Privacy Messenger Session Is Staring Down a 90-Day Countdown to Obscurity

If you care about privacy and don't take too well to governments and Big Tech companies snooping on your messages, then Session has probably come up at some point. It's a free, open source, end-to-end encrypted messaging app that doesn't ask for your phone number or email to sign up.

Messages are routed through an onion network rather than a central server, and the combination of no-metadata messaging, anonymous sign-up, and decentralized architecture has earned it a loyal following among privacy-conscious users.

Unfortunately, the project has sent out a mayday call as it risks closure.

A call for help

Your donations have helped, and the Session Technology Foundation (STF) has received enough funding to support critical operations for 90 days.

This means that Session will remain available on the app stores and essential services (such as the file server and push notification…

— Session (@session_app) April 9, 2026

The Session Technology Foundation (STF) sent out what can only be described as a distress signal, announcing that the app's survival is now in serious peril. The day it was posted on was also the last working day for all paid staff and developers at the STF.

From that point on, Session is being kept running entirely by volunteers.

The donations that they received earlier are enough to keep critical infrastructure online until July 8, but not nearly enough to retain a development team. With nobody left on payroll, development has been paused.

Due to that, introducing new features is off the table, existing bugs will most likely go unaddressed, and the STF says new releases are unlikely during this period.

Session co-founder Chris McCabe had already flagged the trouble coming. In a personal appeal published earlier in March, he wrote that the organizations safeguarding Session had faced many challenges over the years and that the project's very survival was now at risk.

He had concluded by appealing that:

The project is on a path to self-sustainability, but the future is fragile. If every Session user contributed just one dollar, it would go a long way towards Session reaching sustainability. If you've ever considered donating, now is the time to act.

The above didn't accomplish enough to change the outcome, so the Session folks had to sound the alarm. The foundation says it needs $1 million to complete the work still in progress.

That includes Protocol v2, which adds forward secrecy (PFS), post-quantum cryptography, and improved device management, as well as Session Pro, a subscription tier intended to put the project on a self-sustaining footing.

If that goal is hit, the STF says it hopes Session could stand on its own without needing to go back to the community for more.

As of writing, $65,000 of that $1 million has been raised. Anyone who wants to see this privacy-focused messaging app survive, especially at a time when surveillance is only getting worse, can donate at getsession.org/donate.

Save Session

---

Suggested Read 📖: Session's Other Co-Founder Thinks You Don't Need to Ditch WhatsApp

from It's FOSS https://ift.tt/bEPanqA
via IFTTT

Good News! France Starts Plan to Replace Windows With Linux on Government Desktops

France's national digital directorate, DINUM, has announced (in French) it is moving its workstations from Windows to Linux. The announcement came out of an interministerial seminar held on April 8, organised jointly by the Directorate General for Enterprise (DGE), the National Agency for Information Systems Security (ANSSI), and the State Procurement Directorate (DAE).

The Linux switch is not the only move on the table. France's national health insurance body, CNAM, is migrating 80,000 of its agents to a set of homegrown tools: Tchap for messaging, Visio for video calls (more on this later), and France transfert for file transfers.

The country's national health data platform is also set to move to a sovereign solution by the end of 2026.

Beyond the immediate moves, the seminar laid out a broader plan. DINUM will coordinate an interministerial effort built around forming coalitions between ministries, public operators, and private sector players, with interoperability standards at the core (the Open Interop and Open Buro initiatives are specifically named).

Every French ministry, including public operators, will be required to submit its own non-European software reduction plan by Autumn 2026.

The plan is expected to cover things like workstations, collaboration tools, antivirus, AI, databases, virtualization, and network equipment. A first set of "Industrial Digital Meetings" is planned for June 2026, where public-private coalitions are expected to be formalized.

Speaking on this initiative, Anne Le Hénanff, Minister Delegate for Artificial Intelligence and Digital Affairs, added that (translated from French):

Digital sovereignty is not optional — it is a strategic necessity. Europe must equip itself with the means to match its ambitions, and France is leading by example by accelerating the shift to sovereign, interoperable, and sustainable solutions.

By reducing our dependence on non-European solutions, the State sends a clear message: that of a public authority taking back control of its technological choices in service of its digital sovereignty.

You might remember, a few months earlier, France set out on a similar path for video conferencing. The country mandated that every government department switch to Visio, its homegrown, MIT-licensed alternative to Teams and Zoom by 2027.

Part of the broader La Suite Numérique initiative, it had already been tested with 40,000 users across departments before the mandate was announced. So this move looks like an even more promising one, and we shall keep an eye on how this pans out.

---

Suggested Read 📖: ONLYOFFICE Gets Forked

from It's FOSS https://ift.tt/WaJA8oi
via IFTTT

Is a Clanker Being Used to Carry Out AI Fuzzing in the Linux Kernel?

With the rise of AI and humanoid robots, the word "Clanker" is being used to describe such solutions, and rightly so. In their current state, these are quite primitive, and while they can act like something resembling human intelligence, they still can't match what nature cooked up.

Now that terminology has made its way into the Linux kernel thanks to Greg Kroah-Hartman (GKH), the Linux stable kernel maintainer and the closest thing the project has to a second-in-command.

He has been quietly running what looks like an AI-assisted fuzzing tool on the kernel that lives in a branch called "clanker" on his working kernel tree. Before you ask, fuzzing is a method of automated software testing that bombards code with unexpected, malformed, or random inputs to trigger crashes, memory errors, and other misbehavior.

It is a critical line of defense for a massive codebase like Linux.

How it started

It began with the ksmbd and SMB code. GKH filed a three-patch series after running his new tooling against it, describing the motivation quite simply. He picked that code because it was easy to set up and test locally with virtual machines.

What the fuzzer flagged were potential problems specific to scenarios involving an "untrusted" client. The three fixes that came out of it addressed an EaNameLength validation gap in smb2_get_ea(), a missing bounds check that required three sub-authorities before reading sub_auth[2], and a mechToken memory leak that occurred when SPNEGO decode fails after token allocation.

GKH was very direct about the nature of the patches, telling reviewers: "please don't trust them at all and verify that I'm not just making this all up before accepting them."

These pictures show the Clanker T1000 in operation.

It does not stop there. The clanker branch has since accumulated patches across a wide range of subsystems, including USB, HID, WiFi, LoongArch, networking, and more.

Who is GKH?

If you are not well versed with the kernel world, GKH is one of the most influential people in Linux development.

He has been maintaining the stable kernel branch for quite a while now, which means every long-term support kernel that powers servers, smartphones, embedded devices, and pretty much everything else running Linux passes through his hands.

He also wrote Linux Kernel in a Nutshell back in 2006, which is freely available under a Creative Commons license. It remains one of the more approachable references for anyone trying to understand kernel configuration and building, and it is long overdue for a new edition (hint hint).

Linus has been thinking about this too

Speaking at Open Source Summit Japan last year, Linus Torvalds said the upcoming Linux Kernel Maintainer Summit will address "expanding our tooling and our policies when it comes to using AI for tooling."

He also mentioned running an internal AI experiment where the tool reviewed a merge he had objected to. The AI not only agreed with his objections but found additional issues to fix.

Linus called that a good sign, while asserting that he is "much less interested in AI for writing code" and more interested in AI as a tool for maintenance, patch checking, and code review.

AI should assist, not replace

There is an important distinction worth making here. What GKH appears to be doing here is not having AI write kernel code. The fuzzer surfaces potential bugs; a human with decades of kernel experience reviews them, writes the actual fixes, and takes responsibility for what gets submitted.

If that's the case, then this is the sensible approach, and it mirrors what other open source projects have been formalizing. LLVM, for instance, adopted a "human in the loop" AI policy earlier this year, requiring contributors to review and understand everything they submit, regardless of how it was created.

---

Suggested Read 📖: Greg Kroah-Hartman Bestowed With The European Open Source Award

from It's FOSS https://ift.tt/LawPYU8
via IFTTT

Microsoft Locked Out VeraCrypt, WireGuard, and Windscribe from Pushing Windows Updates

Microsoft has had a complicated relationship with the open source world. VSCode, TypeScript, and .NET are all projects it created, and its acquisition of GitHub put it in charge of the world's largest code hosting platform.

But it is also the same company that bakes telemetry into Windows by default and has been aggressively pushing Copilot AI into every corner of its software. That last part especially has been nudging a growing number of people toward open alternatives.

And now, a wave of developer account suspensions has given some open source developers a new headache.

What's happening?

Microsoft rolled out mandatory account verification for all partners enrolled in the Windows Hardware Program who had not completed verification since April 2024. The requirement kicked in on October 16, 2025, giving partners 30 days from notification to verify their identity with a government-issued ID.

Plus, that ID has to match the name of the Partner Center primary contact. Miss the deadline or fail verification, and your account gets suspended with no further submissions allowed.

This matters because signing Windows kernel drivers requires one of these accounts. Without it, developers cannot push driver-signed updates for Windows, and Windows will flag unsigned drivers, blocking them from loading at the kernel level.

Three major open source projects found this out the hard way. VeraCrypt, WireGuard, and Windscribe all had their developer accounts suspended, cutting off their ability to ship updates on Windows.

It appears @Microsoft is actively suspending developer accounts with no warning or reason of various security tools like VeraCrypt, WireGuard and also Windscribe. We've had this VERIFIED account for 8+ years to sign our drivers.

We've been trying to resolve this for over a… https://t.co/iwkryuwKuO pic.twitter.com/7VcnAQIbnP

— Windscribe (@windscribecom) April 8, 2026

VeraCrypt developer Mounir Idrassi was the first to go public. In a SourceForge forum post, he wrote that Microsoft had terminated his account with no prior warning, no explanation, and no option to appeal.

Repeated attempts to reach Microsoft through official channels got him nothing but automated replies. The suspension hit his day job too, not just VeraCrypt.

WireGuard creator Jason Donenfeld hit the same wall a couple of weeks later, when he went to certify a new WireGuard kernel driver for Windows and found his account showing as access restricted. He eventually tracked down a Microsoft appeals process, but it carried a 60-day response window.

Windscribe's situation was arguably the messiest. The company says it had held a verified Partner Center account for over eight years and spent more than a month trying to sort things out before going public.

Moreover, once an account is suspended, Partner Center blocks users from opening a support ticket directly.

What now?

This eventually got Microsoft's attention as Scott Hanselman, VP and Member of Technical Staff at Microsoft and GitHub stepped in on X to say the accounts would be fixed. He pointed to the October 2025 blog post (linked earlier) and said the company had been sending emails to affected partners since then.

Scott confirmed he had personally reached out to both Mounir and Jason to get their accounts unblocked, and that fixes were already in progress.

Anyway, this doesn't look good, and leaving developers of critical security software without recourse for weeks only erodes trust. But, in the end, this won't really affect a behemoth like Microsoft, who has a dominating hold on the operating system market.

---

Suggested Read 📖: Proton Workspace and Meet launched as alternatives to Big Tech offerings

from It's FOSS https://ift.tt/MlsXc7e
via IFTTT

FOSS Weekly #26.15: Rollback in apt, bad USB detection, Glass UI in KDE, Linux Kernel dropping older processor support and more

Linus Torvalds created two of the most widely used tools in modern computing: the Linux kernel and Git.

Git, of course, is a version control system primarily used by programmers.

But Theena makes a strong case that Git and plain text are the best tools a writer can use. Not just for backup but for building a writing practice that is truly their own..

At its core, the argument is about breaking free from platform dependency, long-term preservation, and treating your body of work as something worth designing around rather than just storing somewhere convenient.

Here are other highlights of this edition of FOSS Weekly:

• sudo tips and tweaks.
• Apt's new version has useful features.
• Opera GX arriving as a gaming browser for Linux.
• A Linux driver proposal to catch malicious USB devices.
• And other Linux news, tips, and, of course, memes!

Tired of AI fluff and misinformation in your Google feed? Get real, trusted Linux content. Add It’s FOSS as your preferred source and see our reliable Linux and open-source stories highlighted in your Discover feed and search results.

Add It's FOSS as preferred source on Google (if you use it)

📰 Linux and Open Source News

Not open source software but Opera GX, the gaming-focused Chromium browser that's been on Windows and macOS for years, has finally landed on Linux. Sourav took the early access build for a spin and tested the features it's known for, like GX Control for capping RAM and CPU usage while gaming and GX Cleaner for cleaning up junk data.

The Linux kernel is finally dropping i486 support, queued for Linux 7.1. The first patch removes the relevant Kconfig build options, with a fuller cleanup covering 80 files and over 14,000 lines of legacy code still to follow.

Proton has launched two new things: Proton Workspace, a bundled suite of all their services aimed at businesses looking for a privacy-first alternative to Google Workspace or Microsoft 365, and Proton Meet, an end-to-end encrypted video conferencing tool using the open source MLS protocol.

A proposal has been submitted to the Linux kernel mailing list for a new HID driver called hid-omg-detect that passively monitors USB keyboard-like devices for suspicious behavior.

Another proposal, but for Fedora was recently struck down. It looked to move per-user environment variable management from shell RC files into systemd.

Remember the glass UI from the Windows 7 era? KDE is considering bringing back the older classic Oxygen and Air themes. These themes will be optional, of course.

Anthropic, the company behind Claude AI, has donated $1.5 million to Apache Software Foundation. The donation aims to secure the open source stack AI tools depend on.

🧠 What We’re Thinking About

Firefox has been losing ground for a decade, and Mozilla is trying something new. A built-in VPN and a growing set of AI features. Roland's piece looks at whether either of those things is likely to actually work.

Puter, the open source browser-based desktop OS, has added ONLYOFFICE to its app marketplace, giving it a full office suite covering documents, spreadsheets, presentations, and PDF editing.

YOUR support keeps us going, keeps us resisting the established media and big tech, keeps us independent. And it costs less than a McDonald's Happy Meal a month.

Support us via Plus membership and additionally, you:

✅ Get 5 FREE eBooks on Linux, Docker and Bash
✅ Enjoy an ad-free reading experience
✅ Flaunt badges in the comment section and forum
✅ Help creation of educational Linux materials for everyone

Join It's FOSS Plus

🧮 Linux Tips, Tutorials, and Learnings

Not many people know that sudo command's behavior can be tweaked as well. Here are a few sudo tweaks.

Tennis is a Zig-written terminal tool that renders CSV files as clean, color-coded tables with solid borders and auto-detected themes.

APT package manager's latest version 3.2 has a rollback feature. Sourav briefly tested it.

📚 Linux eBook bundle (don't miss)

No Starch Press needs no introduction. They have published some of the best books on Linux. And they are running an ebook bundle deal on Humble Bundle.

I highly recommend checking it out and getting the bundle.

Plus, part of your purchase supports Electronic Frontier Foundation (EFF).

👷 AI, Homelab and Hardware Corner

The Linux kernel dropped i486 support and added GD-ROM driver support for the Sega Dreamcast in the same breath.

✨ Apps and Projects Highlights

Hideout is a minimal GTK4/Adwaita desktop app for file encryption and decryption, powered by GnuPG.

📽️ Videos for You

Here are some Linux terminal tricks to save you time.

Subscribe to It's FOSS YouTube Channel

💡 Quick Handy Tip

You can copy a file in Nautilus by pressing Ctrl+C, then press Ctrl+M to paste it as a symbolic link instead of an actual copy. This is a handy way to create a symlink without ever needing to open a terminal!

0:00

/0:15

🎋 Fun in the FOSSverse

In this members-only crossword, you will have to name systemd's ctl commands.

An appropriate meme on the OS-level age verification topic.

🗓️ Tech Trivia: On April 8, 1991, a small team at Sun Microsystems quietly relocated to work in secret on a project codenamed "Oak", a programming language that would eventually be renamed Java and go on to become one of the most widely used languages in the world, powering everything from Android apps to enterprise software.

🧑‍🤝‍🧑 From the Community: A FOSSer is wondering if anyone has ever jailbroken a Kindle for KOReader use.

from It's FOSS https://ift.tt/gKGkRWh
via IFTTT

I Tried Apt Command's New Rollback Feature — Here’s How It Went

APT, or Advanced Package Tool, is the package manager on Debian and its derivatives like Ubuntu, Linux Mint, and elementary OS. On these, if you want to install something, remove it, or update the whole system, you do it via APT.

It has been around for decades, and if you are on a Debian-based distro, then you have almost certainly used it without giving it much thought. That said, it has seen active development in the last couple of years.

We covered the APT 3.0 release this time last year, which kicked off the 3.x series with a colorful new output format, the Solver3 dependency resolver, a switch from GnuTLS/GnuPG to OpenSSL, and Sequoia for cryptographic operations.

The 3.1.x cycle that followed has now closed out with APT 3.2 as the stable release, and it brings some notable changes with it.

What do you get with Apt 3.2?

The biggest additions with this release are transaction history with rollback support, some new commands, and per-repository package filtering.

APT now keeps a log of every package install, upgrade, and removal. You can view the full list with apt history-list, which shows all past operations with an ID assigned to each. To see exactly what packages were affected in a specific operation, you can use apt history-info <ID>.

From there, apt history-undo <ID> can be used to reverse a specific operation, reinstalling removed packages or removing installed ones as needed. If you undo something mistakenly and want it back, run apt history-redo <ID> to reapply it.

For cases where you want to revert everything back to the state at a particular point, apt history-rollback <ID> does that by undoing all operations that happened after the specified ID. Use this with care, as it makes a permanent change.

apt why and apt why-not are another set of new additions that let you trace the dependency chain behind a package. Run apt why <package> and APT will tell you exactly what pulled it onto your system. Run apt why-not <package> and it will tell you why it is not installed.

Similarly, Include and Exclude are two new options that let you limit which packages APT uses from a specific repository. Include restricts a repo to only the packages you specify, and Exclude removes specific packages from a repo entirely.

Solver3, which shipped as opt-in with APT 3.0, is now on by default. It also gains the ability to upgrade packages by source package, so all binaries from the same source are upgraded together.

Additionally, your system will no longer go to sleep while dpkg is running mid-install and JSONL performance counter logging is also in, though that is mostly useful for developers.

If all of that's got you interested, then you can try Apt 3.2 on a Debian Sid installation as I did below or wait for the Ubuntu 26.04 LTS release, which is reportedly shipping it.

How to use rollback on Apt?

I almost got lost in the labyrinth of Vim, unable to exit.

After installing some new programs using APT, I tested a few commands to see how rollback and redoing transactions worked. First, I ran sudo apt history-list in the terminal and entered my password to authorize the command.

The output was a list of APT transactions that included the preparatory work I had done to switch to Debian Sid from Stable, as well as the two install commands to get Vim and Nala installed.

Next, I ran sudo apt history-info 4, the number being the ID of the transaction, and I was shown all the key details related to it, such as the start/end time, requested by which user, the command used, and packages changed.

After that, I ran sudo apt history-undo 4 to revert the Vim installation and sudo apt history-redo 4 to restore the installation; both of these commands worked as advertised.

Finally, I tested sudo apt history-rollback 3 to get rid of Nala, and the process was just about the same as before, with me being asked to confirm changes by typing "Y".

When I tried to run apt history-redo for this one, the execution failed as expected.

---

💬 Do these new additions look useful to you? Can't be bothered? Let me know below!

from It's FOSS https://ift.tt/W1XaUkc
via IFTTT

The Linux Kernel is Finally Letting Go of i486 CPU Support

Plenty of CPU architectures have come and gone over the last few decades. The x86 family alone has seen a long line of chips rise to prominence and fade away as newer generations took over.

The i486 is one such chip, and it has been holding on in the Linux kernel far longer than most people expected. It was launched in 1989 as Intel's answer to what came next after the i386.

It was faster, smarter, and arrived right as personal computers were making their way from offices into living rooms. For many people, a 486-powered PC was their first computer.

By the early 1990s, the chip was everywhere. It was so dominant that AMD, Cyrix, and IBM all jumped in with their own compatible versions to grab a slice of the market. Intel kept producing the i486 well past its prime too, with embedded versions rolling off the line until 2007.

Most major platforms dropped i486 support a long time ago. Microsoft's last operating systems to officially support it were Windows 98 and Windows NT 4.0. The Linux kernel, however, has kept the lights on for i486 users well into the 2020s.

But that is now changing. 😅

What's happening?

Back in April 2025, kernel maintainer Ingo Molnár posted an RFC patch series to the Linux Kernel Mailing List, proposing to raise the minimum supported x86-32 CPU. The new floor would require chips with both a Time Stamp Counter (TSC) and CMPXCHG8B (CX8) instruction support.

Anything short of that, including the i486 and some early Pentium variants, would be out.

Prior to that, Linus Torvalds had already made his position clear on the mailing list, saying that:

I really get the feeling that it's time to leave i486 support behind. There's zero real reason for anybody to waste one second of development effort on this kind of issue.

Ingo's RFC had covered a fair amount of ground. The full cleanup would touch 80 files and remove over 14,000 lines of legacy code, including the entire math-emu software floating-point emulation library.

Now, the first of those patches removes the CONFIG_M486, CONFIG_M486SX, and CONFIG_MELAN Kconfig build options. It has been committed and is queued for Linux 7.1. Once it lands, building a Linux kernel image for i486-class hardware will no longer be possible.

Ingo noted in the commit that no mainstream x86 32-bit distribution has shipped an M486=y kernel package in some time, so the real-world impact on active users should be close to zero.

Unsupported but not unusable

If you have an i486 machine tucked away somewhere, it is not suddenly useless. Older kernel releases will continue to run on the hardware just fine.

Yes, those older kernels are not getting security patches. But if you are keeping a decades-old machine around for historical or educational purposes, it will not be your daily driver.

Just keep it off the internet, pair it with an older LTS kernel, and it will do what you need it to do without much fuss.

from It's FOSS https://ift.tt/nozeflx
via IFTTT