RSS 생중계

An anonymous reader quotes a report from Ars Technica: It has become a common refrain during Google's antitrust saga: What happened to "don't be evil?" Google's unofficial motto has haunted it as it has grown ever larger, but a shareholder lawsuit sought to rein in some of the company's excesses. And it might be working. The plaintiffs in the case have reached a settlement with Google parent company Alphabet, which will spend a boatload of cash on "comprehensive" reforms. The goal is to steer Google away from the kind of anticompetitive practices that got it in hot water. Under the terms of the settlement, obtained by Bloomberg Law, Alphabet will spend $500 million over the next 10 years on systematic reforms. The company will have to form a board-level committee devoted to overseeing the company's regulatory compliance and antitrust risk, a rarity for US firms. This group will report directly to CEO Sundar Pichai. There will also be reforms at other levels of the company that allow employees to identify potential legal pitfalls before they affect the company. Google has also agreed to preserve communications. Google's propensity to use auto-deleting chats drew condemnation from several judges overseeing its antitrust cases. The agreement still needs approval from US District Judge Rita Lin in San Francisco, but that's mainly a formality at this point. Naturally, Alphabet does not admit to any wrongdoing under the terms of the settlement, but it may have to pay tens of millions in legal fees on top of the promised $500 million investment.

Read more of this story at Slashdot.

Microsoft, CrowdStrike, Palo Alto Networks, and Google announced Monday they will create a public glossary standardizing the nicknames used for state-sponsored hacking groups and cybercriminals. The initiative aims to reduce confusion caused by the proliferation of disparate naming conventions across cybersecurity firms, which have assigned everything from technical designations like "APT1" to colorful monikers like "Cozy Bear" and "Kryptonite Panda" to the same threat actors. The companies hope to bring additional industry partners and the U.S. government into the effort to streamline identification of digital espionage groups.

Read more of this story at Slashdot.

Snowflake's growth among large enterprise customers faces a significant bottleneck tied to the sluggish replacement cycles of existing on-premises data warehouse systems, according to finance vice president Jimmy Sexton. Speaking at a Jefferies conference, Sexton explained that while the cloud data company secured two deals worth more than $100 million each in the financial services sector during its latest quarter, such migrations unfold over multiple years as "cumbersome projects."

Read more of this story at Slashdot.

An anonymous reader shares a report: Internet service provider Frontier Communications agreed to settle a lawsuit filed by major record labels that demanded mass disconnections of broadband users accused of piracy. Universal, Sony, and Warner sued Frontier in 2021. In a notice of settlement filed last week in US District Court for the Southern District of New York, the parties agreed to dismiss the case with prejudice, with each side to pay its own fees and costs. The record labels and Frontier simultaneously announced a settlement of similar claims in a Bankruptcy Court case in the same district. Frontier also settled with movie companies in April of this year, just before a trial was scheduled to begin. (Frontier exited bankruptcy in 2021.) [...] Regardless of what is in the agreement, the question of whether ISPs should have to crack down more harshly on users accused of piracy could be decided by the US Supreme Court.

Read more of this story at Slashdot.

Automated web-scraping bots seeking training data for AI models are flooding scientific databases and academic journals with traffic volumes that render many sites unusable. The online image repository DiscoverLife, which contains nearly 3 million species photographs, started receiving millions of daily hits in February this year that slowed the site to the point that it no longer loaded, Nature reported Monday. The surge has intensified since the release of DeepSeek, a Chinese large language model that demonstrated effective AI could be built with fewer computational resources than previously thought. This revelation triggered what industry observers describe as an "explosion of bots seeking to scrape the data needed to train this type of model." The Confederation of Open Access Repositories reported that more than 90% of 66 surveyed members experienced AI bot scraping, with roughly two-thirds suffering service disruptions. Medical journal publisher BMJ has seen bot traffic surpass legitimate user activity, overloading servers and interrupting customer services.

Read more of this story at Slashdot.

Version 3.22.0 of the Alpine Linux distribution has been released. Notable changes in this release include the removal of the X11 session for KDE Plasma, a switch to systemd-efistub, and experimental support for user services with the OpenRC init system. See the release notes for a detailed list of changes.

Kees Cook's "hardening fixes" pull request for the 6.16 merge window looked like a straightforward exercise; it only contained four commits. So just about everybody was surprised when it resulted in Cook being temporarily blocked from his kernel.org account among fears of malicious activity. When the dust settled, though, the red alert was canceled. It turns out, surprisingly, that Git is a tool with which one can inflict substantial self-harm in a moment of inattention.

Microsoft will require all USB-C ports on Windows 11 certified laptops and tablets to support data transfer, charging, and display functionality under updated hardware compatibility program rules. The mandate targets devices shipping with Windows 11 24H2 and aims to eliminate what Microsoft -- and the industry -- calls "USB-C port confusion," where identical-looking ports offer different capabilities across PC manufacturers. The Windows Hardware Compatibility Program updates also require USB 40Gbps ports to maintain full compatibility with both USB4 and Thunderbolt 3 peripherals.

Read more of this story at Slashdot.

Apple has filed an appeal with the European Union's General Court in Luxembourg challenging the bloc's order requiring greater iOS interoperability with rival companies' products under the Digital Markets Act. The EU executive in March directed Apple to make its mobile operating system more compatible with competitors' apps, headphones, and virtual reality headsets by granting developers and device makers access to system components typically reserved for Apple's own products. Apple contends the requirements threaten its seamless user experience while creating security risks, noting that companies have already requested access to sensitive user data including notification content and complete WiFi network histories. The company faces potential fines of up to 10% of its worldwide annual revenue if found in violation of the DMA's interoperability rules designed to curb Big Tech market power.

Read more of this story at Slashdot.

Software patents and workarounds for them are, once again, causing headaches for open-source projects and users. This time around, Fedora users have been vulnerable to a serious flaw in the OpenH264 library for months—not for want of a fix, but because of the Rube Goldberg machine methodology of distributing the library to Fedora users. The software is open source under a two-clause BSD license; the RPMs are built and signed by Fedora, but the final product is distributed by Cisco, so the company can pick up the tab for license fees. Unfortunately, a breakdown in the process of handing RPMs to Cisco for distribution has left Fedora users vulnerable, and inaction on Fedora's part has left users unaware that they are at risk.

An anonymous reader shares a report: Business Insider announced this week that it wants staff to better incorporate AI into its journalism. But less than a year ago, the company had to quietly apologize to some staff for accidentally recommending that they read books that did not appear to exist but instead may have been generated by AI. In an email to staff last May, a senior editor at Business Insider sent around a list of what she called "Beacon Books," a list of memoirs and other acclaimed business nonfiction books, with the idea of ensuring staff understood some of the fundamental figures and writing powering good business journalism. Many of the recommendations were well-known recent business, media, and tech nonfiction titles such as Too Big To Fail by Andrew Ross Sorkin, DisneyWar by James Stewart, and Super Pumped by Mike Isaac. But a few were unfamiliar to staff. Simply Target: A CEO's Lessons in a Turbulent Time and Transforming an Iconic Brand by former Target CEO Gregg Steinhafel was nowhere to be found. Neither was Jensen Huang: the Founder of Nvidia, which was supposedly published by the company Charles River Editors in 2019.

Read more of this story at Slashdot.

A new analysis argues that Stack Overflow's decline began years before AI tools delivered the "final blow" to the once-dominant programming forum. The site's monthly questions dropped from a peak of 200,000 to a steep collapse that began in earnest after ChatGPT's 2023 launch, but usage had been declining since 2014, according to data cited in the InfoWorld analysis. The platform's remarkable reputation system initially elevated it above competitors by allowing users to earn points and badges for helpful contributions, but that same system eventually became its downfall, the piece argues. As Stack Overflow evolved into a self-governing platform where high-reputation users gained moderation powers, the community transformed from a welcoming space for developer interaction into what the author compares to a "Stanford Prison Experiment" where moderators systematically culled interactions they deemed irrelevant.

Read more of this story at Slashdot.

A new business model has emerged across China's major cities, El Pais reports, where companies charge unemployed individuals to rent desk space and pretend to work, responding to social pressure around joblessness amid rising youth unemployment rates. These services charge between 30 and 50 yuan ($4-7) daily for desks, Wi-Fi, coffee, and lunch in spaces designed to mimic traditional work environments. Some operations assign fictitious tasks and organize supervisory rounds to enhance the illusion, while premium services allow clients to roleplay as managers or stage workplace conflicts for additional fees. The trend has gained significant traction on Xiaohongshu, China's equivalent to Instagram, where advertisements for "pretend-to-work companies" accumulate millions of views. Youth unemployment reached 16.5% among 16-to-24-year-olds in March 2025, according to National Bureau of Statistics data, while overall urban unemployment stood at 5.3% in the first quarter.

Read more of this story at Slashdot.

Security updates have been issued by Debian (espeak-ng, kitty, kmail-account-wizard, krb5, libreoffice, libvpx, net-tools, python-flask-cors, symfony, tcpdf, thunderbird, and twitter-bootstrap3), Fedora (chromium, dropbear, firefox, gstreamer1-plugins-bad-free, python-tornado, systemd, and thunderbird), Mageia (coreutils, deluge, glib2.0, and redis), Oracle (firefox, kernel, and systemd), Red Hat (firefox, kernel, kernel-rt, varnish, varnish:6, and zlib), SUSE (bind, curl, dnsdist, docker, ffmpeg-7, firefox, glibc, golang-github-prometheus-alertmanager, govulncheck-vulndb, icinga2, iputils, java-11-openjdk, java-1_8_0-ibm, kea, kernel, libopenssl-3-devel, libsoup, libxml2, nodejs-electron, open-vm-tools, openbao, perl-Net-Dropbox-API, pluto, poppler, postgresql14, postgresql15, postgresql16, postgresql17, python312-setuptools, runc, s390-tools, skopeo, sqlite3, thunderbird, and unbound), and Ubuntu (apport and libphp-adodb).

"If the adoption of AI feels different from any tech revolution you may have experienced before — mobile, social, cloud computing — it actually is," writes TechCrunch. They cite a new 340-page report from venture capitalist Mary Meeker that details how AI adoption has outpaced any other tech in human history — and uses the word "unprecedented" on 51 pages: ChatGPT reaching 800 million users in 17 months: unprecedented. The number of companies and the rate at which so many others are hitting high annual recurring revenue rates: also unprecedented. The speed at which costs of usage are dropping: unprecedented. While the costs of training a model (also unprecedented) is up to $1 billion, inference costs — for example, those paying to use the tech — has already dropped 99% over two years, when calculating cost per 1 million tokens, she writes, citing research from Stanford. The pace at which competitors are matching each other's features, at a fraction of the cost, including open source options, particularly Chinese models: unprecedented... Meanwhile, chips from Google, like its TPU (tensor processing unit), and Amazon's Trainium, are being developed at scale for their clouds — that's moving quickly, too. "These aren't side projects — they're foundational bets," she writes. "The one area where AI hasn't outpaced every other tech revolution is in financial returns..." the article points out. "[T]he jury is still out over which of the current crop of companies will become long-term, profitable, next-generation tech giants."

Read more of this story at Slashdot.

Adam Riess won a Nobel Prize in Physics for helping discover that the universe's acceleration is expanding, remembers The Atlantic. But then theorists "proposed the existence of dark energy: a faint, repulsive force that pervades all of empty space... the final piece to what has since come to be called the 'standard model of cosmology.'" Riess thinks instead we should just replace the standard model: When I visited Riess, back in January, he mentioned he was looking forward to a data release from the Dark Energy Spectroscopic Instrument, a new observatory on Kitt Peak, in Arizona's portion of the Sonoran Desert. DESI has 5,000 robotically controlled optic fibers. Every 20 minutes, each of them locks onto a different galaxy in the deep sky. This process is scheduled to continue for a total of five years, until millions of galaxies have been observed, enough to map cosmic expansion across time... DESI's first release, last year, gave some preliminary hints that dark energy was stronger in the early universe, and that its power then began to fade ever so slightly. On March 19, the team followed up with the larger set of data that Riess was awaiting. It was based on three years of observations, and the signal that it gave was stronger: Dark energy appeared to lose its kick several billion years ago. This finding is not settled science, not even close. But if it holds up, a "wholesale revision" of the standard model would be required [says Colin Hill, a cosmologist at Columbia University. "The textbooks that I use in my class would need to be rewritten." And not only the textbooks — the idea that our universe will end in heat death has escaped the dull, technical world of academic textbooks. It has become one of our dominant secular eschatologies, and perhaps the best-known end-times story for the cosmos. And yet it could be badly wrong. If dark energy weakens all the way to zero, the universe may, at some point, stop expanding. It could come to rest in some static configuration of galaxies. Life, especially intelligent life, could go on for a much longer time than previously expected. If dark energy continues to fade, as the DESI results suggest is happening, it may indeed go all the way to zero, and then turn negative. Instead of repelling galaxies, a negative dark energy would bring them together into a hot, dense singularity, much like the one that existed during the Big Bang. This could perhaps be part of some larger eternal cycle of creation and re-creation. Or maybe not. The point is that the deep future of the universe is wide open... "Many new observations will come, not just from DESI, but also from the new Vera Rubin Observatory in the Atacama Desert, and other new telescopes in space. On data-release days for years to come, the standard model's champions and detractors will be feverishly refreshing their inboxes..." And Riess tells The Atlantic he's disappointed when complacent theorists just tell him "Yeah, that's a really hard problem." He adds, "Sometimes, I feel like I am providing clues and killing time while we wait for the next Einstein to come along."

Read more of this story at Slashdot.

An anonymous reader shared this report from The Hacker News: Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU). Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems. "These race conditions allow a local attacker to exploit a SUID program and gain read access to the resulting core dump," Saeed Abbasi, manager of product at Qualys TRU, said... Red Hat said CVE-2025-4598 has been rated Moderate in severity owing to the high complexity in pulling an exploit for the vulnerability, noting that the attacker has to first win the race condition and be in possession of an unprivileged local account... Qualys has also developed proof-of-concept code for both vulnerabilities, demonstrating how a local attacker can exploit the coredump of a crashed unix_chkpwd process, which is used to verify the validity of a user's password, to obtain password hashes from the /etc/shadow file. Advisories were also issued by Gentoo, Amazon Linux, and Debian, the article points out. (Though "It's worth noting that Debian systems aren't susceptible to CVE-2025-4598 by default, since they don't include any core dump handler unless the systemd-coredump package is manually installed.") Canonical software security engineer Octavio Galland explains the issue on Canonical's blog. "If a local attacker manages to induce a crash in a privileged process and quickly replaces it with another one with the same process ID that resides inside a mount and pid namespace, apport will attempt to forward the core dump (which might contain sensitive information belonging to the original, privileged process) into the namespace... In order to successfully carry out the exploit, an attacker must have permissions to create user, mount and pid namespaces with full capabilities." Canonical's security team has released updates for the apport package for all affected Ubuntu releases... We recommend you upgrade all packages... The unattended-upgrades feature is enabled by default for Ubuntu 16.04 LTS onwards. This service: - Applies new security updates every 24 hours automatically. - If you have this enabled, the patches above will be automatically applied within 24 hours of being available.

Read more of this story at Slashdot.

"The Doctor is dead. Long live the Doctor!" writes Space.com. (Spoilers ahead...) "The era of Ncuti Gatwa's Fifteenth Doctor came to a surprise end on Saturday night, as the Time Lord regenerated at the end of "Doctor Who" season 2 finale... [T]he Doctor gradually realises that not everything is back to normal. Poppy, his daughter with Belinda Chandra in the "Wish World" fantasy, has been erased from history, so the Time Lord decides to sacrifice himself by firing a ton of regeneration energy into the time Vortex to "jolt it one degree" — and hopefully bring her back. It goes without saying that his madcap scheme saves Poppy, as we learn that, in this rewritten timeline, the little girl was always the reason Belinda had been desperate to get back home. But arguably the biggest talking point of the episode — and, indeed, the season — is saved until last, as the Doctor regenerates into a very familiar face... Hint: They played the Doctor's companion, Rose Tyler, "alongside Christopher Eccleston's Ninth Doctor and David Tennant's Tenth Doctor during the phenomenally successful first two seasons of the show's 2005 reboot." Showrunner Russell T Davies called it "an honour and a hoot" to welcome back Billie Piper to the TARDIS, "but quite how and why and who is a story yet to be told. After 62 years, the Doctor's adventures are only just beginning!" Although the show's post-regeneration credits have traditionally featured the line "And introducing [insert name] as the Doctor", here it simply says "And introducing Billie Piper". The omission of "as the Doctor" is unlikely to be accidental, suggesting that Davies is playing a very elaborate game with "Who" fandom... Another mystery! The BBC and Disney+ are yet to confirm if and when "Doctor Who" will return for a third season of its current iteration. "There's no decision until after season two..." Davies told Radio Times in April (as spotted by the Independent). "That's when the decision is — and the decision won't even be made by the people we work with at Disney Plus, it'll be made by someone in a big office somewhere. So literally nothing happening, no decision." "For a new series to be ready for 2026, production would need to get under way relatively soon," writes the BBC. "So at the moment a new series or a special starring Billie Piper before 2027 looks unlikely." The Guardian adds: Concerns have been raised about falling viewing figures, which have struggled to rally since Russell T Davies' return in 2023. Two episodes during this series, which aired in May, got less than 3 million viewers — the lowest since the modern era began airing in 2005. The Independent has this statement from Piper: "It's no secret how much I love this show, and I have always said I would love to return to the Whoniverse as I have some of my best memories there, so to be given the opportunity to step back on that Tardis one more time was just something I couldn't refuse, but who, how, why and when, you'll just have to wait and see."

Read more of this story at Slashdot.

An anonymous reader shared this report from Space.com: Three world travelers, two Space Camp alums and an aerospace executive whose last name aptly matched their shared adventure traveled into space and back Saturday, becoming the latest six people to fly with Blue Origin, the spaceflight company founded by billionaire Jeff Bezos. Mark Rocket joined Jaime Alemán, Jesse Williams, Paul Jeris, Gretchen Green and Amy Medina Jorge on board the RSS First Step — Blue Origin's first of two human-rated New Shepard capsules — for a trip above the Kármán Line, the 62-mile-high (100-kilometer) internationally recognized boundary between Earth and space... Mark Rocket became the first New Zealander to reach space on the mission. His connection to aerospace goes beyond his apt name and today's flight; he's currently the CEO of Kea Aerospace and previously helped lead Rocket Lab, a competing space launch company to Blue Origin that sends most of its rockets up from New Zealand. Alemán, Williams and Jeris each traveled the world extensively before briefly leaving the planet today. An attorney from Panama, Alemán is now the first person to have visited all 193 countries recognized by the United Nations, traveled to the North and South Poles, and now, have been into space. For Williams, an entrepreneur from Canada, Saturday's flight continued his record of achieving high altitudes; he has summitted Mt. Everest and five of the other six other highest mountains across the globe. "For about three minutes, the six NS-32 crewmates experienced weightlessness," the article points out, "and had an astronaut's-eye view of the planet..." On social media Blue Origin notes it's their 12th human spaceflight, "and the 32nd flight of the New Shepard program."

Read more of this story at Slashdot.

Stack Overflow remains in the midst of big changes to counter an AI-fueled drop in engagement. So "We're wondering what kind of online communities Stack Overflow users continue to support in the age of AI," writes their senior analyst, "and whether AI is becoming a closer companion than ever before." For their 15th year of their annual reader survey, this means "we're not just collecting data; we're reflecting on the last year of questions, answers, hallucinations, job changes, tech stacks, memory allocations, models, systems and agents — together..." Is it an AI agent revolution yet? Are you building or utilizing AI agents? We want to know how these intelligent assistants are changing your daily workflow and if developers are really using them as much as these keynote speeches assume. We're asking if you are using these tools and where humans are still needed for common developer tasks. Career shifts: We're keen to understand if you've considered a career change or transitioned roles and if AI is impacting your approach to learning or using existing tools. Did we make up the difference in salaries globally for tech workers...? They're also re-visiting "a key finding from recent surveys highlighted a significant statistic: 80% of developers reported being unhappy or complacent in their jobs." This raised questions about changing office (and return-to-office) culture and the pressures of the industry, along with whether there were any insights into what could help developers feel more satisfied at work. Prior research confirmed that flexibility at work used to contribute more than salary to job satisfaction, but 2024's results show us that remote work is not more impactful than salary when it comes to overall satisfaction... [For some positions job satisfaction stayed consistent regardless of salary, though it increased with salary for other positions. And embedded developers said their happiness increased when they worked with top-quality hardware, while desktop developers cited "contributing to open source" and engineering managers were happier when "driving strategy".] In 2024, our data showed that many developers experienced a pay cut in various roles and programming specialties. In an industry often seen as highly lucrative, this was a notable shift of around 7% lower salaries across the top ten reporting countries for the same roles. This year, we're interested in whether this trend has continued, reversed, or stabilized. Salary dynamics is an indicator for job satisfaction in recent surveys of Stack Overflow users and understanding trends for these roles can perhaps improve the process for finding the most useful factors contributing to role satisfaction outside of salary. And of course they're asking about AI — while noting last year's survey uncovered this paradox. "While AI usage is growing (70% in 2023 vs. 76% in 2024 planning to or currently using AI tools), developer sentiment isn't necessarily following suit, as 77% in of all respondents in 2023 are favorable or very favorable of AI tools for development compared to 72% of all respondents in 2024." Concerns about accuracy and misinformation were prevalent among some key groups. More developers learning to code are using or are interested in using AI tools than professional developers (84% vs. 77%)... Developers with 10 — 19 years experience were most likely (84%) to name "increase in productivity" as a benefit of AI tools, higher than developers with less experience (<80%)... Is it an AI agent revolution yet? Are you building or utilizing AI agents? We want to know how these intelligent assistants are changing your daily workflow and if developers are really using them as much as these keynote speeches assume. We're asking if you are using these tools and where humans are still needed for common developer tasks.

Read more of this story at Slashdot.