FOSS Weekly #26.25: AUR Supply Chain Attack, Commodore Phones, SonicDE, Y Server, Kernel 7.1 and More

Last week I shared something personal and something I was way too hesitatnt to share. It was the fact that the ad-driven model that kept It's FOSS running for 14 years is breaking down, and that YOUR support is the most direct way to keep this going.

The response was overwhelming and I cannot thank you enough to all the well wishers and supports. From what I see, so far 112 readers opted for the lifetime Plus membership. Several readers, even existing paid members, bought coffees (a metaphor for donation).

Several readers wrote in to share how It's FOSS helped them make the switch to Linux, sometimes years ago, and that it finally felt like the right moment to "give back". Thank you 🙏

There were a few concerns raised as well so let me answer them here for everyone.

"Will It's FOSS continue to publish? Will it survive?"

Fair concern. Here is the thing: the 112 people who joined last week made a real difference. They showed their confidence in It's FOSS, in the work we do and that's a huge confidence booster for me. It shows that there are good people out there who are willing to actively support us and no big tech can take this community support from us. The more Plus member we have, the stronger we become. So, yes, We are not just going to survive, we are going to thrive. Just keep supporting us 💪

"I already get the newsletter and content for free. What do I actually gain by paying for the Plus membership?"

Honestly, not a lot of extra features. There are a few eBooks to download, though. But this is intentional. I never wanted to lock Linux content behind a paywall. The tutorials, the news, this newsletter, they stay free. What the Plus membership does is make sure they stay free, for you and for everyone else too. You are not buying a product for yourself, you are doing it for everyone. For students who canot pay, for someone who has just lost a job, for people who do not even earn $119 in an entire month.

The $30 discount on lifetime membership will continue till 25th June. If you have been on the fence, this is the week to get off it. Our goal is to reach 200 lifetime member by the next week. Do help us please.

Get Lifetime Membership, $30 Off

Not ready for a lifetime commitment? A one-time donation helps too.

Make a one-time donation

Thank you for 14 years. Let's make it 14 more.

💡

If you made a payment for the LIfetime membership and has not heard from me, please reach out to me (support@itsfoss.com) and share the transaction detail. I have manually enabled it for 97 people. Sent mail to 14 people to clear the confusion about email address. There is at least one Wise payment that has no email address associated and thus no way for me to know who sent it. Please send me an email on support@itsfoss if it was you and share the deatils of the transaction.

📰 News That Matter

Linux 7.1 does a lot for a feature release. The new NTFS driver is the main talking point here, but Intel FRED switching to on-by-default and a long-overdue Steam Deck OLED audio fix are worth knowing about too.

Another new release this week is KDE Plasma 6.7. There are a few improvements here and there and the two vintage themes make a comeback.

With Ubuntu, Fedora, and soon KDE all dropping X11, yserver is a strange but interesting counter-move, arriving as a new X11 server, written in Rust, assisted by Claude. It intentionally drops decades of cruft to focus on what modern desktops actually need.

Session, the private messaging service that doesn't require a phone number, has managed to avoid getting shut down thanks to the community stepping up and donating the funds required to keep things running.

A new open standard called DocLang wants to be the format AI pipelines actually need instead of fighting with PDFs and DOCX files that were designed for human eyes. This vendor-neutral working group has already released v0.6 of the specifications with more work already underway.

In contrast, a compromised Fedora contributor account let an AI agent run loose across Bugzilla unsupervised, mass-reassigning bugs to the wrong person, closing reports it had no business closing with hallucinated LLM-generated comments.

Commodore and Jolla have joined to create anti-doomscrolling flip smartphone. It uses Linux-based Sailfish OS.

🧠 What We’re Thinking About

Arch User Repository, the community contributed repo, suffered supply chain attack.

Arch had to shut off new AUR registrations after three separate malware waves tore through the community repo in the span of a week. More than 1,500 AUR packages were hit. AUR helper Yay released a new version with some measures to spot malicious packages.

A few lesson from this incident:

• It is always better to install packages from official repoistories your distro provides.
• If you are erelying on AUR, looking at the PKGBUILD is more important than ever.
• There is little end users like you and I can do in case of supply chain attacks. It is up to distributions to secure the users.
• Supply chain attacks are going to be a bigger problem for the open source ecosystem. No wonder IBM-Red Hat is coming up with a $5 billion project Lightwall for this purpose.

Proton has launched Easy Switch for Business, a six-step migration tool that moves a company's emails, calendars, and contacts from Google Workspace to Proton Mail (partner link) seamlessly.

🧮 Linux Tips, Tutorials, and Learnings

CachyOS swapped out Octopi for a homegrown Rust package manager called Shelly, and it looks like a useful upgrade. One window handles repos, AUR, AppImage, and Flathub together; search spans all four at once; and it just looks like something built in 2026.

If that doesn't interest you, then we have a list of GTK themes that cater to a wide variety of tastes, ranging from the warm retro tones of Gruvbox to the macOS-inspired looks of WhiteSur and McMojave, and even a pitch-black option in Flat Remix for OLED screens.

If you use GNOME, explore this list of GNOME Extensions. Perhaps you will find some good ones for your usecase.

And here is the Dank Linux review I mentioned in the last newsletter but forgot to add the link.

👷 AI, Homelab and Hardware Corner

Raven Resonance has come up with something they call an ambient computer, which can easily be passed off as a smart glass. It is Linux-powered, not open source, and is called Raven Prism.

There's also a Linux cyberdeck that was in the news recently that you might've missed.

✨ Apps and Projects Highlights

Unhappy with KDE ditching X11 on Plasma? There's a fork that looks to preserve the experience while being init system agnostic.

📽️ Videos for You

If you ever feel the need to experience how bad Winslop is, you can create a bootable USB drive on Linux to get things going.

Subscribe to It's FOSS YouTube Channel

💡 Quick Handy Tip

If you are using the Clipboard Indicator extension on GNOME, then you can go into its settings, and under the "Behaviour" tab, enable "Paste on select." This allows you to automatically paste the selected clipboard item directly into your active text field when you click on it in the clipboard menu.

🎋 Fun in the FOSSverse

Can you name all the popular file managers in this crossword?

I am not complaining, are you? 🧐

🗓️ Tech Trivia: Last time we talked about Alan Turing and his unfortunate passing, but what often gets overlooked is Tommy Flowers' contribution to building Colossus.

Using 1,800 thermionic valves, his breakthrough dramatically shortened World War II while also proving that vacuum tubes could be reliable, forever changing modern computing history.

He did get some recognition in 2023, when a blue plaque went up at Dollis Hill in London, the former Post Office research site where he built Colossus using mostly spare telephone parts.

🧑‍🤝‍🧑 From the Community: A FOSSer is looking for pointers about an operating system called OpenIndiana. Have you ever used it?

from It's FOSS https://ift.tt/L0wTcml
via IFTTT

After the AUR Malware Flood, Yay v13 Lets You Script Your Own Safety Net

As you might already know, the AUR has been going through a rough patch, where more than 1,500 packages were compromised across three separate waves of malware attacks before Arch developers could get a handle on it.

yay, the most popular AUR helper for Arch Linux, just put out a release aimed at tackling that mess on the user level, introducing two new features that make it easier to spot a risky package before you install it and to automate the review work yourself.

Let's check it out! 🤓

New tools to spot malicious packages

The new PKGBUILD last-modified timestamps are visible inside the square brackets.

Search results, the yogurt prompt, and the upgrade menu all carry a new timestamp now, showing how long it's been since a package's PKGBUILD last changed. This gives you a heads-up on which packages might be worth a closer look before installing.

Jo Guerreiro, the maintainer of yay, clarified that the number by itself doesn't accomplish anything. Something edited last week isn't automatically dangerous, and something untouched for years isn't automatically clean.

This is meant to be just one extra signal to weigh before you commit to an install.

The other major addition here is support for Lua-based hooks and configuration, letting you script how yay behaves at different points in the install and upgrade flow. You can now drop a file at $XDG_CONFIG_HOME/yay/init.lua, usually ~/.config/yay/init.lua, and yay will pull both settings and hooks straight out of it.

Leave that file out entirely and nothing Lua-related runs at all. config.json doesn't go away either, init.lua sits above it and can override what's already there, while flags you pass on the command line take priority over everything else.

One of the new hooks, UpgradeSelect, kicks in partway through yay -Syu, once yay has worked out what needs upgrading but hasn't yet put the package exclusion screen in front of you.

Two more hooks come into play before the actual install runs, just later in the sequence than UpgradeSelect.

AURPreInstall triggers right after a PKGBUILD is fetched, early enough to abort an install before you've seen any menus. By the time makepkg --verifysource finishes pulling and checking the source, AURPostDownload fires, and at that point a script can look at the PKGBUILD next to the actual files it downloaded, still ahead of the install.

Beyond those, the v13 release also adds hooks for filtering search results and for taking action once a package finishes installing. The rest of it is mostly cleanup work like restoring missing locale files, and the ALPM executor picks up a proper log callback and a new Debug method.

You can get yay running on your Arch Linux or Arch-based setup by cloning it from the AUR and building it with makepkg:

git clone https://aur.archlinux.org/yay.git
cd yay && makepkg -si

from It's FOSS https://ift.tt/BQzD4rT
via IFTTT

Commodore's New Flip Phone Skips Android for Linux-Based Sailfish OS

A year has passed since Commodore, the computer brand many of you know and love, came back from the dead under new ownership.

The comeback is picking up pace too, with a lineup that already includes multiple Commodore 64 Ultimate editions, a C64X PC, and a licensing program that invites outside builders to use the name.

Now, they have announced a return to the phone market, and not in the doomscrolling glass-slab avatar we are all used to, but in a retro, very equippable flip phone format.

Making Flip Phones Great Again

The Commodore Callback 8020 is what comes out when a flip phone skips Android and goes toward a privacy-respecting Linux-based mobile operating system instead. In this case, Jolla's Sailfish OS, known for having great Android app compatibility without Google's surveillance baked in.

Jolla's CEO, Sami Pienimäki, says that it was chosen after Commodore evaluated competing platforms, citing Sailfish OS' design language and stance on privacy as the deciding factors.

As for what else it offers in terms of software, browsers and social media apps are blocked at the system level, with no toggle to turn the restrictions off. WhatsApp comes preinstalled, and Signal, Telegram, and WeChat are all supported, with iMessage possible through a third-party bridge.

Additionally, the official material points out that over 99% of Android apps are supported. Users can even control a Commodore 64 Ultimate's LEDs from the Callback 8020, as long as both are on the same Wi-Fi network.

The Specs

The polycarbonate-bodied phone is powered by a MediaTek Helio G81 chip with passive cooling, paired with 4GB of RAM and 64GB of storage (expandable via microSD), which should be enough for a phone built around doing less rather than more.

Flip it up, and you will see a 3.25-inch IPS display featuring a 480x640 resolution inside and a 1.77-inch VFD-style screen on the outside. Below the main screen sits a tactile T9 keypad, with dedicated Fn keys flanking the big Commodore key.

Camera duties fall to a 48MP Sony sensor on the back, with autofocus on both the front and rear lenses for video calls. A removable 1550mAh battery keeps things running as you use the device and receive notifications on the Dome-LED system (look at the light bar below the keypad).

For connectivity, you get dual-SIM 4G support with Wi-Fi, Bluetooth, hotspot, and GPS capabilities.

Get Yours

The Callback 8020 is being offered in five colorways: ProtoPET White, SX Silver, BASIC Beige, Starlight Edition, and Founders Edition. Swappable back covers and a protective case are sold separately for anyone who wants to change the look of their device later.

Pricing starts at $499 for ProtoPET White, SX Silver, and BASIC Beige. Starlight Edition runs $549.99, and the Founders Edition tops out at $640. These are discounted prices, and signing up for the waitlist unlocks an extra $50 off that will apply on June 30 when pre-orders open.

Units are set to ship this winter, though Commodore hasn't given a specific date, and the window could easily run into early 2027.

Join The Waitlist

from It's FOSS https://ift.tt/F3KNRxa
via IFTTT

KDE Plasma 6.7 Release Resurrects Two Themes From the KDE 4 Era

KDE's 30th anniversary is closing in on us, and the developers have spent these past few months getting things ready for the occasion, set to take place in October. Two of those things are Oxygen and Air, two classic Plasma themes from the KDE 4 era that we talked about a few months ago.

The X11-free Plasma 6.8 is also due around the same time, barring any delays, of course.

But, yeah, that's looking somewhat further into the future. For now, let's focus on the Plasma 6.7 release, which has arrived with those themes as well as a number of upgrades that make the desktop experience more refined than before.

🕊️

This release is dedicated to Eric Laffoon, a long-time supporter of KDE who passed away in May.

🆕 KDE Plasma 6.7: What's New?

Before we get into the highlights of this release, let's talk about the various usability and quality-of-life upgrades that ship with Plasma 6.7.

If you use Plasma's virtual keyboard, holding down a key now brings up the special characters tied to it instead of you having to dig through a separate symbols screen.

The Discover software center also gets some attention, where the "Install" button has been redone to make it clearer and harder to miss, and app listings carry more useful descriptions on each card.

Similarly, the printing workflow has been improved with a new print queue management tool, the system tray icon for printers now showing the number of print jobs in a queue, and quick connections to shared printers on Windows networks.

Plasma's calendar options grow too, with the Vietnamese lunar calendar joining the other non-Gregorian calendars already on offer.

And if you've already set up custom Global Themes for day and night, you can now flip between light and dark instantly via a toggle inside the "Brightness & Color" quick settings.

Now, for the rest of the changes. 👇

Two Classics Make a Comeback

Source: KDE

If you remember, Oxygen and Air both go back to the KDE 4 days, when Oxygen was the default theme starting with KDE 4.0, and Air took over that role once KDE 4.3 arrived.

Ahead of their anniversary, a restoration effort led by community contributors looked to bring them back into proper shape.

We covered that restoration effort in detail back in April, and a good chunk of it has now landed in Plasma 6.7, including reworked panels, a minimized window indicator, new switch designs, and adaptive opacity for both themes.

These now ship as full Global Themes too, with light, dark, and twilight variants. The two wallpapers that shipped with KDE 4 (Air and Horos) are part of the package as well.

Per-Screen Virtual Desktops

Source: KDE

Next in line is one of the most sought-after features that has arrived after 21 years of requests. Plasma has had virtual desktops for ages, but they were always tied globally across every monitor you had connected.

That changes now. You can finally set up separate virtual desktops for each screen, so your laptop display and your external monitor no longer have to share the same set. It might sound like a small change, but anyone running a multi-monitor setup knows how essential this is.

Apart from that, switching between virtual desktops got faster too; now you can pull up the Overview screen with Super+W and with a simple scroll or a tap of Page Up / Page Down move between desktops.

Suggested Read 📖: This New Project Gives You Plasma With X11

Arrival of Union

Plasma's theming has been a fragmented affair behind the scenes, with different toolkits needing different styling approaches.

With this release, a new theming system, Union, is being introduced that wants to assimilate all of that into one CSS-based system. So Plasma, QtQuick software, and QtWidgets software can pull their looks from the same set of style files instead of three separate ones.

In its current state, it is disabled by default and only touches the QtQuick side of the stack, arriving here as a tech preview rather than a finished feature.

📥 Get KDE Plasma 6.7?

Users of Plasma on rolling release distros like Arch Linux or EndeavourOS will be getting this the earliest. If you can't wait or are on a non-Arch distro, then you can build from source.

KDE Plasma 6.7 (source)

On the other hand, if you just want to see how this release performs before committing to it on your main setup, then you could always go for the User Edition of KDE Neon.

---

💬 Have you been on KDE Plasma for a long time? How has it been for you?

from It's FOSS https://ift.tt/R93gcYF
via IFTTT

Arch Linux Pulls the Plug on New AUR Registrations After Malware Flood

Arch Linux has disabled new account registrations on the Arch User Repository (AUR) as they work to contain a malware campaign that swept through the community package repository last week.

The AUR is where Arch users look in for software that has not made it into the official repositories yet. It is community-run and unsupported, meaning packages are user-submitted with no safety guarantee from the Arch team.

Over 1,500 packages were hit in the first wave alone, and two more waves followed shortly after developers thought they had it cleaned up.

What happened?

On June 11, Arch developer Jonathan Grotelüschen opened a dedicated thread on aur-general asking the community to report compromised packages. A formal news post from Campbell Jones followed the next day, acknowledging "a high volume of malicious package adoptions and updates" in the AUR.

Community member a821 traced the initial packages to a malicious npm package called js-digest, which was embedded in post-install scripts. Shortly after, koraynilay ran a broader search against GitHub's AUR mirror using js-digest as the marker and found around 850+ packages that were affected, noting the count was already dropping as devs removed them.

By the end of the day, Jonathan posted that they had deleted all known malicious commits, linking to a document that listed over 1,500 packages.

That was not the end of it. On June 13, a821 flagged a new batch using a different technique. This time, the word "bun" was split across string literals as 'b''u''n' to slip past detection.

Around 50 packages were caught in this wave, spanning browser packages, a cluster of nodejs-* entries, plasma6-applets-fancytasks, a NeoVim plugin, and LibreWolf extensions.

A day later, Nicolas Boichat spotted another batch, this one more heavily obfuscated. He caught it using a locally-run Gemma E2B model, with htbrowser-bin among the packages he flagged.

What can you do?

Fast-forward to now, Leonidas Spyropoulos of the Arch Linux team announced on June 15 that new AUR account registrations had been disabled as they are busy cleaning up the AUR.

Another thing to keep in mind is that the core Arch Linux repositories remain unaffected, with the malicious commits limited to the AUR.

If you suspect malicious packages might've made it onto your system or you just want to be cautious, then the Arch team suggests reviewing every PKGBUILD and install script change before updating, particularly right now.

And if anything suspicious does show up, they encourage users to flag it via the aur-general mailing list by replying to the AUR REPORT THREAD (also linked earlier).

from It's FOSS https://ift.tt/JTyi7dz
via IFTTT

To Make Things Easier, CachyOS Created a RUST-Based GUI Package Manager

CachyOS is a relatively new distribution that has gained mass popularity due to its cutting-edge software and features that focus on performance optimization, finding a very specific niche easily.

In its recent updates, CachyOS has changed the default package management system to the Rust-based Shelly from Octopi, so obviously, I was bound to check it out.

What does Shelly offer?

To start with, Shelly is a one stop solution to manage packages not only from CachyOS's own repositories, but also AUR, AppImage and Flathub, all at the same place. It also provides quite a nifty clean look that just makes sense, both of which give it a clear edge over Octopi already, which can manage the default repositories and AUR only, and looks a little dated.

Interface

The home page shows recent activity, a package dashboard which displays the number of packages installed through AUR and Flatpak, and the absolute total number of packages on the system. It also shows the percentage of packages which are totally updated, with the available updates on the right side.

There's a search bar on top which will search through the distribution's repositories, AUR and Flathub all at the same time. If a package is available from multiple sources, Shelly lists them in order of preference, first the distribution's repositories, then AUR and finally Flathub.

All the different possible sources are tabbed on the left of the window, which means you can manage the packages from all different sources separately and seamlessly.

🚧

On CachyOS with GNOME even when the system is on dark mode, the app doesn't seem to be. There's no internal option to change it, either. This is what I noticed in my testing.

Settings

The settings keep things to a minimal. There are toggle switches for AUR, Flatpak and AppImage management, as well as for the tray icon. These settings are confirmed on the first start of the application.

You can move around the left menu to the top, again with a toggle switch. In the advanced settings, you can enable the "No Confirm" button to slide through the confirmation for the installation, uninstallation or updating of any package. You can also limit the number of parallel downloads, with the default being 10. There's an interesting option called "Purify Packages" which gets rid of any corrupt packages on the system.

How well does it work?

In most aspects, Shelly works really well. Package management from the distribution's repositories, AUR and Flathub are virtually error-free. Search works really, and so does the installation and uninstallation.

AppImage is a little patchy, though. I tried to install balenaEtcher's AppImage and Raspberry Pi's Imager, the former was not installed and embedded into the system menu, but the latter was.

How does it compare to Pamac and Octopi?

With the first look itself, the interface, Shelly looks like it is several steps ahead from both Pamac and Octopi. It looks like it belongs on a modern system, is sleek and intuitively accessible unlike the other two.

As for the functionality, Pamac and Octopi work reliably well at what they do. Shelly works fairly well, too, while providing more options at the same time, with some aspects being a little troubling, perhaps.

Final Thoughts

The change to Shelly as the default package manager is very promising, it seems to suit CachyOS much better than Octopi in my opinion. It offers a lot of new, interesting features, and delivers on them fairly well. Let us know what you think about this change in the comments. Cheers!

from It's FOSS https://ift.tt/PqDIuw7
via IFTTT

Flipper One is a Pocket-sized Linux Cyberdeck

Pocket-sized computer tools are the definition of cool, recruiting many people over to the developer side of things, including your humble writer.

A project like Flipper One, which is intended to be a device that features the full mainline Linux kernel in a small package with a full range of connectivity, not to be used as a full-fledged computer (not all the time, at least) but rather a cyberdeck that can be used for development, experimentation and last but not the least, pentesting, is such a dream come true.

With its radical philosophy of complete openness, both in terms of hardware and software, and the ability to do whatever is possible with the hardware on board, it is a project that would have sent my 14 year-old self into a hyperventilating fit. So what exactly can it do? And how do you fit into the picture? That's exactly what we will tell you today.

Flipper One at a glance

Flipper One hasn't been released yet, but there are some ambitious features that have been planned for it. While Flipper Zero was more of an offline access tool, with emphasis on NFC, RFID infrared, UART and so on, Flipper One is intended to be a network connected Linux system. So obviously, we start with:

Connectivity

Flipper One self proclaims as a "Swiss Army knife for IP networks across all OSI layers", which include:

• 5G modem
• Wi-Fi 6E
• Two Gigabit Ethernet ports
• Upto 5 Gbps wired connectivity over USB-C Ethernet

All this results in Flipper One being usable as anything from a multi-hotspot bridge, an inline Ethernet sniffer, a VPN gateway, or a USB Wi-Fi/Ethernet adapter for another device.

Hardware

The hardware is a particularly interesting aspect of Flipper One, as it is has a completely custom, unique build. We will describe the technical aspects later, focusing first on the build of the device. It has a small monochrome 256x144px display, designed to show all necessary information from the custom software onboard, a touchpad, a 5-button D-pad, a back button, an app-switching button, and 5 buttons used for further navigation to power, edit, run or escape programs, and to view other options. Oh, there's a push-to-talk button as well for a pre-installed offline AI assistant. Fancy, eh?

As for the ports, it has the following:

• Two USB-C, one multipurpose, one only for power
• USB-A
• HDMI
• Two Ethernet
• 3.5mm audio jack
• MicroSD card slot
• Nano SIM card slot
• M.2 expansion module

Now finally onto the hardware on board:

• A main Rockchip RK3576 chip
• A secondary low-powered Raspberry Pi RP2350B MCU
• 8 GB RAM
• 64 GB internal storage
• 7000 mAh battery (tentatively)

As an ARM based device, the processing is comparable to the power offered by a Raspberry Pi 5, handling basic operations rather well.

Software

Here's where things get really interesting. The Flipper team intends Flipper One to be able to support the mainline Linux kernel, and has gone to the massive undertaking of having absolutely no proprietary binary blobs in any of their software. This includes the operating systems as well as the firmware. They're building FlipperOS, a layer on top of Debian, which you can do anything to.

There's also FlipperCTL, which has been created as a response to full-fledged Linux operating systems being awkward and uncomfortable on small screens. It is, therefore, a UI designed for a screen as small as that, controlled by a D-pad and a few buttons. The idea then, is to wrap utilities like ping, nmap and traceroute into this FlipperCTL interface.

Abilities

Apart from the use cases already mentioned, like as a pentesting tool or a networking agent, it can also be used as a survival desktop or a thin client, using the USB-C port to connect to a monitor. The exact details of the OS haven't been decided yet, but something slick like KDE Plasma with something resourceful like Kali Linux to suit all pentesting needs is the way Flipper is planning to go. It is also being planned as a hacker's TV media box, to be used as a media platform using Kodi or something similar. This would turn any HDMI input taking monitor into your personal media box, a luxury that is quite underrated in situations like a strange hotel room.

Not to forget, the presence of both a CPU and an MCU is by design, as the intention is to have the device functioning at low power, with the LCD and buttons, even without the main CPU running. Even when Linux is off, the device can run simple programs off of the MCU.

So what can you do?

But where do you come in? Well, the entire device is still under development and needs contributions from anyone who can provide it to be completed. Flipper has made a Developer Portal for Flipper One, where the entire development process is to be made open. That means half-baked task tracking, documentation, internal discussions, debates and everything.

You don't need to be a software developer, strictly, you could be a designer, just work on documentation, 3D models, so on and so forth. So, what all can you contribute to?

• Hardware: PCBs, antennae, chips, processors, connectors and everything in between (literally).
• Mechanics: Designing, enclosure, plastic/metal parts, mounting parts and so on.
• Linux: Firmware for the RP2350 microcontroller, relating to practically every component that the software will interact with.
• Interface: UI/UX design, visuals and graphics.
• Docs: Documentation, wikis, guides, progress made on the portal itself.
• Testing: This one you can find out for yourself.

Conclusion

Flipper's team has taken up a humongous task, trying to make this entire project totally open, the hardware design plans, the software blobs barring no small proprietary bits, and has shown courage admitting the need for help finishing the project. The Developer Portal is a great approach, inviting all the people from across the globe to contribute in any way that they possibly can. And with a beautiful passion project such as this? I'm expecting they absolutely will want to. I urge the readers to do that as well, if you have some skill and time to contribute.

Read the whole story from Flipper

This kind of project instills hope in user-level innovation after long bouts of polished, corporate products and we're all here for it. Let us know what you think of the device in the comments. Cheers!

from It's FOSS https://ift.tt/hsHtC7B
via IFTTT