MacOS Sequoia 15.7.1 & MacOS Sonoma 14.8.1 Updates Released with Security Fixes
Apple has released MacOS Sequoia 15.7.1 and MacOS Sonoma 14.8.1 as security patch releases for Mac users who are not yet running the Tahoe operating system, of which MacOS Tahoe 26.0.1 was just released. The updates are focused on security patches and do not include any other changes or features for the Sequoia or Sonoma … [Read More](https://osxdaily.com/2025/09/30/macos- … ⌘ Read more

Unite: a decades-old QNX-inspired hobby operating system
Unite is an operating system in which everything is a process, including the things that you normally would expect to be part of the kernel. The hard disk driver is a user process, so is the file system running on top of it. The namespace manager is a user process. The whole thing (in theory, see below) supports network transparency from the ground up, you can use resources of other nodes in the network just as easily a … ⌘ Read more

Thank you, @alexonit@twtxt.alessandrocutolo.it! It’s not sealed at all. If you were pouring in a liquid, it would run out on all four corners. It’s just folded over and carefully hammered shut as best as possible. 03 is a bit blurred, but you can see the tab from the right (the short side) tucking in on the left (the long side). The hem on top clamps it in place fairly decently.

I decided against blind rivets, because they leave ugly looking and sharp backsides, which can also interfer with the contents of the box. However, they would be an easy solution to make the corners more rigid and prevent any movement from the short sides.

Unfortunately, I can’t weld or solder, so that’s not an option. It would be the by far best solution. I wanna learn it one day, though.

Yes, Ken is a really great dude. He’s the reason I gave this a shot in the first place. :-)

Docker MCP Toolkit: MCP Servers That Just Work
Today, we want to highlight Docker MCP Toolkit, a free feature in Docker Desktop that gives you access to more than 200 MCP servers. It’s the easiest and most secure way to run MCP servers locally for your AI agents and workflows. The MCP toolkit allows you to isolate MCP servers in containers, securely configure… ⌘ Read more

100% All Achievements
⌘ Read more

Installing Linux on a PC-98 machine
What if you have a PC-98 machine, and you want to run Linux on it, as you do? I mean, CP/M, OS/2, or Windows (2000 and older) might not cut it for you, after all. Well, it turns out that yes, you can run Linux on PC-98 hardware, and thanks to a bunch of work by Nina Kalinina – yes, the same person from a few days ago – there’s now more information gathered in a single place to get you started. Plamo Linux is one of the few Linux distributions to support PC-98 … ⌘ Read more

MSI EdgeXpert Compact AI Supercomputer Based on NVIDIA DGX Spark
The MSI EdgeXpert is a compact AI supercomputer based on the NVIDIA DGX Spark platform and Grace Blackwell architecture. It combines a 20-core Arm CPU with NVIDIA’s Blackwell GPU to deliver high compute density in a 1.19-liter form factor, targeting developers, researchers, and enterprises running local AI workloads, prototyping, and inference. The EdgeXpert achieves up […] ⌘ Read more

XMPP Interop Testing: Two New Features for Clearer Testing
We’ve just released version 1.7.1 of all of our test runners. This release adds two improvements to make interop testing
both stricter and easier to set up!

Some tests can’t be executed if the server lacks required features. Previously, these “impossible” tests were skipped,
which could make a run look fully successful when it wasn’t. Now you can configure the suite to treat impossible t … ⌘ Read more

MacOS Tahoe 26 Feels Slow? Try These 6 Performance Tips
Some Mac users who have updated to macOS Tahoe 26 feel like the new operating system runs slower than their prior MacOS installation did. Reports online suggest there can be general sluggishness and lagging performance, sometimes with frame rate drops and stuttering animations on the screen, or even when typing. Other users in various forums … Read More ⌘ Read more

yt-dlp will soon require a full JS runtime to overcome YouTube’s JS challenges
If you download YouTube videos, there’s a real chance you’re using yt-dlp, the long-running and widely-used command-line program for downloading YouTube videos. Even if you’re not using it directly, many other tools for downloading YouTube videos are built on top of yt-dlp, and even some media players which offer YouTube playback use it in the background. Now, yt-dlp has alway … ⌘ Read more

Run, Test, and Evaluate Models and MCP Locally with Docker + Promptfoo
Promptfoo is an open-source CLI and library for evaluating LLM apps. Docker Model Runner makes it easy to manage, run, and deploy AI models using Docker. The Docker MCP Toolkit is a local gateway that lets you set up, manage, and run containerized MCP servers and connect them to AI agents.  Together, these tools let… ⌘ Read more

Legacy Update 1.12 released
If you’re still running old versions of Windows from Windows 2000 and up, either for restrocomputing purposes or because you need to keep an old piece of software running, you’ve most likely heard of Legacy Update. This tool allows you to keep Windows Update running on Windows versions no longer supported by the service, and has basically become a must-have for anyone still playing around with older Windows versions. The project released a fairly major update today. Legacy Up … ⌘ Read more

@bender@twtxt.net Thanks for asking!

So, I’ve been working on 2 main twtxt-related projects.

The first is small Node / express application that serves up a twtxt file while allowing its owner to add twts to it (or edit it outright), and I’ve been testing it on my site since the night I made that post. It’s still very much an MVP, and I’ve been intermittently adding features, improving security, and streamlining the code, with an eye to release it after I get an MVP done of project #2 (the reader).

But that’s where I’ve been struggling. The idea seems simple enough - another Node / express app (this one with a Vite-powered front-end) that reads a public twtxt file, parses the “follow” list, grabs (and parses) those twtxt files, and then creates a river of twts out of the result. The pieces work fine in seclusion (and with dummy data), but I keep running into weird issues when reading real-live twtxt files, so some twts come through, while others get lost in the ether. I’ll figure it out eventually, but for now, I’ve been spending far more time than I anticipated just trying to get it to work end-to-end.

On top of it, the 2 projects wound up turning into 4 (so far), as I’ve been spinning out little libraries to use across both apps (like https://jsr.io/@itsericwoodward/fluent-dom-esm, and a forthcoming twtxt helper library).

In the end, I’m hoping to have project 1 (the editor) into beta by the end of October, and project 2 (the reader) into beta sometime after that, but we’ll see.

I hope this has satisfied your curiosity, but if you’d like to know more, please reach out!

XMPP Interop Testing: Lots More Options
Since the last update, we’ve added a lot more options on how to run your tests. We’ve added a slew of new CI systems, this time focussing on freedom-respecting, open source CI systems for your open source projects.

Recent additions include Jenkins, Drone, Harness and Woodpecker.

This brings our total number of CI systems in which you can run XMPP interop tests up to a whopping ELEVEN, plus anywhere else you can run containers!

Whether you’re building … ⌘ Read more

@thecanine@twtxt.net Yeah, what @bender@twtxt.net said. That tail is sick. Is this dog crying, though? The vertically elongated eye looks a bit like a tear running down.

@zvava@twtxt.net I am getting [2025/09/11 12:56:01.816] ⇒ please set config.host when trying to run “bbycll”. How to bypass that tiny hurdle?

I had some trouble with my nginx reverse proxy, but after much tweaking and fiddling, I now have the prototype version of my node-based twtxt editor up and running on my site! 😎 #twtgoals

@prologic@twtxt.net I’m doing that now as well, but I don’t think this is a good solution. This is going to hurt “self-hosting” in the long run: I cannot afford true self-hosting where I actually do host everything here at home – instead, I must use a cloud provider / VPS for that. It is only a matter of time until my provider starts doing AI shit as well (or rather, the customers do it) and then what? I get blocked, e.g. I can’t send email to (some) people anymore. This is already bad and it’s going to get worse.

Erlang Solutions: Healthcare Blog Round-Up
Healthcare is moving quickly, and technology is playing a big part in that shift. The way information is collected, the way patients are cared for, and the way hospitals run are all changing.

Over the past year, our team has written about some of the most important trends shaping the future of healthcare. In this round-up, we bring together three of those articles: remote patient monitoring, big data, and generative AI.

Maybe you have been following along, or … ⌘ Read more

I’ve got a prototype of my hardcopy simulator going. I’m typing on the keyboard and the “display” goes to the printer:

https://movq.de/v/56feb53912/s.png

https://movq.de/v/235c1eabac/MVI_8810.MOV.mp4

The biiiiiiiiiig problem is that the print head and plastic cover make it impossible to see what’s currently being printed, because this is not a typewriter. This means: In order to see what I just entered, I have to feed the paper back and forth and back and forth … it’s not ideal.

I got that idea of moving back/forth from Drew DeVault, who – as it turned out – did something similar a few years back. (I tried hard to read as little as possible of his blog post, because figuring things out myself is more fun. But that could mean I missed a great idea here or there.)

But hey, at least this is running on my Pentium 133 on SuSE Linux 6.4, printer connected with a parallel cable. 😍

(Also, yes, you can see the printouts of earlier tests and, yes, I used ed(1) wrong at one point. 🤪 And ls insisted on using colors …)

@bender@twtxt.net That is a noble goal. We can talk about that – as long as it doesn’t mean giving up essential freedoms like choosing which software you can run on your device (without having to ask someone for permission).

@dce@hashnix.club twtxt is quite light, and trouble-free. Welcome! I also run an ActivityPub server, but yeah, more often around here than there.

@itsericwoodward@itsericwoodward.com Also just a heads up, GIF(s) aren’t supproted as an Avatar type on yarnd (what runs twtxt.net). I’d change this to something that’s more supproted like PNG, JPEG, etc.

I went for a nice walk to the park this morning and I am quite happy about it. Maybe next week I will go running again!

Distrobox is pretty handy and kind of amazed I haven’t played with it before now. I wanted to quickly try out Proton’s Authenticator they just released, but they only had binaries for Ubuntu and Fedora (naturally), but I’m on Void Linux on this laptop.

Installed the latest basic Fedora image with Distrobox, used dnf to install the downloaded rpm file within it, and presto, running the app within Void like I’d just downloaded it though the normal repos.

@kat@yarn.girlonthemoon.xyz On the one hand, all these programs have a very long history and the technology behind manpages is actually very powerful – you can use it to write books:

https://www.troff.org/pubs.html

I have two books from that list, for example “The UNIX programming environment”:

https://movq.de/v/c3dab75c97/upe.jpg

It’s a bit older, of course, but it looks and feels like a normal book, and it uses the same tech as manpages – which I think is really cool. 😎

It’s comparable to LaTeX (just harder/different to use) but much faster than LaTeX. You can also do stuff like render manpages as a PDF (man -Tpdf cp >cp.pdf) or as an HTML file (man -Thtml cp >cp.html). I think I once made slides for a talk this way.

On the other hand, traditional manpages (i.e., ones that are not written in mandoc) do not use semantic markup. They literally say, “this text is bold, that text over here is italics”, and so on.

So when you run man foo, it has no other choice but to show it in black, white, bold, underline – showing it in color would be wrong, because that’s not what the source code of that manpage says.

Colorizing them is a hack, to be honest. You’re not meant to do this. (The devs actually broke this by accident recently. They themselves aren’t really aware that people use colors.)

If mandoc and semantic markup was more commonly used, I think it would be easier to convince the devs to add proper customizable colors.

@kat@yarn.girlonthemoon.xyz @movq@www.uninformativ.de Sorry, I neither finished it nor in time. :-( That’s as good as it’s gonna get for the moment: https://git.isobeef.org/lyse/gelbariab/-/tree/master/rss-proxys?ref_type=heads

The README should hopefully provide a crude introduction. The example configuration file is documented fairly well, I believe (but maybe not). You probably still have to consult and maybe also modify the source code to fit your needs.

Let me know if you run into issues, have questions, wishes etc.

In 1996, they came up with the X11 “SECURITY” extension:

https://www.reddit.com/r/linux/comments/4w548u/what_is_up_with_the_x11_security_extension/

This is what could have (eventually) solved the security issues that we’re currently seeing with X11. Those issues are cited as one of the reasons for switching to Wayland.

That extension never took off. The person on reddit wonders why – I think it’s simple: Containers and sandboxes weren’t a thing in 1996. It hardly mattered if X11 was “insecure”. If you could run an X11 client, you probably already had access to the machine and could just do all kinds of other nasty things.

Today, sandboxing is a thing. Today, this matters.

I’ve heard so many times that “X11 is beyond fixable, it’s hopeless.” I don’t believe that. I believe that these problems are solveable with X11 and some devs have said “yeah, we could have kept working on it”. It’s that people don’t want to do it:

Why not extend the X server?

Because for the first time we have a realistic chance of not having to do that.

https://wayland.freedesktop.org/faq.html

I’m not in a position to judge the devs. Maybe the X.Org code really is so bad that you want to run away, screaming in horror. I don’t know.

But all this was a choice. I don’t buy the argument that we never would have gotten rid of things like core fonts.

All the toolkits and programs had to be ported to Wayland. A huge, still unfinished effort. If that was an acceptable thing to do, then it would have been acceptable to make an “X12” that keeps all the good things about X11, remains compatible where feasible, eliminates the problems, and requires some clients to be adjusted. (You could have still made “X11X12” like “XWayland” for actual legacy programs.)

linode’s having a major outage (ongoing as of writing, over 24 hours in) and my friend runs a site i help out with on one of their servers. we didn’t have recent backups so i got really anxious about possible severe data loss considering the situation with linode doesn’t look great (it seems like a really bad incident).

…anyway the server magically came back online and i got backups of the whole application and database, i’m so relieved :‘)

(Now why is that GNOME gcr thing running with debug logs enabled that print stuff like “sending secret exchange: …”? Is this healthy?)

Only figured this out yesterday:

pinentry, which is used to safely enter a password on Linux, has several frontends. There’s a GTK one, a Qt one, even an ncurses one, and so on.

GnuPG also uses pinentry. And you can configure your frontend of choice here in gpg-agent.conf.

But what happens when you don’t configure it? What’s the default?

Turns out, pinentry is a shellscript wrapper and it’s not even that long. Here it is in full:

#!/bin/bash

# Run user-defined and site-defined pre-exec hooks.
[[ -r "${XDG_CONFIG_HOME:-$HOME/.config}"/pinentry/preexec ]] && \
        . "${XDG_CONFIG_HOME:-$HOME/.config}"/pinentry/preexec
[[ -r /etc/pinentry/preexec ]] && . /etc/pinentry/preexec

# Guess preferred backend based on environment.
backends=(curses tty)
if [[ -n "$DISPLAY" || -n "$WAYLAND_DISPLAY" ]]; then
        case "$XDG_CURRENT_DESKTOP" in
        KDE|LXQT|LXQt)
                backends=(qt qt5 gnome3 gtk curses tty)
                ;;
        *)
                backends=(gnome3 gtk qt qt5 curses tty)
                ;;
        esac
fi

for backend in "${backends[@]}"
do
        lddout=$(ldd "/usr/bin/pinentry-$backend" 2>/dev/null) || continue
        [[ "$lddout" == *'not found'* ]] && continue
        exec "/usr/bin/pinentry-$backend" "$@"
done

exit 1

Preexec, okay, then some auto-detection to use a toolkit matching your desktop environment …

… and then it invokes ldd? To find out if all the required libraries are installed for the auto-detected frontend?

Oof. I was sitting here wondering why it would use pinentry-gtk on one machine and pinentry-gnome3 on another, when both machines had the exact same configs. Yeah, but different libraries were installed. One machine was missing gcr, which is needed for pinentry-gnome3, so that machine (and that one alone) spawned pinentry-gtk …

Something happened with the frame rate of terminal emulators lately. It looks like there’s a trend to run at a high framerate now? I’m not sure exactly. This can be seen in VTE-based terminals like my xiate or XTerm on Wayland. foot and st, on the other hand, are fine.

My shell prompt and cursor look like this:

$ █

When I keep Enter pressed, I expect to see several lines like so:

$
$
$
$
$
$
$ █

With the affected terminal emulators, the lines actually show up in the following sequence. First, we have the original line:

$ █

Pressing Enter yields this as the next frame:

$
█

And then eventually this:

$
$ █

In other words, you can see the cursor jumping around very quickly, all the time.

Another example: Vim actually shows which key you just pressed in the bottom right corner. Keeping j pressed to scroll through a file means I get to see a j flashing rapidly now.

(I have no idea yet, why exactly XTerm in X11 is fine but flickering in Wayland.)

The WM_CLASS Property is used on X11 to assign rules to certain windows, e.g. “this is a GIMP window, it should appear on workspace number 16.” It consists of two fields, name and class.

Wayland (or rather, the XDG shell protocol – core Wayland knows nothing about this) only has a single field called app_id.

When you run X11 programs under Wayland, you use XWayland, which is baked into most compositors. Then you have to deal with all three fields.

Some compositors map name to app_id, others map class to app_id, and even others directly expose the original name and class.

Apparently, there is no consensus.

@lyse@lyse.isobeef.org I do my timetracking in a little Python script, locally. Every now and then, I push the data to our actual service. Problem solved – but it’s a completely unpopular approach, they all want to use the web site. I don’t get it. Then, of course, when it’s down, shit hits the fan. (Luckily, our timetracking software is neither developed nor run by us anymore. It’s a silly cloud service, but the upside is that I’m not responsible anymore. 🤷)

Some of our oldschool devs tried to roll out local timetracking once, about 15 years ago. I don’t remember anymore why they failed …

This is developed inhouse, I’m just so glad that we’re not a software engineering company. Oh wait. How embarrassing.

Oh to be anonymous on the internet. That must be nice. 😅

@eldersnake@we.loveprivacy.club This wasn’t always the case, though. Quake3, Quake4, Unreal Tournament 99 and 2004 are examples of games that used to run very well as native Linux games. But that was 20+ years ago …

@movq@www.uninformativ.de reminds me how many Windows games using Proton (or WINE with similar patches) on Linux run better than some of the old native Linux binaries.

It took about a year, I think, but I’ve now finished another run of Tomb Raider I, II, and III. And I have, for the first time, played the two bonus packs “Unfinished Business” (for TR I) and “Golden Mask” (for TR II). They’re available as a free download, if you have the original games. (The bonus pack for TR III is not free.)

I just love these games – and the game mechanics. It’s just the right balance between challenging and relaxing.

https://movq.de/v/c55a2a137d/the%2Dend.jpg

Someone did a thing:

https://social.treehouse.systems/@ariadne/114763322251054485

I’ve been silently wondering all the time if this was possible, but never investigated: Keep doing X11 but use Wayland as a backend.

This uses XWayland’s “rootful” mode, which basically just gives you a normal Wayland window with all the X11 stuff happening inside of it:

https://www.phoronix.com/news/XWayland-Rootful-Useful

In other words, put such a window in fullscreen and you (more or less) have good old X11 running in a Wayland window.

(For me, personally, this won’t be the way forward. But it’s a very interesting project.)

It annoys me when I clone a git repository A in order to build and self-host some software, only to realize later that I also needed to clone repos B, C and D. I’m not saying that’s a bad thing–logical separation of code between, say, a client and a server is very handy–but some projects do not communicate very well when you need multiple tools to get it running independently.

@kat@yarn.girlonthemoon.xyz I guess that qualifies as an “Arch moment”, albeit the first one I encountered. I’m running this since 2008 and it’s usually very smooth sailing. 😅

@lyse@lyse.isobeef.org Yeah, YMMV. Some games work(ed) great in Wine, others not at all. I just use it because it’s easier than firing up my WinXP box. (I don’t use Wine for regular applications, just games.)

@kat@yarn.girlonthemoon.xyz lol, oof, well, better than nothing. 🥴 It appears to run quite well. 🤔

@kat@yarn.girlonthemoon.xyz UPDATE: getting it to run natively through a VM and other means all failed! so i did the cursed thing and tried the windows installer in wine…..

GUESS WHAT WORKED

update on tux racer: ofc it doesn’t run on modern linux LMFAOOOOOOO i’m installing red hat in a VM right now

@bmallred@staystrong.run Oh sorry I should have explained those terms 🤦‍♂️

@bmallred@staystrong.run Ahhh this is an agent I’m tryining to play the game of Connect3. It uses a library written in Go I’ve been working on that supports Neuroevolution using Genetic Algorithms. Some features include: Mutation, Speciation, Lamarckian Evolution/Inheritence.

@prologic@twtxt.net do you remember Hamachi? Tailscale/Headscale is Hamachi on steroids. They are used primarily for creating a VPN among all your devices so they can talk to one another as if they were on the same LAN, even when they’re not. That was, mostly, my WireGuard usage.

I still have WireGuard running—because it is so lite that it doesn’t matter—to use as regular VPN, but Headscale keeps all my devices connected forming their own “mini-Internet” 100% of the time.

@prologic@twtxt.net Tailscale is awesome! I run Headscale; it replaced my vanilla WireGuard install.

Crafting Standalone Python Proof of Concept Exploits

Image

Creating standalone proof of concept exploits implementing a zero-to-hero method, requiring a single action to run.

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/craf … ⌘ Read more

container: tool for creating and running Linux containers using lightweight virtual machines on a Mac
Comments ⌘ Read more

Containerization is a Swift package for running Linux containers on macOS
Article URL: https://github.com/apple/containerization

Comments URL: https://news.ycombinator.com/item?id=44229348

Points: 500

# Comments: 226 ⌘ Read more