Discover the latest Shotcut 25.08 video editor update, featuring essential fixes and enhancements to improve your editing experience. Download now!
The post Shotcut 25.08 Video Editor Arrives with Key Fixes appeared first on Linux Today.
Discover how to effectively use extrepo in Debian to manage third-party repositories. Enhance your system's capabilities with our comprehensive guide.
The post How to Use extrepo in Debian to Manage Third-Party Repositories appeared first on Linux Today.
Discover the 15 best free and open source Linux serial terminals. Enhance your terminal experience with our comprehensive guide and expert recommendations.
The post 15 Best Free and Open Source Linux Serial Terminals appeared first on Linux Today.
Discover the 15 best free and open source CLI data hashing tools. Enhance your data security and integrity with these powerful utilities today.
The post 15 Best Free and Open Source CLI Data Hashing Tools appeared first on Linux Today.
Discover the new Debian Trixie-Based Grml 2025.08 release, celebrating Debian's 32nd birthday with enhanced features and performance improvements.
The post Debian Trixie-Based Grml 2025.08 Is Out to Celebrate Debian’s 32nd Birthday appeared first on Linux Today.
Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source software.
The post Buttercup: Open-source AI-driven system detects and patches vulnerabilities appeared first on Linux Today.
This malware will still foul you up; it just doesn't want anyone messing with your servers while it's using you.
The post DripDropper Linux malware cleans up after itself – how it works appeared first on Linux Today.
Fooyin 0.9 open-source music player is out with support for artwork downloads, synced lyrics, autoplaylists, and numerous bug fixes.
The post Fooyin 0.9 Music Player Arrives with Artwork Downloads, Synced Lyrics appeared first on Linux Today.
FreshRSS 1.27 self-hosted RSS feed aggregator adds stronger security, category search, custom favicons, and PHP 8.5 support.
The post FreshRSS 1.27 Feed Agregator Now Supports PHP 8.5+ appeared first on Linux Today.
For about a week now, AUR has been under a sustained distributed-denial-of-service attack that’s made the site difficult — but not impossible — to reach.
The post Arch’s AUR Battles DDoS Attacks and Persistent Malware All Summer (So Far) appeared first on Linux Today.
When Red Hat announced the abrupt end of traditional CentOS in late 2020, the Linux ecosystem was shaken to its core. Developers, sysadmins, and enterprises that relied on CentOS for years suddenly found themselves scrambling for answers. Out of that disruption, two projects, AlmaLinux and Rocky Linux, emerged to carry forward the legacy of CentOS while forging their own identities. This article dives into how these two distributions established themselves as reliable, enterprise-grade options for developers and organizations alike.
For over a decade, CentOS was the backbone of countless servers, from small web hosts to enterprise data centers. It provided a stable, free, and RHEL-compatible platform, perfect for developers and administrators building and maintaining critical infrastructure.
That stability came to an end when Red Hat pivoted CentOS to a rolling-release model, CentOS Stream. Instead of offering a downstream, binary-compatible version of RHEL, Stream became a preview of future RHEL updates. This move caused widespread frustration:
Organizations that built production environments around CentOS suddenly faced shortened support lifecycles.
Developers who depended on a “set-and-forget” environment now had to deal with the unpredictability of a rolling release.
Compliance-driven industries were left in limbo, as running on an unsupported OS could trigger security and regulatory risks.
This disruption created a vacuum, and the Linux community quickly stepped up to fill it.
Shortly after the CentOS announcement, CloudLinux, a company with deep experience in server environments, launched AlmaLinux. The first stable release landed in March 2021. True to its name, “alma” meaning “soul”, the project’s mission was clear: to embody the spirit of CentOS while maintaining community governance. The non-profit AlmaLinux OS Foundation now oversees the project, ensuring it remains free and open for everyone.
Rocky Linux: A Tribute and a PromiseAt almost the same time, Gregory Kurtzer, one of the original CentOS founders, unveiled Rocky Linux, named in honor of CentOS co-founder Rocky McGaugh. From the beginning, Rocky positioned itself as a 1:1 binary-compatible rebuild of RHEL, mirroring CentOS’s original mission. Its governance structure, managed by the Rocky Enterprise Software Foundation (RESF), ensures that the project remains rooted in community oversight rather than corporate ownership.
For over two decades, Eye of GNOME (often shortened to EOG) was the silent workhorse of the GNOME desktop environment. It wasn’t flashy, but it did exactly what most people expected: double-click a picture, and it opened instantly. Yet, with the arrival of GNOME 45 in late 2023, a new name appeared in the lineup of “core” apps: Loupe. From that moment forward, Loupe became the official default image viewer on GNOME desktops, displacing EOG.
This decision wasn’t made lightly. GNOME has been steadily refreshing its default applications in recent years, Gedit was replaced by GNOME Text Editor, and Cheese gave way to Snapshot. Loupe is the continuation of this modernization trend. Eye of GNOME is still available in repositories for those who want it, but the GNOME team has shifted its endorsement to Loupe as the better long-term solution.
Loupe isn’t just a reskin of EOG. It was built from scratch with today’s hardware, design standards, and security expectations in mind. At first glance, the interface looks minimal, but there’s more happening beneath the hood than many realize.
Rust-Powered Foundation – Unlike Eye of GNOME’s decades-old C codebase, Loupe is written in Rust. This choice immediately grants it memory safety, helping avoid whole categories of crashes and vulnerabilities. For an app that regularly opens untrusted files, this is an important safeguard.
GPU-Accelerated Image Handling – Instead of pushing all rendering to the CPU, Loupe leverages the GPU. Panning across a large image or zooming into a 50-megapixel photo feels fluid, even on high-resolution displays.
Touch-Friendly Navigation – GNOME has been preparing for a future that includes more touch devices. Loupe fits right in, supporting pinch-to-zoom, two-finger swipes to move between images, and smooth transitions that feel natural on both touchscreens and trackpads.
Streamlined Metadata View – Instead of burying photo information behind a separate dialog, Loupe integrates an optional sidebar. With a click, you can see dimensions, file size, EXIF data, and even location details without leaving the main view.
Security Through Sandboxing – Image decoding is handled in isolated processes using a new backend called Glycin. If a corrupt or malicious image tries to crash the decoder, it won’t take the entire viewer down with it.
For decades, the humble terminal has been one of the most unchanging parts of the Linux desktop. Text streams flow in monochrome grids, and while the underlying libraries have evolved, the experience has remained more or less the same. Ubuntu, however, is preparing to rewrite this narrative. The distribution is adopting Ptyxis, a fresh terminal emulator designed for modern computing, and one of its standout qualities is that it leans on the GPU for rendering rather than relying solely on the CPU.
This shift is more than cosmetic. It represents a rethink of how command-line tools should perform in an era of container-heavy development, high-DPI displays, and demanding workloads. Let’s unpack what makes Ptyxis a different breed of terminal, why Ubuntu is betting on it, and what it means for everyday users and power developers alike.
Ptyxis is not an accidental side project. It was initially prototyped under the name GNOME Prompt by Christian Hergert, a well-known GNOME contributor also behind GNOME Builder. Early experiments showed there was space for a terminal designed from scratch with today’s GNOME ecosystem and GPU pipelines in mind.
To avoid conflicts with existing software, the project was later rebranded as Ptyxis. The application has since matured rapidly, and major distributions such as Fedora and Ubuntu have committed to it. Ubuntu introduced it in experimental form in 24.10, and by the upcoming Ubuntu 25.10 “Questing Quokka”, it is expected to replace the aging GNOME Terminal as the default choice.
Traditional terminals typically rely on CPU-bound rendering stacks, often through libraries like Cairo and Pango. This works fine until you throw thousands of lines of log output or try to run full-screen text-based UIs that push rendering to its limits. Ptyxis sidesteps these bottlenecks by shifting the drawing work to the graphics processor, taking advantage of Vulkan or OpenGL backends supplied by GTK4.
The result is immediately noticeable: smooth scrolling, responsive updates, and consistent performance even with massive amounts of text on screen. It’s not just about speed, either, offloading rendering to the GPU reduces CPU strain, leaving headroom for the processes you’re actually running.
For most of the last decade, talk about Wayland on KDE sounded like a promise: stronger security, modern graphics, fewer legacy foot‑guns, once the pieces land. With Plasma 6, those pieces finally clicked into place. Plasma 6.1 delivered two changes that go straight to how frames hit your screen, explicit synchronization and smarter buffering, while 6.2 followed with color‑management and HDR work that makes creators and gamers care. Together, they turn “Wayland someday” into a desktop you can log into today without caveats.
On X11/older Wayland setups, graphics drivers and compositors often assumed when work finished (“implicit sync”), which is fine until it isn’t, especially on NVIDIA, where that guesswork frequently produced flicker or glitches. Plasma 6.1’s Wayland session speaks the explicit sync protocol instead. Now the compositor and apps exchange fences that say “this frame is done,” reducing visual artifacts and making delivery predictable. If you run the proprietary NVIDIA driver, this is the change you’ve been waiting for: NVIDIA added explicit‑sync support in the 555 series, and XWayland 24.1 gained matching support so many games and legacy X11 apps benefit as well.
What you’ll notice: fewer one‑off hitches, less tearing in XWayland content, and a general sense that motion is “locked in” rather than tentative, particularly with the 555.58+ drivers.
Dynamic triple buffering: fewer “missed the train” stuttersTraditional double buffering is cruel: miss a vblank by a hair and your framerate can fall in half. KWin 6.1 added triple buffering that only kicks in when the compositor predicts a frame won’t make the next refresh, letting another frame be “in flight” without permanently increasing latency. One of KWin’s core developers outlined how it activates selectively, tries not to add avoidable lag, and works regardless of GPU vendor. It sounds simple; it feels like the end of random judder during heavy scenes.
VRR/Adaptive‑Sync polishVariable refresh is no longer a roulette wheel. KDE’s devs chased down stutter/flicker under Adaptive‑Sync, and those fixes landed in the same timeframe as Plasma 6.1. If your monitor supports FreeSync/G‑Sync Compatible and the GPU stack is sane, frame pacing is noticeably calmer.
With the arrival of GNOME 48, the desktop experience steps into a refreshing new era, blending clarity, visual richness, and adaptability. This release unfolds a more intuitive configuration interface, native HDR capability, and finer-grained display scaling. Whether you’re streaming, tweaking your workspace, or simply glancing over your notifications, GNOME 48 brings you improvements that feel both modern and meaningful, crafted to feel like they were made for real people doing real tasks.
GNOME 48’s Settings app has shed its former rigidity and stepped into a role that feels inviting and efficient. Never again will you wade through scattered sections, options are now neatly grouped, and the design flow intuitively matches how your mind works. Menus anticipate your focus, search responds predictably, and the overall layout whispers, “you’re in control.”
Assistive Features Front and CenterAccessibility isn’t an afterthought anymore, it’s central. Icons are clearer, toggles are easier to reach, and each label reads like someone actually sat down to ask, “How can we make this tool-friendly for everyone?” GNOME 48 puts inclusivity on full display, ensuring that those who rely on adaptive tech never need to dig for solutions.
Tighter System SynergyGone are the days when Wi-Fi, sound levels, or power settings felt tucked away. These essentials now respond faster, with less visual fuss and more behind-the-scenes connection to smarter system logic. It’s the kind of integration where you flick a switch and everything else falls into harmony.
Forget washed-out colors or muddled shades, GNOME 48 steps up with HDR rendering, delivering brightness, depth, and contrast that bring your display to life. Darker shadows, gleaming highlights, sumptuous gradients, HDR transforms ordinary visuals into something cinematic. It’s not just eye candy; it's more faithful media, smoother workflows, and next-level artistic clarity.
What You’ll Need to ShineThis full-color upgrade doesn’t work across all drift of hardware, but it does mesh well with modern, HDR-capable monitors and compatible GPU drivers accelerating through Wayland. GNOME 48 ensures things just click when your stack supports it, activating the richer palette whenever your display and graphics card are game.
In the last decade, the digital landscape has shifted from a space of casual convenience to a battleground for personal information. From constant corporate profiling to sprawling government surveillance programs, the reality is clear, our devices have become treasure troves for those seeking to exploit or monitor us. As trust in mainstream platforms erodes, a surge of interest has emerged around operating systems that place security and privacy at their very core. At the forefront of this movement are a new breed of Linux distributions designed not just for power users and security experts, but for anyone who values control over their data.
Every click, swipe, and typed search leaves a footprint. This wasn’t always a mainstream concern, many users once traded data for convenience without a second thought. But a string of high-profile incidents changed the narrative: massive data breaches leaking millions of personal records, whistleblower revelations exposing global surveillance programs, and marketing giants quietly building extensive behavioral profiles of individuals.
For the average person, these events have shattered the illusion of online privacy. For professionals handling sensitive work, journalists, lawyers, healthcare providers, data exposure is more than a nuisance; it’s a potential threat to safety, reputation, and trust. The result? An accelerating search for technology that resists tracking, intercepts intrusions, and limits data leakage before it can begin.
Linux, in its many forms, has always worn transparency as a badge of honor. Unlike proprietary systems where code is hidden from public scrutiny, Linux distributions are open-source, meaning anyone can inspect the source code, audit for vulnerabilities, or suggest improvements. This creates a self-reinforcing cycle of trust and accountability.
Beyond transparency, Linux allows deep configurability. Users can strip away unnecessary software, remove hidden telemetry, and harden their system against attacks. Updates arrive quickly, often patched within hours of a security flaw being reported, compared to the slower cycles of commercial operating systems. And most importantly, Linux is free from the corporate incentives that often drive aggressive data collection.
While all Linux distributions benefit from open-source transparency, security-oriented distros go several steps further by building privacy and protection into their foundation:
Hardened System Kernels: Some distros use custom kernels with advanced security patches (like grsecurity) to close off potential attack vectors.
Flatpak promises a secure runtime for Linux applications through container-like isolation, relying on bubblewrap namespaces, syscall filtering, and portal interfaces. In theory, each app should operate inside a strong sandbox, disconnected from the host system. But in reality, experience shows gaps, tiny cracks through which apps may escape with serious consequences.
Flatpak applications begin life in a highly-restricted environment: no network by default, no access to host files beyond the runtime and a private data directory, limited syscalls, and restricted access to session or system services. Portals provide a controlled channel for granting specific capabilities (e.g. file dialogs, screenshot, printing) without broad privileges.
Yet, many Flatpak packages declare broad permissions like filesystem=home
, filesystem=host
, or device=all
. That effectively grants full read-write access to the user's home directory or even system devices, defeating the purpose of the sandbox in practice. Users often assume that 'sandboxed' means locked-down, but blanket permissions expose them to risk.
Security researcher Gergo Koteles uncovered a high-severity vulnerability where malicious Flatpak apps could craft a .desktop
file via the org.freedesktop.portal.Background.RequestBackground
interface. That tricked Flatpak’s --command=
parsing into injecting bwrap
arguments (e.g. --bind
). This allowed arbitrary host commands to execute outside the sandbox boundary. Versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8 were affected. Patched in the listed versions and mitigated in xdg-desktop-portal 1.18.4 and newer.
A Flatpak flag, --persist
(or persistent=
in manifest), allows apps writable storage within their data directory. But if a malicious install replaces that directory with a symlink pointing to sensitive host folders (e.g. ~/.ssh
), the sandbox mount entry follows it into the real filesystem, giving the app unintended access to files outside its name-spaced area. All versions up to 1.14.8 and 1.15.x ≤ 1.15.9 are vulnerable; patched in 1.14.10 and 1.15.10+.
A detailed study of hundreds of Flatpak and Snap packages found that nearly 42% of Flatpak apps either override the supposed isolation or misconfigure sandboxing, resulting in overprivilege or potential escape paths. Crafting fine-grained sandbox policy is hard, and mistakes slip through easily.
On February 27, 2024, the Tails Project unveiled version 6.0, a milestone release built atop Debian 12 “Bookworm” and GNOME 43 . Tails, short for The Amnesic Incognito Live System, is engineered from the ground up to prevent data leakage, protect against targeted surveillance, and ensure that every use leaves no trace unless explicitly permitted . Version 6.0 refines this mission with a bold suite of features tailored to block modern surveillance tactics.
Live USBs are critical lifelines for persistence in Tails. Now, Tails 6.0 alerts users when underlying storage suffers read/write errors. This early detection, prior to catastrophic data loss, allows users to back up their encrypted areas before disaster strikes .
Defense Against Rogue USB DevicesOne of the stealthiest attack vectors involves plugging in malicious USB gear while a device is unattended. Tails now ignores any USB device connected while the screen is locked. Only when the screen is unlocked can new USB devices be activated, closing the door on rubber‑duckying-style malware delivery .
Plug in a flash drive or encrypted external disk while Tails is unlocked, and the system now instantly mounts the device and prompts for decryption (e.g. VeraCrypt volumes), smoothing workflow while preserving safeguards .
Ambient Display Options for Privacy-Conscious UseGNOME 43 brings native support for dark mode, night‑light warm tones, or combinations thereof, all accessible via the system menu. These modes reduce eye strain and lower screen glare in sensitive situations, minimizing accidental disclosure in low-light settings .
Simplified Screenshots and Screencast AccessThrough a redesigned system menu, users can now take screenshots or record screencasts with a few clicks—reducing reliance on external tools and minimizing exposure via unnecessary browser or app use .
Streamlined Gmail Setup in ThunderbirdConfiguring a Gmail account is now smoother: Tails 6.0 allows direct sign‑in within Thunderbird using standard two-step verification, no manual IMAP or security adjustments required, eliminating error-prone manual steps .