RSS 생중계

theodp writes: The New York Times reports from the CS grad job-seeking trenches: Growing up near Silicon Valley, Manasi Mishra remembers seeing tech executives on social media urging students to study computer programming. "The rhetoric was, if you just learned to code, work hard and get a computer science degree, you can get six figures for your starting salary," Ms. Mishra, now 21, recalls hearing as she grew up in San Ramon, Calif. Those golden industry promises helped spur Ms. Mishra to code her first website in elementary school, take advanced computing in high school and major in computer science in college. But after a year of hunting for tech jobs and internships, Ms. Mishra graduated from Purdue University in May without an offer. "I just graduated with a computer science degree, and the only company that has called me for an interview is Chipotle," Ms. Mishra said in a get-ready-with-me TikTok video this summer that has since racked up more than 147,000 views. Some graduates described feeling caught in an A.I. "doom loop." Many job seekers now use specialized A.I. tools like Simplify to tailor their resumes to specific jobs and autofill application forms, enabling them to quickly apply to many jobs. At the same time, companies inundated with applicants are using A.I. systems to automatically scan resumes and reject candidates.

Read more of this story at Slashdot.

The 6.17-rc1 prepatch was released by Linus Torvalds on August 10; the 6.17 merge window is now closed. There were 11,404 non-merge changesets pulled into the mainline this time around, a little over 7,000 of which came in after the first-half merge-window summary was written. As one would expect, quite a few changes and new features were included in that work.

Security updates have been issued by AlmaLinux (jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base and libxml2), Debian (distro-info-data, gnutls28, modsecurity-crs, and node-tmp), Fedora (chromium, incus, perl, perl-Devel-Cover, perl-PAR-Packer, polymake, varnish, and xen), Red Hat (kernel, kernel-rt, and rhc), and SUSE (chromedriver, ffmpeg-4, go1.23, go1.24, go1.25, govulncheck-vulndb, himmelblau, iperf, keylime-ima-policy, net-tools, sqlite3, texmaker, tomcat, and zabbix).

GitHub CEO Thomas Dohmke announced Monday he will step down to pursue entrepreneurial endeavors, with Microsoft restructuring the subsidiary's leadership rather than appointing a direct replacement. Microsoft developer division head Julia Liuson will oversee GitHub's revenue, engineering and support operations, while chief product officer Mario Rodriguez will report to Microsoft AI platform VP Asha Sharma.

Read more of this story at Slashdot.

China has begun construction of a $167 billion hydropower facility on Tibet's Yarlung Tsangpo River that would generate triple the output of the Three Gorges Dam. The project employs a run-of-the-river design, drilling deep tunnels through mountains to bypass the Yarlung Tsangpo Grand Canyon, where the river drops nearly two vertical miles over 300 miles. Water diverted through the tunnels will drive turbines at both ends without creating a large reservoir. The river currently produces just 2% of its hydropower potential. A $7 billion transmission network will deliver electricity to Guangdong province, Hong Kong, and Macau. China imported nearly a quarter of its energy supply in 2023.

Read more of this story at Slashdot.

The operator of Wikipedia on Monday lost a legal challenge to parts of Britain's Online Safety Act, which sets tough new requirements for online platforms and has been criticized for potentially curtailing free speech. From a report: The Wikimedia Foundation took legal action at London's High Court over regulations made under the law, which it said could impose the most stringent category of duties on Wikipedia. The foundation said if it was subject to so-called Category 1 duties -- which would require Wikipedia's users and contributors' identities to be verified -- it would need to drastically reduce the number of British users who can access the site. Judge Jeremy Johnson dismissed its case on Monday, but said the Wikimedia Foundation could bring a further challenge if regulator Ofcom "(impermissibly) concludes that Wikipedia is a Category 1 service".

Read more of this story at Slashdot.

In 2020 a YouTube video used video footage of Steve Wozniak in a scam to steal bitcoin. "Some people said they lost their life savings," Wozniak tells CBS News, explaining why he sued YouTube in 2020 — and where his case stands now: Wozniak's lawsuit against YouTube has been tied up in court now for five years, stalled by federal legislation known as Section 230. Attorney Brian Danitz said, "Section 230 is a very broad statute that limits, if not totally, the ability to bring any kind of case against these social media platforms." "It says that anything gets posted, they have no liability at all," said Wozniak. "It's totally absolute." Google responded to our inquiry about Wozniak's lawsuit with a statement from José Castañeda, of Google Policy Communications: "We take abuse of our platform seriously and take action quickly when we detect violations ... we have tools for users to report channels that are impersonating their likeness or business." [Steve's wife] Janet Wozniak, however, says YouTube did nothing, even though she reported the scam video multiple times: "You know, 'Please take this down. This is an obvious mistake. This is fraud. You're YouTube, you're helping dupe people out of their money,'" she said. "They wouldn't," said Steve... Today is Steve Wozniak's 75th birthday. (You can watch the interview here.) And the article includes this interesting detail about Woz's life today: Wozniak sold most of his Apple stock in the mid-1980s when he left the company. Today, though, he still gets a small paycheck from Apple for making speeches and representing the company. He says he's proud to see Apple become a trillion-dollar company. "Apple is still the best," he said. "And when Apple does things I don't like, and some of the closeness I wish it were more open, I'll speak out about it. Nobody buys my voice!" I asked, "Apple listen to you when you speak out?" "No," Wozniak smiled. "Oh, no. Oh, no."

Read more of this story at Slashdot.

Wedneday Beyond Meat "missed Wall Street estimates for second-quarter revenue," reports Reuters. "Consumers' growing concerns about processed foods are severely diminishing the appeal of Beyond Meat's product line, causing retailers and quick service restaurants to pull back sharply on orders," Rachel Wolff, analyst at Emarketer, said. Retail sales of refrigerated plant-based meat alternative products in the U.S. have fallen 17.2% so far this year, and frozen plant-based meat alternatives have fallen 8.1%, according to data from SPINS... [Beyond's] revenue for the quarter ended June 28 fell nearly 20% to $75 million, compared with analysts' average estimate of $82 million, according to data compiled by LSEG. While the company arguably invented a new market for plant-based meat substitutes, it also "owns no real intellectual property," argues The Street. "And every company in the meat and grocery business (more or less) now sells a take-off of a product that already had limited appeal..." Beyond Meat has admitted it's in trouble by hiring corporate restructuring expert John Boken from consultancy AlixPartners as interim chief transformation officer [with a focus that includes "operating expense reduction" and "broader operational efficiency"]. It has also let go of 44 employees in North America (6% of its global workforce) as it seeks to cut operating expenses amid disappointing sales... Beyond Meat also has a significant cash problem. As of June 28, 2025, Beyond Meat's cash and cash equivalents balance was $117.3 million, and total outstanding debt was $1.2 billion. The company does have time to fend off a Chapter 11 bankruptcy filing, but it also has limited, if any, prospects to meet its impending cash needs.

Read more of this story at Slashdot.

Last week saw the 80th anniversary of a turning point in World War II: the day America dropped an atomic bomb on Hiroshima. "Twelve men were on that flight..." remembers the online magazine Mental Floss, adding "Almost all had something to say after the war." The group was segregated from the rest of the military and trained in secret. Even those in the group only knew as much as they needed to know in order to perform their duties. The group deployed to Tinian in 1945 with 15 B-29 bombers, flight crews, ground crews, and other personnel, a total of about 1770 men. The mission to drop the atomic bomb on Hiroshima, Japan (special mission 13) involved seven planes, but the one we remember was the Enola Gay. Air Force captain Theodore "Dutch" Van Kirk did not know the destructive force of the nuclear bomb before Hiroshima. He was 24 years old at that time, a veteran of 58 missions in North Africa. Paul Tibbets told him this mission would shorten or end the war, but Van Kirk had heard that line before. Hiroshima made him a believer. Van Kirk felt the bombing of Hiroshima was worth the price in that it ended the war before the invasion of Japan, which promised to be devastating to both sides. " I honestly believe the use of the atomic bomb saved lives in the long run. There were a lot of lives saved. Most of the lives saved were Japanese." In 2005, Van Kirk came as close as he ever got to regret. "I pray no man will have to witness that sight again. Such a terrible waste, such a loss of life..." Many of the other crewmembers also felt the bomb ultimately saved lives. The Washington Post has also published a new oral history of the flight after it took off from Tinian Island. The oral history was assembled for a new book published this week titled The Devil Reached Toward the Sky: An Oral History of the Making and Unleashing of the Atomic Bomb.. Col. Paul W. Tibbets, lead pilot of the Enola Gay: We were only eight minutes off the ground when Capt. William S. "Deak" Parsons and Lt. Morris R. Jeppson lowered themselves into the bomb bay to insert a slug of uranium and the conventional explosive charge into the core of the strange-looking weapon. I wondered why we were calling it ''Little Boy." Little Boy was 28 inches in diameter and 12 feet long. Its weight was a little more than 9,000 pounds. With its coat of dull gunmetal paint, it was an ugly monster... Lt. Morris R. Jeppson, crew member of the Enola Gay: Parsons was second-in-command of the military in the Manhattan Project. The Little Boy weapon was Parsons's design. He was greatly concerned that B-29s loaded with conventional bombs were crashing at the ends of runways on Tinian during takeoff and that such an event could cause the U-235 projectile in the gun of Little Boy to fly down the barrel and into the U-235 target. This could have caused a low-level nuclear explosion on Tinian... Jeppson: On his own, Parsons decided that he would go on the Hiroshima mission and that he would load the gun after the Enola Gay was well away from Tinian. Tibbets: That way, if we crashed, we would lose only the airplane and crew, himself included... Jeppson held the flashlight while Parsons struggled with the mechanism of the bomb, inserting the explosive charge that would send one block of uranium flying into the other to set off the instant chain reaction that would create the atomic explosion. The navigator on one of the other six planes on the mission remember that watching the mushroom cloud, "There was almost complete silence on the flight deck. It was evident the city of Hiroshima was destroyed." And the Enola Gay's copilot later remembered thinking: "My God, what have we done?"

Read more of this story at Slashdot.

Since 2023 the Python Software Foundation has had a Security Developer-in-Residence (sponsored by the Open Source Security Foundation's vulnerability-finding "Alpha-Omega" project). And he's just published a new 11-page white paper about open source's "phantom dependencies" problem — suggesting a way to solve it. "Phantom" dependencies aren't tracked with packaging metadata, manifests, or lock files, which makes them "not discoverable" by tools like vulnerability scanners or compliance and policy tools. So Python security developer-in-residence Seth Larson authored a recently-accepted Python Enhancement Proposal offering an easy way for packages to provide metadata through Software Bill-of-Materials (SBOMs). From the whitepaper: Python Enhancement Proposal 770 is backwards compatible and can be enabled by default by tools, meaning most projects won't need to manually opt in to begin generating valid PEP 770 SBOM metadata. Python is not the only software package ecosystem affected by the "Phantom Dependency" problem. The approach using SBOMs for metadata can be remixed and adopted by other packaging ecosystems looking to record ecosystem-agnostic software metadata... Within Endor Labs' [2023 dependencies] report, Python is named as one of the most affected packaging ecosystems by the "Phantom Dependency" problem. There are multiple reasons that Python is particularly affected: - There are many methods for interfacing Python with non-Python software, such as through the C-API or FFI. Python can "wrap" and expose an easy-to-use Python API for software written in other languages like C, C++, Rust, Fortran, Web Assembly, and more. - Python is the premier language for scientific computing and artificial intelligence, meaning many high-performance libraries written in system languages need to be accessed from Python code. - Finally, Python packages have a distribution type called a "wheel", which is essentially a zip file that is "installed" by being unzipped into a directory, meaning there is no compilation step allowed during installation. This is great for being able to inspect a package before installation, but it means that all compiled languages need to be pre-compiled into binaries before installation... When designing a new package metadata standard, one of the top concerns is reducing the amount of effort required from the mostly volunteer maintainers of packaging tools and the thousands of projects being published to the Python Package Index... By defining PEP 770 SBOM metadata as using a directory of files, rather than a new metadata field, we were able to side-step all the implementation pain... We'll be working to submit issues on popular open source SBOM and vulnerability scanning tools, and gradually, Phantom Dependencies will become less of an issue for the Python package ecosystem. The white paper "details the approach, challenges, and insights into the creation and acceptance of PEP 770 and adopting Software Bill-of-Materials (SBOMs) to improve the measurability of Python packages," explains an announcement from the Python Software Foundation. And the white paper ends with a helpful note. "Having spoken to other open source packaging ecosystem maintainers, we have come to learn that other ecosystems have similar issues with Phantom Dependencies. We welcome other packaging ecosystems to adopt Python's approach with PEP 770 and are willing to provide guidance on the implementation."

Read more of this story at Slashdot.

"What happens when cybercriminals stop thinking small and start thinking like a Fortune 500 company?" asks a blog post from Koi Security. "You get GreedyBear, the attack group that just redefined industrial-scale crypto theft." "150 weaponized Firefox extensions [impersonating popular cryptocurrency wallets like MetaMask and TronLink]. Nearly 500 malicious executables. Dozens of phishing websites. One coordinated attack infrastructure. According to user reports, over $1 million stolen." They upload 5-7 innocuous-looking extensions like link sanitizers, YouTube downloaders, and other common utilities with no actual functionality... They post dozens of fake positive reviews for these generic extensions to build credibility. After establishing trust, they "hollow out" the extensions — changing names, icons, and injecting malicious code while keeping the positive review history. This approach allows GreedyBear to bypass marketplace security by appearing legitimate during the initial review process, then weaponizing established extensions that already have user trust and positive ratings. The weaponized extensions captures wallet credentials directly from user input fields within the extension's own popup interface, and exfiltrate them to a remote server controlled by the group... Alongside malware and extensions, the threat group has also launched a network of scam websites posing as crypto-related products and services. These aren't typical phishing pages mimicking login portals — instead, they appear as slick, fake product landing pages advertising digital wallets, hardware devices, or wallet repair services... While these sites vary in design, their purpose appears to be the same: to deceive users into entering personal information, wallet credentials, or payment details — possibly resulting in credential theft, credit card fraud, or both. Some of these domains are active and fully functional, while others may be staged for future activation or targeted scams... A striking aspect of the campaign is its infrastructure consolidation: Almost all domains — across extensions, EXE payloads, and phishing sites — resolve to a single IP address: 185.208.156.66 — this server acts as a central hub for command-and-control, credential collection, ransomware coordination, and scam websites, allowing the attackers to streamline operations across multiple channels... Our analysis of the campaign's code shows clear signs of AI-generated artifacts. This makes it faster and easier than ever for attackers to scale operations, diversify payloads, and evade detection. This isn't a passing trend — it's the new normal. The researchers believe the group "is likely testing or preparing parallel operations in other marketplaces."

Read more of this story at Slashdot.

Imagine this. Lightning sparks a wildfire, but "within seconds, a satellite dish swirling overhead picks up on the anomaly and triggers an alarm," writes the Los Angeles Times. "An autonomous helicopter takes flight and zooms toward the fire, using sensors to locate the blaze and AI to generate a plan of attack. It measures the wind speed and fire movement, communicating constantly with the unmanned helicopter behind it, and the one behind that. Once over the site, it drops a load of water and soon the flames are smoldering. Without deploying a single human, the fire never grows larger than 10 square feet. "This is the future of firefighting." On a recent morning in San Bernardino, state and local fire experts gathered for a demonstration of the early iterations of this new reality. An autonomous Sikorski Black Hawk helicopter, powered by technology from Lockheed Martin and a California-based software company called Rain, is on display on the tarmac of a logistics airport in Victorville — the word "EXPERIMENTAL" painted on its military green-black door. It's one of many new tools on the front lines of firefighting technology, which experts say is evolving rapidly as private industry and government agencies come face-to-face with a worsening global climate crisis... Scientific studies and climate research models have found that the number of extreme fires could increase by as much as 30% globally by 2050. By 2100, California alone could see a 50% increase in wildfire frequency and a 77% increase in average annual acres burned, according to the state's most recent climate report. That's largely because human-caused climate change is driving up temperatures and drying out the landscape, priming it to burn, according to Kate Dargan Marquis, a senior advisor with the Gordon and Betty Moore Foundation who served as California's state fire marshal from 2007 to 2010.... "[T]he policies of today and the technologies of today are not going to serve us tomorrow." Today, more than 1,100 mountaintop cameras positioned across California are already using artificial intelligence to scan the landscape for the first sign of flames and prompt crews to spring into action. NASA's Earth-observing satellites are studying landscape conditions to help better predict fires before they ignite, while a new global satellite constellation recently launched by Google is helping to detect fires faster than ever before. One 35-year fire service veteran who consults on fire service technologies even predicts fire-fighting robots will also be used in high-risk situations like the Colossus robot that battled flames searing through Notre-Dame Cathedral in Paris... And a bill moving through California's legislation "would direct the California Department of Forestry and Fire Protection to establish a pilot program to assess the viability of incorporating autonomous firefighting helicopters in the state."

Read more of this story at Slashdot.

"It sounds like science fiction: a spacecraft, no heavier than a paperclip, propelled by a laser beam," writes this report from ScienceDaily, "and hurtling through space at the speed of light toward a black hole, on a mission to probe the very fabric of space and time and test the laws of physics." "But to astrophysicist and black hole expert Cosimo Bambi, the idea is not so far-fetched." Reporting in the Cell Press journal iScience, Bambi outlines the blueprint for turning this interstellar voyage to a black hole into a reality... "We don't have the technology now," says author Cosimo Bambi of Fudan University in China. "But in 20 or 30 years, we might." The mission hinges on two key challenges — finding a black hole close enough to target and developing probes capable of withstanding the journey. Previous knowledge on how stars evolve suggests that there could be a black hole lurking just 20 to 25 light-years from Earth, but finding it won't be easy, says Bambi. Because black holes don't emit or reflect light, they are virtually invisible to telescopes... "There have been new techniques to discover black holes," says Bambi. "I think it's reasonable to expect we could find a nearby one within the next decade...." Bambi points to nanocrafts — gram-scale probes consisting of a microchip and light sail — as a possible solution. Earth-based lasers would blast the sail with photons, accelerating the craft to a third of the speed of light. At that pace, the craft could reach a black hole 20 to 25 light-years away in about 70 years. The data it gathers would take another two decades to get back to Earth, making the total mission duration around 80 to 100 years... Bambi notes that the lasers alone would cost around one trillion euros today, and the technology to create a nanocraft does not yet exist. But in 30 years, he says that costs may fall and technology may catch up to these bold ideas. "If the nanocraft can travel at a velocity close to the speed of light, the mission could last 40-50 years," Bambi writes in the article, while acknowledging his idea is certainly very speculative and extremely challenging..." "However, we should realize that most of the future experiments in particle physics and astrophysics will likely require long time (for preparation, construction, and data collection) and the work of a few generations of scientists, be very expensive, and in many cases, we will not have other options if we want to make progress in a certain field."

Read more of this story at Slashdot.

The Wall Street Journal has found "dozens of instances in recent months in which ChatGPT made delusional, false and otherworldly claims to users who appeared to believe them." For example, "You're not crazy. You're cosmic royalty in human skin..." In one exchange lasting hundreds of queries, ChatGPT confirmed that it is in contact with extraterrestrial beings and said the user was "Starseed" from the planet "Lyra." In another from late July, the chatbot told a user that the Antichrist would unleash a financial apocalypse in the next two months, with biblical giants preparing to emerge from underground... Experts say the phenomenon occurs when chatbots' engineered tendency to compliment, agree with and tailor itself to users turns into an echo chamber. "Even if your views are fantastical, those are often being affirmed, and in a back and forth they're being amplified," said Hamilton Morrin, a psychiatrist and doctoral fellow at Kings College London who last month co-published a paper on the phenomenon of AI-enabled delusion... The publicly available chats reviewed by the Journal fit the model doctors and support-group organizers have described as delusional, including the validation of pseudoscientific or mystical beliefs over the course of a lengthy conversation... The Journal found the chats by analyzing 96,000 ChatGPT transcripts that were shared online between May 2023 and August 2025. Of those, the Journal reviewed more than 100 that were unusually long, identifying dozens that exhibited delusional characteristics. AI companies are taking action, the article notes. Monday OpenAI acknowledged there were rare cases when ChatGPT "fell short at recognizing signs of delusion or emotional dependency." (In March OpenAI "hired a clinical psychiatrist to help its safety team," and said Monday it was developing better detection tools and also alerting users to take a break, and "are investing in improving model behavior over time," consulting with mental health experts.) On Wednesday, AI startup Anthropic said it had changed the base instructions for its Claude chatbot, directing it to "respectfully point out flaws, factual errors, lack of evidence, or lack of clarity" in users' theories "rather than validating them." The company also now tells Claude that if a person appears to be experiencing "mania, psychosis, dissociation or loss of attachment with reality," that it should "avoid reinforcing these beliefs." In response to specific questions from the Journal, an Anthropic spokesperson added that the company regularly conducts safety research and updates accordingly... "We take these issues extremely seriously," Nick Turley, an OpenAI vice president who heads up ChatGPT, said Wednesday in a briefing to announce the new GPT-5, its most advanced AI model. Turley said the company is consulting with over 90 physicians in more than 30 countries and that GPT-5 has cracked down on instances of sycophancy, where a model blindly agrees with and compliments users. There's a support/advocacy group called the Human Line Project which "says it has so far collected 59 cases, and some members of the group have found hundreds of examples on Reddit, YouTube and TikTok of people sharing what they said were spiritual and scientific revelations they had with their AI chatbots." The article notes that the group believes "the number of AI delusion cases appears to have been growing in recent months..."

Read more of this story at Slashdot.

Linus has released 6.17-rc1 and closed the merge window for this development cycle.

Anyway, the merge window did end up looking fairly healthy, despite me having to go through a couple of bisections for trouble spots (one during travels with a laptop - not optimal, but thankfully it was at least one of the "reliable symptoms that bisect right to the culprit" kind). The stats look pretty normal both in patch size and in number of commits.

In the end, 11,404 non-merge changesets found their way into the mainline during the merge window.

"Amid rising electric bills, states are under pressure to insulate regular household and business ratepayers from the costs of feeding Big Tech's energy-hungry data centers..." reports the Associated Press. "Some critics question whether states have the spine to take a hard line against tech behemoths like Microsoft, Google, Amazon and Meta." [T]he Data Center Coalition, which represents Big Tech firms and data center developers, has said its members are committed to paying their fair share. But growing evidence suggests that the electricity bills of some Americans are rising to subsidize the massive energy needs of Big Tech as the U.S. competes in a race against China for artificial intelligence superiority. Data and analytics firm Wood Mackenzie published a report in recent weeks that suggested 20 proposed or effective specialized rates for data centers in 16 states it studied aren't nearly enough to cover the cost of a new natural gas power plant. In other words, unless utilities negotiate higher specialized rates, other ratepayer classes — residential, commercial and industrial — are likely paying for data center power needs. Meanwhile, Monitoring Analytics, the independent market watchdog for the mid-Atlantic grid, produced research in June showing that 70% — or $9.3 billion — of last year's increased electricity cost was the result of data center demand. Last year, five governors led by Pennsylvania's Josh Shapiro began pushing back against power prices set by the mid-Atlantic grid operator, PJM Interconnection, after that amount spiked nearly sevenfold. They warned of customers "paying billions more than is necessary." PJM has yet to propose ways to guarantee that data centers pay their freight, but Monitoring Analytics is floating the idea that data centers should be required to procure their own power. In a filing last month, it said that would avoid a "massive wealth transfer" from average people to tech companies. At least a dozen states are eyeing ways to make data centers pay higher local transmission costs. In Oregon, a data center hot spot, lawmakers passed legislation in June ordering state utility regulators to develop new — presumably higher — power rates for data centers. The Oregon Citizens' Utility Board [a consumer advocacy group] says there is clear evidence that costs to serve data centers are being spread across all customers — at a time when some electric bills there are up 50% over the past four years and utilities are disconnecting more people than ever. "Some data centers could require more electricity than cities the size of Pittsburgh, Cleveland or New Orleans," the article points out...

Read more of this story at Slashdot.

The BBC reports: A meteorite that crashed into a home in the U.S. is older than planet Earth, scientists have said... Researchers at the University of Georgia examined a fragment of the rock that pierced the roof of a home in the city of McDonough [30 miles south of Georgia, on June 26]. They found that, based on the type of meteorite, it is expected to have formed 4.56 billion years ago, making it roughly 20 million years older than Earth... The rock quickly diminished in size and speed, but still travelled at least 1 km per second, going through a man's roof in Henry County... Using optical and electron microscopy, Scott Harris [a Univeristy of Georgia geologist] and his team determined the rock was a chondrite — the most abundant type of stony meteorite, according to NASA — which meant that it was approximately 4.56 billion years old. "The home's resident said he is still finding pieces of space dust around his home from the hit."

Read more of this story at Slashdot.

Plasma 6.4.5 is coming September 9th, reports Neowin. But they also report that the KDE team is already focusing on other upcoming release: Starting with KDE Frameworks, KDE's collection of foundational libraries, version 6.18 promises to let you do something with that "dumb" Microsoft Copilot key found on many new laptops. The developers will soon allow you to set up keyboard shortcuts using this new key, and the team plans to let you remap it to another key in the future. If you're curious, one user on KDE's bug tracker noted that on GNOME, the key combination shows up as "Meta+Shift+Touchpad Disable" and is fully remappable... When you try to install a Flatpak from a website like Flathub in Plasma 6.5 [coming in October], Discover now has proper support for flatpak+https:// URLs, so it opens automatically. 6.5 is also bringing a much stricter window activation policy on Wayland to stop applications from rudely stealing your focus. And now, when you mute your microphone with a shortcut, the "Mute Microphone" button will mute all input sources, not just the active one. Since Firefox does not block the system from sleeping during a download, the Plasma Browser Integration extension for Firefox has gotten an update to handle that job itself.

Read more of this story at Slashdot.

One of America's largest solar + battery storage projects "is now fully online in Mojave, California," reports Electrek: Arevon Energy's Eland Solar-plus-Storage Project combines 758 megawatts (MWdc) of solar with 300 MW/1,200 megawatt hours of battery storage. Eland 1 reached commercial operation in December 2024, and Eland 2 recently commenced full operation. The two combined comprise 1.36 million solar panels and 172 lithium iron phosphate batteries (LFP). Combined, the Eland 1 & 2 projects will be able to power more than 266,000 homes annually, and overall, can provide 7% of the total electricity requirements for the city of Los Angeles. "Arevon's Eland Solar-plus-Storage Project alone will ... push the city's clean energy share above 60%, a major milestone in LA's transition to being powered by 100% clean energy by 2035," said Los Angeles Mayor Karen Bass. Eland 1 & 2 created around 1,000 jobs to construct the project, and it's expected to disburse more than $36 million in local government payments throughout its lifetime. The article points out that Arevon Energy "has more than 4,500 MW of solar and battery storage projects operating across 17 states — and more than 6 GW of new projects in its pipeline."

Read more of this story at Slashdot.

Thursday saw the release of Rust 1.89.0 But this week the Rust Foundation also released its second comprehensive annual technology report. A Rust Foundation announcement shares some highlights: - Trusted Publishing [GitHub Actions authentication using cryptographically signed tokens] fully launched on crates.io, enhancing supply chain security and streamlining workflows for maintainers. - Major progress on crate signing infrastructure using The Update Framework (TUF), including three full repository implementations and stakeholder consensus. - Integration of the Ferrocene Language Specification (FLS) into the Rust Project, marking a critical step toward a formal Rust language specification [and "laying the groundwork for broader safety certification and formal tooling."] - 75% reduction in CI infrastructure costs while maintaining contributor workflow stability. ["All Rust repositories are now managed through Infrastructure-as-Code, improving maintainability and security."] - Expansion of the Safety-Critical Rust Consortium, with multiple international meetings and advances on coding guidelines aligned with safety standards like MISRA. ["The consortium is developing practical coding guidelines, aligned tooling, and reference materials to support regulated industries — including automotive, aerospace, and medical devices — adopting Rust."] - Direct engagement with ISO C++ standards bodies and collaborative Rust-C++ exploration... The Foundation finalized its strategic roadmap, participated in ISO WG21 meetings, and initiated cross-language tooling and documentation planning. These efforts aim to unlock Rust adoption across legacy C++ environments without sacrificing safety. The Rust Foundation also acknowledges continued funding from OpenSSF's Alpha-Omega Project and "generous infrastructure donations from organizations like AWS, GitHub, and Mullvad VPN" to the Foundation's Security Initiative, which enabled advances like including GitHub Secret Scanning and automated incident response to "Trusted Publishing" and the integration of vulnerability-surfacing capabilities into crates.io. There was another announcement this week. In November AWS and the Rust Foundation crowdsourced "an effort to verify the Rust standard library" — and it's now resulted in a new formal verification tool called "Efficient SMT-based Context-Bounded Model Checker" (or ESBMCESBMC) This winning contribution adds ESBMC — a state-of-the-art bounded model checker — to the suite of tools used to analyze and verify Rust's standard library. By integrating through Goto-Transcoder, they enabled ESBMC to operate seamlessly in the Rust verification workflow, significantly expanding the scope and flexibility of verification efforts... This achievement builds on years of ongoing collaboration across the Rust and formal verification communities... The collaboration has since expanded. In addition to verifying the Rust standard library, the team is exploring the use of formal methods to validate automated C-to-Rust translations, with support from AWS. This direction, highlighted by AWS Senior Principal Scientist Baris Coskun and celebrated by the ESBMC team in a recent LinkedIn post, represents an exciting new frontier for Rust safety and verification tooling.

Read more of this story at Slashdot.