KDE's Plasma 5.20 is now available, bringing a bunch of refinements as well as some larger features. Some of the KDE Plasma 5.20 highlights include (via Phoronix): - Numerous fixes to the KWin window manager / compositor including a number of Wayland fixes. Among the Wayland work in Plasma 5.20 includes Klipper support and middle-click paste, mouse and touchpad support nearly on par to X11, window thumbnails in the task manager, crash fixes, and more.

- Improved notifications.

- Different redesigns and additions to the KDE System Settings from SMART monitoring to better looking interfaces.

- Redesigned on-screen displays.

- Various tack manager and system tray improvements. More information about KDE 5.20 is available here.

ZDNet reports: At the Microsoft Build 2020 virtual developers' conference, CEO Satya Nadella announced that Windows Subsystem for Linux (WSL) 2.0 would soon support Linux GUIs and applications. That day is closer now than ever before. At the recent X.Org Developers Conference, Microsoft partner developer lead Steve Pronovost revealed that Microsoft has made it possible to run graphical Linux applications within WSL.

It's always been possible to run Linux graphical programs such as the GIMP graphics editor, Evolution e-mail client, and LibreOffice on WSL. But it wasn't easy. You had to install a third-party X Window display server, such as the VcXsrv Windows X Server in Windows 10, and then do some tuning with both Windows and Linux to get them to work together smoothly. The X Window System underlies almost all Linux graphical user interfaces. Now, Microsoft has ported a Wayland display server to WSL. Wayland is the most popular X Window compatible server. In WSL2, it connects the graphical Linux applications via a Remote Desktop Protocol (RDP) connection to the main Windows display. This means you can run Linux and Windows GUI applications simultaneously on the same desktop screen....

Craig Loewen, Microsoft WSL Program Manager, added in a Twitter thread that the key differences between using a third-party X server and the built-in Wayland server is that: "You don't need to start up or start the server, we'll handle that for you." In addition, it comes with "Lovely integration with Windows," such as drop shadows and Linux icon support. Loewen also said you can run a Linux web browser in it. "We haven't tested it extensively with a full desktop environment yet, as we want to focus on running often asked for apps first, and primarily IDEs [integrated development environment] so you can run those in a full Linux environment," he said.

Don't get too excited about it just yet, though. Loewen continued, "We don't yet have an ETA for the beta channel, however, this work will be available in general for Insiders to try within the next couple of months."

LWN.net re-visits the emacs-devel mailing list, where the Emacs 28 development cycle has revived discussions about how to make the text editor more "modern" and attractive to new users: A default dark theme may not be in the future, leading one to think that there may yet be hope for the world in general. But there does seem to be general agreement that Emacs could benefit from a better, more centralized approach to color themes, rather than having color names hard-coded throughout various Elisp packages. From that, a proper theme engine could be supported, making dark themes and such easily available to those who want them...

Another area where Emacs is insufficiently "modern", it seems, has to do with keyboard and mouse bindings. On the keyboard side, users have come to expect certain actions from certain keystrokes; ^X to cut a selection, ^V to paste it, etc. These bindings are easily had by turning on the Cua mode, but new users tend not to know about this mode or how to enable it. Many participants in the discussion said that this mode should be on by default. That, of course, would break the finger memory of large numbers of existing Emacs users, who would be unlikely to appreciate the disruption. Or, as Richard Stallman put it:

It is not an option to change these basic key bindings to imitate other, newer editors. It would create a different editor that we Emacs users would never switch to. It is unfortunate that the people who implemented the newer editors chose incompatibility with Emacs....

The situation with mouse behavior is similar; as several participants in the discussion pointed out, users of graphical interfaces have come to expect that a right-button click will produce a menu of available actions. In Emacs, instead, that button marks a region ("selection"), with a second click in the same spot yanking ("cutting") the selected text. Many experienced Emacs users have come to like this behavior, but it is surprising to newcomers. The right mouse button with the control key held down does produce a menu defined by the current major mode, but that is evidently not what is being requested here; that menu, some say, should present global actions rather mode-specific ones.

Stallman suggested offering a "reshuffled mode" that would bring the context menu to an unadorned right-button click, and which would add some of the expected basic editing commands there as well. This would be relatively easy to do, he said, since mouse bindings are separate from everything else. Besides, as he noted, the current mouse behavior was derived from "what was the standard in X Windows around 1990"; while one wouldn't want to act in haste, it might just be about time for an update.
Other proposed changes involved "discoverability," including the default enabling of various modes, although to incorporate them into GNU Emacs "would often require the author to sign copyrights over to the Free Software Foundation, which is not something all authors are willing to do..."

Michael Ilseman, an engineer on the Swift Standard Library team at Apple, writes: In June, Apple introduced Swift System, a new library for Apple platforms that provides idiomatic interfaces to system calls and low-level currency types. Today, I'm excited to announce that we're open-sourcing System and adding Linux support! Our vision is for System to eventually act as the single home for low-level system interfaces for all supported Swift platforms.

An anonymous reader shares this enthusiastic report from ZDNet: Earlier this year, Linus Torvalds approved of adding drivers and other components in Rust to Linux.* Last week, at the virtual Linux Plumbers Conference, developers gave serious thought to using the Rust language for new Linux inline code. ["Nothing firm has been determined yet," reported Phoronix, "but it's a topic that is still being discussed."] And, now Amazon Web Services (AWS) has announced that its just-released Bottlerocket Linux for containers is largely written in Rust.

Mozilla may have cut back on Rust's funding, but with Linux embracing Rust, after almost 30-years of nothing but C, Rust's future is assured. Rust was chosen because it lends itself more easily to writing secure software. Samartha Chandrashekar, an AWS Product Manager, said it "helps ensure thread safety and prevent memory-related errors, such as buffer overflows that can lead to security vulnerabilities." Many other developers agree with Chandrashekar.

Bottlerocket also improved its security by using Device-mapper's verity target. This is a Linux kernel feature that provides integrity checking to help prevent attackers from overwriting core system software or other rootkit type attacks. It also includes the extended Berkeley Packet Filter (eBPF), In Linux, eBPF is used for safe and efficient kernel function monitoring.
* Linus's exact words were "people are actively looking at, especially doing drivers and things that are not very central to the kernel itself, and having interfaces to do those, for example, in Rust. People have been looking at that for years now. I'm convinced it's going to happen one day."

The article also reminds readers that AWS's Bottlerocket "is also designed to be quick and easy to maintain... by including the bare essentials needed to run containers..."

"Besides its standard open-source elements, such as the Linux kernel and containerd container runtime, Bottlerocket's own code is licensed under your choice of either the Apache 2.0 or the MIT license."

A team at Clemson University has come up with a new design that overcomes some of the problems with incorporating silicon into lithium-ion batteries, "enabling them to demonstrate a lightweight and multipurpose device that could be used to power satellites and spacesuits," reports New Atlas. From the report: Scientists have been investigating the potential of silicon in lithium-ion batteries for a long time, and with good reason. Using the material for the anode component instead of the graphite used today could increase the storage capacity of these devices by as much as 10 times, but there are a few kinks to iron out first. Silicon doesn't exhibit the same durability as graphite in these scenarios, tending to expand, contract and break apart into small pieces as the battery is charged and discharged. This causes the deterioration of the anode and failure of the battery, but we have seen a number of potential solutions to this over the years, including fashioning the silicon into sponge-like nanofibers or tiny nanospheres before integrating them into the device.

The new research out of Clemson University looks to shore up the dependability of silicon with the help of carbon nanotube sheets called Buckypaper, which we've also seen used in the development of next-generation heat shields for aircraft. These sheets were paired with tiny, nanosized silicon particles in what the team says is an arrangement much like a deck of cards, with the silicon particles sandwiched in between each layer. "The freestanding sheets of carbon nanotubes keep the silicon nanoparticles electrically connected with each other," says Shailendra Chiluwal, first author on the study. "These nanotubes form a quasi-three-dimensional structure, hold silicon nanoparticles together even after 500 cycles, and mitigate electrical resistance arising from the breaking of nanoparticles." The beauty of this approach, according to the team, is that even if the charging and discharging of the battery causes the silicon particles to break apart, they remain locked inside the sandwich and able to perform their function. This means that, theoretically, this functioning but experimental battery has a much higher capacity, which means the energy can be stored in much lighter cells, reducing the overall weight of the device. As a bonus, the use of the nanotubes creates a buffer mechanism that enables the batteries to be charged at four times the speed of current iterations, according to the scientists. The research was published in the journal Applied Materials and Interfaces.

FallOutBoyTonto writes: In June we saw an update to the NVMe standard. The update defines a software interface to assist in actually reading and writing to the drives in a way to which SSDs and NAND flash actually works. Instead of emulating the traditional block device model that SSDs inherited from hard drives and earlier storage technologies, the new NVMe Zoned Namespaces optional feature allows SSDs to implement a different storage abstraction over flash memory. This is quite similar to the extensions SAS and SATA have added to accommodate Shingled Magnetic Recording (SMR) hard drives, with a few extras for SSDs. 'Zoned' SSDs with this new feature can offer better performance than regular SSDs, with less overprovisioning and less DRAM. The downside is that applications and operating systems have to be updated to support zoned storage, but that work is well underway.

The NVMe Zoned Namespaces (ZNS) specification has been ratified and published as a Technical Proposal. It builds on top of the current NVMe 1.4a specification, in preparation for NVMe 2.0. The upcoming NVMe 2.0 specification will incorporate all the approved Technical Proposals, but also reorganize that same functionality into multiple smaller component documents: a base specification (one for each command set of block, zoned, key-value, and potentially more in the future), and separate specifications for each transport protocol (PCIe, RDMA, TCP). The standardization of Zoned Namespaces clears the way for broader commercialization and adoption of this technology, which so far has been held back by vendor-specific zoned storage interfaces and very limited hardware choices. [...]

A user shares a report from Electrek: Tesla's wiper controls through its touchscreen have been ruled illegal in Germany after someone crashed their Model 3 while using them and fought a fine and driving ban through the court system. A Tesla Model 3 driver got into an accident while using the touchscreen to adjust the speed of the automatic windshield wipers. In Model 3 and Model Y vehicles, Tesla didn't install normal windshield wiper settings through a steering wheel stalk. Instead, the automaker is detecting the rain through its Autopilot cameras and automatically adjusting the speed based on the strength of the rainfall. If the driver wants to adjust the speed, they need to do it through the center touchscreen. The driver in Germany was adjusting those settings when he lost control of the vehicle and crashed. A local district court gave him a fine and a one-month driving ban and that's where the problem started for Tesla. He decided to fight the punishment -- bringing the case to the Higher Regional Court (OLG). "It comes as no surprise that enlightened Germans would be the first to rule Tesla's poly engineered cars a road hazard," adds the Slashdot reader. "Touch screen interfaces have no place in cars."

Elon Musk says Neuralink recipients will be able to stream music directly into their brains, with no headphones needed. Futurism reports: It's still entirely unclear if Neuralink's brain-computer interfaces will ever be able to bypass the ear, the cochlear nerves, and beam music magically to the auditory brain. But Musk has already set his sights on bigger things. When asked by another Twitter user if Neuralink's devices could also help "estimulate the release of oxytocin, serotonin, and other chemicals when needed," Musk replied with another "yes." To make that feature and more a reality, Neuralink is looking to add more, well, brains to its operations. "If you've solved hard problems with phones/ wearables (sealing, signal processing, inductive charging, power management, etc.), please consider working at [Neuralink]," Musk tweeted over the weekend. On August 28th, the mysterious computer-brain interface startup will release an update on its progress.

An intriguing exchange happened on the Linux Kernel Mailing List after a post by Nick Desaulniers, a Google software engineer working on compiling the Linux Kernel with Clang (and LLVM). Hackaday reports: Nick simply tested the waters for a possible future of Rust within the Linux kernel code base, which is something he's planning to bring up for discussion in this year's Linux Plumbers Conference — the annual kernel developer gathering. [Desaulniers thinks that discussion will include "a larger question of 'should we do this?' or 'how might we place limits on where this can be used?'"]

The interesting part is Linus Torvalds's response on the LKML thread, which leaves everyone hoping for a hearty signature Rust rant akin to his C++ one disappointed. Instead, his main concern is that a soft and optional introduction of the support in the build system would leave possible bugs hidden, and therefore should be automatically enabled if a Rust compiler is present — essentially implying that he seems otherwise on board.
Linus also touched on Rust earlier this month in his keynote interview with Dirk Hohndel, the chief open source officer at VMware, during the special virtual edition of the Linux Foundation's annual Open Source Summit and Embedded Linux Conference North America: Dirk Hohndel: Every new project is done in Go or Rust or another new language I've never heard of. Is there a risk that we are becoming the COBOL programmers of the 2030s?

Linus Torvalds: Well, I don't actually think it's true that nobody writes in C any more. I think C is still one of the top 10 languages easily, if you look at any of the statistics.

That said — I mean, people are actively looking at, especially doing drivers and things that are not very central to the kernel itself, and having interfaces to do those, for example, in Rust. People have been looking at that for years now. I'm convinced it's going to happen one day.

I mean, it might not be Rust, but it is going to happen that we will have different models for writing these kinds of things. And C won't be the only one. I mean right now, it's C or assembly, and most people would rather not touch the assembly parts. [Dirk laughs] But it is something that people are looking at. I'm probably the wrong person. Greg has been more involved, since he's the driver maintainer in general. But things are afoot, and these things take a long, long time. I mean, the kind of infrastructure you need to start integrating other languages into a kernel, and making people trust these other languages — that's a big step.

Nokia has become the first major telecom equipment maker to commit to adding open interfaces in its products that will allow mobile operators to build networks that are not tied to a vendor. Reuters reports: The new technology, dubbed Open Radio Access Network (Open RAN), aims to reduce reliance on any one vendor by making every part of a telecom network interoperable and allowing operators to choose different suppliers for different components. Currently, Nokia along with Ericsson and Huawei supplies most of the equipment for building telecom networks and mobile operators can only pick one for each part of their network.

As part of the implementation plan, Nokia plans to deploy Open RAN interfaces in its baseband and radio units, a spokesman said. An initial set of Open RAN functionalities will become available this year, while the full suite of interfaces is expected to be available in 2021, the company said. Nokia, unlike other vendors, had been promising to participate in the development of open RAN technology and have joined several industry alliances.

Apple has unveiled the next version of macOS: Big Sur. From a report: The new operating system brings the biggest redesign since the introduction of macOS 10, according to Apple. Big Sur borrows a number of elements from Apple's iOS, including a customizable Control Center, where you can change brightness and toggle Do Not Disturb, and a new notification center, which groups related notifications together. Both interfaces are translucent, like their iOS counterparts. A number of apps have received streamlined new redesigns, including Mail, Photos, Notes, and iWork. Apple has introduced a new search feature to Messages (which organizes results into links, photos, and matching terms), as well as inline replies for group chats, a new photo-selection interface, and Memoji stickers. There's a new version of Maps for Mac that borrows features from the iOS app, including custom Guides, 360-degree location views, cycling and electric vehicle directions (which you can send directly to an iPhone), and indoor maps. Apple introduced a number of new Catalyst apps as well. Dock buttons have also been redesigned to look more similar to their iOS counterparts, in an effort to "be more consistent with icons across Apple's ecosystem while retaining their Mac personality," according to the company.

Apple also announced the biggest update to Safari since the browser was first introduced. The company claims its browser is 50 percent faster than Chrome and can show more tabs on-screen. Hovering over a tab now gives users a preview of its page, and right-clicking on the tab will give you the option to close all the tabs to its right. The new Safari also has a customizable start page and a built-in automatic translation feature that can interpret entire webpages in seven languages, Apple says. Safari is also getting support for extensions made for other browsers, and a dedicated extension store. (Unlike many other browsers, Safari will allow you to customize which sites your extensions run on). And there are new privacy features, including a Privacy Report that details actions the browser has taken to prevent tracking on the websites you visit.

The Basecamp cofounder and creator of web application framework Ruby on Rails David Heinemeier Hansson has become increasingly outspoken about Big Tech's privacy violations and monopolistic tendencies. Now he's inviting you to join the cause -- by switching your email provider. From a report: Two years ago, he and fellow Basecamp cofounder and CEO Jason Fried decided to do something about it. The culmination of that work is a paid, $99-per-year email service called Hey, which launches today. Along with protecting users from the types of invasive surveillance tactics that have become de rigueur online, Hey also contains some radical ideas about the way that modern correspondence should work. Silicon Valley will be watching the product closely: Consumers like to say they value their privacy, but are they finally willing to pay for it?

[...] Most people haven't tried a new email service since Gmail launched 16 years ago, if not earlier. A handful of startups have played around with email interfaces in the years since, trying to make the experience cleaner and mobile-friendly, but no one has touched concepts as foundational as the inbox itself. Hansson and Fried argue that now is the time to do just that. They have made several radical changes to the inbox, the most glaring of which is that you, the email recipient, have control over who is allowed to appear there. That means you screen all first-time senders. They've also separated out what they call the "The Feed" and the "Paper Trail," so that there are distinct places for emails like newsletters and shipping confirmation notices. Because The Feed requires opt-in confirmation, it's much more pleasant to browse than Gmail's cluttered Promotions tab. It's also more private: Hey strips incoming messages of the tracking tools known as spy pixels that have become common practice in many emails. (The service indicates any emails that originally had tracking capabilities by displaying a small binoculars icon next to them.)

"In December, security researchers noticed an uptick in brute-force attacks against publicly exposed Microsoft SQL servers," reports CSOnline.

"It turns out the attacks go as far back as May 2018 and infect on average a couple thousand database servers every day with remote access Trojans and cryptominers."

Slashdot reader itwbennett writes: While the primary goal of the attack seems to be cryptocurrency mining, "what makes these database servers appealing for attackers apart from their valuable CPU power is the huge amount of data they hold," say researchers from Guardicore who investigated the attacks. The researchers also note that most machines (60%) stay infected only briefly, but "almost 20% of all breached servers remained infected for more than a week and even longer than two weeks," and 10% become reinfected...

[T]he attackers aggressively remove malware from competitors from targeted machines.
Many of the infected machines are located in America, India, South Korea, and Turkey, according to the article, which adds that the researchers traced the campaign back to China.

"The scans and attacks originate from Chinese IP addresses -- likely associated with infected and hijacked machines -- and the command-and-control servers are also hosted in China and use Chinese language for their web-based management interfaces."

The latest "feature drop" for Google's Pixel line of Android phones includes the ability to "firmly press" on the screen "to get more help from your apps more quickly." If that sounds familiar, it's because it's a lot like iPhone's 3D Touch, which Apple stopped supporting in all of its 2019 iPhones. The Verge reports: "Firmly press" sets off alarm bells because it sounds a lot like the iPhone's 3D Touch, which enables different actions depending on how hard you press on the touchscreen. It was a beloved feature for some people because it gave faster access to the cursor mode on the iPhone's keyboard (I think long-pressing the space bar works fine for that, but I get that people love it). It's also gone on the latest versions of the iPhone -- Apple has seemingly abandoned it because the hardware to support it was too expensive/thick/complex/finicky/whatever. But now, it seems that Google has done the same thing for the touchscreen that it does with the camera: use its software algorithms to make commodity parts do something special. That is a very Googley thing to do, but not quite as Googley as the fact that there was virtually no information about this feature to be found anywhere on the internet beyond a speculative note over at XDA Developers.

After a few hours of back and forth, I finally got more details from Google. Here's what this feature does, according to Google: "Long Press currently works in a select set of apps and system user interfaces such as the app Launcher, Photos, and Drive. This update accelerates the press to bring up more options faster. We also plan to expand its applications to more first party apps in the near future." Essentially, this new feature lets you press harder to bring up long-press menus faster. In fact, Google's documentation for Android's Deep Press API explicitly says it should never do a new thing, it should only be a faster way to execute a long press. The answer to why it only works in certain apps is that a lot of Android developers aren't using standard APIs for long press actions. Because Android. Okay, but how does it work? It turns out my hunch was correct: Google has figured out how to use machine learning algorithms to detect a firm press, something Apple had to use hardware for.

The new 1.14 release of the Go programming language "is dotted with performance and security improvements," reports the developer news site DevClass, "but also gives devs more flexibility when it comes to module use."

And they also give a nice overview of Go's development process: Go is the language most containerization projects are built with. The wide adoption of this approach is one of the reasons that made the Go team implement a new feedback-based system for language enhancements. In it, only a limited number of new features are proposed for an upcoming release, giving the community room to weigh in on them. If they decide a change will do more good than harm the feature will make it into the new version. However, since alterations affect a quite wide range of people, they are often heavily disputed. This already led to the abandoning of a proposal thought to improve the language's often discussed error handling. Currently, a couple of new vet checks and minor adjustments are discussed for the 1.15 release.

Updates in Go 1.14 mainly concern the toolchain, runtime, and libraries. The only change to the language allows for methods of embedded interfaces to have the same name and signature as those on the embedding interface. Supposedly to facilitate the creation of somewhat safer applications, version 1.14 includes a hash/maphash package. The hash functions on byte sequences contained in it are meant to help with the implementation of hash tables or similar data structures. The Go team warns though that "the hash functions are collision-resistant but not cryptographically secure...."

Go 1.14 is the last release to run on macOS 10.11 and support 32-bit binaries on Apple's operating system. Meanwhile binaries for Windows come with data execution prevention enabled, experimental support for 64-bit RISC-V on Linux is included, and v1.14 should work with 64-bit ARM architecture on FreeBSD 12.0 or later.

We live in a world where billions of login credentials have been stolen, enabling the brute-force cyberattacks known as "credential stuffing", reports CSO Online. And it's being made easier by APIs: New data from security and content delivery company Akamai shows that one in every five attempts to gain unauthorized access to user accounts is now done through application programming interfaces (APIs) instead of user-facing login pages. According to a report released today, between December 2017 and November 2019, Akamai observed 85.4 billion credential abuse attacks against companies worldwide that use its services. Of those attacks, around 16.5 billion, or nearly 20%, targeted hostnames that were clearly identified as API endpoints.

However, in the financial industry, the percentage of attacks that targeted APIs rose sharply between May and September 2019, at times reaching 75%.

"API usage and widespread adoption have enabled criminals to automate their attacks," the company said in its report. "This is why the volume of credential stuffing incidents has continued to grow year over year, and why such attacks remain a steady and constant risk across all market segments."
APIs also make it easier to extract information automatically, the article notes, while security experts "have long expressed concerns that implementation errors in banking APIs and the lack of a common development standard could increase the risk of data breaches."

Yet the EU's "Payment Services Directive" included a push for third-party interoperability among financial institutions, so "most banks started implementing such APIs... Even if no similar regulatory requirements exist in non-EU countries, market forces are pushing financial institutions in the same direction since they need to innovate and keep up with the competition."

Larry Tesler, a computer scientist who created the terms "cut," "copy," and "paste," has passed away at the age of 74. Gizmodo reports: Born in 1945 in New York, Tesler went on to study computer science at Stanford University, and after graduation he dabbled in artificial intelligence research (long before it became a deeply concerning tool) and became involved in the anti-war and anti-corporate monopoly movements, with companies like IBM as one of his deserving targets. In 1973 Tesler took a job at the Xerox Palo Alto Research Center (PARC) where he worked until 1980. Xerox PARC is famously known for developing the mouse-driven graphical user interface we now all take for granted, and during his time at the lab Tesler worked with Tim Mott to create a word processor called Gypsy that is best known for coining the terms "cut," "copy," and "paste" when it comes to commands for removing, duplicating, or repositioning chunks of text.

Xerox PARC is also well known for not capitalizing on the groundbreaking research it did in terms of personal computing, so in 1980 Tesler transitioned to Apple Computer where he worked until 1997. Over the years he held countless positions at the company including Vice President of AppleNet (Apple's in-house local area networking system that was eventually canceled), and even served as Apple's Chief Scientist, a position that at one time was held by Steve Wozniak, before eventually leaving the company.

In addition to his contributions to some of Apple's most famous hardware, Tesler was also known for his efforts to make software and user interfaces more accessible. In addition to the now ubiquitous "cut," "copy," and "paste" terminologies, Tesler was also an advocate for an approach to UI design known as modeless computing, which is reflected in his personal website. In essence, it ensures that user actions remain consistent throughout an operating system's various functions and apps. When they've opened a word processor, for instance, users now just automatically assume that hitting any of the alphanumeric keys on their keyboard will result in that character showing up on-screen at the cursor's insertion point. But there was a time when word processors could be switched between multiple modes where typing on the keyboard would either add characters to a document or alternately allow functional commands to be entered.

January 19, 2038 is for Linux what Y2K was for mainframe and PC computers in 2000, reports ZDNet. It's the day that the value for time "runs out of numbers" and, in the case of 32-bit Unix-based operating systems like Linux and older versions of macOS, "starts counting time with negative numbers..."

"But the fixes are underway to make sure all goes well when that fatal time rolls around." nickwinlund77 shared their report: Linux developers have seen this coming for decades. So, Linux kernel developer Arnd Bergmann and others have been working on a repair. These corrections are now in the forthcoming Linux 5.6 kernel. Bergmann explained, "Linux-5.6, or my backport of the patches to 5.4, should be the first release that can serve as a base for a 32-bit system designed to run beyond year 2038."

There are some caveats:

- All user space must be compiled with a 64-bit time_t, which will be supported in the coming musl-1.2 and glibc-2.32 releases, along with installed kernel headers from Linux-5.6 or higher.

- Applications that use the system call interfaces directly need to be ported to use the time64 syscalls added in Linux-5.1 in place of the existing system calls.

- Applications that use a private copy of kernel uapi header files or their contents may need to update to the Linux-5.6 version.

- A few remaining interfaces cannot be changed to pass a 64-bit time_t in a compatible way, so they must be configured to use CLOCK_MONOTONIC times...

After we fix this, we won't have to worry about 64-bit Linux running out of seconds until 15:30:08 GMT Sunday, December 4, 29,227,702,659. Personally, I'm not going to worry about that one.

U.S. officials say Huawei can covertly access mobile-phone networks around the world through "back doors" designed for use by law enforcement [Editor's note: the link may be paywalled; an alternative source was not immediately available.], as Washington tries to persuade allies to exclude the Chinese company from their networks. From a report: Intelligence shows Huawei has had this secret capability for more than a decade, U.S. officials said. Huawei rejected the allegations. The U.S. kept the intelligence highly classified until late last year, when American officials provided details to allies including the U.K. and Germany, according to officials from the three countries. That was a tactical turnabout by the U.S., which in the past had argued that it didn't need to produce hard evidence of the threat it says Huawei poses to nations' security. When telecom-equipment makers build and sell hardware such as switching gear, base stations and antennae to carriers -- who assemble the networks that enable mobile communication and computing -- they are required by law to build into their hardware ways for authorities to access the networks for lawful purposes. They are also required to build equipment in such a way that the manufacturer can't get access without the consent of the network operator. Only law-enforcement officials or authorized officials at each carrier are allowed into these "lawful interception interfaces," generally with the carrier's permission. Such access is governed by laws and protocols specific to each country. U.S. officials say Huawei has built equipment that secretly preserves the manufacturer's ability to access networks through these interfaces without the carriers' knowledge.