anybody know any linux mp3 players with cool-looking skins like the old winamp ones?
https://redd.it/1ooyx9p
@r_linux

AI Engineering in a Homelab: Building a Secure, Optimized RAG System on a Low-Power NAS (i5 Gen 8)
https://redd.it/1ooz6br
@r_linux

Flatpak Happenings
https://blog.sebastianwick.net/posts/flatpak-happenings/

https://redd.it/1op0mw4
@r_linux

backing up my home folder (linux) ABB vs Borg ?

​I have PC with Ubuntu 25.04 with BTRFS (and 25.10 in a moment)  and I want to do my home folder incremental backups.

I know that ABB (Synology Active Backup for Business) allows me to do that (file server backup), and it has only multi-versioned \-mean full backups,  incremental - only latest version is available ? (it uses rsync over SSH - no local agent required)

most popular/recommended tool for backups on Linux is Borg, extra feature is deduplication - so I can store many incremental versions (possibly saving A LOT of space, right?)

Did I miss something? of course at the end, ABB allows me to browse backups from DSM UI.

Borg allows me to browse backups from clients or If I install borg-webgui I could do it from NAS's web as well.

Did anyone compare those solutions? any strong reason (or not strong :) ) to use one over another ? (or maybe something completely different?)

https://redd.it/1ooyqdc
@r_linux

I built SemanticsAV, a free, AI-native malware scanner for Linux that runs 100% offline. I'm looking for your honest feedback!

Hey everyone,

I'm the creator of SemanticsAV. This project has been a long time coming, and I'm thrilled (and terrified) to finally share it with all of you.

A few years ago, I was designing ML-based malware detectors for a security firm, hitting top scores at major AV tests. I then left the industry for a while to work in CV/NLP and saw AI advancing at lightning speed.

Looking back, I was shocked that malware detection was still stuck in the past, fundamentally chained to the 1990s model of signature databases. Every vendor claims "AI-powered," but for most, it's just a thin layer on top of the same old signature game.

This isn't just a tech problem—it's an economic gate. The signature model means only those with massive data collection budgets can compete, forcing high prices. The result is that the entire Linux ecosystem, the backbone of the internet, has been stuck with ClamAV, a respectable but aging project, as its only real general-purpose open-source option for decades.

I consider this a structural failure, so I decided to build a solution from first principles. My goal was to prove that a true end-to-end AI approach could replace signatures entirely, and deliver top-tier performance without harvesting user data.



This is SemanticsAV:

* AI-Native, Signature-Free: We replaced the slow, expensive, and fallible work of human signature creation with a single, end-to-end AI. It learns directly from raw binary architecture to discover its own brutally effective patterns.

* Free for Linux, Forever: The scanner is perpetually free for all commercial uses on Linux, requiring only attribution. Updates are ultra-lightweight AI models downloaded on-demand via the open-source CLI, ensuring the core engine remains 100% offline during scans.

* Trust Through Verifiable Architecture: The core engine (SDK) is a closed-source binary, but it is architecturally incapable of networking. This isn't a claim you have to trust; it's a fact you can verify. All legitimate network activity is handled exclusively by the MIT-licensed open-source CLI, which you can audit line by line.

* Privacy by Design (Offline-First): The free scanner is 100% offline. Our optional paid Cloud Intelligence service for deeper threat analysis never sends your files, only a tiny (\~15KB) one-way encrypted "architectural fingerprint."



Current Status & The Ask:

The platform currently supports PE and ELF files, with more formats on the roadmap. My goal is for SemanticsAV to become a foundational malware scanner for the Linux ecosystem.

But here's the honest truth: I'm an engine developer, not an open-source maintainer. I've spent years obsessed with the core tech, but I'm a novice at building a community. I'm sure the integration experience has rough edges, the CLI could be better, and the documentation has holes.

This is where I need your help. I'm looking for your brutal, honest feedback. Tell me what's broken, what's confusing, and what's missing. I'm here to learn and will be actively replying to comments.

\---

TL;DR: I was frustrated with old signature-based AV like ClamAV, so I spent years building a free, truly AI-native, 100% offline malware scanner for the Linux community. The CLI is open-source (MIT). I'd love your feedback!

Links:

* Website: https://www.semanticsav.ai/

* GitHub: https://github.com/metaforensics-ai/semantics-av-cli

Thanks for reading, and I'm looking forward to hearing what you think!

https://redd.it/1op43n8
@r_linux

GNOME Mutter Now "Completely Drops The Whole X11 Backend"
https://www.phoronix.com/news/GNOME-Mutter-Drops-X11

https://redd.it/1op49hf
@r_linux

Ubuntu Core (Immutable) will be the main ubuntu version in the future
https://redd.it/1op6xyv
@r_linux

An appreciation post

Wednesday, 05/11/25 16:04:50



I use Linux on both my PC and my laptop. I love Linux. I was an early adopter in the form of Red Hat 6.1 -> Mandrake -> SuSE -> Ubuntu around 25 years ago. I stuck with Linux up until my PC died and with limited funds I could buy a "gaming" PC from eBay for \~£450.



The specs on the new machine were, on paper, 'okay', not great but certainly okay. The only bottle neck was the CPU. Now, my demands are not great. World of Warcraft is the heaviest lifting any of my machines do and this eBay bargain played it just fine. FPS in major cities on retail is a bit dismal and in heavy raid scenarios things can get dire. But, I am a simple WoW player. I like questing; I like levelling professions; I like making money on the Auction House. In other words, my focus is not on heavy demanding end-game scenarios.



Then, around 18 months ago I started getting the occasional blue screen and lock ups.



When I bought the machine, I was told that, if I press F11 on start up, I would be able to reinstall Windows. It didn't work. So I was stuck with a PC that was becoming more and more unusable as the weeks passed and I didn't (don't) have the money to either buy a licence or replace it.



I always knew Linux was an option but now it was becoming a necessity. The last distro I used was Ubuntu so that was my first port of call. However, I remembered preferring KDE over GNOME, and I knew of Kubuntu. So, I downloaded 24.04 not long after release, used Balena Etcher in Windows to create the USB stick and said goodbye to Windows one last time.



I was up and running in no time and since then my usage has been an absolute joy.



As I have said, my demands are not great. In many ways I am an every day user; the apps I have on my taskbar are Brave, Thunderbird, WoW, Shortwave (radio app), Spotify, Only Office, RedNoteBook (journal), PokerStars, Kate, Konsole and Geany.



Not long after, I found out my daughter hadn't been using a 2014 MacBook Air I had bought her because it had aged and with MacOS it had become unusable. I asked her if I could have it, she said 'sure' and I brought it downstairs. i5 CPU, 4GB RAM and 128GB SSD. Instinctively, I knew Xubuntu - Ubuntu's XFCE variant - would be a good match.



Within an hour I had a perfectly usable laptop by my side. While I play WoW or poker on my desktop, I'll be watching a stream on the laptop. I also prefer it for social media and I keep my personal journal on it too.



So, now, I have a 9 year old PC and an 11 year old MacBook as my set up. I would dearly love a new computer but, being the eternal pauper, that simply isn't possible.



I am very happy with my little set up. I want for nothing. Linux gave me that.

https://redd.it/1op87g3
@r_linux

Script to tweak webcam settings

I use Linux as my daily driver but for certain calls, I tend to boot into Windows because the webcam images look so much better on Windows.


I got a bit annoyed with it and wrote a noscript (ai-assisted) to improve the camera quality. Depending on the ambient lighting, the camera can look just as good as Windows. Makes it usable for me on Linux now.

Here's the github repository. Feel free to use/fork/create prs.

https://redd.it/1op97cs
@r_linux

Flatpaks kinda suck in my experience

Let me start off by saying the idea of them is great. Obviously uniting all distros behind a single format is a sound idea and having them sandboxed is great for security. It's just that nine times out of ten, using a flatpak just causes issues for me that are easily solved by not using the flatpak version. Whether it's programs straight up not launching or causing issues with my hardware or other software or certain functions just not working, they just cause issues too often. It's gotten to a point where I will just install the RPM without even trying the flatpak because I don't want to deal with the issues that it is inevitably going to have. I never see anyone talking about this so I wonder if some of you might recognize what I'm getting at.

https://redd.it/1opb8bl
@r_linux

WARNING: Ransomware published on GitHub issue
https://redd.it/1opbwhh
@r_linux

We Should Act Before The Irreversible Loss of Computing Ownership

I see a very strong trend in the industry: General-purpose computing is being locked down, and the trend is accelerating. It's not one particular manufacturer or architecture; it's systemic.

# The mobile ecosystem is getting worse.

Phones have always been bad, but it's getting worse. Most bootloaders are locked. OEMs make unlocking really painful or extremely punitive: voiding warranties or breaking features. Alternative OSes like postmarketOS have to struggle with proprietary driver blobs and zero hardware documentation. Android is also clamping down with integrity checks and API gating, even when independent software is technically side loadable.

# And it's now also spreading to laptops and desktops.

The same lock-down is following as ARM becomes mainstream in PCs. Apple migrated from UEFI, relatively open Intel Macs to iBoot, much more restrictive Apple Silicon. Linux runs via Asahi only because they reverse-engineered Apple's boot process; it's not a standard UEFI experience.

But this is not because ARM has to be closed. UEFI and Secure Boot work just fine on ARM. The ARM PCs running Windows use them today. Arm's SystemReady program makes ARM devices boot exactly like the x86 PCs. Lock-down is a deliberate product choice, not a technical requirement for the presence of this technology.

# 'Security' is a misleading term and a false justification

Manufacturers say they lock bootloaders for security, but x86 Windows PCs prove you can have secure defaults while letting owners disable Secure Boot or enroll their own keys. Security and openness are not in mutual exclusion; manufacturers simply choose restriction because it maintains control.

# OS lock-down is not justified by regulatory requirements.

Radios and DRM firmware can remain vendor-signed and isolated, but without locking the OS boot process. The baseband/radio actually runs on its own secure processor with signed, secure firmware satisfying FCC/RED requirements. It doesn't need to control what OS the user boots. Same thing for DRM: Measured boot with owner keys can provide attestation for banking/enterprise without requiring OEM-exclusive control.

In other words: lock what regulators actually require (the radio subsystem), not the owner's whole computer.

# What we really should demand?

Owner control of Secure Boot on all general-purpose computers (phones, tablets, laptops, desktops or any architecture):
Allow disabling Secure Boot, OR
Provide documented owner key enrollment (manage your own PK/KEK/db)

# Separation of concerns:

Radio/baseband firmware remains vendor-signed and isolated to meet FCC/RED
But this MUST NOT require OEM control of OS boot
Publish open interfaces, so third-party OSes can use radios, GPUs, cameras without proprietary, NDA-only drivers

# Standards-based attestation with owner keys:

Support measured boot (TPM/DICE) such that banking/enterprise/DRM can get integrity signals even on those third parties operating systems
Works with owner keys, not just OEM keys

# Right-to-repair / EOL:

When OEM updates end, devices MUST allow owner unlock or key enrollment
It enables secure third-party OSes to extend device life, reducing e-waste.

# Transparency:

We should have documented boot architectures and unlock procedures in accessible manuals, so open source implementation can develop properly.

# Why now?

If closed boot with OEM-only attestation becomes the default across phones and ARM PCs, it will be virtually impossible to reverse. We have a small window of opportunity to act now while ARM is still growing, before lock-down is irreversible.

Anchoring in the right place: EU's right-to-repair agenda, and associated cybersecurity frameworks CRA, RED. An argument for mandated secure defaults plus documented owner-control paths to achieve radio compliance via isolation of signed firmware - without justification of OS locking due to radio requirements.

# What you can actually do?

Contact your MEP: frame this in the context of

We Should Act Before The Irreversible Loss of Computing Ownership

I see a very strong trend in the industry: General-purpose computing is being locked down, and the trend is accelerating. It's not one particular manufacturer or architecture; it's systemic.

# The mobile ecosystem is getting worse.

Phones have always been bad, but it's getting worse. Most bootloaders are locked. OEMs make unlocking really painful or extremely punitive: voiding warranties or breaking features. Alternative OSes like postmarketOS have to struggle with proprietary driver blobs and zero hardware documentation. Android is also clamping down with integrity checks and API gating, even when independent software is technically side loadable.

# And it's now also spreading to laptops and desktops.

The same lock-down is following as ARM becomes mainstream in PCs. Apple migrated from UEFI, relatively open Intel Macs to iBoot, much more restrictive Apple Silicon. Linux runs via Asahi only because they reverse-engineered Apple's boot process; it's not a standard UEFI experience.

But this is not because ARM has to be closed. UEFI and Secure Boot work just fine on ARM. The ARM PCs running Windows use them today. Arm's SystemReady program makes ARM devices boot exactly like the x86 PCs. Lock-down is a deliberate product choice, not a technical requirement for the presence of this technology.

# 'Security' is a misleading term and a false justification

Manufacturers say they lock bootloaders for security, but x86 Windows PCs prove you can have secure defaults while letting owners disable Secure Boot or enroll their own keys. Security and openness are not in mutual exclusion; manufacturers simply choose restriction because it maintains control.

# OS lock-down is not justified by regulatory requirements.

Radios and DRM firmware can remain vendor-signed and isolated, but without locking the OS boot process. The baseband/radio actually runs on its own secure processor with signed, secure firmware satisfying FCC/RED requirements. It doesn't need to control what OS the user boots. Same thing for DRM: Measured boot with owner keys can provide attestation for banking/enterprise without requiring OEM-exclusive control.

In other words: lock what regulators actually require (the radio subsystem), not the owner's whole computer.

# What we really should demand?

* Owner control of Secure Boot on all general-purpose computers (phones, tablets, laptops, desktops or any architecture):
* Allow disabling Secure Boot, OR
* Provide documented owner key enrollment (manage your own PK/KEK/db)

# Separation of concerns:

* Radio/baseband firmware remains vendor-signed and isolated to meet FCC/RED
* But this MUST NOT require OEM control of OS boot
* Publish open interfaces, so third-party OSes can use radios, GPUs, cameras without proprietary, NDA-only drivers

# Standards-based attestation with owner keys:

* Support measured boot (TPM/DICE) such that banking/enterprise/DRM can get integrity signals even on those third parties operating systems
* Works with owner keys, not just OEM keys

# Right-to-repair / EOL:

* When OEM updates end, devices MUST allow owner unlock or key enrollment
* It enables secure third-party OSes to extend device life, reducing e-waste.

# Transparency:

* We should have documented boot architectures and unlock procedures in accessible manuals, so open source implementation can develop properly.

# Why now?

If closed boot with OEM-only attestation becomes the default across phones and ARM PCs, it will be virtually impossible to reverse. We have a small window of opportunity to act now while ARM is still growing, before lock-down is irreversible.

Anchoring in the right place: EU's right-to-repair agenda, and associated cybersecurity frameworks CRA, RED. An argument for mandated secure defaults plus documented owner-control paths to achieve radio compliance via isolation of signed firmware - without justification of OS locking due to radio requirements.

# What you can actually do?

* Contact your MEP: frame this in the context of

right-to-repair, sustainability, and fair competition
* Reference existing proof: Windows ARM PCs already use UEFI, x86 PCs allow management of Secure Boot. This is owner rights, not weakening of security. Secure boot can stay enabled with your own keys.

Agree? Shall we organize around this and actually act and push MEPs on it?

Btw, sorry if I made mistake, English isn’t my native language.
And I'm not a professional on those things too, I just gathered as much info as I could to understand the situation. So please correct me if I'm wrong.

https://redd.it/1opdl8f
@r_linux

Connex: GUI Wifi Manager Updated
https://redd.it/1opb7lz
@r_linux

sharing luks-tray -- a system tray app to manage LUKS containers

I'm sharing LUKS Tray—a Qt-based utility designed to bring easy, ready access to your encrypted LUKS containers. When I converted to LUKS, I missed VeraCrypt's handy tray utility; so I made a trimmed-down, but high-feature comparable tool to fill that gap.

Running luks-tray places a shield icon in your system tray, where its color indicates the overall state of your containers (Locked, Active, or Alert).Right-clicking its tray icon brings up a menu like this:

https://preview.redd.it/ramkvkqdphzf1.png?width=505&format=png&auto=webp&s=745173849f5c4782f3662af4c8d145287a860cf0

One click starts the mount or unmount process for both devices and file containers. LUKS Tray handles the messy cryptsetup/mount logic behind the scenes, remembers your preferred mount points (a huge time saver!), and offers optional master password encryption for saved credentials. It runs on many DEs/WMs, but how well depends on its system tray support.

Check out the docs and grab the package on PyPI: luks-tray · PyPI

https://redd.it/1opcqos
@r_linux

We are getting many new users. But are we losing any?

Like has anyone uninstalled Linux?

I think we should be discussing about cases and experiences like this. For one it may help the new user come back. Or it might raise awareness for an issue that needs to be solved.

https://redd.it/1opuwkb
@r_linux

who doesn't love freeing up some space
https://redd.it/1opviy4
@r_linux

KDE connect is the GOAT

After years of muscle memory on my phone lockscreen pattern, for whatever reason, today my brain decided to have permanent amnesia. Im now 8 hours away from next attempt and it looked like im gonna have to reset my phone along with all the data on it.

I tried normally connecting usb, adb, nothing worked.
That is when i realised i could try to access my phone's storage right through dolphin because i have kde connect installed. it worked. i would have like kde connect to unlock my phone as well but, worst case scenario avoided atleast. i can back up all the important stuff. its a bit slow over wifi, but atleast it works.

https://redd.it/1opvpws
@r_linux

LONG My First Year on Linux – A Retrospective

Today my daily driver turned 1 year old! I thought I'll take this opportunity to celebrate, reflect on how it's been going and share my experiences so far.

https://imgur.com/hqDOOW4

The why

I knew the end of win10 support was looming, and I was less than excited about the prospect of moving to win11. The removal of features previous versions of Windows had, and the addition features I did not want, the lower performance in games compared to win10, the horror stories of breaking updates, had me holding off the move for as long as I could. The gradual but consistent removal of user agency already had me frustrated on win10, and it only seemed to get worse with 11.

"Do you want to update and restart? Your options are Yes, and Yes, but later. Do you want me to ask again? Just kidding, I will anyways. Unless of course I notice your PC idling for an extended period of time, in which case I'll just do it without asking." Great.

"Oh you want to install the OS without logging into our servers? Nooo, no, I can't let you do that. Oh you're doing the little rain dance ritual in the terminal? Allright. Just this once. Oh now you want to have a vertical task bar? Lol. Lmao even. Not on my watch. Now get back to work on those documents I helpfully uploaded to my cloud servers for you." Ugh.

Then MS Recall hit the news. That one was a bit too much even for me, but at least I didn't need to care until I upgraded, right? Well, one article mentioned a command to check the service state. I punched it into the console for fun and.... "Feature Name: Recall. State: Enabled." Wait. What? On Windows 10? I didn't see anything? I went snooping around the system files, and there was only a skeleton folder with nothing functional in it, but in my mind that clearly meant they were preparing for something. Now a year later, it still hasn't manifested, so maybe it was just an accidental inclusion, who knows. Either way, that was the last straw for me.

The what

So. Now what. Apple was a contender, but the lack of user agency and vendor lock-in stays the same, barely any gaming is possible as far as I know, in addition to the rather high upfront cost for the hardware, and my desktop was barely a year old at that point, so that was out of the question. I don't hate on Apple, don't get me wrong, it's good hardware and their OS does many things right, it's just not ideal for the cheapskate tinkerer and gamer in me.

I was aware Linux existed though, from having rescued my win98 data from a broken drive using KNOPPIX over a decade ago. I also played around with Ubuntu on my Raspberry PI and ran a webserver for a while, so I knew how to "apt update && apt upgrade" and even "reboot", but that was pretty much the extent of my knowledge.

So I figured, If I'm going to do this, I'll have to start from the ground up with something easy, and I'll do it in a virtual machine, just to make sure I can handle it and see how I like it. Not knowing much about distros at that point, I just made sure to choose one from the debian family to keep the familiar package manager, and went with the one I saw recommended a lot- Linux Mint. So I spun up a VMWare VM, and for about two months, I booted into Windows, then immediately opened the VM and fullscreened it, and then just went about my daily business from there.

And that phase was surprisingly frictionless. The updates went through the familiar apt without a hitch. Installing Discord and Cinny went fine. Thunderbird synced mails from all my providers with ease. Brainrotting on Youtube worked just fine too. I did install Steam and tried gaming, but lacking proper GPU passthrough, that wasn't exactly a smooth experience. The games I tested did start though, so that was a good sign for the bare metal install.

So instead I spent some time just getting comfortable with the system, installing software, replacing parts of the system, breaking things and trying to fix them. I got rid of Cinnamon and installed Plasma for its customizability and just binged on all the

themes and funny cursors I could find. And that was unfortunately the point where I learned the price you pay for stability. At that time, I was reading news about the release of Plasma 6, with all the fancy features I needed, but all I could get from the repos was 5.27. Welp.

I love Mint. It has a special place in my heart now. I cannot stress enough how much I love the devs. Their default answer to any question I looked up seemed to be "Our professional opinion is that you shouldn't, but if you still want to, here's how." The level of respect you feel as a user is just something you don't get on Windows, or even many other distros. I still maintain one doesn't choose Mint over Ubuntu for any technical differences, but because of the amazing developers.

Anyways, at that point I have lurked enough on the subreddits and watched enough Linux Youtube to know about rolling release distros, and to have seen the Arch memes. I guess it wouldn't hurt to check it out. "Rolling releases..." Yep. "...targeted at the proficient GNU/Linux user, or anyone with a do-it-yourself attitude who is willing to read the documentation..." Okay, that's fine. "...a pragmatic distribution rather than an ideological one ... Evidence-based technical analysis and debate are what matter, not politics or popular opinion. " You know what, I love that. Add new VM.

It took hours of reading the installation guide, but actually, the installation difficulty was not as high as expected. Download the iso, format the drive, set locale, create a user, install the packages. Same steps as Mint, just without a GUI. Add Plasma on top, and it largely feels the same as my beloved Mint. But now everything is more up to date. Yeah I can do this. Time for the bare metal install.

The move

Exactly one year ago, I unplugged my Windows drive just to be sure. Picked an older SSD out of storage and plugged that in instead. Still wanted to keep my Windows drive, just in case. I copy pasted all commands I used in the VM into a text file and sent that to my phone, so the second time around very little reading was needed. The installation time dropped from hours to minutes. Pretty sure that was less work than clicking through a GUI installer. Kinda starting to enjoy this terminal thing.

With the install finished, I plug my Windows drive back in, set up my boot order to prefer Linux, and boot into my fresh system. Everything seems fine except... My mainboard and RAM are lit up like a christmas tree. The RGB versions were on sale and cheaper than the blacked out components, but the software I used on Windows to disable them doesn't exist on Linux. Ah. Didn't consider that.

Quick search later I learn about OpenRGB. Long search later and some help from the OpenRGB Discord, I learn that my RAM brand needs a specific kernel module blacklisted to work with OpenRGB, whatever that means. It does work though, and using the HardwareSync plugin, I can even mirror my Windows setup and have my RAM light up when my CPU reaches critical temperatures. Brilliant!

Next on the order of business, the horizontal scroll wheel on my Logitech mouse doesn't control the volume anymore. I tested this in the VM, I guess it was just properly passed through. On Linux, Logitech software doesn't exist, but Solaar does. Highjack the wheel, bind "XF86AudioRaiseVolume" and "XF86AudioLowerVolume" to "up" and "down" respectively et voila! Neat.

Next. My external drives aren't recognized. Quick rummage through the Arch wiki, and an install of ntfs-3g later, that issue is gone too. Everything else? Just... Works? Wifi works, GPU works, gamepad works, Euro Truck Sim Works, Flight Sim works, Stardew Valley and OpenTTD too. Don't really need much more. I could get used to this.

The Bash excursion

I used the terminal quite a bit to solve the arising issues by now, so at this point I wasn't afraid of it anymore and excited to explore it. Reading guides, looking at cheat sheets, watching "Top 100 console commands on Linux you NEED to know! You won't believe #69!" is great fun and I start to pick up