriever counter-drone red team based in South Korea, in a War on the Rocks article.

Read more of this story at Slashdot.

Ex-Governors, Big Tech Launch Coalition To Help Workers 'Navigate the AI Economy'

Slashdot - Hën, 29/06/2026 - 9:34md
"Amid growing public anger over A.I. and a debate over how to regulate it, a group of employers, state governors and foundations has raised $500 million to try to answer some of those questions themselves," reports the New York Times. "Just how many jobs will AI upend?" asks the Wall Street Journal, reporting that the new coalition says it's time to ready the U.S. workforce for a "major" disruption — no matter how large it turns out to be. The coalition "has so far raised more than $500 million — about half of its multiyear goal — from companies and nonprofit groups. It will initially work with state governments in Arkansas, Maryland, Utah and Connecticut. OpenAI and Anthropic are also involved, and academics including MIT economist David Autor sit on an advisory board." [The new "RAISE US" coalition] will be led by former Commerce Secretary Gina Raimondo, who served under former President Joe Biden, and former Indiana Gov. Eric Holcomb, a Republican. Its mandate, they said, isn't just to build retraining programs but also to reconsider decades-old policies such as unemployment insurance and act as a working lab for testing the most effective ways to transition workers to new fields. The group will explore corporate incentives for employers to hold on to workers whose jobs are disrupted by AI and prep them for new roles... The mission of the group is to "pull all the levers at once," Raimondo said. That means teaming up with employers to find ways to help workers gain skills or new roles and joining with educators to roll out different types of training. It also plans to propose policy changes such as tweaking unemployment benefits to let displaced workers continue to get them while they, for instance, start new businesses with AI... In Maryland, the group plans to expand a service-year option in the state to help people gain exposure to such growing fields as healthcare. An effort in Arkansas will focus on supporting "an AI-powered career navigation platform." More from New York Times: The organization will work primarily with governors... The theory: States generally control their community college systems, which can translate work force policy through course offerings and industry partnerships. The bulk of the budget will fund pilot programs overseen by about 15 staff members and consultants. For example, Maryland will expand a "service year" for recent high school graduates to provide experience in fields where there are shortages, such as health care. In other states, Raise Us hopes to offer "wage insurance" for workers who take lower-paying jobs rather than dropping out of the work force entirely. The group plans to furnish technical assistance for companies that want to retain workers as A.I. changes their roles, rather than eliminating them. Microsoft, one of the companies backing the organization, said it had already found a promising model: cross-training its entry-level lawyers in different parts of the organization and equipping them with A.I. skills in order for them to be repositioned as technology evolves. "You can think of doing that with almost any job we have," said Brad Smith, vice chair and president at Microsoft. "It creates an opportunity to transfer people from jobs that are being eliminated to jobs that are being created...." Ms. Raimondo and her colleagues are not fans of a universal basic income, an idea that has gained popularity in Silicon Valley as an answer to job disruption. They emphasize that work provides more than just wages, and plan to focus on helping people find pathways to new jobs. But it's unclear whether A.I. will create jobs at the rate that it will destroy them. Jack Malde studied work force policy for the Bipartisan Policy Center and is now going to work for the Windfall Trust, another A.I.-focused think tank. He said long-term income support might be necessary, even if better models for transitioning workers were found. "The truth is, there's still a lot of uncertainty," Mr. Malde said. "What we think is resilient now might not be resilient later. We're not going to get everything right, so we're going to need those strong safety-net programs." Long-time Slashdot reader theodp writes: If you think you've seen this movie before, prior to "partnering with governors, employers, and training partners to help the American workforce make a successful transition to an AI economy" with RAISE US, Raimondo and Holcomb partnered with governors, employers and training partners to help U.S. K-12 students make a successful transition to a CS economy with the Governors for Computer Science coalition.

Read more of this story at Slashdot.

Michael Catanzaro: Your _get_type() function is not G_GNUC_CONST: Part Two

Planet GNOME - Hën, 29/06/2026 - 5:32md

This blog post is a sequel to Your _get_type() function is not G_GNUC_CONST.

GNOME developers have long used G_GNUC_CONST, which expands to __attribute__((const)), to annotate GObject _get_type() functions, despite knowing that it is incorrect to do so. const functions by definition have no side effects, but _get_type() functions actually have a side effect the first time the function is called: they initialize the type. Why apply an incorrect annotation to these functions? Because it makes the code faster.

Although this was long known to be incorrect, it worked fine in practice… until now. Regrettably, Sam James has discovered that GCC 16 may optimize away the type initialization, resulting in crashes. This is our fault for providing the compiler with wrong information about our code, so it’s time to audit your use of const attributes to remove them from _get_type() functions. Most GNOME programs use these attributes only for _get_type() functions, but if you use it in more places, then check to make sure those functions are actually const, as defined by the GCC documentation.

Sadly, there is no suitable replacement attribute for _get_type() functions. Two decades ago, Behdad requested a new idempotent attribute for expressing the desired semantics, but nobody has implemented it.

next-20260629: linux-next

Kernel Linux - Hën, 29/06/2026 - 5:14md
Version:next-20260629 (linux-next) Released:2026-06-29

IBM Says It Can Fit Nearly 100 Billion Transistors On a Chip

Slashdot - Hën, 29/06/2026 - 4:34md
IBM has unveiled "what it says is the world's first sub-1-nanometer chip technology," reports ZDNet, "designed to pack nearly 100 billion transistors on a fingernail-size die, roughly doubling the density of IBM's earlier 2-nm test chip, first shown in 2021... Today, the smallest, most powerful chips top out at about 80 billion transistors." At the heart of the announcement is NanoStack. This is a three-dimensional, nanosheet-based transistor design that scales vertically, or along the z-axis, by stacking and staggering CMOS devices. Unlike today's nanosheet architectures, which IBM also pioneered and which are being adopted by leading foundries at 3 nm and 2 nm, NanoStack bonds two nanosheet transistors into a single vertical structure, with each tier optimized independently and contacted from opposite sides. Each transistor in the demonstrated structure uses three sub-5 nm-thick nanosheets, about "15 silicon atoms" across, separated by roughly 9 nm spacers. Two such devices are then bonded vertically using an ultra-thin dielectric process IBM describes as a key innovation. Because the top and bottom devices can use different channel materials, dielectrics, and metals, IBM argues NanoStack is less a single trick and more a transistor platform that can be extended through multiple generations: 7 angstrom (Å), 5 Å, 3 Å, and potentially down to 1 Å in its internal roadmap. An angstrom, by the by, is one ten-billionth of a meter. In terms of chips, an angstrom is a tenth of a nanometer. "This is the world's first sub-1 nanometer chip technology with a new transistor architecture," said Jay Gambetta, Director of IBM Research and IBM Fellow, during a press briefing. "We're not just making smaller transistors, we're reinventing how chips are built to deliver dramatically more power and energy efficiency...." Based on internal benchmarking against its 2 nm node, the company said its new chips will deliver up to 50% higher performance at the same power, or up to 70% lower power for the same performance. Big Blue also highlighted a 40% improvement in the scaling of static random-access memory (SRAM) cell area relative to its 2 nm technology. This is a change IBM described as a "step the industry hasn't seen in over a decade" and one that could be particularly important for AI accelerators that live or die on on-chip memory bandwidth... According to Huiming Bu, IBM's VP of silicon technology R&D, NanoStack is a new paradigm. It's moving chips to scaling fully into three dimensions and giving the industry at least "another decade" of logic advances as it crosses from nanometers into angstroms... The 40% SRAM density bump could also help architects push caches and on-die memory closer to compute units, cutting data movement overhead in training and inference workloads. IBM sees a path to production use "in as early as the next 5 years", according to the article, and "expects NanoStack to eventually underpin CPUs, GPUs, mobile SoCs, and SRAM arrays." IBM's VP of silicon technology R&D says the new innovation "can improve performance by 50% compared to the best available chip today, and at the same time can reduce power by 70%."

Read more of this story at Slashdot.

Nathan Willis: Conferring notes (aka SCALE|LGM|WAVE|ATypI|LAS|Grapholinguistics)

Planet GNOME - Hën, 29/06/2026 - 4:22md

File under: brief half-year catch-ups, me not remembering when I last updated the back-end of this blog

I’m writing this from a terrible AirBnB in Reading, having just wrapped up a four-day visit to my old Typography & Graphic Communication alma mater and happy to have an excuse to put off re-packing. I’ve been fortunate in the first six months of this year to have time to participate in a number of in-person conferences after a few years of not being able to travel, and when I was looking back at the calendar I noticed that these events have been evenly split between FOSS events and type-related events, so I decided it’s worth jotting down a few of the thoughts that presented themselves before they fade away entirely. Here’s a recap:

SCALE: The Southern California Linux Expo (which, for the record, I refuse to bacronymize in a mixed-case form, so don’t at me about the capital A). I’ve been a regular for yikes years at this point, and have helped coordinate the “libre graphics track” for the past several, but this time I actually had to present a workshop as part of that. It was on the subject of learning Scribus if you’re coming from the world of LibreOffice / Microsoft Word / Google Docs / Etc. Turns out that’s an ambitious subject, scope-wise, and we didn’t get through everything I wanted to.

But for me, that highlights the fact that shifting from one Do Real Work application to another is always a monumental effort. Sure, you can fire up GIMP and do some cropping of images in a matter of minutes. But you can’t drop a full production workflow without a lot of spare time, because every individual sub-task now involves a different order of operations (or different operations), a different cycle of tool-switching, and a different set of cross-checks and QA. I don’t think we give this problem enough attention, especially when the well-meaningers on social media (and yeah, that includes Mastodon, as fully as whatever platform you don’t like) entice people to give it a try like it’s no big thing.

It also reiterated for me how important document templates are. Those are fairly forgettable 99% of the time, but what ships in the template choosers of LibreOffice, WhateverOfficeOnline, and in more specialist apps is what people end up using when they need to get things done. The typography in most FOSS templates is pretty awful: the fonts are weak, the hierarchies are non-existent, the alignments are haphazard, and the optical balance is even more non-existent than the hierarchies. I suspect that this can only being improved with a long, slow, many-person grind. I don’t know where to start.

WAVE and ATypI: Both of these are type-related or type-adjacent events, so I don’t have much that feels relevant to say about them here. WAVE is quite specialized, since it focuses on human writing: just as many of the presenters are linguists as anything else, and the type people made a stronger showing this year than they did in the original event a couple of years back but aren’t the majority. It is genuinely a wake-up call to sit down and learn about a written language that does not operate in the way that your own does, and to hear exactly how many people use it every day (as well as to see photos to remind you that all of this happens in the present, when it’s incredibly easy to write off those concerns as belonging to an earlier era in printing and just presume that Computers Fixed All That. Or that OpenType and Unicode did. Or that FOSS did.).

I do think, however, that most of the FOSS projects I’m involved with keep a stout set of blinders on about non-majority language systems and scripts, and that that’s deeply problematic. Indeed, it was not long ago that I mentioned IRL that GNOME could do a valuable bit of good for the global user community by finding and supporting scripts other than Latin/Greek/Cyrillic — in contrast to today, where the attitude is “oh, those users will figure it out for themselves like they always do aren’t they great over there” and/or “Noto Fixed All That.” It’s not hard to say that the next release of your project will also support, say, Arabic, and to at the very least be deliberate about bringing people into the room to find and test the fonts you need to determine if things are working and look good. Yes, you do have to do actual tests. Yes, I mean you.

ATypI, in contrast, is very much a “type production” event. For me, this year the bit that stood out was behind-the-scenes stuff that eeped out around the seams and got more widely discussed. Like, there was evidently initial interest from some on the local organizing side that there would be a verrrry small list of presenters: less than two dozen, total, for 3–4 days (depending on how you count workshops and exhibits). Far less than two dozen. There are two big gotchas there. First, you have to contend with gatekeeping. All of the well-known people are likely to be the ones with The Exciting Announcement to announce and, in theory, they’re a big part of the draw. But that keeps all the new community members out. Second, it crashes the economic viability of attending the event. The locale this time was Stanford, which (despite being perhaps the world’s only Junior University, look it up) is outrageously expensive, even if you already live outrageously in nearby northern California. And any time people can’t justify the cost of travel, yes you’re gatekeeping again (particularly of the hallway track), but you’re also twisting the dial on your conference further from “I Should Go” over to “Going Is Just Paying Money To Be In The Audience Of A YouTube Video That I Can Watch Any Other Time” … which is a hard dial to reverse.

LGM: The Libre Graphics Meeting seems to be back on its feet and in good form after several post-pandemic years of bumping into things. Massive props. I had a lot of side-project stuff I brought along in disorganized form, although I attended every session. I also quasi-roundtabled a session to talk about how the now defunct “Planet LibreGraphics”, may it rest unpeacefully, used to be the clear answer to the perpetual question of “how do we maintain momentum and connection the rest of the year?”

But whereas the old Planet site was a garden variety class-M aggregator of individual blogs’ RSS or Atom feeds, I’m of the unprofessional opinion that a true community aggregator today has to account for different types of inputs and outputs and user modes (sideputs?). E.g., many projects don’t announce new releases on their project blog anymore; they tag a release on GitHub. That’s a different input. A lot of people don’t post long-form content anymore, but do a lot of microblogging. That might suggest having an ActivityPub output … but it would be a bot, and it would incur a TON of overhead and put scores of messages out all day long, which you definitely couldn’t use on the traditional RSS output. So you probably need to handle those differently, maybe batching the Mastodon bits into a once-per-day blog output?

Ultimately, I’m not sure; there are a lot of these details. We’re way out in the high-cosmic-ray environment of the trans-neptunians here, or some other metaphor. Ping me if you find the question interesting, because I want to talk a lot more about it.

LAS: It was my first time going to the Linux Application Summit, as the kids call it these days, so I have more thoughts to get down about that one. For starters, it wasn’t what I expected, because I expected there to be more people there who develop Linux applications. I covered a lot of growth of post–CD-delivered-and-RPM/Apt-updated packaging efforts when I was toiling as a not-so-young FOSS journalist, so I do think I have the right grounding in systems like Snap, Flatpak, FlatHub, AppKit, immutable-image OS approaches and other user-code–confinement technical building blocks. Except Kubernetes; I never cared about that and never will.

Anyway, all of that stuff (hand-waving) is very much where LAS takes place. It’s really good to see that there are people from multiple application ecosystems talking about how they handle the current set of unsolved problems. Selfishly, one of the sessions that stood out most to me was Carlos Garnacho’s talk about the data-search layer that he’s been working on. The gist there is that it’s for searching local data … which you might think you can already do, but you’d be wrong. You can sort of do filesystem-level text searching, but that doesn’t handle complex stuff, and it really, really doesn’t let you handle per-application searching well. I’ve got a keen interest in what people do with their “big data exports” — we FOSS people like to look down our noses at the public and tell them that they should take all of their content out of The Bad Services and walk into the sunlight. But there’s not anything they can do with it when they get here (or there, depending on how you feel), and they’re the ones holding the bag. The TinySparql and LocalSearch stuff, I think, holds the potential to improve on that in a big way.

I was also quite interested to learn more about how the KDE ecosystem does its builds. I don’t do … builds, at least not in the sense that KDE and GNOME do (nor, who else, who else … Enlightenment, maybe?). But I have been forced against my will to get up to speed on some things like GitHub Actions, and the session about KDE’s build architecture did make me want to go back and re-examine some stuff I’ve built. That being the other sense of “build.” I was also very interested in Evangelos Paterakis’s talk about the gritty realities of picking up an abandoned project, reviving it in fork-form, and getting hit with the consequences of that discussion from both upstream and downstream.

For most people, what matters in these sort of pseudoplumbing projects in what’s going to be accessible in end-user applications whenever they land on the next platform releases. That’s why I thought I might encounter app developers at LAS. Instead, much of the session content was about enhancing the the plumbing layer themselves: what’s going on with portals, how sandbox/confinement techniques either fail-open or fail-close, and where the confined-application model is still leaking.

I suggest checking out Sebastien Wick’s talk about the portal situation if nothing else; the slides are available now, even if the video is not. Whenever the videos go up, I also suggest that everyone watches the session about forking a defunct project … not because it’s something everyone should do, although let’s face it, projects appear and fizzle all the time. But mainly because the social aspects of how a revived fork does or doesn’t catch on are things the FOSS community doesn’t say out loud. Not bad or shameful things, just sharp corners.

All that said, I think that what really needs to happen is for application developers to actually go to this event. I know you think you don’t need to. But the platform layer is another one of those things about which you can easily say “Didn’t Somebody Already Handle That?” and be incorrect for a long period of time before it bites you. Moreover, every time I’ve ever asked the developer of a Mac or Windows desktop app what they know about developing Linux apps, they tell me a story about running into giant potholes, missing documentation, and mismatched API expectations. The presence of Linux app developers at a plumbing-layer conference will not instantly fix that, but I do know that a lot of those Linux developers hit the same roadblocks.

LGM made a massive improvement to the ecosystem of creative-arts apps in FOSS specifically because it involved getting users, app developers, and subsystem developers into a single space. That’s not a magic trick, and the general Linux app universe would benefit from repeating the technique.

Grapholinguistics in the 21st century, also known as /gʁafematik/: This is the one I just came from, and I don’t quite have it all simmered from ingredients into stew just yet. Apart from being hosted in an initially un-airconditioned spot at the university in the hottest UK week since 1666, I don’t think I have any complaints. I introduced speakers and acted as moderator for Q&A blocks, and apart from that I visited with most but not all of the rest of the quantitative type-research clique. You know where to find us.

One takeaway, perhaps, that will be generally useful is that I spent much of the inter-session time when I was on moderator duty trying to gauge the level of nervousness of the upcoming speaker and attempting to defuse it. I don’t know how successful that actually was, but I do think there were sessions elsewhere where it might have made a difference. I don’t know; perhaps that’s projecting.

Anyway, before the Internet runs out of bits, I should wrap up. I do need to be sure to express my appreciation to the GNOME Foundation, who chipped in with some travel expense assistance for LAS, as well as to my friend and mentor-in-a-few-very,-very-limited-capacities-I-can’t-emphasize-that-part-enough Sri Ramkrishna for pinging me about it and then reminding me. I’m definitely glad I went.

At the moment, I’m halfway through reconfiguring the blog site here into static format (fighting Unicode support in the old platform), so don’t count on commenting to work. If you want to reply to anything I said here, try me on Mastodon.

Linux Foundation Launches Akrites to Strengthen Software Supply Chain Security

LinuxSecurity.com - Hën, 29/06/2026 - 4:10md
The Linux Foundation has officially launched Akrites, a coordinated industry initiative designed to improve how critical open source vulnerabilities are validated, coordinated, and disclosed before patches reach downstream users.   Backed by a diverse coalition—including AWS, Google, Microsoft/GitHub, Red Hat, NVIDIA, and OpenAI—Akrites establishes a shared Security Incident Response Team (SIRT) to streamline the validation, remediation, and disclosure of vulnerabilities in the foundational c...

How to Read Linux Audit Logs During an Intrusion

LinuxSecurity.com - Hën, 29/06/2026 - 2:42md
When a security alert fires, the panic often sets in before the analysis. Many administrators instinctively reach for /var/log/auth.log or journalctl, but those logs tell only a partial story. They document successful logins and authentication attempts, but they rarely capture the granular "how" of a post-compromise environment. To truly reconstruct an attack, you need to master audit logs. Unlike standard authentication logs, Linux audit logs (managed by auditd) record system-level activity,...

Scientists Think Neptune and Uranus May Not Be the Ice Giants We Imagined

Slashdot - Hën, 29/06/2026 - 11:34pd
The planets Neptune and Uranus may be better described as "magma-ocean giants" rather than "ice giants," according to a team of researchers from the University of California. Gizmodo reports: While the Voyager flyby confirmed the planets' classification as ice giants... [a]s the least explored planets in the solar system, the two planets have never been thoroughly investigated. Therefore, scientists aren't sure where the planets originally formed in the early solar system or the reason for their wildly chaotic magnetic fields. A long-standing hypothesis suggests that both worlds have a hydrogen/helium atmosphere that covers a vast mantle of ices, made primarily of water, ammonia, and methane, with a rocky core. The new study, however, notes that the three-layer model of an ice giant's interior structure is not the only way to explain the properties of the two planets. The researchers also point out that objects found in the Kuiper Belt, which are thought to preserve evidence of the material in the outer Solar System where Uranus and Neptune formed, are primarily composed of rock rather than ice. For the recent study, the researchers simulated different models for the interior processes and composition of Uranus and Neptune. The model that best fits Uranus's and Neptune's different properties suggests the two planets have a well-mixed magma ocean with dissolved hydrogen at the bottom and a hydrogen-dominated envelope at the top. The model suggests that at high pressures, hydrogen gas can dissolve into magma, forming a well-mixed fluid. This mixing might help explain Uranus's and Neptune's density, which has traditionally been interpreted as evidence for an ice-rich interior. The article notes that the theory "could also help scientists understand the interior structure of sub-Neptune planets in the Milky Way, which have thus far remained a mystery."

Read more of this story at Slashdot.

Looking for the artwork for Trixie the next Debian release

Bits from Debian - Pre, 21/06/2024 - 12:00md

Each release of Debian has a shiny new theme, which is visible on the boot screen, the login screen and, most prominently, on the desktop wallpaper. Debian plans to release Trixie, the next release, next year. As ever, we need your help in creating its theme! You have the opportunity to design a theme that will inspire thousands of people while working in their Debian systems.

For the most up to date details, please refer to the wiki.

We would also like to take this opportunity to thank Juliette Taka Belin for doing the Emerald theme for bookworm.

The deadlines for submissions is: 2024-09-19

The artwork is usually picked based on which themes look the most:

  • ''Debian'': admittedly not the most defined concept, since everyone has their own take on what Debian means to them.
  • ''plausible to integrate without patching core software'': as much as we love some of the insanely hot looking themes, some would require heavy GTK+ theming and patching GDM/GNOME.
  • ''clean / well designed'': without becoming something that gets annoying to look at a year down the road. Examples of good themes include Joy, Lines, Softwaves and futurePrototype.

If you'd like more information or details, please post to the Debian Desktop mailing list.

New Debian Developers and Maintainers (March and April 2024)

Bits from Debian - Pre, 31/05/2024 - 6:00md

The following contributors got their Debian Developer accounts in the last two months:

  • Patrick Winnertz (winnie)
  • Fabian Gruenbichler (fabiang)

The following contributors were added as Debian Maintainers in the last two months:

  • Juri Grabowski
  • Tobias Heider
  • Jean Charles Delépine
  • Guilherme Puida Moreira
  • Antoine Le Gonidec
  • Arthur Barbosa Diniz

Congratulations!

Bits from the DPL

Bits from Debian - Enj, 02/05/2024 - 3:00pd

Hi,

Keeping my promise for monthly bits, here's a quick snapshot of my first ten days as DPL.

Special thanks to Jonathan for an insightful introduction that left less room for questions. His introduction covered my first tasks like expense approval and CTTE member appointments thoroughly. Although I made a visible oversight by forgetting to exclude Simon McVittie <smcv> from the list, whose term has ended , I'm committed to learning from this mistake. In future I'll prioritize thorough proofreading to ensure accuracy.

Part of my "work" was learning what channels I need to subscribe and adjust my .procmailrc and .muttrc took some time.

Recently I had my first press interview. I had to answer a couple of prepared questions for Business IT News. It seems journalists are always on the lookout for unique angles. When asked if humility is a new trait for DPLs, my response would be a resounding "No." In my experience, humility is a common quality among DPLs I've encountered, including Jonathan.

One of my top priorities is reaching out to all our dedicated and appointed teams, including those managing critical infrastructure. I've begun with the CTTE, Salsa Admins and Debian Snapshot. Everything appears to be in order with the CTTE team. I'm waiting for response from Salsa and Snapshot, which is fine given the recent contact.

I was pointed out to the fact that lintian is in an unfortunate state as Axel Beckert confirmed on the lintian maintainers list. It turns out that bug #1069745 of magics-python should not have been undetected for a long time if lintian bug #677078 would have been fixed. It seems obvious to me that lintian needs more work to fulfill its role as reliably policy checker to ensure our high level of packaging quality.

In any case thanks a lot to Axel who is doing his best but it seems urgent to me to find some more person-power for this task. Any volunteer to lend some helping hand in the lintian maintainers team?

On 2024-04-30 I gave my first talk "Bits from greenhorn DPL" online at MiniDebConf Brasil in Belo Horizonte. The Q&A afterwards stired some flavours of the question: "What can Debian Brasil do better?" My answer was always in a way: Given your great activity in now organising the fifth MiniDebConf you are doing pretty well and I have no additional hints for the moment.

Kind regards Andreas.

Debian welcomes the 2024 GSOC contributors/students

Bits from Debian - Mër, 01/05/2024 - 11:56md

We are very excited to announce that Debian has selected seven contributors to work under mentorship on a variety of projects with us during the Google Summer of Code.

Here are the list of the projects, students, and details of the tasks to be performed.

Project: Android SDK Tools in Debian

  • Student: anuragxone

Deliverables of the project: Make the entire Android toolchain, Android Target Platform Framework, and SDK tools available in the Debian archives.

Project: Benchmarking Parallel Performance of Numerical MPI Packages

  • Student: Nikolaos

Deliverables of the project: Deliver an automated method for Debian maintainers to test selected numerical Debian packages for their parallel performance in clusters, in particular to catch performance regressions from updates, and to verify expected performance gains, such as Amdahl’s and Gufstafson’s law, from increased cluster resources.

Project: Debian MobCom

  • Student: Nathan D

Deliverables of the project: Update the outdated mobile packages and recreate aged packages due to new dependencies. Bring in more mobile communication tools by adding about 5 new packages.

Project: Improve support of the Rust coreutils in Debian

  • Student: Sreehari Prasad TM

Deliverables of the project: Make uutils behave more like GNU’s coreutils by improving compatibility with GNU coreutils test suit.

Project: Improve support of the Rust findutils in Debian

  • Student: hanbings

Deliverables of the project: A safer and more performant implementation of the GNU suite's xargs, find, locate and updatedb tools in rust.

Project: Expanding ROCm support within Debian and derivatives

  • Student: xuantengh

Deliverables of the project: Building, packaging, and uploading missing ROCm software into Debian repositories, starting with simple tools and progressing to high-level applications like PyTorch, with the final deliverables comprising a series of ROCm packages meeting community quality assurance standards.

Project: procps: Development of System Monitoring, Statistics and Information Tools in Rust

  • Student: Krysztal Huang

Deliverables of the project: Improve the usability of the entire Rust-based implementation of the procps utility on Linux.

Congratulations and welcome to all the contributors!

The Google Summer of Code program is possible in Debian thanks to the efforts of Debian Developers and Debian Contributors that dedicate part of their free time to mentor contributors and outreach tasks.

Join us and help extend Debian! You can follow the contributors' weekly reports on the [debian-outreach mailing-list][debian-outreach-ml], chat with us on our [IRC channel][debian-outreach-irc] or reach out to the individual projects' team mailing lists.

[debian-outreach-ml]: http://lists.debian.org/debian-outreach/ (debian-outreach AT lists.debian.org) [debian-outreach-irc]: irc://irc.debian.org/debian-outreach (#debian-outreach on irc.debian.org)

Infomaniak Platinum Sponsor of DebConf24

Bits from Debian - Mër, 01/05/2024 - 12:08md

We are pleased to announce that Infomaniak has committed to sponsor DebConf24 as a Platinum Sponsor.

Infomaniak is an independent cloud service provider recognised throughout Europe for its commitment to privacy, the local economy and the environment. Recording growth of 18% in 2023, the company is developing a suite of online collaborative tools and cloud hosting, streaming, marketing and events solutions.

Infomaniak uses exclusively renewable energy, builds its own data centers and develops its solutions in Switzerland at the heart of Europe, without relocating. The company powers the website of the Belgian radio and TV service (RTBF) and provides streaming for more than 3,000 TV and radio stations in Europe.

With this commitment as Platinum Sponsor, Infomaniak is contributing to the Debian annual Developers' conference, directly supporting the progress of Debian and Free Software. Infomaniak contributes to strengthen the community that collaborates on Debian projects from all around the world throughout all of the year.

Thank you very much, Infomaniak, for your support of DebConf24!

Become a sponsor too!

DebConf24 will take place from 28th July to 4th August 2024 in Busan, South Korea, and will be preceded by DebCamp, from 21st to 27th July 2024.

DebConf24 is accepting sponsors! Interested companies and organizations should contact the DebConf team through sponsors@debconf.org, or viisit the DebConf24 website at https://debconf24.debconf.org/sponsors/become-a-sponsor/.

Debian Project Leader Election 2024, Andreas Tille elected.

Bits from Debian - Hën, 22/04/2024 - 2:00md

The voting period for the Debian Project Leader election has ended. Please join us in congratulating Andreas Tille as the new Debian Project Leader.

The new term for the project leader started on 2024-04-21.

369 of 1,010 Debian Developers voted using the Condorcet method.

More information about the results of the voting are available on the Debian Project Leader Elections 2024 page.

Many thanks all of our Developers for voting.

apt install dpl-candidate: Andreas Tille

Bits from Debian - Pre, 05/04/2024 - 8:36md

The Debian Project Developers will shortly vote for a new Debian Project Leader known as the DPL.

The Project Leader is the official representative of The Debian Project tasked with managing the overall project, its vision, direction, and finances.

The DPL is also responsible for the selection of Delegates, defining areas of responsibility within the project, the coordination of Developers, and making decisions required for the project.

Our outgoing and present DPL Jonathan Carter served 4 terms, from 2020 through 2024. Jonathan shared his last Bits from the DPL post to Debian recently and his hopes for the future of Debian.

Recently, we sat with the two present candidates for the DPL position asking questions to find out who they really are in a series of interviews about their platforms, visions for Debian, lives, and even their favorite text editors. The interviews were conducted by disaster2life (Yashraj Moghe) and made available from video and audio transcriptions:

  • Andreas Tille [this document]
  • Sruthi Chandran [Interview]

Voting for the position starts on April 6, 2024.

Editors' note: This is our official return to Debian interviews, readers should stay tuned for more upcoming interviews with Developers and other important figures in Debian as part of our "Meet your Debian Developer" series. We used the following tools and services: Turboscribe.ai for the transcription from the audio and video files, IRC: Oftc.net for communication, Jitsi meet for interviews, and Open Broadcaster Software (OBS) for editing and video. While we encountered many technical difficulties in the return to this process, we are still able and proud to present the transcripts of the interviews edited only in a few areas for readability.

2024 Debian Project Leader Candidate: Andrea Tille

Andreas' Interview

Who are you? Tell us a little about yourself.

[Andreas]:

How am I? Well, I'm, as I wrote in my platform, I'm a proud grandfather doing a lot of free software stuff, doing a lot of sports, have some goals in mind which I like to do and hopefully for the best of Debian.

And How are you today?

[Andreas]:

How I'm doing today? Well, actually I have some headaches but it's fine for the interview.

So, usually I feel very good. Spring was coming here and today it's raining and I plan to do a bicycle tour tomorrow and hope that I do not get really sick but yeah, for the interview it's fine.

What do you do in Debian? Could you mention your story here?

[Andreas]:

Yeah, well, I started with Debian kind of an accident because I wanted to have some package salvaged which is called WordNet. It's a monolingual dictionary and I did not really plan to do more than maybe 10 packages or so. I had some kind of training with xTeddy which is totally unimportant, a cute teddy you can put on your desktop.

So, and then well, more or less I thought how can I make Debian attractive for my employer which is a medical institute and so on. It could make sense to package bioinformatics and medicine software and it somehow evolved in a direction I did neither expect it nor wanted to do, that I'm currently the most busy uploader in Debian, created several teams around it.

DebianMate is very well known from me. I created the Blends team to create teams and techniques around what we are doing which was Debian TIS, Debian Edu, Debian Science and so on and I also created the packaging team for R, for the statistics package R which is technically based and not topic based. All these blends are covering a certain topic and R is just needed by lots of these blends.

So, yeah, and to cope with all this I have written a script which is routing an update to manage all these uploads more or less automatically. So, I think I had one day where I uploaded 21 new packages but it's just automatically generated, right? So, it's on one day more than I ever planned to do.

What is the first thing you think of when you think of Debian?

Editors' note: The question was misunderstood as the “worst thing you think of when you think of Debian”

[Andreas]:

The worst thing I think about Debian, it's complicated. I think today on Debian board I was asked about the technical progress I want to make and in my opinion we need to standardize things inside Debian. For instance, bringing all the packages to salsa, follow some common standards, some common workflow which is extremely helpful.

As I said, if I'm that productive with my own packages we can adopt this in general, at least in most cases I think. I made a lot of good experience by the support of well-formed teams. Well-formed teams are those teams where people support each other, help each other.

For instance, how to say, I'm a physicist by profession so I'm not an IT expert. I can tell apart what works and what not but I'm not an expert in those packages. I do and the amount of packages is so high that I do not even understand all the techniques they are covering like Go, Rust and something like this.

And I also don't speak Java and I had a problem once in the middle of the night and I've sent the email to the list and was a Java problem and I woke up in the morning and it was solved. This is what I call a team. I don't call a team some common repository that is used by random people for different packages also but it's working together, don't hesitate to solve other people's problems and permit people to get active.

This is what I call a team and this is also something I observed in, it's hard to give a percentage, in a lot of other teams but we have other people who do not even understand the concept of the team. Why is working together make some advantage and this is also a tough thing. I [would] like to tackle in my term if I get elected to form solid teams using the common workflow. This is one thing.

The other thing is that we have a lot of good people in our infrastructure like FTP masters, DSA and so on. I have the feeling they have a lot of work and are working more or less on their limits, and I like to talk to them [to ask] what kind of change we could do to move that limits or move their personal health to the better side.

The DPL term lasts for a year, What would you do during that you couldn't do now?

[Andreas]:

Yeah, well this is basically what I said are my main issues. I need to admit I have no really clear imagination what kind of tasks will come to me as a DPL because all these financial issues and law issues possible and issues [that] people who are not really friendly to Debian might create. I'm afraid these things might occupy a lot of time and I can't say much about this because I simply don't know.

What are three key terms about you and your candidacy?

[Andreas]:

As I said, I like to work on standards, I’d like to make Debian try [to get it right so] that people don't get overworked, this third key point is be inviting to newcomers, to everybody who wants to come. Yeah, I also mentioned in my term this diversity issue, geographical and from gender point of view. This may be the three points I consider most important.

Preferred text editor?

[Andreas]:

Yeah, my preferred one? Ah, well, I have no preferred text editor. I'm using the Midnight Commander very frequently which has an internal editor which is convenient for small text. For other things, I usually use VI but I also use Emacs from time to time. So, no, I have not preferred text editor. Whatever works nicely for me.

What is the importance of the community in the Debian Project? How would like to see it evolving over the next few years?

[Andreas]:

Yeah, I think the community is extremely important. So, I was on a lot of DebConfs. I think it's not really 20 but 17 or 18 DebCons and I really enjoyed these events every year because I met so many friends and met so many interesting people that it's really enriching my life and those who I never met in person but have read interesting things and yeah, Debian community makes really a part of my life.

And how do you think it should evolve specifically?

[Andreas]:

Yeah, for instance, last year in Kochi, it became even clearer to me that the geographical diversity is a really strong point. Just discussing with some women from India who is afraid about not coming next year to Busan because there's a problem with Shanghai and so on. I'm not really sure how we can solve this but I think this is a problem at least I wish to tackle and yeah, this is an interesting point, the geographical diversity and I'm running the so-called mentoring of the month.

This is a small project to attract newcomers for the Debian Med team which has the focus on medical packages and I learned that we had always men applying for this and so I said, okay, I dropped the constraint of medical packages.

Any topic is fine, I teach you packaging but it must be someone who does not consider himself a man. I got only two applicants, no, actually, I got one applicant and one response which was kind of strange if I'm hunting for women or so.

I did not understand but I got one response and interestingly, it was for me one of the least expected counters. It was from Iran and I met a very nice woman, very open, very skilled and gifted and did a good job or have even lose contact today and maybe we need more actively approach groups that are underrepresented. I don't know if what's a good means which I did but at least I tried and so I try to think about these kind of things.

What part of Debian has made you smile? What part of the project has kept you going all through the years?

[Andreas]:

Well, the card game which is called Mao on the DebConf made me smile all the time. I admit I joined only two or three times even if I really love this kind of games but I was occupied by other stuff so this made me really smile. I also think the first online DebConf in 2020 made me smile because we had this kind of short video sequences and I tried to make a funny video sequence about every DebConf I attended before. This is really funny moments but yeah, it's not only smile but yeah.

One thing maybe it's totally unconnected to Debian but I learned personally something in Debian that we have a do-ocracy and you can do things which you think that are right if not going in between someone else, right? So respect everybody else but otherwise you can do so.

And in 2020 I also started to take trees which are growing widely in my garden and plant them into the woods because in our woods a lot of trees are dying and so I just do something because I can. I have the resource to do something, take the small tree and bring it into the woods because it does not harm anybody. I asked the forester if it is okay, yes, yes, okay. So everybody can do so but I think the idea to do something like this came also because of the free software idea. You have the resources, you have the computer, you can do something and you do something productive, right? And when thinking about this I think it was also my Debian work.

Meanwhile I have planted more than 3,000 trees so it's not a small number but yeah, I enjoy this.

What part of Debian would you have some criticisms for?

[Andreas]:

Yeah, it's basically the same as I said before. We need more standards to work together. I do not want to repeat this but this is what I think, yeah.

What field in Free Software generally do you think requires the most work to be put into it? What do you think is Debian's part in the field?

[Andreas]:

It's also in general, the thing is the fact that I'm maintaining packages which are usually as modern software is maintained in Git, which is fine but we have some software which is at Sourceport, we have software laying around somewhere, we have software where Debian somehow became Upstream because nobody is caring anymore and free software is very different in several things, ways and well, I in principle like freedom of choice which is the basic of all our work.

Sometimes this freedom goes in the way of productivity because everybody is free to re-implement. You asked me for the most favorite editor. In principle one really good working editor would be great to have and would work and we have maybe 500 in Debian or so, I don't know.

I could imagine if people would concentrate and say five instead of 500 editors, we could get more productive, right? But I know this will not happen, right? But I think this is one thing which goes in the way of making things smooth and productive and we could have more manpower to replace one person who's [having] children, doing some other stuff and can't continue working on something and maybe this is a problem I will not solve, definitely not, but which I see.

What do you think is Debian's part in the field?

[Andreas]:

Yeah, well, okay, we can bring together different Upstreams, so we are building some packages and have some general overview about similar things and can say, oh, you are doing this and some other person is doing more or less the same, do you want to join each other or so, but this is kind of a channel we have to our Upstreams which is probably not very successful.

It starts with code copies of some libraries which are changed a little bit, which is fine license-wise, but not so helpful for different things and so I've tried to convince those Upstreams to forward their patches to the original one, but for this and I think we could do some kind of, yeah, [find] someone who brings Upstream together or to make them stop their forking stuff, but it costs a lot of energy and we probably don't have this and it's also not realistic that we can really help with this problem.

Do you have any questions for me?

[Andreas]:

I enjoyed the interview, I enjoyed seeing you again after half a year or so. Yeah, actually I've seen you in the eating room or cheese and wine party or so, I do not remember we had to really talk together, but yeah, people around, yeah, for sure. Yeah.


Faqet

Subscribe to AlbLinux agreguesi