A workflow video using Cosmic Epoch.

Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu’s command-not-found package and the snap package repository. While command-not-found serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages.

Ubuntu Core Desktop will not be released alongside Ubuntu 24.04 LTS in April, as originally hoped.

Canonical doesn’t go into details about what specific issues need resolving. One imagines, given that the first Ubuntu Core Desktop release was going to be a preview and not a recommended download, it’s a myriad bugs/difficulties — ones not easily sorted.

Mozilla Corp., which manages the open-source Firefox browser, announced today that Mitchell Baker is stepping down as CEO to focus on AI and internet safety as chair of the nonprofit foundation. Laura Chambers, a Mozilla board member and entrepreneur with experience at Airbnb, PayPal, and eBay, will step in as interim CEO to run operations until a permanent replacement is found.

https://archive.is/rmMEb

Official Blog Post: A New Chapter for Mozilla: Focused Execution and an Expanded Role in Charting the Internet’s Future

Today we have the one of the 2 founders of System76 and current CEO of the company Carl Richell on the show to chat about the history of the company, how we got here and some of the cool stuff they've got in store.

With today's repo-release PR #312, Pop!_OS is now building packages for 24.04 (Noble Numbat).

While this doesn't mean a release will happen any time soon, it does mean they are now beginning the process of testing and packaging for 24.04. In particular, they are now building many of the COSMIC DE components for 24.04 with this pull request.

The New DSL 2024 has been reborn as a compact Linux distribution tailored for low-spec x86 computers. It packs a lot of applications into a small package. All the applications are chosen for their functionality, small size, and low dependencies. DSL 2024 also has many text-based applications that make it handy to use in a term window or TTY.

The new goal of DSL is to pack as much usable desktop distribution into an image small enough to fit on a single CD, or a hard limit of 700MB. This project is meant to service older computers and have them continue to be useful far into the future. Such a notion sits well with my values. I think of this project as my way of keeping otherwise usable hardware out of landfills.

As with most things in the GNU/Linux community, this project continues to stand on the shoulders of giants. I am just one guy without a CS degree, so for now, this project is based on antiX 23 i386. AntiX is a fantastic distribution that I think shares much of the same spirit as the original DSL project. AntiX shares pedigree with MEPIS and also leans heavily on the geniuses at Debian. So, this project stands on the shoulders of giants. In other words, DSL 2024 is a humble little project!

Timothée Besset, a software engineer who works on the Steam client for Valve, took to Mastodon this week to reveal: “Valve is seeing an increasing number of bug reports for issues caused by Canonical’s repackaging of the Steam client through snap”.

“We are not involved with the snap repackaging. It has a lot of issues”, Besset adds, noting that “the best way to install Steam on Debian and derivative operating systems is to […] use the official .deb”.

Those who don’t want to use the official Deb package are instead asked to ‘consider the Flatpak version’ — though like Canonical’s Steam snap the Steam Flatpak is also unofficial, and no directly supported by Valve.

Perens says there are several pressing problems that the open source community needs to address.

"First of all, our licenses aren't working anymore," he said. "We've had enough time that businesses have found all of the loopholes and thus we need to do something new. The GPL is not acting the way the GPL should have done when one-third of all paid-for Linux systems are sold with a GPL circumvention. That's RHEL."

Another straw burdening the Open Source camel, Perens writes, "is that Open Source has completely failed to serve the common person. For the most part, if they use us at all they do so through a proprietary software company's systems, like Apple iOS or Google Android, both of which use Open Source for infrastructure but the apps are mostly proprietary. The common person doesn't know about Open Source, they don't know about the freedoms we promote which are increasingly in their interest. Indeed, Open Source is used today to surveil and even oppress them."

Post-Open, as he describes it, is a bit more involved than Open Source. It would define the corporate relationship with developers to ensure companies paid a fair amount for the benefits they receive. It would remain free for individuals and non-profit, and would entail just one license.

Whether it can or not, Perens argues that the GPL isn't enough. "The GPL is designed not as a contract but as a license. What Richard Stallman was thinking was he didn't want to take away anyone's rights. He only wanted to grant rights. So it's not a contract. It's a license. Well, we can't do that anymore. We need enforceable contract terms."

This post is in part a response to an aspect of Nate’s post “Does Wayland really break everything?“, but also my reflection on discussing Wayland protocol additions, a unique pleasure that I have been involved with for the past months.

Before I start I want to make a few things clear: The Linux desktop will be moving to Wayland – this is a fact at this point (and has been for a while), sticking to X11 makes no sense for future projects.

By switching to Wayland compositors, we are already forcing a lot of porting work onto toolkit developers and application developers. This is annoying, but just work that has to be done. It becomes frustrating though if Wayland provides toolkits with absolutely no way to reach their goal in any reasonable way.

Many missing bits or altered behavior are just papercuts, but those add up. And if users will have a worse experience, this will translate to more support work, or people not wanting to use the software on the respective platform.

What’s missing?

1. Window positioning
2. Window position restoration
3. Window icons
4. Limited window abilities requiring specialized protocols
5. Automated GUI testing / accessibility / automation

I spent probably way too much time looking into how to get applications cross-platform and running on Linux, often talking to vendors (FLOSS and proprietary) as well. Wayland limitations aren’t the biggest issue by far, but they do start to come come up now, especially in the scientific space with Ubuntu having switched to Wayland by default. For application authors there is often no way to address these issues.

The Solus team is proud to announce the release of Solus 4.5 Resilience. This release brings updated applications and kernels, refreshed software stacks, a new installer, and a new ISO edition featuring the XFCE desktop environment.

Highlights:

• Calamares installer
• Pipewire by default
• ROCM support for AMD hardware
• Hardware and kernel enablement

Behind the scenes, we made many improvements in 2023 to our tooling and infrastructure. While end users don’t see most of this directly, it means we are able to maintain and update Solus more efficiently. What end users will see is overall improvement in packages being kept up to date. Packagers and developers will notice many quality of life improvements, which enable our plans to migrate to Serpent tooling in 5.0. One of our future blog posts will summarize these changes.