The threat intelligence team for Microsoft's 365 Defender security suite recently focused on an example of "modern mining malware infrastructure," describing how "Anything that can gain access to machines — even so-called commodity malware — can bring in more dangerous threats."

Specifically, it offered a case study of LemonDuck. The blog post's title? "When coin miners evolve..." Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials, removes security controls, spreads via emails, moves laterally, and ultimately drops more tools for human-operated activity.

LemonDuck's threat to enterprises is also in the fact that it's a cross-platform threat. It's one of a few documented bot malware families that targets Linux systems as well as Windows devices. It uses a wide range of spreading mechanisms — phishing emails, exploits, USB devices, brute force, among others — and it has shown that it can quickly take advantage of news, events, or the release of new exploits to run effective campaigns... Notably, LemonDuck removes other attackers from a compromised device by getting rid of competing malware and preventing any new infections by patching the same vulnerabilities it used to gain access... LemonDuck spreads in a variety of ways, but the two main methods are (1) compromises that are either edge-initiated or facilitated by bot implants moving laterally within an organization, or (2) bot-initiated email campaigns.

LemonDuck acts as a loader for many other follow-on activities, but one if its main functions is to spread by compromising other systems. Since its first appearance, the LemonDuck operators have leveraged scans against both Windows and Linux devices for open or weakly authenticated SMB, Exchange, SQL, Hadoop, REDIS, RDP, or other edge devices that might be vulnerable to password spray or application vulnerabilities... Other common methods of infection include movement within the compromised environment, as well as through USB and connected drives. These processes are often kicked off automatically and have occurred consistently throughout the entirety of LemonDuck's operation.

Qualys has discovered a new systemd security bug that enables any unprivileged user to cause a denial of service via a kernel panic. Slashdot reader inode_buddha shares the news via ZDNet's Steven J. Vaughan-Nichols: As Bharat Jogi, Qualys's senior manager of Vulnerabilities and Signatures, wrote, "Given the breadth of the attack surface for this vulnerability, Qualys recommends users apply patches for this vulnerability immediately." You can say that again. Systemd is used in almost all modern Linux distributions. This particular security hole arrived in the systemd code in April 2015.

It works by enabling attackers to misuse the alloca() function in a way that would result in memory corruption. This, in turn, allows a hacker to crash systemd and hence the entire operating system. Practically speaking, this can be done by a local attacker mounting a filesystem on a very long path. This causes too much memory space to be used in the systemd stack, which results in a system crash. That's the bad news. The good news is that Red Hat Product Security and systemd's developers have immediately patched the hole.

An anonymous reader quotes a report from ZDNet, written by Steven J. Vaughan-Nichols: Microsoft now has its very own, honest-to-goodness general-purpose Linux distribution: Common Base Linux, (CBL)-Mariner. And, just like any Linux distro, you can download it and run it yourself. Microsoft didn't make a big fuss about releasing CBL-Mariner. It quietly released the code on GitHub and anyone can use it. Indeed, Juan Manuel Rey, a Microsoft Senior Program Manager for Azure VMware, recently published a guide on how to build an ISO CBL-Mariner image. Before this, if you were a Linux expert, with a spot of work you could run it, but now, thanks to Rey, anyone with a bit of Linux skill can do it.

CBL-Mariner is not a Linux desktop. Like Azure Sphere, Microsoft's first specialized Linux distro, which is used for securing edge computing services, it's a server-side Linux. This Microsoft-branded Linux is an internal Linux distribution. It's meant for Microsoft's cloud infrastructure and edge products and services. Its main job is to provide a consistent Linux platform for these devices and services. Just like Fedora is to Red Hat, it keeps Microsoft on Linux's cutting edge. CBL-Mariner is built around the idea that you only need a small common core set of packages to address the needs of cloud and edge services. If you need more, CBL-Mariner also makes it easy to layer on additional packages on top of its common core. Once that's done, its simple build system easily enables you to create RPM packages from SPEC and source files. Or, you can also use it to create ISOs or Virtual hard disk (VHD) images.

As you'd expect the basic CBL-Mariner is a very lightweight Linux. You can use it as a container or a container host. With its limited size also comes a minimal attack surface. This also makes it easy to deploy security patches to it via RPM. Its designers make a particular point of delivering the latest security patches and fixes to its users. For more about its security features see CBL-Mariner's GitHub security features list. Like any other Linux distro, CBL-Mariner is built on the shoulders of giants. Microsoft credits VMware's Photon OS Project, a secure Linux, The Fedora Project, Linux from Scratch -- a guide to building Linux from source, the OpenMamba distro, and, yes, even GNU and the Free Software Foundation (FSF). To try it for yourself, you'll build it on Ubuntu 18.04. Frankly, I'd be surprised if you couldn't build it on any Ubuntu Linux distro from 18.04 on up. I did it on my Ubuntu 20.04.2 desktop. You'll also need the latest version of the Go language and Docker.

"The Rust for Linux project, sponsored by Google, has advanced..." reported the Register earlier this week: A new set of patches submitted to the Linux kernel mailing list summarizes the progress of the project to enable Rust to be used alongside C for implementing the Linux kernel. The progress is significant.

- ARM and RISC-V architectures are now supported, thanks to work on rustc_codgen_gcc, which is a GCC codegen for rustc. This means that rustc does the initial compilation of Rust code but GCC (the GNU Compiler Collection) does the backend compilation, enabling support for the architectures that GCC supports...

- Overall, "the Rust support is still to be considered experimental. However, as noted back in April, support is good enough that kernel developers can start working on the Rust abstractions for subsystems and write drivers and other modules," continued project leader Miguel Ojeda, a computer scientist at CERN in Geneva, Switzerland, now working full time on Rust for Linux...

There is substantial support for the project across the industry. Google said in April "we feel that Rust is now ready to join C as a practical language for implementing the kernel" and that it would reduce the number of potential bugs and security vulnerabilities. Google is sponsoring Ojeda to work full time on the project for a year, via the ISRG (Internet Security Research Group), which said last month that it is part of "efforts to move the internet's critical software infrastructure to memory safe code," under the project name Prossimo. The ISRG is also the nonprofit organisation behind Let's Encrypt free security certificates. Ojeda also mentioned that Microsoft's Linux Systems Group is contributing and hopes to submit "select Hyper-V drivers written in Rust." Arm is promising assistance with Rust for Linux on ARM-based systems. IBM has contributed Rust kernel support for its PowerPC processor.

More detail is promised at the forthcoming Linux Plumber's Conference in September. In the meantime, the project is on GitHub here.
"In addition, we would like to announce that we are organizing a new conference that focuses on Rust and the Linux kernel..." Ojeda posted. "Details will be announced soon." And for context, the Register adds: Linus Torvalds has said on several occasions that he welcomes the possibility of using Rust alongside C for kernel development, and told IT Wire in April that it is "getting to the point where maybe it might be mergeable for 5.14 or something like that."

"Linus Torvalds has just released the Linux 5.13 kernel as stable," reports Phoronix: Linux 5.13 brings initial but still early support for the Apple M1 with basic support but not yet accelerated graphics and a lot more to iron out moving ahead. There are also new Linux 5.13 security features like the Landlock security module, Clang control flow integrity support, and optionally randomizing the kernel stack offset at each system call. There is also AMD fun this cycle around FreeSync HDMI support, initial Aldebaran bring-up, and more. Intel has more work on Alder Lake, a new cooling driver, and more discrete graphics bring-up. There are also other changes for Linux 5.13 around faster IO_uring, a generic USB display driver, and other new hardware enablement.
"5.13 overall is actually fairly large," Linus Torvalds posted on the Linux Kernel Mailing List, calling it "one of the bigger 5.x releases, with over 16,000 commits (over 17k if you count merges), from over 2,000 developers. But it's a "big all over" kind of thing, not something particular that stands out as particularly unusual..."

"When Red Hat killed off CentOS Linux in a highly controversial December 2020 announcement, Gregory Kurtzer immediately announced his intention to recreate CentOS with a new distribution named after his deceased mentor," Ars Technica reported in February.

And this week, "The Rocky Enterprise Software Foundation has announced general availability (GA) of Rocky Linux 8.4," reports ZDNet. "It's an important milestone because it's the first Rocky Linux general availability release ever." Huge companies, including Disney, GoDaddy, Rackspace, Toyota and Verizon, relied on CentOS, and they were reportedly not happy about RedHat's decision... It turns out that Kurtzer's decision has been a popular one. Besides quickly building up an army of hundreds of contributors for the project, Rocky Linux 8.4 - which follows the May 18 release of Red Hat's RHEL 8.4 - was downloaded at least 10,000 times within half a day of its release... "If we extrapolate the count to include our other mirrors we are probably at least 3-4x that (if not even way more)!" boasts Kurtzer in a LinkedIn post. "Lots of reports coming in of people and organizations already replacing their CentOS systems (and even other Linux distributions) with Rocky. The media is flying off the hook and business analysts also validating to me personally that Rocky Linux might soon be the most utilized Linux operating system used in enterprise and cloud!"

Rocky Linux 8.4 took seven months for the newly formed community to release, and is available for x86_64 and ARM64 (aarch64) architecture hardware in various ISOs.
"Sufficient testing has been performed such that we have confidence in its stability for production systems," explains a blog post at RockyLinux.org, adding that free community support is available through the forums as well as live chat avaiable through IRC and Rocky Linux Mattermost. "Paid commercial support is currently available through CIQ..."

"Corporations come and go, their interests as transient as they are self-serving. But a community persists, and that's who we dedicate Rocky Linux to: you." Rocky is more than the next free and open, community enterprise operating system. It's a community. A commitment to an ideal bigger than the sum of its parts, and a promise that our principles — embedded even within our repositories and ISOs — are immutable...

This is just the beginning, and the Rocky Enterprise Software Foundation is more than just Rocky Linux — it's a home for those that believe that open source isn't just a switch that can be toggled at will, and that projects that many rely on not be subject to the whims of a few. To this point, you can easily find all of our sources, our build infrastructure, Git repositories, and everything else anyone would need to fork our work and ensure that it continues if need be...

When we announced our release candidate, we asked you to come build the next free, open, community enterprise operating system with us. Now we're asking you for more: join us as we build our community.
They also thanked 11 sponsors and partners for contributing "resources, financial backing, software, and infrastructure."

mrflash818 writes: The Internet Security Research Group (ISRG) -- parent organization of the better-known Let's Encrypt project -- has provided prominent developer Miguel Ojeda with a one-year contract to work on Rust in Linux and other security efforts on a full-time basis. Rust is a low-level programming language offering most of the flexibility and performance of C -- the language used for kernels in Unix and Unix-like operating systems since the 1970s -- in a safer way. Efforts to make Rust a viable language for Linux kernel development began at the 2020 Linux Plumbers conference, with acceptance for the idea coming from Linus Torvalds himself. Torvalds specifically requested Rust compiler availability in the default kernel build environment to support such efforts -- not to replace the entire source code of the Linux kernel with Rust-developed equivalents, but to make it possible for new development to work properly. Using Rust for new code in the kernel -- which might mean new hardware drivers or even replacement of GNU Coreutils -- potentially decreases the number of bugs lurking in the kernel. Rust simply won't allow a developer to leak memory or create the potential for buffer overflows -- significant sources of performance and security issues in complex C-language code.

"Everything from Visual Studio Code to Microsoft Edge and Teams package links were affected," reports Windows Central. They note Azure's status page (which now shows the issue lasting for more than 22 hours), though however long it lasted, "it's a virtual eternity for those whose entire ecosystem is crippled by such an outage."

According to Ars Technica, starting on Wednesday, "packages.microsoft.com — the repository from which Microsoft serves software installers for Linux distributions including CentOS, Debian, Fedora, OpenSUSE, and more — went down hard..." The outage impacted users trying to install .NET Core, Microsoft Teams, Microsoft SQL Server for Linux (yes, that's a thing) and more — as well as Azure's own devops pipelines.

We first became aware of the problem Wednesday evening when we saw 404 errors in the output of apt update on an Ubuntu workstation with Microsoft Teams installed. The outage is somewhat better-documented at this .NET Core issue report on Github, with many users from all around the world sharing their experiences and theories...

The entire repository cluster that serves all Linux packages for Microsoft was completely down — issuing a range of HTTP 404 (content not found) and 500 (Internal Server Error) messages for any URL — for roughly 18 hours. Microsoft engineer Rahul Bhandari confirmed the outage roughly five hours after it was initially reported, with a cryptic comment about the infrastructure team "running into some space issues."

Eighteen hours after the issue was detailed, Bhandari said that the mirrors were once again available — although with temporarily degraded performance, likely due to cold caches.

"Google said Thursday it's funding a project to increase Linux security by writing parts of the operating system's core in the Rust programming language, a modernization effort that could bolster the security of the internet and smartphones," reports CNET: If the project succeeds, it'll be possible to add new elements written in Rust into the heart of Linux, called the kernel. Such a change would mark a major technological and cultural shift for an open-source software project that's become foundational to Google's Android and Chrome operating systems as well as vast swaths of the internet. Miguel Ojeda, who's written software used by the Large Hadron Collider particle accelerator and worked on programming language security, is being contracted to write software in Rust for the Linux kernel. Google is paying for the contract, which is being extended through the Internet Security Research Group, a nonprofit that's also made it easier to secure website communications through the Let's Encrypt effort.

Adding Rust modules to the Linux kernel would improve security by closing some avenues for hackers can use to attack phones, computers or servers. Since it was launched in 1991, Linux has been written solely in the powerful but old C programming language. The language was developed in 1972 and is more vulnerable to hacks than contemporary programming languages...

Google credits the Linux community programmers who began the Rust for Linux project. "The community had already done and continues to do great work toward adding Rust support to the Linux kernel build system," Google said in a blog post...

[Rust] has been the most loved programming language for five years running in Stack Overflow's annual developer survey. "Rust represents the best alternative to C and C++ currently available," Microsoft's security team concluded in 2019. The team said Rust would have prevented memory problems at fault in 70% of its significant security issues. And because Rust's checks happen while software is being built, the safety doesn't come at the expense of performance when the software is running.

The goal of the Linux on Rust project isn't to replace all of Linux's C code but rather to improve selective and new parts.

The nonprofit Linux Foundation "asked the open source community: How has Linux impacted your life? Needless to say, responses poured in from across the globe sharing memories, sentiments and important moments that changed your lives forever."

Their web site now features a selection of stories from America, Canada, Brazil, Chile, Costa Rica, Ireland, Germany, France, Italy, Sweden, the Netherlands, Nigeria, South Africa, India, Nepal, Sri Lanka, Kuwait, the Philippines, Bosnia & Herzegovina and China. And each story's author received a special honor... We are grateful you took the time to tell us your stories. We're thrilled to share 30 of the responses we received, randomly selected from all submissions.

As a thank you to these 30 folks for sharing their stories, and in celebration of the 30th Anniversary of Linux, 30 penguins were adopted from the Southern African Foundation for the Conservation of Coastal Birds in their honor, and each of our submitters got to name their adopted penguin.
One Kuwait-based developer had written "when I was able to use it instead of Windows, it made me happier because I didn't have to restart it every couple of days for instability."

And a story from Nepal says "Linux enabled me to become a software engineer. I would not have been able to afford Microsoft Windows... I had the opportunity to interact with various people from great communities and learn from their contributions. So I am very much thankful to Linus and each and every member of the free and open source community for helping me become a better programmer and a better person."

Google said Thursday it's funding a project to increase Linux security by writing parts of the operating system's core in the Rust programming language, a modernization effort that could bolster the security of the internet and smartphones. From a report: If the project succeeds, it'll be possible to add new elements written in Rust into the heart of Linux, called the kernel. Such a change would mark a major technological and cultural shift for an open-source software project that's become foundational to Google's Android and Chrome operating systems as well as vast swaths of the internet.

Miguel Ojeda, who's written software used by the Large Hadron Collider particle accelerator and worked on programming language security, is being contracted to write software in Rust for the Linux kernel. Google is paying for the contract, which is being extended through the Internet Security Research Group, a nonprofit that's also made it easier to secure website communications through the Let's Encrypt effort. Adding Rust modules to the Linux kernel would improve security by closing some avenues for hackers can use to attack phones, computers or servers. Since it was launched in 1991, Linux has been written solely in the powerful but old C programming language. The language was developed in 1972 and is more vulnerable to hacks than contemporary programming languages.

Long-time Slashdot reader wildstoo writes: In a blog post on Thursday, GitHub security researcher Kevin Backhouse announced that Polkit, a Linux system service included in several modern Linux distros that provides an organized way for non-privileged processes to communicate with privileged ones, has been harbouring a major security bug for seven years.

The bug, assigned (CVE-2021-3560) allows a non-privileged user to gain administrative shell access with a handful of standard command line tools. The bug was fixed on June 3, 2021 in a coordinated disclosure.
"It's used by systemd," GitHub's blog post points out, "so any Linux distribution that uses systemd also uses polkit..."

"It's very simple and quick to exploit, so it's important that you update your Linux installations as soon as possible. Any system that has polkit version 0.113 (or later) installed is vulnerable. That includes popular distributions such as RHEL 8 and Ubuntu 20.04."

An anonymous reader quotes a report from ZDNet: The Linux Foundation Public Health (LFPN) is getting the Global COVID Certificate Network (GCCN) ready for deployment. The GCCN [...] really is a coronavirus vaccine passport. It will do this by establishing a global trust registry network. This will enable interoperable and trustworthy exchanges of COVID certificates among countries for safe reopening and provide related technology and guidance for implementation. It's being built by the Linux Foundation Public Health and its allies, Affinidi, AOKPass, Blockchain Labs, Evernym, IBM, Indicio.Tech, LACChain, Lumedic, Proof Market, and ThoughtWorks. These companies have already implemented COVID certificate or pass systems for governments and industries. Together they will define and implement GCCN. This, it's hoped, will be the model for a true international vaccine registry.

Once completed, the GCCN's trust registry network will enable each country to publish a list of the authorized issuers of COVID certificates that can be digitally verified by authorities in other countries. This will bridge the gap between technical specifications (e.g. W3C Verifiable Credentials or SMART Health Card) and a complete trust architecture required for safe reopening. This is vital because as Brian Behlendorf, the Linux Foundation's General Manager for Blockchain, Healthcare, and Identity explained, "The first wave of apps for proving one's COVID status did not allow that proof to be shown beyond a single state or nation, did not avoid vendor lock-in and did not distinguish between rich health data and simple passes. The Blueprint gives this industry a way to solve those issues while meeting a high bar for privacy and integrity, and GCCN turns those plans into action."

Once in place, the GCCN will support Global COVID Certificates (GCC). These certificates will have three use cases: Vaccination, recovery from infection, and test results. They will be available in both paper and digital formats. Participating governments and industry alliances will decide what COVID certificates they issue and accept. The GCC schema definitions and minimal datasets will follow the recommendations of the Blueprint, as well as GCCN's technical and governance documents, implementation guide, and open-source reference implementations, which will be developed in collaboration with supporting organizations and the broader LFPH community. Besides setting the specs and designs, the GCCN community will also offer peer-based implementation and governance guidance to governments and industries to help them implement COVID certificate systems. This will include how to build national and state trust registries and infrastructure. They'll also provide guidance on how to leverage GCC into their existing coronavirus vaccine systems.

AmiMoJo shares a report from Phoronix: The Linux x86/x86_64 kernel code already had logic in place for reserving portions of the first 1MB of RAM to avoid the BIOS or kernel potentially clobbering that space among other reasons while now Linux 5.13 is doing away with that 'wankery' and will just unconditionally always reserve the first 1MB of RAM. The Linux kernel was already catering to Intel Sandy Bridge graphics accessing memory below the 1MB mark, the first 64K of memory are known to be corrupted by some BIOSes, and similar problems coming up in that low area of memory. But rather than dealing with all that logic and other possible niche cases besides the EGA/VGA frame-buffer and BIOS, the kernel is playing it safe and just always reserving the first 1MB of RAM so it will not get clobbered by the kernel.

KDE Plasma 5.22 is now available, bringing "hugely improved" Wayland support, better performance for gaming, adaptive panel transparency for the panel and widgets, and more. Phoronix reports: There is now support for variable rate refresh (VRR) / Adaptive-Sync on Wayland, vertical/horizontal maximization now working with KWin Wayland, global menu applet support under Wayland, support for activities, and a lot of other general improvements and fixes so the overall Wayland support is much more polished and nearly at par to the X.Org Server support.

The performance for gaming with KDE Plasma on Wayland should also be better with now having direct scan-out support for full-screen windows. Rounding out the graphics fun with this release is also GPU hot-plugging support on Wayland for KWin, such as if using an external GPU or USB display adapter. KDE Plasma 5.22 also delivers on adaptive panel transparency for the panel and widgets, desktop notification improvements, Plasma System Monitor has replaced KSysGuard as the default system monitoring application, and a variety of other improvements. You can view the full changelog for Plasma 5.22 here.

"You can now use GUI app support on Windows Subsystem for Linux (WSL)," Microsoft announced this week, "so that all the tools and workflows of Linux run on your developer machine." Bleeping Computer has already tested it running Gnome's file manager Nautilus, the open-source application monitor/task manager Stacer, the backup software Timeshift, and even the game Hedgewars.

Though it's currently available only to the millions who've registered for Windows 10 "Insider Preview" builds, it's already drawing positive reviews. "With the Windows Subsystem for Linux, developers no longer need to dual-boot a Windows and Linux system," argues the Windows Central site, "as you can now install all the Linux stuff a developer would need right on top of Windows instead."

Finally formally announced at this week's annual Microsoft Build conference, the new functionality runs graphical Linux apps "seamlessly," according to Tech Radar, calling the feature "highly anticipated." Arguably, one of the biggest, and surely the most exciting update to the Windows 10 WSL, Microsoft has been working on WSLg for quite a while and in fact first demoed it at last year's conference, before releasing the preview in April... Microsoft recommends running WSLg after enabling support for virtual GPU (vGPU) for WSL, in order to take advantage of 3D acceleration within the Linux apps.... WSLg also supports audio and microphone devices, which means the graphical Linux apps will also be able to record and play audio.

Keeping in line with its developer slant, Microsoft also announced that since WSLg can now help Linux apps leverage the graphics hardware on the Windows machine, the subsystem can be used to efficiently run Linux AI and ML workloads... If WSLg developers are to be believed, the update is expected to be generally available alongside the upcoming release of Windows.
Bleeping Computer explains that WSLg launches a "companion system distro" with Wayland, X, and Pulse Audio servers, calling its bundling with Windows 10 "an exciting development as it blurs the lines between Linux and Windows 10, and fans get the benefits of both worlds."

"To help realize the possibility of carbon-free applications, Microsoft, the consultancies Accenture and ThoughtWorks, the Linux Foundation, and Microsoft-owned code-sharing site, GitHub, have launched The Green Software Foundation," reports ZDNet: Announced at Microsoft's Build 2021 developer conference, the foundation is trying to promote the idea of green software engineering - a new field that looks to make code more efficient and reduce carbon emitted from the hardware it's running on... The foundation wants to set standards, best practices and patterns for building green software; nurture the creation of trusted open-source and open-data projects and support academic research; and grow an international community of green software ambassadors. The goal is to help the Information and Communication Technology sector to reduce its greenhouse gas emissions by 45% before 2030.

That includes mobile network operators, ISPs, data centers, and all the laptops being snapped up during the pandemic. "We envision a future where carbon-free software is standard - where software development, deployment, and use contribute to the global climate solution without every developer having to be an expert," Erica Brescia, COO of GitHub said in a statement. Microsoft president Brad Smith said "the world confronts an urgent carbon problem."

"It will take all of us working together to create innovative solutions to drastically reduce emissions. Microsoft is joining with organizations who are serious about an environmentally sustainable future to drive adoption of green software development to help our customers and partners around the world reduce their carbon footprint."
VentureBeat also points out that Microsoft "recently launched a $1 billion Climate Innovation Fund to accelerate the global development of carbon reduction, capture, and removal technologies."

But Bloomberg explores the rationale behind the new foundation: Data centers now account for about 1% of global electricity demand, and that's forecast to rise to 3% to 8% in the next decade, the companies said in a statement Tuesday, timed to Microsoft's Build developers conference... While it's tough to determine exactly how much carbon is emitted by individual software programs, groups like the Green Software Foundation examine metrics such as how much electricity is needed, whether microprocessors are being used efficiently, and the carbon emitted in networking. The foundation plans to look at curricula and developing certifications that would give engineers expertise in this space. As with areas like data science and cybersecurity, there will be an opportunity for engineers to specialize in green software development, but everyone who builds software will need at least some background in it, said Jeff Sandquist, a Microsoft vice president for developer relations.

"This will be the responsibility of everybody on the development team, much like when we look at security, or performance or reliability," he said. "Building the application in a sustainable way is going to matter."

Microsoft is making the promised support for Linux graphical user interface (GUI) apps on Windows 10 available to customers as of the next Windows 10 release, officials said on May 25. Microsoft officials made the announcement on Day 1 of its virtual Build 2021 developers conference. From a report: During his Day 1 keynote, CEO Satya Nadella basically acknowledged there will be another event "soon" about the next Windows. He said: ""And soon we will share one of the most significant updates of Windows of the past decade." He said he has been self-hosting it over the past several months and called it "the next generation of Windows."

Microsoft released a preview of Linux GUI apps on the Windows Subsystem for Linux (WSL) in April, 2021. This capability is meant to allow developers to run their preferred Linux tools, utilities and apps directly on Windows 10. With GUI app support, users can now run GUI apps for testing, development and daily use without having to set up a virtual machine.

An anonymous reader shares a report: One month ago the University of Minnesota was banned from contributing to the Linux kernel when it was revealed the university researchers were trying to intentionally submit bugs into the kernel via new patches as "hypocrite commits" as part of a questionable research paper. Linux kernel developers have finally finished reviewing all UMN.edu patches to address problematic merges to the kernel and also cleaning up / fixing their questionable patches. Sent in on Thursday by Greg Kroah-Hartman was char/misc fixes for 5.13-rc3. While char/misc fixes at this mid-stage of the kernel cycle tend to not be too exciting, this pull request has the changes for addressing the patches from University of Minnesota researchers. [...] Going by the umn.edu Git activity that puts 37 patches as having been reverted with this pull request. The reverts span from ALSA to the media subsystem, networking, and other areas. That is 37 reverts out of 150+ patches from umn.edu developers over the years.

An anonymous reader quotes a report from ZDNet: Swedish private equity firm EQT had high hopes for its SUSE IPO on the Frankfurt Stock Exchange, and set the European Linux and cloud power's IPO price at 30 euros per share. Alas, SUSE's shares opened at 29.50 euros per share. By the close of business on May 20th, the stock crept up to 30.39 euros. This gave it a market cap of around 5 billion euros (approximately $6.1 billion). This is nothing to sneeze at, but it wasn't what EQT hoped for either. Before the IPO, EQT had sought an IPO price as high as 34 euros per share. Still, this was no failure. SUSE and its backers sold 37.8 million shares in the IPO, for 1.1 billion euros. EQT is still keeping a stake. SUSE itself continues to do well with reported revenue of $503 million for the 2020 financial year.