Programming

What Made Golang Become Popular? Its Creators Look Back (acm.org) 52

Created at Google in late 2007, the Go programming language was open sourced in late 2009, remember its creators, and "since then, it has operated as a public project, with contributions from thousands of individuals and dozens of companies."

In a joint essay in Communications of the ACM, five of the language's five original creators explore what brought growing popularity to this "garbage-collected, statically compiled language for building systems" (with its self-contained binaries and easy cross-compilation). "The most important decisions made in the language's design...were the ones that made Go better for large-scale software engineering and helped us attract like-minded developers...." Although the design of most languages concentrates on innovations in syntax, semantics, or typing, Go is focused on the software development process itself. Go is efficient, easy to learn, and freely available, but we believe that what made it successful was the approach it took toward writing programs, particularly with multiple programmers working on a shared codebase. The principal unusual property of the language itself — concurrency — addressed problems that arose with the proliferation of multicore CPUs in the 2010s. But more significant was the early work that established fundamentals for packaging, dependencies, build, test, deployment, and other workaday tasks of the software development world, aspects that are not usually foremost in language design.

These ideas attracted like-minded developers who valued the result: easy concurrency, clear dependencies, scalable development and production, secure programs, simple deployment, automatic code formatting, tool-aided development, and more. Those early developers helped popularize Go and seeded the initial Go package ecosystem. They also drove the early growth of the language by, for example, porting the compiler and libraries to Windows and other operating systems (the original release supported only Linux and MacOS X). Not everyone was a fan — for instance, some people objected to the way the language omitted common features such as inheritance and generic types. But Go's development-focused philosophy was intriguing and effective enough that the community thrived while maintaining the core principles that drove Go's existence in the first place. Thanks in large part to that community and the technology it has built, Go is now a significant component of the modern cloud computing environment.

Since Go version 1 was released, the language has been all but frozen. The tooling, however, has expanded dramatically, with better compilers, more powerful build and testing tools, and improved dependency management, not to mention a huge collection of open source tools that support Go. Still, change is coming: Go 1.18, released in March 2022, includes the first version of a true change to the language, one that has been widely requested — the first cut at parametric polymorphism.... We considered a handful of designs during Go's first decade but only recently found one that we feel fits Go well. Making such a large language change while staying true to the principles of consistency, completeness, and community will be a severe test of the approach.

Upgrades

Hollywood Designer 6.0 Released: Now a 'Full-Blown Multimedia Authoring System' (amigans.net) 20

After nearly 20 years, Hollywood Designer 6.0 is "very stable and mature", write its developers — envisioning both hobbyist and professional users (with its support for modern graphics-editing features like filter effects and vector graphics) in its massive new evolution.

Long-time Slashdot reader Mike Bouma explains: Airsoft Softwair has released Hollywood Designer 6.0, "a full-blown multimedia authoring system that runs on top of Hollywood and can be used to create all sorts of multimedia-based applications, for example presentations, slide shows, games, and applications. Thanks to Hollywood, all multimedia applications created using Hollywood Designer can be exported as stand-alone executables for the following systems: AmigaOS3, AmigaOS4, WarpOS, MorphOS, AROS, Windows, macOS, Linux, Android, and iOS."

The current version of Hollywood is v9.1 with various updated add-ons. To see earlier versions of Hollywood 9.0 & Designer 5.0 in action have a look at Kas1e's short demonstration on AmigaOS4 / AmigaOne X5000.

Handhelds

Palm OS Developer Releases Source To Classic Games, 20+ Years After Release (github.com) 22

Munich-based developer Aaron Ardiri is Slashdot reader #245,358, with a profile that still identifies him as a Palm OS developer. Which surprised me, because Palm OS's last update was in 2007. (Then again, ardiri's Slashdot profile also still includes his screen name on AOL Instant Messenger.)

So, a long-time Slashdot reader. And this week he stopped by to share a little history — in more ways than one. ardiri writes: Before the iOS and Android entered the scene — heck, even before the smartphone concept — was the handheld personal digital assistant, with the likes of Newton, Palm OS, Windows Mobile and Symbian.

Palm OS had a thriving gaming scene; with the likes of emulators and implementations/clones of classics such as LodeRunner, Lemmings, and the classic Game and Watch.

But the real news of ardiri's original submission is hidden in its headline. "Palm OS developer releases source to classic games, 20+ years after release." Written mainly in C and optimizations in assembler — maybe these games will make their way to the various Arduino like micro-controllers out there; designed for low memory, low processing power environments they would port perfectly.
Microsoft

Biggest Targets at Pwn2Own Event: Microsoft's Windows, Teams, and Ubuntu Desktop (hothardware.com) 17

As Pwn2Own Vancouver comes to a close, a whopping $1,115,000 has been awarded by Trend Micro and Zero Day Initiative. The 15th anniversary edition saw 17 "contestants" attacking 21 targets, reports Hot Hardware — though "the biggest payouts were for serious exploits against Microsoft's Teams utility." While Teams isn't technically a part of Windows, it does come bundled with all new installs of Windows 11, which means that these exploits are practically Windows exploits. Hector "p3rr0" Peralta, Masato Kinugawa, and STAR Labs each earned $150,000 for major exploits of the utility.

Windows 11 itself wasn't spared, though. Marcin Wiazowski and STAR Labs each earned $40,000 for privilege escalation exploits on Microsoft's operating system on day one, and on day two, TO found a similar bug for a $40,000 payout of his own. Day three saw no less than three more fresh exploits against Windows 11, all in the serious privilege escalation category; all three winners pocketed another $40,000....

Other targets attacked at Pwn2Own 2022 included Mozilla Firefox (hacked), Apple Safari (hacked), and Ubuntu Desktop (hacked)... Of course, details of the hacks aren't made public, because they're zero-days, after all. That means that they haven't been patched yet, so releasing details of the exploits could allow malicious actors to make use of the bugs. Details will be revealed 3 months from now, during which time Microsoft, Tesla, Apple, and others should have their software all sewn up.

With all the points totalled, the winner was Singapore-based cybersecurity company Star Labs, which was officially crowned "Master of Pwn" on Saturday. "They won $270,000 and 27 points during the contest," explains the official Twitter feed for Zero Day Initiative (the judges for the event).

A blog post from Zero Day Initiative describes all 21 attacks, including six successful attacks against Windows, three successful attacks against Teams — and four against Ubuntu Desktop.
Amiga

How to Write Your Own Games - for the Amiga 35

Mike Bouma (Slashdot reader #85,252) writes: With the release of the A500 mini (which also supports A1200 games) and its side loading feature you may be interested to get started with Amiga Retro games development. This is why I collected some recent Amiga games development tutorials and added some additional information.

A popular game programming language on the Amiga is Blitz BASIC or AmiBlitz as the freely available and open source version is called now. The latest version (v 3.9.2) was recently released. The best known game developed with Blitz Basic is Team 17's original Worms game for the Amiga 500 in 1995. Meanwhile the Worms franchise has sold over 75 million game units across many different platforms. Daedalus2097 has just started an AmiBlitz video tutorial series on Twitch.tv: Part 1, Part 2 and Part 3. An example AmiBlitz game currently under development is Super Metal Hero (A1200) and here's a shooter level in the game.

REDPILL is a 2D game creation tool written in AmiBlitz by Carlos Peris and is designed to empower people to create many games for Amiga without programming knowledge. It's still early days but the first games are already being designed using this tool. An example game designed with this tool is Guardian — The legend of flaming sword.

The "Scorpion Engine" developed by Erik 'Earok' Hogan is a closed source game engine with all software developed for it open source. It offers a modern Windows IDE for development. In this video, Erik Hogan guides Micheal Parent from Bitbeam Cannon step by step as they create a legit retro video game from scratch. Various new games have and are being developed using this engine. An already released game is Amigo the Fox and an example game under development is Rick Dangerous (A1200 version).

If you want to dig deeper into Amiga coding then here's a series of Assembly game development tutorials by Phaze101. An example game currently being written in assembler is RESHOOT PROXIMA 3 (A1200).

If you are unexperienced with coding but would like to then here are some Amos (BASIC) tutorials for you: Rob Smith's How to program Wordle in AMOS on the AMIGA and Lets Code Santa's Present Drop Game.
HP

HP Chooses Ubuntu-Based Pop!_OS Linux For Its Upcoming Dev One Laptop (betanews.com) 64

System76's CEO Carl Richell announced that HP has chosen the Ubuntu-based Pop!_OS operating system to run on its 14-inch developer-focused notebook called "Dev One." Brian Fagioli from BetaNews speculates that a HP acquisition of System76 "could be a possibility in the future -- if this new relationship pans out at least." He continues: HP could be testing the waters with the upcoming Dev One. Keep in mind, System76 does not even build its own laptops, so we could see the company leave the notebook business and focus on desktops only -- let HP handle the Pop!_OS laptops. "We've got you covered. Experience exceptional multi-core performance from the AMD Ryzen 7 PRO processor and multitask with ease. Compile code, run a build, and keep all your apps running with more speed from the 16GB memory. Plus, load and save files in a flash, thanks to 1TB fast PCIe NVMe M.2 storage. We've even added a Linux Super key so shortcuts are a click away. Simply put, HP Dev One is built to help you code better," explains HP.

The company adds, "Pop!_OS is at your service. Create your ideal work experience with multiple tools to help you perform with peak efficiency. Use Stacking to organize and access multiple applications, browsers, and terminal windows. Move, resize, and arrange windows with ease or, let Pop!_OS keep you organized and efficient with Auto-tiling. And use Workspaces to reduce clutter by organizing windows across multiple desktops." Apparently, there will only be one configuration priced at $1,099. So far, no details about a release date have been announced other than "coming soon."

Microsoft

Microsoft Tests Windows 11 Desktop Widgets With Web Search Bar (theverge.com) 33

Microsoft is adding an optional web search to the Windows 11 desktop in the operating system's latest Insider Preview Build. From a report: The company describes the feature as "lightweight interactive content" -- the first, it says, of many such tools it's considering adding to Windows 11 -- but let's call the thing what it really is: a widget. Not everyone signed up to the latest Windows 11 preview build will see the new search box, but anyone who does and doesn't like it can disable the feature by right-clicking on the desktop, selecting "Show more options," and then toggling "Show search." If you are running the latest preview build, you'll also have to restart your computer to give the search box a chance to show up.
Microsoft

Surprise: Microsoft Has a Second Internal-Use-Only Linux Distro (zdnet.com) 59

ZDNet reports there's more than just the one Microsoft-created Linux distribution for internal use only called CBL (Common Base Linux) Mariner.

"It turns out there's another Microsoft-developed Linux distribution that's also for internal use that's known as CBL-Delridge or CBL-D." I discovered the existence of CBL-D for the first time this week in a rather round-about way. I stumbled onto a February 2 blog post from Hayden Barnes. a Senior Engineering Manager at SuSE who led the Windows on Rancher engineering team, which traced his steps in discovering and building his own image of CBL-D. Barnes noted that Microsoft published CBL-Delridge in 2020, the same year that it also published CBL-Mariner. The main difference between the two: Delridge is a custom Debian derivative, while Mariner is a custom Linux From Scratch-style distribution.

CBL-D powers Azure's Cloud Shell. The Azure Cloud Shell provides a set of cloud-management tools packaged in a container. In a note on the GitHub repo for the Cloud Shell, officials noted that "the primary difference between Debian and CBL-D is that Microsoft compiles all the packages included in the CBL-D repository internally. This helps guard against supply chain attacks...."

CBL-Mariner and CBL-Delridge are just two of the Microsoft-developed Linux-related deliverables from the Linux Systems Group. Others include the Windows Subsystem for Linux version 2 (WSL2), which is part of Windows 10; an Azure-tuned Linux kernel which is designed for optimal performance as Hyper-V guests; and Integrity Policy Enforcement (IPE), a proposed Linux Security Module (LSM) from the Enterprise and Security team.

Python

Want to Run Python Code in a Browser? Soon You Might Be Able To (zdnet.com) 88

ZDNet reports news from PyCon 2022 ("the first in-person meet-up for Python contributors since 2019 due to the pandemic")

"Developers revisited the idea of running Python code in the browser...." CPython developer Christian Heimes and fellow contributor Ethan Smith detailed how they enabled the CPython main branch to compile to WebAssembly. CPython, short for Core Python, is the reference implementation that other Python distributions are derived from. CPython now cross-compiles to Wasm using Emscripten, a toolchain that compiles projects written in C or C++ to Node.js or Wasm runtimes. The Python Software Foundation highlighted the work in a blog post: "Python can be run on many platforms: Linux, Windows, Apple Macs, microcomputers, and even Android devices. But it's a widely known fact that, if you want code to run in a browser, Python is simply no good — you'll just have to turn to JavaScript," it notes.

"Now, however, that may be about to change."

While the Foundation notes cross-compiling to WebAssembly is still "highly experimental" due to missing modules in the Python standard library, nonetheless, PyCon 2022 demonstrated growing community interest in making Python a better language for the browser.

The article notes additional news from Anaconda (makers of the a Python distribution for data science): the announcement of PyScript, "a system for interleaving Python in HTML (like PHP)." It allows developers to write and run Python code in HTML, and call Javascript libraries in PyScript. This system allows a website to be written entirely in Python.

PyScript is built on Pyodide, a port of CPython, or a Python distribution for the browser and Node.js that's based on WebAssembly and Emscripten.... "Pyodide makes it possible to install and run Python packages in the browser with micropip. Any pure Python package with a wheel available on PyPI is supported," the Pyodide project states. Essentially, it compiles Python code and scientific libraries to WebAssembly using Emscripten.

Google

Google Announces Flutter 3, Now With macOS and Linux Desktop Support (xda-developers.com) 25

An anonymous reader quotes a report from XDA Developers: Google created Flutter a number of years ago, with the aim to make a cross-platform software framework. Flutter's biggest strength is that it can be used to build applications for Android, iOS, Linux, Windows, macOS, and even the web, and all from the same shared codebase. While building apps for Windows received stable support back in February, both macOS and Linux were still only in beta. Now that's changing, as Google has announced Flutter 3 at this year's Google I/O, complete with stable support for building apps for macOS and Linux.

Of course, cross-platform support for both of these new platforms requires more than just programs being able to run. They need to fit in with the rest of the experience, and they need to support specific features that may be unique, as well. That's why Google is highlighting two things: the first is that Linux support helped by Canonical (the publisher of Ubuntu) and Google collaborating in order to "offer a highly-integrated, best-of-breed option for development."

As Google puts it, Canonical is already developing with "Flutter for key shell experiences including installation and firmware updates." What's more, their Linux-specific packages "provide an idiomatic API for core operating system services including dbus, gsettings, networkmanager, Bluetooth and desktop notifications, as well as a comprehensive theme and widget set for Yaru, the Ubuntu look and feel." As for macOS, Google invested in supporting both Intel and Apple Silicon devices, with Universal Binary support that allows apps to package executables that run natively on both architectures.
Tim Sneath, Director of Product and UX for Flutter & Dart, highlights all the new improvements in a Medium post.
Windows

Windows 11's Sound Recorder Is Bringing Back Features Removed Years Ago (arstechnica.com) 30

An anonymous reader quotes a report from Ars Technica: Windows' Sound Recorder app has gone through a few iterations since its initial release in Windows 3.0 back in 1990, when it launched as a simple app that could only record 60 seconds of audio at a time. But the app vanished altogether in Windows 10, replaced by a totally new app called Voice Recorder, which can record and trim basic sound recordings and save them as m4a files. Sound Recorder is now making a comeback, and Microsoft is currently testing a revamped version for Windows Insiders in the Dev channel. The company announced the redesign in a blog post summarizing Windows 11's updates to built-in Windows apps.

The new Sound Recorder uses a two-column layout similar to Voice Recorder's, with playback and trimming controls to the right and a list of all the files you've recorded on the left. But it adds some old Sound Recorder features that disappeared from the app years ago, when it was boiled down to almost nothing in Windows Vista. The app has a waveform visualizer that appears during recording and playback, and you can once again choose to save or open files in multiple formats (including the default m4a, as well as mp3, wma, FLAC, and WAV). The new Sound Recorder can also adjust audio playback speed from 0.25x to 4 and set markers so you can easily jump from place to place within a large audio recording.

Microsoft

Microsoft Recommends People Uninstall Optional Windows 11 Update KB5012643 (extremetech.com) 75

DrunkenTerror shares a report from ExtremeTech: Microsoft is advising Windows 11 users to uninstall a recent update. Reports indicated the optional update KB5012643 is causing various apps to crash. The problem involves an interaction between the update and the .Net Framework that's part of Windows. At this time it's unclear which apps are affected by the issue, leaving uninstallation as the "only" viable solution.

"Affected apps are using certain optional components in .NET Framework 3.5, such as Windows Communication Foundation (WCF) and Windows Workflow (WWF) components." This update also broke Safe Mode. Microsoft says when users booted into 'Safe Mode without networking' users might see the screen flicker. Per MS, "Components that rely on explorer.exe, such as File Explorer, the Start menu, and the taskbar, can be affected and appear unstable." Microsoft issued a Known Issue Rollback (KiR) for this already so it should be fixed. If you encounter it, you should be able to resolve it by enabling network support in Safe Mode.

Security

Hackers Are Now Hiding Malware In Windows Event Logs (bleepingcomputer.com) 49

Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. BleepingComputer reports: The method enabled the threat actor behind the attack to plant fileless malware in the file system in an attack filled with techniques and modules designed to keep the activity as stealthy as possible. [...] The dropper copies the legitimate OS error handling file [...] and then drops an encrypted binary resource to the 'wer.dll' (Windows Error Reporting) in the same location, for DLL search order hijacking to load malicious code. DLL hijacking is a hacking technique that exploits legitimate programs with insufficient checks to load into memory a malicious Dynamic Link Library (DLL) from an arbitrary path.

[Denis Legezo, lead security researcher at Kaspersky] says that the dropper's purpose is to loader on the disk for the side-loading process and to look for particular records in the event logs (category 0x4142 - 'AB' in ASCII. If no such record is found, it writes 8KB chunks of encrypted shellcode, which are later combined to form the code for the next stager. "The dropped wer.dll is a loader and wouldn't do any harm without the shellcode hidden in Windows event logs," says Legezo. The new technique analyzed by Kaspersky is likely on its way to becoming more popular as Soumyadeep Basu, currently an intern for Mandiant's red team, has created and published on GitHub source code for injecting payloads into Windows event logs.

Earth

Climate Scientists Say South Asia's Heat Wave (120F) is a Sign of What's To Come (npr.org) 162

Summer has arrived in South Asia WAY too early. A punishing heat wave has pushed temperatures past 120F (50C) in some areas. Some schools have closed early for the summer. Dozens of people have died of heatstroke. From a report: The region is already hard-hit by climate change. Extreme heat is common in May. But not in April and March, both of which were the hottest across much of India for more than a century. "It's smoldering hot! It's also humid, which is making it very difficult," Chrisell Rebello, 37, told NPR in line outside a Mumbai ice cream parlor at 11 p.m. "We need a lot of cold drinks, air conditioning -- and multiple baths a day." Only a fraction of Indians -- mostly, the wealthy -- have air conditioning. Instead people soak rags in water and hang them in doors and windows. Still, electric fans and AC have pushed India's electricity demand to a record high.

The problem is that 70% of India's electricity comes from coal. So the government is converting passenger trains to cargo service, to rush coal supplies to beleaguered power plants, and also importing more coal from abroad. And rolling blackouts are hurting industrial output. In the short term, experts say India has no choice but to burn coal to keep fans and ACs on. But in the long term, it must transition to renewables, to avoid a vicious circle of warming, says Ulka Kelkar, a Bengaluru-based economist and climate change expert with the World Resources Institute. "[With] heat plus humidity, at some stage [it] becomes almost impossible for the human body's organs to function normally," Kelkar explains. "Basically the body just cannot cool itself, and a large fraction of our population in India still works outside in the fields, on building construction, in factories which are not cooled." More than a billion people are at risk of heat-related illness across South Asia. Hospitals are preparing special wards.
Further reading: India's Heatwaves Are Testing the Limits of Human Survival.
Twitter

Twitter's Decentralized, Open-Source Offshoot Releases Its First Code (theverge.com) 27

Bluesky, Twitter's open-source offshoot, has released early code for a decentralized social network protocol. The Verge reports: The system is dubbed the Authenticated Data Experiment (or ADX) and is available on GitHub for developers to test, although Bluesky emphasizes that it's incomplete. It's one of the most substantive windows into Bluesky's workings since the project was conceived in 2019 and formally incorporated in early 2022. Bluesky CEO Jay Graber writes that ADX will be the start of a semi-public development process. "We're going to take a middle path of releasing work before it's complete, but also giving ourselves time to workshop new directions at early stages," Graber says. The GitHub repository includes an overview of ADX's goals and design as well as some experimental code. "Feel free to play around, but don't try to build your next big social app on this yet. Things are missing, and things are going to change," Graber says. The code is available under an open source MIT License.

ADX isn't a single, standalone social network design. It's a protocol built around user-controlled "Personal Data Repositories" that social network developers could choose to support. Among other things, it's supposed to let users transfer social media posts or engagement between networks without eroding the networks' own moderation options. "On the Web, this data lives on the social platform where it was created. In ADX, this data will live in Personal Data Repositories owned by the user," the overview explains. Platforms can choose to only index some of this content -- drawing a distinction between "speech," or the ability to keep data in the repository, and "reach," or being able to see that data on a given platform.

The Internet

Microsoft Edge Overtakes Safari As World's Second Most Popular Desktop Browser (macrumors.com) 100

Microsoft Edge has overtaken Apple's Safari to become the world's second most popular desktop browser, based on data provided by web analytics service StatCounter. MacRumors reports: According to the data, Microsoft Edge is now used on 10.07 percent of desktop computers worldwide, 0.46 percent ahead of Safari, which stands at 9.61 percent. Google Chrome remains in first place with a dominant 66.64 percent share, and Mozilla's Firefox stands in fourth with 7.86 percent. As the default Windows 11 browser, the popularity of Edge has crept up in recent months, with the first concrete signs that it would surpass Safari to take second place coming in February, when it was used on 9.54 percent of desktops globally. Back in January 2021, Safari held a 10.38 percent market share, indicating a gradual slippage in popularity over the last 14 months.

Meanwhile, first-placed Chrome has seen its user base increase incrementally over that time, but perhaps surprisingly, Firefox has leaked users since the beginning of the year, despite regular updates and improvements. That suggests Safari's hold on third place isn't in immediate danger, having lost only 0.23 percent share since February, but things could always change fast if Apple decides to introduce sweeping changes to the way Safari works in macOS 13 later this year.
It's a different story when it comes to mobile platforms, notes MacRumors. "In StatCounter's analysis, Edge doesn't even make it into the top six browsers on mobile, but first-placed Chrome commands 62.87 of usage share, with Safari on iPhones and iPads taking a comfortable 25.35 percent in second place, 20.65 percent ahead of third-placed Samsung Internet, with 4.9 percent."
Botnet

Botnet That Hid For 18 Months (arstechnica.com) 12

An anonymous reader quotes a report from Ars Techinca: It's not the kind of security discovery that happens often. A previously unknown hacker group used a novel backdoor, top-notch tradecraft, and software engineering to create an espionage botnet that was largely invisible in many victim networks. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims' networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim environment and picking up where things left off. There are many keys to its stealth, including:

- The use of a unique backdoor Mandiant calls Quietexit, which runs on load balancers, wireless access point controllers, and other types of IoT devices that don't support antivirus or endpoint detection. This makes detection through traditional means difficult.
- Customized versions of the backdoor that use file names and creation dates that are similar to legitimate files used on a specific infected device.
- A live-off-the-land approach that favors common Windows programming interfaces and tools over custom code with the goal of leaving as light a footprint as possible.
- An unusual way a second-stage backdoor connects to attacker-controlled infrastructure by, in essence, acting as a TLS-encrypted server that proxies data through the SOCKS protocol.

The SOCKS tunnel allowed the hackers to effectively connect their control servers to a victim's network where they could then execute tools without leaving traces on any of the victims' computers. A secondary backdoor provided an alternate means of access to infected networks. It was based on a version of the legitimate reGeorg webshell that had been heavily obfuscated to make detection harder. The threat actor used it in the event the primary backdoor stopped working. [...] One of the ways the hackers maintain a low profile is by favoring standard Windows protocols over malware to move laterally. To move to systems of interest, UNC3524 used a customized version of WMIEXEC, a tool that uses Windows Management Instrumentation to establish a shell on the remote system. Eventually, Quietexit executes its final objective: accessing email accounts of executives and IT personnel in hopes of obtaining documents related to things like corporate development, mergers and acquisitions, and large financial transactions.
"Unpacking this threat group is difficult," says Ars' Dan Goodin. "From outward appearances, their focus on corporate transactions suggests a financial interest. But UNC3524's high-caliber tradecraft, proficiency with sophisticated IoT botnets, and ability to remain undetected for so long suggests something more."
Windows

PCWorld: Six Months Since Release, Windows 11 Still 'Unnecessary' (youtube.com) 138

UnknowingFool writes: In October 2021, PC World reviewed Windows 11 and labeled it as an "unnecessary replacement" to Windows 10 and did not recommend it for Windows 10 users. PC World noted that it was a "mixed bag of improved features and unnecessary changes." Six months later they reviewed it again. While MS has made improvements, PC World does not feel the improvements warrant a recommendation for Windows 10 users to upgrade.
Ubuntu

This Week Saw New Releases of 'Ubuntu Unity' and 'Ubuntu Cinnamon' (theregister.com) 74

The Register noted this week that two "unofficial" Ubuntu remixes "came out on the same day as the official flavors."

- Ubuntu Cinnamon (Linux Mint's flagship desktop environment)

- Ubuntu Unity, a revival of what used to be the official Ubuntu desktop by Ubuntu team member Rudra B. Saraswat (described the Register as "a 12-year-old wunderkind") Ubuntu Cinnamon is the older of the two and first appeared in 2019, while Ubuntu Unity came out in May 2020, soon after the release of Ubuntu 20.04.

Ubuntu Unity....has the macOS-like desktop that was Ubuntu's standard offering from 2011 until the company pensioned it off in 2017.... Ubuntu Unity is as free as Ubuntu itself, and the new remix continues to evolve. In 22.04, most of the GNOME-based accessory apps have been replaced with the MATE equivalents, such as the Pluma text editor and Atril document viewer. (A handful remain, such as the GNOME system monitor rather than the MATE one, but the differences are trivial.) The System Settings app is the original Unity one, and the Unity Tweaks app comes pre-installed.... The new "Jammy Jellyfish" version of Ubuntu Unity also adds support for Flatpak packages alongside Ubuntu's native Snap packages. To do this, it replaces Ubuntu's Software Store with version 41.5 of GNOME Software. Interestingly, this also supports Snap packages, so sometimes, when you search for a package, you might get multiple results: one for the OS-native DEB package, possibly one for a Flatpak, and maybe a Snap version too....

[I]f you dislike both the Unity and GNOME desktops and want something more Windows-like, but you don't mind GNOME's CSD windows, then Joshua Peisach's Ubuntu Cinnamon remix may appeal. Cinnamon is the default desktop of both Ubuntu-based Linux Mint and its Debian variant. Ubuntu Cinnamon combines the latest upstream version of Mint's Cinnamon desktop, 5.2.7, with the standard app selection of upstream Ubuntu. This means most of its apps lack menu bars, except for the Nemo file manager and LibreOffice. For these classic-style apps, the Ubuntu Cinnamon distro has tweaked the GNOME title-bar layout to be more Windows-like: minimize/maximize/close buttons at top right, and a window-management menu at top left....

Cinnamon's roots as a fork of GNOME 3 do offer a significant potential feature that MATE, Xfce and indeed Unity cannot do: fractional scaling. This is clearly labelled as an experimental feature, and in testing, we couldn't get it to work, so for now, this remains a theoretical advantage.... These caveats aside, though, Ubuntu Cinnamon is maturing nicely in the new version. While Ubuntu and Ubuntu Unity are now purple-toned, Ubuntu Cinnamon has switched to a restrained theme in shades of dark orange and brown, which reminded us of the tasteful earth-toned Ubuntu of the old GNOME 2 days...

Both these desktops are X.11-based, so there's not a trace of Wayland in either distro. Both also benefit from having working 3D acceleration.

Both remixes "are aiming for inclusion as official Ubuntu flavors," the article points out.

But then again, "There are dozens of Ubuntu remixes and flavors out there. The official Ubuntu Derivatives page links to 30, and DistroWatch has more than five times as many, including many which are no longer maintained."
Chrome

Chrome's Latest Update: 30 Security Fixes and Bug Details Kept 'Restricted' (hothardware.com) 28

Hot Hardware warns that on Tuesday, the Stable Channel for Chrome's desktop edition "had an update on April 26, 2022. That update includes 30 security fixes, some of them so bad that Google is urging all users to update immediately." The release notes for Google's Chrome v101.0.4951.41 for Windows, Mac, and Linux has a long list of bug fixes; you can view it here. However, there's also a key statement in that page.

"Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed...."

Effectively the the non-developer translation of the quote above is that something so significant was found, the details are being kept hidden.

Slashdot Top Deals