RSS 생중계

The Open Source Initiative (OSI) has announced the results of its recent board of directors election. Ruth Suehle and McCoy Smith are new to the board, while Carlo Piana will serve another term. The results, however, seem tainted in the eyes of some participants and observers. The election has been plagued by missteps from the beginning and has culminated with the exclusion of three candidates for failing to meet a requirement added after the election was over to sign the OSI board agreement before results were tallied or announced.

Higher use of chatbots like ChatGPT may correspond with increased loneliness and less time spent socializing with other people, according to new research from OpenAI in partnership with the Massachusetts Institute of Technology. From a report: Those who spent more time typing or speaking with ChatGPT each day tended to report higher levels of emotional dependence on, and problematic use of, the chatbot, as well as heightened levels of loneliness, according to research released Friday. The findings were part of a pair of studies conducted by researchers at the two organizations and have not been peer reviewed. San Francisco-based OpenAI sees the new studies as a way to get a better sense of how people interact with, and are affected by, its popular chatbot. "Some of our goals here have really been to empower people to understand what their usage can mean and do this work to inform responsible design," said Sandhini Agarwal, who heads OpenAI's trustworthy AI team and co-authored the research. To conduct the studies, the researchers followed nearly 1,000 people for a month.

Read more of this story at Slashdot.

The U.S. Treasury Department's sanctions watchdog removed cryptocurrency mixing tool Tornado Cash from its global blacklist on Friday, following a federal appeals court ruling last November that the Office of Foreign Asset Control couldn't sanction its smart contracts. Despite the delisting of over 100 Ethereum addresses from the Specially Designated Nationals list, Treasury Secretary Scott Bessent emphasized continuing concerns about North Korea's digital asset theft operations. "We remain deeply concerned about the significant state-sponsored hacking and money laundering campaign aimed at stealing, acquiring, and deploying digital assets for the Democratic People's Republic of Korea," Treasury stated. Roman Storm, Tornado Cash co-founder, still faces a July criminal trial for his alleged development role. A Treasury court filing Monday had warned that completely lifting sanctions could have "significantly disruptive consequences for national security."

Read more of this story at Slashdot.

As a system runs and its memory becomes fragmented, allocating large, physically contiguous regions of memory becomes increasingly difficult. Much effort over the years has gone into avoiding the need to make such allocations whenever possible, but there are times when they simply cannot be avoided. The kernel's contiguous memory allocator (CMA) subsystem attempts to make such allocations possible, but it has never been a perfect solution. Suren Baghdasaryan is is trying to improve that situation with the guaranteed contiguous memory allocator patch set, which includes work from Minchan Kim as well.

Julien Malka has called for the NixOS project to use build-reproducibility to detect when a program has a maintainer-generated tarball that results in a different artifact than building from source. There are good reasons for projects to release maintainer-generated tarballs, but since the materials included in them are usually documentation, extra build scripts, and so on, it makes sense to check that they don't influence the final build output. While this would not have stopped last year's XZ backdoor, it would have made it harder to hide.

People are often convinced that OSS is more trustworthy than closed-source software because the code can be audited by practitioners and security professionals in order to detect vulnerabilities or backdoors. In this instance, this procedure has been made difficult by the fact that part of the code activating the backdoor was not included in the sources available within the git repository but was instead present in the maintainer-provided tarball. While this was used to hide the backdoor out of sight of most investigating eyes, this is also an opportunity for us to improve our software supply chain security processes.

Microsoft has begun urging Windows 10 users to upgrade their systems ahead of the October 14, 2025 support deadline, but with a solution many find impractical: just buy a new computer. According to StatCounter data, 58.7% of Windows users remain on Windows 10 despite the impending end of security updates and technical assistance. In emails to Windows 10 users, Microsoft's primary recommendation is to trade in old devices for newer Windows 11-compatible hardware, rather than focusing on alternative solutions.

Read more of this story at Slashdot.

Brendan Jackman has been working to try to get ahead of the next hardware CPU vulnerability before it gets discovered. In January, he posted the second version of a patch set that introduces address-space isolation (ASI) as a way of preventing future CPU vulnerabilities from leaking important information. The core concept is to ensure that data that is not currently needed is not present in memory, so that speculative execution cannot leak it. The work is nowhere near ready to be incorporated into the mainline kernel — not least of all because it has a large performance impact in its current form — but it is likely to once again be a topic of discussion at the 2025 Linux Filesystem, Memory Management, and BPF Summit.

Yahoo on Friday said it has struck a deal to sell TechCrunch, the 20-year-old tech journalism site, to Regent, a media investment firm. Axios: Yahoo's business centers mostly on aggregation. Journalism isn't its core focus. Regent is trying to pull together a portfolio of tech news sites and is eager to invest in news. Earlier this week, it acquired Foundry, which houses a slew of online tech publications, such as PCWorld, Macworld and TechAdvisor. In a statement, Regent said it is "thrilled to expand its reach as it provides breaking technology news, opinions, and analysis on tech companies worldwide to our audience." Financial deal terms were not disclosed. The deal will not require regulatory review, which is normally needed for deals valued at roughly more than $100 million.

Read more of this story at Slashdot.

Google has filed a lawsuit against alleged scammers who created and sold fake business profiles on Google Maps, the company said. The legal action follows an investigation that uncovered and eliminated more than 10,000 illegitimate listings. The investigation began after a Texas business reported an unlicensed locksmith impersonating them on the platform. Google discovered the scams primarily targeted "duress verticals" -- services needed in urgent situations like locksmiths and towing companies. "Once we're alerted to the actual fraud, we take extreme efforts to identify similar fraudulent listings," said Halimah DeLaine Prado, Google's general counsel. The scammers used tactics including bait-and-switch schemes and intercepting calls to legitimate businesses through "lead generation services." They also sold fraudulent positive reviews to suppress negative feedback.

Read more of this story at Slashdot.

Raspberry Pi has announced rpi-image-gen, a tool to create custom software images for its devices.

rpi-image-gen is a Bash orientated scripting engine capable of producing software images with different on-disk partition layouts, file systems and profiles using collections of metadata and a defined flow of execution. It provides the means to create a highly customised software image for your Raspberry Pi device. rpi-image-gen is human readable, auditable and easy to use.

The Git repository for rpi-image-gen has a number of examples to help users get started making their own custom images.

The Asahi Linux project, working to support Linux on Apple hardware, has published a progress report to coincide with the 6.14 kernel release.

Now that Rust for Linux abstractions are starting to be merged at a healthy pace, we are faced with an emerging challenge. It is rare for any kernel patch to survive the mailing list without at least a couple of non-trivial changes, and Rust abstractions are no exception. Every time an abstraction used by our driver is merged, we must drop our downstream version and rebase the driver atop the version accepted upstream. This is grueling, menial, and unpleasant work, and Janne has our deepest gratitude for volunteering his time to get through it.

DaringFireball: Whole Reddit thread examining this simple question: "What month is it?" and Siri's "I'm sorry, I don't understand" response (which I just reproduced on my iPhone 16 Pro running iOS 18.4b4). One guy changed the question to "What month is it currently?" and got the answer "It is 2025." More comments from that thread:"I ask Siri to play a podcast and she literally says, "I'm trying to play from Apple Podcasts but it doesn't look like you have it installed." I didn't even know you could delete that app. I certainly haven't. So I have to manually do it every time now. It used to work." "I asked Siri last night to set a reminder for 3:50, so naturally she set it for 10:00." Further reading: Apple Shakes Up AI Executive Ranks in Bid to Turn Around Siri; 'Something Is Rotten in the State of Cupertino'.

Read more of this story at Slashdot.

Security updates have been issued by Debian (chromium), Fedora (fluent-bit, openssh, php, and webkitgtk), Mageia (freerdp), Oracle (libreoffice and webkit2gtk3), Red Hat (kernel-rt), Slackware (libarchive), SUSE (apptainer, gitea-tea, libxml2, tomcat, webkit2gtk3, and wpa_supplicant), and Ubuntu (libxslt and pam-pkcs11).

European Central Bank Chief Economist Philip Lane warned that Europe must develop a digital euro to counter growing American influence over the continent's financial system [alternative source] amid escalating geopolitical tensions. Lane specifically cited Europe's "current dependence on US payment-card providers Visa and Mastercard, as well as technology companies including PayPal, Apple and Google" as a vulnerability requiring urgent action. His comments come as President Donald Trump's administration promotes dollar-backed stablecoins worldwide as part of a broader cryptocurrency strategy, alarming European officials. ECB Governing Council member Francois Villeroy de Galhau recently cautioned that "the US risks bringing about the next financial emergency through its support of cryptocurrencies." "The digital euro is not just about adapting to the digital age. It is about ensuring Europe controls its monetary and financial destiny," Lane told a conference in Ireland, noting that a digital currency would "limit the likelihood of foreign-currency stablecoins gaining a foothold" in Europe.

Read more of this story at Slashdot.

Nvidia CEO Jensen Huang on Thursday walked back comments he made in January, when he cast doubt on whether useful quantum computers would hit the market in the next 15 years. From a report: At Nvidia's "Quantum Day" event, part of the company's annual GTC Conference, Huang admitted that his comments came out wrong. "This is the first event in history where a company CEO invites all of the guests to explain why he was wrong," Huang said. In January, Huang sent quantum computing stocks reeling when he said 15 years was "on the early side" in considering how long it would be before the technology would be useful. He said at the time that 20 years was a timeframe that "a whole bunch of us would believe." In his opening comments on Thursday, Huang drew comparisons between pre-revenue quantum companies and Nvidia's early days. He said it took over 20 years for Nvidia to build out its software and hardware business. He also expressed surprise that his comments were able to move markets, and joked he didn't know that certain quantum computing companies were publicly traded. "How could a quantum computer company be public?" Huang said.

Read more of this story at Slashdot.

Controversial facial recognition company Clearview AI attempted to purchase hundreds of millions of arrest records including social security numbers, mugshots, and even email addresses to incorporate into its product, 404 Media reports. From the report: For years, Clearview AI has collected billions of photos from social media websites including Facebook, LinkedIn and others and sold access to its facial recognition tool to law enforcement. The collection and sale of user-generated photos by a private surveillance company to police without that person's knowledge or consent sparked international outcry when it was first revealed by the New York Times in 2020. New documents obtained by 404 Media reveal that Clearview AI spent nearly a million dollars in a bid to purchase "690 million arrest records and 390 million arrest photos" from all 50 states from an intelligence firm. The contract further describes the records as including current and former home addresses, dates of birth, arrest photos, social security and cell phone numbers, and email addresses. Clearview attempted to purchase this data from Investigative Consultant, Inc. (ICI) which billed itself as an intelligence company with access to tens of thousands of databases and the ability to create unique data streams for its clients. The contract was signed in mid-2019, at a time when Clearview AI was quietly collecting billions of photos off the internet and was relatively unknown at the time.

Read more of this story at Slashdot.

President Trump signed a long-expected executive action on Thursday calling on U.S. Education Secretary Linda McMahon to "take all necessary steps to facilitate the closure of the Department of Education and return authority over education to the States and local communities." From a report: "We're going to be returning education, very simply, back to the states where it belongs," Trump said. "And this is a very popular thing to do, but much more importantly, it's a common sense thing to do, and it's going to work, absolutely." The move has been expected since early February, when the White House revealed its intentions but withheld the action until after McMahon's Senate confirmation. It now arrives more than a week after the Trump administration has already begun sweeping layoffs at the Education Department. According to the administration's own numbers, Trump inherited a department with 4,133 employees. Nearly 600 workers have since chosen to leave, by resigning or retiring. And last week, 1,300 workers were told they would lose their jobs as part of a reduction in force. That leaves 2,183 staff at the department -- roughly half the size it was just a few weeks ago. The order instructs McMahon to act "to the maximum extent appropriate and permitted by law," an acknowledgement that the department and its signature responsibilities were created by Congress and cannot legally be ended without congressional approval. That would almost certainly require 60 votes in the U.S. Senate to overcome a Democratic filibuster.

Read more of this story at Slashdot.

LG is shutting down Art Lab, its NFT marketplace for TVs. From a report: In a notice posted to its website, LG says it has made the "difficult decision" to close the platform on June 17th. LG launched its Art Lab app during the NFT craze in 2022, billing it as a way to "buy, sell and enjoy high-quality digital artwork" from your TV. It added new digital art to the platform through "groundbreaking" NFT drops, which users could purchase by scanning a QR code to complete transactions through Wallypto, LG's crypto wallet app.

Read more of this story at Slashdot.

Scientists at Zhejiang University have created the world's smallest LED display, featuring pixels just 90 nanometers wide -- roughly the size of a typical virus and too tiny to be seen with optical microscopes. The breakthrough, described in Nature this week, uses perovskite semiconductors that maintain brightness even at microscopic scales, giving them an advantage over conventional LEDs. The research team, led by Baodan Zhao, also demonstrated a larger display with pixels measuring about 100 micrometers (human hair width) that successfully rendered images including a spinning globe.

Read more of this story at Slashdot.

A United States District Court judge has approved a settlement between HP and customers who sued the company for firmware updates that prevented printers from working with non-HP ink cartridges. The class-action lawsuit, filed in December 2020, alleged HP "wrongfully compels users" to buy only HP ink by issuing updates that block competitors' cartridges. Under the settlement, HP admits no wrongdoing and won't pay monetary damages to affected customers, though it will pay $5,000 each to the three plaintiffs and $725,000 in attorneys' fees. HP has agreed to allow users of specific printer models impacted by the November 2020 update to decline firmware updates containing "Dynamic Security" features -- HP's term for technology that blocks cartridges using non-HP chips. The settlement applies only to 21 specific printer models, leaving numerous other HP printers subject to Dynamic Security restrictions. HP has previously paid millions in similar cases in Europe, Australia, and California related to printer bricking.

Read more of this story at Slashdot.