Sponsored By:

• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Support Linux Action News

Links:

• Android Gets RISC-Y — Google's keynote at the RISC-V Summit promises official, polished support.
• Keynote: The Android Open Source Project and RISC-V - Lars Bergstrom, Google Director of Engineering
• New Google Tool Goes Open — The OSV database is a distributed, open-source database that stores vulnerability information in the OSV format. The OSV-Scanner assesses a project's dependencies against the OSV database showing all vulnerabilities relating to the project.
• Ubuntu’s New Installer Milestone — With Ubuntu 23.04 "Lunar Lobster" in April that new desktop installer is poised to finally be used by default.
• HDR Beginning To Work For Linux Gaming — "New Linux gaming milestone: with the latest work from Josh Ashton, HDR can now be enabled for real games! Tested it tonight on my AMD desktop with Halo Infinite, Deep Rock Galactic, DEATH STRANDING DC. Very early and will still need some time to bake to be useful to most."
• Red Hat Planning HDR Hackfest
• GNOME Shell + Mutter 43 Alpha Released
• VKD3D-Proton 2.7 Released With Eight Months Worth Of Changes
• Google Home speakers allowed hackers to snoop on conversations — A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely and to turn it into a snooping device by accessing the microphone feed.

Plus how the work to port Linux to the Apple M1 resulted in fixing a bug that impacted all Linux distros.

Sponsored By:

• Jupiter Network Membership: Support the entire network, and get access to every member's special feed for every show on the network. Promo Code: thesignal
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Log4j 2.15.0 and previously suggested mitigations may not be enough — It was discovered that version 2.15.0 would still be vulnerable when the configuration has a pattern layout containing a Context Lookup.
• Statement from CISA Director Easterly on “Log4j” Vulnerability
• PipeWire 0.3.41 Offers Improved Flatpak & JACK Compatibility, Apple AirPlay Streaming — PipeWire 0.3.41 also adds a new RAOP module (raop-sink and raop-discover) that can be used for streaming to Apple AirPlay devices.
• EXT4 Prepared To Switch To Linux’s New Mount API — Linux's new mount API is what came about in recent times as a set of system calls offering more flexibility than the long-standing mount syscall that is a one-shot effort while this new multi-step mounting procedure allows for more options.
• The End-Of-Year 2021 State Of Linux On Apple’s M1 SoC — The Asahi Linux project has published their October and November status update to provide an overview of where the Apple Silicon / Apple M1 open-source support is now at as we approach the end of 2021.
• Asahi Linux looks forward to exciting 2022 on Apple silicon
• Hector Martin on Twitter — Looks like Apple changed the requirements for Mach-O kernel files in 12.1, breaking our existing installation process... and they *also* added a raw image mode that will never break again and doesn't require Mach-Os. And people said they wouldn't help. This is intended for us.
• Podcastindex.org — The Podcast Index is here to preserve, protect and extend the open, independent podcasting ecosystem.
• Linux Action News on Podcastindex.org

Plus, some good news for the Desktop and systemd-homed gets one step closer.

Sponsored By:

• Ting: Save $25 off your first device, or $25 in service credit if you bring one!
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Jupiter Network Membership: Support the entire network, and get access to every member's special feed for every show on the network. Promo Code: thesignal

Support Linux Action News

Links:

• GNOME 42 To Finally Allow Input Events To Happen Full-Rate — Up to now GNOME Shell has been compressing pointer motion events so they are synchronized to the monitor refresh rate, which can be anywhere from around 30 to 144 events per second depending upon display.
• An Eventful Instant – GNOME Shell & Mutter
• Do not throttle input in wayland event delivery
• FreeBSD 12.3-RELEASE Announcement — The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 12.3-RELEASE. This is the fourth release of the stable/12 branch.
• systemd 250 Is Coming With A Boat Load Of New Features — systemd 250 is packing a rather large number of new features and changes across the board for this dominant Linux init system and service manager.
• Log4Shell — RCE 0-day exploit found in log4j2, a popular Java logging package
• Apache - The ASF on Twitter — “Did you know that Ingenuity, the Mars 2020 Helicopter mission, is powered by Apache Log4j? https://t.co/gV0uyE1ylk #Apache #OpenSource #innovation #community #logging #services
• Tom (^-^) on Twitter
• Kevin Beaumont on Twitter — “Starting a new thread for log4j security vulnerability and fallout. Spoiler: although this emerged as a Minecraft issue (lol) there is going to be impacts across a wide range of enterprise software for some time.”
• Log4jAttackSurface MEMES

Plus new Matrix goodies, why AWS is investing in Blender, and more.

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Google kills Android Things, its IoT OS, in January — Google announced it had basically given up on the project as a general-purpose IoT operating system in 2019, but now there's an official shutdown date thanks to a new FAQ page detailing the demise of the OS.
• Android Things Shutdown FAQ
• Ron Amadeo on Twitter — Oof, Google promised three years of updates when Android Things launched in May 2018, the actual support it delivered? One year, three months.
• Google, Qualcomm partner to bring 4 OS Android updates to new chipsets — The new plan is three years of major OS updates and four years of security updates.
• Qualcomm promises three years of Android updates for its entire SoC lineup
• Google acquires CloudReady OS to make PCs Chromebooks — Neverware lets you turn old PCs and Macs into Chromebook-esque devices through its CloudReady OS. While primarily aimed at schools and enterprises, a free “Home” edition for everyone is available. Google has now acquired Neverware and CloudReady with plans to integrate it with Chrome OS.
• Native Steam (Borealis) on Chrome OS likely arriving mid-2021
• GTK 4.0 Officially Released After More Than 4 Years of Development — The GTK development officially released today the next generation of the GTK toolkit, GTK 4.0, after being in development for more than four years.
• GTK 4.0 Toolkit Officially Released
• GTK 4.0 – GTK Development Blog
• Matrix.to: Reloaded — A challenge we regularly face is all the factors which make Matrix flexible and powerful as an open, secure decentralised protocol also increase the difficulty of getting started.
• Matrix.to — Create shareable links to Matrix rooms, users or messages without being tied to any app
• Introducing Cerulean — Alongside all the normal business-as-usual Matrix stuff, we’ve found some time to do a mad science experiment over the last few weeks - to test the question: "Is it possible to build a serious Twitter-style decentralised microblogging app using Matrix?"
• Google AMP gets a shock to its system as advisor quits, lawsuit claims foul play — Google’s Accelerated Mobile Pages technology, known as AMP among web publishers, took a beating this week as an antitrust lawsuit filed by the Attorney General of Texas charged that the ad biz used AMP to hinder competition.
• I have resigned from the Google AMP Advisory Committee – Terence Eden’s Blog — I remain convinced that AMP is poorly implemented, hostile to the interests of both users and publishers, and a proprietary & unnecessary incursion into the open web.
• AWS joins the Blender Development Fund — AWS committed to a period of three years, specifically to support character animation tools development.