An anonymous reader quotes a report from ZDNet: Microsoft's Windows Subsystem for Linux (WSL) for running GNU/Linux environments on Windows 10 and Windows 11 has reached version 1.0.0 and is now generally available. Microsoft has been building WSL, including its own custom Linux kernel, for several years now. At first, WSL and WSL2 were an optional component within Windows, but last October Microsoft made the preview WSL available in the Microsoft Store as a separate app. The Store version could deliver users -- mostly developers and IT pros -- faster updates and features independently of updates to Windows.

As well as WSL shedding the "preview" label, Microsoft is making the WSL app from the Store the default for new users. As Microsoft noted last October at the release of Windows 11, the long term plan was to move WSL users to the Store version. However, Windows 11 still supported the "inbox version" of WSL while it continued developing the Store version. With this release, Microsoft is backporting WSL functionality to Windows 10 and 11 to make the Store version of WSL the default experience. The latest backport is available to "seekers" who click "Check for Updates" in Windows Settings, but in mid-December it will be pushed automatically to devices. The updates are available for Windows 10 version 21H1, 21H2, or 22H2, or on Windows 11 21H2 with all of the November updates applied.

Microsoft detailed a number of changes to commands now that the Store version of WSL is the default version, noting "wsl.exe --install will now automatically install the Store version of WSL, and will no longer enable the "Windows Subsystem for Linux" optional component, or install the WSL kernel or WSLg MSI packages as they are no longer needed." The virtual machine platform optional component will still be enabled, and by default Ubuntu will still be installed. One of the main new additions to WSL 1.0 is that users can opt in to support for systemd, the at-one-point maligned Linux system and service manager, which runs by default in several Linux distros, including Ubuntu and Debian. Also, Windows 10 users can use Linux GUI apps, a capability that was previously exclusive to Windows 11 users.

It's been one year since Facebook changed its name to "Meta Platforms," remembers The Street. So after Mark Zuckerberg "bought the Oculus Quest VR headset, rebranded it Meta Quest, and formed Reality Labs solely to work on all projects related to the metaverse" — what happened next? Meta's shares and market value have dropped and Zuckerberg's personal fortune has shrunk, falling from $125 billion in January to $49.1 billion at last check, putting him No. 23 on the Bloomberg Billionaires Index.

Reality Labs is facing the hard reality that it's pouring out gallons of red ink, losing $10 billion last year and about $5.7 billion so far in 2022.

And leaked internal documents reveal discussions between Reality Labs management and employees, indicating that "Horizon Worlds" [Meta's flagship metaverse for consumers] is ridden with game-breaking bugs, leading to a "quality lockdown" for the rest of the year.
In fact, Horizon Worlds is also "failing to meet internal performance expectations," reports CNBC, citing internal company documents reviewed by The Wall Street Journal: Meta initially aimed to reach 500,000 monthly active users in Horizon Worlds by the end of the year, but the current figure is less than 200,000, according to the report. Additionally, the documents showed that most users didn't return to Horizon after the first month on the platform, and the number of users has steadily declined since spring, the Journal said.

Only 9% of worlds are visited by at least 50 people, and most are never visited at all, according to the report."
"An empty world is a sad world," one internal document reportedly adds. And Fortune cited some more discouraging statistics from the Journal's article: - Meta wants users to create their own worlds using Horizon's tools. Less than 1% are doing so.

- A tip feature to reward creators for their efforts has generated payouts of under $500 globally. Cumulatively, Horizon's worlds have brought in only about $10,000 in "In-World Payments".

- Retention rates for the Quest virtual-reality headsets — sold by Meta to access Horizons — have dropped in each of the past three years.
CNBC also notes that the report "comes as the company's stock falls, user numbers decline and advertisers cut spending. Meta shares are down 62% so far this year...." So how did Meta respond to the Journal's article? A Meta spokesman told The Wall Street Journal that the company continues to make improvements to the metaverse, which was always meant to be a multiyear project. Representatives for Meta didn't immediately respond to CNBC's request for comment.

Meta has said it will release a web version of Horizon for mobile devices and computers this year, but the spokesman didn't have any launch dates to disclose.

Purism posted an announcement Thursday about their privacy-focused "Librem 5 USA" smartphones. "New orders placed today will ship within our standard 10-business-day window." The Librem 5 USA now joins the Librem Mini and Librem 14 as a post-Just In Time product, one where instead of relying on Just In Time supply chains to manufacture a product just as we need it, we have invested in maintaining much larger inventories so that we can better absorb future supply chain issues that may come our way.

For anyone who is new to the product, the Librem 5 USA is our premium phone that shares the same hardware design and features as our mass-produced Librem 5, but with electronics we make in the USA using a separate electronics supply chain that sources from US suppliers whenever possible. This results in a tighter, more secure supply chain for the Librem 5 USA.

The Librem 5 USA uses the same PureOS as our other computers and so it runs the same desktop Linux applications you might be used to, just on a small screen.

PureOS on the Librem 5 USA demonstrates real convergence, where the device becomes more than just a phone, it becomes a full-featured pocket-sized computer that can act like a desktop when connected to a monitor, keyboard and mouse, or even a laptop (or tablet!) when connected to a laptop docking station. All of your files and all of your software remains the same and follows you where you go. Applications just morph from the smaller screen to the larger screen when docked, just like connecting a external monitor to a laptop.

Everyone who has backed the Librem 5 and Librem 5 USA projects hasn't just supported the production of the hardware itself, they have also supported a massive, multi-year software development effort to bring the traditional Linux desktop to a phone form-factor. Projects such as Phosh (the GUI), Phoc (the Compositor), Squeekboard (the Keyboard), Calls (for calling), Chats (for texting and messaging), and libhandy/libadwaita (libraries to make GTK applications adaptive) all required massive investment and many of these projects have already been moved to the GNOME infrastructure to better share our effort with a larger community.

We are delighted to see that many other mobile projects have recognized the quality of our efforts and adopted our software into their own projects....

The Librem 5 USA was designed for longevity and because we support right to repair, we also offer a number of spare parts in our shop, including replacement modems so you can make sure you support all the cellular bands in a particular continent, replacement batteries for when you ultimately wear out your existing battery, and plenty of other spare parts that haven't had sufficient demand to post formally on our shop (yet). If you need a spare part that isn't yet on the shop, just ask.

"As part of the design process for what ended up becoming GNOME 40 the design team worked on a number of experimental concepts," reports a blog post at Gnome.org's shell-dev blog, "a few of which were aimed at better support for tablets and other smaller devices."

"Ever since then, some of us have been thinking about what it would take to fully port GNOME Shell to a phone form factor." It's an intriguing question because post-GNOME 40, there's not that much missing for GNOME Shell to work on phones, even if not perfectly.... On top of that, many of the things we're currently working towards for desktop are also relevant for mobile, including quick settings, the notifications redesign, and an improved on-screen keyboard. Given all of this synergy, we felt this is a great moment to actually give mobile GNOME Shell a try. Thanks to the Prototype Fund, a grant program supporting public interest software by the German Ministry of Education (BMBF), we've been working on mobile support for GNOME Shell for the past few months.

We're not expecting to complete every aspect of making GNOME Shell a daily driveable phone shell as part of this grant project. That would be a much larger effort because it would mean tackling things like calls on the lock screen, PIN code unlock, emergency calls, a flashlight quick toggle, and other small quality-of-life features. However, we think the basics of navigating the shell, launching apps, searching, using the on-screen keyboard, etc. are doable in the context of this project, at least at a prototype stage.

Of course, making a detailed roadmap for this kind of effort is hard and we will keep adjusting it as things progress and become more concrete... There's a lot of work ahead, but going forward progress will be faster and more visible because it will be work on the actual UI, rather than on internal APIs. Now that some of the basics are in place we're also excited to do more testing and development on actual phone hardware, which is especially important for tweaking things like the on-screen keyboard.
Their blog post includes a video showing "what this currently looks like on laptops" and then one showing it running "on actual phone hardware." And someone has also posted a video on Twitter showing it running on a OnePlus 6 smartphone.

An anonymous reader quotes a report from The Register: Alibaba Cloud has advanced its work to port Android to the RISC-V architecture. The Chinese cloud giant has spent more than a year working on a port of the Google-spawned OS and in January 2021 showed off a GUI powered by Android 10 running on silicon designed by T-Head Semiconductor -- an Alibaba subsidiary that designs its own RISC-V chip. Alibaba Cloud has now revealed it's working on Android 12, and has integrated third-party vendor modules. The result is Android on RISC-V that's capable of playing audio and video, running Wi-Fi and Bluetooth radios, and driving cameras.

The company has also "enabled more system enhancement features such as core tool sets, third-party libraries and SoC board support package on RISC-V," which collectively make RISC-V a better target for Android. Another advance is successful trials of TensorFlow Lite models on RISC-V. That effort means Android on RISC-V should be capable running workloads like image and audio classification and Optical Character Recognition. Alibaba Cloud hasn't detailed whether its porting efforts are directed to any particular processor, but is keen to point out that its homegrown Xuantie C906 processor recently aced the MLPerf Tiny v0.7 benchmark -- a test applied to Internet of Things devices. The company has also pointed out that its home-grown RISC-V kit has already been employed in smart home appliances, automotive applications, and edge computing. [...] The Xuantie C906 uses Alibaba-designed cores that are -- as required for RISC-V users -- available on GitHub. When the firm has a complete version of Android on RISC-V, it "will be an important step towards China's goal of reducing its reliance on technology that other nations can control with restrictions such as trade bans," notes The Register. "As RISC-V is open source, preventing its flow to China is all but impossible."

An anonymous reader quotes a report from Ars Technica: In most cases, the release of yet another classic console emulator for the Switch wouldn't be all that noteworthy. But experts tell Ars that a pair of Game Boy and Game Boy Advance emulators for the Switch that leaked online Monday show signs of being official products of Nintendo's European Research & Development division (NERD). That has some industry watchers hopeful that Nintendo may be planning official support for some emulated classic portable games through the Nintendo Switch Online subscription service in the future. The two leaked emulators -- codenamed Hiroko for Game Boy and Sloop for Game Boy Advance -- first hit the Internet as fully compiled NSP files and encrypted NCA files linked from a 4chan thread posted to the Pokemon board Monday afternoon. Later in that thread, the original poster suggested that these emulators "are official in-house development versions of Game Boy Color/Advance emulators for Nintendo Switch Online, which have not been announced or released."

In short order, dataminers examining the package found a .git folder in the ROM. That folder includes commit logs that reference supposed development work circa August 2020 from a NERD employee and, strangely enough, a developer at Panasonic Vietnam. NERD's history includes work on the software for the NES Classic and SNES Classic, as well as the GameCube emulation technology in last year's Super Mario All-Stars, so the division's supposed involvement wouldn't be out of the ordinary. Footage from the leaked Game Boy Advance emulator also includes a "(c) Nintendo" and "(c) 2019 -- 2020 Nintendo" at various points. While suggestive, none of this is exactly hard evidence of Nintendo's involvement in making these emulators. Some skepticism might be warranted, too, because there is some historical precedent for an emulator developer trying to get more attention by pretending their homebrew product is a "leaked" official Nintendo release.

Some observers also pointed to other reasons to doubt that these leaks were an "official" Nintendo work product. ModernVintageGamer and others noted that the leaked GBA emulator includes an "export state to Flashcart" option designed "to confirm original behavior" on "original hardware," according to the GUI. That option is illustrated with a picture of an EZFlash third-party flash cartridge in the emulator interface, an odd choice given Nintendo's previous litigious attacks on such flashcart makers. A "savedata memory" option in the emulator also references the ability to "inter-operate with flashcarts, other emulators, [and] fan websites..." That's a list that would serve as a decent Johnny Carson "Carnac the Magnificent" setup for "things Nintendo wouldn't want to reference in an official product." A prominent video game historian that Ars consulted with said they were "99.9% sure [the emulators are] real" and that "personally I'm absolutely convinced of its legitimacy."

A headline at Hot Hardware calls it "a sexy Linux laptop with deep learning chops... being pitched as the world's most powerful laptop for machine learning workloads."

And here's how Ars Technica describes the Razer x Lambda Tensorbook (announced Tuesday): Made in collaboration with Lambda, the Linux-based clamshell focuses on deep-learning development. Lambda, which has been around since 2012, is a deep-learning infrastructure provider used by the US Department of Defense and "97 percent of the top research universities in the US," according to the company's announcement. Lambda's offerings include GPU clusters, servers, workstations, and cloud instances that train neural networks for various use cases, including self-driving cars, cancer detection, and drug discovery.

Dubbed "The Deep Learning Laptop," the Tensorbook has an Nvidia RTX 3080 Max-Q (16GB) and targets machine-learning engineers, especially those who lack a laptop with a discrete GPU and thus have to share a remote machine's resources, which negatively affects development.... "When you're stuck SSHing into a remote server, you don't have any of your local data or code and even have a hard time demoing your model to colleagues," Lambda co-founder and CEO Stephen Balaban said in a statement, noting that the laptop comes with PyTorch and TensorFlow for quickly training and demoing models from a local GUI interface without SSH. Lambda isn't a laptop maker, so it recruited Razer to build the machine....

While there are more powerful laptops available, the Tensorbook stands out because of its software package and Ubuntu Linux 20.04 LTS.
The Verge writes: While Razer currently offers faster CPU, GPU and screens in today's Blade lineup, it's not necessarily a bad deal if you love the design, considering how pricey Razer's laptops can be. But we've generally found that Razer's thin machines run quite hot in our reviews, and the Blade in question was no exception even with a quarter of the memory and a less powerful RTX 3060 GPU. Lambda's FAQ page does not address heat as of today.

Lambda is clearly aiming this one at prospective MacBook Pro buyers, and I don't just say that because of the silver tones. The primary hardware comparison the company touts is a 4x speedup over Apple's M1 Max in a 16-inch MacBook Pro when running TensorFlow.
Specifically, Lambda's web site claims the new laptop "delivers model training performance up to 4x faster than Apple's M1 Max, and up to 10x faster than Google Colab instances." And it credits this to the laptop's use of NVIDIA's GeForce RTX 3080 Max-Q 16GB GPU, adding that NVIDIA GPUs "are the industry standard for parallel processing, ensuring leading performance and compatibility with all machine learning frameworks and tools."

"It looks like a fine package and machine, but pricing starts at $3,499," notes Hot Hardware, adding "There's a $500 up-charge to have it configured to dual-boot Windows 10."

The Verge speculates on what this might portend for the future. "Perhaps the recently renewed interest in Linux gaming, driven by the Steam Deck, will push Razer to consider Linux for its own core products as well."

"Microsoft has been struggling to reach a state of convergence between tablet and desktop ever since Windows 8 and the original Surface," argues Neowin, adding "If we're using Windows 11 as a barometer of their progress, they'll likely never get there...."

But meanwhile, writes Slashdot reader segaboy81, "KDE's new swipe gesture is awesome. It's about 1000% smoother than the overview in Windows 11 and the swiping mechanism is easier, too. Is KDE getting better for tablets?"

From Neowin's report: Starting in KDE Plasma 5.25, users with touch screen devices will be able to enter their tasks and virtual desktops overview by simply swiping down from the top edge, but with a special twist. The scale of the windows directly follows the path of your finger. The result is every bit as fluid as you might imagine. While you can achieve the same result in Windows 11 with a simple three-finger swipe up, this implementation looks great and performs great too.

BleepingComputer was recently contacted by an alleged "venture capitalist" firm that wanted to invest or purchase our site. However, as we later discovered, this was a malicious campaign designed to install malware that provides remote access to our devices. Lawrence Abrams from BleepingComputer writes: Last week, BleepingComputer received an email to our contact form from an IP address belonging to a United Kingdom virtual server company. Writing about cybersecurity for so long, I am paranoid regarding email, messaging, and visiting unknown websites. So, I immediately grew suspicious of the email, fired up a virtual machine and VPN, and did a search for Vuxner. Google showed only a few results for 'Vuxner,' with one being for a well-designed and legitimate-looking vuxner[.]com, a site promoting "Vuxner Chat -- Next level of privacy with free instant messaging." As this appeared to be the "Vuxner chat" the threat actors referenced in their email, BleepingComputer attempted to download it and run it on a virtual machine.

BleepingComputer found that the VuxnerChat.exe download [VirusTotal] actually installs the "Trillian" messaging app and then downloads further malware onto the computer after Trillian finishes installing. As this type of campaign looked similar to other campaigns that have pushed remote access and password-stealing trojans in the past, BleepingComputer reached out to cybersecurity firm Cluster25 who has previously helped BleepingComputer diagnose similar malware attacks in the past. Cluster25 researchers explain in a report coordinated with BleepingComputer that the Vuxner[.]com is hosted behind Cloudflare, however they could still determine hosting server's actual address at 86.104.15[.]123.

The researchers state that the Vuxner Chat program is being used as a decoy for installing a remote desktop software known as RuRAT, which is used as a remote access trojan. Once a user installs the Vuxner Trillian client and exits the installer, it will download and execute a Setup.exe executable [VirusTotal] from https://vuxner[.]com/setup.exe. When done, the victim will be left with a C:\swrbldin folder filled with a variety of batch files, VBS scripts, and other files used to install RuRAT on the device. Cluster25 told BleepingComputer that the threat actors are using this attack to gain initial access to a device and then take control over the host. Once they control the host, they can search for credentials and sensitive data or use the device as a launchpad to spread laterally in a network.

Respondents to the annual survey of the Rust community reported an uptick in weekly usage and challenges, writes InfoWorld: Among those surveyed who are using Rust, 81% were using the language on at least a weekly basis, compared to 72% in last year's survey. Of all Rust users, 75% said they are able to write production-ready code but 27% said it was at times a struggle to write useful, production-ready code.... While the survey pointed toward a growing, healthy community of "Rustaceans," it also found challenges. In particular, Rust users would like to see improvements in compile times, disk usage, debugging, and GUI development...

- For those who adopted Rust at work, 83% found it "challenging." But it was unclear how much of this was a Rust-specific issue or general challenges posed by adopting a new language. During adoption, only 13% of respondents believed the language was slowing their team down while 82% believed Rust helped their teams achieve their goals.

- Of the respondents using Rust, 59% use it at least occasionally at work and 23% use it for the majority of their coding. Last year, only 42% used Rust at work.
From the survey's results: After adoption, the costs seem to be justified: only 1% of respondents did not find the challenge worth it while 79% said it definitely was. When asked if their teams were likely to use Rust again in the future, 90% agreed. Finally, of respondents using Rust at work, 89% of respondents said their teams found it fun and enjoyable to program.

As for why respondents are using Rust at work, the top answer was that it allowed users "to build relatively correct and bug free software" with 96% of respondents agreeing with that statement. After correctness, performance (92%) was the next most popular choice. 89% of respondents agreed that they picked Rust at work because of Rust's much-discussed security properties.

Overall, Rust seems to be a language ready for the challenges of production, with only 3% of respondents saying that Rust was a "risky" choice for production use.
Thanks to Slashdot reader joshuark for submitting the story...

The best part of Windows 11 is Linux, argues Ars Technica: For years now, Windows 10's Windows Subsystem for Linux has been making life easier for developers, sysadmins, and hobbyists who have one foot in the Windows world and one foot in the Linux world. But WSL, handy as it is, has been hobbled by several things it could not do. Installing WSL has never been as easy as it should be — and getting graphical apps to work has historically been possible but also a pain in the butt that required some fairly obscure third-party software. Windows 11 finally fixes both of those problems. The Windows Subsystem for Linux isn't perfect on Windows 11, but it's a huge improvement over what came before.

Microsoft has traditionally made installing WSL more of a hassle than it should be, but the company finally got the process right in Windows 10 build 2004. Just open an elevated Command prompt (start --> type cmd --> click Run as Administrator), type wsl --install at the prompt, and you're good to go. Windows 11, thankfully, carries this process forward unchanged. A simple wsl --install with no further arguments gets you Hyper-V and the other underpinnings of WSL, along with the current version of Ubuntu. If you aren't an Ubuntu fan, you can see what other easily installable distributions are available with the command wsl --list --online. If you decide you'd prefer a different distro, you can install it instead with — for example — wsl --install -d openSUSE-42. If you're not sure which distribution you prefer, don't fret. You can install as many as you like, simply by repeating wsl --list --online to enumerate your options and wsl --install -d distroname to install whichever you like. Installing a second distribution doesn't uninstall the first; it creates a separate environment, independent of any others. You can run as many of these installed environments as you like simultaneously, without fear of one messing up another.

In addition to easy installation, WSL on Windows 11 brings support for both graphics and audio in WSL apps. This isn't exactly a first — Microsoft debuted WSLg in April, with Windows 10 Insider Build 21364. But Windows 11 is the first production Windows build with WSLg support. If this is your first time hearing of WSLg, the short version is simple: you can install GUI apps — for example, Firefox — from your Ubuntu (or other distro) command line, and they'll work as expected, including sound. When I installed WSLg on Windows 11 on the Framework laptop, running firefox from the Ubuntu terminal popped up the iconic browser automatically. Heading to YouTube in it worked perfectly, too, with neither frame drops in the video nor glitches in the audio....

[T]here is one obvious "killer app" for WSLg that has us excited — and that's virt-manager, the RedHat-originated virtualization management tool. virt-manager is a simple tool that streamlines the creation, management, and operation of virtual machines using the Linux Kernel Virtual Machine... virt-manager never got a Windows port and seems unlikely to. But it runs under WSLg like a champ.
They reported a few problems, like when running GNOME's Software Center app (and the GNOME shell desktop environment).

But "If you're already a Windows Subsystem for Linux (WSL) user, Windows 11 offers an enormously improved experience compared to what you're accustomed to from Windows 10. It installs more easily, makes more functionality available, and offers better desktop integration than older workarounds such as running MobaXTerm's X11 server."

Docker will restrict use of the free version of its Docker Desktop utility to individuals or small businesses, and has introduced a new more expensive subscription, as it searches for a sustainable business model. The Register reports: The company has renamed its Free plan to "Personal" and now requires that businesses with 250 or more employees, or higher than $10m in annual revenue, must use a paid subscription if they require Docker Desktop. There are no changes to the command-line Docker Engine. The $5/month Pro and $7/month Teams subscriptions continue as before, but a new $21/month Business subscription adds features including centralized management, single sign-on, and enhanced security.

The Docker platform has a number of components, of which Docker Desktop is just one part. Docker images define the contents of containers. Docker containers are runnable instances of images. The Docker daemon is a background application that manages and runs Docker images and containers. The Docker client is a command-line utility that calls the API of the Docker daemon. Docker registries contain images, and the Docker Hub is a widely used public registry. Much of Docker (but not Desktop) is open source under the Apache v2 license. Docker Desktop is a GUI tool for managing various Docker components and functions, including containers, images, volumes (storage attached to containers), local Kubernetes, development environments within containers, and more. Whereas most Docker components are available for Windows, Mac and Linux, and despite the fact that most Docker containers run on Linux, Desktop is only available for Windows and Mac. Docker CEO Scott Johnston says the changes will help the company address security challenges with the software supply chain. It'll also help create a viable business model.

"We continue to see growth in the developer market. The latest stat we have is that by 2030 there's going to be 45 million global developers, up from 18-some million today... that requires us to have a business that is sustainably scalable," Johnston told The Register.

Some users who bought an external hard drive that's delightfully shaped like a book ended up with "terabytes' worth of data, years of memories and months of hard work vanished in an instant," reports Engadget. (Though according to a new statement from Western Digital, "Some customers have reported that data recovery tools may be able to recover data from affected devices, and we are currently investigating the effectiveness of these tools.")

But why were these deletions from "My Books" happening in the first place? A Slashdot reader shares the first clue from Engadget's report: Several owners looked into the cause of the issue and determined that their devices were wiped after receiving a remote command for a factory reset. The commands starting going out at 3PM on Wednesday and lasted throughout the night. One user posted a copy of their log showing how a script was run to shut down their storage device for a factory restore.
Friday Western Digital's statement offered much more detail: Western Digital has determined that some My Book Live and My Book Live Duo devices are being compromised through exploitation of a remote command execution vulnerability... The log files we have reviewed show that the attackers directly connected to the affected My Book Live devices from a variety of IP addresses in different countries. This indicates that the affected devices were directly accessible from the Internet, either through direct connection or through port forwarding that was enabled either manually or automatically via UPnP.

Additionally, the log files show that on some devices, the attackers installed a trojan with a file named ".nttpd,1-ppc-be-t1-z", which is a Linux ELF binary compiled for the PowerPC architecture used by the My Book Live and Live Duo. A sample of this trojan has been captured for further analysis and it has been uploaded to VirusTotal.

Our investigation of this incident has not uncovered any evidence that Western Digital cloud services, firmware update servers, or customer credentials were compromised. As the My Book Live devices can be directly exposed to the internet through port forwarding, the attackers may be able to discover vulnerable devices through port scanning...

At this time, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet to protect your data on the device by following these instructions on our Knowledge Base. We have heard customer concerns that the current My Cloud OS 5 and My Cloud Home series of devices may be affected. These devices use a newer security architecture and are not affected by the vulnerabilities used in this attack. We recommend that eligible My Cloud OS 3 users upgrade to OS 5 to continue to receive security updates for your device

"You can now use GUI app support on Windows Subsystem for Linux (WSL)," Microsoft announced this week, "so that all the tools and workflows of Linux run on your developer machine." Bleeping Computer has already tested it running Gnome's file manager Nautilus, the open-source application monitor/task manager Stacer, the backup software Timeshift, and even the game Hedgewars.

Though it's currently available only to the millions who've registered for Windows 10 "Insider Preview" builds, it's already drawing positive reviews. "With the Windows Subsystem for Linux, developers no longer need to dual-boot a Windows and Linux system," argues the Windows Central site, "as you can now install all the Linux stuff a developer would need right on top of Windows instead."

Finally formally announced at this week's annual Microsoft Build conference, the new functionality runs graphical Linux apps "seamlessly," according to Tech Radar, calling the feature "highly anticipated." Arguably, one of the biggest, and surely the most exciting update to the Windows 10 WSL, Microsoft has been working on WSLg for quite a while and in fact first demoed it at last year's conference, before releasing the preview in April... Microsoft recommends running WSLg after enabling support for virtual GPU (vGPU) for WSL, in order to take advantage of 3D acceleration within the Linux apps.... WSLg also supports audio and microphone devices, which means the graphical Linux apps will also be able to record and play audio.

Keeping in line with its developer slant, Microsoft also announced that since WSLg can now help Linux apps leverage the graphics hardware on the Windows machine, the subsystem can be used to efficiently run Linux AI and ML workloads... If WSLg developers are to be believed, the update is expected to be generally available alongside the upcoming release of Windows.
Bleeping Computer explains that WSLg launches a "companion system distro" with Wayland, X, and Pulse Audio servers, calling its bundling with Windows 10 "an exciting development as it blurs the lines between Linux and Windows 10, and fans get the benefits of both worlds."

Microsoft is making the promised support for Linux graphical user interface (GUI) apps on Windows 10 available to customers as of the next Windows 10 release, officials said on May 25. Microsoft officials made the announcement on Day 1 of its virtual Build 2021 developers conference. From a report: During his Day 1 keynote, CEO Satya Nadella basically acknowledged there will be another event "soon" about the next Windows. He said: ""And soon we will share one of the most significant updates of Windows of the past decade." He said he has been self-hosting it over the past several months and called it "the next generation of Windows."

Microsoft released a preview of Linux GUI apps on the Windows Subsystem for Linux (WSL) in April, 2021. This capability is meant to allow developers to run their preferred Linux tools, utilities and apps directly on Windows 10. With GUI app support, users can now run GUI apps for testing, development and daily use without having to set up a virtual machine.

syn3rg shares a report from ZDNet: A Linux backdoor recently discovered by researchers has avoided VirusTotal detection since 2018. Dubbed RotaJakiro, the Linux malware has been described by the Qihoo 360 Netlab team as a backdoor targeting Linux 64-bit systems. RotaJakiro was first detected on March 25 when a Netlab distributed denial-of-service (DDoS) botnet C2 command tracking system, BotMon, flagged a suspicious file.

At the time of discovery, there were no malware detections on VirusTotal for the file, despite four samples having been uploaded -- two in 2018, one in 2020, and another in 2021. Netlab researchers say the Linux malware changes its use of encryption to fly under the radar, including ZLIB compression and combinations of AES, XOR, and key rotation during its activities, such as the obfuscation of command-and-control (C2) server communication. At present, the team says that they do not know the malware's "true purpose" beyond a focus on compromising Linux systems.

There are 12 functions in total including exfiltrating and stealing data, file and plugin management -- including query/download/delete -- and reporting device information. However, the team cites a "lack of visibility" into the plugins that is preventing a more thorough examination of the malware's overall capabilities. In addition, RotaJakiro will treat root and non-root users on compromised systems differently and will change its persistence methods depending on which accounts exist.

jonesy16 writes: While users have long been able to run Linux GUI apps on Windows by installing a separate X Server, this marks the first time that native support is available through the Windows Subsystem for Linux (WSL). Audio support and hardware acceleration are also provided, seemingly enabling a limitless set of use cases for those wishing to live the dual OS life. The change is identified in the recent preview build release along with a more in-depth discussion of the graphical subsystem now called WSLg.

"Jensen Huang, the CEO of Nvidia, the nation's most valuable semiconductor company, with a stock price of $645 a share and a market cap of $400 billion, is out to create the metaverse," writes Time magazine.

Huang defines it as "a virtual world that is a digital twin of ours." Huang credits author Neal Stephenson's Snow Crash, filled with collectives of shared 3-D spaces and virtually enhanced physical spaces that are extensions of the Internet, for conjuring the metaverse. This is already playing out with the massively popular online games like Fortnite and Minecraft, where users create richly imagined virtual worlds. Now the concept is being put to work by Nvidia and others.

Partnering with Nvidia, BMW is using a virtual digital twin of a factory in Regensburg, Germany, to virtually plan new workflows before deploying the changes in real time in their physical factory. The metaverse, says Huang, "is where we will create the future" and transform how the world's biggest industries operate...

Not to make any value judgments about the importance of video games, but do you find it ironic that a company that has its roots in entertainment is now providing vitally important computing power for drug discovery, basic research and reinventing manufacturing?

No, not at all. It's actually the opposite. We always started as a computing company. It just turned out that our first killer app was video games...

How important is the advent and the adaptation of digital twins for manufacturing, business and society at large?

In the future, the digital world or the virtual world will be thousands of times bigger than the physical world. There will be a new New York City. There'll be a new Shanghai. Every single factory and every single building will have a digital twin that will simulate and track the physical version of it. Always. By doing so, engineers and software programmers could simulate new software that will ultimately run in the physical version of the car, the physical version of the robot, the physical version of the airport, the physical version of the building. All of the software that's going to be running in these physical things will be simulated in the digital twin first, and then it will be downloaded into the physical version. And as a result, the product keeps getting better at an exponential rate.

The second thing is, you're going to be able to go in and out of the two worlds through wormholes. We'll go into the virtual world using virtual reality, and the objects in the virtual world, in the digital world, will come into the physical world, using augmented reality. So what's going to happen is pieces of the digital world will be temporarily, or even semipermanently, augmenting our physical world. It's ultimately about the fusion of the virtual world and the physical world.
See also this possibly related story, "Nvidia's newest AI model can transform single images into realistic 3D models."

Long-time Slashdot reader xiando quotes LinuxReviews: The community distribution Arch Linux has up to now required you to manually install it by entering a whole lot of scary commands in a terminal. Arch version 2021.04.01 features a new guided installer [reached by] typing python -m archinstall guided into the console you get when you boot the Arch Linux installation ISO.

It is not very novice-friendly, or user-friendly, but it gets the job done and it will work fine for those with some basic GNU/Linux knowledge.
Tech Radar writes that previously Arch Linux had "a rather convoluted installation process, which has given rise to a stream of Arch-based distros that are easier to install," adding that the new installer "was reportedly promoted as an official installation mechanism back in January, and was actively worked upon leading to its inclusion in the installation medium." Users have been calling on Arch Linux for simplifying the installation process for a long time, to bring it in line with other Linux distros. However, the Arch philosophy has always been to put the users in charge of every aspect of their installation, which is the antithesis of automated installers.
Phoronix calls the new installer "very quick and easy," although "granted not as user-friendly / polished as say the Debian Installer, Red Hat's Anaconda installer, even Ubuntu's Subiquity, and other TUI/GUI Linux installers out there." They also note that Archinstall "does allow automatically partitioning the drive with your choice of file-system options, automatically installing a desktop environment if desired, configuring the network interfaces, and all the other basics." The method is quick enough that I'll likely use archinstall for future Arch Linux benchmarks on Phoronix as it also then applies a sane set of defaults for users... Five minutes or less and off to the races, ready for Arch Linux."
But Slashdot reader I75BJC still favors "scary commands in a terminal," leaving this comment on the original submission: If you can't type with the big adults, stay on your PlayStation.

Even Apple, with its very good GUI has a command line. The command line commands are more flexible, more specific, more subtle than the pointy-clicky GUI.

Security researcher Brian Krebs wants you to know... "New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let's just get this out of the way right now: It wasn't me." The Shadowserver Foundation, a nonprofit that helps network owners identify and fix security threats, says it has found 21,248 different Exchange servers which appear to be compromised by a backdoor and communicating with [a domain that begins with brian . krebsonsecurity... Not a safe domain.] Shadowserver has been tracking wave after wave of attacks targeting flaws in Exchange that Microsoft addressed earlier this month in an emergency patch release. The group looks for attacks on Exchange systems using a combination of active Internet scans and "honeypots" — systems left vulnerable to attack so that defenders can study what attackers are doing to the devices and how.

David Watson, a longtime member and director of the Shadowserver Foundation Europe, says his group has been keeping a close eye on hundreds of unique variants of backdoors (a.k.a. "web shells") that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers. These backdoors give an attacker complete, remote control over the Exchange server (including any of the server's emails)... Shadowserver's honeypots saw multiple hosts with the Babydraco backdoor doing the same thing: Running a Microsoft Powershell script that fetches the file "krebsonsecurity.exe"... Oddly, none of the several dozen antivirus tools available to scan the file at Virustotal.com currently detect it as malicious. The Krebsonsecurity file also installs a root certificate, modifies the system registry, and tells Windows Defender not to scan the file. Watson said the Krebsonsecurity file will attempt to open up an encrypted connection between the Exchange server and the above-mentioned IP address, and send a small amount of traffic to it each minute.

Shadowserver found more than 21,000 Exchange Server systems that had the Babydraco backdoor installed. But Watson said they don't know how many of those systems also ran the secondary download from the rogue Krebsonsecurity domain. "Despite the abuse, this is potentially a good opportunity to highlight how vulnerable/compromised MS Exchange servers are being exploited in the wild right now, and hopefully help get the message out to victims that they need to sign up our free daily network reports," Watson said.