RSS 생중계

Activision will require PC players of Call of Duty: Black Ops 7 to enable Trusted Platform Module 2.0 and Windows Secure Boot when the game launches later this year. The company begins testing these anti-cheat measures with Black Ops 6's Season 5 on Thursday without enforcement. TPM 2.0 verifies untampered boot processes while Secure Boot ensures Windows loads only trusted software at startup. Both features perform checks during system and game startup but remain inactive during gameplay. Activision has also pursued legal action against 22 individuals who developed and sold cheats.

Read more of this story at Slashdot.

The AlmaLinux project has announced the availability of packages to enable native NVIDIA driver support, including CUDA and Secure Boot, for AlmaLinux 9 and 10.

When AlmaLinux started just 5 years ago, this wouldn't have been possible. With NVIDIA's open source version of their graphics drivers things have changed. This open source version is slowly becoming the flagship driver, with new products being added exclusively to it. With the help of some incredible people in the open source ecosystem and the AlmaLinux community, we were able to do something that has yet to be done in the EL ecosystem - ship Secure Boot signed, open source, NVIDIA kernel modules.

Full documentation is available on the AlmaLinux wiki.

A Manhattan jury convicted Tornado Cash co-founder Roman Storm on Wednesday of conspiring to operate an unlicensed money-transfer business, though jurors deadlocked on charges of money laundering conspiracy and sanctions violations after three days of deliberation. Federal prosecutors alleged Storm helped cybercriminals launder more than $1 billion through the cryptocurrency mixing platform, which launched in 2019 as a decentralized protocol designed to obscure transaction origins by pooling and redistributing funds through smart contracts.

Read more of this story at Slashdot.

Universal Pictures is taking a new approach to combat mass theft of its movies to teach AI systems. From a report: Starting in June with How to Train Your Dragon, the studio has attached a legal warning at the end credits of its films stating that their titles "may not be used to train AI." It's also appeared on Jurassic World Rebirth and Bad Guys 2. "This motion picture is protected under the laws of the United States and other countries," the warning reads. "Unauthorized duplication, distribution or exhibition may result in civil liability and criminal prosecution."

Read more of this story at Slashdot.

Daniel Almeida continues his look at graphics drivers on the Collabora blog.

The starting point is to understand that a kernel-mode GPU driver connects a much larger UMD (user-mode driver) to the actual GPU. The UMD will actually implement APIs like Vulkan, OpenGL, OpenCL, and others. These APIs, in turn, will be used by actual programs to describe their workload to the GPU. This includes allocating and using not only the geometry and textures, but also the shaders being used to process said data into the final result. This means that a key aspect of GPU drivers is actually allocating GPU memory to house data related to the current scene being drawn so that it can actually be operated on by the hardware.

Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group. BleepingComputer: In June, Google warned that a threat actor they classify as 'UNC6040' is targeting companies' employees in voice phishing (vishing) social engineering attacks to breach Salesforce instances and download customer data. This data is then used to extort companies into paying a ransom to prevent the data from being leaked. In a brief update to the article last night, Google said that it too fell victim to the same attack in June after one of its Salesforce CRM instances was breached and customer data was stolen. "In June, one of Google's corporate Salesforce instances was impacted by similar UNC6040 activity described in this post. Google responded to the activity, performed an impact analysis and began mitigations," reads Google's update.

Read more of this story at Slashdot.

OpenAI will provide ChatGPT access to US federal agencies for $1 annually through the General Services Administration's new AI marketplace that also includes Google and Anthropic as approved vendors. The nominal pricing represents the deepest discount GSA has negotiated with software providers, surpassing previous deals with Adobe and Salesforce. OpenAI said it will not use federal worker data to train its models and agencies face no renewal requirements. The $1 rate applies only to the ChatGPT chatbot interface, not OpenAI's API for custom software development.

Read more of this story at Slashdot.

There is a great deal of misunderstanding, and some misinformation, about the Trusted Platform Module (TPM); to combat this, Debian developer Jonathan McDowell would like to clear the air and help users understand what it is good for, as well as what it's not. At DebConf25 in Brest, France, he delivered a talk about TPMs that explained what they are, why people might be interested in using them, and how users might do so on a Debian system.

Version 0.10.0 of the Tuba fediverse client has been released. Notable changes in this release include a new post composer, an in-app web browser, search history, and many other refinements. See this thread for more details and highlights.

President Trump and Apple are expected to announce a new $100 billion commitment by Apple to boost manufacturing in the U.S. CBS News: The new investment would increase Apple's commitment to U.S. manufacturing to $600 billion over the next four years, according to a White House official. And it's expected to include a new "American Manufacturing Program" focused on bringing more of Apple's supply chain and advanced manufacturing to the U.S. [...] In May, the president threatened to impose a 25% tariff on iPhones made outside the U.S., writing on Truth Social that he told Cook that he expects that iPhones that will be sold in the U.S. "will be manufactured and built in the United States, not India, or anyplace else."

Read more of this story at Slashdot.

Nvidia's chief security officer has published a blog post insisting that its GPUs "do not and should not have kill switches and backdoors." From a report: It comes amid pressure from both sides of the Pacific, with some US lawmakers pushing Nvidia to grant the government backdoors to AI chips, while Chinese officials have alleged that they already exist. David Reber Jr.'s post seems pointedly directed at US lawmakers. In May a bipartisan group introduced the Chip Security Act, a bill that would require Nvidia and other manufacturers to include tracking technology to identify when chips are illegally transported internationally, and leaves the door open for further security measures including remote kill switches. While Nvidia is expecting to be granted permits to once again sell certain AI chips in China, its most powerful hardware is still under strict US export controls there and elsewhere.

Read more of this story at Slashdot.

For eight years, Masahiro Yamada has been the sole maintainer of the kernel's build and configuration systems — two complex pieces of infrastructure that many people interact with, but few truly understand. Yamada has just stepped down from that position. Maintenance of the build system will be taken up by Nathan Chancellor and Nicolas Schier (in the "odd fixes" capacity), while the configuration system is now entirely unmaintained.

Thanks are due to Yamada for all that work, and to Chancellor and Schier for stepping up. Hopefully a way will be found to better support these important subsystems in the near future.

Security updates have been issued by AlmaLinux (kernel and python3.12-setuptools), Fedora (perl-Crypt-CBC and unbound), Gentoo (FontForge, GPL Ghostscript, Mozilla Network Security Service (NSS), and PAM), Oracle (gdk-pixbuf2, jq, kernel, mod_security, ncurses, python-requests, and python3-setuptools), Red Hat (python-requests and socat), SUSE (docker, kernel-livepatch-MICRO-6-0-RT_Update_2, kernel-livepatch-MICRO-6-0-RT_Update_4, kernel-livepatch-MICRO-6-0-RT_Update_5, kernel-livepatch-MICRO-6-0-RT_Update_6, kernel-livepatch-MICRO-6-0-RT_Update_7, kernel-livepatch-MICRO-6-0_Update_2, kernel-livepatch-MICRO-6-0_Update_4, kernel-livepatch-MICRO-6-0_Update_5, kernel-livepatch-MICRO-6-0_Update_6, kubeshark-cli, libgcrypt, pam-config, perl, python-requests, python311, and python313), and Ubuntu (linux-raspi).

An anonymous reader quotes a report from the New York Times: China's automakers have teamed up with software companies togo global with their driverless cars, which are poised to claim a big share of a growing market as Western manufacturers are still preparing to compete. The industry in China is expanding despite tariffs imposed last year by the European Union on electric cars, and despite some worries in Europe about the security implications of relying on Chinese suppliers. Baidu, one of China's biggest software companies, said on Monday that it would supply Lyft, an American ride-hailing service, with self-driving cars assembled by Jiangling Motors of China (source paywalled; alternative source). Lyft is expected to begin operating them next year in Germany and Britain, subject to regulatory approval, the companies said. The announcement comes three months after Uber and Momenta, a Chinese autonomous driving company, announced their own plans to begin offering self-driving cars in an unspecified European city early next year. Momenta will soon provide assisted driving technology to the Chinese company IM Motors for its cars sold in Britain. While Momenta has not specified the model that Uber will be using, it has already signaled it will choose a Chinese model. In China, "the pace of development and the pressure to deliver at scale push companies to improve quickly," said Gerhard Steiger, the chairman of Momenta Europe. China's state-controlled banking system has been lending money at low interest rates to the country's electric car industry in a bid for global leadership. [...] Expanding robotaxi services to new cities, not to mention new countries, is not easy. While the individual cars do not have drivers, they typically require one controller for every several cars to handle difficulties and answer questions from users. And the cars often need to be specially programmed for traffic conditions unique to each city. Lyft and Baidu nonetheless said that they had plans for "the fleet scaling to thousands of vehicles across Europe in the following years."

Read more of this story at Slashdot.

A San Francisco jury ruled that Meta violated the California Invasion of Privacy Act by collecting sensitive data from users of the Flo period-tracking app without consent. "The plaintiff's lawyers who sued Meta are calling this a 'landmark' victory -- the tech company contends that the jury got it all wrong," reports SFGATE. From the report: The case goes back to 2021, when eight women sued Flo and a group of other tech companies, including Google and Facebook, now known as Meta. The stakes were extremely personal. Flo asked users about their sex lives, mental health and diets, and guided them through menstruation and pregnancy. Then, the women alleged, Flo shared pieces of that data with other companies. The claims were largely based on a 2019 Wall Street Journal story and a 2021 Federal Trade Commission investigation. Google, Flo and the analytics company Flurry, which was also part of the lawsuit, reached settlements with the plaintiffs, as is common in class action lawsuits about tech privacy. But Meta stuck it out through the entire trial and lost. The case against Meta focused on its Facebook software development kit, which Flo added to its app and which is generally used for analytics and advertising services. The women alleged that between June 2016 and February 2019, Flo sent Facebook, through that kit, various records of "Custom App Events" -- such as a user clicking a particular button in the "wanting to get pregnant" section of the app. Their complaint also pointed to Facebook's terms for its business tools, which said the company used so-called "event data" to personalize ads and content. In a 2022 filing (PDF), the tech giant admitted that Flo used Facebook's kit during this period and that the app sent data connected to "App Events." But Meta denied receiving intimate information about users' health. Nonetheless, the jury ruled (PDF) against Meta. Along with the eavesdropping decision, the group determined that Flo's users had a reasonable expectation they weren't being overheard or recorded, as well as ruling that Meta didn't have consent to eavesdrop or record. The unanimous verdict was that the massive company violated the California Invasion of Privacy Act. The jury's ruling could impact over 3.7 million U.S. users who registered between November 2016 and February 2019, with updates to be shared via email and a case website. The exact compensation from the trial or potential settlements remains uncertain.

Read more of this story at Slashdot.

The Trump administration has reportedly directed NASA to draw up plans to shut down its Orbiting Carbon Observatory satellite missions, which provide vital climate and agricultural data for scientists, oil and gas companies and farmers who need detailed information about carbon dioxide and crop health. As NPR reports, the satellites are "the only two federal satellite missions that were designed and built specifically to monitor planet-warming greenhouse gases." From the report: It is unclear why the Trump administration seeks to end the missions. The equipment in space is state of the art and is expected to function for many more years, according to scientists who worked on the missions. An official review by NASA in 2023 found that "the data are of exceptionally high quality" and recommended continuing the mission for at least three years. Both missions, known as the Orbiting Carbon Observatories, measure carbon dioxide and plant growth around the globe. They use identical measurement devices, but one device is attached to a stand-alone satellite while the other is attached to the International Space Station. The standalone satellite would burn up in the atmosphere if NASA pursued plans to terminate the mission. NASA employees who work on the two missions are making what the agency calls Phase F plans for both carbon-monitoring missions, according to David Crisp, a longtime NASA scientist who designed the instruments and managed the missions until he retired in 2022. Phase F plans lay out options for terminating NASA missions. The OCO missions would lose funding under the Trump Administration's budget proposal for Fiscal Year 2026, which begins Oct. 1 but has yet to pass. "Presidential budget proposals are wish lists that often bear little resemblance to final congressional budgets," notes NPR. "The Orbiting Carbon Observatory missions have already received funding from Congress through the end of the 2025 fiscal year, which ends Sept. 30." "Draft budgets that Congress is currently considering for next year keep NASA funding basically flat. But it's not clear whether these specific missions will receive funding again, or if Congress will pass a budget before current funding expires on Sept. 30."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Apple released a new developer beta build of macOS 26 Tahoe today, and it came with another big update for a familiar icon. The old Macintosh HD hard drive icon, for years represented by a facsimile of an old spinning hard drive, has been replaced with something clearly intended to resemble a solid-state drive (the SSD in your Mac actually looks like a handful of chips soldered to a circuit board, but we'll forgive the creative license). The Macintosh HD icon became less visible a few years back, when new macOS installs stopped showing your internal disk on the desktop by default. It has also been many years since Apple shifted to SSDs as the primary boot media for new Macs. It's not clear why the icon is being replaced now, instead of years ago -- maybe the icon had started clicking, and Apple just wanted to replace it before it suffered from catastrophic icon failure -- but regardless, the switch is logical (this is a computer storage pun). Apple's iconic Macintosh HD hard drive icon was first introduced in a 2000 Mac OS X beta and remained largely unchanged for over two decades, with only subtle updates in 2012 and 2014. The first SSD-equipped Mac was in 2008, "when the original MacBook Air came out," notes Ars. "By the time 'Retina' Macs began arriving in the early 2010s, SSDs had become the primary boot disk for most of them; laptops tended to be all-SSD, while desktops could be configured with an SSD or a hybrid Fusion Drive that used an SSD as boot media and an HDD for mass storage. Apple stopped shipping spinning hard drives entirely when the last of the Intel iMacs went away."

Read more of this story at Slashdot.

Jim Acosta, the former CNN chief White House correspondent who now hosts an independent show on YouTube, has interviewed an AI-generated avatar of Parkland shooting victim Joaquin Oliver. The late teen's parents created the avatar to preserve his voice and advocate for gun reform. Oliver's parents "granted Acosta the first 'interview' with the recreated version of their son on what would have been his 25th birthday," notes Variety. "Oliver was one of 17 people killed in the mass shooting at Marjory Stoneman Douglas High School." From the report: Acosta asked AI Oliver about his solution for gun violence, to which the avatar responded: "I believe in a mix of stronger gun control laws, mental health support and community engagement. We need to create safe spaces for conversations and connections, making sure everyone feels seen and heard. It's about building a culture of kindness and understanding." The avatar added, "Though my life was cut short, I want to keep inspiring others to connect and advocate for change." Acosta then asked AI Oliver about his personal life, such as his favorite sport and favorite basketball team. The two discussed the movie "Remember the Titans" and their favorite "Star Wars" moments. After a five-minute chat with the AI, Acosta then connected with Oliver's father, Manuel Oliver. "I'm kind of speechless as to the technology there," Acosta said. "It was so insightful. I really felt like I was speaking with Joaquin. It's just a beautiful thing." Manuel, who has been an outspoken voice in the push for gun control, said he believed bringing "AI Joaquin to life" would "create more impact." According to Manuel, the avatar is trained on information on the internet as well as things Oliver wrote, said and posted online. He said he wanted to make it clear to viewers that he is under no illusions about reviving his son. "I understand that this is AI. I don't want anyone to think that I am, in some way, trying to bring my son back," he said. "Sadly, I can't, right? I wish I could. However, the technology is out there." [...] Manuel said he is excited about the future of the project and what it means for his son's legacy. "What's amazing about this is that we've heard from the parents, we've heard from the politicians. Now we're hearing from one of the kids," Acosta said. "That's important. That hasn't happened." Manuel said he plans to have AI Oliver "on stage in the middle of a debate," and that "his knowledge is unlimited." You can watch the full interview on YouTube.

Read more of this story at Slashdot.

In a report published Monday, Cloudflare accused Perplexity of deploying undeclared web crawlers that masquerade as regular Chrome browsers to access content from websites that have explicitly blocked its official bots. Since then, Perplexity has publicly and loudly announced that Cloudflare's claims are baseless and technically flawed. "This controversy reveals that Cloudflare's systems are fundamentally inadequate for distinguishing between legitimate AI assistants and actual threats," says Perplexity in a blog post. "If you can't tell a helpful digital assistant from a malicious scraper, then you probably shouldn't be making decisions about what constitutes legitimate web traffic." Perplexity continues: "Technical errors in Cloudflare's analysis aren't just embarrassing -- they're disqualifying. When you misattribute millions of requests, publish completely inaccurate technical diagrams, and demonstrate a fundamental misunderstanding of how modern AI assistants work, you've forfeited any claim to expertise in this space."

Read more of this story at Slashdot.

Sweden's Prime Minister Ulf Kristersson has come under fire after admitting that he frequently uses AI tools like ChatGPT for second opinions on political matters. The Guardian reports: ... Kristersson, whose Moderate party leads Sweden's center-right coalition government, said he used tools including ChatGPT and the French service LeChat. His colleagues also used AI in their daily work, he said. Kristersson told the Swedish business newspaper Dagens industri: "I use it myself quite often. If for nothing else than for a second opinion. What have others done? And should we think the complete opposite? Those types of questions." Tech experts, however, have raised concerns about politicians using AI tools in such a way, and the Aftonbladet newspaper accused Kristersson in a editorial of having "fallen for the oligarchs' AI psychosis." Kristersson's spokesperson, Tom Samuelsson, later said the prime minister did not take risks in his use of AI. "Naturally it is not security sensitive information that ends up there. It is used more as a ballpark," he said. But Virginia Dignum, a professor of responsible artificial intelligence at Umea University, said AI was not capable of giving a meaningful opinion on political ideas, and that it simply reflects the views of those who built it. "The more he relies on AI for simple things, the bigger the risk of an overconfidence in the system. It is a slippery slope," she told the Dagens Nyheter newspaper. "We must demand that reliability can be guaranteed. We didn't vote for ChatGPT."

Read more of this story at Slashdot.