¶ Intro
Hey, everyone, and welcome back to your Linux and open source news show. I'm your host, Nick, and this is a podcast where we discuss everything related to Linux, open source privacy, the open web, and all of that stuff. This week, we've got some big x.org code reverts, as the project is removing some of the code that the developer behind the xLibre fork left behind them, and apparently some of that code is not really old.
that good we also have a gigantic data breach possibly the biggest that has been detected yet even though the number might be inflated somehow it still looks like a huge Huge problem. We also have the release of KDE 6.4. We've got the Maui Shell project now being put on pause. We've got a German state replacing more Microsoft products than they already did.
and a few other interesting things. As always, if you want to dive deeper into any of these topics, all the links are in the show notes. And if you want to support this show, all the links are there as well, including one to our sponsor, Tuxedo Computers.
Chances are you've heard about them by now. If you follow this channel or this podcast, they make laptops and desktops that ship with Linux pre-installed. All the hardware that they sell is picked specifically because it is really, really compatible with Linux.
which completely removes the headache of trying to run Linux on a normal device that you would buy in any normal shop or from a big-name manufacturer. I only use their computers these days. Everything that you see or hear from me is done on one- their laptops. All of the gaming stuff that I do is done on one of their desktops and they have a gigantic range. You'll find something that suits your needs in there.
Click the link in the description to learn more and to find your next Linux running device from Tuxedo Computers.
¶ X.org reverts changes made by xLibre developer
So it looks like the x.org codebase is being cleaned up after the recent removal of the contributor who started the xlibre project. Maintainers looked at a bunch of the code that this person wrote and they elected to revert a bunch of it. Among the things that were removed were licenses and copyright notices that were not being handled properly. notably removing the previous copyright of certain pieces of code and replacing it with their own.
copyright, so basically taking ownership of someone else's work. They also try to re-license some parts of the code to MIT or X11 license instead of MIT and X11 which does make a difference.
Some other code that was removed broke render or broke the NVIDIA drivers, so of course that was reverted. Basically, a lot of stuff that just didn't work right or wasn't tested properly was just reverted. And if it looks to you like something... went wrong, why is this code merged into the master branch of x.org if it's so crappy, then you're right, there is something wrong.
Well, from what I could see, a bunch of these commits and changes were approved by the same maintainer who seemed to assume that this code was tested enough and seemed to assume that this code was preparing the way for more features coming to x.org, but in the process, it broke a lot of stuff in the master branch, which is being used by a lot of distros to actually ship updates to x.org because the project itself just does not do any regular releases.
Of course, since the person making the ex-libre fork has made a strong political statement about it right off the bat, this is a politically charged topic, so people will be annoyed at anything that happens around this. I'm sure some people will frame this as
Red Hat removes code from developer who tries to create the fork, whatever. There's going to be someone spinning this in any form of light. It's fine. What it seems... to look like is that this person wrote some pretty bad code and also tried to appropriate some other people's work and a maintainer just did not really look at it and trusted the guy wholeheartedly, which led to some bad code being added.
it's now reverted this code is probably in xlibre instead and will be improved upon if you like that that's cool
¶ Biggest data breach ever contains 16B logins and passwords
Now the biggest data breach ever has happened this week. Researchers found 30 databases that contain about 16 billion... entries stolen by malicious actors, complete with Google, Facebook, Apple, GitHub, Telegram, and more accounts and passwords. Now, granted, some of those 16 billion entries...
probably overlap between the multiple different databases that were leaked. So it's probably a little lower than that. And as people told me on the daily news, this number is probably a little bit inflated for sensationalism, but it's still very likely the... biggest data breach that ever happened. These databases were quickly locked down but
It's enough to have simply one person accessing it and sharing it or selling it to be a problem. And obviously, it is a huge threat to everyone who uses the Internet. So, as always, when something like that happens, check with the Havaib...
been pwned, stuff like that, or the various services that check if your passwords are exposed, and just generally change your passwords for vulnerable accounts, enable two-factor authentication, not by SMS or email, use an actually solid form of two-factor authentication.
like an authenticator. It's not perfect, but it's better. And also, apparently, all these datasets are mostly new, meaning they've never been exposed before. They could contain information that has been exposed before, but the databases themselves... are new, except a big one of 184 million, which is a drop in the bucket with the 16 billion entries that were leaked. So to be clear, it's not...
old leaked data that's being repackaged and sold as a new database. Some of it might be old, but a lot of it is current logins and passwords.
The structure of these datasets seem to follow the same pattern. There's the URL for the website, the login for the website, and the password. It's basically how InfoStealer malware functions. That's the data that they grab. This is 100% going to be used for... phishing, but also identity theft on a mass scale, and some datasets also contained cookies and authentication tokens, which while they are valid, can be used to bypass two-factor authentication as well.
So basically it is sort of a nightmare scenario for the internet. It's not everyone's information that's being exposed because if you have 5.5 billion people using the internet, 16 billion entries would only be three accounts per person assuming no duplicates. So it's probably more 30 accounts per person and a much lower number of people being affected. But it's still a pretty bad story for the entire internet. So as always, do open your password manager, check all the important accounts.
change the important passwords, save them back and then enable two-factor authentication everywhere you can. It is annoying to log in with it but it is far more secure. Might also be a good opportunity to try out passkeys that I've heard a lot about, but I didn't really try yet.
¶ Plasma 6.4 is out
Now this week we also saw the release of Plasma 6.4. You might have watched my dedicated video on this channel or on Peertube, in which case you can move to the next chapter of this episode or this podcast, but if you just want the TLDR... you will get per virtual desktop tiling, you will get a revamped screenshot tool with a more integrated interface, more like an overlay than an app, you get color codes in KRunner, which you can copy by clicking on them, you get the first steps.
for the Waylon session restore protocol, meaning that session restore will actually start working properly now. You get improved accessibility with better keyboard navigation. You get a revamped UI in the KDE frameworks, notably when creating new folders.
or files. You get the desktop automatically dimming when an application asks for your password. You get better system monitors. You get a night and day wallpaper that switch automatically. You get a new animations page in the settings to change all. little graphical animations when opening closing minimizing maximizing windows
You also have improved notifications with action buttons appearing in the notification history. You get do not disturb by default when doing something full screen. You've got graphs in the file transfer notifications. The widgets also got a few updates. with a new tag appearing next to newly installed applications.
You also have a playback speed indicator and selector in the media player applet and more. You even have an HDR calibration wizard, more options all around. It is a fantastic release with a lot of new stuff and a... cool focus on accessibility since there's been a lot of discussion around that in the Linux community recently. So...
Tackling that is good, there are a lot of efforts being done on accessibility. It's not there yet, it's not perfect, but it is making really solid progress, so it bears a mention here. Also, this really cemented my opinion that KDPlasma is currently the best Linux desktop environment. It is simple, it is way less buggy than it used to be, it has a simple design, a lot of options that are now surfaced when they need to be and hidden when they don't.
I know some people will always prefer something else. For me, at the very least, KDE is the best desktop environment right now, and I plan on keeping using it because it's really, really good. Doesn't mean I don't love GNOME. It's still very nice.
¶ German state keeps replacing Microsoft products
Now, last week, you might have seen that Denmark was ditching Microsoft Office and Linux, but this was falsely reported by the original outlet who did the interview. They said they were gonna ditch Linux, but actually, the minister never really said that.
Everyone, myself included, picked up on the story, reported they were dropping Linux. They're not. They're just dropping Microsoft Office. But in Germany, though, there's an organization ditching Microsoft stuff more and more. It's Schleswig-Holstein. It's a German... which already started their transition away from Microsoft in 2023. They're phasing out Microsoft Office, including Microsoft Teams, and they're going to replace that with LibreOffice and OpenExchange.
At the various, maybe some other stuff will be replaced. 30,000 public employees already moved to open source solutions in this state and they plan to do the exact same with 30,000 teachers in that state as well for 60,000 people using open source solutions. Apparently, they're also planning to replace Windows with Linux over the next few years to completely replace their dependency on Windows, although that transition is a longer-term thing and not done right now.
The minister in charge of these efforts said that the geopolitical situation for the past few months made the path that they've chosen way more interesting not only for themselves but also for other countries and organizations. So of course it's not an entire country replacing their entire Windows fleet with Linux, it's just one German federal state, but it's still a pretty big step forward for Linux in general. Now what we need, I think...
is an actor or a group of actors proposing a turnkey solution. They would give you installs of Linux with the technical support needed. installs of LibreOffice, Open Exchange, Nextcloud, whatever else, and all the technical support locally. that you need for that transition, all the training for the employees or the public sector employees, basically the entire package. This is what Microsoft gives you when you sign for their subscription or whatever. Maybe the support is paid extra.
but you do have all of that. We need one single point of purchase, a single entity selling that and maybe partnering up with local entities, local shops, local groups to help accompany this transition. But I think the real... only way to move forward with this transition from Microsoft to open source, including Linux, is having a solid all-in-one provider instead of having...
Every single EU country or department or ministry or state looking at their own Linux distro, their own Nextcloud instance, their own thing, we probably should have a turnkey solution that can be self-hosted. all software as a service and would be way easier to deploy and understand.
¶ ui shell project is now on pause
Now, I reported a few times on the MAUI Apps and the MAUI Shell desktop, which is a new desktop interface and set of adaptive applications being developed mostly by Nitrux. Well, they're apparently abandoned. their efforts to develop their own desktop shell.
Previously, they used the NX desktop as their environment. It was a desktop based on KDE 5.27. They didn't really update it to Plasma 6 because they wanted to work on their own MAUI shell. The thing is, this is the... taking much longer than expected, there's not a lot of external contributions, it is a lot of work to build a desktop shell, and porting the NX Desktop to Plasma 6 will also take
a lot of damn work, which means that instead they've decided to not port the NX desktop to Plasma 6 and to stop working on MAUI Shell for the time being and to replace the NX desktop with Hyperland plus Weibo... and WLogout which are two utilities that will display an actual graphical interface on top of Hyperland.
This will not affect the development of MAUI apps, which are kind of cool, I tried a few, they're nice, but at least the development of MAUI shell is stalled for now. They say it's not dead, so maybe they're just doing that to make sure that their current users have a... reasonable solution because 5.27 is way too old and just lacks a bunch of stuff today so providing users with something else is good and once this is done maybe they'll resume working on maui shell afterwards
I was always very interested in the MAUI shell and the MAUI apps. And while I tried using a few MAUI apps on my system and found them really serviceable, I never really gave a shot to the MAUI shell. So hopefully it comes back in some form or another. And this time I won't put this thing on the back burner for two years. Making a video about this has been in my to-do list for like, yeah, two or three years. I need to cover it at some point. So hopefully it resumes.
I like desktop environments, I like choice, I want more of those, and this could be a very cool option. So hopefully, they can resume development of it.
¶ Uniwill/TongFang laptops getting mainline kernel support
Now this week we also have some good news for Linux laptop compatibility because there's some progress to add drivers for UniWare laptops into the mainline kernel. Uniwell is an ODM for original design manufacturer. If you heard about Clevo, they're doing kind of the same thing. They build laptop models that other brands can then customize, rebrand, upgrade.
test and sell. From what I could find, they're a Taiwanese brand and their factories are in China, where they're called Tong Feng, which you might have heard about, but correct me if I misunderstood that because it seems like a complex political and technical landscape there. They're used by tons of different brands for some of their laptops, like maybe you've heard some of those, Electronics, CyberPower PC in the US, XMG Tuxedo, of course, PC Specialist, Hyperbook, and more.
These laptops have had drivers out of the main kernel tree for a while, but this means that you had to install additional modules to make them work 100%, notably to enable battery charging rate limiting, light bars, hardware monitoring...
some hotkeys, certain keyboard features and the like. That's why on specific certain Tuxedo devices It's best to add the Tuxedo repos, they guide you step by step for that, but you kind of need to do it if you want access to your light bar or to some certain keyboard shortcuts and stuff like that, because these external drivers contain a few elements that makes the laptop
100% functional. It's going to be the exact same with laptops sold by other brands like Eluktronic, CyberPowerPC and others. Now with this patch set. This should no longer be a problem, the code is under review, but this should make Linux compatibility a lot better with a bunch of lesser-known brands and that is, I think, a good thing.
Because it means you can just buy a laptop from a manufacturer, slap Linux on it, and you don't have to worry if this manufacturer has a repo for Linux. And if they don't, is there another manufacturer that has made the repo for the exact same model? Which model name is...
Is it for them? Which driver should I install? This can be a nightmare. If everything is just slaughtered in the mainline kernel, then you don't have to worry about it. You install your distro and boom, it just works. You don't have to add any external packages. This also...
probably means that distributions from Tuxedo and others can be updated a bit more often because they don't really need to recompile drivers into specific packages and whatever, it's all in the kernel and it works, and that's just better for everyone.
¶ Meta's model can spit out 42% of Harry Potter
Something that is not going to help Meta's case or AI in general, Meta's LLM, LAMA 3.1, can apparently recall up to 40% of the entire... first Harry Potter book, word for word, and it will spit it out on demand, little bits by little bits, something that is probably copyright infringement because Meta just does not have the rights to those books and is actually currently being sued for using copyrighted works to train their AI.
What's interesting is that since the first version of Lama from 2023, this percentage actually rose, meaning that despite their legal troubles that are currently ongoing, Meta didn't give two craps and doubled down on training on unauthorized material. Of course, this is not limited to Harry Potter, which I would argue pirate that away because the author is horrible, but the model is also very capable when it comes to spitting out The Hobbit 1984 and a bunch of other very well- known books.
Now this memorization could be attributed to meta-training on public forums where people repeat quotes over and over again, but what the model can spit out isn't just a few sentences that are quote-worthy, it's full passages from the books. Most AI companies say that these are fringe cases and that you have to work very hard at a prompt to get the model to spit out verbatim text.
But the real gist of the issue isn't really reproducing the content. It's whether just training on that content is copyright infringement. or not. The US Copyright Office said it was not covered under fair use, but then their director got fired by the president the next day for publishing their findings. Other lawsuits haven't really gone anywhere yet, and there are basically three theories that would make AI use of copyrighted works infringing.
First, you need to make a digital copy of the work to train on it, which is infringing. You don't have the right to make that digital copy without asking the publisher or having a deal with them. Second, you have to copy information from the training data to the model, so the model itself could be a derivative work. And third, the model can generate a portion of a copyrighted work verbatim, so that would be infringement as well.
And of course, until a court of law in the US and anywhere else in the world decides to rule on that, which is taking way too long, we won't know if this is a problem or not. Obviously, I do think it is a big problem. Others don't. We'll have to wait.
and see where this goes. What is certain is that these companies know that they should probably pay publishers to have the right to access their content because they already struck a lot of deals with the publishers that had the financial means and power.
to sue them. They haven't struck deals with publishers that don't have that strength, which seems to indicate that they know they should pay, but they won't pay anyone that just cannot sue them realistically because they just don't have the money or the army of lawyers that
necessary, which is the most corporate thing ever. Hopefully those lawsuits happen at some point or ruled and Finally, we can see if these companies can pilfer the internet at will or if they do have to have some little modicum of ethics, which would be nice.
¶ Microsoft's text editor runs on Linux
Now a funny little tidbit, it looks like Microsoft's new open source terminal-based text editor runs on Linux no problem. I initially assumed that it was Windows only, but it also works on Linux and macOS apparently. and using it isn't as dumb as it might sound, even though it is a Microsoft project.
If you're not a terminal veteran, its interface is likely going to be way nicer to use than something like Vim, Emacs, or even Nano or Micro, because it does have graphical elements that you can click with your mouse if you want. It's also apparently quite fast at opening large files, and if you're used to VS Code shortcuts, it uses some of the same ones here.
Your distro might already package it, for example Arch and Manjaro do so, but if not, you can just download the archive from Microsoft's GitHub and you can launch the executable from the terminal. Probably you should also link that executable to your directory where you have all your terminal executables so you can invoke it by just typing its name instead of having to cd into its folder every time. And I think it's just fun to run a terminal-based Microsoft project
on Linux. It is open source, so I don't really see a big problem with that. Honestly, nano is more than enough for my text editing needs for what I do in a terminal, but having access to that one is kind of fun. It's unexpected and funny.
¶ The final year of the hackintosh
This week also marked the death of the Hackintosh as Apple announced that the next version of macOS, macOS Tahoe or macOS 26 will be the final one that runs on Intel based Macs. This means that anything that releases in 2026, which will be called macOS 27, and everything that releases after that will be Apple Silicon exclusive and likely will not contain
any of the necessary bits to run anything on x86 computers. Without these bits, of course you can't run this OS on an x86 Mac, but also you can't run it on any Hackintosh.
It also means app developers will slowly stop building universal binaries that have the code to run on those architectures. So even if you managed to keep an older Hackintosh or an older Intel Mac running, It likely would not run any apps after a few years, it will just stop working with everything and become unusable securely and efficiently.
Now maybe someone will still be able to create compatibility patchers that port drivers and kernels from older versions of macOS to the newer ones and maybe they'll be able to bypass the compatibility checks, but as soon as the entire default apps completely lose. all the bits necessary to run on x86 max then you're done it's just never gonna work and having used some of those legacy patchers on an old cheese grater mac pro they're just not worth the work that you have to put in
to patch those systems. They're already super unreliable. I wouldn't hold my breath for that happening for an entire architecture conversion using parts of an old macOS system onto a newer one. Now it does make me sad because I've played around with hackintoshes since 2008, my very first laptop was turned at the time into a Hackintosh running, I think it was Mac OS X Tiger or Leopard, one of the two. It was fun and it worked...
fantastically once I managed which texts I needed to check in the various installers that I tried and used, and once I figured out that it was just going to use USB one speeds and so would take nine hours to install. But it was fun, virtually every single computer I've owned since then, I tried, first thing after unpacking it...
to install macOS on it, just to see how much it had progressed, how it worked, and if it was fun. And then I removed macOS because it is a really bad operating system for my own use case, but it's still fun. You're learning another architecture, you're fiddling around, it's cool.
This will no longer be possible, and it kind of sucks. Maybe someone will be able to do kind of the same thing, but for other ARM-based devices, but I highly, highly doubt that that's gonna work. Now the Steam Deck passed.
¶ Steam Deck hits 20 000 games
And let's conclude on some gaming news. First, the Steam Deck passed 20 000 games on their verified and playable list, which also means 20 000 games marked as compatible with any device running SteamOS. Recently added titles in the verified category include Stellar Blade, Star Overdrive, Myst Masterpiece Edition, Riven, and Mystery Exile. And games added to the playable list include, notably, Dune Awakening.
I'm not going to repeat the same stuff every time. More games equals more people potentially playing on a Steam Deck or a SteamOS device equals more success for Linux gaming equals good.
¶ Steam enables proton for all games, all the time
There's also a cool change in the latest Steam beta. No longer will Linux users have to go to the Steam menu, options, then go to compatibility and click enable Steam play for all other titles. for them to be able to install anything on Steam. It will now be enabled by default
for everyone. So, opening Steam after a fresh install will just let you click on the buttons to install your games, no matter if they are an officially supported game with Proton or any other game, you don't need to take a trip to the... You don't need to restart the steam client and in the compatibility options All you get is a selector for the default proton version and that is it and it is a great change It was something all Linux team users
probably did anyway if they wanted to game because you didn't really have a choice. It made no sense to keep it disabled by default, especially since there are more chances today that a game will run. then it won't, so the experience isn't deceptive either. Native Linux games will still have their native version by default, it won't be automatically Proton based, and all other games will just have their install button ready to be clicked.
Now what would be good is if they added the SteamOS compatibility rating right next to that install button every time they detected that you're running Linux as a whole. The SteamOS compatibility rating is going to be the exact same whether you run SteamOS...
or Linux unless you run a very very weird distro that shouldn't run Steam in the first place because it lacks all the compatibility libraries, the frameworks and whatever that Steam is supposed to install with itself. So technically displaying the SteamOS compatibility
should work for every single Linux system. So it would be nice if it was shown next to the install button so everyone would have a quick view of, hey, this thing will work or this thing probably won't. Would probably be a good step forward. Anyway. It's one less option to check and it makes sense for every Linux user to just have their games available because they just tend to work.
So, this will conclude this episode. I hope you enjoyed listening to it. As always, all the links that I use to write this show are in the show notes. Do check them out for more information on the topics that interest you the most. You also have plenty of links to support the channel, including one to our... sponsor Tuxedo Computers. And well, I guess you'll hear me in the next episode. It won't be next week because I will be on vacation. So it's going to be in the first week of July.
Have a nice week and I guess you'll hear me in the next one in two weeks.