European News Outlets Continue Misrepresenting GrapheneOS Project


GrapheneOS is currently under a state sponsored attack attempting to misrepresent it as being for criminals, which we covered a bit at grapheneos.social/@GrapheneOS/…. These poorly researched, biased and inaccurate news stories have led to more harassment towards our community and team.

These attacks are taking a multi pronged approach including pushing existing fabricated stories and harassment towards our team. We'd appreciate if our community was more active than usual in debunking misinformation and attacks on our team. It's a very abnormal wave of attacks.



European authoritarians and their enablers in the media are misrepresenting GrapheneOS and even Pixel phones as if they're something for criminals. GrapheneOS is opposed to the mass surveillance police state these people want to impose on everyone.

xatakandroid.com/sociedad/cada…


GrapheneOS AOSP 16 To Reach Stable Channel Within Few Days


GrapheneOS based on Android 16 has been through extensive public Alpha/Beta testing and should reach our Stable channel today. We'll continue fixing various upstream Android 16 regressions such as the back button issue impacting the stock Pixel OS we fixed in our latest release.

July Android Security Bulletin will likely be published today. We obtained early access to the signed partner preview and confirmed no additional patches were required, so we set the 2025-07-01 patch level last month after we backported Pixel 2025-06-05 driver/firmware patches.

Tomorrow will likely be the first monthly update of Android 16 with a new Android Open Source Project and Pixel stock OS release. We won't need to backport Pixel driver/firmware patches since we're on Android 16 and can simply incorporate and ship the monthly update within hours.

It can be extraordinarily difficult to backport driver/firmware patches due to dependencies on the new major release. We were only able to backport everything required for the 2025-06-05 security patch level because Android 15 QPR2 is much closer to Android 16 than Android 15.

After our Android 16 port was completed yesterday, we started fixing an Android tapjacking vulnerability disclosed last month:

taptrap.click/

We have a fix implemented and it will be included in our next release, likely with the monthly Android 16 update tomorrow.

This vulnerability was disclosed to Google in October 2024 and Android still hasn't fixed it. Security researchers should report vulnerabilities to GrapheneOS in addition to Google. This now joins our many other GrapheneOS exclusive fixes for serious Android vulnerabilities.

We've decided to make another release today with our fix for the Android tapjacking vulnerability because we need to fix a DisplayPort alternate mode regression specific to 8th generation Pixels which doesn't impact 9th generation Pixels.

Using ZRAM on a laptop with 8 GB RAM. Worth it or waste of CPU?


I dug out my old Asus Zenbook (UX305CA) and refurbished it: gave it a good cleaning, replaced the thermal paste, installed a new battery, upgraded the SSD, and did a clean install of Ubuntu 24.04 (don't judge; everything else in my house is still Debian and/or OpenWRT).

The only thing I can't upgrade is the memory since it's soldered on. It's got 8 GB which hasn't really been a limit given my use cases, but since I'm in upgrade mode, I was thinking of running it with zram configured.

I just setup zram and gave it 50% of the physical memory as a starting point, set vm.swappiness to 140, and am using zstd as the compression algorithm.

Haven't noticed much difference, so there doesn't seem to be much CPU performance penalty even on this low-spec CPU (base clock 900 MHz lol). zramctl shows it's got 726 MB swapped to it currently which is compressed to 126 MB. Not bad! The only thing I haven't done yet is set the power profile to "Power Saver" - if there are going to be noticeable performance penalties, that's probably when it will show up.

I've only ever used zram on Raspberry Pis and on an old netbook, so I'm not sure if using it on a machine with an otherwise usable amount of RAM is even worth it.

Thoughts and/or suggestions for a better config?

This entry was edited (3 days ago)

GrapheneOS version 2025070600 released


Tags:
  • 2025070600 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, Pixel 9a, emulator, generic, other targets)

Changes since the 2025070500 release:

  • backport fix for back button regression in Android 16 from Android 16 QPR1 Beta 2.1
  • Pixel 8, Pixel 8 Pro, Pixel 8a: restore using asymmetric MTE mode for userspace instead of the default asynchronous mode
  • add back switching to using the Natural display color mode by default
  • migrate more device support to adevtool and remove more unused configuration
  • improve per-device integration for USB-C port control and pogo pins control to make maintenance easier
  • adevtool: remove obsolete overlay handling implementation
  • remove Circle to Search feature declaration
  • enable Runtime Resource Overlay (RRO) enforcement

GrapheneOS version 2025070500 released


Tags:
  • 2025070500 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, Pixel 9a, emulator, generic, other targets)

Changes since the 2025070301 release:

  • partially revert upstream changes in Android 16 breaking parts of the lockscreen layout including the date and media info
  • Pixel 8 Pro, Pixel 9 Pro, Pixel 9 Pro XL: add back feature declaration for Pixel Thermometer support lost in our Android 16 device port migration which prevented fresh installs of the app
  • Terminal (virtual machine management app): disable VM console feature since it isn't supported by the stable release of Android 16 outside of debug builds and trying to use it breaks installing the new images (the feature can be enabled once the core OS supports it in production builds)
  • update Pixel HAL compatibility matrix version numbers for Android 16
  • add lockscreen synchronization failsafe to protect against unknown vulnerabilities
  • improve code quality and add unit tests for our strict CVE-2024-50089 protection
  • kernel (6.6): update to latest GKI LTS branch revision including update to 6.6.94
  • fix port of our 2-factor fingerprint authentication tests to Android 16

GrapheneOS Based On AOSP 16 Now Available In Beta Channel For Testing


GrapheneOS based on Android 16 is now available in our Beta channel. There are 2 main known issues which will be fixed in the next release: lockscreen date and media info are not properly displayed due to an upstream AOSP bug and Pixel Thermometer doesn't appear in our App Store.

Last month, we provided the 2025-06-01 Android/Pixel security patch level early in the month before the stock OS release as preparation and then backported Android 16 firmware and kernel/userspace driver patches to provide the 2025-06-05 Android and then Pixel patch levels.

Our 2025062700 release raised the overall patch level to 2025-07-01 since we got early access to it with a verifiable signature and know we already provide the patches. We usually do an early Android Security Bulletin release before the stock OS but it was done for July in June.

Android Security Bulletins are backports of High/Critical severity patches to older Android. Starting this month, the initial release of Android 16 is one of those older releases. It's split into AOSP userspace patches (YYYY-MM-01) and driver/firmware/Linux patches (YYYY-MM-05)

YYYY-MM-05 patch level has a device-specific portion with more driver/firmware patches. For Pixels, it's the Pixel Update Bulletin. Most Pixel Update Bulletin patches aren't specific to Pixels but the Android Security Bulletin doesn't cover Samsung cellular, Broadcom Wi-Fi, etc.

Pixel Update Bulletin patches are what we had to backport to Android 15 QPR2:

source.android.com/docs/securi…

These were for firmware/drivers/services for Samsung cellular (including the Radio Interface Layer), Broadcom/Qualcomm Wi-Fi/Bluetooth, NVT touchscreen, fingerprint and TPU.

The only part truly specific to Pixels was the TPU patch. Bear that in mind when you look at those Pixel Update Bulletins. Other devices are meant to have their own bulletins covering the same things if they use those components and also further patches. It's fully up to OEMs.

Android Security Bulletin (ASB) is published on the first Monday of the month unless it's a US/Google holiday in which case it gets pushed ahead a day or two. The Android release for the month is a separate thing from the ASB backports, usually published the day after the ASB.

ASB is likely July 7 and the Android OS release is likely July 8. Our aim is to have Android 16 in our Stable channel prior to July 8 so we can ship the initial monthly update to Android 16 instead of needing to backport Pixel Update Bulletin patches which could be infeasible.

Each month, Android has a new stable OS release. It's a monthly, quarterly or yearly release. Quarterly and yearly releases move along the development branch about the same amount and have a similar amount of changes. Those have months of public Developer Previews / Betas first.

Pixels ship the latest monthly, quarterly and yearly release each month. Non-Pixels ship an initial yearly Android release and then only Android Security Bulletin backports until they ship the next yearly release. ASB backports are a subset of the AOSP patches, not all of them.

GrapheneOS needs to follow the stable releases in order to provide the full AOSP privacy/security patches. It also needs to keep up with them in order to ship Pixel driver/firmware patches which are made for the latest stable release, but we'd still need to do this on non-Pixels.

GrapheneOS version 2025070301 released


Tags:
  • 2025070301 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, Pixel 9a, emulator, generic, other targets)

Changes since the 2025070300 release:

  • fix upstream Android 16 issue causing very large Binder transactions due to the size scaling based on the number of apps installed across all users including base OS apps
  • reduce virtual memory reserved for Binder buffers back to 1MiB now that we have a direct fix for the upstream issue causing more to be required and using a larger virtual memory reservation size appears to have a small chance of failing
  • revert our fix for a screenshot process crash that's now fixed upstream in Android 16

GrapheneOS Foundation Discusses Non-Standard Per-app Permissions


Android regularly adds and splits permissions for new API levels. Legacy apps are handled by treating them as requesting the permission to provide a toggle for it. For example, Android 13 converted the existing toggle for disabling notifications for an app into a new POST_NOTIFICATIONS permission.

The Android Open Source Project has infrastructure for this since it's a regular part of the app sandbox and permission model improving. We add Network and Sensors permission toggles in GrapheneOS where Network is based on the existing low-level INTERNET permission and Sensors is entirely new.

Nearly all apps are unaware of these non-standard permissions just as they're unaware of new permissions added by Android before they get upgraded. Therefore, we enable them by default for compatibility but provide the ability for users to disable them at install time like the standard permissions.

For Network, apps request INTERNET, so we provide a toggle for rejecting that request in the initial app install dialog. If it's added in an upgrade, it's disabled by default. For Sensors, apps don't request it so we handle it similarly to how Android handled POST_NOTIFICATIONS for existing apps.

When Network is disabled, we act as if the network is down for compatibility. We won't run network-dependent jobs, various APIs will report it as down and we give errors matching it being down. When Sensors is disabled, sensors not covered by standard permissions give zeroed data and no events.

For usability, apps trying to use those sensors when Sensors is disabled will trigger a notification from the OS which can be disabled on a per-app basis. This informs users about what's going on so they'll know the app is either doing something sketchy or that it may actually require it.

F-Droid has an incorrect approach to installing apps which wrongly warns users about the standard Android POST_NOTIFICATIONS permission, our OTHER_SENSORS permission and previous Android permission additions/splits. They wrongly blamed GrapheneOS and didn't fix it:

archive.ph/MtB2J

They're now realizing that it happens with standard Android permissions added / split in new releases. Their approach to installing apps has been incorrect in multiple ways for many years and this is one of them. Their approach to listing which permissions are used by apps is also very incorrect.

F-Droid has a long history of denying issues including covering up serious security flaws. In some cases they eventually ship a fix but still deny it. It's a major factor in why F-Droid is not a safe or trustworthy source of apps due to major security issues not being acknowledged or addressed.

Multiple of the F-Droid developers wrongly blaming their app bug on GrapheneOS in that issue are Calyx contractors. They prioritize attacking GrapheneOS with inaccurate claims and fabricated stories about our team over fixing a bug in their app impacting both GrapheneOS and non-GrapheneOS users.

We've repeatedly brought up F-Droid not properly listing permissions or checking for them. Their understanding of Android's permission model is wrong. The way they list permissions misleads and misinforms users. It's one of many major F-Droid flaws they consistently don't acknowledge or fix.

Due to F-Droid deliberately causing friction and annoyances for GrapheneOS users, we'll be implementing a feature similar to our sandboxed Google Play compatibility layer for it. We'll can resolve deliberate issues created for GrapheneOS users ourselves as we did with Revolut.

TikTok Pulls Millions in Arts Sponsorships Amid Ottawa Crackdown


in reply to Sunshine (she/her)

Our (Lib under Trudeau) government banned TikTok to appease the US after they did the same under Biden. But Trump has since nullified the TikTok ban in the US. Why are we still going through with this? As a nice gift to the US tech oligarch (after we backtracked the Digital Services Tax on them)? Is the platform too leftwing for the government's liking?
in reply to SlartyBartFast

Do you mean specifically Carney flipping pancakes or politicians flipping pancakes in general? I can't speak about elsewhere but in Alberta organizations frequently put on pancake breakfasts often accompanying some other larger event. Politicians local to federal (depending on the size of the event) take it as an opportunity to do some glad-handing. In this particular case I guess Carney isn't a proficient pancake flipper.
This entry was edited (2 days ago)

B.C. Conservative leader John Rustad faces criticism from several sides amid review


Trump to send 12 more tariff letters today, says White House, with more to follow this week


Donald Trump will send foreign leaders more letters notifying them of new tariffs in the days to come, said Karoline Leavitt.

“There will be additional letters in the coming days,” the White House press secretary said, in addition to the 12 he plans to send today and the two already made public, which were to South Korea and Japan’s leaders,

As for why Trump decided to start with the two Asian allies, Leavitt said:

It’s the president’s prerogative and those are the countries he chose.

Exclusive: Proposal outlines large-scale 'Humanitarian Transit Areas' for Palestinians in Gaza


July 7 (Reuters) - A proposal seen by Reuters and bearing the name of a controversial U.S.-backed aid group described a plan to build large-scale camps called “Humanitarian Transit Areas” inside - and possibly outside - Gaza to house the Palestinian population, outlining a vision of "replacing Hamas' control over the population in Gaza."

The $2 billion plan, created sometime after February 11 and carrying the name of the U.S.-backed Gaza Humanitarian Foundation, or GHF, was submitted to the Trump administration, according to two sources, one of whom said it was recently discussed in the White House.

https://www.reuters.com/world/middle-east/us-backed-aid-group-proposed-human-transit-areas-palestinians-gaza-2025-07-07/

Cabinet ministers told to find ‘ambitious’ savings by end of summer


Federal cabinet ministers are being asked to find ... ways to reduce program spending by 7.5 per cent in the fiscal year that begins April 1, 2026, followed by 10 per cent in savings the next year and 15 per cent in the 2028-29 fiscal year.


I'm getting 90s vibes. Government cutbacks, threats of separation, climate change. It's all here.

But there's a modern twist: we're talking about 3C change in 2100, there's a housing crisis, our media landscape is dominated by tech bros, and the US is lost in the culture wars.

archive

in reply to sbv

“You will be expected to bring forward ambitious savings proposals to spend less on the day-to-day running of government, and invest more in building a strong, united Canadian economy,” Mr. Champagne wrote in one of the letters.


So cuts to the public service and services to fund loans/giveaways to the private sector.

“Through this ambitious review each minister should examine the programs and activities in their portfolio to determine which are: meeting their objectives, are core to the federal mandate, and complement versus duplicate what is offered elsewhere by the federal government or by other levels of government,” it states.


Anyone who has been through a round of layoffs recognizes this language. All it's missing is a need to find "efficiencies". Carney is looking less and less like the genius economy understander I was told he was and more and more like a bog standard orthodox Friedmanite.

This entry was edited (3 days ago)
in reply to sbv

The annoying thing is that for a lot of his voters it seems like his decisions have been surprising. I'm seeing a lot of, "trust the plan," sort of comments elsewhere like this is all leading to some bait-and-switch social democratic turn. I think the Liberal campaign didn't focus on his fiscal orthodoxy and a lot of people just projected whatever they wanted him to be onto him.
in reply to Tlaloc_Temporal

I liked Jagmeet, and the NDP platform (well what i understood of it), if i wasn't worried that PP would get in they would have gotten my vote. I did feel that he didn't stand a chance of getting in.

I did read Carney's book (values), i found it extremely difficult to read, and said a lot without saying anything. I don't think he would get my vote if not for PP.

I'd like to see a rule that any politician voted in must work in an aid camp in a warzone to be elegable for office. Or maybe spend a year as an average citizen in their country.

in reply to karlhungus

Jagmeet was a nice enough person, but his communication never seemed to be about making changes, only criticising the other parties. It's possible I missed the more constructive messages, but the constant tearing down in political messaging is why I don't ingest much of it. NDP would also be my choice (outside of a spoiler situation), but the default answer isn't very inspiring.

FPTP isn't the only fucked up voting issue we have though, as the vote for leader also affected so many local representatives, and I thing that's where the NDP is currently strongest. Losing local reps is a sad price for opposing a national lunatic.

I've thoughs about similar restrictions to bring high-level politicians down to Earth. Hard limits to effective income from all sources of perhaps 2.5x minimum wage. Six months of consecutive retail or food service work.

Jack Dorsey just Announced Bitchat(A secure, decentralized, peer-to-peer messaging app for iOS and macOS that works over Bluetooth mesh networks) Licensed Under Public Domain.


This entry was edited (3 days ago)

Turning every word of Ulysses into a clickable link. What topics would you recommend us to cover?


We’re turning every word of James Joyce’s Ulysses into a clickable link.
Some links reflect the current state of the world, some capture modern culture, others are just playfully weird or totally random. Together, they create a living portrait of the Web, word by word. See them here.
What topics do you think we should cover as we pick new links for this project?
in reply to KoboldCoterie

You're absolutely right: the links are not related to the words, that's the point: a total surprise.
20 links, we've just started this chapter (Chapter I (2)), therefore we're asking for your advice 😀

We've started another chapter earlier (Chapter I (1)), where everyone can add links, to any word. Feel free to add yours (or someone else's). Ulysses has 265,222 words. When we fill them all, it will become the world's largest portrait of the Web.

"Duplicate link" - we've doublechecked, haven't found any. Can you pinpoint it for us? I would be thankful 😀

Transport committee will study BC Ferries’ Chinese ship contract


GNOME 49 Alpha Released With X11 Support Disabled By Default, Many New Features


Canon PIXMA G550 Linux compatibility?


I'm in the process of getting a new printer and since I recently (December 2024) switched to Linux it would be nice if it would be Linux compatible. So far I've decided on the Canon PIXMA G550 printer but I can't find anything about it's compatibility so I figured I would just ask here in the hopes someone might have the same printer or knows someone who has the same printer and can tell me if this printer works with Linux. If all else fails I could still use the printer with my tablet or phone using Canons app but using it with my desktop would be much more comfortable.
in reply to dblsaiko

I think network printer made by big manufacturer recent years should be fine with IPP driverless. They found Printer Working Group of IEEE, this organization maintains IPP standard and IPP Everywhere™ Certification. AirPrint can be treated as Apple version of IPP Everywhere, the difference between them is AirPrint requires Apple Raster but IPP Everywhere requires PWG Raster (and JPEG JFIF file format if color printer).

pwg.org/ipp/everywhere.html

Why is it so hard to get real Pay-As-You-Go mobile plans in Canada?


Just wanted to share some frustrations and open this up for discussion.

Unlike in Europe or parts of Asia, Canada has virtually no true pay-as-you-go (PAYG) mobile plans. Most so-called “prepaid” or “PAYG” options here are just monthly bundles with expiry dates — not actual usage-based billing. You’re often paying $15–30/month whether you use 100 MB or not at all.

To make things worse:

  • The minimum postpaid plan is now often 60 GB or more — which is total overkill for average users who don’t stream or game constantly.
  • Vacation suspensions are restricted or unavailable unless you upgrade to expensive plans and limited to a minimum of 30 days.
  • Text-to-911 is still not available to the general public, only for those registered as Deaf or hard of hearing — despite many emergency scenarios (hostage, abuse, low signal) where calling isn't possible.
  • CRTC and CCTS don’t help. The CRTC says they can’t intervene in pricing or service terms, and the CCTS (per Section 4.3) won’t challenge carrier policies themselves.

Please note that I’m not asking for charity or free service — just fairer options that reflect actual usage, more flexible policies, and access to emergency support.

Has anyone here had better experiences with MVNOs or alternatives? And why do we seem so far behind compared to other countries?

This entry was edited (3 days ago)
in reply to Diyan Hu

Canadians are way too used to getting shafted.

I currently pay monthly but if I had to get a PAYG plan, I'd go with something like Saily: saily.com/esim-canada/

Or one of those other eSim companies. However, I'm not sure if it's just data or if it'll give you a number. Typically with PAYG I'm happy with just data, but I know it doesn't work for everyone. The cost is pretty wild though, I'm in London UK right now and I got a 200GB PAYG SIM for the same price as the 20GB SIM on Saily.


Freedom's Prepaid looks alright-ish?

shop.freedommobile.ca/en-CA/pr…

This entry was edited (1 day ago)

Does anyone have any experience with sending raw HID commands on Linux? Trying to make a project work


I've currently been messing around trying to make the Switch 2 Pro Controller work on Linux using the raw HID commands from this website, to potentially build into a driver as a bit of a project to get better at C. However, seemingly nothing I use can send any commands properly, or at least in a way that makes the controller work. I've tried both echo, sending bytes to the /dev/hidraw6 device (that device at least on my system, may vary on others), as well as hidapitester (a wrapper for hidapi). I know the device works, as a WebUSB tool that uses the same commands makes the controller work on this system. Is anyone more familiar with this, and can point me in the right direction? I'm on Fedora Linux 42 if that info helps.
in reply to heythatsprettygood

You might want to try this matrix channel:

matrix.to/#/#simracing:matrix.…

It's a channel for sim racing, but there are pretty knowledgeable people around that can get all sorts of obscure peripherals working on Linux.

‘No warning at all’: Texas flood survivors question safety planning and officials’ response


People who lost everything describe leaving homes and express anger at poor preparedness and officials who seemed to shirk responsibility

As Texas marshals a formidable response to the flash floods that have already killed dozens, questions are now being posed about warnings that were given on Thursday and early Friday about the severity of the approaching storm and the co-ordination between local officials and the National Weather Service.

New flood alerts were issued for Texas “hill country” on Sunday, prompting rescue services to suspend the search for missing people, including at least 11 from Camp Mystic, the summer camp on the banks of the Guadalupe River hard hit by Friday’s flash flood.

At an early evening press briefing, Kerr county authorities said they were suspending the search and evacuating first responders from the river valley. They confirmed that 68 had died there, including 28 children. Not all have been identified, with officials still examining the bodies of 18 adults and 10 children.

Black screen on wake from suspend on game mode


Hi all, I have tried everything, and now I am coming here for help. Hopefully someone can tell me what's happening here.
So, I have this older pc that I have converted into a steam console, first with Bazzite and now with Chimera OS. Both work very nicely, but the one issue that persisted on both distros is that when I put the pc to sleep from game mode (press xbox button>power>sleep) then wake it up, the screen is not receiving a signal, it not even a black screen, just no signal. I would have to force reboot it to be able to get in. Nothing works. I can't even get into a tty screen or do anything. It is connected to a samsung tv 65mu8000 via HDMI cable. I have UHD color input enabled for that input, just to give more details.

I have tried disabling the wake up animation like some folks suggested and that didn't do anything. I have tried disabling the display core like some other searches suggested by putting amdgpu.dc=0 in modprob.d in its own file. I have tried blocking the intel iGPU, even though this CPU doesn't have one. Nothing works.
It has an intel core i7 5930k and an AMD RX 6600.
I would appreciate any help or suggestions
Thank you

Black screen on wake from suspend on game mode


Hi all, I have tried everything, and now I am coming here for help. Hopefully someone can tell me what's happening here.
So, I have this older pc that I have converted into a steam console, first with Bazzite and now with Chimera OS. Both work very nicely, but the one issue that persisted on both distros is that when I put the pc to sleep from game mode (press xbox button>power>sleep) then wake it up, the screen is not receiving a signal, it not even a black screen, just no signal. I would have to force reboot it to be able to get in. Nothing works. I can't even get into a tty screen or do anything. It is connected to a samsung tv 65mu8000 via HDMI cable. I have UHD color input enabled for that input, just to give more details.

I have tried disabling the wake up animation like some folks suggested and that didn't do anything. I have tried disabling the display core like some other searches suggested by putting amdgpu.dc=0 in modprob.d in its own file. I have tried blocking the intel iGPU, even though this CPU doesn't have one. Nothing works.
It has an intel core i7 5930k and an AMD RX 6600.
I would appreciate any help or suggestions
Thank you

in reply to DonutsRMeh

I've had the similar problems with bazzite in desktop mode coming back from sleep or screen off, first with Nvidia, then solved by switching to an AMD graphics card, but now it happens there too. I have two workarounds.

1) Try Ctrl+Alt+F1and Ctrl+Alt+F3. You should be able to switch to console then back to desktop/login screen.

2) In KDE Plasma, there's a way to map wake screen to a keyboard button. That worked for me until I reinstalled the OS and never bothered.

I think this is a Plasma or SSDM issue but idk how to report it properly.

Any ideas would be appreciated

in reply to DonutsRMeh

You think it's the screen/hdmi at fault, but it might not be. I've had the problem with two laptops in the past (the bug was with all distros I tried), and in one case it was a BIOS that Linux didn't like, and the second one was the internal wifi that its linux driver was buggy. For the first laptop there was nothing to be done, so I disabled sleep completely in the bios, while for the second one, I disabled the wifi modules in the kernel's blacklist, and then used a usb wifi that I knew it worked better. Both cases were appearing as a dead screen, but it wasn't the screen/hdmi/gfx card to blame. In yet another case, with a thinkpad laptop, the wake up was working, but it would wake up 30 seconds later than anticipated. In that case, it was the fact that its thunderbolt was dead (hardware had gone bad), and only when I disabled it in the bios completely the laptop would wake up correctly and fast.

In all those cases, I had to look at the kernel logs to see what was the issue. There were traces of the problem of which hardware exactly was creating the problem. It might look like a screen/hdmi problem, but most of the times, it's not.

Omarchy - an opinionated Hyprland + Arch setup | built by DHH


David Heinemeier Hansson, the creator of Ruby on Rails, has tailored together his take on Hyprland combined with Arch. It looks quite neat and promising and looks like a nice entry point for those who don't want to configure hyprland themselves. DHH describes Omarchy as:

Turn a fresh Arch installation into a fully-configured, beautiful, and modern web development system based on Hyprland by running a single command. That's the one-line pitch for Omarchy (like it was for Omakub). No need to write bespoke configs for every essential tool just to get started or to be up on all the latest command-line tools. Omarchy is an opinionated take on what Linux can be at its best.


Omarchy comes in different themes, and by the looks of it this are hotswappable on the go by using the keybinds: Super + Ctrl + Shift + Space.

::: spoiler Theme Showcase
1
:::

Website: omarchy.org/
Documantation/Manual: manuals.omamix.org/2/the-omarc…
Github: github.com/basecamp/omarchy
YT video showcase: youtu.be/I5Mnni7cea8
Invidious video showcase: invidious.reallyaweso.me/watch…

Omarchy - an opinionated Hyprland + Arch setup | built by DHH


David Heinemeier Hansson, the creator of Ruby on Rails, has tailored together his take on Hyprland combined with Arch. It looks quite neat and promising and looks like a nice entry point for those who don't want to configure hyprland themselves. DHH describes Omarchy as:

Turn a fresh Arch installation into a fully-configured, beautiful, and modern web development system based on Hyprland by running a single command. That's the one-line pitch for Omarchy (like it was for Omakub). No need to write bespoke configs for every essential tool just to get started or to be up on all the latest command-line tools. Omarchy is an opinionated take on what Linux can be at its best.


Omarchy comes in different themes, and by the looks of it this are hotswappable on the go by using the keybinds: Super + Ctrl + Shift + Space.

::: spoiler Theme Showcase
1

2

3

4

5

6
:::

This entry was edited (3 days ago)
in reply to phantomwise

Was just about to suggest it might be PDA. I have a bit of that and it is rather annoying. Some techniques ive used go combat this:

  • challenge yourself. Or someone else challenge you to do a thing. "I bet you can't do x."
  • give yourself a couple choices that lead to the same result and then just lick one. This one can be tough if im feeling indecisive.

Neither are perfect but they do help sometimes.

This entry was edited (3 days ago)
in reply to zmrl

Nice suggestions, thanks!

Challenges usually get the opposite reaction than demands for me, I can't even count all the stuff I've done because of it. Maybe self (not-)imposed challenges would work? I'll need to give it a try. Though challenges also have their problems, like picking the most stupid or pointless ideas because I was advised not to do it. I think there's a correlation between how stupid and pointless an idea is and how quickly my brain latches onto in 😅

The ‘China threat’ as ‘basis’ for Ontario’s attack on democratic rights — The Canada Files


in reply to Avatar of Vengeance

“Ontario and Canada have critical minerals in abundance and America needs them. At a time when China is winning the race to dominate these resources while also restricting the sale and shipment of critical minerals to the U.S., Canada and Ontario need to urgently get our critical minerals out of the ground, processed and shipped to the factory floors that are building for the future.”


US, afaik, has tariffs on Canadian critical materials, while it makes deals with China to ensure the access it needs, and while it destroys commercial supply of new energy within US, to make sure it needs as little as possible. Banning "CCP" energy is a basis for lies for banning Chinese solar that don't have CCP ties, and even if they did, it's a fucking solar panel.

If bill C5 was used as a carrot to come into effect after the US makes an acceptable trade deal, which means elimination of all tariffs imposed this year, then this would be a somewhat acceptable act of sycophancy. Without "normalized US trade relations", it is extreme oppressive enslavement of Ontarians/Canadians.

An economic future for any nation with critical minerals is to develop them. Forcing colonial slavery of a single buyer who is currently committed against the future, while excluding buyers driving the future, is pure treason, and economic/social/climate terrorism on its own people/businesses.

Canada needs to cut all military ties with US. Stop seeking alliances where political capital is all in on war on Russia and China and Iran. US empire is collapsing, but it can buy a few years by exploiting its colonies harder. It is categorically unacceptable for our rulers to assist US destruction of our colony.

What happened to Ontario saving its auto sector? Japan/SK/US companies that cut investments/factories should have their phone/electronics brands tariffed. Huawei 5g, and datacenters/AI should be welcome. DST definitely threatened to be reimposed. High fees for access to NORAD. If Ford, is happy to destroy Auto manufacturing, then Australian prosperity has done well with better value cars and Chinese trade as a better economic model.

Fortress Can-Am has a pathethic political appeal, ONLY IF, there exists someone from the Am side that is enthusiastic about it.

This entry was edited (3 days ago)

If americans come to germany and act like german public Transport is the best, how frickin bad is american public Transport?


Genuine Question. Even if I look at hungarian Transport, and they to this day use trains from the UdSSR, they come more consistantly then the DB.

They are really Bad sometimes, with like 20 seperate prices: Theres the bayernwald ticket that only works in the alps, then theres the official ticket to the destination. Theres a special offer, but only in the very special APP. You can use a d-ticket, but look! Some random ass slum in the middle of the worlds ass dosent accept that, but it does the MVV zone Tickets. But then you need the MVV zone 11-M, a ticket to the beginning to the Nürnberg zones, and a ticket for the Nürnberg zones.

And yet this shit is better than americas rails? How?

This entry was edited (4 days ago)
in reply to Luffy

When I was in Australia, a bunch of people asked me about the public transport here and all of them were baffled when I told them how shit it was...

I have no idea why this perception that everything must be perfect in Germany or Europe came from but it is sooo outdated.

Speaking of tickets; in NSW you just tap your Opal card when entering/leaving train stations. It makes so much more sense and is so much easier.

This entry was edited (4 days ago)

Danielle Smith, Queen of Measles


It’s official: Premier Danielle Smith can now call herself Queen of Measles.

And not just in Alberta. Try North America.

That’s right. Alberta now leads the continent in a preventable childhood disease that leaves at least two of every 1,000 infections with severe intellectual disabilities, pneumonia or hearing loss. Or dead.

Stunningly, Alberta has already recorded nearly half a dozen cases of measles present at birth in the province.

And every measles infection leaves a child with a disabled immune system, stripped of memory about how to fight other routine infections. As a result, any unvaccinated child who battles measles will probably be sicklier, possibly for years afterwards. Brazilian researchers recently found a high correlation between having measles and later dying of another infectious disease.

https://thetyee.ca/Analysis/2025/07/07/Danielle-Smith-Queen-Measles/

Bribe Offers and Conflicts of Interest: Vancouver’s Building Inspector Scandal


For a decade, Vancouver city managers knew an employee in the building inspection department was part owner of a private company that did work frequently checked by city inspectors.

That employee and the city staff he managed often inspected the company’s work, and a conflict-of-interest investigation found the employee, “in their capacity as a city inspector, personally made decisions about the private sector business they owned in four instances.” None of those decisions were “unfavourable” to the business, the report said.

The employee also said he’d been offered, but refused, a bribe from another contractor. An analysis by the city’s Office of the Auditor General, or OAG, found the contractor had appeared to receive preferential treatment from the employee.

https://thetyee.ca/News/2025/07/07/Vancouver-Building-Inspector-Scandal/

Human trafficking case ends on 'significant disclosure issue,' Hamilton Crown drops charges


On the day a month-long trial for a man accused of "significant" human trafficking was set to begin, the Crown's case fell apart over a technicality.

Christian Vitela, 37, and his defence lawyer had not received all disclosure or evidence related to the case in the years leading up to the criminal trial, assistant Crown attorney Heather Palin said on April 23.

Vitela hadn't accessed all phone records of the migrant workers he was charged with trafficking — the phones had been seized by the RCMP and were "typically core disclosure in human trafficking prosecutions," said Vitela's lawyer, Tobias Okada-Phillips.

The RCMP, which initially laid nine human trafficking charges against Vitela in 2019, have a different version of events. It includes that they notified Vitela on several occasions that the information was available, and set up a room and computer for him to view the materials, but he never showed up.

What’s the ideal ripeness for plantain chips?


I’ve been making plantain chips for a bit, and I’m always dissatisfied with them. If my plantains are too ripe, the chips can’t crunch up. Not ripe enough and they lack the slight sweetness I love.

I decided to grab the greenest ones at the market to slowly ripen them at home, but even that’s a bit wonky, as they tend to ripen on top but not the bottom, which leaves me with something peculiar and delicious, but certainly not what I’m looking for.

So, how do you consistently get plantains in the Goldilocks zone?

Charles Rice, Nobel Prize winner in Medicine: ‘It’s a crime that a drug exists that could cure everyone yet not everybody has access to it’


Intel Wildcat Lake HID Support & Dell + ASUS Additions Ahead Of Linux 6.16-rc5


just_another_person doesn't like this.

Vulnerability Report - June 2025


Introduction


This vulnerability report has been generated using data aggregated on
Vulnerability-Lookup,
with contributions from the platform’s community.

It highlights the most frequently mentioned vulnerability for June 2025, based on sightings collected from various sources, including MISP, Exploit-DB, Bluesky, Mastodon, GitHub Gists, The Shadowserver Foundation, Nuclei, and more. For further details, please visit this page.

The final section focuses on exploitations observed through The Shadowserver Foundation's honeypot network.

The Month at a Glance


The June 2025 report highlights a mix of long-standing and newly identified high-risk vulnerabilities. Notably, Citrix discloses a critical NetScaler ADC/Gateway flaw (CVE-2025-5777), dubbed “CitrixBleed 2,” which can expose session tokens and bypass multi-factor authentication — echoing last year’s infamous CitrixBleed. Other urgent issues include a PayU India WordPress plugin vulnerability (CVE-2025-31022) that allows full account takeover across thousands of sites, and a Python “tarfile” library bug (CVE-2025-4517) that enables attackers to write files outside intended directories. Among the most sighted vulnerabilities are multiple Microsoft Windows 10 and Google Chrome flaws, as well as several Citrix ADC bugs, many rated “High” or “Critical.” Common web weaknesses like cross-site scripting and SQL injection (CWE-79, CWE-89) remain widespread, highlighting the ongoing need for strong patching hygiene. Some older vulnerabilities — such as the 2015 D-Link DIR-645 flaw and known Confluence or Cisco RCE bugs — also continue to see active exploitation. Organizations should prioritize remediation of these critical and actively targeted vulnerabilities, while reinforcing application security against injection and XSS attacks.

Top 10 vulnerabilities of the Month

VulnerabilityVendorProductVLAI Severity
CVE-2025-33053MicrosoftWindows 10 Version 1809High
CVE-2025-49113RoundcubeWebmailHigh
CVE-2025-5777NetScalerADCCritical
CVE-2025-5419GoogleChromeHigh
CVE-2025-2783GoogleChromeHigh
CVE-2025-6019Red HatRed Hat Enterprise Linux 10Medium
CVE-2025-33073MicrosoftWindows 10 Version 1809High
CVE-2025-6543NetScalerADCCritical
CVE-2015-2051D-LinkDIR-645Critical
CVE-2017-18368ZyXELP660HN-T1ACritical

Evolution of sightings per week


Top 10 Weaknesses of the Month

CWENumber of vulnerabilities
CWE-79659
CWE-89411
CWE-74342
CWE-119190
CWE-862157
CWE-352157
CWE-120105
CWE-9494
CWE-2286
CWE-9874

Insights from Contributors


CitrixBleed 2
Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum, although there haven't been any reports of active exploitation. Yet.

Security analyst Kevin Beaumont dubbed the vulnerability "CitrixBleed 2." As The Register's readers likely remember, that earlier flaw (CVE-2023-4966) allowed attackers to access a device's memory, find session tokens, and then use those to impersonate an authenticated user while bypassing multi-factor authentication — which is also possible with this new bug.

GCVE-1-2025-0002: Cl0p Ransomware Data Exfiltration Vulnerable to RCE Attacks
A newly identified security vulnerability in the Cl0p ransomware group’s data exfiltration utility has exposed a critical remote code execution (RCE) flaw that security researchers and rival threat actors could potentially exploit.

The vulnerability, designated as GCVE-1-2025-0002, was published on July 1, 2025, and carries a high severity rating of 8.9 on the CVSS:4.0 scale.

Stuxnet-related CVEs
- CVE-2010-2568 MS10-046 Windows
- CVE-2010-2729 MS10-061 Windows
- CVE-2008-4250 MS08-067 Windows
- CVE-2010-2772 Not Available Siemens SIMATIC WinCC

CVE-2025-31022: More details about PayU wordpress extension
"This can be abused by a malicious actor to perform action which normally should only be able to be executed by higher privileged users. These actions might allow the malicious actor to gain admin access to the website."

CVE-2025-4517: Additional information
RISK : Multiple vulnerabilities affect the standard TarFile library for CPython. Currently, there is no indication that the vulnerability is actively exploited, but because it is a zero-day with a substantial install base, attackers can exploit it at any moment. An attacker could exploit flaws to bypass safety checks when extracting compressed files, allowing them to write files outside intended directories, create malicious links, or tamper with system files even when protections are supposedly enabled. Successful exploitation could lead to unauthorised access, data corruption, or malware installation, especially if your systems or third-party tools handle untrusted file uploads or archives RECOMMENDED ACTION: Patch Source: ccb.be

Continuous Exploitation



Thank you


Thank you to all the contributors and our diverse sources!

If you want to contribute to the next report, you can create your account.

Feedback and Support


If you have suggestions, please feel free to open a ticket on our GitHub repository. Your feedback is invaluable to us!
github.com/vulnerability-looku…

'There are no plans to drop support for SteamOS': The Finals devs commit to Steam Deck and Linux players despite new kernel-level anti-cheat | PC Gamer


in reply to just_another_person

My friends and I play it nightly, because it's a good casual FPS and it has many modes, decent progression. Honestly environment destruction is such a powerful mechanic for making games have variability between games that it makes each feel unique - like a puzzle even at times.

There's not a great deal of free games right now that are capturing our attention, we wanted an FPS this month, and there's been no paid games everyone's been willing to jump on.

Funny enough we're waiting on Arc Raiders to drop which is also a game by the studio behind The Finals.

in reply to just_another_person

"I know zero people who play it, so let me into the inside knowledge about it. "

"Hi, my friends and I play it. We're people. Here's why we like it."

"You sound like an ad".

My brother in Christ, you asked for someone to tell you about the game and then I did - wtf did you think was going to happen. I'm not even really giving it a glowing review. I'm mostly saying there's not a lot of great competition in the scene right now and this game does enough good to be fun to play. At the cost of free, my poorer friends are happy to play it while we wait for the next paid game we know we want to get.

I'd love to be playing Nightreign but it's not good enough for them to buy in, and other games like... Oh what's that extraction shooter by the original Hell Let Loose team... Hunger? That's not out yet.

Like ya dawg, I like The Finals - I'm a guy on the Internet responding to a comment from a random about the Finals. That's a pretty safe bet.

PoC Released for Linux Privilege Escalation Vulnerability via udisksd and libblockdev