XScreenSaver 5.44 Is Released With 3 New Screensavers
Jamie Zawinski, who created XScreenSaver in 1992 and still maintains it, has released a new minor version with three new screen savers and performance tweaks for six of the existing screensavers. There are also new color options for four screensavers and "various bug fixes" in this release.
XScreenSaver calls the various animations it can show on the screen while the screensaver is active "Hacks". XSreenSaver 5.44 has three new "hacks": "gibson", "etruscanvenus" and "scooter". The new screensavers add to an already very long list with 200+ different screensavers. There's also performance improvements to the screensaver eruption, fireworkx, halftone, hlo, moire2 and rc-bomb.
The complete changelog since XScreenSaver 5.43 was released in June 2019 is as follows:
- New hacks, gibson, etruscanvenus and scooter.
- BSOD supports Tivo and Nintendo.
- New color options in romanboy, projectiveplane, hypertorus and klein.
- macOS: Fixed “Use random screen saver” on macOS 10.15.
- iOS: Supports dark mode.
- iOS: Fixed image loading on iOS 13.
- iOS: Fixed rotation on iOS 13 (Apple incompatibly breaks rotation every two years as a matter of policy).
- Performance tweaks for eruption, fireworkx, halftone, halo, moire2, rd-bomb.
- X11: Always use $HOME/.xscreensaver, not getpwuid's directory.
- Various bug fixes.
XScreenSaver was the standard screensaver on GNU/Linux machines for two decades since its release in 1992. It is still somewhat relevant today even though all the major desktop environments (Cinnamon, GNOME, KDE Plasma, MATE and Xfce) come with their own screensaver programs since MATE and Xfce use screensavers from XScreenSaver. GNOME and KDE Plasma have dropped support for interesting screensavers in favor of a bank screen or, in KDEs case, a dull and soul-less lock-screen.
XScreenSaver is, to this day, my personal absolute favorite when it comes to embarrassing security blunders. XScreenSaver had a buffer overflow bug in the password field handler from its release in 1992 until 1998. You could simply type anything longer than 80 characters into the password field of a machine locked with XScreenSaver to make XScreenSaver crash and, in effect, unlock the machine. The XLOCALEDIR vulnerability in XScreenSaver versions <=4.08 which allowed local users to run any command as
root by creating a special XLOCALEDIR environment variable and running
xscreensaver is not even close to being as funny or embarrassing as the any long password that is long enough unlocks it blunder.
The source code for XScreenSaver 5.44 is available from XScreenSaver developer and Netscape co-founder Jamie Zawinski's website at jwz.org/xscreensaver/download.html.