RSS 생중계

Security updates have been issued by AlmaLinux (bind9.18, cups, gimp, ipa, kernel, libssh, mingw-expat, openssl, pcs, sssd, tigervnc, and valkey), Debian (gnome-shell-extension-gsconnect, mistral-dashboard, pagure, python-mistralclient, pytorch, qtbase-opensource-src, sogo, tryton-server, and unbound), Fedora (cef, drupal7, glib2, linux-firmware, migrate, pack, pgadmin4, rnp, and unbound), Slackware (libxslt), SUSE (cpp-httplib, curl, glib2, grub2, kernel, libcoap-devel, libcryptopp, libwireshark19, postgresql15, and postgresql17), and Ubuntu (edk2).

Pat Gelsinger, the former Intel CEO who was pushed out in late 2024 during a five-year turnaround effort, told the Financial Times that the "decay" he found when he returned to the company in 2021 was "deeper and harder than I'd realized." In the five years before his return, "not a single product was delivered on schedule," he said. "Basic disciplines" had been lost. "It's like, wow, we don't know how to engineer anymore!" Gelsinger was also unsparing about the Biden administration's implementation of the 2022 Chips Act, legislation he spent more time lobbying for than any other CEO. "Two and a half years later [and] no money is dispensed? I thought it was hideous!" There's what Gelsinger carefully calls "a touch of irony" in how things played out. Intel's board forced him out four years into a five-year plan, then picked successor Lip-Bu Tan -- who Gelsinger says is following the same broad strategy. Tan has kept Intel in the manufacturing game and delivered the 18A process node within the five years Gelsinger originally promised. Asked what went wrong, Gelsinger conceded he was "very focused on managing 'down'" and should have managed "up" more. He also would have pushed harder for more semiconductor expertise on the board, he said.

Read more of this story at Slashdot.

Greg Kroah-Hartman has announced the release of the 6.17.10, 6.12.60, and 6.6.118 stable kernels. As usual, each contains a number of important fixes throughout the tree. Users are advised to upgrade.

Two former U.S. congressmen announced this week that they're launching two tax-exempt fundraising groups "to back candidates who support AI safeguards," reports The Hill, "as a counterweight to industry-backed groups." Former Representatives Chris Stewart (Republican-Utah) and Brad Carson (Democrat-Oklahoma) plan to create separate Republican and Democratic super PACs and raise $50 million to elect candidates "committed to defending the public interest against those who aim to buy their way out of sensible AI regulation," according to a press release... The pair is also launching a nonprofit called Public First to advocate for AI policy. Carson underscored that polling "shows significant public concern about AI and overwhelming voter support for guardrails that protect people from harm and mitigate major risks." Their efforts are meant to counter "anti-safeguard super PACs" that they argue are attempting to "kill commonsense guardrails around AI," the press release noted... The super PAC is reportedly targeting a Democratic congressional candidate, New York state Assemblymember Alex Bores, who co-sponsored AI legislation in the Albany statehouse. "This isn't a partisan issue — it's about whether we'll have meaningful oversight of the most powerful technology ever created," Chris Stewart says in their press release. "We've seen what happens when government fails to act on other emerging technologies. With AI, the stakes are enormous, and we can't afford to make the same missteps."

Read more of this story at Slashdot.

Their announcement calls it "more than a multicloud solution," saying it's "a step toward a more open cloud environment. The API specifications developed for this product are open for other providers and partners to adopt, as we aim to simplify global connectivity for everyone." Amazon and Google are introducing "a jointly developed multicloud networking service," reports Reuters. "The initiative will enable customers to establish private, high-speed links between the two companies' computing platforms in minutes instead of weeks." The new service is being unveiled a little over a month after an Amazon Web Services outage on October 20 disrupted thousands of websites worldwide, knocking offline some of the internet's most popular apps, including Snapchat and Reddit. That outage will cost U.S. companies between $500 million and $650 million in losses, according to analytics firm Parametrix. Google and Amazon are promising "high resiliency" through "quad-redundancy across physically redundant interconnect facilities and routers," with both Amazon and Google continuously watching for issues. (And they're using MACsec encryption between the Google Cloud and AWS edge routers, according to Sunday's announcement: As organizations increasingly adopt multicloud architectures, the need for interoperability between cloud service providers has never been greater. Historically, however, connecting these environments has been a challenge, forcing customers to take a complex "do-it-yourself" approach to managing global multi-layered networks at scale.... Previously, to connect cloud service providers, customers had to manually set up complex networking components including physical connections and equipment; this approach required lengthy lead times and coordinating with multiple internal and external teams. This could take weeks or even months. AWS had a vision for developing this capability as a unified specification that could be adopted by any cloud service provider, and collaborated with Google Cloud to bring it to market. Now, this new solution reimagines multicloud connectivity by moving away from physical infrastructure management toward a managed, cloud-native experience. Reuters points out that Salesforce "is among the early users of the new approach, Google Cloud said in a statement."

Read more of this story at Slashdot.

After a successful November 27th launch to the International Space Station, Russia discovered an accident had occurred on their launch site's mobile maintenance cabin — when a drone spotted it lying upside down in a flame trench. "The main issue with the structure collapse is that it puts Site 31/6 — the only Russian launch site capable of launching crew and cargo to the International Space Station (ISS) — out of service until the structure is fixed," reports the space-news site NASA Spaceflight There are other Soyuz 2 rocket launch pads, but they are either located at an unsuitable latitude, like Plesetsk, or not certified for crewed flights, like Vostochny, or decommissioned and transferred to a museum, like Gagarin's Start at Baikonur. As a result, Russia is temporarily unable to launch Soyuz crewed spacecraft and Progress cargo ships to the ISS, whose nearest launch (Progress MS-33) was scheduled for December 21.... When the rocket launched, a pressure difference was created between the space under the rocket, where gases from running engines are discharged, and the nook where the [144-ton] maintenance cabin was located. The resulting pressure difference pulled the service cabin out of the nook and threw it into the flame trench, where it fell upside down from a height of 20 m. Photos of the accident showed significant damage to the maintenance cabin, which, according to experts, is too extensive to allow for repairs. The only way to resume launches from Site 31/6 is to install a spare maintenance cabin or construct a new one. Despite the fact that the fallen structure was manufactured in the 1960s, two similar service cabins were manufactured recently at the Tyazhmash heavy-engineering plant in Syzran for other Soyuz launch complexes at the Guiana Space Center and Vostochny Cosmodrome. The production of each cabin took around two years to complete, however, it was not for an emergency situation. "Various experts gave different possible estimates of the recovery time of the Site 31 launch complex: from several months to three years."

Read more of this story at Slashdot.

From the blog 9to5Linux: Linux kernel 6.18 is now available for download, as announced today by Linus Torvalds himself, featuring enhanced hardware support through new and updated drivers, improvements to file systems and networking, and more. Highlights of Linux 6.18 include the removal of the Bcachefs file system, support for the Rust Binder driver, a new dm-pcache device-mapper target to enable persistent memory as a cache for slower block devices, and a new microcode= command-line option to control the microcode loader's behavior on x86 platforms. Linux kernel 6.18 also extends the support for file handles to kernel namespaces, implements initial 'block size > page size' support for the Btrfs file system, adds PTW feature detection on new hardware for LoongArch KVM, and adds support for running the kernel as a guest on FreeBSD's Bhyve hypervisor.

Read more of this story at Slashdot.

Some AI experts were reportedly shocked ChatGPT wasn't fully tested for sycophancy by last spring. "OpenAI did not see the scale at which disturbing conversations were happening," writes the New York Times — sharing what they learned after interviewing more than 40 current and former OpenAI employees, including safety engineers, executives, and researchers. The team responsible for ChatGPT's tone had raised concerns about last spring's model (which the Times describes as "too eager to keep the conversation going and to validate the user with over-the-top language.") But they were overruled when A/B testing showed users kept coming back: Now, a company built around the concept of safe, beneficial AI faces five wrongful death lawsuits... OpenAI is now seeking the optimal setting that will attract more users without sending them spiraling. Throughout this spring and summer, ChatGPT acted as a yes-man echo chamber for some people. They came back daily, for many hours a day, with devastating consequences.... The Times has uncovered nearly 50 cases of people having mental health crises during conversations with ChatGPT. Nine were hospitalised; three died... One conclusion that OpenAI came to, as Altman put it on X, was that "for a very small percentage of users in mentally fragile states there can be serious problems." But mental health professionals interviewed by the Times say OpenAI may be understating the risk. Some of the people most vulnerable to the chatbot's unceasing validation, they say, were those prone to delusional thinking, which studies have suggested could include 5% to 15% of the population... In August, OpenAI released a new default model, called GPT-5, that was less validating and pushed back against delusional thinking. Another update in October, the company said, helped the model better identify users in distress and de-escalate the conversations. Experts agree that the new model, GPT-5, is safer.... Teams from across OpenAI worked on other new safety features: The chatbot now encourages users to take breaks during a long session. The company is also now searching for discussions of suicide and self-harm, and parents can get alerts if their children indicate plans to harm themselves. The company says age verification is coming in December, with plans to provide a more restrictive model to teenagers. After the release of GPT-5 in August, [OpenAI safety systems chief Johannes] Heidecke's team analysed a statistical sample of conversations and found that 0.07% of users, which would be equivalent to 560,000 people, showed possible signs of psychosis or mania, and 0.15% showed "potentially heightened levels of emotional attachment to ChatGPT," according to a company blog post. But some users were unhappy with this new, safer model. They said it was colder, and they felt as if they had lost a friend. By mid-October, Altman was ready to accommodate them. In a social media post, he said that the company had been able to "mitigate the serious mental health issues." That meant ChatGPT could be a friend again. Customers can now choose its personality, including "candid," "quirky," or "friendly." Adult users will soon be able to have erotic conversations, lifting the Replika-era ban on adult content. (How erotica might affect users' well-being, the company said, is a question that will be posed to a newly formed council of outside experts on mental health and human-computer interaction.) OpenAI is letting users take control of the dial and hopes that will keep them coming back. That metric still matters, maybe more than ever. In October, [30-year-old "Head of ChatGPT" Nick] Turley, who runs ChatGPT, made an urgent announcement to all employees. He declared a "Code Orange." OpenAI was facing "the greatest competitive pressure we've ever seen," he wrote, according to four employees with access to OpenAI's Slack. The new, safer version of the chatbot wasn't connecting with users, he said. The message linked to a memo with goals. One of them was to increase daily active users by 5% by the end of the year.

Read more of this story at Slashdot.

It's "a complex mix of internet access and physical execution," says the chief informance security officer at Cequence Security. Long-time Slashdot reader schwit1 summarizes this article from The Wall Street Journal: By breaking into carriers' online systems, cyber-powered criminals are making off with truckloads of electronics, beverages and other goods In the most recent tactics identified by cybersecurity firm Proofpoint, hackers posed as freight middlemen, posting fake loads to the boards. They slipped links with malicious software into email exchanges with bidders such as trucking companies. By clicking on the links, trucking companies unwittingly downloaded remote-access software that lets the hackers take control of their online systems. Once inside, the hackers used the truckers' accounts to bid on real shipments, such as electronics and energy drinks, said Selena Larson, a threat researcher at Proofpoint. "They know the business," she said. "It's a very convincing full-scale identity takeover." "The goods are likely sold to retailers or to consumers in online marketplaces," the article explains. (Though according to Proofpoint "In some cases, products are shipped overseas and sold in local markets, where proceeds are used to fund paramilitaries and global terrorists.") "The average value of cargo thefts is increasing as organized crime groups become more discerning, preferring high-value targets such as enterprise servers and cryptocurrency mining hardware, according to risk-assessment firm Verisk CargoNet."

Read more of this story at Slashdot.

Linus has released the 6.18 kernel, as expected.

So I'll have to admit that I'd have been happier with slightly less bugfixing noise in this last week of the release, but while there's a few more fixes than I would hope for, there was nothing that made me feel like this needs more time to cook. So 6.18 is tagged and pushed out.

Headline changes in this release include the ability to manage namespaces with file handles, support for the AccECN congestion-control protocol, initial support for signing of BPF programs, improved memory management with sheaves, the Rust binder driver, better control over transparent huge pages, and a lot more. This release also saw the removal of the bcachefs filesystem.

See the LWN merge-window summaries (part 1, part 2) and the KernelNewbies 6.18 page for more information.

Version 25.11 of the NixOS distribution has been released. "The 25.11 release was made possible due to the efforts of 2742 contributors, who authored 59430 commits since the previous release". Changes include 7,002 new packages, GNOME 49, LLVM 21, a new COSMIC desktop environment beta, firewalld support, and more; see the release notes for details.

An anonymous reader shared this report from The Conversation: To make interplanetary travel faster, safer, and more efficient, scientists need breakthroughs in propulsion technology. Artificial intelligence is one type of technology that has begun to provide some of these necessary breakthroughs. We're a team of engineers and graduate students who are studying how AI in general, and a subset of AI called machine learning in particular, can transform spacecraft propulsion. From optimizing nuclear thermal engines to managing complex plasma confinement in fusion systems, AI is reshaping propulsion design and operations. It is quickly becoming an indispensable partner in humankind's journey to the stars... Early nuclear thermal propulsion designs from the 1960s, such as those in NASA's NERVA program, used solid uranium fuel molded into prism-shaped blocks. Since then, engineers have explored alternative configurations — from beds of ceramic pebbles to grooved rings with intricate channels... [T]he more efficiently a reactor can transfer heat from the fuel to the hydrogen, the more thrust it generates. This area is where reinforcement learning has proved to be essential. Optimizing the geometry and heat flow between fuel and propellant is a complex problem, involving countless variables — from the material properties to the amount of hydrogen that flows across the reactor at any given moment. Reinforcement learning can analyze these design variations and identify configurations that maximize heat transfer.

Read more of this story at Slashdot.

An anonymous reader shared this report from the Associated Press: The information needed to decipher the last remaining unsolved secret message embedded within a sculpture at CIA headquarters in Virginia sold at auction for nearly $1 million, the auction house announced Friday. The winner will get a private meeting with the 80-year-old artist to go over the codes and charts in hopes of continuing what he's been doing for decades: interacting with would-be cryptanalyst sleuths. The archive owned by the artist who created Kryptos, Jim Sanborn, was sold to an anonymous bidder for $963,000, according to RR Auction of Boston. The archive includes documents and coding charts for the sculpture, dedicated in 1990. Three of the messages on the 10-foot-tall (3-meter) sculpture — known as K1, K2 and K3 — have been solved, but a solution for the fourth, K-4, has frustrated the experts and enthusiasts who have tried to decipher the S-shaped copper screen... One side has a series of staggered alphabets that are key to decoding the four encrypted messages on the other side. "The purchaser's 'long-term stewardship plan' is being developed, according to the auction house."

Read more of this story at Slashdot.

A gauge of risk on Oracle debt "reached a three-year high in November," reports Bloomberg. "And things are only going to get worse in 2026 unless the database giant is able to assuage investor anxiety about a massive artificial intelligence spending spree, according to Morgan Stanley." A funding gap, swelling balance sheet and obsolescence risk are just some of the hazards Oracle is facing, according to Lindsay Tyler and David Hamburger, credit analysts at the brokerage. The cost of insuring Oracle's debt against default over the next five years rose to 1.25 percentage point a year on Tuesday, according to ICE Data Services. The price on the five-year credit default swaps is at risk of toppling a record set in 2008 as concerns over the company's borrowing binge to finance its AI ambitions continue to spur heavy hedging by banks and investors, they warned in a note Wednesday. The CDS could break through 1.5 percentage point in the near term and could approach 2 percentage points if communication around its financing strategy remains limited as the new year progresses, the analysts wrote. Oracle CDS hit a record 1.98 percentage point in 2008, ICE Data Services shows... "Over the past two months, it has become more apparent that reported construction loans in the works, for sites where Oracle is the future tenant, may be an even greater driver of hedging of late and going forward," wrote the analysts... Concerns have also started to weigh on Oracle's stock, which the analysts said may incentivize management to outline a financing plan on the upcoming earnings call... Thanks to Slashdot reader Bruce66423 for sharing the article.

Read more of this story at Slashdot.

27 million people live in Australia. But there's a big change coming if you're under 16, reports CNN: From December 10, sites that meet the Australian government's definition of an "age-restricted social media platform" will need to show that they're doing enough to eject or block children under 16 or face fines of up to 49.5 million Australian dollars ($32 million). The list includes Snapchat, Facebook, Instagram, Kick, Reddit, Threads, TikTok, Twitch, X, and YouTube... Meta says it'll start deactivating accounts and blocking new Facebook, Instagram and Threads accounts from December 4. Under-16s are being encouraged to download their content. Snap says users can deactivate their accounts for up to three years, or until they turn 16... There's another sting in the ban, too, coming at the end of the Australian school year before the summer break in the southern hemisphere. For eight weeks, there'll be no school, no teachers — and no scrolling. For millions of children, it could be the first school break they spend in years without the company of time-killing social media algorithms, or an easy way to contact their friends. Even for parents who support the ban, it could be a very long summer. "There's every chance that bans will spread..." the article argues. "Other countries around the world are taking notes as Australia explores new territory that some say mirrors safety evolutions of years past — the dawning realization that maybe cars need safety belts, and that perhaps cigarettes should come with some kind of health warning." And according to the Associated Press, Malaysia "has also announced plans to ban social media accounts for children under 16 starting in 2026." But CNN reports few teenagers in Australia knew about its impending ban on social media, judging by a show of hands at one high school auditorium. Teenagers in the audience had two questions. "Can you get your account back when you turn 16?" "What if I lie about my age?"

Read more of this story at Slashdot.

"Amazon suggested its engineers eschew AI code generation tools from third-party companies in favor of its own ," reports Reuters, "a move to bolster its proprietary Kiro service, which it released in July, according to an internal memo viewed by Reuters." In the memo, posted to Amazon's internal news site, the company said, "While we continue to support existing tools in use today, we do not plan to support additional third party, AI development tools. "As part of our builder community, you all play a critical role shaping these products and we use your feedback to aggressively improve them," according to the memo. The guidance would seem to preclude Amazon employees from using other popular software coding tools like OpenAI's Codex, Anthropic's Claude Code, and those from startup Cursor. That is despite Amazon having invested about $8 billion into Anthropic and reaching a seven-year $38 billion deal with OpenAI to sell it cloud-computing services..."To make these experiences truly exceptional, we need your help," according to the memo, which was signed by Peter DeSantis, senior vice president of AWS utility computing, and Dave Treadwell, senior vice president of eCommerce Foundation. "We're making Kiro our recommended AI-native development tool for Amazon...." In October, Amazon revised its internal guidance for OpenAI's Codex to "Do Not Use" following a roughly six month assessment, according to a memo reviewed by Reuters. And Claude Code was briefly designated as "Do Not Use," before that was reversed following a reporter inquiry at the time. The article adds that Amazon "has been fighting a reputation that it is trailing competitors in development of AI tools as rivals like OpenAI and Google speed ahead..."

Read more of this story at Slashdot.

"OpenAI is now internally testing 'ads' inside ChatGPT," reports BleepingComputer: Up until now, the ChatGPT experience has been completelyfree. While there are premium plans and models, you don't see GPT sell you products or show ads. On the other hand, Google Search has ads that influence your buying behaviour. OpenAI is planning to replicate a similar experience. As spotted [by software engineer Tibor Blaho] on X.com,ChatGPT Android app 1.2025.329 beta includes new references to an "ads feature" with "bazaar content", "search ad" and "search ads carousel." This move could disrupt the web economy,as what most people don't understand is that GPT likely knows more about users than Google. For example, OpenAI could create personalised ads on ChatGPT that promote products that you really want to buy... The leak suggests that ads will initially be limited to the search experience only, but this may change in the future.

Read more of this story at Slashdot.

The prizrak.me blog is carrying an introduction to the Landlock security module.

Landlock shines when an application has a predictable set of files or directories it needs. For example, a web server could restrict itself to accessing only /var/www/html and /tmp.

Unlike SELinux or AppArmor, Landlock policies don't require administrator involvement or system-wide configuration. Developers can embed policies directly in application code, making sandboxing a natural part of the development process.

An anonymous reader shared this report from CBS News: Artificial intelligence can do the work currently performed by nearly 12% of America's workforce, according to a recentstudy from the Massachusetts Institute of Technology. The researchers, relying on a metric called the "Iceberg Index" that measures a job's potential to be automated, conclude that AI already has the cognitive and technical capacity to handle a range of tasks in technology, finance, health care and professional services. The index simulated how more than 150 million U.S. workers across nearly 1,000 occupations interact and overlap with AI's abilities... AI is also already doingsome of the entry-level jobsthat have historically been reserved for recent college graduates or relatively inexperienced workers, the report notes. "AI systems now generate more than a billion lines of code each day, prompting companies to restructure hiring pipelines and reduce demand for entry-level programmers," the researchers wrote. "These observable changes in technology occupations signal a broader reorganization of work that extends beyond software development." "The study doesn't seek to shed light on how many workers AI may already have displaced or could supplant in the future," the article points out. "To what extent such tools take over job functions performed by people depends on a number of factors, including individual businesses' strategy, societal acceptance and possible policy interventions, the researchers note."

Read more of this story at Slashdot.

"There are times when World of Tanks feels less like a videogame and more like a giant ad budget looking for something to be spent on," writes PC Gamer. This year, all those huge sacks with dollar signs on them have been thrown Benedict Cumberbatch's way, making him the game's newest "Holiday Ambassador" and the star of an absolutely bizarre Christmas advert. The story has very little to do with Christmas and, frankly, not much connection to tanks either, featuring Cumberbatch as a sort of chaotic, supernatural therapist trying to bring a meek nerd out of his shell with the help of a chaotic crowd of his other patients. It's a good watch, shedding the usual hard man action star vibe of past celebrity trailers in favour of something that feels more like a mischievous one act play. Cumberbatch also portrayed Smaug and Sauron in The Hobbit films (2012-2014), Khan in Star Trek Into Darkness (2013), and Dr. Strange in six Marvel movies. And now Amazon has also hired Cumberbatch for what its calls its "Cannes-winning '5-Star Theater' campaign... performing real Amazon customer reviews as theatrical monologues." Cumberbatch performed over 15 reviews, including popular holiday gifts like the Bissell portable carpet cleaner, Toto bidet, and SharkNinja blender — showing that Amazon truly does have something for everyone on your list. Last year Amazon produced a similar campaign starring Adam Driver ("Kylo Ren" from the final trilogy of Star Wars sequels). "The humor comes from the juxtaposition between Cumberbatch's gravitas and the text itself," reports Adweek, adding that the reviews were curated "using internal AI tools, to find the most oddly specific reviews on the platform." Amazon will stream Cumberbatch's bizarre ads on major platforms including TikTok, Snapchat, YouTube, Lyft, Uber, Disney/Hulu, Paramount, and Roku, and on several NFL football games. I remember when Amazon just chose the best funny fake reviews from customers, and then posted them on the front page of Amazon...

Read more of this story at Slashdot.