We’ve got the Haiku activity report covering February, and aside from the usual slew of bug fixes and minor improvements, there’s one massive improvement that deserves attention.

waddlesplash continued his ongoing memory management improvements, fixes, and cleanups, implementing more cases of resizing (expanding/shrinking) memory areas when there’s a virtual memory reservation adjacent to them (and writing tests for these cases) in the kernel. These changes were the last remaining piece needed before the new malloc implementation for userland (mostly based on OpenBSD’s malloc, but with a few additional optimizations and a Haiku-specific process-global cache added) could be merged and turned on by default. There were a number of followup fixes to the kernel and the new allocator’s “glue” and global caching logic since, but the allocator has been in use in the nightlies for a few weeks with no serious issues. It provides modest performance improvements over the old allocator in most cases, and in some cases that were pathological for the old allocator (GCC LTO appears to have been one), provides order-of-magnitude (or mode) performance improvements.

↫ waddlesplash on the Haiku website

Haiku also continues replacing implementations of standard C functions with those from musl, Haiku can now be built on FreeBSD and Linux distributions that use musl, C5/C6 C-states were disabled for Intel Skylake to fix boot problems on that platform, and many, many more changes. There’s also bad news for fans of Gopher: support for the protocol was removed from WebPositive, Haiku’s native web browser.

When I checked where Windows Defender had actually detected the threat, it was in the Fan Control app I use to intelligently cool my PC. Windows Defender had broken it, and that’s why my fans were running amok. For others, the threat was detected in Razer Synapse, SteelSeries Engine, OpenRGB, Libre Hardware Monitor, CapFrameX, MSI Afterburner, OmenMon, FanCtrl, ZenTimings, and Panorama9, among many others.

“As of now, all third-party/open-source hardware monitoring softwares are screwed,” Fan Control developer Rémi Mercier tells me.

↫ Sean Hollister at The Verge

Anyone reading OSNews can probably solve this puzzle. Many fan control and hardware monitoring applications for Windows make use of the same open source driver: WinRing0. Uniquely, this kernel-level driver is signed, since it’s from back in the days when developers could self-sign these sorts of drivers, but the signed version has a known vulnerability that’s quite dangerous considering it’s a kernel-level driver. The vulnerability has been fixed, but signing this new version – and keeping it signed – is a big ordeal and quite expensive, since these days, drivers have to be signed by Microsoft.

And it just so happens that Windows Defender has started marking this driver, and thus any tool that uses it, as dangerous, sending it to quarantine. The result is failing hardware monitoring and fan control applications for quite a few Windows users. Some companies have invested in developing their own closed-source alternatives, but they’re not sharing them. Luckily, Windows OEM iBuyPower says it’s trying to get the patched version of WinRing0 signed, and if that happens, they will share it back with the community. Classy.

For now, though, hardware monitoring and fan control on Windows might be a bit of an ordeal.

Ah, PuTTY. Good old reliable PuTTY. This little tool is one of those cornerstone applications in the toolbox of most of us, without any fuss, without any upsells or anti-user nonsense – it just does its job, and it has been doing its job for 30 years. Have you ever wondered, though, where PuTTY’s icons come from, how they were made, and how they evolved over time?

PuTTY’s icon designs date from the late 1990s and early 2000s. They’ve never had a major stylistic redesign, but over the years, the icons have had to be re-rendered under various constraints, which made for a technical challenge as well.

↫ Simon Tatham

The icons have basically not changed since the late ’90s, and I think that’s incredibly fitting for the kind of tool PuTTY is. It turns out people actually offer to redesign all the icons in a modern style, but that’s not going to happen.

People sometimes object to the entire 1990s styling, and volunteer to design us a complete set of replacements in a different style. We’ve never liked any of them enough to adopt them. I think that’s probably because the 1990s styling is part of what makes PuTTY what it is – “reassuringly old-fashioned”. I don’t know if there’s any major redesign that we’d really be on board with.

↫ Simon Tatham

Amen.

After so much terrible tech politics news, let’s focus on some nice, easy-going Linux news that’s not going to be controversial at all: Ubuntu intends to replace numerous core Linux utilities with newer Rust replacements, starting with the ubiquitous GNU Coreutils.

This package provides utilities which have become synonymous with Linux to many – the likes of ls, cp, and mv. In recent years, there has been an effort to reimplement this suite of tools in Rust, with the goal of reaching 100% compatibility with the existing tools. Similar projects, like sudo-rs, aim to replace key security-critical utilities with more modern, memory-safe alternatives.

Starting with Ubuntu 25.10, my goal is to adopt some of these modern implementations as the default. My immediate goal is to make uutils’ coreutils implementation the default in Ubuntu 25.10, and subsequently in our next Long Term Support (LTS) release, Ubuntu 26.04 LTS, if the conditions are right.

↫ Jon Seager

Obviously, this is a massive change for Ubuntu, and while performance is one of the cited reasons for undertaking this effort, the biggest reason is, of course, security. To aid in the testing effort, Seager created a tool called oxidizr, with which you can swap between the classic versions and the new Rust versions of various tools to try them out in a non-destructive way.

This is a massive vote of confidence in uutils, and I’m curious to see if it works out for Ubuntu. I doubt it’s going to take long before other prominent distributions follow suit.

In Canada, where the American national anthem has been booed during hockey matches with US teams, a slew of apps has emerged with names such as “buy beaver”, “maple scan” and “is this Canadian” to allow shoppers to scan QR barcodes and reject US produce from alcohol to pizza toppings.

[…]

In Sweden, more than 70,000 users have joined a Facebook group calling for a boycott of US companies – ironically including Facebook itself – which features alternatives to US consumer products.

[…]

In Denmark, where there has been widespread anger over Trump’s threat to bring the autonomous territory of Greenland under US control, the largest grocery company, the Salling group, has said it will tag European-made goods with a black star to allow consumers to choose them over products made in the US.

↫ Peter Beaumont at the Guardian

These are just a few of the examples of a growing interest in places like Canada and Europe to boycott American products to the best of one’s ability. It’s impossible to boycott everything coming from a certain country – good luck finding a computer without American software and/or hardware, for instance – but these small acts of disapproval and resistance allow people to vent their anger. It’s clearly already having an effect on Tesla, whose sales have completely collapsed in Europe, so much so that the president of the United States has to do his best Billy Mays impression in front of the White House to help his buddy sell cars.

Very classy.

With the United States threatening war on Canada, Greenland and Denmark, and Panama, it’s only natural for citizens of those countries, as well as those of close friends of those countries, to want do something, and being more mindful or what you spend your money on is a tried and true way to do that. Technology can definitely help here, as we’ve talked about before, and as shown in the linked article. While no tool to determine place of origin of products will ever be perfect, it can certainly help to avoid products you don’t want to buy.

I can only hope this doesn’t get even more out of hand than it already has. The United States started a trade war with the European Union today as well, and of course, the EU retaliated. I doubt the average person has any clue just how intertwined the global economy and supply chains are, and that the only people paying for this are people like you and I. The tech billionaires and career politicians won’t be the ones screwed over by surging prices of basic necessities because of tariffs, and it won’t be the children of the rich and powerful being sent to war with Canada or Panama or whatever.

The very companies that OSNews has reported on for almost 30 years are the ones pushing and enabling most of this vile nonsense, so yes, you will be seeing items about this here, whether you and I like it or not. Only cowards and the privileged have the luxury of ignoring what the United States is doing right now.

A new lobbying group, dubbed the Freedom Cities Coalition, wants to convince President Trump and Congress to authorize the creation of new special development zones within the U.S. These zones would allow wealthy investors to write their own laws and set up their own governance structures which would be corporately controlled and wouldn’t involve a traditional bureaucracy. The new zones could also serve as a testbed for weird new technologies without the need for government oversight.

↫ Lucas Ropek

I mean, just in case you weren’t convinced yet these people are utterly insane.

This is the kind of nonsensical libertarian Ayn Rand-inspired wank material dystopian fiction draws a lot of inspiration from, and it never ever ends well for anyone involved, especially not for the poor and lower classes inhabiting such places, because they’re supposed to be warnings, not instruction manuals. The fact that this insipid brand of utter stupidity is even considered by a president of the United States in this day and age should be all the proof you need that he and those around him have the moral compass of the rotting carcass of Margaret Thatcher.

I can’t believe we have to tell these Silicon Valley “geniuses” that lawless corporate towns are bad. In 2025.

The utter chaos in the United States and the country’s antagonistic, erratic, and often downright hostile approach to what used to be its allies has not gone unnoticed, and it seems it’s finally creating some urgency in an area in which people have been fruitlessly advocating for urgency for years: digital independence from US tech giants.

Efforts to make Europe more technologically “sovereign” have gone mainstream. The European Commission now has its first-ever “technology sovereignty” chief, Henna Virkkunen. Germany’s incoming ruling party, the center-right Christian Democratic Union, called for “sovereign” tech in its program for the February election.

“Mounting friction across the Atlantic makes it clearer than ever that Europe must control its own technological destiny,” said Francesca Bria, an innovation professor at University College London and former president of Italy’s National Innovation Fund.

↫ Pieter Haeck at Politico

This should’ve been a primary concern for decades, as many have been trying to make it. Those calls usually fell on deaf ears, as relying on Google, Microsoft, Amazon, and other US tech giants was simply the cheapest option for EU governments and corporations alike. However, now that the US is suffering under a deeply dysfunctional, anti-EU regime, the chickens are coming home to roost, and it’s dawning on European politicians and business leaders alike that relying on US corporations that openly and brazenly cheer on the Trump/Elon regime might’ve been a bad idea.

To the surprise of nobody with more than two brain cells.

It’s going to take a long, long time for this situation to get any better. Europe simply doesn’t have any equivalents to the services offered by companies like Google, Amazon, and Microsoft, and even if does, certainly not at their scale. Building up the resources these US companies offers is going to take a long time, and it won’t be cheap, making it hard to sell such moves to voters and shareholders alike, both of which are not exactly known for their long-term views on such complex matters.

Still, it seems consumers in the EU might be more receptive to messages of digital independence from the US than ever before. Just look at how hard Tesla is tanking all over Europe, part of which can definitely be attributed to Europeans not wanting to buy any products from a man openly insulting and lying about European elected officials. If this groundswell of sentiment spreads, I can definitely see European politicians tapping into it to sell massive investments in digital independence.

Personally, banning Twitter and Facebook from operating in the EU should be step one, as its owners have made it very clear that illegal election interference and nazi propaganda is something they have no issues with, followed by massive investments in alternatives to the services offered by the US big tech companies. China has been doing this for a long time now, and Europe should follow in its footsteps. There are enough bases to work from – from open source non-Google Android smartphones to EU-based Linux distributions for everything from desktops to server farms, and countless other open source services – so it’s not like we have to start from nothing.

If we can spend €800 billion to finally get EU defense up to snuff, we should be able to spare something for digital independence, too.

To meet those goals, we’ve begun work on a native port of the TypeScript compiler and tools. The native implementation will drastically improve editor startup, reduce most build times by 10x, and substantially reduce memory usage. By porting the current codebase, we expect to be able to preview a native implementation of tsc capable of command-line typechecking by mid-2025, with a feature-complete solution for project builds and a language service by the end of the year.

↫ Anders Hejlsberg

It seems Microsoft is porting TypeScript to Go, and WILL eventually offer both “TypeScript (JS)” and “TypeScript (native)” alongside one another during a transition period. TypeScript 6.x will be the JavaScript-based one and will continue to be developed until TypeScript 7.0, the Go-one, is mature enough. During the 6.x release cycle, however, there will be breaking changes and deprecations in preparation for 7.0.

Those are some serious performance improvements, but I’m sure quite a few projects are going to run into issues during the transition period. I hope for them that the 6.x branch remains maintained for long enough to reasonably get everyone on board the new Go version.

For decades, Linux and BSD have stood as two dominant yet fundamentally different branches of the Unix-like operating system world. While Linux distributions, such as Debian, Ubuntu, and Fedora, have grown to dominate the open-source ecosystem, BSD-based systems like FreeBSD, OpenBSD, and NetBSD have remained the preferred choice for those seeking security, performance, and licensing flexibility. But what if you could combine the best of both worlds—Debian’s vast package ecosystem with FreeBSD’s robust and efficient kernel?

Enter Debian GNU/kFreeBSD, a unique experiment that merges Debian’s familiar userland with the FreeBSD kernel, offering a hybrid system that takes advantage of FreeBSD’s technical prowess while maintaining the ease of use associated with Debian. This article dives into the world of Debian GNU/kFreeBSD, exploring its architecture, installation, benefits, challenges, and real-world applications.

↫ George Whittaker

More of a list of upsides and downsides than an actual in-depth article, but that doesn’t make it any less interesting. There’s a variety of attempts out there to somehow marry the Linux and BSD worlds, and each of them takes a unique approach. I’m not sure the Debian userland with a FreeBSD kernel is the way to go, though, and it seems I’m not alone – Debian GNU/kFreeBSD was officially dropped from Debian in 2015 or so, and after a flurry of unofficial activity in 2019, it was discontinued completely in 2023 due to a lack of activity and developer interest. Odd that the source article doesn’t mention that.

If you’re still interested in a combination of Linux and BSD, I’d keep an eye on Chimera Linux instead. It’s very actively developed, focuses on portable code by supporting many architectures, and its developers are veterans in this space. I have my eye on Chimera Linux as my future distribution of choice.

Brother laser printers are popular recommendations for people seeking a printer with none of the nonsense. By nonsense, we mean printers suddenly bricking features, like scanning or printing, if users install third-party cartridges. Some printer firms outright block third-party toner and ink, despite customer blowback and lawsuits. Brother’s laser printers have historically worked fine with non-Brother accessories. A YouTube video posted this week, though, as well as older social media posts, claim that Brother has gone to the dark side and degraded laser printer functionality with third-party cartridges. Brother tells Ars that this isn’t true.

↫ Scharon Harding at Ars Technica

I find this an incredibly interesting story. We all know the printer space is a cursed hellhole of the very worst worst types of enshittification, but Brother seemed like an island of relative calm in a sea of bullshit. In turn, people are so used to printers being shit, that any problem that comes up is automatically explained by malice, which is not entirely unreasonable. Borther insists, though, that it does not break printers using third-party toner or ink through firmware.

Brother does make it very clear that it is standard procedure to only perform troubleshooting on Brother printers using ‘genuine’ Brother ink and toner, which is not entirely unreasonable in my book. There’s no telling what kind of effects third part cartridges – which do contain electronics – have on the rest of the printer, and I don’t think it’s fair to expect Brother to be able to document all of those possible issues. As long as using third-party toner and ink cartridges doesn’t invalidate any warranties, and as long as Brother doesn’t intentionally break printers for using third-party toner and ink, I think Brother meets its obligations to consumers.

If you choose to use third-party ink and toner cartridges in Brother printers, I think it’s only reasonable you remove those during the troubleshooting process to ensure they’re not the cause of any problems you’re experiencing.

Two for the techbro “‘AI’ cannot be biased” crowd:

A Moscow-based disinformation network named “Pravda” — the Russian word for “truth” — is pursuing an ambitious strategy by deliberately infiltrating the retrieved data of artificial intelligence chatbots, publishing false claims and propaganda for the purpose of affecting the responses of AI models on topics in the news rather than by targeting human readers, NewsGuard has confirmed. By flooding search results and web crawlers with pro-Kremlin falsehoods, the network is distorting how large language models process and present news and information. The result: Massive amounts of Russian propaganda — 3,600,000 articles in 2024 — are now incorporated in the outputs of Western AI systems, infecting their responses with false claims and propaganda.

↫ Dina Contini and Eric Effron at Newsguard

It turns out pretty much all of the major “AI” text generators – OpenAI’s ChatGPT-4o, You.com’s Smart Assistant, xAI’s Grok, Inflection’s Pi, Mistral’s le Chat, Microsoft’s Copilot, Meta AI, Anthropic’s Claude, Google’s Gemini, and Perplexity’s answer engine – have been heavily infected by this campaign. Lovely.

From one genocidal regime to the next – how about a nice Amazon “AI” summary of the reviews for Hitler’s Mein Kampf?

The full AI summary on Amazon says: “Customers find the book easy to read and interesting. They appreciate the insightful and intelligent rants. The print looks nice and is plain. Readers describe the book as a true work of art. However, some find the content boring and grim. Opinions vary on the suspenseful content, historical accuracy, and value for money.”

↫ Samantha Cole at 404 Media

This summary was then picked up by Google, and dumped verbatim as Google’s first search result. Lovely.

Like the other Chrome skins, Microsoft Edge is also moving to disable Manifest v2 extensions, restricting the effectiveness of ad blockers like uBlock Origin. As an advertising company, Microsoft was obviously never going to do the work to keep Manifest v2 support around in Chrome, so this was inevitable. Blocking ads might be a necessary security practice, but why cry over spilled user data, am I right?

Anyway, today:

In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal information. The attack originated from illegal streaming websites embedded with malvertising redirectors, leading to an intermediary website where the user was then redirected to GitHub and two other platforms. The campaign impacted a wide range of organizations and industries, including both consumer and enterprise devices, highlighting the indiscriminate nature of the attack.

↫ Microsoft Threat Intelligence

If only there was a type of browser extension that prevents such malvertising attacks from being possible in the first place, and if only support for such browser extensions wasn’t being gutted as we speak.

If only.

Fuchsia is a new (non-Linux) operating system from Google, and one of the key pieces of Fuchsia’s design is the component framework. Components on Fuchsia have many similarities with some of the container solutions on Linux (such as Docker): they both fetch content addressed blobs from the network, assemble those blobs into an isolated filesystem structure that holds all the dependencies necessary to run some piece of software, and launch namespaced processes with that created directory as its root.

The most interesting details are where these two projects diverge. Both have different use cases and requirements, which leads to different strengths between the systems. This talk will largely be focusing on where and why these two similar technologies diverge.

↫ Claire Gonyeo

A very interesting talk by Claire Gonyeo, a software engineer at Google working on Fuchsia.

Clearly, online search isn’t bad enough yet, so Google is intensifying its efforts to continue speedrunning the downfall of Google Search. They’ve announced they’re going to show even more “AI”-generated answers in Search results, to more people.

Today, we’re sharing that we’ve launched Gemini 2.0 for AI Overviews in the U.S. to help with harder questions, starting with coding, advanced math and multimodal queries, with more on the way. With Gemini 2.0’s advanced capabilities, we provide faster and higher quality responses and show AI Overviews more often for these types of queries.

Plus, we’re rolling out to more people: teens can now use AI Overviews, and you’ll no longer need to sign in to get access.

↫ Robby Stein

On top of this, Google is also testing a new search mode where “AI” takes over the entire search experience. Instead of seeing the usual list of links, the entire page of “results” will be generated by “AI”. This feature, called “AI Mode” is opt-in for now. You can opt-in in Labs, but you do need to be a paying Google One AI Premium subscriber. I guess it’s only a matter of time before this “AI Mode” will be the default on Google Search, because it allows Google to keep its users on Google.com, and this makes it easier to show them ads and block out competitors.

We all know where this is going.

But, I hear you say, I use DuckDuckGo! I don’t have to deal with any of this! Well, I’ve got some bad news for you, because DuckDuckGo, too, is greatly expanding its use of “AI” in search. DDG will provide free, anonymous access to various “AI” chatbots, deliver more “AI”-generated search results based on more sources (but still English-only), and more – all without needing to have an account. A few of these features were already available in beta, and are now becoming generally available.

Props to DuckDuckGo for providing a ton of options to turn all of this stuff off, though. They give users quite a bit of control over how often these “AI”-generated search results appear, and you can even turn them off completely. All the “AI” chatbot stuff is delegated to a separate website, and any link to it from the normal search results can be disabled, too. It’s entirely possible to have DuckDuckGo just show a list of regular search results, exactly as it should be.

Let’s hope DDG can keep these values going, because if they, too, start pushing this “AI” nonsense without options to turn it off, I honestly have no idea where else to go.