RSS 생중계

The United States will withdraw from UNESCO for the second time in eight years, with the departure taking effect December 31, 2026. The State Department announced the decision yesterday, ending the country's brief two-year return to the Paris-based United Nations science and cultural organization. The US previously withdrew from UNESCO in 2017, cutting off more than 22% of the agency's funding. The American contribution now represents 8% of UNESCO's current $900 million annual budget, making the financial impact less severe than the earlier withdrawal.

Read more of this story at Slashdot.

alternative_right shares a report from France 24: A suspected administrator of a top Russian-language cybercrime forum, XSS.is, has been arrested in Ukraine with the help of French police and Europol, French prosecutors said on Wednesday. Industry experts describe XSS.is as one of the longest-running dark web forums. "On Tuesday July 22, a person suspected of being the administrator of the Russian-language cybercrime forum XSS.is was arrested as part of a criminal investigation opened by the Paris public prosecutor's office," Paris prosecutor Laure Beccuau said in a statement. "Active since 2013, this forum was one of the main hubs for global cybercrime. The forum also operated an encrypted Jabber messaging server, facilitating anonymous exchanges between cybercriminals." "A judicial investigation was opened on November 9, 2021 on charges of complicity in attacks on an automated data processing system, organised extortion, and criminal conspiracy," Beccuau said. "The intercepted messages revealed numerous illicit activities related to cybercrime and ransomware, and established that they generated at least $7 million in profits."

Read more of this story at Slashdot.

Palmer Luckey, known for founding Oculus and defense-tech firm Anduril, is now eyeing U.S.-manufactured laptops as his next venture. While past American laptops have largely relied on foreign components, Luckey is exploring the possibility of building a fully "Made in USA" device that meets strict FTC standards -- though doing so may cost a premium. Tom's Hardware reports: ["Would you buy a Made In America computer from Anduril for 20% more than Chinese-manufactured options from Apple?" asked Luckey in a post on X.] Luckey previously asked the same question at the Reindustrialize Summit, a conference whose website said it was devoted to "convening the brightest and most motivated minds at the intersection of technology and manufacturing," which shared a clip of Luckey discussing the subject, wherein he talks about the extensive research he has already done around building a PC in the U.S. Luckey wouldn't be the first to make a laptop in the U.S. (PCMag collected a list of domestic PCs, including laptops, in 2021.) But those products use components sourced from elsewhere; they're assembled in the U.S. rather than manufactured there. That distinction matters, according to the Made in USA Standard published by the Federal Trade Commission. To quote: "For a product to be called Made in USA, or claimed to be of domestic origin without qualifications or limits on the claim, the product must be 'all or virtually all' made in the U.S. [which] means that the final assembly or processing of the product occurs in the United States, all significant processing that goes into the product occurs in the United States, and all or virtually all ingredients or components of the product are made and sourced in the United States. That is, the product should contain no -- or negligible -- foreign content." How much more would you be willing to pay for a laptop that was truly made in America?

Read more of this story at Slashdot.

Inside this week's LWN.net Weekly Edition:

• Front: Debian's security processes; Tor; Immutability for Python; CPU scheduler; QUIC; Rust abstractions.
• Briefs: Brief news items from throughout the community.
• Announcements: Newsletters, conferences, security updates, patches, and more.

An anonymous reader quotes a report from Gizmodo: Robert F. Kennedy Jr., the Secretary of Health and Human Services, has made a big push to get agencies like the Food and Drug Administration to use generative artificial intelligence tools. In fact, Kennedy recently told Tucker Carlson that AI will soon be used to approve new drugs "very, very quickly." But a new report from CNN confirms all our worst fears. Elsa, the FDA's AI tool, is spitting out fake studies. CNN spoke with six current and former employees at the FDA, three of whom have used Elsa for work that they described as helpful, like creating meeting notes and summaries. But three of those FDA employees told CNN (paywalled) that Elsa just makes up nonexistent studies, something commonly referred to in AI as "hallucinating." The AI will also misrepresent research, according to these employees. "Anything that you don't have time to double-check is unreliable. It hallucinates confidently," one unnamed FDA employee told CNN. [...] Kennedy's Make America Healthy Again (MAHA) commission issued a report back in May that was later found to be filled with citations for fake studies. An analysis from the nonprofit news outlet NOTUS found that at least seven studies cited didn't even exist, with many more misrepresenting what was actually said in a given study. We still don't know if the commission used Elsa to generate that report. FDA Commissioner Marty Makary initially deployed Elsa across the agency on June 2, and an internal slide leaked to Gizmodo bragged that the system was "cost-effective," only costing $12,000 in its first week. Makary said that Elsa was "ahead of schedule and under budget" when he first announced the AI rollout. But it seems like you get what you pay for. If you don't care about the accuracy of your work, Elsa sounds like a great tool for allowing you to get slop out the door faster, generating garbage studies that could potentially have real consequences for public health in the U.S. CNN notes that if an FDA employee asks Elsa to generate a one-paragraph summary of a 20-page paper on a new drug, there's no simple way to know if that summary is accurate. And even if the summary is more or less accurate, what if there's something within that 20-page report that would be a big red flag for any human with expertise? The only way to know for sure if something was missed or if the summary is accurate is to actually read the report. The FDA employees who spoke with CNN said they tested Elsa by asking basic questions like how many drugs of a certain class have been approved for children. Elsa confidently gave wrong answers, and while it apparently apologized when it was corrected, a robot being "sorry" doesn't really fix anything.

Read more of this story at Slashdot.

Thingiverse, a popular 3D printing file repository, has agreed to remove downloadable gun designs following pressure from Manhattan DA Alvin Bragg, who is pushing for stricter moderation and voluntary cooperation across the 3D printing industry. "However, it's unlikely to slow the proliferation of 3D printed weapons, as many other sites offer downloadable gun designs and parts," reports The Register. From the report: Earlier this year, Bragg wrote to 3D printing companies, asking them to ensure their services can't be used to create firearms. On Saturday, Bragg announced that one such company, Thingiverse, would remove working gun models from its site. The company operates a popular free library of 3D design files and had already banned weapons in its terms of use, but is now promising to improve its moderation procedures and technology. "Following discussions with the Manhattan District Attorney's Office about concerns around untraceable firearms, we are taking additional steps to improve our content moderation efforts," Thingiverse said in a statement. "As always, we encourage our users to report any content that may be harmful." [...] At any rate, while Thingiverse may be popular among 3D printing mavens, people who like to build their own guns look to other options. [...] Bragg's approach to 3D printing sites and 3D printer manufacturers is to seek voluntary cooperation. Only Thingiverse and YouTube have taken up his call, others may or may not follow. "While law enforcement has a primary role to play in stopping the rise of 3D-printed weapons, this technology is rapidly changing and evolving, and we need the help and expertise of the private sector to aid our efforts," Bragg said. "We will continue to proactively reach out to and collaborate with others in the industry to reduce gun violence throughout Manhattan and keep everyone safe." But it seems doubtful that the sites where Aranda and other 3D gun makers get their files will be rushing to help Bragg voluntarily.

Read more of this story at Slashdot.

T-Mobile has officially launched its Starlink-powered "T-Satellite" service nationwide, offering off-grid text messaging and location-sharing to both customers and non-customers. The service is currently $10/month (soon to be $15), supports over 60 devices, and will expand to include voice and "satellite-optimized" apps. The Verge reports: Your device will automatically connect to T-Satellite if you're in an area with no cellular coverage. As long as there isn't a heavy amount of cloud coverage or trees blocking your view of the sky, you should be able to send and receive text messages, including to 911, as well as share a link that temporarily tracks your location. T-Mobile's support page says the ability to send pictures is available on "most" Android phones, and the company plans on adding support for more devices soon. T-Mobile is also aiming to enable voice messages and will eventually allow devices to connect to "satellite-optimized" apps, which it previously said could include AllTrails, Accuweather, and WhatsApp. The more than 650 Starlink satellites used by T-Mobile cover the continental US, Hawaii, parts of southern Alaska, and Puerto Rico. The carrier says it's working on offering satellite connectivity while abroad and in international waters as well. [...] In order to use T-Satellite, you'll need to have an unlocked device with support for eSIMs and satellite connectivity.

Read more of this story at Slashdot.

Julian LeFay, widely regarded as the "Father of The Elder Scrolls," has died at age 59 following a battle with cancer. IGN reports: It was announced last week that LeFay, now co-founder and technical producer at OnceLost Games, had stepped back from game development after a lengthy battle with cancer, in order to spend time with his family and loved ones. A statement from OnceLost Games, published today, has now confirmed LeFay's passing -- "with profound sadness and heavy hearts." Born in Denmark in 1965, LeFay began his career working on early Amiga and NES games, before becoming one of Bethesda's earliest employees in 1987. After working on a string of Elder Scrolls titles, his career next took him to Sega, and then ultimately to found OnceLost Games in 2019 to develop a new open-world RPG, Wayward Realms, that was successfully pitched on Kickstarter as a Daggerfall spiritual successor. "Julian LeFay was not just a colleague -- he was a visionary who fundamentally shaped the gaming industry as we know it today," OnceLost Games' statement reads. "Known as the 'Father of The Elder Scrolls', Julian directed the creation of legendary titles including Elder Scrolls 1 and 2: Arena, Daggerfall, and Battlespire. His pioneering work established the foundation for open-world RPGs and influenced countless developers and games that followed." Bethesda also issued a statement, writing: "Without Julian, we would not be here today. If you had the opportunity to work with Julian, you were blessed to know a one-of-a-kind force of nature, who pushed everyone to create something special. His work and spirit will live on both in our memories and in our games."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Hacking is hard. Well, sometimes. Other times, you just call up a company's IT service desk and pretend to be an employee who needs a password reset, an Okta multifactor authentication reset, and a Microsoft multifactor authentication reset... and it's done. Without even verifying your identity. So you use that information to log in to the target network and discover a more trusted user who works in IT security. You call the IT service desk back, acting like you are now this second person, and you request the same thing: a password reset, an Okta multifactor authentication reset, and a Microsoft multifactor authentication reset. Again, the desk provides it, no identity verification needed. So you log in to the network with these new credentials and set about planting ransomware or exfiltrating data in the target network, eventually doing an estimated $380 million in damage. Easy, right? According to The Clorox Company, which makes everything from lip balm to cat litter to charcoal to bleach, this is exactly what happened to it in 2023. But Clorox says that the "debilitating" breach was not its fault. It had outsourced the "service desk" part of its IT security operations to the massive services company Cognizant -- and Clorox says that Cognizant failed to follow even the most basic agreed-upon procedures for running the service desk. In the words of a new Clorox lawsuit, Cognizant's behavior was "all a devastating lie," it "failed to show even scant care," and it was "aware that its employees were not adequately trained." "Cognizant was not duped by any elaborate ploy or sophisticated hacking techniques," says the lawsuit, using italics to indicate outrage emphasis. "The cybercriminal just called the Cognizant Service Desk, asked for credentials to access Clorox's network, and Cognizant handed the credentials right over. Cognizant is on tape handing over the keys to Clorox's corporate network to the cybercriminal -- no authentication questions asked." [...] The new lawsuit, filed in California state courts, wants Cognizant to cough up millions of dollars to cover the damage Clorox says it suffered after weeks of disruption to its factories and ordering systems. (You can read a brief timeline of the disruption here.)

Read more of this story at Slashdot.

The New York Stock Exchange and Nasdaq have applied for regulatory permission to extend their trading hours to 22 and 24 hours daily, respectively. Nasdaq expects to implement round-the-clock trading from the second half of 2026. The London Stock Exchange is considering similar extensions, according to Financial Times. Several retail brokers already facilitate overnight trading through alternative platforms and "dark pools" -- off-exchange venues that operate during non-standard hours. Robinhood began offering all-night trading for select stocks in May 2023, while Charles Schwab announced plans to expand its overnight trading service to 1,100 securities this July. Economist argues that 24/7 trading is a bad idea. The publication writes: The problem with such trading is that price discovery can be fraught with difficulty. In fact, this is partly why institutional investors like dark pools: their lighter reporting requirements, compared with exchanges, allow big orders to be executed without alerting the wider market beforehand, which would move the price. Professionals taking the other side of these trades accept the risks and know how to navigate them. Amateurs, getting a worse price than they might have done in daylight, often do not. The witching hours are currently when all manner of dull, but vital, post-trade processes take place, from settlement and valuation to the reconciliation of mistakes. Once trading is non-stop, there will be no pause for the financial plumbing to clear. Nor for traders to rest in the knowledge that the market is resting with them, so there is no need to refresh their screens. In today's always-on world, stock exchanges' limited opening hours might seem old-fashioned. But get ready to miss them once they're gone.

Read more of this story at Slashdot.

Internet outages spiked during the second quarter of 2025, driven by government-mandated shutdowns, infrastructure failures, and technical glitches, according to Cloudflare's quarterly disruption report. Government restrictions returned after a quiet first quarter, with Libya, Iran, Iraq, Syria, and Panama imposing internet cutoffs for reasons ranging from protest suppression to exam security. A massive power outage on April 28 knocked Spain's internet traffic down 80% and Portugal's by 90%, with service restored around 1 a.m. the following day. Cable damage caused complete outages for Digicel in Haiti and a 90-minute disruption for Airtel in Malawi. Several major outages went unexplained, including an eight-hour blackout at SkyCable in the Philippines and a nationwide outage at Thai provider TrueMove H, with companies providing no official explanations for the service failures.

Read more of this story at Slashdot.

ItsJustAPseudonym shares a Reuters story:The International Cycling Union (UCI) has intensified its fight against mechanical doping, employing intelligence-driven methods to combat increasingly sophisticated alleged cheating in professional cycling. ItsJustAPseudonym adds: They call the use of hidden motors "mechanical doping". In 2010 it led to the ban of a rider from Belgium who had a hidden motor in her seat-tube during a cyclocross event. "It's a bit of a technological arms race. Components are getting lighter, smaller. Easier to conceal, which is harder to detect", according to Nick Raudenski, the UCI Head of the Fight Against Technological Fraud.

Read more of this story at Slashdot.

An anonymous reader shares a report: Sony is testing a Power Saver mode for the PlayStation 5, explaining in a new PlayStation Blog update that the option will permit games to run with lower power consumption. While the upcoming feature was revealed as part of the system update beta, the feature will not be available during the beta phase. However, when the feature does hit your console, players will gain access to a new option called Power Saver. With Power Saver enabled, "supported PS5 games will scale back performance and will allow your PS5 to reduce its power consumption," explained Shuzo Kikuchi, VP of product management at Sony Interactive Entertainment. "If not enabled, or if games do not support the feature, the performance will not be scaled back and power consumption will not be reduced." As for what scaled-back performance actually means, SIE indicates that VR mode will be unavailable and that "some gameplay features may be limited." So that's one very clear change, and one vague, game-specific change.

Read more of this story at Slashdot.

A landmark decision by a top UN court has cleared the way for countries to sue each other over climate change, including over historic emissions of planet-warming gases. BBC: But the judge at the International Court of Justice in the Hague, Netherlands on Wednesday said that untangling who caused which part of climate change could be difficult. The ruling is non-binding but legal experts say it could have wide-ranging consequences. It will be seen as a victory for countries that are very vulnerable to climate change, who came to court after feeling frustrated about lack of global progress in tackling the problem.

Read more of this story at Slashdot.

Richard van der Hoff, a member of the team that runs the Matrix.org homeserver, has written a detailed blog post about diagnosing and fixing a problem where Matrix rooms would simply stop working:

We know that there are plenty of users out there who will have been affected by the problem, and found themselves unable to communicate as a result. We very much share your frustration, and we'd like to apologise for the disruption to service.

With that said, we're glad that we were able to get to the bottom of most of the problem, and get the lost data restored within a relatively short time. If nothing else, hopefully this blog post will be of use to future generations faced with Postgres index corruption!

Meta researchers published findings in Nature Wednesday detailing a wristband prototype that controls computers through hand gestures by reading electrical signals from forearm muscles. The device uses surface electromyography to detect signals from alpha motor neurons in the spinal cord that connect to muscle fibers, allowing users to move cursors with wrist turns, open applications with thumb-to-forefinger taps, and write text by tracing letters in the air. The technology, developed at Meta's Reality Labs, trained neural networks on data from 10,000 participants to identify common muscle signal patterns. The wristband works without individual calibration across most users and can detect intended movements before physical motion occurs. Meta demonstrated the device controlling its Orion augmented reality glasses last fall and plans product integration over the next few years.

Read more of this story at Slashdot.

A cyber-espionage campaign exploiting unpatched Microsoft SharePoint vulnerabilities has breached approximately 400 organizations worldwide, including the US National Nuclear Security Administration, according to Netherlands-based cybersecurity firm Eye Security. The figure represents a four-fold increase from 100 organizations cataloged over the weekend, with researchers calling it likely an undercount since not all attack vectors leave detectable artifacts. Microsoft identified three Chinese groups -- state-backed Linen Typhoon and Violet Typhoon, plus China-based Storm-2603 -- as exploiting the vulnerabilities in on-premises SharePoint servers to steal authentication credentials and execute malicious code remotely. The campaign began July 7 and was first detected July 18 when Eye Security found unusual activity on a customer's server. Victims include the US Energy Department, Education Department, Florida's Department of Revenue, Rhode Island General Assembly, and European and Middle Eastern governments.

Read more of this story at Slashdot.

Providing security updates for a Linux distribution, such as Debian, involves a lot of work behind the scenes—and requires much more than simply shipping the latest code. On July 15, at DebConf25 in Brest, France, Samuel Henrique walked through the process of providing security updates to users; he discussed how Debian learns about security vulnerabilities, decides on the best response, and the process of sending out updates to keep its users safe. He also provided guidance on how others could get involved.

Australia is offering visas to Tuvalu citizens each year under a climate migration deal Canberra has billed as "the first agreement of its kind anywhere in the world." From a report: "We received extremely high levels of interest in the ballot with 8,750 registrations, which includes family members of primary registrants," the Australian high commission in Tuvalu said in a statement. The figure is equal to 82 percent of the country's 10,643 population, according to census figures collected in 2022. "With 280 visas offered this program year, it means that many will miss out," the commission said. One of the most climate-threatened corners of the planet, scientists fear Tuvalu will be uninhabitable within the next 80 years. Two of the archipelago's nine coral atolls have already largely disappeared under the waves.

Read more of this story at Slashdot.

The Home Assistant project has published an update on improvements in its Android app, and plans for upcoming releases:

In our latest update of the Android app 2025.7.1, we've added a couple of useful features. Including a new basic invite flow, which will be shared between Android and iOS, adding a good layer of consistency between our most-used companion apps. The idea is to make it much more seamless to add new users or set up new devices (no need to type the URL in your Android Automotive device!).

We've also made My Links work better. If you're unfamiliar with My Links, they're those cool links (that anyone can make) that bring you right to an integration, blueprint, add-on, or settings page. They have always worked great on desktop, but up until recently, they were a bit clunky to use on mobile. Now you can get to the link's destination with a single click.

LWN looked at Home Assistant in May.