that kernel release (which most distros have still not shipped yet) fixes only one of the two vulnerabilities (CVE-2026-43284); afaik even upstream still doesn’t have a patch for the second one (CVE-2026-43500) at this time.

(for people relying on Linux privilege separation, here are mitigation instructions.)

Are there tradeoffs?

there are many, and the README lists far more now than it did 10 days ago when I first posted this.

it’s for devices which Graphene doesn’t support

You mean GrapheneOS? Or is GraphiteOS a different OS I’ve not heard of?

two years later: GraphiteOS is now a thing that exists https://github.com/cawilliamson/treble_graphiteos

cc @InternetCitizen2@lemmy.world

unfortunately, like its predecessor (Nokia’s Maemo/Meego), Jolla’s SailfishOS has never been (and has never had plans to be) fully free/libre open source software.

many components of it are freely licensed, but not nearly enough to constitute an actual mobile operating system you can use.

(well actually) you forgot Poland

It’s good to see someone in this thread who knows what an IPv5 address looks like:

IPv5 addresses consist of four hextets a 16bit each.  For the visual
representation, those grouping are used.  The hextets might be
written in decimal, separated by dot '.' characters, or as
hexadecimal numbers, separated by colon ':'.

It’s long past time to start replacing our IPv4.1 deployments!

Activity lights are useful

in even more ways than one might think.

(see also this and this later work from the same author…)

based on the other comments here i had to double check if this thread was in !shittyasklemmy@lemmy.ml smh my head

You’re correct on both points (🤦‍♂️ indeed).

I’ve now edited this post to link to their advisory text file instead of their advertising-heavy blog post about it which I had initially linked when the above comment was posted. Thanks.

FYI, the day after you published this blog post, a spam blog posted… their AI reimplementation of it 🤦

(version 2.0 could triple your RAM)

Nice post. Relatedly, see also malus.sh and this talk by the people that made it (both of which I posted in this lemmy community here).

A couple of minor corrections to your text:

Blanchard’s account is that he never looked at the existing source code directly.

Blanchard doesn’t say that he never looked at the existing code; on the contrary, he has been the maintainer (and primary contributor) to it for over a decade so he is probably the person who is most familiar with the pre-Claude version’s implementation details. Rather, he says that he didn’t prompt Claude with the source code while reimplementing it. iirc he does not acknowledge that it is extremely likely that multiple prior versions of it were included in Claude’s training corpus (which is non-public, so this can only be conclusively verified easily by Anthropic).

The GPL’s conditions are triggered only by distribution. If you distribute modified code, or offer it as a networked service, you must make the source available under the same terms.

The GPL does not require you to offer GPL-licensed source code when using the program to provide a network service; because it is solely a copyright license, the GPL’s obligations are only triggered by distribution. (It’s the AGPL which goes beyond copyright and imposes these obligations on people running a program as a network service…)

Nice, thanks.

It would certainly be nice to be able to pre-download language pair models without selecting to and from and then actually initiating a translation using the model i don’t have yet.

re: getting uBlock externally, i also see the attraction of that approach but unfortunately Debian’s package was last updated in October (from 1.62 to 1.67) while AMO has a release from January (1.69) :/

imo it would be better to bundle UBO and ship its updates along with browser updates.

are there plans to distribute Konform via flathub?

Full-page machine translations are disabled

Firefox translations are done offline (after downloading the model for a langauge pair).

Does anybody know why Konform decided to disable this very useful feature?

your instance has a list of communities federated to it here: https://piefed.zip/communities

the most active community for announcing new communities is !newcommunities@lemmy.world (which includes communities on many different instances, not only .world)

could Red Hat eventually take control of the project

Fedora started in 2002 and merged with “Red Hat Linux” in 2003.

Red Hat, Inc has had full control of it ever since then.

It is a “community project” inasmuch as there are Fedora developers who are volunteers (and some who are paid by companies other than Red Hat), and the Fedora Council includes people who are not employed by Red Hat - but the Project Leader is always a Red Hat employee, and if the Council ever has an irreconcilable difference with Red Hat then Red Hat can simply ignore and/or dismiss them.

Red Hat owns all Fedora-related trademarks, and the Fedora Project is not an independent legal entity: it is a part of Red Hat.

If Fedora developers don’t like Red Hat’s decisions regarding the project, they can fork it but they’d need to change the name and find some other sources funding.

Also, icymi, Red Hat became a subsidiary of IBM in 2019.

maybe it would be better to say that it is stochastically accurate?