Tootfinder

Noch ein paar der zuletzt hier besonders häufig geteilten #News:
Telnet: Kritische Lücke erlaubt Einschleusen von Schadcode aus dem Netz

The TC39 Temporal proposal is coming along. It’s meant to replace JavaScript’s date API:
https://www.igalia.com/2026/03/13/Temporal-Reaches-Stage-4.html
Jason Williams’ talk about this at State of the Browser is now online:

Temporal Reaches Stage 4 | Igalia
Igalia is an open source consulting firm specialised in the development of innovative projects and solutions. Our engineers have expertise in a wide range of technological areas, including browsers and client-side web technologies, graphics pipeline, compilers and virtual machines. We have the most WPE, WebKit, Chromium/Blink and Firefox expertise found in the consulting business, including many reviewers and committers. Igalia designs, develops, customises and optimises GNU/Linux-based solutio…

Pasen y lean unas notas sobre el uso y configuración en Linux de #autofirma #fnmt
https://jdrm.info/conf…

Sagt mal, hier sind doch auch einige Leute die Manjaro nutzen, habt ihr ne Diskussion in der Forum mitbekommen, wo über die Zukunft von Manjaro diskutiert wird ?
Hab heute ein Video gesehen, wo die Youtuberin einen Artikel bei Linux/Gnu.ch zeigt und da stand was von Manifest.
Ich nutze auf einen Notebook Manjaro mit Cinnamon. Glaube ich werde es mal umstellen, was ich eh vorhatte. Da ich gerne mal CrazyOS probieren wollte, genau der richtige Zeitpunkt dafür ;D

Noch ein paar der zuletzt hier besonders häufig geteilten #News:
Telnet: Kritische Lücke erlaubt Einschleusen von Schadcode aus dem Netz

GNU Guix, but you have to pronounce the name like it's Dutch

I have been using GNU/Linux for almost 18 years now (started with Ubuntu 7.10 in April 2008, just before 8.04 (Hardy Heron) was released). In that time, I stuck with Ubuntu for a few years, then switched to CrunchBang (#!) Linux, which then shifted its base from Ubuntu to Debian before ceasing to exist entirely (it was a one-man project), at which point I migrated to Debian proper (I think back in 2014).
1/?

from my link log —
GNU Recutils: a database management system using human-readable text files.
https://labs.tomasino.org/gnu-recutils/
saved 2020-01-26 https://

GNU Recutils
Fred and George, Turtles in love There are hundreds of cool command line tools that have been made over the years built on the unix philosophy. Plain text is powerful, ubiquitous, and human-centric. It was also the only option for computing for quite a while. It’s no surprise that some of the most sophisticated tools are focused on it. One such package is GNU Recutils, a set of tools and libraries to access human-editable, plain text databases called recfiles.

#GNUTaler mit Echtgeld ausprobiert - Teil 4: Fazit
https://gnulinux.ch/gnu-taler-mit-echtgeld-ausprobiert-teil-4
Spannende Option für wirklich freien digitalen

After fifteen months of hacking since our last post on the Hurd, we now present the 64-bit Hurd on Guix. Read all about it in this new post:
https://guix.gnu.org/en/blog/2026/the-64-bit-hurd
[Much of] This work was sponsored by NLnet -- thank you!

Should
(= 3/4 0.75)
return true (or 't)? You'd think so.
#SBCL 2.5.2 does think so.
MIT/GNU Scheme also thinks so.
#Interlisp Medley agrees.
I think this is correct behaviour.
#Clojure

Ik heb onlangs linux mint op een oude macbook air geïnstalleerd, maar nu is er een kernel update en krijg ik deze foutmelding bij het installeren. Zijn er meer mensen die dit hebben gezien? En heb je een oplossing gevonden?
```
warning: the compiler differs from the one used to build the kernel
The kernel was built by: x86_64-linux-gnu-gcc-13 (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0
You are using: gcc-13 (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0
CFG80211 API …

Telnet is a remote login protocol that became obsolete in 1995 when SSH became available because SSH offers transport encryption while telnet does not.
Those who kept a telnetd running for whatever reason (and did not hide it behind a firewall) have had a root backdoor for the last ten years.
The telnetd server invokes /usr/bin/login (normally running as root) passing the value of the USE…

The end-to-end (e2) argument is about where to put functionality in a layered system. It generally argues for functions to be moved out and up, but it does not say you cannot have functionality at lower layers or in the middle. The paper states "A great deal of information about system implementation is needed to make this choice intelligently."
Seen in a discussion about the recent GNU inetutils telnetd vulnerability, someone incorrectly states:
"End to end prin…

I feel like desktop GNU/Linux nowadays (especially around #GNOME) is a lot like: "Do you recall this thing #Android does that you really hate? Good news, everyone, we just copied it to our application, and you can't switch back!"
#FreeSoftware

This is no joke -- today's Metacurity is packed with the most crucial infosec developments you should know, including
--N. Korean hackers were behind malicious versions of Axios,
--Threat actors compromised Cisco with stolen creds from Trivy attack,
--Anthropic leaked part of Claude's source code,
--Apple alters its upgrade-or-stay vulnerable method,
--Recruiting startup Mecor hit by incident linked to LiteLLM attack,
--Vim and GNU Emacs text editor…

N. Korean hackers were behind malicious versions of Axios
Actors compromised Cisco with stolen creds from Trivy attack, Anthropic leaked part of Claude's source code, Apple alters its upgrade-or-stay vulnerable method, Recruiting firm Mecor hit by incident linked to LiteLLM attack, Vim and GNU Emacs text editors' flaws surfaced by Claude prompts, much more

Teniendo en cuenta que #systemd estš en vías de convertirse en el Panopticón de #gnu_linux pues he decidido pasarme de #Archlinux a

Pentium Compiler Group
#retrocomputing

We are happy to announce Dezyne 2.20 which introduces global function
and foreign function. This release represents 111 commits over three
years.
<https://mail.gnu.org/archive/html/dezyne-devel/2026-02/msg00001.html>
@…

A good time to remember this gem from XKCD, representative of all the descents into the rabbit hole of those who one day asked themselves, "What the hell is Linux?".
#linux

from my link log —
Turing completeness of GNU find: from mkdir-assisted loops to standalone computation.
https://arxiv.org/abs/2602.20762
saved 2026-02-25 https://

Turing Completeness of GNU find: From mkdir-assisted Loops to Standalone Computation
The Unix command \texttt{find} is among the first commands taught to beginners, yet remains indispensable for experienced engineers. In this paper, we demonstrate that \texttt{find} possesses unexpected computational power, establishing three Turing completeness results using the GNU implementation (a standard in Linux distributions). (1) \texttt{find} + \texttt{mkdir} (a system that has only \texttt{find} and \texttt{mkdir}) is Turing complete: by encoding computational states as directory pat…

⚠️ Unlike typical exploits, no buffer overflow or memory corruption needed - just one manipulated environment variable grants root access
🛡️ Not all Telnet implementations affected - only #GNU inet utils; proprietary versions like #Cisco and

> When there isn't sufficient virtual memory, the compiler bails out,
> giving an internal error message. When I kill some processes, the
> error goes away.
And what is the compiler supposed to do instead? Go shopping for you
and buy more memory?
-- Falk Hueffner, on the GNU C compiler

RE: https://mstdn.ca/@thetyee/116009132713347082
If it is any consolation, the GNU Manifesto c1984 warned of this same danger as software became increasingly proprietary. As the proprietaries compete for the best prestige with the best wages and best ROI, their prices inevitably rise, and the best talent is drained from the competing community pool.
On the plus side, community software was here before the likes of Bill Gates, and will still be here long after they're gone.

Great talk by @… of #GNU #Hurd fame, in a packed room, selling the the Hurd really well (in my not entirely unbiased opinion, of course) and starting with
It'…

Devuan'ın daha özgür çatalı çıkmış (ya da ben yeni gördüm) : Gnuen
GNU/Linux'un en güzel yanı bu

GNU Parallel is such a nice program. It has a bunch of features that, sure, you could cobble together with a program or shell script, but that with Parallel are just a flag away.
Like, “read 1MB chunks from stdin, adjust chunk boundaries so they always start with a specified delimiter, then run N copies of this command where each copy gets a subset of chunks on stdin”.
It’s just --pipe --round-robin --recstart 'some delimiter'.
Last night I used this to search a Li…

Kai hat mich jetzt ja schon ein wenig genervt. So, dass ich jetzt doch mal nachgeschaut habe, wer denn (außer meinem Gatten) damals Vorträge gehalten hat.
Und, naja, seht ihr auch, was ich sehe?
(Ja, es war der Linuxtag 2001. Hatte mich um ein Jahr vertan.)

RE: https://infosec.exchange/@malick/116335760238491682
AI Just Hacked One Of The World's Most Secure Operating Systems – Forbes
Also <

Achievement unlocked: Being mentioned in an article on @…: https://lwn.net/SubscriberLink/1055053/05d1716074bbbbe3/
That means I've made it in the o…

GNU InetUtils Security Advisory: remote authentication by-pass in telnetd
🔗 #telnet

Vulnerability-Lookup
Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.

https://www.frandroid.com/os/gnu-linux/3062047_adieu-windows-securix-et-bureautix-le-linux-de-letat-aux-noms-dirreductibles-gaulois

New embedded toolchain bits for Debian today for aarch64-none-elf, arm-none-eabi and riscv64-unknown-elf.
binutils-embedded builds version 2.45.90.20260125.
gcc-arm-none-eabi uses Arm GNU Toolchain version 15.2.rel1 (2025-12-17). For arm and aarch64.
gcc-riscv64-unknown-elf is based off GCC 15.2. For 32- and 64-bit Risc-V.
picolibc 1.8.11. Now the only C library.
libstdc -arm-none-eabi and libstdc -riscv64-unknown-elf.
They're all in NEW, but should …

#android #? @…
Как в 2026 получить современный андроид в виртуалке без смс?
Устанавливаем qemu: emerge qemu
Создаём образ для нашей системы. 15ГБ должно хватить: qemu-img create -f qcow2 waydroid.qcow2 15G
Качаем установочный образ своего любимого дистрибутива GNU/Linux. Я взял D…

Today's wtf: I was getting errors when wrapping my npm command in a Makefile:
```
make: npm: Permission denied
```
Why? Just running it directly works. The heck?!
Okay, strace time...
```
newfstatat(AT_FDCWD, "/home/dama/bin/npm", {st_mode=S_IFDIR|0775, st_size=4096, ...}, 0) = 0
```
Huh... that is a directory.
So it's one of those Unixy fuckeries!
Why does (GNU) make even do this?!
So I set `NPM ?= /usr/bin/n…

I was messing with the C comma operator and ran into an old trivial bug in #GCC diagnostics. Interesting that the error remains from at least GCC 4.7 but morphed a bit in GCC 9.1.
int a=0, b=5, c=7;
return a, b, c; //says a and c are unused
#cpp #bug #FOSS

Mastodon días. Para el turno de mañana (de muy por la mañana), ayer me dio por poner por escrito unas notas para usar Autofirma en GNU/Linux.
https://jdrm.info/configurando-la-firma-digital-en-gnulinux.html
También en

Anyone wanna crash course me in the OS level age check stuff for GNU Linux specifically?
#linux #age_verification

I've been playing around with GNU Octave in the terminal while taking my Linear algebra course. So far it's run everything I've thrown at it in Matlab syntax without question, and it's really been helpful grinding through assignments.
Yet another reminder of how awesome Free Software is, what a perfect match it is for academic use and what a terrible shame it is that almost no universities take advantage of such resources, always seeming to prefer proprietary crap.

Beautiful article on #GNU #LilyPond "Lilypond Music-Notation Software in the Digital-Humanities Toolbox" -- Andrew A. Cashner
https://

ahh, the good old times before ssh and its smug encryption
https://www.openwall.com/lists/oss-security/2026/01/20/2

✅ Immediate action required: Update to GNU Inetutils 2.8 or migrate to #SSH for secure remote access
https://nvd.nist.gov/vuln/detail/CVE-2026-24061

Okay, I'm asking the Mastodon Hivemind something. It concerns GNU/Linux (specifically Debian), Signal Messenger, and Proton VPN.
Edit: Somehow fixed by changing the VPN server _on the router_ (which passes through the desktop untouched...supposedly). I don't get it.
1/?
#ProtonVPN #SignalMessenger

My government offers public subsidies for buying computers and laptops. That’s great, right? I’ve been able to use a modern laptop for the first time in years. After buying a laptop with that subsidy, I received an email informing me that the antivirus connection couldn’t be detected.
- Yeah, so? I don’t need antivirus software. I use GNU/Linux and common sense, and that’s been enough for two decades.
- Yeah, but you have to install Windows 11 Pro and this antivirus so we don’t pe…

Fun with MATLAB (for school). I've been dogfooding my little browser #Sunstone for a while now, and that includes using it for school. My Linear Algebra course is forcing us to use MATLAB (why not GNU Octave, or NumPy?) and things seemed to be going fine until it came time to export the file to pdf. Press the button, nothing. NADA. I figured it's something to do with Sunstone not bei…

🎯 Nearly 800,000 #Telnet servers potentially affected worldwide running vulnerable GNU inet utils implementations
📅 Bug existed since 2015 code changes, finally patched January 20, 2026 in version 2.8
🔧 The flaw stems from missing input sanitization: USER environment variable from network is passed unsanitized to login command, allowing flag injection

Users of #Emacs #orgmode: I've added "my-org-block-interruption()" to my config. It was generated by Claude.
If invoked within a blog, it inserts # END_ # BEGIN_ lines that match the current block.
This way, I'm able to interrupt a QUOTE block to add some comments, a SRC block to…