LinuxWebLog.com

After spending years pushing digital payments to combat tax evasion and money laundering, European Union ministers decided in December to ban businesses from refusing cash. The reversal comes as 12% of European businesses flatly refused cash in 2024, up from 4% three years earlier. Over one in three cinemas in the Netherlands no longer accept notes and coins. Cash usage across the euro area dropped from 79% of in-person transactions in 2016 to just 52% in 2024. Sweden leads the digital shift where 90% of purchases now happen digitally and cash represents under 1% of GDP compared to 22% in Japan. The policy change stems from concerns about financial inclusion for elderly and poor populations who struggle with digital systems. Resilience worries also drove the decision after Spaniards facing nationwide power cuts last spring found themselves unable to buy food. European officials worry about dependence on American payment giants Visa and MasterCard. The EU now recommends citizens store enough cash to survive a week without electricity or internet access.

Read more of this story at Slashdot.

Linux distro designed to look like Windows hits 2 million downloads since the end of Windows 10 support  PC Guide

The European Union published guidance on December 30 that reclassified nuclear weapons as acceptable investments under its sustainable finance framework, completing a policy change approved in November that narrowed the definition of banned armaments from "controversial" to "prohibited." The shift addresses earlier vagueness that the Commission said hindered efforts to raise $932 billion in defense investments over four years. Under the revised rules, only four weapon categories remain expressly outlawed by a majority of EU states: personnel mines, cluster munitions, and biological and chemical weapons. Nuclear weapons manufacturers avoided exclusion because only Austria, Ireland and Malta signed the Treaty on the Prohibition of Nuclear Weapons, though all EU members support non-proliferation under the Non-Proliferation Treaty. The updated guidance also permits ESG labeling for companies handling depleted uranium for anti-tank ammunition and white phosphorus, which is toxic but not classified as a chemical weapon. European ESG funds currently hold minimal defense stocks, according to Jefferies data. The Commission's notice now makes these investments eligible for funds operating under Article 8 and Article 9 sustainable investment mandates.

Read more of this story at Slashdot.

Community Benchmarks on Kaggle lets the community build, share and run custom evaluations for AI models.Community Benchmarks on Kaggle lets the community build, share and run custom evaluations for AI models.

Intel Panther Lake GSC Firmware Published Ahead Of Laptop Availability  Phoronix

Experts warn this new Chinese Linux malware could be preparing something seriously worrying  TechRadar

Experts warn this new Chinese Linux malware could be preparing something seriously worrying  TechRadar

5 popular Linux terminal-based file managers—ranked  How-To Geek

An anonymous reader quotes a report from Ars Technica: Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers' needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign. VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor's API. Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is "far more advanced than typical Linux malware," said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker's focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments. "VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments," the researchers said in a separate post. "Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over." The researchers note that VoidLink poses no immediate threat or required action since it's not actively targeting systems. However, defenders should remain vigilant.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers' needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign. VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor's API. Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is "far more advanced than typical Linux malware," said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker's focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments. "VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments," the researchers said in a separate post. "Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over." The researchers note that VoidLink poses no immediate threat or required action since it's not actively targeting systems. However, defenders should remain vigilant.

Read more of this story at Slashdot.

Niche Linux System Becomes a 'Phenomenal Hit' Forced by Microsoft: 2M Downloads in 3 Months, 1.5M Windows Users 'Defect'  36氪

GOG leadership turns on Windows as Linux is considered  Windows Central

Netrunner Rolling 2019.04 Arch-based Linux distribution available for download  BetaNews

New "Thames" Linux Accelerator Driver Posted Along With Companion Gallium3D Driver  Phoronix

New Linux malware framework targets cloud and containers  Techzine Global

New Linux malware detected: admins “may never realize their infrastructure has been quietly taken over”  Cybernews

I'm a creator and my new favorite Linux distro is multimedia perfection - here's why  ZDNET

Linux Systems Face a New Predator: Inside VoidLink’s Sophisticated Attack Arsenal  Technology Org

Here’s my 2025 Year-End income update as a companion post to my 2025 Year-End asset allocation & performance update. Even though I don’t focus on high-dividend stocks or covered-call strategies – I still track the income from my portfolio as an alternative metric to price performance. The total income goes up much more gradually and consistently than the number shown on brokerage statements, which helps encourage consistent investing. Here’s a related quote from Jack Bogle (source):

The true investor will do better if he forgets about the stock market and pays attention to his dividend returns and to the operating results of his companies. – Jack Bogle

Stock dividends are a portion of profits that businesses have decided to distribute directly to shareholders, as opposed to reinvesting into their business, paying back debt, or buying back shares. They have explicitly decided that they don’t need this money to improve their business, and that it would be better to distribute it to shareholders. The dividends may suffer some short-term drops, but over the long run they have grown faster than inflation.

Here is the historical growth of the S&P 500 total dividend, which tracks roughly the largest 500 stocks in the US, updated as of 2025 Q4 (via Yardeni Research):

Tracking the income from my portfolio. Three of the primary income “trees” that produce income “fruit” in my portfolio are Vanguard Total US Stock ETF (VTI), Vanguard Total International Stock ETF (VXUS), and Vanguard Real Estate Index ETF (VNQ).

In the US, the dividend culture is somewhat conservative in that shareholders expect dividends to be stable and only go up. Thus the starting yield is lower, but grows more steadily with smaller cuts during hard times. Companies do buybacks as well, often because they are easier to discontinue. Here is an updated chart of the trailing 12-month (ttm) dividend per share over the last 15 years paid by the Vanguard Total US Stock ETF (VTI) via WallStNumbers.com.

European corporate culture tends to encourage paying out a higher (sometimes even fixed) percentage of earnings as dividends, but that also means the dividends move up and down with earnings. The starting yield is currently higher but may not grow as reliably. Here is an updated chart of the trailing 12-month (ttm) dividend per share over the last 15 years paid by the Vanguard Total International Stock ETF (VXUS).

In the case of Real Estate Investment Trusts (REITs), they are legally required to distribute at least 90 percent of their taxable income to shareholders as dividends. Historically, about half of the total return from REITs is from this dividend income. Here is an updated chart of the trailing 12-month (ttm) dividend per share over the last 15 years paid by the Vanguard Real Estate Index ETF (VNQ).

The dividend yield (dividends divided by price) also serve as a rough valuation metric. When stock prices drop, this percentage metric usually goes up – which makes me feel better in a bear market. When stock prices go up, this percentage metric usually goes down, which keeps me from getting too euphoric during a bull market.

Finally, the last income component of my portfolio comes from interest from bonds and cash. Vanguard Short-Term Treasury ETF (VGSH) and Schwab US TIPS ETF (SCHP) are example holdings, with the actual amount varying with the prevailing interest rates, the real rates on TIPS, and the current rate of inflation.

Dividend and interest income yield. To estimate the income from my portfolio, I use the weighted “TTM” or “12-Month Yield” from Morningstar (checked 1/4/26), which is the sum of the trailing 12 months of interest and dividend payments divided by the last month’s ending share price (NAV) plus any capital gains distributed (usually zero for index funds) over the same period. My TTM portfolio yield is now roughly 2.66%.

In dividend investing circles, there is a metric called yield on cost, which is calculated by dividing the current dividend by the original purchase price. In other words, while my portfolio yield today is 2.53%, that is because the current market price is also a lot higher. Due to increasing dividends on average over time, my yield-on-cost based on my portfolio value from 10 years ago is over 5%.

What about the 4% rule? For big-picture purposes, I support the simple 4% or 3% rule of thumb, which equates to a target of accumulating roughly 25 to 33 times your annual expenses. I would lean towards a 3% withdrawal rate if you want to retire young (closer to age 50) and a 4% withdrawal rate if retiring at a more traditional age (closer to 65). It’s just a quick and dirty target to get you started, not a number sent down from the heavens!

During the accumulation stage, your time is better spent focusing on earning potential via better career moves, improving your skillset, networking, and/or looking for asymmetrical (unlimited upside, limited downside) entrepreneurial opportunities where you have an ownership interest.

Our dividends and interest income are not automatically reinvested. They are simply another “paycheck”. As with our other variable paychecks, we can choose to either spend it or invest it again to compound things more quickly. You could use this money to cut back working hours, pursue a different career path, start a new business, take a sabbatical, perform charity or volunteer work, and so on. You don’t have to wait until you hit a magic number. Our life path has been very different because of this philosophy. FIRE is Life!

Linux apps are NOT coming to many still-supported Chromebooks  BetaNews