#Fedora Sealed Bootable Container Images, Possibly Opening the Door to a “Fully Verified Boot Chain”

https://www.privacyguides.org/news/2026/05/04/fedora-sealed-bootable-container-images-possibly-opening-the-door-to-a-fully-verified-boot-chain/

#Linux #FOSS #cybersecurity

#CISA says ‘#CopyFail’ flaw now exploited to root #Linux systems

https://www.bleepingcomputer.com/news/security/cisa-says-copy-fail-flaw-now-exploited-to-root-linux-systems/

#cybersecurity

#CISA says ‘#CopyFail’ flaw now exploited to root #Linux systems

https://www.bleepingcomputer.com/news/security/cisa-says-copy-fail-flaw-now-exploited-to-root-linux-systems/

#cybersecurity

New Release: #Tails 7.7.2

https://tails.net/news/version_7.7.2/

#cybersecurity #anonymity #Tor #Linux #CopyFail

#Linux

Apple Silicon MacBooks were not left behind. Fedora Asahi Remix 44 released to bring you totally up to date on Fedora! As with the editions, Plasma 6.6 and GNOME 50 are available, as well as some under the hood changes to switch to upstream packages.

➡️ https://fedoramagazine.org/fedora-asahi-remix-44-is-now-available/

#AsahiLinux #FedoraAsahi #Fedora #Linux #OpenSource

Efter flere måneders desktop hopping forstår jeg endelig, hvorfor #Linux -brugere ikke kan blive enige om noget som helst 😀

Jeg var ikke en af dem, der begyndte at skifte distribution, fordi jeg var nysgerrig

For mig handlede det om workflow problemer
https://www.makeuseof.com/every-linux-desktop-environment-i-tried-excelled-at-something-and-failed-at-something-else/

Midori Browser becomes the first browser to launch a VPN alternative using Mesh technology, but decentralization, better privacy and better transparency, all of which are available but in version 11.7.1

https://astian.org/midori-en/performance-adblock-and-more-in-midori-11-7-1/

#privacy #tech #web #browser #midoribrowser #linux #wireguard #mesh #opensuse #fedora #debian #ubuntu #windows

Alt...

Midori 11.7.1 with VPN Mesh

Ubuntu will add opt-in AI features via Snaps in 26.10, including speech tools and automation, without a global disable switch, raising user control concerns. 🤖
Canonical says AI Snaps can be removed, but some users want AI-free builds or may switch to Linux Mint or Pop!_OS, citing privacy and autonomy risks. 🔐

🔗 https://www.theverge.com/tech/920723/linux-ubuntu-ai-features-ai-kill-switch

#TechNews #Ubuntu #Canonical #Linux #OpenSource #AI #ArtificialIntelligence #Privacy #FOSS #Security #Transparency #Data #Software #Freedom #Computing #Tech

mpd radio

How to stream and listen to music across the network.

https://nein.triapul.cz/radio/

#openbsd #mpd #audio #linux #serpico #tutorial

Alt...

Ema struggles with mpd configuration

I can't speak to the accuracy or "correctness" of the guy's instructions, but the way he opens the video is freaking hilarious.

https://inv.nadeko.net/watch?v=uTrOIPIx7pY

How to Install OpenBSD (2027 Edition)

#OpenBSD #Linux #Install #MemeVideo

That's a hate crime. ❌

#linux #gaming #windows #steamdeck

Alt...

Four slides to this meme. In the first, a yellow bear (Winnie-the-Pooh) says, "I love honey!," with a pink pig sitting beside him (Piglet). In the second slide, Pooh is seen saying, "But you know what I don't love?" Piglet looks over worringly. In the third slide Pooh says, "People who install Windows 11 on a Steam Deck." In the fourth slide he is looking menacingly at the viewer (you).

#Ubuntu services hit by outages after #DDoS attack

https://techcrunch.com/2026/05/01/ubuntu-services-hit-by-outages-after-ddos-attack/

#FOSS #privacy #cybersecurity #Linux

Frigate is an open-source, self-hosted NVR with real-time AI object detection for IP cameras.

It runs fully locally, integrates with Home Assistant, and lets you monitor events without relying on cloud services or handing over your recordings.

A powerful privacy-friendly alternative to cloud camera systems.

GitHub: https://github.com/blakeblackshear/frigate

More privacy-friendly tools:
https://digitalescapetools.com/

#OpenSource #SelfHosted #Privacy #HomeAssistant #Linux #SmartHome

Alt...

A screenshot of the Frigate NVR GitHub page in dark mode. The page describes Frigate as an open-source, local NVR with real-time AI object detection for IP cameras using OpenCV and TensorFlow. It highlights Home Assistant integration, MIT licensing, and support for AI accelerators for better performance.

Greg Kroah-Hartman: "If you look there are thousands of unfixed CVEs in the older LTS kernels right now, and if distros or users that rely on those older branches wish to see those resolved, they need to provide working backports to us to apply, as our first attempt did not work (which is why they are unfixed in those branches.)"

Really asking for a "Pray tell us", given that nobody actually bothered disclosing the problem to downstreams and that the commit message was hiding it.

Either way, apparently the great LLM-backed patch backporting process that #NVidia is so proud of doesn't really work. Upstream doesn't really care about #LTS branches, and they should be considered insecure by default.

https://lore.kernel.org/stable/2026050114-supernova-angler-2de1@gregkh/

#Gentoo #Linux #CopyFail #security

May is here and our #CfP has been open for a whole week! Don't let the month go by without submitting your talk!!

We are all about free/libre/open software, hardware conference. 100% ran by volunteers.

https://seagl.org/cfp

#SeaGL2026 #linux #OSS #floss #seattle

@blogdiva So true.

#Linux

New Release: #Tails 7.7.1

https://tails.net/news/version_7.7.1/

#privacy #anonymity #FOSS #Linux #cybersecurity

The most severe Linux threat to surface in years catches the world flat-footed:
CopyFail threatens multi-tenant servers, CI/CD work flows, Kubernetes containers, and more.

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers and on personal devices.

🌐 https://arstechnica.com/security/2026/04/as-the-most-severe-linux-threat-in-years-surfaces-the-world-scrambles/

#web #linux #internet #network #copyfail

RE: https://infosec.exchange/@patrickcmiller/116497719012673276

“The realistic threat chain looks like this. An attacker exploits a known WordPress plugin vulnerability and gets shell access as www-data. They run the copy.fail PoC. They are now root on the host. Every other tenant is suddenly reachable, in the way I walked through in this hack post-mortem. The vulnerability does not get the attacker onto the box; it changes what happens in the next ten seconds after they land there.”

#CopyFail #linux #exploit

I'm finally Powered By Linux

I have officially made it to Linux. It's now my desktop of choice 99.9% of the time.

https://forkingmad.blog/powered-by-linux/

#blogpost #linux

Alt...

Image of the Forking mad Logo (a plate, a mouse, garden fork, kitchen knife, and a devil in the middle of the plate). With the words "Forking Mad+". Bottom right is a illustration of a linux penguin holding a battery, with the words "Powered by Linux" on the its chest

#Ubuntu’s #AI plans have #Linux users looking for a ‘kill switch’

https://www.theverge.com/tech/920723/linux-ubuntu-ai-features-ai-kill-switch

#FOSS #privacy

#CopyFail

https://copy.fail/

#cybersecurity #Linux #FOSs

Yet another nasty #Linux root access vulnerability (local, not remote)

https://www.penligent.ai/hackinglabs/copy-fail-cve-2026-31431-a-linux-kernel-bug-that-turns-page-cache-into-root/

Note: Not using Linux myself much atm, just passing this on!

#linux #root

https://thehackernews.com/2026/04/new-linux-copy-fail-vulnerability.html?_m=3n.009a.3965.ft0ao0dolj.30kb&m=1

#cybersecurity #linux

So you read about #CopyFail, and are like… owww, shit. But then you see that it was responsibly disclosed after being fixed in main, we had releases since, they went stable in #Gentoo (over other #security fixes), so we should be good, right?

Except that it turns out that after it has been fixed in mainline, nobody bothered actually backporting the fix to all the LTS branches. And it doesn't apply cleanly (https://social.treehouse.systems/@thesamesam/116490971618284574). What a shitshow!

(And we've been only talking how 5.x don't get vulnerability fixes in time — but it turns out that anything but the latest is insecure to use!)

#Gentoo #Linux

Jesus Michał von Gentoo 🏔 (he) boosted

sam » 🌐 2026-04-30
@thesamesam@social.treehouse.systems

Very unfortunate that the fix for CVE-2026-31431 isn't easily backportable, with a new API being added, and then its implementation details changing, since the last LTS (6.12 vs 6.18).

https://xint.io/blog/copy-fail-linux-distributions

#linux #infosec

We are also testing sealed bootable container images! These are installs which "include all the components needed to create a fully verified boot chain, from the firmware to the operating system composefs image."

Please give them a try and give us feedback.
https://fedoramagazine.org/sealed-atomic-desktops-test-images/

Lastly, here is how you can rebase to Fedora 44 from Silverblue or other Atomic Desktops. :)
https://fedoramagazine.org/how-to-rebase-to-fedora-linux-44-on-silverblue/

#Fedora #bootc #Linux #OpenSource #CloudNative

The #Fedora #Linux 44 Release is Here!

https://fedoramagazine.org/announcing-fedora-linux-44/

#FOSS #cybersecurity #privacy

Linux kernel 7.0.2: 29,893,067 SLOC, according to cloc (kernel-only)
9front 11554:        2,031,330 SLOC, according to cloc (*entire* OS)

Hmmm...

#Linux #9front

deets (output converted to CSV to make it fit in a toot):

rld@prometheus:tmp$ cloc linux-7.0.2
 92975 text files.
 81091 unique files. 
 11888 files ignored.

github.com/AlDanial/cloc v 2.08 T=183.93 s (440.9 files/s, 215422.3 lines/s)
Language,files,blank,comment,code
C,36544,3753694,2871484,19348231
C/C++ Header,26366,780389,1558883,8141105
JSON,788,3,0,537120
reStructuredText,3931,194961,81174,532329
YAML,5460,100824,24940,494050
Assembly,1359,48384,100209,233628
Bourne Shell,1252,38984,25907,151802
Text,1001,20085,0,91662
Rust,345,11439,35504,90604
Python,362,17822,15550,78292
make,3179,12697,13285,59148
SVG,87,98,1311,56094
Perl,67,6754,4529,34486
XML,31,1469,1685,21064
yacc,10,722,447,4841
PO File,7,1106,1269,4336
Bourne Again Shell,63,614,407,2458
lex,10,366,355,2218
C++ 9,356,143,1917
awk,16,374,480,1722
CSV,11,126,0,1389
Jinja Template,102,69,98,794
NAnt script,2,167,0,609
XML (Qt/GTK),1,50,0,486
Markdown,6,151,3,467
XSD,1,46,9,349
Logos,2,53,0,230
CSS,3,59,76,193
Cucumber,1,37,97,188
TeX,1,6,73,155
TNSDL,2,33,0,140
Windows Module Definition,2,20,0,137
Snakemake,5,14,13,130
Linker Script,5,25,11,126
m4,1,15,1,95
Clojure,33,1,0,87
XSLT,5,13,26,61
BitBake,5,65,178,58
Umka,2,18,0,46
MATLAB,1,17,37,35
INI,3,6,0,34
sed,2,23,52,31
TOML,3,7,12,28
vim script,1,3,12,27
HTML,2,4,5,25
Ruby,1,4,0,25
Velocity Template Language,1,0,0,15
SUM:,81091,4992173,4738265,29893067

rld@prometheus:9front$ doas mount 9front-11554.amd64.iso /mnt
doas (rld@prometheus) password: 
mount: /mnt: WARNING: source write-protected, mounted read-only.
rld@prometheus:9front$ cd /mnt/sys/src
rld@prometheus:src$ cloc .
 8545 text files.
 7103 unique files. 
 1519 files ignored.

github.com/AlDanial/cloc v 2.08 T=18.94 s (374.9 files/s, 134541.3 lines/s)
Language,files,blank,comment,code
C,4980,208394,167453,1618860
C/C++ Header,1401,31197,60111,196230
HTML,50,29751,715,139357
Assembly,351,4565,5449,23791
yacc,34,1345,722,18197
Bourne Shell,44,1165,1466,7507
R,18,324,126,6970
Text,10,671,0,3120
C++,4,404,347,2888
XML,2,6,0,2873
lex,18,238,520,2822
Windows Resource File,58,477,141,2660
make,17,233,211,1019
Pawn,3,21,13,650
DOS Batch,54,164,49,614
Lisp,1,182,114,405
ReasonML,1,0,0,403
JavaScript,3,60,1,356
Nemerle,1,31,72,356
m4,1,44,62,322
WebAssembly,2,32,0,239
Perl,2,57,77,214
Smalltalk,5,9,0,211
Clojure,2,0,0,210
awk,7,19,85,197
SAS,2,38,89,168
Protocol Buffers,10,3,0,166
diff,6,2,120,135
F#,1,5,0,123
Windows Module Definition,10,0,5,87
MATLAB,2,0,0,77
CSS,1,15,5,60
TNSDL,1,9,0,29
Mathematica,1,0,0,14
SUM:,7103,279461,237953,2031330