The fines weren’t the only Digital Markets Act news coming from this fine continent today. The European Commission also closed its investigation into Apple’s user choice obligations under the DMA, and while Apple has made good progress in a few areas, the EC states Apple is still acting illegally in a variety of others.

First, the good news for Apple: the European Commission is happy with Apple’s changes regarding browser choice, the ability to remove preinstalled iOS applications, and the ability to change a whole bunch of default settings that are all locked outside of the EU. These are valuable and welcome changes, and I’m glad the European Union, the European Parliament, and the Commission have forced Apple to become less hostile to European consumers.

Second, there’s the bad news for Apple. Under the DMA, Apple is obligated to allow for third-party application stores, and the ability for users to download and install applications directly from the internet. In this area, Apple is still breaking European Union law.

The Commission takes the preliminary view that Apple failed to comply with this obligation in view of the conditions it imposes on app (and app store) developers. Developers wanting to use alternative app distribution channels on iOS are disincentivised from doing so as this requires them to opt for business terms which include a new fee (Apple’s Core Technology Fee). Apple also introduced overly strict eligibility requirements, hampering developers’ ability to distribute their apps through alternative channels. Finally, Apple makes it overly burdensome and confusing for end users to install apps when using such alternative app distribution channels.

↫ European Commission press release

This outcome was entirely expected, and pretty much everyone – except Apple’s PR attack dogs – knew Apple’s malicious compliance, fees, and onerous hurdles were going to be a hard sell. I’m glad the European Commission seems unimpressed with Trump’s sabre-rattling about the EU’s consumer protection laws, and is continuing to whip US tech companies in line, making sure they stop violating our consumer protection laws.

Since these are the outcomes of a preliminary investigation, Apple now has the chance to argue its case.

The European Commission has levied fines against both Apple and Facebook for violating the Digital Markets Act. Apple has to pay a €500 million fine, and Facebook a €200 million fine. Apple is breaking EU law by not allowing application developers to inform users of other offers outside the App Store.

The Commission found that Apple fails to comply with this obligation. Due to a number of restrictions imposed by Apple, app developers cannot fully benefit from the advantages of alternative distribution channels outside the App Store. Similarly, consumers cannot fully benefit from alternative and cheaper offers as Apple prevents app developers from directly informing consumers of such offers. The company has failed to demonstrate that these restrictions are objectively necessary and proportionate.

↫ European Commission press release

Not only is Apple ordered to pay the €500 million fine, they also have to remove any and all of the illegal restrictions they put in place.

Facebook, meanwhile, was fined for not offering an equally functional services but without combining user data from different services. The company did offer a choice between paying and not paying – whereby the latter involved data collection and combination – but this model violated the DMA.

The Commission found that this model is not compliant with the DMA, as it did not give users the required specific choice to opt for a service that uses less of their personal data but is otherwise equivalent to the ‘personalised ads’ service. Meta’s model also did not allow users to exercise their right to freely consent to the combination of their personal data.

↫ European Commission press release

Facebook did later amend their model to make it compliant with the DMA, and so the fine only covers the few months Facebook was violating EU law. Fun additional note: the EC also mentions that the Facebook Marketplace is no longer a gatekeeper service under the DMA, since its user numbers has dropped below the threshold. Facebook seems to be having some engagement issues in Europe, and you love to hear it.

Both companies are required to pay and comply within 60 days, or further periodic penalty payments will be levied.

Remember the odd inetpub folder that seemingly randomly appeared on people’s root drives after installing a Windows 11 update? Everybody assumed it was something left over from an update script, and that the folder was safe to remove. Well, it turns out that’s not the case, as the empty folder is actually a crucial part of a security fix for a serious vulnerability.

Initially undocumented in the official release notes, the empty and seemingly inactive inetpub folder led to user speculation about whether it was a leftover artifact from development or a bug. Microsoft has since clarified that the folder is intentional and part of a critical security improvement.

The change addresses CVE-2025-21204, a vulnerability that allowed local attackers to exploit symbolic link (symlink) attacks via Windows Update, potentially granting unauthorized access to protected system files or directories. As part of the fix, the system pre-creates certain directories — including C:\inetpub — to harden the update process and mitigate such attacks.

↫ Cyberdom

If you’ve already removed the folder, you can reinstall the April 2025 cumulative update to restore the folder, or you can wait for next month’s update roll-up, which will also restore the folder.

This lone, empty folder at your Windows PC’s root is apparently a crucial part of the security of your computer, but since it took Microsoft a while to publish release notes, nobody knew where it was coming from. The idea that a random, empty folder usually associated with IIS could be part of a vulnerability mitigation didn’t cross anybody’s mind at the time, especially since random folders appearing at a Windows PC’s root aren’t exactly uncommon or out of the ordinary.

The consensus seems to be that creating this folder is a pretty clever form of mitigation, despite feeling so hacky. I’m assuming Microsoft’s engineers are capable, and that making the folder in question impossible to delete or somehow hidden is simply not an option and would break the vulnerability mitigation, but that doesn’t change the fact that this looks like a really crude hack that should be solved in a more elegant way.

Ars Technica took a look at how the current version of Windows Recall works, including the improvements Microsoft made since the initial security nightmare of a rollout, and concludes:

Recall continues to demand an extraordinary level of trust that Microsoft hasn’t earned. However secure and private it is—and, again, the version people will actually get is much better than the version that caused the original controversy—it just feels creepy to open up the app and see confidential work materials and pictures of your kid. You’re already trusting Microsoft with those things any time you use your PC, but there’s something viscerally unsettling about actually seeing evidence that your computer is tracking you, even if you’re not doing anything you’re worried about hiding, even if you’ve excluded certain apps or sites, and even if you “know” that part of the reason why Recall requires a Copilot+ PC is because it’s processing everything locally rather than on a server somewhere.

↫ Andrew Cunningham at Ars Technica

Way back in 1996, Mercedes-Benz unveiled the A-Class, a small, practical car that purported to be more premium than cheaper, similarly-sized cars from other brands. The car had a big problem, though – it was unusually narrow and tall, and because of it, it famously failed spectacularly at the “moose test”, in which a car has to suddenly swerve around a “moose” on the road. The car simply toppled over, and after initially denying the problem, Mercedes recalled every single A-Class sold and added a variety of mitigations like electronic stability control and suspension changes. As far as I can recall, it fixed the issue.

To this day, however, I cannot look at an A-Class, even the modern ones which look like normal hatchbacks and bear effectively zero resemblance to the original, quirky A-Class from 1996, and not think of the failed moose test and the recall. I know the modern A-Class won’t fail that test, and I know it’s an infinitely safer car than the original one, but my brain still makes that connection every time I see one. A lot of people my age, whether they’re into cars or not, seem to remember this recall, because the original A-Class was such a unique and recognisable vehicle at the time, especially coming from Mercedes.

My point is – Recall will face this same issue. No matter how secure Microsoft makes it, no matter how much they claim and prove it only runs locally, no matter how hard they try and hammer on the fact data never leaves your PC, people will always think of that initial botched rollout, and all the accurate reporting that Recall was a nightmare. And it just so happens that the skepticism is warranted, and hopefully keeps people from using this corporate Trojan horse.

Only a few weeks ago, I linked to Cameron Kaiser’s excellent deep dive into the DEC Professional 380 running PRO/VENIX, and now we have a follow-up.

Fortunately, today we have AI we have many more excellent and comprehensive documents on the subject, and more importantly, we’ve recently brought back up an oddball platform that doesn’t have networking either: our DEC Professional 380 running the System V-based PRO/VENIX V2.0, which you met a couple articles back. The DEC Professionals are a notoriously incompatible member of the PDP-11 family and, short of DECnet (DECNA) support in its unique Professional Operating System, there’s officially no other way you can get one on a network — let alone the modern Internet. Are we going to let that stop us?

↫ Cameron Kaiser

No. The answer is always no. If you’ve ever wanted to know what’s involved in setting up a custom TCP/IP stack using serial on a 40 year old UNIX workstation, your very specific desires are hereby met.

I love the Kate Text editor. I use it for pretty much all the programming projects I do. Kate has been around for long time now, about 20 years! At least earliest blog post for it I could find was written in 2004.

I wanted to go over my workflow with it, why I like it so much and hopefully get more people to try it out.

↫ Akseli Lahtinen

Programmers and developers tend to be very set in their ways and have their preferred workflows – which profession doesn’t, honestly – and since there’s such a wide variety of developer and programming tools out there, it feels like every single developer’s workflow and setup is entirely unique. Akseli Lahtinen, KDE developer and allround awesome person, details his setup using Kate, the venerable and feature-rich text editor from the KDE project.

As someone who can’t program, I can’t really compare his workflow to my own, but what I found interesting while reading his post is that there’s quite a bit of overlap between my previous work as a translator and his work as a developer. While the contents of each individual view inside his Kate window are obviously different, the setup of windows and tools I had when translating looked very similar.

This shouldn’t be surprising to me – after all, both translating and developing requires multiple work surfaces, language plugins, formatting tools, tons of keyboard shortcuts, and a whole load of browser tabs, PDF files, and other documents to find just the right translation or the perfect term, as well as a ton of background to make sure you understand the topic you’re translating about. Y’all have no idea how much I know about the deepest complex inner-workings and processes of some of the largest organisations in the world, just because I needed to study them and had access to their internal documentation and software.

I also read and studied way too many complex contracts, European law, and technical studies into medicine and healthcare treatments, and I guess developers and programmers do the same thing – just focusing on different subjects. What’s the best way to do this thing in the programming language I’m using? How does this library I want to integrate work? What are the API endpoints for this service I want to use?

It’s really not that different from translating, and that never really dawned on me until now.

Only a few weeks ago we talked about Blue95, a Fedora-based distribution focused on bringing the Windows 95 look to the Linux world by integrating a set of existing Windows 95 Xfce themes. Since Fedora 42 has just been released, the Blue95 project also pushed out a new release, called Blue95 Topanga. It brings with it all the improvements from Fedora 42, but also goes a step further be integrating new applications to further add to the Windows 95 vibe.

First, there’s Winblues Paint, a faithful recreation of Windows 95’s Paint, using jspaint.app. Second, they’ve recreated the classic Plus! experience with Chicago95 Plus!, a tool that allows you to take any existing Windows 95/98/ME/XP theme and apply it as-is on Xfce. Topanga also further improves the theming experience with custom Windows 95 icons for LibreOffice as well as custom themes for Audacious and Flatpost, a desktop-agnostic Flatpak client.

I adore that this project aims to be more than just a vessel for the existing Chicago95 theme, and in fact goes so far as to create its own applications. I hope this continues from here on out and doesn’t fizzle out.

LXQt, the Qt-based alternative to KDE as Xfce is the GTK-based alternative to GNOME, has released version 2.2.0. LXQt is in the middle of its transition to Wayland, and as such, this release brings a number of fixes and improvements for Wayland, like improved multi-display support and updated compatibility with Wayland compositors.

Beyond all the Wayland work, LXQt Power Management now supports power profiles, text rendering in QTerminal and QTermWidget has been improved, the file manager PCManFM-Qt has received a whole slew of new features, and there’s the usual smaller bug fixes and changes.

ActiveX is a powerful technology that enables rich interactions within Microsoft 365 applications, but its deep access to system resources also increases security risks.

Starting this month, the Windows versions of Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and Microsoft Visio will have a new default configuration for ActiveX controls: Disable all controls without notification.

↫ Zaeem Patel at the Microsoft 365 Insider Blog

Be honest: did any of you know ActiveX was still a thing? Heck, when was the last time you even thought of ActiveX? This technology acted a replacement for Windows’ COM and OLE 2.0, and was used to make controls in a whole slew of Microsoft applications. ActiveX controls from one application could also be embedded into another, like showing a toolbar from Word inside an image editor.

ActiveX has several major downsides, the two biggest of which are its relative lack of portability, and most of all, its atrocious security record. I’m genuinely surprised it’s taken them this long to actively, fully disable the technology by default.

A decade ago, I published a book on privacy “Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance.” In the book, and since then, in articles and speeches, I have been dispensing advice to people on how to protect their privacy. But my advice did not envision the moment we are in – where the government would collaborate with a tech CEO to strip-mine all of our data from government databases and use it to pursue political enemies.

In the parlance of cybersecurity, I had the wrong “threat model,” which is a fancy way of describing the risks I was seeking to mitigate. I had not considered that the United States might be swept into the rising tide of what scholars call “competitive authoritarianism” – authoritarian regimes that retain some of the trappings of democracy, such as elections, but use the power of the state to crush any meaningful dissent.

↫ Julia Angwin

Democracy is not nearly as much of a given as many people think, and in this day and age, where massive amounts of Americans’ data and personal information are collected and stored by the very corporations supporting the Trump regime, Americans have to think very differently about where digital threats actually come from.

Nothing protects any American – or anyone visiting America – from ending up in an El Salvadorian concentration camp. Plan accordingly.

CISA says the U.S. government has extended MITRE’s funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program.

[…]

The announcement follows a warning from MITRE Vice President Yosry Barsoum that government funding for the CVE and CWE programs was set to expire today, April 16, potentially leading to widespread disruption across the cybersecurity industry.

↫ Sergiu Gatlan at BleepingComputer

Elect clowns, live in a circus.

As some of you may have noticed, we’ve been having some issues with captchas. The powers that be – which isn’t me, I don’t know anything about web development – are looking into it, and once we’ve pinpointed the problem we’ll get it fixed. It’s annoying us too, so we want this resolved as quickly as possible. OSNews readers just trying to visit the site to read some tech stuff should not be subjected to selecting squares with buses or crosswalks.

Our apologies for the annoyance, and I’ll update this post once the issue’s been resolved.

EXWM (Emacs X Window Manager) is a full-featured tiling X window manager for Emacs built on top of XELB.

↫ exwm GitHub page

It supports both tiling and stacking windows, dynamic workspaces, RandR, a system tray, and a lot more. XELB stands for X protocol Emacs Lisp Binding, and it’s a “pure Elisp implementation of X11 protocol based on the XML description files from XCB project”.

Isaac Marovitz, the developer of Whiskey, a frontend for Apple’s Game Porting Toolkit and Wine, has decided to throw in the towel. The developer is advising users to buy CrossOver instead, which provides the same service. The reasoning behind their decision seems sound, and are actually quite noble and considerate.

First and foremost, it’s the usual problem lone developers run into: they lost interest in the project, and to make matters worse, they’re only a student and simply lack the time to keep working on a project they’re simply not really into anymore. Running a complicated project like this on your own, unpaid, while also having to study is hard at the best of times, and if you’re also not interested in it anymore it quickly becomes a massive burden.

The second reason is that originally, Whiskey was just supposed to be a frontend for Wine on the Mac, without actually making any changes to Wine itself. The release of Apple’s Game Porting Toolkit changed the game, though, and all of a sudden Whiskey ended up shipping not just a nice frontend, but also custom versions of Wine. Marovitz states he doesn’t have the required knowledge and expertise to work on Wine, and as such, can’t contribute back to Wine and CrossOver, which feels bad.

By contrast, Whisky is based on CrossOver, but we don’t produce any bespoke fixes. I, quite frankly, do not have the requisite skills or time to do so. As a result, the amount that Whisky as a whole contributes to Wine is practically zero. This is not a fair trade, and continuing this parasitic relationship could easily harm CrossOver’s continued profitability and the existence of Wine on Mac as a whole.

↫ Isaac Marovitz

Wine, of course, has a ton of funding behind it these days, especially from Valve, but Valve’s interest lies solely and exclusively on Linux. While all of Valve’s funds and the work of Wine developers does benefit the Mac, much of the Wine on Mac work is done by CrossOver. I find it incredibly honest and respectful of Marovitz to make it clear he doesn’t want to leech off other people’s work without providing anything in return.

So, Whiskey is no more, but for the few Mac users who want to play Windows games on their Mac, CrossOver exists as a refuge that should work just fine.