GNOME 50 released 18 Mar 2026, 10:23 pm

The GNOME team has released GNOME 50, the latest version of what is probably the most popular open source desktop environment. It brings fine-grained parental controls, and the groundwork for web filtering so that in future releases, parents and guardians can set content filters for children. Our own kids are still way too young to have access to computers and the internet, but I’m not sure I’ll ever resort to these kinds of tools when the time comes. I didn’t have any such controls imposed upon me as a child on the early internet, but then, you can’t really compare the ’90s internet to that of today.

The Orca screen reader received a lot of attention in GNOME 50, with a new preference window, both global and per-application settings, and much more. There’s also a brand new reduced motion setting, which will tame the animations in the user interface. Document annotation has been overhauled and modernised, and the file manager has been optimised across the board for better performance and lower memory usage.

Remote Desktop also saw a lot of work in GNOME 50. It’s now hardware-accelerated using VA-API and Vulkan, and thanks to HiDPI support, the session will properly adapt to the screen being used. Kerberos Authentication support has been added, and you can now use the remote webcam locally. There’s way more here, like improved support for variable-refresh rates and fractional scaling, HDR screen sharing, fixes for weird NVIDIA driver nonsense, and much, much more.

As always, GNOME 50 will find its way to your distribution soon enough.

Introducing Duranium: an immutable variant of postmarketOS 18 Mar 2026, 9:14 pm

PosrtmarketOS, the Linux ‘distribution’ for mobile devices, now also has an immutable variant, called Duranium.

Duranium is an immutable variant of postmarketOS, built around the idea that your device should just work, and keep working. You shouldn’t need to know what a terminal is to keep your device running.

“Immutable” means the core operating system is read-only and can’t be modified while it’s running. System updates are applied as complete, verified images rather than individual packages. Either the new image works, or the system falls back to the previous one automatically. No partially-applied state. No debugging audio when you need to make a phone call and no fussing with a broken web browser when you just want to doomscroll cat photos. It also means developers can reproduce the exact state of a user’s device, making it much easier to track down and fix issues.

↫ Clayton Craft on the postmarketOS blog

Duranium is built around the various functionalities and tooling provided by systemd, meaning the project didn’t have to reinvent the wheel. It works similarly to other immutable distributions, in that images for the base are downloaded and installed as a whole, with the preferred application installation method being Flatpak. Security-wise, Duranium uses dm-verity to protect /usr, cryptographically verifying data as it’s read. The image simply won’t boot if anything’s been tampered with. LUKS2 is used to encrypt mutable user and operating system data and configuration on the root file system.

Duranium is still under heavy development, but it makes sense to implement something like this now, since in the world of mobile devices, this has become the norm. I’m glad postmarketOS is taking these steps, and I sincerely hope I’ll eventually be able to use a postmarketOS device with KDE’s Plasma mobile shell at some point in the near future in my day-to-day life. This requires both postmarketOS to improve as well as for the regulatory landscape to break the duopoly on banking and government applications held by Android and iOS, and with the state of the US government as it is, this might actually be something Europe’s interested in achieving.

Sudo ported to DOS 18 Mar 2026, 9:01 pm

DOS didn’t have sudo yet. This gross oversight has been addressed.

SUDO examines the environment for the COMSPEC variable to find the default command interpreter, falling back to C:\COMMAND.COM if not set. The interpreter is then executed in unprotected real mode for full privileges.

↫ SUDO for DOS’ Codeberg page

A vital tool, for sure.

Meta and TikTok let harmful content rise after evidence outrage drove engagement, say whistleblowers 18 Mar 2026, 7:42 pm

Once again, social media giants Facebook and TikTok have been caught red-handed.

More than a dozen whistleblowers and insiders have laid bare how the companies took risks with safety on issues including violence, sexual blackmail and terrorism as they battled for users’ attention.

An engineer at Meta, which owns Facebook and Instagram, described how he had been told by senior management to allow more “borderline” harmful content – which includes misogyny and conspiracy theories – in user’s feeds to compete with TikTok.

“They sort of told us that it’s because the stock price is down,” the engineer said.

↫ Marianna Spring and Mike Radford at the BBC

Meta, TikTok, and Twitter are criminal enterprises, and their executives should be trembling in court instead of scheming on yachts. Their role in legitimising far-right extremism will eventually catch up to them, and once that happens, no yacht is going to keep them safe.

How kernel anti-cheats work: a deep dive into modern game protection 18 Mar 2026, 2:38 pm

Modern kernel anti-cheat systems are, without exaggeration, among the most sophisticated pieces of software running on consumer Windows machines. They operate at the highest privilege level available to software, they intercept kernel callbacks that were designed for legitimate security products, they scan memory structures that most programmers never touch in their entire careers, and they do all of this transparently while a game is running. If you have ever wondered how BattlEye actually catches a cheat, or why Vanguard insists on loading before Windows boots, or what it means for a PCIe DMA device to bypass every single one of these protections, this post is for you.

↫ Adrián Díaza

I hate that we need proprietary rootkits just to play competitive multiplayer games – we can chalk this up to a few sad people ruining the experience for everyone else, as so often happens. I have a dedicated parts bin Windows box just to play League of Legends (my one vice alright, nobody’s perfect) so I don’t really care if it has a proprietary rootkit running in the background as there’s not a single bit of valuable data on that machine, but for most people, that’s not realistic.

Virtually every League of Legends player hands over control of their entire computer to a proprietary rootkit developed and deployed by a company from China, whereas players of other popular online multiplayer games must install rootkits from companies from the United States. If anyone inside the governments of these countries ever wants to implement a backdoor in dozens (hundreds?) of millions of Windows machines, this is the way to go.

It’s an absolutely bizarre situation.

Tribblix m39 released 17 Mar 2026, 10:09 pm

Tribblix, the Illumos distribution focused on giving you a classic UNIX-style experience, has released a new version.

There are several noticeable version updates in this release. The graphical libraries libtiff and OpenEXR have been updated, retaining the old shared library versions for now. OpenSSL is now from the 3.5 series with the 3.0 api by default. Bind is now from the 9.20 series. OpenSSH is now 10.2, and you may get a Post-Quantum Cryptography warning if connecting to older SSH servers.

↫ Tribblix m39 release notes

If you’re already running Tribblix, updating is easy, and if you want to try it out, head on over to the downloads page. Rests me to say that Tribblix is a treasure, and it must be protected at all costs. It’s rare to see a passion project like this maintain such a steady pace.

Java 26 released 17 Mar 2026, 9:32 pm

Java 26 delivers thousands of improvements that boost developer productivity, simplify the language, and help developers integrate AI and cryptography functionality into their applications. To help developers further streamline and enhance their development initiatives, Oracle is also announcing the new Java Verified Portfolio, which provides developers with a curated set of Oracle-supported tools, frameworks, libraries, and services, including commercial support for JavaFX, a Java-based UI framework, and Helidon, a Java framework for microservices. In addition, Oracle intends to align Helidon’s release cadence with Java releases and propose Helidon as an OpenJDK project.

↫ Oracle’s Java 26 press release

Oracle’s press releases lists the most important JDK Enhancement Proposals in this release, as do the release notes and the project page at OpenJDK. In addition, Java developer Hanno Embregts published a detailed blog post that dives deeper into this new release.

Han: a compiled programming language with Korean keywords written in Hangul 16 Mar 2026, 10:07 pm

Since many of the platforms and conventions that came to dominate computing came from the western world, we never give it a second thought that virtually everything related to programming is written in English using the English alphabet. However, there’s no real reason behind arriving at this point other than convention and the course of history – with the right tooling, you could program a computer in whatever language or alphabet (or other writing system!) you desire.

For example, what about programming in Korean, using Hangul?

Han is a statically-typed, compiled programming language where every keyword is written in Korean. It compiles to native binaries through LLVM IR and also ships with a tree-walking interpreter for instant execution. The compiler toolchain is written entirely in Rust.

↫ Han’s GitHub page

Han is written entirely in Korean, and uses the genius and easy-to-learn Hangul script. Hangul was developed by King Sejong the Great in the middle of the 15th century, to replace the Chinese-based characters used to write Korean up until that point. Since it was specifically designed to be easy to learn by scholars and the general public of the time alike to promote literacy, the Hangul alphabet is stupidly easy to learn; I managed to teach myself the Hangul alphabet in an single afternoon a decade or so ago. Obviously, do note that learning Hangul (an alphabet) isn’t the same thing as learning Korean (a language).

One of my favourite aspects of Hangul is that it combines the letters making up a syllable into single structured syllable blocks, which gives it its unique look and makes it quite easy to grasp – you’ll quickly start recognising common syllables. On top of that, it’s said that the individual Hangul consonants mimic the shape of speech organs (tongue, throat, etc.), which, once you see it, you can’t unsee, further aiding in remembering what letters sound like. If you have an afternoon to kill, it’s certainly a fun thing to learn.

Regardless, it’s very welcome to see efforts like this, if only to remember that programming being an Anglophone affair is but an accident, not a law of nature.

Microsoft finally allows you to name your own home folder during Windows setup 16 Mar 2026, 9:39 pm

It’s only a small annoyance in the grand scheme of the utter idiocy that is modern Windows, but apparently it’s one enough people complained about Microsoft is finally addressing it. In all of its wisdom, Microsoft doesn’t allow you to set the name of your user’s home folder during the installation procedure of Windows 11. The folder’s name is automatically generated based on your Microsoft account’s username or email address, something I’ve personally really disliked since I have been using thomholwerda for as long as I can remember.

Last year, they introduced an incredibly obtuse method of setting your own home folder name, but now the company is finally adding it as an optional step during the regular installation process.

Expanding on our work which started rolling to Insiders last fall, you can now choose a custom name for your user folder on the Device Name page when going through Windows setup. This most recent update now makes it easier to choose a custom name. The naming option is available during setup only. If you skip this step, Windows will use the default folder name and continue setup as usual.

↫ Windows Insider Program Team

This means you now have the option of defining your own home folder name, excluding CON, PRN, AUX, NUL, COM1, COM2, COM3, COM4, COM5, COM6, COM7, COM8, COM9, COM¹, COM², COM³, LPT1, LPT2, LPT3, LPT4, LPT5, LPT6, LPT7, LPT8, LPT9, LPT¹, LPT², and LPT³. It’s a very small change, and certainly not something that will turn Windows’ ship around, but at least it’s something that’s being done for users who actually care. It’s also such a small change, such a small addition, that one wonders why it’s taken them this long.

I’m assuming there’s already some incredibly complex and hacky way to change your automatically assigned home folder name by diving deep into the registry, converting your root drive back to FAT16, changing some values in a DLL file through a hex editor, and then converting back to NTFS, but this is clearly a much better way of handling it.

CSMWrap: make UEFI-only systems boot BIOS-based operating systems 14 Mar 2026, 9:06 pm

What if you have a very modern machine that is entirely UEFI-only, meaning it has no compatibility support module and thus no way of enabling a legacy BIOS mode? Well, install a CSM as an EFI application, of course!

CSMWrap is an EFI application designed to be a drop-in solution to enable legacy BIOS booting on modern UEFI-only (class 3) systems. It achieves this by wrapping a Compatibility Support Module (CSM) build of the SeaBIOS project as an out-of-firmware EFI application, effectively creating a compatibility layer for traditional PC BIOS operation.

↫ CSMWrap’s GitHub page

The need for this may not be immediately obvious, but here’s the problem: if you want to run an older operating system that absolutely requires a traditional BIOS on a modern machine that only has UEFI without any CSM options (a class 3-machine), you won’t be able to boot said operating system. CSMWrap is a possible solution, as it leverages innate EFI capabilities to run a CSM as an EFI application, thereby adding the CSM functionality back in. All you need to do is drop CSMWrap into /efi/boot on the same drive the operating system that needs BIOS to boot is on, and UEFI will list it as a bootable operating system.

It does come with some limitations, however. For instance, one logical core of your processor will be taken up by CSMWrap and will be entirely unavailable to the booted BIOS-based operating system. In other words, this means you’re going to need a processor with at least more than one logical processor (e.g., even a single-core machine with hyperthreading will work). It’s also suggested to add a legacy-capable video card if you’re using an operating system that doesn’t support VESA BIOS extensions (e.g. anything older than NT).

This is an incredibly neat idea, and even comes with advantages over built-in CSMs, since many of those are untested and riddled with issues. CSMWrap uses SeaBIOS, which is properly tested and generally a much better BIOS than whatever native CSMs contain. All in all, a great project.

Understanding SMF properties in Solaris-based operating systems 13 Mar 2026, 11:49 pm

SMF is the illumos system for managing traditional Unix services (long-lived background processes, usually). It’s quite rich in order to correctly accommodate a lot of different use cases. But it sometimes exposes that complexity to users even when they’re trying to do something simple.

[…]

In this post, I’ll walk through an example using a demo service and the svcprop(1) tool to show the details.

↫ Dave Pacheco

Soalris’ system management facility or SMF is effectively Solaris’ systemd, and this article provides a deeper insight into one of its features: properties. While using SMF and its suite of tools and commands for basic tasks is rather elementary and easy to get into – even I can do it – once you start to dive deeper into what is can do, things get complex and capable very fast.

Chrome comes to Linux on ARM64 13 Mar 2026, 11:37 pm

Google has announced that it will release Chrome for Linux on ARM64 in the second quarter of this year.

Launching Chrome for ARM64 Linux devices allows more users to enjoy the seamless integration of Google’s most helpful services into their browser. This move addresses the growing demand for a browsing experience that combines the benefits of the open-source Chromium project with the Google ecosystem of apps and features.

This release represents a significant undertaking to ensure that ARM64 Linux users receive the same secure, stable, and rich Chrome experience found on other platforms.

↫ The Chromium Blog

While the idea of running Linux on Arm, only to defile it with something as unpleasant as Chrome seem entirely foreign to me, most normal people do actually use Google’s browser. Having it available on Linux for Arm makes perfect sense, and might convince a few people to buy an Arm machine for Linux, assuming the platform can get its act together.

Just try Plan 9 already 13 Mar 2026, 11:13 pm

I will not pass up an opportunity to make you talk about Plan 9, so let’s focus on Acme.

Acme is remarkable for what it represents: a class of application that leverages a simple, text-based GUI to create a compelling model of interacting with all of the tools available in the Unix (or Plan 9) environment. Cox calls it an “integrating development environment,” distinguishing it from the more hermetic “integrated development environment” developers will be familiar with. The simplicity of its interface is important. It is what has allowed Acme to age gracefully over the past 30 or so years, without the constant churn of adding support for new languages, compilers, terminals, or color schemes.

↫ Daniel Moch

While the article mentions you can use Acme on UNIX, to really appreciate it you have to use it on Plan 9, which today most likely means 9front. Now, I am not the kind of person who can live and breathe inside 9front – you need to be of a certain mindset to be able to do so – but even then I find that messing around with Plan 9 has given me a different outlook on UNIX. In fact, I think it has helped me understand UNIX and UNIX-like systems better and more thoroughly.

If you’re not sure if Plan 9 is something that suits you, the only real way to find out is to just use it. Fire up a VM, read the excellent documentation at 9front, and just dive into it. Most of you will just end up confused and disoriented, but a small few of you will magically discover you possess the right mindset.

Just do it.

Hello, world! in Z80 assembly language 13 Mar 2026, 9:32 pm

I’m feeling kind of nostalgic today so I thought I’d write Hello, world! in Z80 assembly for the ZX Spectrum! The last time I wrote any Z80 assembly was when I was 14 so around 36 years ago! I may be a little rusty!

↫ Old Man By the Sea

It’s easy to tell the world hello in BASIC, but a bit more involved in Z80 assembly.

Fedora struggles bringing its RISC-V variant online due to slow build times 11 Mar 2026, 10:17 pm

Red Hat developer Marcin Juszkiewicz is working on the RISC-V port of Fedora Linux, and after a few months of working on it, published a blog post about just how incredibly slow RISC-V seems to be. This is a real problem, as in Fedora, build results are only released once all architectures have completed their builds.

There is no point of going for inclusion with slow builders as this will make package maintainers complain. You see, in Fedora build results are released into repositories only when all architectures finish. And we had maintainers complaining about lack of speed of AArch64 builders in the past. Some developers may start excluding RISC-V architecture from their packages to not have to wait.

And any future builders need to be rackable and manageable like any other boring server (put in a rack, connect cables, install, do not touch any more). Because no one will go into a data centre to manually reboot an SBC-based builder.

Without systems fulfilling both requirements, we can not even plan for the RISC-V 64-bit architecture to became one of official, primary architectures in Fedora Linux.

↫ Marcin Juszkiewicz

RISC-V really seems to have hit some sort of ceiling over the past few years, with performance improvements stalling and no real performance-oriented chips and boards becoming available. Everybody seems to want RISC-V to succeed and become an architecture that can stand its own against x86 and Arm, but the way things are going, that just doesn’t seem likely any time soon. There’s always some magical unicorn chip or board just around the corner, but when you actually turn that corner, it’s just another slow SBC only marginally faster than the previous one.

Fedora is not the first distribution struggling with bringing RISC-V online. Chimera Linux faced a similar issue about a year ago, but managed to eventually get by because someone from the Adélie Linux team granted remote access to an unused Milk-V Pioneer, which proved enough for Chimera for now. My hope is still that eventually we’re going to see performant, capable RISC-V machines, because I would absolutely jump for joy if I could have a proper RISC-V workstation.

Amazon enters “find out” phase 11 Mar 2026, 6:43 pm

Now let’s go live to Amazon for the latest updates about this developing story.

Amazon’s ecommerce business has summoned a large group of engineers to a meeting on Tuesday for a “deep dive” into a spate of outages, including incidents tied to the use of AI coding tools.

The online retail giant said there had been a “trend of incidents” in recent months, characterized by a “high blast radius” and “Gen-AI assisted changes” among other factors, according to a briefing note for the meeting seen by the FT.

Under “contributing factors” the note included “novel GenAI usage for which best practices and safeguards are not yet fully established.”

↫ Rafe Rosner-Uddin at Ars Technica

Oh boy.