Free, Libre, and Open Source Software and Standards

posted by Roy Schestowitz on Sep 29, 2025

• Linuxiac ☛ Kitty Terminal 0.43 Brings Session Management

  Kitty, one of the best GPU-accelerated and highly efficient cross-platform terminal emulators, has just unveiled its latest update—version 0.43. The highlight this time is native support for sessions, letting users easily create and switch between different setups or projects without extra workarounds.

  Additionally, Kitty introduces a brand-new protocol for multiple cursors within the terminal. That means applications can directly take advantage of multi-cursor editing workflows.

• Events

  • Bootlin ☛ Bootlin engineer Louis Chauvet talks at XDC 2025 in Vienna

    The X.Org Developer’s Conference (XDC) is the key annual event for developers shaping the future of Open Graphics technologies, including the GNU/Linux kernel, Mesa, DRM, Wayland, and X11.

• Web Browsers/Web Servers

  • Vermaden ☛ RSS on FreeBSD

    Initially I followed only several sites over RSS – but more has come over time – and as I get closer to 40 of additional sources – I thought that I could share how to keep track of RSS sources on FreeBSD.

  • Mozilla

    • The New Stack ☛ Tor: The Easiest Way to Securely Browse the Web on Linux

      Part of the reason this has become so rampant today is browser insecurity. Most modern web browsers might make life a bit easier for you (especially with the advent of agentic options), but in the process, they also make things less secure. There are just a few browsers out there that can strike a perfect balance between user-friendliness and security. For example, you could use Brave, which does a fairly good job of handling both of these aspects. Even then, however, you could find yourself vulnerable to either privacy or security issues.

      Beyond that, most other browsers are not nearly as secure.

• Productivity Software/LibreOffice/Calligra

  • Document Foundation ☛ LibreOffice turns 15: a celebration of freedom, collaboration and open technologies and standards

    Fifteen years ago, we announced our ambitious plan to provide the world with a fully free and open office suite created by and for the community. Today, we are celebrating 15 years of LibreOffice — a milestone not only for the software itself, but also for the global movement that it represents.

• Standards/Consortia

  • APNIC ☛ Edge cases in DNSSEC validation with multiple algorithms

    As part of SIDN Labs’ research into post-quantum cryptography (PQC) for Domain Name System Security Extensions (DNSSEC), we are investigating PQC algorithms as drop-in replacements for classical algorithms. To facilitate secure replacement, we could consider a transition period where both PQC and classical algorithms are used simultaneously. We are therefore interested to know how resolvers would deal with the validation of Domain Name System (DNS) records in that scenario.

    In this blog, we discuss our efforts to analyse the feasibility and impact of such a transition period by investigating edge cases in DNSSEC validation with multiple algorithms.

    In order to analyse the feasibility and impact of a transition period in which PQC and classical algorithms are used simultaneously, we compare what should theoretically happen according to the RFCs with what actually happens in practice. We first briefly talk about DNSSEC, and then discuss how DNSSEC signatures are validated in various cases, and what the impact of new algorithms could be.

  • University of Toronto ☛ Syndication feed fetchers, HTTP redirects, and conditional GET

    The specification compliant answer is that every final (non-redirected) URL must have its ETag and Last-Modified values tracked separately. If you make a conditional GET for URL A because you know its ETag or Last-Modified (or both) and you get a temporary HTTP redirection to another URL B that you don't have an ETag or Last-Modified for, you can't make a conditional GET. This means you have to insure that If-None-Match and especially If-Modified-Since aren't copied from the original HTTP request to the newly re-issued redirect target request. And when you make another request for URL A later, you can't send a conditional GET using ETag or Last-Modified values you got from successfully fetching URL B; you either have to use the last values observed for URL A or make an unconditional GET. In other words, saved ETag and Last-Modified values should be per-URL properties, not per-feed properties.

    (Unfortunately this may not fit well with feed reader code structures, data storage, or uses of low-level HTTP request libraries that hide things like HTTP redirects from you.)

  • Andreas ☛ Why some systems may break in 2038

    This is known as the Year 2038 problem (Y2K38). Unlike Y2K, which was about date formatting, it’s a fundamental binary overflow issue.

    The problem is largely solved on modern 64-bit platforms, where time_t is already 64-bit1. But many embedded devices such as routers, controllers, security cameras, sensors, and IoT devices, often go unpatched and may remain in use for decades, making them vulnerable in 2038.