All the News that Matters

• Mageia 2024-0365: thunderbird Security Advisory Updates
  Potential disclosure of plaintext in OpenPGP encrypted message. (CVE-2024-11159) References: - https://bugs.mageia.org/show_bug.cgi?id=33763

• Fedora 41: llvm-test-suite 2024-6d9aba8c3c Security Advisory Updates
  Remove ClamAV subdirectory because of viruses in input files: These were the findings: MultiSource/Applications/ClamAV/inputs/rtf-test/rtf1.rtf: Eicar-Signature MultiSource/Applications/ClamAV/inputs/clam.zip: Clamav.Test.File-6 MultiSource/Applications/ClamAV/inputs/rtf-test/docCLAMexe.rtf:

• Fedora 40: llvm-test-suite 2024-300397332b Security Advisory Updates
  Remove ClamAV subdirectory because of viruses in input files: These were the findings: MultiSource/Applications/ClamAV/inputs/rtf-test/rtf1.rtf: Eicar-Signature MultiSource/Applications/ClamAV/inputs/clam.zip: Clamav.Test.File-6 MultiSource/Applications/ClamAV/inputs/rtf-test/docCLAMexe.rtf:

• Fedora 39: chromium 2024-9c44ad3527 Security Advisory Updates
  Update to 130.0.6723.116

• Ubuntu 7123-1: Linux kernel (Azure) Security Advisory Updates
  Several security issues were fixed in the Linux kernel.

• Ubuntu 7121-2: Linux kernel (Azure) Security Advisory Updates
  Several security issues were fixed in the Linux kernel.

• Oracle Linux 9.5 Brings OpenJDK 17 and .NET 9.0
  Oracle Linux 9.5 debuts with OpenJDK 17, .NET 9, GCC Toolset 14, improved Python performance, and robust multi-cloud computing support.

• Debian 13 Is Quickly Approaching - Desktop Artwork Voting Now Underway
  The Debian 13 "Trixie" release is slated for 2025 and with the artwork voting now underway for the default desktop theme is a reminder that the release is quickly approaching.

• 8 of the Best Podcast Clients for Linux
  Podcasts are an important part of media consumption for a lot of people today. While most listeners tend to consume podcasts on their mobile phone, listening on the desktop gives you more room and flexibility to integrate it to your current workflow.

• Google changes Android release cycle so new versions arrive in Q2
  Version 16 developer preview starts the new cycle, with warnings for devs to test sooner rather than later.

• Debian vs Ubuntu: Which Linux Distro Fits Your Needs Best?
  Both Debian and Ubuntu are often considered outstanding choices to meet your desktop and server needs. But what are the differences and similarities, and which is right for you?

• Rocky Linux 9.5 Released With Podman 5.0 and Cockpit Files Plugin Availability
  The latest and greatest version of Rocky Linux has been released, battle tested, and is ready-to-go.

• Blender 4.3 Open-Source 3D Graphics App Introduces Experimental Vulkan Backend
  The Blender Foundation announced today the release and general availability of Blender 4.3 as a major update to this powerful, free, cross-platform, and open-source 3D graphics and modeling software.

• Red Hat & Microsoft Bringing RHEL To WSL
  The latest Linux distribution being brought to Windows Subsystem for Linux (WSL) with Microsoft's blessing is none other than Red Hat Enterprise Linux... Microsoft and Red Hat jointly announced today that RHEL is coming to WSL.

• "Helldown" ransomware attacks expand to Linux and VMware
  The "Helldown" ransomware, which started small earlier this year, is now targeting VMware systems and Linux environments, a move that's raising serious concerns among cybersecurity experts. This evolution highlights how attackers are finding new ways to exploit vulnerabilities across platforms.

• Rocky Linux 9.5 Released, Here’s What’s New
  Rocky Linux 9.5 is now available for download, packed with updates like Podman 5.0, GCC 11.5, Node.js 22, and more.

• NASA's Curiosity Rover Captures 360-Degree View of Mars
  Space.com's Julian Dossett writes: For twelve years, we've watched Curiosity crawl its way over the rocky surface of Mars, decoding mysteries of the Red Planet and broadcasting back home pictures and data from the strange Martian environment. The Mars rover, built by NASA's Jet Propulsion Laboratory (JPL), has slowly scaled Mount Sharp since 2014. This mountain, officially monikered "Aeolis Mons," was discovered in the 1970s; cut into its alien landscape is the boulder-packed Gediz Vallis channel, which some scientists believe to be an ancient river bed. Curiosity crossed into Gediz Vallis earlier this year -- and, yesterday, JPL released a real treat for Mars lovers: a 360-degree panorama view of the Gediz Vallis channel. You can play the YouTube video and move your phone around for the nifty interactive feature. Or, if you're using a desktop PC, you can shift the video around with a mouse. The panorama showcases features like Kukenan Butte and Gale Crater Rim, with scientists debating whether water, wind, or landslides shaped the boulder-laden terrain. Another interesting observation is the presence of mysterious sulfur stones with yellow crystals. Scientists are unsure about their origin since such formations on Earth are linked to hot springs and volcanoes -- neither of which are known to exist on Mars. Curiosity is now heading toward a location called "the boxwork," a mineral-rich area potentially formed by ancient water flows.
  
  
  Read more of this story at Slashdot.
  

• US Regulators Seek To Break Up Google, Forcing Chrome Sale
  In a 23-page document (PDF) filed late Wednesday, U.S. regulators asked a federal judge to break up Google after a court found the tech giant of maintaining an abusive monopoly through its dominant search engine. As punishment, the DOJ calls for a sale of Google's Chrome browser and restrictions to prevent Android from favoring its own search engine. The Associated Press reports: Although regulators stopped short of demanding Google sell Android too, they asserted the judge should make it clear the company could still be required to divest its smartphone operating system if its oversight committee continues to see evidence of misconduct. [...] The Washington, D.C. court hearings on Google's punishment are scheduled to begin in April and Mehta is aiming to issue his final decision before Labor Day. If [U.S. District Judge Amit Mehta] embraces the government's recommendations, Google would be forced to sell its 16-year-old Chrome browser within six months of the final ruling. But the company certainly would appeal any punishment, potentially prolonging a legal tussle that has dragged on for more than four years. Besides seeking a Chrome spinoff and a corralling of the Android software, the Justice Department wants the judge to ban Google from forging multibillion-dollar deals to lock in its dominant search engine as the default option on Apple's iPhone and other devices. It would also ban Google from favoring its own services, such as YouTube or its recently-launched artificial intelligence platform, Gemini. Regulators also want Google to license the search index data it collects from people's queries to its rivals, giving them a better chance at competing with the tech giant. On the commercial side of its search engine, Google would be required to provide more transparency into how it sets the prices that advertisers pay to be listed near the top of some targeted search results. The measures, if they are ordered, threaten to upend a business expected to generate more than $300 billion in revenue this year. "The playing field is not level because of Google's conduct, and Google's quality reflects the ill-gotten gains of an advantage illegally acquired," the Justice Department asserted in its recommendations. "The remedy must close this gap and deprive Google of these advantages."
  
  
  Read more of this story at Slashdot.
  

• Inside the Booming 'AI Pimping' Industry
  An anonymous reader quotes a report from 404 Media: Instagram is flooded with hundreds of AI-generated influencers who are stealing videos from real models and adult content creators, giving them AI-generated faces, and monetizing their bodies with links to dating sites, Patreon, OnlyFans competitors, and various AI apps. The practice, first reported by 404 Media in April, has since exploded in popularity, showing that Instagram is unable or unwilling to stop the flood of AI-generated content on its platform and protect the human creators on Instagram who say they are now competing with AI content in a way that is impacting their ability to make a living. According to our review of more than 1,000 AI-generated Instagram accounts, Discord channels where the people who make this content share tips and discuss strategy, and several guides that explain how to make money by "AI pimping," it is now trivially easy to make these accounts and monetize them using an assortment of off-the-shelf AI tools and apps. Some of these apps are hosted on the Apple App and Google Play Stores. Our investigation shows that what was once a niche problem on the platform has industrialized in scale, and it shows what social media may become in the near future: a space where AI-generated content eclipses that of humans. [...] Out of more than 1,000 AI-generated Instagram influencer accounts we reviewed, 100 included at least some deepfake content which took existing videos, usually from models and adult entertainment performers, and replaced their face with an AI-generated face to make those videos seem like new, original content consistent with the other AI-generated images and videos shared by the AI-generated influencer. The other 900 accounts shared images that in some cases were trained on real photographs and in some cases made to look like celebrities, but were entirely AI-generated, not edited photographs or videos. Out of those 100 accounts that shared deepfake or face-swapped videos, 60 self-identify as being AI-generated, writing in their bios that they are a "virtual model & influencer" or stating "all photos crafted with AI and apps." The other 40 do not include any disclaimer stating that they are AI-generated. Adult content creators like Elaina St James say they're now directly competing with these AI rip-off accounts that often use stolen content. Since the explosion of AI-generated influencer accounts on Instagram, St James said her "reach went down tremendously," from a typical 1 million to 5 million views a month to not surpassing a million in the last 10 months, and sometimes coming in under 500,000 views. While she said changes to Instagram's algorithm could also be at play, these AI-generated influencer accounts are "probably one of the reasons my views are going down," St James told 404 Media. "It's because I'm competing with something that's unnatural." Alexios Mantzarlis, the director of the security, trust, and safety initiative at Cornell Tech and formerly principal of trust and safety intelligence at Google, started researching the problem to see where AI-generated content is taking social media and the internet. "It felt like a possible sign of what social media is going to look like in five years," said Mantzarlis. "Because this may be coming to other parts of the internet, not just the attractive-people niche on Instagram. This is probably a sign that it's going to be pretty bad."
  
  
  Read more of this story at Slashdot.
  

• Ubuntu Linux Impacted By Decade-Old 'needrestart' Flaw That Gives Root
  Five local privilege escalation (LPE) vulnerabilities in the Linux utility "needrestart" -- widely used on Ubuntu to manage service updates -- allow attackers with local access to escalate privileges to root. The flaws were discovered by Qualys in needrestart version 0.8, and fixed in version 3.8. BleepingComputer reports: Complete information about the flaws was made available in a separate text file, but a summary can be found below: - CVE-2024-48990: Needrestart executes the Python interpreter with a PYTHONPATH environment variable extracted from running processes. If a local attacker controls this variable, they can execute arbitrary code as root during Python initialization by planting a malicious shared library.- CVE-2024-48992: The Ruby interpreter used by needrestart is vulnerable when processing an attacker-controlled RUBYLIB environment variable. This allows local attackers to execute arbitrary Ruby code as root by injecting malicious libraries into the process.- CVE-2024-48991: A race condition in needrestart allows a local attacker to replace the Python interpreter binary being validated with a malicious executable. By timing the replacement carefully, they can trick needrestart into running their code as root.- CVE-2024-10224: Perl's ScanDeps module, used by needrestart, improperly handles filenames provided by the attacker. An attacker can craft filenames resembling shell commands (e.g., command|) to execute arbitrary commands as root when the file is opened.- CVE-2024-11003: Needrestart's reliance on Perl's ScanDeps module exposes it to vulnerabilities in ScanDeps itself, where insecure use of eval() functions can lead to arbitrary code execution when processing attacker-controlled input. The report notes that attackers would need to have local access to the operation system through malware or a compromised account in order to exploit these flaws. "Apart from upgrading to version 3.8 or later, which includes patches for all the identified vulnerabilities, it is recommended to modify the needrestart.conf file to disable the interpreter scanning feature, which prevents the vulnerabilities from being exploited," adds BleepingComputer.
  
  
  Read more of this story at Slashdot.
  

• Z-Library Helps Students to Overcome Academic Poverty, Study Finds
  A new study reveals that many users, particularly students and Redditors, view Z-Library as a vital resource for overcoming economic barriers to education, reflecting a "Robin Hood" mentality that prioritizes access to knowledge over copyright concerns. TorrentFreak reports: The research looks at the motivations of two groups; Reddit users and Chinese postgraduate students. Despite the vast differences between these groups, their views on Z-Library are quite similar. The 134 Reddit responses were sampled from the Zlibrary subreddit, which is obviously biased in favor of the site. However, the reasoning goes well beyond a simple "I want free stuff" arguments. Many commenters highlighted that they were drawn to the site out of poverty, for example, or they highlighted that Z-Library was an essential tool to fulfill their academic goals. "Living in a 3rd world country, 1 book would cost like 50%- 80% already of my daily wage," one Redditor wrote. The idea that Z-Library is a 'necessary evil' was also highlighted by other commenters. This includes a student who can barely make ends meet, and a homeless person, who has neither the money nor the space for physical books. The lack of free access to all study materials, including academic journal subscriptions at university libraries, was also a key motivator. Paired with the notion that journal publishers make billions of dollars, without compensating authors, justification is found for 'pirate' alternatives. "They make massive profits. So stealing from them doesn't hurt the authors nor reviewers, just the rich greedy publishers who make millions just to design a cover and click 'publish'," one Redditor wrote. The second part of the study is conducted in a more structured format among 103 postgraduate students in China. This group joined a seminar where Z-Library and the crackdown were discussed. In addition, the students participated in follow-up focus group discussions, while also completing a survey. Despite not all being users of the shadow library, 41% of the students agreed that the site's (temporary) shutdown affected their ability to study and find resources for degree learning. In general, the students have a favorable view toward Z-Library and similar sites, and 71% admit that they have used a shadow library in the past. In line with China's socialist values, the overwhelming majority of the students agreed that access to knowledge should be free for everyone. While the students are aware of copyright law, they believe that the need to access knowledge outweighs rightsholders' concerns. This is also reflected in the following responses, among others. All in all, Z-Library and other shadow libraries are seen as a viable option for expensive or inaccessible books, despite potential copyright concerns. The paper has been published in the Journal of University Teaching & Learning Practice.
  
  
  Read more of this story at Slashdot.
  

• Musi Fans Refuse To Update iPhones Until Apple Unblocks Controversial App
  An anonymous reader quotes a report from Ars Technica: Who up missing Musi?" a Reddit user posted in a community shocked by the free music streaming app's sudden removal from Apple's App Store in September. Apple kicked Musi out of the App Store after receiving several copyright complaints. Musi works by streaming music from YouTube -- seemingly avoiding paying to license songs -- and YouTube was unsurprisingly chief among those urging Apple to stop allowing the alleged infringement. Musi was previously only available through the App Store. Once Musi was removed from the App Store, anyone who downloaded Musi could continue using the app uninterrupted. But if the app was ever off-loaded during an update or if the user got a new phone, there would be no way to regain access to their Musi app or their playlists. Some Musi fans only learned that Apple booted Musi after they updated their phones, and the app got offloaded with no option to re-download. Panicked, these users turned to the Musi subreddit for answers, where Musi's support staff has consistently responded with reassurances that Musi is working to bring the app back to the App Store. For many Musi users learning from others' mistakes, the Reddit discussions leave them with no choice but to refuse to update their phones or risk losing their favorite app. The app may remain unavailable for several months as the litigation unfolds. "After Apple gave in to the pressure, Musi sued (PDF) in October, hoping to quickly secure an injunction that would force Apple to reinstate Musi in the App Store until the copyright allegations were decided," reports Ars. "But a hearing on that motion isn't scheduled until January, making it appear unlikely that Musi will be available again to download until sometime next year." Further reading: Google, Apple Drive 'Black Box' IP Policing with App Store Rules
  
  
  Read more of this story at Slashdot.
  

• Comcast Spins Off Cable Networks
  Comcast plans to spin off several of its cable TV networks into a standalone company as it shifts focus to streaming and other profitable ventures like Peacock, theme parks, and broadband services. The Associated Press reports: Those one-time stars for Comcast's NBCUniversal cable television networks include USA, Oxygen, E!, SYFY and Golf Channel, as well as CNBC and MSNBC. Movie ticketing platform Fandango and the Rotten Tomatoes movie rating site would also become part of the new company. Peacock will remain with Comcast, as will Bravo, which provides significant content for the Peacock streaming service. Comcast telegraphed the potential shift last month as it released quarterly earnings before confirming Wednesday that it will spin off assets that generated about $7 billion in revenue over he past 12 months ending September 30. That's about 5.5% of Comcast's total revenue during that period, according to the company. But there is a shrinking pool of cable subscribers as millions cut the cord and rely increasingly on streaming platforms for entertainment. Mark Lazarus, current chairman of NBCUniversal Media Group, will serve as the new entity's chief executive officer. Anand Kini, the current chief financial officer of NBCUniversal, will take on the same title with the new company as well as the chief operating officer role. [...] Comcast expects the new company to have the financial flexibility to be "a potential partner and acquirer of other complementary media businesses." The spin-off is targeted for completion in about a year, the entertainment giant said, pending financing and approval from its board and government regulators. "Like millions of US consumers, Comcast finally cut the cord by divesting itself of most of its cable TV channels," said Paul Verna, principal analyst at market research company eMarketer. "The benefits are clear to Comcast. It's dropping money-losing assets from a technology and media empire that will retain its lucrative (internet service provider) business, theme parks, broadcast networks, and Peacock streaming service."
  
  
  Read more of this story at Slashdot.
  

• Strava Closes the Gates To Sharing Fitness Data With Other Apps
  The Verge's Richard Lawler reports: Strava recently informed its users and partners that new terms for its API restrict the data that third-party apps can show, refrain from replicating Strava's look, and place a ban on using data "for any model training related to artificial intelligence, machine learning or similar applications." The policy is effective as of November 11th, even though Strava's own post about the change is dated November 15th. There are plenty of posts on social media complaining about the sudden shift, but one place where dissent won't be tolerated is Strava's own forums. The company says, "...posts requesting or attempting to have Strava revert business decisions will not be permitted." Brian Bell, Strava's VP of Communications and Social Impact, said in a statement: "We anticipate that these changes will affect only a small fraction (less than .1 percent) of the applications on the Strava platform -- the overwhelming majority of existing use cases are still allowed, including coaching platforms focused on providing feedback to users and tools that help users understand their data and performance."
  
  
  Read more of this story at Slashdot.
  

• DeepSeek's First Reasoning Model R1-Lite-Preview Beats OpenAI o1 Performance
  An anonymous reader quotes a report from VentureBeat: DeepSeek, an AI offshoot of Chinese quantitative hedge fund High-Flyer Capital Management focused on releasing high performance open source tech, has unveiled the R1-Lite-Preview, its latest reasoning-focused large language model, available for now exclusively through DeepSeek Chat, its web-based AI chatbot. Known for its innovative contributions to the open-source AI ecosystem, DeepSeek's new release aims to bring high-level reasoning capabilities to the public while maintaining its commitment to accessible and transparent AI. And the R1-Lite-Preview, despite only being available through the chat application for now, is already turning heads by offering performance nearing and in some cases exceeding OpenAI's vaunted o1-preview model. Like that model released in September 2024, DeepSeek-R1-Lite-Preview exhibits "chain-of-thought" reasoning, showing the user the different chains or trains of "thought" it goes down to respond to their queries and inputs, documenting the process by explaining what it is doing and why. While some of the chains/trains of thoughts may appear nonsensical or even erroneous to humans, DeepSeek-R1-Lite-Preview appears on the whole to be strikingly accurate, even answering "trick" questions that have tripped up other, older, yet powerful AI models such as GPT-4o and Claude's Anthropic family, including "how many letter Rs are in the word Strawberry?" and "which is larger, 9.11 or 9.9?"
  
  
  Read more of this story at Slashdot.
  

• Resentment is Building As More Workers Feel Stuck
  Workers in the U.S. are running in place -- feeling stuck in jobs with dimmed prospects of advancement and seeing fewer opportunities to jump ship for something better. From a report: It's a sharp contrast to the heady days of 2022 -- when employees were quitting their jobs at record high rates, open roles proliferated and the possibility of a higher paycheck always seemed just around the corner. Employers are sitting tight, says Daniel Zhao, lead economist at job site Glassdoor. Companies aren't making big changes to hiring strategy. That means "fewer opportunities for workers to climb the career ladder," he says. They're still plugging away at the same role they've had for years without the opportunity to move up internally or at a new company. 65% of the 3,400 professionals surveyed by Glassdoor last month said they feel stuck in their current role."As workers feel stuck, pent-up resentment boils under the surface," Zhao writes in a report out yesterday.
  
  
  Read more of this story at Slashdot.
  

• Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation.
  Exciting news! The Tazama project is officially a Digital Public Good having met the criteria to be accepted to the Digital Public Goods Alliance ! Tazama is a groundbreaking open source software solution for real-time fraud prevention, and offers the first-ever open source platform dedicated to enhancing fraud management in digital payments. Historically, the financial [0]
  
  The post Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation. appeared first on Linux.com.
  

• Xen 4.19 is released
  Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
  
  The post Xen 4.19 is released appeared first on Linux.com.
  

• Advancing Xen on RISC-V: key updates
  At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]
  
  The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.
  

• Linux Foundation Announces OpenSearch Software Foundation to Foster Open Collaboration in Search and Analytics
  AWS transfers OpenSearch to the Linux Foundation to support a vendor-neutral community for search, analytics, observability, and vector database software. Read more at linuxfoundation.org
  
  The post Linux Foundation Announces OpenSearch Software Foundation to Foster Open Collaboration in Search and Analytics appeared first on Linux.com.
  

• AI Produces Data-driven OpenFOAM Speedup (HPC Wire)
  Researchers from TU Darmstadt, TU Dresden, Hewlett Packard Enterprise (HPE), and Intel have developed advanced applications that combine HPC simulations with AI techniques using the open-source computational fluid dynamics solver OpenFOAM and the HPE-led SmartSim AI/ML library. These applications show promise for improving the accuracy and capabilities of traditional scientific and engineering modelling with data-driven [0]
  
  The post AI Produces Data-driven OpenFOAM Speedup (HPC Wire) appeared first on Linux.com.
  

• Webinar: Harden Your Security Mindset: Break Down the Critical Security Risks for Web Apps
  Join us for a Complimentary Live Webinar Sponsored by Linux Foundation Training 8 Certification Learn More and Register
  
  The post Webinar: Harden Your Security Mindset: Break Down the Critical Security Risks for Web Apps appeared first on Linux.com.
  

• Delivering Prime Training Deals  2 DAYS ONLY
  Save 40% on all training and certifications. Learn more at LF Training
  
  The post Delivering Prime Training Deals  2 DAYS ONLY appeared first on Linux.com.
  

• Why You Need to Know About Event Modeling:  —An Intro
  Alexandra Moxin, CSO, Adaptech Group Introduction Have you ever wondered why most software projects start off well and then, several months later, turn slow and difficult? Youve likely fallen into the traps of design as you go, two-week sprints that never accomplish much, and more ceremony meetings than time to complete your work. Maybe youve [0]
  
  The post Why You Need to Know About Event Modeling:  —An Intro appeared first on Linux.com.
  

• Kickstart Your Career 8 Save Up To 40%!
  Save on Technical Training 8 Certification Learn more at Linux Foundation Training
  
  The post Kickstart Your Career & Save Up To 40%! appeared first on Linux.com.
  

• Take the Cloud Native Security Survey
  Share your insights to help improve cloud native security and receive 25% off your CloudNativeSecurityCon registration.
  
  The post Take the Cloud Native Security Survey appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• The Echo Show 8 drops to a record low of $80 in this Amazon Black Friday deal
  Black Friday has arrived, which means Amazon’s smart displays are back on sale and significantly discounted. To start, the Echo Show 8 is $70 off its regular $150 price. That’s the cheapest Amazon has sold the Show 8 for since the company’s Prime Day sales event in July when the device hit a record low price. Amazon has also discounted the more affordable Echo Show 5. Right now, it’s on sale for $50, down from $90.
  
  Both the Echo Show 8 and Show 5 have been on Engadget’s best smart displays list for years. Of the two, the former is the best pick for most people. The 8-inch screen is just large enough to make it easy to interact with the display, but not so big so as to make a device that hogs space on your bedside table. The fact the Show 8 will adapt the size of its user interface to how far away you are from it is icing on the cake.
  
  
  
  The Show 8 is also a great choice if you want a smart display that’s great for video calling. Not only does its 13-megapixel camera offers great image quality, but Amazon has also included a feature that automatically frames your face and follows your movements. As you can imagine, it’s a useful feature to have if you want to move around while chatting with your friends and loved ones. When you’re not using the Show 8, there’s a physical camera cover to protect your privacy. I should also mention that the Show 8 is one of the better-sounding smart displays Engadget has tested, thanks to the inclusion of spatial audio and a room calibration feature.
  
  As for the Echo Show 5, it’s a great option if space is limited on your desk or nightstand. It’s currently one of the smallest smart displays on the market. The inclusion of an ambient light sensor and tap-to-snooze features make for a great smart alarm clock. It can also work as a sunrise clock if you don’t want to be jarred from bed.
  
  Either way, both the Show 8 and Show 5 are great smart display, especially when you can get them on sale like they are now.
  
  Check out all of the latest Black Friday and Cyber Monday deals here.
  This article originally appeared on Engadget at https://www.engadget.com/deals/the-echo-show-8-drops-to-a-record-low-of-80-in-this-amazon-black-friday-deal-150003009.html?src=rss

• The new Amazon Kindle Paperwhite is $30 off for Black Friday
  Amazon only rolled out the 2024 Kindle Paperwhite last month, but it’s already discounted for Black Friday. The new ereader — which has faster page turns, a bigger and better screen and longer battery life — is marked down to $130 ($30 off). That’s its first discount on one of our picks for best ereader since launch.
  
  The sixth-generation Paperwhite has a seven-inch screen, noticeably bigger than the 6.8-inch one on its predecessor. Amazon also boosted the display’s contrast thanks to its oxide thin-film transistor display tech, which should help reduce eyestrain. It still has a warm light that you can tune to match your room’s lighting. The front light in the new model gets 25 percent brighter at its maximum level than the fifth-gen model.
  
  
  
  The new Paperwhite has 25 percent faster page turns than its predecessors, which Engadget’s Amy Skorheim found makes a marked difference in the reading experience. (The review was for the more expensive Signature Edition, but it has identical page turns.) At 7.8mm thick, this is the thinnest Paperwhite to date.
  
  The ereader still has IPX8 water resistance, and the device uses a new rubberized texture that makes it easier to grip. Amazon estimates its battery will last up to 12 weeks per charge. It ships with a USB-C cable (but no power brick).
  
  You can also save on the new standard Kindle on sale for $85 (from $110). Although that model skips out on the warm light and has a smaller screen, it gives you a lighter and more compact ereader on the cheap.
  
  Check out all of the latest Black Friday and Cyber Monday deals here.
  This article originally appeared on Engadget at https://www.engadget.com/deals/the-new-amazon-kindle-paperwhite-is-30-off-for-black-friday-150013311.html?src=rss

• The Bose QuietComfort Ultra Earbuds are back on sale for $229 for Black Friday
  It's been over a year since Bose released its QuietComfort Ultra Wireless Earbuds but we would argue they're still the best noise-canceling earbuds on the market. Now, for Black Friday, they're also back down to their best price, dropping to $229 from $299. 
  
  We gave the Bose QuietComfort Ultra Wireless Earbuds a 88 in our review thanks to features like — you guessed it — amazing active noise cancellation. We found these earbuds especially impressive when it came to blocking airplane noise so, if you have a long flight ahead, this is where to look. These earbuds also produced really great sound quality due to Immersive Audio and spatial audio technology. The clarity, detail and volume come together to create a natural sound that makes it feel as if you're not even wearing earbuds. 
  
  
  
  Bose's QuietComfort Ultra Wireless Earbuds also tout an impressive battery life (though using Immersive Audio really eats into it). We did find the earbuds to be a bit large, but there are nine soft tips to choose from so hopefully one works for you. Overall, these are a very solid option — especially at the discounted price — if you want great ANC without having to wear headphones. 
  
  Check out all of the latest Black Friday and Cyber Monday deals here.
  This article originally appeared on Engadget at https://www.engadget.com/deals/the-bose-quietcomfort-ultra-earbuds-are-back-on-sale-for-229-for-black-friday-083025834.html?src=rss

• Amazon's Echo Dot drops to only $23 for Black Friday
  Yes, Black Friday is basically here and, though we're not sure where this year went, all the sales are softening the blow. Amazon, sure to be the home of a lot of shopping this year, has already marked down some of its most wanted products. Included in the sales is our choice for best smart speaker under $50, the fifth generation Amazon Echo Dot. Right now, you can pick up the speaker for just $23 — an all-time low price. 
  
  The fifth-gen Amazon Echo Dot came out in 2022 and has great features, including exceptionally loud and clear audio for its sticker price (let alone the discounted one). It has all the basics and does them well: letting you set alarm clocks and timers, streaming music and podcasts from your streamer of choice and using Alexa for all your questions. 
  
  
  
  If you're unsure about the Echo Dot then check out some of Amazon's other speakers on sale for Black Friday. There's the Echo Spot, which is back to its October Prime Day all-time low price of $45, down from $80.
  
  Amazon originally released the Echo Spot in 2017, but discontinued it after two years. The new model launched earlier this year sans awkward bedside camera and plus a better quality display and sound. You can also pick up the Echo Pop for only $18, down from $40. This speaker is a great option if you want a solid device in a small room.  
  
  Check out all of the latest Black Friday and Cyber Monday deals here.
  This article originally appeared on Engadget at https://www.engadget.com/deals/amazons-echo-dot-drops-to-only-23-for-black-friday-150042813.html?src=rss

• The best robot vacuums on a budget for 2024
  If vacuuming is your least favorite chore, employing a robot vacuum can save you time and stress while also making sure your home stays clean. While once most robo-vacs landed on the higher end of the price spectrum, that’s not the case anymore. Sure, you could pick up a $1,000 cleaning behemoth with mopping features, but it would be incorrect to assume that you need to spend that much money to get a good machine. Now, you can get an autonomous dirt-sucker with serious cleaning chops for $500 — sometimes even $300 or less. But you get what you pay for in this space; don’t expect affordable robot vacuum cleaners to have all of the bells and whistles that premium machines do, like self-emptying capabilities or advanced dirt detection. After testing dozens of robot vacuums at various price points, I’ve narrowed down our top picks for the best budget robot vacuums you can buy right now.
  Table of contents
  Best budget robot vacuums in 2024?
  
  Are robot vacuums worth it??
  
  What to look for in a budget robot vacuum?
  
  How we test robot vacuums?
  
  Robot vacuum maintenance tips?
  Best budget robot vacuums in 2024
  
  
  
  
  
  
  
  Are robot vacuums worth it?
  Since I've tested dozens of robot vacuums, I'm often asked if these gadgets are "worth it" and I'd say the answer is yes. The biggest thing they offer is convenience: just turn on a robot vacuum and walk away. The machine will take care of the rest. If vacuuming is one of your least favorite chores, or you just want to spend less time keeping your home tidy, semi-autonomous robotic vacuum is a great investment. Many models, albeit more expensive ones, even come with features like self-emptying bases to further reduce maintenance.
  
  There are plenty of other good things about them, but before we dive in let’s consider the biggest trade-offs: less power, less capacity and less flexibility. Those first two go hand in hand; robot vacuum cleaners are much smaller than upright vacuums, which leads to less powerful suction. They also hold less dirt because their built-in bins are a fraction of the size of a standard vacuum canister or bag. Fortunately, some models include features like an empty station, which helps with dirt capacity, especially in homes with pet hair.
  
  When it comes to flexibility, robot vacuums do things differently than standard ones. You can control some with your smartphone, set cleaning schedules and more, but robo-vacs are primarily tasked with cleaning floors. On the flip side, their upright counterparts can come with various attachments that let you clean couches, stairs, light fixtures and other hard-to-reach places.
  What to look for in a budget robot vacuum
  When looking for the best cheap robot vacuum, one of the first things you should consider is the types of floors you have in your home. Do you have mostly carpet, tile, laminate, hardwood? Carpets demand vacuums with more suction power that can pick up debris pushed down into nooks and crannies. Unfortunately, there isn’t a universal metric by which suction is measured. Some companies provide Pascal (Pa) levels and generally the higher the Pa, the stronger. But other companies don’t rely on Pa levels and simply say their bots have X-times more suction power than other robot vacuums.
  
  So how can you ensure you’re getting the best cheap robot vacuum to clean your floor type? Read the product description. Look for details about its ability to clean hard floors and carpets, and see if it has a “max” mode you can use to increase suction. If you are given a Pa measurement, look for around 2000Pa if you have mostly carpeted floors. Pay attention to the brush roll mechanism as well, especially if you're dealing with dog hair or other stubborn debris that can cause tangles. Many of these machines also feature side brushes to help clean edges and corners.
  
  You may find some budget robot vacuums also offer vacuum/mop combo capabilities. These bots feature a water tank, which means they can offer mopping functionality, enhancing debris pickup, and resulting in shiny floors. However, these are less common when you’re shopping in the lower price range.
  
  Size is also important for two reasons: clearance and dirt storage. Check the specs for the robot’s height to see if it can get underneath the furniture you have in your home. Most robo-vacs won’t be able to clean under a couch (unless it’s a very tall, very strange couch), but some can get under entryway tables, nightstands and the like. As for dirt storage, look out for the milliliter capacity of the robot’s dustbin — the bigger the capacity, the more dirt the vacuum cleaner can collect before you have to empty it.
  
  You should also double check the Wi-Fi capabilities of the robo-vac you’re eyeing. While you may think that’s a given on all smart home devices, it’s not. Some of the most affordable models don’t have the option to connect to your home Wi-Fi network. If you choose a robot vac like this, you won’t be able to direct it with a smartphone app or with voice controls. Another feature that’s typically reserved for Wi-Fi-connected robots is scheduling because most of them use a mobile app to set cleaning schedules.
  
  But Wi-Fi-incapable vacuums usually come with remote controls that have all the basic functions that companion mobile apps do, including start, stop and return to dock. And if you’re concerned about the possibility of hacking, a robot vac with no access to your Wi-Fi network is the best option.
  
  Obstacle detection and cliff sensors are other key features to look out for. The former helps the robot vacuum navigate around furniture while it cleans, rather than mindlessly pushing its way into it. Many also offer no-go zones, letting you block off areas you don’t want the robot to enter. Meanwhile, cliff sensors prevent robot vacuums from tumbling down the stairs, making them the best vacuum for multi-level homes.
  How we test robot vacuums
  When we consider which robot vacuums to test, we look at each machine’s specs and feature list, as well as online reviews to get a general idea of its capabilities. With each robot vacuum we review, we set it up as per the instructions and use it for as long as possible — at minimum, we’ll use each for one week, running cleaning cycles daily. We make sure to try out any physical buttons the machine has on it, and any app-power features like scheduling, robot mapping and more.
  
  Since we test robot vacuums in our own homes, there are obstacles already in the machine’s way like tables, chairs and other furniture — this helps us understand how capable the machine is at avoiding obstacles, and we’ll intentionally throw smaller items in their way like shoes, pet toys and more. With robot vacuums that include self-emptying bases, we assess how loud the machine is while emptying contents into the base and roughly how long it takes for us to fill up the bag (or bagless) base with debris.
  Robot vacuum maintenance tips
  First and foremost, always empty your robot vacuum’s dustbin after every cleaning job, or use a self-emptying base if the model supports it. Simply detach and empty the dustbin as soon as the robot is done cleaning, and then reattach it so it's ready to go for the next time. It’s also a good idea to take a dry cloth to the inside of the dustbin every once in a while to remove any small dust and dirt particles clinging to its insides.
  
  In addition, you’ll want to regularly examine the machine’s brushes to see if any human or pet hair has wrapped around them, or if any large debris is preventing them from working properly. Some brushes are better than others at not succumbing to tangled hair, but it’s a good idea to check your robot’s brushes regardless — both their main brush and any smaller, side brushes or corner brushes they have. These parts are often easy to pop off of the machine (because they do require replacements eventually) so we recommend removing each brush entirely, getting rid of any tangles or other debris attached to them and reinstalling them afterwards. If you have a robot vacuum with mopping capabilities, you’ll need to wash the bots’ mop pads too, to avoid any unpleasant smells or tracking mess around your home. Similarly, if your robot vacuum has a water tank, it’s worth washing this out regularly to keep it clean.
  
  Robot vacuums also have filters that need replacing every couple of months. Check your machine’s user manual or the manufacturer’s website to see how long they recommend going in between filter replacements. Most of the time, these filters cannot be washed, so you will need to buy new ones either directly from the manufacturer or from other retailers like Amazon or Walmart.
  This article originally appeared on Engadget at https://www.engadget.com/home/smart-home/best-budget-robot-vacuums-133030847.html?src=rss

• The NBA will air a Christmas Day game with Disney characters
  If you can’t get your kids to sit through one of the five NBA games airing on Christmas Day, tune into Disney+, ESPN+ or ESPN2 for a special Disney-fied version. ESPN announced that it will air a “Dunk the Halls” broadcast of the San Antonio Spurs versus the New York Knicks featuring animated Disney characters.
  
  The broadcast starts at 12PM eastern. If you just want to watch the game played by regular, boring humans, that will also air on Disney+ and ESPN+ as well as ABC and ESPN.
  
  “Dunk the Halls” will use Sony’s Beyond Sports technology to turn Madison Square Garden into Main Street USA from the Magic Kingdom in Walt Disney World. The game will also feature appearances from classic Disney characters like Mickey and Minnie Mouse, Goofy and Donald and Daisy Duck as well as Santa and his elves from the animated Disney short Prep & Landing.
  
  This is the first time the NBA has arranged to air a game with animated characters and graphic overlays. It’s also the latest game in a new trend of mixing live sports events with a network’s signature cartoon characters. ESPN+, Disney+ and the NFL+ app will air an alternative version of the Bengals-Cowboys game on December 9 featuring virtual characters and scenes from The Simpsons. ESPN3’s Full Court Press broadcasts use technology designed by Second Spectrum to create augmented graphics that track players movements and provide real time updates.
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/streaming/the-nba-will-air-a-christmas-day-game-with-disney-characters-224921665.html?src=rss

• The best laptop power banks for 2024
  Smaller battery packs are great for refiling phones and tablets, but if you need to keep a laptop juiced up while you’re far from an outlet, you’ll need something larger. For this guide, we tested portable chargers with at least a 20,000mAh (74Wh) capacity, but kept the upper limit below 27,000mAh (99Wh), since that’s about the maximum size allowed by the TSA in carry-on luggage. Some laptop power banks sport extra features like wireless charging or an AC plug so you can power small devices such as a travel printer or an LED lamp. But what all of them have in common is a larger size and higher price tag than standard battery packs. So if you don’t want to play a guessing game, these are the best laptop power banks we tested.
  Table of contents
  Best laptop power banks for 2024?
  
  What to look for in a laptop power bank?
  
  How we test portable laptop chargers?
  
  Laptop power bank FAQs?
  Best laptop power banks for 2024
  
  
  
  
  
  
  
  What to look for in a laptop power bank Capacity
  If you just need to keep a smartphone from dying before you can make it home, just about any power bank will do. But if you need to revive multiple devices or the substantial battery of a laptop, you’ll want something with a high milliamp-hour​​ (mAh) capacity. A power bank capable of delivering enough power to a laptop will have a capacity between 20,000 and 27,000 mAh.
  
  Go higher than 27,000mAh and you won’t be able to take it on an airplane, which is why most portable chargers top out around that number. Since the voltage for most portable power banks is around 3.7 volts, a 27,000mAh battery translates to 99.9 watt hours — which is the maximum capacity the TSA will allow for carry-on luggage. (And note that these batteries can’t be checked, regardless of size).
  
  If you want something even bigger than a laptop power bank, and don’t need to fly with it, you’ll likely want to look into portable power stations. These can be the size of a car battery or larger and can potentially fuel an entire weekend away.
  
  Another thing to keep in mind is that the capacity listed in a power bank's specs is not what will be delivered to your devices. As I mentioned, the capacity of these banks is around 25,000mAh. Even the huge battery on a MacBook Pro has a mAh rating of around 5,000 - 6,000mAh, so you might think you’d get five full charges but in reality, you only get about a single 70-percent charge. The voltage is different (typically 3.7V for the power bank and 11.4V for a laptop) which makes the watt-hours, or the amount of energy each battery can hold, different (working out to 92Wh for the battery and 72Wh for the laptop). On top of that, in order to feed a charge from a power bank to a laptop, a voltage conversion takes place and that dissipates a decent amount of energy.
  
  Without turning this into a physics lesson, this all means that a power bank with a 25,000mAh (or 92Wh) capacity will typically fill a 5,000mAh (or 72Wh) laptop battery to about 75 percent. In my tests, I averaged about a 60-percent efficiency rate between a power bank’s listed capacity and the actual charge delivered.
  Ports
  Every large power bank I’ve tested has at least three USB ports, with a mix of USB-C and USB-A, which should cover nearly any portable device you need to recharge — earbuds, phones, tablets, laptops, you name it. In addition to the different plug formats, some ports supply power at different wattages. For example, one USB-C port might be rated for 60 watts, while the one next to it is rated for 100 watts. So if you’ve got a device that’s capable of 70W fast charging, such as the new MacBook Air, you’d want to opt for the 100W port to get the best charging speeds possible. Note that devices with a smaller wattage draw won’t be negatively affected by connecting to ports with high ratings. For example, a Galaxy S24 Ultra, capable of 45W super fast charging, can happily plug into the 100W port. A device will only draw what it can take, regardless of what a port can supply. Just remember that the port, device and cable need to be at or above the desired wattage rating to achieve maximum charging rates.
  
  Some of these larger batteries also have AC ports. It might seem like a natural fit to plug in your laptop’s power adapter for a recharge. But really, the AC port should only be for devices that can’t use USB — such as a lamp or a printer. Plugging a power adapter into the AC port only wastes energy through conversion. First, the battery converts its DC power to supply the port with AC power, then the power adapter converts that AC power back to DC so your laptop can take it in. And as you’ll remember from physics class, each time energy is converted, some is lost to heat and other dissipations. Better to cut out the middleman and just send that DC power straight from the battery to the device.
  
  Also, you can use more than one port at a time with these devices; just remember that the speed of whatever you’re charging will likely go down, and of course, the battery is going to drain proportionally to what you’re refilling.
  Wireless charging
  Just in the last year and a half that I’ve been testing portable power banks, wireless charging capabilities have noticeably improved. The first few I tried were painfully slow and not worth recommending. Now the wireless pads built into power banks are impressively fast — particularly, in my experience, when charging Samsung Galaxy phones (though the lack of a stabilizing magnetic connection like Apple’s MagSafe means they only work when rested flat on a pad). Most wireless charging connections can be used while other ports are also being employed, making them convenient for some mobile battlestation setups.
  
  Of course, wireless charging is always less efficient than wired, and recharging from an external battery is less efficient in general. If you want to waste as little energy as possible, you’re better off sticking to wired connections.
  Design
  All power banks are designed to be portable, but there’s a big difference between a pocket-friendly 5,000mAh battery and one of these laptop-compatible bruisers. Most of the latter weigh between a pound and a half to two pounds, which is a considerable addition to a backpack. Many of the options listed here have a display to tell you how much charge remains in the battery, which is helpful when you’re trying to judiciously meet out charges to your devices. If a bank has a wireless connection, the pad is usually on the flat top and any available AC connection is usually at one end. Both may require you to engage those charging methods. Don’t be like me and grumble loudly that you got a bum unit without pressing (and sometimes double pressing) all the buttons first.
  How we test portable laptop chargers
  For the past year and a half, I’ve been testing and using dozens of portable batteries for our other battery guide. Some of those batteries include the higher-capacity power banks you see here. I also got a hold of a few extra banks just for this guide to make sure we covered what’s available. I went for brands I’m already familiar with, as well as battery packs from well-received manufacturers I hadn’t tried before (like UGREEN and Lion Energy). I only considered banks with at least a 20,000mAh capacity and mostly stuck with those that rated 25,000mAh and higher.
  
  Here’s everything we tested:
  
  Zendure Supertank Pro
  
  Mophie Powerstation Pro XL
  
  Mophie Powerstation Pro AC
  
  Lion Energy Eclipse Mag
  
  Lion Energy Trek
  
  Baseus Blade Laptop
  
  Anker Prime 27,650mAh
  
  Goal Zero Sherpa 100 AC
  
  Due to shipping and travel issues, I wasn’t able to test two of the batteries I had slated: the HyperJuice 245W and the UGREEN Power Bank 25,000mAh. Once I’ve had a chance to see how these two perform — as well as any new worthy contenders that hit the market — I’ll update this guide accordingly.
  
  I tested each power bank with an iPhone 15, a Galaxy S23 Ultra, an iPad Air (M1) and a 16-inch MacBook Pro with the M1 Pro chip. Even though these banks can charge multiple devices at once, I refilled one at a time, to make side-by-side comparisons more straightforward. I drained the batteries of the phones and tablets to between zero and five percent and then didn’t use any device as it refilled.
  
  For the MacBook, I let it run down to 10 percent before plugging in the power bank. That's when most laptops give display a “connect to power” warning, as draining any battery to empty will compromise the battery life. I then used it as one might in a mobile office, with a Bluetooth keyboard and mouse, while connected to Wi-Fi and a VPN.
  
  For each test, I noted how long a completely charged battery took to get a device back to full and how much of the battery’s capacity was used up in one charge. I also noted things like portability, apparent durability, helpful features and overall design.
  
  For reference, here are the battery capacities of the devices I used:
  
  iPhone 15: 3,349mAh
  
  Galaxy S23 Ultra: 4,855mAh
  
  iPad Air (5th gen): 7,729mAh
  
  16-inch M1 Pro MacBook Pro: 27,027mAh
  Laptop power bank FAQs How do laptop power banks differ from phone power banks?
  The main difference is size. Phone power banks tend to have a capacity ranging from 5,000mAh to 20,000mAh and laptop powerbanks are typically rated between 20,000mAh and 27,000mAh. There’s no official definition, however. Laptop batteries are simply larger and need a bigger supply of power to give them a meaningful charge.
  How do you fast charge a power bank?
  You can charge a power bank exactly as fast as the power bank’s internal mechanisms will allow. Most batteries are limited in how quickly they can accept and deliver a charge to avoid dangerously overheating. But to make sure you’re charging a bank as quickly as possible, make sure the wall adapter and the USB-C cable you are using have a high wattage rating — using a 5W power brick and a 10W cable will take a lot longer to refill your bank than a 65W wall charger and a 100W cord.
  What size power bank do I need for a laptop?
  Look for a power bank with a rating of at least 20,000mAh. Slightly smaller batteries may work, but they won’t deliver a significant charge to your laptop.
  How many mAh to charge a laptop?
  A milliamp hour (mAh) is how much a battery can hold, and most portable batteries list their capacity using mAh. If you get a battery rated at 20,000mAh or above, it should be able to charge your laptop.
  
  Using mAh to discuss laptop batteries can be confusing. Due to differing voltages, you can’t directly compare the mAh ratings of a power bank battery to a laptop battery. Using watt-hours is a better gauge, as that calculation takes voltage into account.
  This article originally appeared on Engadget at https://www.engadget.com/computing/accessories/best-laptop-power-bank-120040388.html?src=rss

• The 15 best gifts for dads
  The holidays are approaching, and you may be scrambling to figure out what you should get dad for the occasion. If you’re shopping for a father who’s into consumer tech, though, we can help. Below, we’ve consulted our many hours of gadget testing and put together a list of standout gift ideas, from VR headsets to pizza ovens to meat thermometers.
  Best gifts for dads in 2024
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  Check out the rest of our gift ideas here.
  This article originally appeared on Engadget at https://www.engadget.com/best-gifts-for-dads-170014057.html?src=rss

• Meta's latest features for Messenger Calling include AI backgrounds
  If you’re one of the people out there making calls with Meta’s Messenger app, its latest update adds a bunch of new features for making video and audio calls, according to the official Meta blog.
  
  When you make a video call, you can add an AI-generated background to your screen by tapping on the effects icon in the sidebar and selecting “Backgrounds.” So instead of showing your friends and family your grungy apartment or your car that you haven’t cleaned out since you bought it, you can replace the background with a field of sunflowers or an alien landscape as one of its suns is setting. That’s something we’ve seen from basically every other video calling platform, so it’s not a big surprise to see Meta add it here.
  
  Meta also added some new features for video calls including high definition video, background noise suppression and voice isolation “to help you make clearer, higher-quality calls directly from Messenger,” according to the blog.
  
  The HD video feature will be the default mode for Messenger calls made over W-iFi connections. HD calls can also be made on cellular data in settings by turning on “Mobile data for HD video.” Background noise suppression and voice isolation can also be turned on and off in Messenger’s call settings section.
  
  You can also leave voice and video messages for your contacts beyond just a line of text and maybe a cheeky emoji or two. Simply tap the “record message” button on the lower right side of the screen to leave a video or audio message if the person you are contacting doesn’t pick up the call.
  
  Finally, if you don’t have a free hand but need to make a call, iPhone users can ask Siri to make calls and messages for them on Meta’s Messenger app. Simply activate Siri and say “Hey Siri, send a message to [contact name] on Messenger” and dictate the message you want to send them.
  This article originally appeared on Engadget at https://www.engadget.com/social-media/metas-latest-features-for-messenger-calling-include-ai-backgrounds-200047824.html?src=rss

• Threads rolls out its custom feeds tool after a quick testing phase
  The battle over who will get all of X’s users now that it’s an utter cesspool continues. Threads just began rolling out its own custom feeds feature to compete with rival Bluesky. Custom feeds have long been a hallmark of Bluesky and now Threads users can get in on the action. Meta announced it was testing custom feeds just last week, so those tests must have been successful. It’s either that or they want to stall Bluesky’s continuing momentum.
  
  Simply put, the feature allows users to pin topic-based feeds to the home screen of the app. This gives people the option to scroll through additional feeds beyond the algorithmic “for you” feed. This is a very good thing, as Thread’s current “for you” algorithm can be easily manipulated by just posting stuff like “who likes cats?” I have seen quite literally 400 posts like that in my feed, all looking for engagement. I like cats but, come on.
  
  In any event, users can create a custom feed by searching for keywords and taping the “...” menu to get started. A feed will be created based on the keyword, though the toolset allows for more granular adjustments. For instance, users can add specific profiles to customize each feed. Threads aficionados can create up to 128 custom feeds.
  
  Threads has one significant advantage over Bluesky when it comes to custom feeds. Making one on Bluesky is something of a process. It took me around two seconds to make a Star Trek feed on Threads.
  Lawrence Bonk / Threads
  Despite Bluesky’s continued growth, it’s still a minor player when compared to Threads. Bluesky just announced 20 million users, which is great, but Threads has more than 275 million users. Threads has also been growing by around a million users a day, according to a recent post from Instagram chief Adam Mosseri.
  This article originally appeared on Engadget at https://www.engadget.com/social-media/threads-rolls-out-its-custom-feeds-tool-after-a-quick-testing-phase-195012720.html?src=rss

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice

• Raspberry Pi OS Debuts New Version Featuring Linux Kernel 6.1, Improved Performance, and App Updates
  
  Today, the Raspberry Pi Foundation unveiled a fresh edition of their official Raspberry Pi OS distribution tailored for Raspberry Pi computers, featuring component updates, bug fixes, and several performance enhancements.
  
  The most significant alteration in the Raspberry Pi OS 2023-05-03 release is the transition from the long-term supported Linux 5.15 LTS kernel to the long-term supported Linux 6.1 LTS kernel. This shift is expected to boost the performance of Raspberry Pi devices.
  
  Indeed, current Raspberry Pi OS users, like myself, were already utilizing the Linux 6.1 LTS kernel when executing the rpi-update command via a terminal emulator. However, Linux 6.1 LTS is now the standard kernel in new Raspberry Pi OS images, available for download from the official website for those planning to install it on their Raspberry Pi computer.
  
  Various applications have received updates in this new Raspberry Pi OS version. The most notable is Chromium 113, the default browser for Raspberry Pi OS. In addition to incorporating the latest security patches, Chromium 113 introduces WebGPU support by default, potentially enhancing the performance of web apps and overall browsing experience.
  
  Other updates include Raspberry Pi Imager 1.7.4, RealVNC Viewer 7.0.1.48981, RealVNC Server 7.0.1.49073, Mathematica 13.2.1, and Matlab 23.1.0. Another intriguing update is the revised VLC hardware acceleration patch, designed to enhance video playback performance.
  
  The libcamera and libcamera-apps elements have also been updated to refine IMX296 sensor tuning, enhance audio resampling and encoding management using the libav library, boost the performance of Qt preview window rendering, optimize thumbnail rendering, support 16-bit Bayer in the DNG writer, manage generalized statistics, and rectify an overflow problem that caused inaccurate calculations in the AGC algorithm.
  
  The picamera2 library has also been updated, incorporating an MJPEG server example that utilizes the hardware MJPEG encoder, an example showcasing a preview from two cameras within a single Qt app, the capacity for the H.264 encoder to accept frame time intervals for SPS headers, promote the correct profile/level, and support constant quality parameters, as well as introduce new Exif DateTime and DateTimeOriginal tags.
  
  Several bugs were addressed, including an occasional segfault in the CPU temperature plugin, an X11 server crash when altering screen orientation, X11 server DPMS malfunctions, and the addition of new language translations.
  kernel

• Debian 11.7 Released: Seventh ISO Update Brings Enhanced Security and Bug Fixes to "Bullseye" Operating System Series
  
  The Debian Project has unveiled the release and widespread availability of Debian 11.7, serving as the seventh ISO update to the current Debian GNU/Linux 11 "Bullseye" operating system series.
  
  Arriving approximately four and a half months after Debian 11.6, Debian 11.7 delivers updated installation media for those seeking to install the Debian GNU/Linux 11 "Bullseye" operating system series on new computers. This ensures that users won't need to download numerous updates from repositories following installation.
  
  Debian 11.7 incorporates all security and software updates from December 17th, 2022, the release date of Debian GNU/Linux 11.6, up until today. In total, Debian 11.7 consists of 102 security updates and various bug fixes for 92 packages.
  
  For more information on these security updates and bug fixes, consult the release announcement. The Debian Project emphasizes that this Debian Bullseye point release does not represent a new version of Debian GNU/Linux 11 but merely updates certain included packages.
  
  The Debian 11.7 installation images can be downloaded from the Debian website or via this direct link for 64-bit (amd64), 32-bit (i386), PowerPC 64-bit Little Endian (ppc64el), IBM System z (s390x), MIPS 64-bit Little Endian (mips64el), MIPS 32-bit Little Endian (mipsel), MIPS, Armel, ARMhf, and AArch64 (arm64) hardware architectures.
  
  Debian 11.7 live images, pre-installed with the KDE Plasma, GNOME, Xfce, LXQt, LXDE, Cinnamon, and MATE desktop environments, can also be downloaded from the aforementioned link, but only for 64-bit and 32-bit systems.
  
  Current Debian GNU/Linux 11 "Bullseye" users do not need to download these new ISO images to maintain up-to-date installations. Instead, they should regularly execute the sudo apt update && sudo apt full-upgrade commands in a terminal emulator.
  Debian

• What’s New in Debian 11 “Bullseye”?
  Image
  Debian is a preferred choice of millions of Linux users for some of the most popular and powerful operating systems, like Ubuntu and its derivatives are based on Debian.
  Debian 11has finally been released, finally, after a long development work of two years. Bullseye – that’s the name given to this latest Debian Linux distro. So what are the updates and upgrades? In this article, let’s check out what’s new in Debian 11.
  Debian 11’s ArchitectureDebian supports a good range of hardware architectures. 
  Supported Architectures
  ARM EABI (armel) ARMv7 (EABI hard-float ABI and armhf) 64-bit ARM (arm64) 32-bit PC (i386) 64-bit PC (amd64) Little-endian MIPS (mipsel) 64-bit little-endian PowerPC 64-bit little-endian MIPS IBM System z (s390x)Not Supported Hardware
  Old MIPS 32-bit CPUsLinux Kernel InformationDebian 11 supports the Linux Kernel 5.10 LTS. Debian 10 Buster, the earlier version to Debian 11, used Linux Kernel 4.19 while released. A newer kernel means a new set of bug fixes, new hardware support, and improved performance.
  This is the perfect kernel for Debian bullseye considering the Debian lifecycle.   
  Supports exFATexFAT is the shortened form of the Extensible File Allocation Table. It’s a filesystem used for flash memory, such as SD cards and USB flash drives.
  Now Debian 11 provides support for the exFAT. For mounting the exFAT filesystem, you don’t need the filesystem-in-userspace implementation provided by the exfat-fuse package additionally anymore. Thanks to kernel 5.10! exFAT comes in handy with it. Tools for checking and creating an exFAT are given in the exfatprogs package.
  Bauhaus Movement Inspired Theme & WallpaperDebian features cool wallpapers and a default theme for each of the major releases. Debian 11’s theme is inspired by the Bauhaus movement. Bauhaus means “building house” and it was an art and design movement from 20th century Germany. The Bauhaus movement revolved around abstract, geometric style featuring little emotion or sentiments. 
  Its modern aesthetic still is immensely influential for designers, architects, and artists. You can see this theme all through Debian 11 whether it’s the installer, login window, or the Grub menu.
  Newer Desktop Environment VersionsDebian 11 offers newer desktop environment versions. Desktop flavors you get here are, KDE Plasma 5.20, GNOME 3.38, LXDE 11, LXQt 0.16, Xfce 4.16, and MATE 1.24. Debian prefers stability and it’s quite clear from the desktop environments. You might not get the latest cutting-edge distributions like Fedora or Arch/Manjaro.
  Updated PackagesDebian 11 consists of more than 11,294 new packages out of 59,551 packages. It also reduced over 9,519 “obsolete” packages and removed 42,821 that were updated. A total of 5,434 packages remained as they were.
  A good number of software applications and package updates are included in Debian bullseye, such as Apache 2.4.48, Calligra 3.2, Emacs 27.1, LibreOffice 7.0, Inkscape 1.0.2, Linux kernel 5.10 series, Perl 5.32, PHP 7.4, Vim 8.2, PostgreSQL 13, and the list goes on. All these ready-to-use software packages are built with over 30,000 source packages.
  With this huge selection of packages and wide architecture support, Debian has always stayed committed to its aim of being The Universal Operating System.
  Improved Printer and Scanner FeaturesDebian 11 presents a new ipp-usb package. It is built with a vendor-neutral IPP-over-USB protocol that is supported by many latest printers. So, many modern-day printers will be supported now by Debian. And you won’t need the drivers for that.
  SANE driverless backend lets you use scanners without any trouble.
  EndnotesWant to try Debian Bullseye? Get it from here. You can also check “bullseye” with Live Images without installing it on your PC. This will load and run the entire OS in read-only mode. These live images are available for the i386 and amd64 architectures in the form of USB sticks, DVDs, and netboot setups. Debian Live has a standard image. So you can try a basic Debian without any GUIs.
  And that’s the ending of this article. Hope you find our Debian 11 guide helpful.
  #Linux Debian News

• Nvidia Linux drivers causing random hard crashes and now a major security risk still not fixed after 5+ months
  Image The recent fiasco with Nvidia trying to block Hardware Unboxed from future GPU review samples for the content of their review is one example of how they choose to play this game. This hatred is not only shared by reviewers, but also developers and especially Linux users.
  The infamous Torvalds videos still traverse the web today as Nvidia conjures up another evil plan to suck up more of your money and market share. This is not just one off shoot case; oh how much I wish it was. I just want my computer to work.
  If anyone has used Sway-WM with an Nvidia GPU I’m sure they would remember the –my-next-gpu-wont-be-nvidia option.
  These are a few examples of many.
  The Nvidia Linux drivers have never been good but whatever has been happening at Nvidia for the past decade has to stop today. The topic in question today is this bug: [https://forums.developer.nvidia.com/t/bug-report-455-23-04-kernel-panic-due-to-null-pointer-dereference]
  This bug causes hard irrecoverable crashes from driver 440+. This issue is still happening 5+ months later with no end in sight. At first users could work around this by using an older DKMS driver along with a LTS kernel. However today this is no longer possible. Many distributions of Linux are now dropping the old kernels. DKMS cannot build. The users are now FORCED with this “choice”:
  {Use an older driver and risk security implications} or {“use” the new drivers that cause random irrecoverable crashes.}
  This issue is only going to get more and more prevalent as the kernel is a core dependency by definition. This is just another example of the implications of an unsafe older kernel causing issue for users: https://archlinux.org/news/moving-to-zstandard-images-by-default-on-mkinitcpio/
  If you use Linux or care about the implications of a GPU monopoly, consider AMD. Nvidia is already rearing its ugly head and AMD is actually putting up a fight this year.
  #Linux NVIDIA News