RSS 생중계

Apple is cutting its App Store fee from 30% to 15% for developers who join a new Mini Apps Partner Program, which requires using more of Apple's built-in technology to power lightweight "mini apps." "This includes using Apple software to register a user's purchase history, verify user ages and to process in-app purchases," reports CNBC. From the report: A "mini app" is a lightweight piece of software inside a third-party app store, like that of Discord's. These apps uses are built using web technology like HTML or Javascript. [...] Apple has argued that both developers and users are better off when using its technology and rules, instead of eschewing them to try to avoid fees. "This program is designed to help developers who host mini apps grow their business and further the availability of mini apps on the App Store -- all while providing a great customer experience," the company said in its announcement. [...] Participants in the new program will still have to provide Apple with information for each specific mini-app experience they offer.

Read more of this story at Slashdot.

LinkedIn is rolling out an AI-powered people search tool that lets users find connections by describing what they need instead of relying on names or titles. For example, you can enter a more descriptive search, such as "Northwestern alumni who work in entertaining marketing," or even pose a question, like "Who can help me understand the US work visa system." The Verge reports: LinkedIn senior director of product management Rohan Rajiv tells The Verge that the platform will rank results based on the connections you might have with someone, as well as their relevance to your search. [...] LinkedIn is rolling out AI-powered people search to Premium users in the US starting today, but the platform plans on bringing it to all users soon.

Read more of this story at Slashdot.

Greg Kroah-Hartman has announced the release of the 6.17.8 and 6.12.58 stable kernels. Each contains an important set of fixes. Users are advised to upgrade.

An anonymous reader quotes a report from TechCrunch: Jeff Bezos' Blue Origin has landed the booster of its New Glenn mega-rocket on a drone ship in the Atlantic Ocean on just its second attempt -- making it the second company to perform such a feat, following Elon Musk's SpaceX. It's an accomplishment that will help the new rocket system become an option to send larger payloads to space, the Moon, and beyond. Thursday's launch wasn't just about the landing attempt, though. Roughly 34 minutes after takeoff, the upper stage of New Glenn successfully deployed the rocket's first commercial payload: twin spacecraft for NASA that will travel to Mars to study the red planet's atmosphere. The pair of achievements are remarkable for the second-ever launch of such a massive rocket system. And it could put Blue Origin in position to compete with SpaceX, which dominates the world's launch market with its Falcon 9, Falcon Heavy, and Starship rockets. You can watch a recording of the launch here.

Read more of this story at Slashdot.

German Chancellor Friedrich Merz said Chinese suppliers such as Huawei will be excluded from the country's future telecommunication networks on security grounds as he pushes for more digital sovereignty. From a report: "We have decided within the government that everywhere it's possible we'll replace components, for example in the 5G network, with components we have produced ourselves," Merz told a business conference in Berlin on Thursday. "And we won't allow any components from China in the 6G network." Europe is increasingly concerned about its reliance on foreign technology, ranging from Asian semiconductors to US artificial intelligence and cloud infrastructure, as trade and geopolitical tensions threaten critical supply chains. Germany last year ordered telecom operators to remove Huawei equipment from their core networks, citing risks to national security. Berlin is now considering using public funds to pay Deutsche Telekom AG and others to strip out Chinese gear, Bloomberg News reported last month.

Read more of this story at Slashdot.

bobthesungeek76036 writes: Beijing's proposed regulation aims to tame rapid launches by forcing cars to boot up in a restricted performance mode after every ignition. Under a proposed update to the National Standard, every passenger car would need a default mode in which it takes no less than five seconds to reach 100 km/h (62 mph) at startup, unless the driver manually selects a quicker setting. The draft title "Technical Specifications for Power-Driven Vehicles Operating on Roads" appears to be part of a broader safety and road behavior initiative in China. It is intended to replace the current GB 7258-2017 standard that didn't impose such restrictions.

Read more of this story at Slashdot.

The Google Security Blog has a new post on just how well the use of Rust is working out for the Android project.

We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android's C and C++ code. But the biggest surprise was Rust's impact on software delivery. With Rust changes having a 4x lower rollback rate and spending 25% less time in code review, the safer path is now also the faster one.

Michael Burry, the investor made famous for his bet against the US housing market ahead of the 2008 financial crisis, is closing his hedge fund [non-paywalled source] as he warned that market valuations had become unhinged from fundamentals. From a report: Scion Asset Management this week terminated its registration with US securities regulators, according to a Securities and Exchange Commission database. Burry told investors that he would "liquidate the funds and return capital -- but for a small audit/tax holdback -- by year's end," according to two people with direct knowledge of a letter he sent to investors. "My estimation of value in securities is not now, and has not been for some time, in sync with the markets," said the letter, which was dated October 27. The move to close Scion comes as some investors have become concerned that markets are trading at frothy levels after years of strong returns. Those jitters flared up on Thursday, with the tech-heavy Nasdaq Composite sliding nearly 2%. Still, the big gains for tech stocks this year, driven by hopes that artificial intelligence will transform business and society, have left valuations at lofty heights compared with their average in recent years.

Read more of this story at Slashdot.

China's state-sponsored hackers used AI technology from Anthropic to automate break-ins of major corporations and foreign governments during a September hacking campaign, the company said Thursday. From a report: The effort focused on dozens of targets and involved a level of automation that Anthropic's cybersecurity investigators had not previously seen, according to Jacob Klein, the company's head of threat intelligence. Hackers have been using AI for years now to conduct individual tasks such as crafting phishing emails or scanning the internet for vulnerable systems, but in this instance 80% to 90% of the attack was automated, with humans only intervening in a handful of decision points, Klein said. The hackers conducted their attacks "literally with the click of a button, and then with minimal human interaction," Klein said. Anthropic disrupted the campaigns and blocked the hackers' accounts, but not before as many as four intrusions were successful. In one case, the hackers directed Anthropic's Claude AI tools to query internal databases and extract data independently.

Read more of this story at Slashdot.

An anonymous reader shares a report: Robinhood Markets is betting its Gen Z and millennial clientele are as eager to send out for delivery of a wad of cash as they are to order pizza or a pint of ice cream. The brokerage is joining with food-and-drink delivery app Gopuff to allow customers to withdraw cash from their Robinhood bank accounts and have it brought right to their door. For a $6.99 delivery fee -- or $2.99 if they have more than $100,000 in assets across their Robinhood accounts -- users can skip the ATM and have money delivered in a sealed paper bag while they are at home. It is a new feature that Robinhood first teased in March, when Chief Executive Vlad Tenev unveiled the company's plans to roll out many traditional and -- as with its cash-delivery service -- unconventional banking services.

Read more of this story at Slashdot.

The SUSE Security Team has published an in-depth article on its findings after reviewing a D-Bus service contained in LightDM Greeter by KDE (the lightdm-kde-greeter package) for addition to openSUSE Tumbleweed. The team found a privilege escalation from the lightdm service user to root, as well as other attack vectors in the service:

In agreement with upstream, we assigned CVE-2025-62876 to track the lightdm service user to root privilege escalation aspect described in this report. The severity of the issue is low, since it only affects defense-in-depth (if the lightdm service user were compromised) and the problematic logic can only be reached and exploited if triggered interactively by a privileged user.

The fixes are contained in the 6.0.4 release of the project.

Version 145 of the Thunderbird email client has been released. Notable changes in this release include enabling DNS over HTTPS, support for Microsoft Exchange via Exchange Web Services, and quite a few bug fixes. As of 145, the project is no longer shipping 32-bit binaries for Linux on x86.

Mozilla announced on Thursday that it is building an AI Window for Firefox, a new opt-in browsing mode that will let users interact with an AI assistant and chatbot. The feature will become one of three browsing experiences in Firefox alongside the existing classic and private windows. Users will be able to select which AI model they want to use in the AI Window, according to a post on the Mozilla Connect forum. The company opened a waitlist for users who want to receive updates and be among the first to test the feature. Mozilla described the AI Window as an "intelligent and user-controlled space" that it is developing in the open through community feedback. Users who try the feature and decide against it can switch it off entirely.

Read more of this story at Slashdot.

BrianFagioli writes: Popular privacy firm Proton is floating a plan on Reddit that should unsettle anyone who values privacy, writes Nerds.xyz. The company is considering recycling abandoned email addresses that were originally created by bots a decade ago. These addresses were never used, yet many of them are extremely common names that have silently collected misdirected emails, password reset attempts, and even entries in breach datasets. Handing those addresses to new owners today would mean that sensitive messages intended for completely different people could start landing in a stranger's inbox overnight. Proton says it's just gathering feedback, but the fact that this made it far enough to ask the community is troubling. Releasing these long-abandoned addresses would create confusion, risk exposure of personal data, and undermine the trust users place in a privacy focused provider. It's hard to see how Proton could justify taking a gamble with other people's digital identities like this.

Read more of this story at Slashdot.

Verizon is planning to cut roughly 15,000 jobs, looking to reduce costs as it contends with increased competition for wireless service and home internet, according to WSJ, which cites people familiar with the matter. From the report: The cuts, the largest ever for the carrier, are set to take place in the next week, the people said. The majority of the reduction is expected to be made through layoffs. Verizon also plans to transition about 200 stores into franchised operations, which will shift employees off its payroll. Verizon, the largest U.S. telecommunications provider by subscriber base, faces a fierce battle for both wireless and home internet customers. It has lost crucial postpaid phone subscribers for three consecutive quarters. Last month, Verizon named its lead independent director Daniel Schulman as its new chief executive officer. Schulman, a former CEO of PayPal and Virgin Mobile USA, has said he would aggressively reduce the company's entire cost base and take steps to reverse the customer losses.

Read more of this story at Slashdot.

Reddit cofounder Alexis Ohanian said he had serious doubts a decade ago about sharing the platform's data with Sam Altman. Ohanian recounted on the "Brew Markets" podcast that between 2015 and 2016, Altman asked Reddit to let him "aggressively scrape" the site's content. Altman had recently helped Reddit raise $50 million in a Series B round and was launching OpenAI as a nonprofit. Ohanian described Altman as "very smart" and "incredibly cunning" but questioned whether he was "the most philanthropically minded guy." The Reddit cofounder said he "felt in my bones" the company should refuse the request and debated internally about it against Steve Huffman. Ohanian said he "lost that debate." Reddit and OpenAI announced a formal licensing deal in 2024.

Read more of this story at Slashdot.

An anonymous reader shares a report: France has lifted its travel ban on Telegram founder Pavel Durov, who is under investigation over illegal content on his messaging app, judicial sources close to the case said Thursday. The entrepreneur, 41, was detained in Paris in 2024 and is under formal investigation by French authorities over the platform's alleged complicity in criminal activity. Durov, who was initially banned from leaving France, had his judicial control relaxed in July, allowing him to reside in the United Arab Emirates, where Telegram is based, for a maximum of two weeks at a time.

Read more of this story at Slashdot.

Many distributions provide support out of the proverbial box for Flatpak packages, but Fedora is unusual in that it also provides, and defaults, to its own repository of Fedora-built Flatpaks. This has been a source of confusion for Fedora users, who expect to get the Flatpak built by the original developers and hosted on Flathub. It has also been a source of conflict with upstream projects, because users complain of bugs in Flatpak packages they are not responsible for. The situation has also frustrated some Fedora developers, who would prefer to offer put Flathub's offerings first. A new complaint that Fedora has apparently used manifests from Flathub to build the packages for Fedora—without giving credit to the original authors—has spurred discussions about Fedora's Flatpaks once again. While no concrete changes are on the table, yet, there may be some movement toward addressing persistent complaints.

An anonymous reader shares a report: The Chinese electric car has become a symbol of the country's seemingly unstoppable rise on the world stage. Many observers point to their growing popularity as evidence that China is winning the race to dominate new technologies. But in China, these electric cars represent something entirely different: the profound threats that Beijing's meddling in markets poses to both China and the world. Bloated by excessive investment, distorted by government intervention, and plagued by heavy losses, China's EV industry appears destined for a crash. EV companies are locked in a cutthroat struggle for survival. Wei Jianjun, the chairman of the Chinese automaker Great Wall Motor, warned in May that China's car industry could tumble into a financial crisis; it "just hasn't erupted yet." To bypass government censorship of bad economic news, market analysts have opted for a seemingly anodyne term to describe the Chinese car industry's downward spiral: involution, which connotes falling in on oneself. What happens in China's EV sector promises to influence the entire global automobile market. China's emergence as the world's largest manufacturer of EVs highlights the serious challenge the country poses to even the most advanced industries in the U.S., Europe, and other rich economies. Given the vital role the car industry plays in economies around the world, and the jobs, supply chains, and technologies involved, the stakes are high. But the wobbles in China's EV sector demonstrate the downside of China's state-led economic model. China's government threw ample resources at the EV industry in the hopes of leapfrogging foreign rivals in the transition to battery-powered vehicles. The Center for Strategic and International Studies estimates that the government provided more than $230 billion of financial assistance to the EV sector from 2009 to 2023. The strategy worked: China's EV makers would likely never have grown as quickly as they have without this substantial state support. By comparison, the recent Republican-sponsored tax bill eliminated nearly all federal subsidies for EVs in the U.S. The problem is that China's program encouraged too much investment in the sector. Michael Dunne, the CEO of Dunne Insights, a California-based consulting firm focused on the EV industry, counts 46 domestic and international automakers producing EVs in China, far too many for even the world's second-largest economy to sustain.

Read more of this story at Slashdot.

Security updates have been issued by Debian (chromium and firefox-esr), Fedora (firefox, rubygem-rack, skopeo, and webkitgtk), Mageia (perl, perl-CPAN, perl-HTTP-Tiny, perl-Data-Entropy, perl-FCGI, perl-File-Find-Rule, perl-YAML-LibYAML, python-tornado, python-urllib3, python-pip, python3, and unbound), Oracle (ipa and kernel), Red Hat (container-tools:rhel8, krb5, openssl, pcs, podman, and runc), Slackware (mozilla), SUSE (binutils, kernel, netty, netty-tcnative, podman, python311-pdfminer, and tomcat11), and Ubuntu (bind9 and linux-aws-6.8).