Richard Weinberger
@rwIf you're into file systems, storage and the Austrian Alps, check this out:
https://lore.kernel.org/linux-fsdevel/20260701114306.GA17996@lst.de/
Jarkko Sakkinen
@jarkkoJarkko Sakkinen
@jarkko@vbabka @vbabka@mastodon.social fancy for GPG ? :-)
Jarkko Sakkinen
@jarkkoJarkko Sakkinen
@jarkkoI had issues on using Sequoia for kernel work but the specifics have been erased from my memory.
I would not mind to scraping GPG, and switching to Sequoia. After 17-20 years of proactive use or something like that, I still get lost in the configuration and forget what I was supposed to be doing 😅
GPG is also an over the top complex stack (gpg, pcscd, systemd services, gpgconf. ...). So yeah, it's bad 100% agree on that part :-) I don't have anything else good to say about GPG except compatibility...
Greg K-H
@gregkhGreg K-H
@gregkhAll of this is in easily searchable json for anyone to look at if you want to do your own queries, just download it from https://github.com/CVEProject/cvelistV5.git
Greg K-H
@gregkhGreg K-H
@gregkhFor “products” (which makes the vendor issue where a CNA issues for multiple software products go away), the numbers are a bit different:
2309 "product": "Linux",
1584 "product": "Chrome",
888 "product": "n/a",
497 "product": "OpenClaw",
284 "product": "Windows 10 Version 1607",
255 "product": "Firefox",
153 "product": "Android",
141 "product": "AVideo",
136 "product": "Red Hat Enterprise Linux 10",
124 "product": "iOS and iPadOS",
Again, remember, vendors like Apple, Microsoft, and others only report the ones they determine to be “high” to CVE, while open source, as we can not dictate use of our code, have to report everything as we don’t know how it is used by others (i.e. severity is hard, if not impossible, to properly judge.)
Again, gotta give props to OpenClaw for properly documenting all of their issues, I wish more vendors would learn from them…
Greg K-H
@gregkhAnd the Google/Microsoft codebases are for _different_ products from those vendors, not just a single codebase, so you can't really compare them that way at all. Look at the product if you wish to compare for products. For products, our numbers are way way higher because most commercial vendors do not report all CVEs, only the "high" ones.
Greg K-H
@gregkhCVE issue stats for the first 6 months of the year, by vendor, sorted by quantity:
2308 "vendor": "Linux",
1752 "vendor": "Google",
1308 "vendor": "n/a",
843 "vendor": "Microsoft",
495 "vendor": "OpenClaw",
445 "vendor": "Oracle Corporation",
395 "vendor": "Adobe",
340 "vendor": "Red Hat",
310 "vendor": "Apache Software Foundation",
284 "vendor": "Apple",
I gotta change my talk where I say “we are #2” as that’s not the case by far anymore. Hopefully the other vendors get their act together and start properly reporting all CVEs to the system, not just the ones that they feel like submitting…
And the numbers for OpenClaw is quite impressive, nice to see someone take responsibility there :)
Greg K-H
@gregkhhttps://openssf.org/podcast/2026/06/30/whats-in-the-soss-podcast-64-s3e16-the-heartbeat-of-the-kernel-why-upstream-is-the-ultimate-security-strategy-with-greg-kroah-hartman/
Jarkko Sakkinen
@jarkkoJarkko Sakkinen
@jarkkohttps://pi.dev/packages
this was unexpected...
Jarkko Sakkinen
@jarkkoFour weeks of holiday means four weeks working on my MS-DOS stack :-)
K. Ryabitsev-Prime 🍁
@monsieuriconEDITED: You can follow the official incident here: https://status.linuxfoundation.org/incidents/3y1k8b4ky71t
Richard Weinberger
@rw$ curl https://www.kernel.org/pub/linux/kernel/
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
🤔
Jarkko Sakkinen
@jarkkoJarkko Sakkinen
@jarkkohttps://digital-strategy.ec.europa.eu/en/policies/genai4eu
And obviously no chance to vote against it :-)
Negative ROI from the get go... and nothing really justifies this waste of money.
Jarkko Sakkinen
@jarkkoJarkko Sakkinen
@jarkkoI've told them to learn assembly of some retro computer and write stuff for that hardware platform (e.g. 6502, Z80, m68k, x86 based from 80s/90s era), perhaps buy something like DE-10 Nano FPGA and start experimenting.
I just thought that figuring things out in that type of microversum would be the best antidote for the poison in question :-) For me it was at least good therapy to write amode and mxmplay2 (and more MS-DOS stuff to come in future), as the world felt too weird...
I myself learned most of my programming skills first with Turbo Pascal and later on with Turbo Assembler. That's why I still have hard time dealing with the kernel's horrible AT&T syntax :-) I
Jarkko Sakkinen
@jarkkoPavel Machek
@pavelJarkko Sakkinen
@jarkkoJarkko Sakkinen
@jarkkoJarkko Sakkinen
@jarkkoOne thing AI boom has caused this year is that I've almost completely stop spending money except buying food and groceries. This mustt make economy strong, especially given that almost all of semiconductor supply is bought with debt money 🤷
Pavel Machek
@pavelPavel Machek
@pavelJarkko Sakkinen
@jarkkohttps://www.youtube.com/watch?v=itGd11j3HdI
Jarkko Sakkinen
@jarkkosomeone should pick this for laptops...
Jarkko Sakkinen
@jarkkoJarkko Sakkinen
@jarkko1. https://codeberg.org/jarkko/amode
2. https://codeberg.org/jarkko/mxmplay2
I've been postponing setting up ao486 GUS fork so thus no example program yet available :-) and i should make a track to supplement that.
I know some demo coders who work on MS-DOS on retro demoscene productions but cannot really recommend these before bare metal testing shows green. Especially GUS playback routine needs to be verified.d
#msdos #x86 #fpga
Takashi Sakamoto (坂本 貴史)
@takaswieRe: [PATCH v3 00/16] mod_devicetable.h: Split into per subsystem headers
https://lore.kernel.org/lkml/20260629235804.GA414914@sakamocchi.jp/
Jarkko Sakkinen
@jarkkoApparently, now it has: https://shop.joinmastodon.org/
Jarkko Sakkinen
@jarkkoJarkko Sakkinen
@jarkkoIn fact, junior engineers like to show off the most elegant solution of the day to solve problems. They are exactly opposite to coding agents.
I also deeply feel anger when I see this type of age/experience discrimination. Working with any junior engineer is most importantly for me a learning experience.