fidzu : geek

A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the kernel page cache of read-only files through a separate ESP/XFRM logic bug. Phoronix reports: Proof of concept code for Fragnesia is already out there. There is a two-line patch for addressing the issue within the Linux kernel's skbuff.c code. That patch hasn't yet been mainlined or picked up by any mainline kernel releases but presumably will be in short order for addressing this local privilege escalation issue. More details can be found here.

Read more of this story at Slashdot.

13 May 2026 7:00pm GMT

An anonymous reader quotes a report from Reuters: LinkedIn planned to inform staff of layoffs on Wednesday, two people familiar with the matter told Reuters, in a widening of technology sector cuts this year. The Microsoft-owned social network plans to cut about 5% of its headcount as it reorganizes teams and focuses personnel on areas where its business is growing [...]. LinkedIn employs more than 17,500 full-time workers globally, its website says. Reuters was unable to determine the teams affected. The cuts come as revenue at LinkedIn, which sells recruiting tools and subscriptions, rose 12% in the just-ended quarter from a year prior, in an acceleration of growth in 2026, according to Microsoft's securities filings. The layoff rationale was not for artificial intelligence to replace jobs at LinkedIn, one of the people told Reuters. The specter of AI-fueled disruption has nonetheless hung over software incumbents and workers generally.

Read more of this story at Slashdot.

13 May 2026 6:00pm GMT

The German Sovereign Tech Fund has invested 1.2 million euros ($1.4 million USD) in KDE Plasma technologies to help strengthen the structural reliability and security of the desktop environment's core infrastructure, including Plasma, KDE Linux, and the frameworks underlying its communication services. Longtime Slashdot reader jrepin shares an excerpt from the announcement: For 30 years, KDE has been providing the free and open-source software essential for digital sovereignty in personal, corporate, and public infrastructures: operating systems, desktop environments, document viewers, image and video editors, software development libraries, and much more. KDE's software is competitive, publicly auditable, and freely available. It can be maintained, adapted, and improved in-house or by local software companies. And modifications (along with their source code) can be freely distributed to all users and departments within an organization. KDE will use Sovereign Tech Fund's investment to push its essential software products to the next level, providing every individual, business, and public administration with the opportunity to regain their privacy, security, and control over their digital sovereignty. Slashdot reader Elektroschock also shared a statement from Fiona Krakenburger, Technical Director at the Sovereign Tech Agency. "We have long invested in desktop technologies for a reason: they are the primary way people access and use digital services in everyday life," says Krakenburger. "The desktop holds personal data and mediates nearly every service we depend on, from booking the next medical appointment, to education, to the way we work. We are investing in KDE because it is one of the two major desktop environments used across Linux and plays a key role in how millions of people experience open technology. Strengthening KDE's testing infrastructure, security architecture, and communication frameworks is how we invest in the resilience and reliability of the core digital infrastructure that modern society depends on."

Read more of this story at Slashdot.

13 May 2026 5:00pm GMT

The plan aims to speed up AI compute deployment while compensating residents.

12 May 2026 9:59pm GMT

Makary reportedly spent his year bucking Trump admin and making industry enemies.

12 May 2026 9:26pm GMT

A few weeks ago, we talked about a project within KDE to revive two of their classic themes, Oxygen and Air, and polish them up to make them usable on the current versions of KDE. The developers and designers working on this project say they've been utterly surprised by just how popular this news has proven to be, and Filip Fila published a blog post with some thoughts on this unexpected popularity. Why are people yearning so strongly for user interfaces from the past? That's the real story underneath the retro-yearning. It isn't a simply story of people wanting their childhood from the 2000s back. It's that a lot of 'the new' we've been offering doesn't satisfy. It doesn't have personality. It doesn't feel warm. It doesn't feel like it was made with the idea of being anything more than a clean product that gets the job done. The escapism towards the past is a symptom. A symptom of unmet needs, not mere sentimentality. ↫ Filip Fila Fila uses modern architecture as an example, and I think it's an apt one. While monumental modern architecture can easily be beautiful and striking, it's the mundane buildings all around us that just don't seem to elicit any positive emotions, no sense of belonging or safety. As Fila also notes, the decades-long swing to minimalism in both architecture and UI design isn't merely because of a preference among designers, but also because minimalism is a hell of a lot cheaper to produce. A building with very little ornamentation and basic, straight lines is much easier, and thus cheaper, to design, construct, and maintain. The same applies to graphical user interface design. There are some signs that the pendulum is starting to swing back towards more instead of less, in all aspects of design. More and more people are loudly demanding buildings to adopt more classical elements, and as we can all attest to here on OSNews, the longing for aspects of UI design from the '90s and early 2000s to make a return is strong. And not just among us deep in the weeds, either; I've lost count of the number of times I've seen normal people utterly confounded by modern UI design. Anyway, bring back beveled edges.

12 May 2026 8:42pm GMT

The news that Google is working to move Chrome OS to the Android technology stack, and that it wants to start putting Android on laptops, is not exactly news, as the company has been talking about it for years. At an Android event today, the company finally unveiled the culmination of all this work: Googlebooks. We're bringing together the best of Android, which comes with powerful apps on Google Play and a modern OS that's designed for Intelligence, and ChromeOS, which comes with the world's most popular browser. The result is Googlebook: a new category of laptops built with Gemini's helpfulness at its core, designed to work seamlessly with the devices in your life and powered by premium hardware. We're sharing a sneak peek into the Googlebook experience today and will have a lot more to share later this year. ↫ Alex Kuscher at The Keyword, a Google blog apparently The approach here seems very similar to Chromebooks, with Googlebooks being designed and built by various OEMs, but instead of Chrome OS they run Android in desktop mode. Of course, "AI" has been creamed all over these things, to the point where not even the venerable mouse cursor is safe: if you wiggle your cursor, it will turn into "Magic Pointer", which will highlight various "AI" actions as you hover over stuff on your screen. Google also showed off an "AI"-based feature to create widgets, as well as the ability to access files on your phone right from a Googlebook. That's about all we know as far as functionality and features goes. They're supposed to go on sale later this year, with models coming from Acer, ASUS, Dell, HP, and Lenovo.

12 May 2026 8:01pm GMT

A case study in why credentials are revoked before firings.

12 May 2026 7:12pm GMT

Every single software product is dealing with the question about what to do with "AI"-generated code, but the question is particularly difficult to answer for open source operating systems like Linux distributions and the various BSDs, which often consist of a wide variety of software packages from hundreds to thousands of different developers. On top of that, they also have to ask the "AI" question for every layer of their offering, from the base install, to the official repositories, to community-run ones. As users, we, too, are asking these same questions, wondering just how much "AI" taint we're willing to spread across our computers. I understand the difficult position Linux distributions are in with regard to "AI". I mean, when even the Linux kernel itself is tainted by "AI", a no-"AI" policy is basically an empty gesture for them at this point. Personally, I find a policy of "we don't do 'AI' in our work, but we don't have control over the thousands of components we consist of" to be an entirely reasonable, if deeply unsatisfying, position to take. What else are they going to do? You can't really be a Linux distribution without, you know, the Linux kernel, which is, as I've already said, utterly tainted by "AI" at this point. Still, in the back of my mind, I always had a trump card: if all else fails, we'll always have OpenBSD. Its project leader Theo de Raadt is deeply principled, every OpenBSD user and contributor I know hates "AI" deeply, and the project routinely sticks to their principles even when it's difficult or inconvenient. Yes, this makes OpenBSD not the most ideal desktop operating system, but I'd rather use that than something that embraces the multitude of ethical, environmental, quality, and legal concerns regarding "AI" code completely. Imagine my surprise, then, to discover that OpenBSD already contains slopcode in its base installation, with the project's leaders and developers remaining oddly silent about it. My friend and OSNews regular Morgan posted this on Fedi a few days ago: Nearly six weeks later, and the question of whether "AI" generated code in tmux - not tool-assisted bug finding, not refactoring, actual LLM-generated slop with questionable license(1) - that was consequently merged into OpenBSD base, is considered acceptable by the lead devs, remains unanswered. Despite Theo de Raadt's concrete stance against any code of questionable license origin polluting the project - and the tmux merge was indeed questionable - it seems this is being swept under the rug. This makes me extremely uncomfortable; it's like seeing a fox in the henhouse but the farmers are all looking the other way and no one can convince them to admit they can see it and root it out. I really don't know what to do being just a user; I feel like even if I tried to chime in on the mailing list I would just be ignored like the others trying to raise the alarm. I hope, as they do, that this is being discussed internally, away from the public list, and that a positive outcome is near. Maybe they are waiting for the 7.9 release before setting anything in stone. Or maybe the "AI" disease has infected one of the last pure operating system projects we have left and there's no going back. ↫ Morgan on Fedi I obviously share Morgan's concerns, and like him, I'm also afraid that opening the door to a few drops of slop in base will quickly grow into a torrent of slop as time goes by. Yes, it's just a patch to tmux, but it's in base, and the "base" of a BSD is almost a sacred concept, and entirely the last place where you want to see code that raises ethical, environmental, quality, and legal concerns. For all we know, this patch of slop or the next one contains a bunch of GPL code because it just so happens that's where the ball tumbling down the developer's pachinko machine ended up. GPL code that would then be in the base of a BSD. I echo the call for the OpenBSD project to address this problem, and to set clear boundaries and guidelines regarding "AI" code, so users and developers alike know what level of quality and integrity we can expect from OpenBSD and its base installation going forward.

11 May 2026 11:02pm GMT

Just trying to answer one simple question: What if the terminal was 3D?

11 May 2026 12:00am GMT

Break the pattern today or the loop will repeat tomorrow.

18 Apr 2026 12:00am GMT

My thoughts on AI-assisted programming.

11 Apr 2026 12:00am GMT