today's leftovers

posted by Roy Schestowitz on Jun 25, 2025

Distributions and Operating Systems

• How new tools can fix legacy Linux systems that threaten critical infrastructure

  Most enterprises run on Linux. Many of these systems are aging, unsupported, and increasingly vulnerable to security threats. While new applications get deployed to the cloud with modern security practices, critical legacy Linux installations supporting everything from financial services to transportation networks remain frozen in time.

  The uncomfortable truth: these systems are accumulating vulnerabilities faster than organizations can address them.

• SUSE/OpenSUSE

  • OpenSUSE ☛ SUSE Refines, Releases Open-Source LLM to Fuel Community Collaboration

    The release is built on the excellent Qwen3-4B base model and uses a LoRA adapter (Low-Rank Adaptation) to detect legally relevant text like license declarations in code and documentation. The model stems from openSUSE’s compliance tool Cavil, which provides transparent and collaborative open-source legal tooling.

• Canonical/Ubuntu Family

  • FUDZilla ☛ Canonical and Intel scrap GPU mitigations

    Ubuntu 25.10 to ditch Intel graphics security trade-offs for OpenCL and Level Zero

    Troubled Chipzilla's long-suffering GPU compute stack is getting a breather, as it and Ubuntu’s Canonical have decided to chuck out security mitigations that were kneecapping performance by up to 20 per cent.

  • Ubuntu & Intel: When security becomes a brake pad – GPU mitigations on the brink of extinction

    What happened? Canonical, the guardians of the Ubuntu gospel, and Intel, the veterans of x86 realpolitik, are removing the Spectre mitigations for integrated Intel GPUs from the compute runtime with the upcoming Ubuntu 25.10. The performance gains: up to 20 %. The security gains beforehand: tend to be academic. Because despite all the theoretical attack vectors, no real exploit has yet been seen in the GPU area – and even that would have long been covered at kernel level anyway. “Spectre? Yes, that used to be important. Five years ago. Maybe. Today it’s like a bicycle helmet in a tank: soothes the conscience, but costs fuel.” The fact that the GPU mitigations were classified as “no longer security-relevant enough” is not just a technical detail. It is an official all-clear – and at the same time a silent capitulation to the realization that overengineering is sometimes more expensive than the risk itself.

  • Entrapment (Microsoft GitHub)

    • Setting up an Ubuntu Desktop installation for SSH, quickly

      I've enjoyed using Ubuntu Server's GitHub SSH pubkey importer for a long time, it's a quick and easy way when doing an interactive server installation to get the built-in OpenSSH server configured for remote SSH access.

      However, many computers I work on have Ubuntu Desktop installed instead, and it doesn't even include OpenSSH Server in the default packages!

      So I thought I'd write up a quick guide for how to set up SSH on Ubuntu Desktop pulling in my GitHub SSH public keys quickly, since I haven't found a similar guide elsewhere: [...]

• Free, Libre, and Open Source Software

  • Web

    • Mozilla

      • Finance

        • Alexia ☛ Everyone should copy Thunderbird

          Thunderbird got some really good improvements over the past couple of years; A full on redesign and I presume a refactor of some parts of the codebase have really brought thunderbird back to my attention and I've found myself actually using it, especially after I switched away from Proton Mail.

          But really the thing that I've really not been praising enough is Thunderbird's new approach to donation campaigns.