Brief items
Security
Security quotes of the week
This is an extraordinary amount of detail for the model to have accumulated by me... and ChatGPT isn't even my daily driver! I spend more of my LLM time with Claude.— Simon Willison examines the information that ChatGPT has collected on himHas there ever been a consumer product that's this capable of building up a human-readable profile of its users? Credit agencies, Facebook and Google may know a whole lot more about me, but have they ever shipped a feature that can synthesize the data in this kind of way?
Reviewing this in detail does give me a little bit of comfort. I was worried that an occasional stupid conversation where I say "pretend to be a Russian Walrus" might have an over-sized impact on my chats, but I'll admit that the model does appear to have quite good taste in terms of how it turns all of those previous conversations into an edited summary.
As a power user and context purist I am deeply unhappy at all of that stuff being dumped into the model's context without my explicit permission or control.
He's right. That's an extraordinary amount of information, organized in human understandable ways. Yes, it will occasionally get things wrong, but LLMs are going to open a whole new world of intimate surveillance.— Bruce Schneier comments on Willison's post
But what if you show up at the hotel at 9pm and the hotelier can ask a credit bureau how much you can afford to pay for the room? What if they can find out that you're in chemotherapy, so you don't have the stamina to shop around for a cheaper room? What if they can tell that you have a 5AM flight and need to get to bed right now? What if they charge you more because they can see that your kids are exhausted and cranky and the hotel infers that you'll pay more to get the kids tucked into bed? What if they charge you more because there's a wildfire and there are plenty of other people who want the room?— Cory Doctorow on "surveillance pricing"
Kernel development
Kernel release status
The current development kernel is 6.16-rc3, released on June 22. Linus proclaimed: "So rc2 was smaller than usual, but rc3 seems to be right in the usual ballpark for this time, so everything looks entirely normal."
Stable updates: 6.15.3, 6.12.34, and 6.6.94 were released on June 19.
The 6.15.4, 6.12.35, 6.6.95, 6.1.142, 5.15.186, 5.10.239, and 5.4.295 updates are in the review process; they are due at any time.
LSFMM+BPF 2025 reporting complete
It took time and the writing of over 60 articles, but LWN's coverage from the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit is now complete. We have also made an EPUB book (13MB) containing the full set of coverage available to all readers. This coverage constitutes the definitive guide to the challenges that these core-kernel communities are facing and their development plans for the coming year.Documenting an event of this intensity at such a detailed level is not a small undertaking. We are grateful to the Linux Foundation for funding our travel to our event and, especially, to LWN's subscribers for making the whole thing possible. If you appreciate this type of coverage and have not yet subscribed, please sign up today to help make more of it possible.
Linux Media Summit 2025 recap (Collabora blog)
The Collabora blog has a summary, written by Nicolas Dufresne, about the Linux Media Summit held on May 13 in Nice, France. It was co-located with the Embedded Recipes conference and had sessions on stateless video encoders, camera support, staging drivers, memory accounting, and a multi-committer model for the media subsystem. "Our largest Media Summit to date brought together around 20 engaged participants. Engagement was strong, marked by thoughtful questions and lively discussions."
Distributions
Tag2upload is now ready for experimentation
Debian's long-awaited tag2upload service is now ready for Debian maintainers to use in some circumstances. Tag2upload makes it easier for maintainers to upload packages, by allowing them to push a signed Git commit that will automatically be picked up and built, instead of pushing a build from their local machine. LWN covered the discussion around the service in July of last year. With the timing of its readiness, it's likely to become more useful once Debian 13 ("trixie") is released.
Be very aware of the freeze! Do not just upload to unstable as your first test! Uploads to unstable, targeting trixie, can be done with tag2upload - but in most cases you will probably want to upload the same package to experimental first.
PostmarketOS 25.06: "the one with systemd"
The postmarketOS project, which creates a Linux distribution for mobile devices, announced it was working on adding a version with systemd last March. That day has arrived with the announcement of version 25.06:
We considered supporting an upgrade from OpenRC to systemd in our upgrade script, but then decided against it as such an upgrade path might introduce its own bugs and we would rather spend the time improving other parts of postmarketOS. So for this one-time scenario we ask you to please reinstall postmarketOS to get from OpenRC to systemd. Thank you for your understanding!
Distributions quote of the week
— Ariadne ConillI've placed a security hold on Xlibre in Alpine, for a number of reasons that basically sum up to an unproven reactionary project whose code runs with elevated privilege (such as direct hardware access) is extremely high risk for introducing security-related regressions.
I do think a fork of X is a good idea, but that fork needs to be focused on sustainability: it should be focused on the generic drivers (such as modesetting for video and libinput for input), and there needs to be a real documented plan for maintenance and triage of security vulnerabilities.
Right now, I don't see that. Instead I see a fork of every component of X, including all of the hardware-specific drivers, and people complaining about politics.
This does not inspire confidence that the fork will not introduce security regressions, or worse, fail to import security patches from X.org.
— David AirlieJust because someone says they are maintaining an X.org fork, doesn't mean the X.org fork is maintained well enough to switch a distro to it.
Development
Firefox 140.0 released
Version 140.0 of the Firefox browser has been released. Changes include more control over vertical tabs, a dialog to add custom search engines, improvements to translation performance, and more.NLnet announces funding for 62 projects
The NLnet Foundation has announced a new group of projects receiving funding through the Next Generation Internet (NGI) Zero Commons Fund.
Free and open source technologies, open standards, open hardware and open data help to strengthen the open web and the open internet. The projects selected by NLnet all contribute in their own way to this important goal, and will empower end users and the community at large on different layers of the stack. For example, there are people working a browser controlled ad hoc cellular network (Wsdr) which can be used to create small mobile networks where they are needed. The open hardware security key Nitrokey is aiming for formal certification of their implementation of the FIDO2 standard, and will be adding encrypted storage capabilities. There are also more applied technologies: the high end open hardware microscope OpenFlexure will enable among others e-health use cases such as telepathology, allowing medical professionals to work together to help people in more remote areas.
See the announcement for the full list of selected projects and the current projects page for other projects recently funded by NLnet.
Graham: about Plasma’s X11 session
KDE contributor Nate Graham recently wrote
about the KDE Project's plans for Plasma's X11 session. He notes that
the project will continue to ensure that Plasma "continues to
compile and deploy on X11
" and isn't horribly broken. Major
regressions will probably be fixed, eventually, but the writing is on
the wall:
X11's upstream development has dropped off significantly in recent years, and X11 isn't able to perform up to the standards of what people expect today with respect to HDR, 10 bits-per-color monitors, other fancy monitor features, multi-monitor setups (especially with mixed DPIs or refresh rates), multi-GPU setups, screen tearing, security, crash robustness, input handling, and more.
As for when Plasma will drop support for X11? There's currently no firm timeline for this, and I certainly don't expect it to happen in the next year, or even the next two years. But that's just a guess; it depends on how quickly we implement everything on https://community.kde.org/Plasma/Wayland_Known_Significant_Issues. Our plan is to handle everything on that page such that even the most hardcore X11 user doesn't notice anything missing when they move to Wayland.
Development quote of the week
— Michael LynchA release announcement should never include the phrase, "various improvements and bugfixes." You might as well boast that the team proudly breathed air throughout development and used the latest version of the Internet.
If you can't articulate how a change benefits your users, don't highlight it in your release announcement. Save the exhaustive list of changes for your release notes, but even there, please leave out "various improvements and bugfixes."
Page editor: Daroc Alden
Next page:
Announcements>>