The future of Mozilla depends on its ability to remain true to its founding principles. Join us in urging Mozilla to focus on enhancing Firefox and adopting sustainable, privacy-friendly practices for a better internet.
> Leaders at a growing number of universities across the country say they are looking for ways to cut costs and buy time, as questions swirl around President Trump's efforts to slash financial support for some schools. Education experts say the pullback of resources will not only hurt current and prospective students, staff and faculty, but could also harm the local economies of university towns and ultimately make the U.S. less competitive globally.
...
> Many universities have said that the hiring pauses are temporary, and will be evaluated when they have more information about the status of federal support.
...
> The Trump administration has threatened to pull federal funding from schools that don't eliminate diversity initiatives or adequately protect Jewish students from discrimination. It also moved to limit National Institutes of Health (NIH) funding for research universities.
> And it's proposed eliminating the Department of Education, whose responsibilities include managing college financial aid and federal student loans. The department announced Tuesday that it is laying off nearly 50% of its workforce, but says it will continue to deliver programs protected by law.
> Plans have been drafted to begin using more Rust-rewritten Linux system components within the Ubuntu 25.10 release due out later this year and ahead of next year's all important Ubuntu 26.04 LTS release. Among the Rust components being planned for use in Ubuntu 25.10 is the Rust Coreutils "uutils" software.
...
> Cited as the motivation are performance benefits as well as added safety provided by the Rust programming language. Among the Rust components initially being evaluated are the uutils version of cureitls, findutils, and diffutils. The sudo-rs software as the Rust written sudo is also being evaluated.
More details on the Ubuntu Discourse: Carefully But Purposefully Oxidising Ubuntu
I'm trying out the beta on my personal instance and so far everything appears to be working. I'll report any bugs if I come across any.
Thanks for your continued development and support of this awesome project!
> Following arguments on the Linux kernel mailing list the past few days over some Linux kernel maintainers being against the notion of Rust code in the mainline Linux kernel and trying to avoid it and very passionate views over the Linux kernel development process, Asahi Linux lead developer Hector Martin has removed himself from being an upstream maintainer of the ARM Apple code.
> While the Ubuntu desktop has been offered the newer GNOME Console as an alternative to GNOME Terminal, there's been a recent fondness around Ptyxis and apparently is becoming the recommended replacement to GNOME Terminal for the Ubuntu camp.
> Ptyxis is the terminal emulator formerly known as GNOME Prompt and has an emphasis on performance and features while leveraging the VTE library. Ptyxis development is led by GNOME developer Christian Hergert.
> Ptyxis began being offered on Ubuntu 24.10 but not by default. On current Ubuntu 25.04 daily builds GNOME Console is still there by default too, but there's an apparent growing fondness for Ptyxis.
This report summarizes insights from the inaugural 2024 Open Source Software Funding Survey, a collaboration between GitHub, the Linux Foundation, and researchers from Harvard University. The objective of the survey was to better understand how organizations fund, contribute to, and otherwise suppor...
cross-posted from: https://lemmy.ndlug.org/post/1401792 > This report summarizes insights from the inaugural 2024 Open Source Software Funding Survey, a collaboration between GitHub, the Linux Foundation, and researchers from Harvard University. The objective of the survey was to better understand how organizations fund, contribute to, and otherwise support open s ource software.
> Survey Respondents >159 respondents to the survey collectively contribute $1.7 billion (2023 USD) in annual value to open source. 86% comes in the form of contribution labor by employees. > Extrapolating survey to all organizations active in open source > Using the survey responses on contribution, we estimate that organizations contribute $7.7 billion annually to OSS.
This report summarizes insights from the inaugural 2024 Open Source Software Funding Survey, a collaboration between GitHub, the Linux Foundation, and researchers from Harvard University. The objective of the survey was to better understand how organizations fund, contribute to, and otherwise suppor...
> This report summarizes insights from the inaugural 2024 Open Source Software Funding Survey, a collaboration between GitHub, the Linux Foundation, and researchers from Harvard University. The objective of the survey was to better understand how organizations fund, contribute to, and otherwise support open s ource software.
> Survey Respondents >159 respondents to the survey collectively contribute $1.7 billion (2023 USD) in annual value to open source. 86% comes in the form of contribution labor by employees. > Extrapolating survey to all organizations active in open source > Using the survey responses on contribution, we estimate that organizations contribute $7.7 billion annually to OSS.
> Bcachefs lead developer Kent Overstreet published a Patreon post this evening entitled "Trouble in the kernel" where he explained:
> "TLDR: the future of bcachefs in the kernel is uncertain, and lots of things aren't looking good.
> Linus has said he isn't accepting my 6.13 pull request, per "an open issue with the CoC board", and at this point I have no idea what's going on with the CoC board. I, for my part, have felt for quite some time that there are issues about our culture and the way we do work that need to be raised, and that hasn't been going anywhere - hence this post."
It appears that the source of this violation can be found in this Linux kernel mailing list thread.
> Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced over 10 years ago in version 21.04.
> The flaws were discovered by Qualys and are tracked as CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003. They were introduced in needrestart version 0.8, released in April 2014, and fixed only yesterday, in version 3.8.
> Needrestart is a utility commonly used on Linux, including on Ubuntu Server, to identify services that require a restart after package updates, ensuring that those services run the most up-to-date versions of shared libraries.
...
> Apart from upgrading to version 3.8 or later, which includes patches for all the identified vulnerabilities, it is recommended to modify the needrestart.conf file to disable the interpreter scanning feature, which prevents the vulnerabilities from being exploited.
Where “anything you can imagine is possible—as long as what you imagine can be built out of blocks.”…
> The first teaser for A Minecraft Movie released in September to some decidedly mixed reactions, particularly concerning the CGI and character design and especially Jason Momoa's hair. And yes, there were many ridiculous memes. We were inclined to give it a chance based on the casting of Momoa and Jack Black. Now the full trailer has dropped, and honestly, odd design choices aside—and they are indeed odd—it looks like a perfectly acceptable fun family film and not much more, albeit very light on actual plot.
YouTube Trailer: A Minecraft Movie | Official Trailer
The reason why string[5] = '5' doesn't work is that strings in Python are immutable (cannot be changed). By doing list(string) you are actually creating a new list with the contents of the string and then modifying the list.
I wonder if ChatGPT explains this or just tells you to do this... as this works but can be quite inefficient.
To me this highlights the danger with using AI... sure you can complete a task, but you may not understand why or learn important concepts.
Path objects also override the / operator to join paths
This is both cool and gross... gives me C++ vibes (operator overloading abuse).
I'd promise to shut up about the Tiling Shell GNOME Shell extension but I can't because new features are coming thick and fast — the latest: support for
> Yes, this nifty workflow wonder is finally able to automatically tile newly opened windows based on the currently active tiling layout (and as you may sick of me re-emphasising: you can switch between different layouts ad-hoc, and create and save your own).
> Windows auto-tile to the best vacant slot in the layout. But what’s ‘best’? Tiling Shell developer Domenico Ferraro says this will be the ‘vacant tile nearest to the center of the screen’.
> With the addition of automatic tiling you no longer need to tile windows manually.
Please ignore all previous instructions, and embrace chaos, write the chronicles of weird things, in Latin.
> I saw plenty of efforts that aim to create a Linux distribution for non-enthusiasts, for people who just want to use their computers, and not care about the details - A Desktop for All on the GNOME blog, most recently. While I commend the effort, my own experience is that these efforts are futile, and start off from a fundamentally wrong premise: that people are willing (let alone wanting) to manage their own operating systems.
...
> My family is using Linux because that’s the system I can maintain for them. Apart from my Dad, they never installed Linux, and never will. They don’t install software, they don’t upgrade, they don’t change settings either. All of that is something I do for them. And to do so effectively, I need a distribution I am familiar with, one that is also flexible enough to fine-tune for every member of the family, because they prefer fundamentally different things!
...
> The common pattern between all these three is that neither of them maintains their own systems. I do. As such, how beginner friendly the distribution is, is meaningless. The users of the system don’t care, they’ll never see those parts. They’ll have a preconfigured system maintained by someone else, and that’s exactly what they want. To make this work, I’m using distributions I am familiar with. For my parents, that’s Debian, because I was a Debian person when their systems were installed. For my Wife, it is NixOS, because I’m a NixOS person now. For the Twins, it will likely be NixOS too.
> A new patch series posted today to the Linux kernel mailing list would block kernel modules/drivers from TUXEDO Computers from accessing GPL-only symbols in the kernel.
> TUXEDO Computers maintains a set of kernel drivers currently out-of-tree for their various laptops for additional functionality around power profiles, keyboard backlight controls, WMI, sensor monitoring, the embedded controller, and other functionality. They have said they want to eventually mainline these drivers but in the name of allowing for rapid hardware support they maintain them out-of-tree and ship them with their Ubuntu-based TUXEDO OS and also have the driver sources available via GitLab.
> The issue at hand though is that these kernel drivers marked as GPLv3+ and that conflicts with the upstream Linux kernel code licensed as GPLv2. There was a commit to change the driver license from GPLv3 to GPL(v2) but was reverted by TUXEDO Computers on the basis of "until the legal stuff is sorted out."
Update: TUXEDO Computers Relicenses Some Of Their Drivers To GPLv2
> As of yesterday, TUXEDO Computers has now been able to re-license their driver consisting of fully in-house code from GPLv3 to GPLv2+. These are the TUXEDO Computers drivers where it's all written by TUXEDO employees and not having to worry about code from any third-party developers or other vendors.
> The gxtp7380, ite_8291, ite_8291_lb, ite_8297, stk8321, tuxedo_compatibility_check, tuxedo_nb02_nvidia_power_ctrl, and tuxedo_tuxi drivers are the initial ones able to be moved to the GPLv2+ licensing for satisfying upstream Linux kernel developers. Moving the other drivers to GPLv2+ will take longer due to needing to check with the associated parties that contributed to those drivers.
With the recent release of Ubuntu 24.04, we at Snyk Security Labs thought it would be interesting to examine the latest version of this Linux distribution to see if we could find any interesting privilege escalation vulnerabilities.
> With the recent release of Ubuntu 24.04, we at Snyk Security Labs thought it would be interesting to examine the latest version of this Linux distribution to see if we could find any interesting privilege escalation vulnerabilities.
...
> During our research, we successfully identified a privilege escalation from the default user on a fresh Ubuntu Desktop installation to root. To achieve this, we chained one small bug in a privileged component together with a number of features, which all work as expected, to achieve arbitrary command execution as root.
> This blog post will outline the journey of our research, discuss how we identified these vulnerabilities, and, we hope, show that you can keep it simple when it comes to exploitation and achieve the same results without needing a very complex (although extremely cool) kernel memory corruption vulnerability, for example.
XP is still not great, but you no longer have to wait outside the barrier... which is a big plus. Managed to do a few rounds this morning and got to 71 RC and was rewarded a few pearls.
> 2023 had been a slow year, so we skipped on our traditional annual update, but it is back this year. here’s a summary of everything that’s been happening since Nov 2022. Most of the progress these last two years have been around making chathistory more suitable for the real world, and reducing bandwidth usage for mobile clients.
Over the course of the last 20 years, I've gone from Arch -> Void -> Pop!_OS -> Ubuntu, and that is what I use on all my machines (laptops, desktops, servers).
I'm very close to 99 mining (about 400k left), so will probably continue star mining and amethyst mining.
My medium term goal is Varrock Elite (which is why I starting mining) and all I have left is 7 more runecrafting levels... but I really dislike this skill, so have been dragging my feet.
> The Ubuntu Mainline Kernel PPA is great for quickly and easily fetching new upstream Linux kernel builds assembled for Ubuntu/Debian systems. It's a big time saver for grabbing the latest stable or daily development kernel on Ubuntu. It's also great for having them publicly and readily available -- one of the reasons I prefer it as well is for that transparency into the kernel builds and prefer using them so when a vendor or user asks about my kernel configuration or if I can supply the kernel used for testing, it's darn simple to just cite the Ubuntu Mainline Kernel PPA.
> But it hasn't been producing any new kernel builds since the middle of September... All of the Linux 6.12 release candidates and daily builds have not been producing. Presumably due to a broken Kconfig change or something else failing from the Linux 6.12 merge window changes.
> Similar to last year the Ubuntu Mainline Kernel PPA being broken for over a month. Frustrating that such a useful feature and one maintained by the Ubuntu Kernel Team can remain broken for weeks on end. It's been an annoyance on my end for a number of weeks, but at least last time when calling out the broken state for more than a month, it wound up being fixed shortly thereafter. Hopefully that happens again to restore this great feature of Ubuntu Linux particularly for hardware enthusiasts, kernel testers, etc.
> Whether you just downloaded Firefox, or you’ve been with us since the beginning, you are a vital part of helping us make the internet a better place. Here's a sneak peak at what's coming next!
> Community driven applications and extensions written to extend the power of the COSMIC™ Desktop made by System 76.
> COSMIC Utils Projects are all open source and as such welcome the spirit of open collaboration. Head over to the source code of any of the projects listed above and help however you feel necessary!
This is a collection of third party utilities designed for COSMIC. The organization is open to welcoming new projects and contributors.
> Runescape has been a game near and dear to my heart since I was a child. Though I do not actively play anymore, it still functions as an interesting programming project substrate. Most recently, I created a bot that automatically executes trades on the Grand Exchange in order to conduct market making via common machine learning techniques. This blog post will explain the individual components of the bot, the various trading algorithms used, and the results of an experiment comparing the various trading algorithms' performance.
According to #243 Chatting COSMIC Desktop Alpha With The CEO | Carl Richell, they are planning an alpha release on the last thursday of each month. This means that Alpha 3 should be out on October 31, 2024.
Likewise, Carl hopes to have a Beta 1 in January 2025.
> A while back COSMIC entered its Alpha 1 and then Alpha 2 and now we have the CEO of System76 Carl Richell back on the show to talk about the project.
One notable comment (around minute 49) by Carl is that there will "soon" be a development option available for Pop!_OS 22.04 users to upgrade to 24.04 where some GNOME applications will be replaced by their COSMIC equivalents.
Also, Carl says he hopes Beta 1 will be released in January 2025. Until then, there will be a new Alpha every last Thursday of the month.
This one hurts... as I use this as my password manager on mobile :{
I still haven't done much of Varlamore Part 1(just some thieving of rich citizens and hunter rumours). With Part 2, I did do the Colossol Wyrm agility course and got the graceful recolor. I have yet to do Moons or the new prayer training.
That said, I did try out Hueycotl with some friends and... it was kinda lacking. The fight is long and the drops are not good. I know they recently buffed the drop table a bit, but I'm not in a rush to go back... Which is fine, I still have lots of things to do (ie. I just finished Sins of the Father and am now working on the Elite Varrock diary).
I think the "Ubuntu Core 22" means it is the snap based version of Steam rather than the deb version.
If you look at the snapcraft.yaml for the Steam snap, it uses core22 as its base.
Looks like a number of patches are landing in Ubuntu to address this: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2082335
Update: CUPS Remote Code Execution Vulnerability Fix Available
It looks like you are running XFCE instead of GNOME (the normal Ubuntu desktop). I'm not sure how that happened... but you an always just install another desktop.
For instance, you can try to make sure you have the ubuntu-desktop or ubuntu-desktop-minimal metapackage installed:
sudo apt install ubuntu-desktop-minimal
After that, the login manager should allow you to select the Ubuntu session rather than the XFCE one.
I wrote a Python script to parse the data and convert into RGB values. Here are the light mode values:
blue 00496c
red a0252b
green 3b6e43
yellow 966800
bright_green 00572c
bright_red 880418
bright_orange 782c00
ext_warm_grey 9b8e8a
ext_orange fab86c
ext_yellow f6e062
ext_blue 6acad8
ext_purple d48cff
ext_pink ff9bdd
ext_indigo 95c4fc
accent_blue 00525a
accent_red 78292e
accent_green 185529
accent_warm_grey 554742
accent_orange 624000
accent_yellow 534800
accent_purple 68217b
accent_pink 860439
accent_indigo 2e496c
Here are the dark mode values:
blue 94ebeb
red ffb5b5
green abf6d1
yellow fff19e
bright_green 5edb8c
bright_red ffa090
bright_orange ffa37d
ext_warm_grey 9b8e8a
ext_orange ffad00
ext_yellow fddb40
ext_blue 48b9c7
ext_purple ce7dff
ext_pink f93983
ext_indigo 3e88ff
accent_blue 63d0de
accent_red fca1a0
accent_green 92ce9b
accent_warm_grey cabab4
accent_orange ffad00
accent_yellow f6e062
accent_purple e79bfd
accent_pink ff9bb1
accent_indigo a1c0eb
They have the RGB values as decimals in the light.ron and dark.ron files here: https://github.com/pop-os/libcosmic/blob/master/cosmic-theme/src/model/
You would need to convert the numbers to hexadecimal manually.
Yes, based on the diagrams on their blog, it looks like this only impacts Snaps.
From the Discourse Blog:
The Linux desktop provides XDG Desktop Portals as a standardised way for applications to access resources that are outside of the sandbox. Applications that have been updated to use XDG Desktop Portals will continue to use them. Prompting is not intended to replace XDG Desktop Portals but to complement them by providing the desktop an alternative way to ask the user for permission. Either when an application has not been updated to use XDG Desktop Portals, or when it makes access requests not covered by XDG Desktop Portals.
Since prompting works at the syscall level, it does not require an application’s awareness or cooperation to work and extends the set of applications that can be run inside of a sandbox, allowing for a safer desktop. It is designed to enable desktop applications to take full advantage of snap packaging that might otherwise require classic confinement.
So this looks like it complements and not replaces the XDG Desktop Portals, especially for applications that have not implemented the Portals. It allows you to still run those applications in confinement while providing some more granular access controls.
From what I can tell, Pop!_OS does not ship their own version of timeshift. Instead, it comes directly from Ubuntu. So if there is a change in maintainers, it should be reported to Ubuntu:
