lemmee_in

A tourist has posted “staggering” photos of himself and his wife at the same spot in the Swiss Alps almost exactly 15 years apart, in a pair of photos that highlight the speed with which global heating is melting glaciers.

Duncan Porter, a software developer from Bristol, posted photos that were taken in the same spot at the Rhone glacier in August 2009 and August 2024. The white ice that filled the background has shrunk to reveal grey rock. A once-small pool at the bottom, out of sight in the original, has turned into a vast green lake.

“Not gonna lie, it made me cry,” Porter said in a viral post on social media platform X on Sunday night.

To accelerate the transition to memory safe programming languages, the US Defense Advanced Research Projects Agency (DARPA) is driving the development of TRACTOR, a programmatic code conversion vehicle.

The term stands for TRanslating All C TO Rust. It's a DARPA project that aims to develop machine-learning tools that can automate the conversion of legacy C code into Rust.

The reason to do so is memory safety. Memory safety bugs, such buffer overflows, account for the majority of major vulnerabilities in large codebases. And DARPA's hope is that AI models can help with the programming language translation, in order to make software more secure.

"You can go to any of the LLM websites, start chatting with one of the AI chatbots, and all you need to say is 'here's some C code, please translate it to safe idiomatic Rust code,' cut, paste, and something comes out, and it's often very good, but not always," said Dan Wallach, DARPA program manager for TRACTOR, in a statement.

The release of System76’s COSMIC desktop environment, which is still in development, is expected to be one of the most important 2024 events in the Open-Source ecosystem.

The expectations are huge and not without reason. First, we’re talking about a desktop environment written from scratch—something that hasn’t happened in a very, very long time, making it truly one of a kind.

Secondly, this is not a hobby project but one with a company behind it that has invested enough resources, blood, and sweat into it. This gives every reason to believe that COSMIC is here to stay and thrive.

So, it is no surprise to anyone that the leading Linux distributions are expected to quickly adopt the new desktop environment, adding COSMIC to their official flavors list to meet user expectations. This is exactly the case with one of them, Fedora.

In an informal discussion at X, following a question from a user, Carl Richell, the CEO and Founder of System76 hinted that Fedora 42, slated for release in late April 2025, might officially include a COSMIC Spin.

However, we want to clarify that this information is very preliminary. So far, neither side has made any official moves or announcements about this matter. But the most logical thing is to happen.

For the leading rolling release distros like Arch, openSUSE Tumbleweed, Void, and others, we expect the new COSMIC desktop environment to be available in their repositories shortly after its first stable release. In fact, you can already install pre-release versions right now.

Finally, here’s something you won’t want to miss! Just a reminder that the first official alpha version of COSMIC is set to be released to mass public on August 8th, only a week away.

The big names mostly can't yet, but some lesser-known Linux distributions offer the ability to undo updates and recover from damage, even automatically.

With a new version of Linux Mint available, a lot of people – especially less-technical types – are about to upgrade their PCs. As with almost all major upgrades, inevitably some some stuff won't work with the new version. Going back is difficult, although Mint does have a solution, and so do some smaller distros.

Linux Mint includes the Timeshift utility, originally developed by Teejeetech, but that doesn't make it invulnerable. No operating system is, as amply demonstrated recently by CrowdStrike. If installed on a file system that supports copy-on-write (COW) snapshots, Timeshift can use that, but if you chose some other disk format, it can also back up your system files using rsync to another drive.

For now, most Linux file systems can't handle snapshotting, including the default ext4 or its predecessors, or XFS, or the now-vanishing ReiserFS. Several existing file systems that work on Linux do include snapshot support, including bcachefs, ZFS, and Btrfs. However, there are solid reasons why most distros don't include the functionality.

For instance, while OpenZFS does support snapshots, and several distributions include ZFS, including TrueNAS Scale, Ubuntu, Proxmox, Void Linux, and NixOS, the ZFS code can't be compiled into the Linux kernel due to an incompatible software license. Thus, from appropriate levels of caution, OpenZFS isn't part of either SUSE's or Red Hat's enterprise offerings. Their compliance with multiple legal requirements and certifications is a big part of their corporate appeal. (For the curious, both companies maintain lists of their certifications. Red Hat has a 16-section list and SUSE a respectable dozen sections. Some companies will pay good money for this stuff.)

Red Hat removed Btrfs from RHEL six years ago, and is working on its own, all-GPL combined volume management system and file system called Stratis. Since Btrfs was invented there, Oracle had a simpler route available for its RHEL-compatible distro: Oracle Linux offers a kernel with Btrfs.

Bcachefs, meanwhile, is relatively new and immature. It only appeared at the beginning of this year in kernel 6.7, meaning that it's only been in three releases of the kernel so far. It's a little bit too new for anyone else to support it just yet.

So, for now, Btrfs is the most mature file system in the Linux kernel that can do snapshots. This is why SUSE's Snapper uses Btrfs by default, although it also supports LVM, and can be configured to use that instead.

Btrfs + Timeshift saved my broken Linux Mint

People in Bangladesh have turned en masse to the VPN apps to bypass ongoing internet restrictions in the aftermath of widespread anti-government protests.

The first spike in VPN usage was recorded on July 23, 2024, when authorities began to ease fixed-line internet restrictions after five days of complete internet shutdown.

Mobile connectivity was restored on Sunday, July 28. Yet, access to the likes of Facebook, TikTok, WhatsApp, and YouTube is still restricted at the time of writing. This explains why data shows VPN downloads and signups continue to be high across the region.

Proton recorded VPN usage spikes in 11 countries since January alone. Similarly to the Bangladesh case, most of them were linked with social unrest including Kenya at the end of June, New Caledonia in May, and Senegal in February.

With social media platforms being blocked in Bangladesh at the time of writing, VPNs remain a crucial tool if you're inside the country.

Hyprland is a relatively new name among tiling compositor offerings, but thanks to its impressive features, it is quickly becoming a popular choice among Linux users. If you’re not familiar with it, here’s a brief introduction.

It is a highly customizable, dynamic, lightning-fast tiling Wayland compositor designed to provide a powerful and flexible environment for managing windows and workspaces.

It is also built with performance in mind, resulting in smooth operations, very good performance, and, last but not least, visual appeal to users.

All of these qualities, combined with its avalanche of popularity, have resulted in a well-received message on the Debian developer list, announcing that precompiled Hyprland packages are now added and available to the distribution’s unstable repositories.

Furthermore, the acceptance of Hyprland in Debian can be compared to a wide-open door to a large part of the Linux ecosystem. Being one of the foundations on which today’s Linux world is built, Debian has always been a crucial factor in promoting free software.

Adopting a given one in its repositories means it will become available to millions of users, considering the huge amount of Debian derivatives that use it as their base. It is enough to mention Ubuntu, for example.

In addition to monthly reminders to use Microsoft Edge and Microsoft 365, Windows 11 now recommends using OneDrive. A recent Windows Update triggers a full-screen pop-up for OneDrive, which looks like the OOBE (out-of-the-box experience) that typically pops up when you install Windows 11 for the first time.

First spotted by Windows Latest, Windows 11 has a new pop-up titled “Let’s back up your files,” which appears automatically when you start your PC.

It’s worth noting that OneDrive’s free storage is limited to 5GB, so you need to buy storage to use the Windows Backup feature. It isn’t practically possible to backup your complete PC to OneDrive in the long run unless you have empty folders.

Also, if you do manage to skip the OneDrive pop-up when booting Windows, you’ll see another notification that warns your PC that it is not fully backed up with an alert icon.

It isn’t possible to pause or remove these alerts and full-screen pop-ups in Windows 11 if you live outside the European Union.

McDonald's vowed Monday to win back consumers with better value offerings after it reported a rare sales decline that the company partly attributed to an exodus of inflation-weary low-income consumers.

All three of the chain's operating regions experienced comparable sales declines, a significant weakening next to the year-ago results when global comparable sales jumped nearly nine percent.

For much of the recent period of rising consumer prices, McDonald's garnered strong sales gains from diners who "traded down" to the fast food giant from more expensive rivals. Executives said the market had, however, shifted in the most recent period.

"We are seeing trade down, but what we're seeing is that the loss of the low-income consumers is greater than the trade-down benefit," said Chief Executive Christopher Kempczinski on a conference call.

"You're seeing with that low-income consumer, in many cases, they're dropping out of the market, eating at home and finding other ways to economize."

Profits for the quarter ending June 30 were $2.0 billion, down 12 percent.

Revenues were essentially flat at $6.5 billion.

Protests erupted in Venezuela's capital Monday as the regime deflected charges it had rigged an election win for President Nicolas Maduro that the opposition has disputed and many in the international community have questioned.

Hundreds of people poured onto the streets of Caracas chanting: "Freedom, freedom!" and "This government is going to fall!"

Several were seen ripping Maduro campaign posters from street posts and burning them.

Maduro, 61, attended a meeting on Monday where the National Electoral Council (CNE) certified his reelection to a third six-year term from 2025 to 2031.

At the event, he dismissed international criticism and doubts about the result, claiming Venezuela was the target of an attempted "coup d'etat" of a "fascist and counter-revolutionary" nature.

The Guardian witnessed the Rapid Action Battalion, the elite unit of Bangladesh’s police forces, fire teargas from a helicopter on crowds below and army forces fire at protesters with what appeared to be light machine guns, leaving about 200 people dead and thousands injured. Analysis of footage from protest scenes by Amnesty International confirmed the use of teargas and lethal firearms – including shotguns, assault rifles and grenade launchers – by police and paramilitary forces against the unarmed protesters. On Thursday, the UN human rights chief, Volker Türk, called on the government of Bangladesh to carry out an independent investigation into the “horrific violence”.

The strength of the state-led crackdown has galvanised many on the ground to see the protest movement as no longer an issue of quotas, which were scaled back by the court on Sunday, but a growing civilian-led movement to bring down Hasina, who has ruled with an increasingly tyrannical grip since 2009.

Researchers at Truffle Security have found, or arguably rediscovered, that data from deleted GitHub repositories (public or private) and from deleted copies (forks) of repositories isn't necessarily deleted.

Joe Leon, a security researcher with the outfit, said in an advisory on Wednesday that being able to access deleted repo data – such as APIs keys – represents a security risk. And he proposed a new term to describe the alleged vulnerability: Cross Fork Object Reference (CFOR).

"A CFOR vulnerability occurs when one repository fork can access sensitive data from another fork (including data from private and deleted forks)," Leon explained.

For example, the firm showed how one can fork a repository, commit data to it, delete the fork, and then access the supposedly deleted commit data via the original repository.

The researchers also created a repo, forked it, and showed how data not synced with the fork continues to be accessible through the fork after the original repo is deleted. You can watch that particular demo.

Passports recovered from battlefields in Sudan suggest the United Arab Emirates is covertly putting boots on the ground in the country’s devastating civil war, according to leaked documents.

A 41-page document, sent to the UN security council and seen by the Guardian, contains images of Emirati passports allegedly found in Sudan and linked to soldiers of the Rapid Support Forces (RSF), the African nation’s notorious paramilitary.

The UAE has previously denied all accusations of supplying arms to the RSF, which is holding the city of El Fasher under siege in a wider campaign of ethnic cleansing in Darfur.

However, the suggestion that the Emirates has deployed personnel to assist the fighting in Sudan would be an escalation, further inflaming the geopolitical complexities of the 15-month long civil war between the RSF and Sudanese military.