RSS 생중계

According to Car and Driver, Hyundai has suffered a data breach that leaked the personal data of up to 2.7 million customers. The leak reportedly took place in February from Hyundai AutoEver, the company's IT affiliate. It includes customer names, driver's license numbers, and social security numbers. Longtime Slashdot reader sinij writes: Thanks to tracking modules plaguing most modern cars, that data likely includes the times and locations of customers' vehicles. These repeated breaches make it clear that, unlike smartphone manufacturers that are inherently tech companies, car manufacturers collecting your data are going to keep getting breached and leaking it.

Read more of this story at Slashdot.

Amazon announced that its satellite broadband project called Project Kuiper will now be known as Amazon Leo. GeekWire reports: Leo is a nod to "low Earth orbit," where Amazon has so far launched more than 150 satellites as part of a constellation that will eventually include more than 3,200. In a blog post, Amazon said the 7-year-old Project Kuiper began "with a handful of engineers and a few designs on paper" and like most early Amazon projects "the program needed a code name." The team was inspired by the Kuiper Belt, a ring of asteroids in the outer solar system. A new website for Amazon Leo proclaims "a new era of internet is coming," as Amazon says its satellites can help serve "billions of people on the planet who lack high-speed internet access, and millions of businesses, governments, and other organizations operating in places without reliable connectivity." Amazon said it will begin rolling out service once it's added more coverage and capacity to the network. Details about pricing and availability haven't been announced.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Guardian: The world is still on track for a catastrophic 2.6C increase in temperature as countries have not made sufficiently strong climate pledges, while emissions from fossil fuels have hit a record high, two major reports have found. Despite their promises, governments' new emission-cutting plans submitted for the Cop30 climate talks taking place in Brazil have done little to avert dangerous global heating for the fourth consecutive year, according to the Climate Action Tracker update (PDF). The world is now anticipated to heat up by 2.6C above preindustrial times by the end of the century -- the same temperature rise forecast last year. This level of heating easily breaches the thresholds set out in the Paris climate pact, which every country agreed to, and would set the world spiraling into a catastrophic new era of extreme weather and severe hardships. A separate report found the fossil fuel emissions driving the climate crisis will rise by about 1% this year to hit a record high, but that the rate of rise has more than halved in recent years. The past decade has seen emissions from coal, oil and gas rise by 0.8% a year compared with 2.0% a year during the decade before. The accelerating rollout of renewable energy is now close to supplying the annual rise in the world's demand for energy, but has yet to surpass it. [...] The new analyses also show a worrying weakening of the planet's natural carbon sinks. The scientists said the combined effects of global heating and the felling of trees have turned tropical forests in southeast Asia and large parts of South America from overall CO2 sinks into sources of the climate-heating gas. [...] The report projects that the level of CO2 in the atmosphere will reach 425ppm (parts per million) in 2025, compared with 280ppm in the preindustrial era. It would have been 8ppm lower if the carbon sinks had not been weakened. The GCP projection for 2025 is based on monthly data up to September and has proven accurate in the previous 19 annual reports.

Read more of this story at Slashdot.

Netflix is launching a new slate of TV-streamed party games that are all playable using your phone as the controller. The Verge reports: To start, Netflix is offering Boggle Party, Party Crasher: Fool Your Friends, Lego Party, Pictionary: Game Night, and Tetris Time Warp. A social deduction game based on the Knives Out series, Dead Man's Party: A Knives Out Game, is also part of this new slate but will launch at a later time. The streaming platform's approach to gaming has been unfocused, with the company bouncing between being a boutique development studio while also being a platform for premium and exclusive mobile gaming experiences. Offering party games on your TV seems like a better fit -- one that could allow Netflix to finally find its gaming footing.

Read more of this story at Slashdot.

Xpeng's flying-car subsidiary Aridge has begun trial production at the world's first dedicated flying-car factory in Guangzhou. Euronews reports: The 120,000-square-meter facility has produced its first detachable eVTOL aircraft for the modular "Land Aircraft Carrier." With an annual capacity of up to 10,000 modules, the factory will eventually assemble one aircraft every 30 minutes. Trial operations focus on process verification, equipment testing, and producing prototypes for airworthiness certification before moving into mass production.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: As generative AI content starts to fill our social apps, a project to bring back Vine's six-second looping videos is launching with Twitter co-founder Jack Dorsey's backing. On Thursday, a new app called diVine will give access to more than 100,000 archived Vine videos, restored from an older backup that was created before Vine's shutdown. The app won't just exist as a walk down memory lane; it will also allow users to create profiles and upload their own new Vine videos. However, unlike on traditional social media, where AI content is often haphazardly labeled, diVine will flag suspected generative AI content and prevent it from being posted. According to TechCrunch, a volunteer preservation group called the Archive Team saved Vine's content when it shut down in 2016. The only problem was that everything was stored in massive 40-50 GB binary blob files that were basically unusable for casual viewing. Evan Henshaw-Plath (who goes by the name Rabble), an early Twitter employee and member of Jack Dorsey's nonprofit "and Other Stuff," dug into those backup files to try and salvage as much as he could. He spent months writing big-data extraction scripts, reverse-engineering how the archived binaries were structured, and reconstructing the original video files, old user info, view counts, and more. "I wasn't able to get all of them out, but I was able to get a lot out and basically reconstruct these Vines and these Vine users, and give each person a new user [profile] on this open network," he said. Rabble estimates that through this process he was able to successfully recover 150,000-200,000 Vine videos from around 60,000 creators. diVine then rebuilt user profiles on top of the decentralized Nostr protocol so creators can reclaim their accounts, request takedowns, or upload missing videos. You can check out the app for yourself at diVine.video. It's available in beta form on both iOS and Android.

Read more of this story at Slashdot.

Longtime Slashdot reader dskoll shares a press release from Apple: Issey Miyake and Apple today unveiled iPhone Pocket. Inspired by the concept of "a piece of cloth," its singular 3D-knitted construction is designed to fit any iPhone as well as all pocketable items. When stretched, the open textile subtly reveals its contents and allows users to peek at their iPhone display. iPhone Pocket can be worn in a variety of ways -- handheld, tied onto bags, or worn directly on the body. Featuring a playful color palette, the short strap design is available in eight colors, and the long strap design in three colors. The "Long" sock variant comes in at only $229.95 and is available in three elegant colors: sapphire, cinnamon, and black. What do Slashdotters think of this very real product?

Read more of this story at Slashdot.

Apple is cutting its App Store fee from 30% to 15% for developers who join a new Mini Apps Partner Program, which requires using more of Apple's built-in technology to power lightweight "mini apps." "This includes using Apple software to register a user's purchase history, verify user ages and to process in-app purchases," reports CNBC. From the report: A "mini app" is a lightweight piece of software inside a third-party app store, like that of Discord's. These apps uses are built using web technology like HTML or Javascript. [...] Apple has argued that both developers and users are better off when using its technology and rules, instead of eschewing them to try to avoid fees. "This program is designed to help developers who host mini apps grow their business and further the availability of mini apps on the App Store -- all while providing a great customer experience," the company said in its announcement. [...] Participants in the new program will still have to provide Apple with information for each specific mini-app experience they offer.

Read more of this story at Slashdot.

LinkedIn is rolling out an AI-powered people search tool that lets users find connections by describing what they need instead of relying on names or titles. For example, you can enter a more descriptive search, such as "Northwestern alumni who work in entertaining marketing," or even pose a question, like "Who can help me understand the US work visa system." The Verge reports: LinkedIn senior director of product management Rohan Rajiv tells The Verge that the platform will rank results based on the connections you might have with someone, as well as their relevance to your search. [...] LinkedIn is rolling out AI-powered people search to Premium users in the US starting today, but the platform plans on bringing it to all users soon.

Read more of this story at Slashdot.

Greg Kroah-Hartman has announced the release of the 6.17.8 and 6.12.58 stable kernels. Each contains an important set of fixes. Users are advised to upgrade.

An anonymous reader quotes a report from TechCrunch: Jeff Bezos' Blue Origin has landed the booster of its New Glenn mega-rocket on a drone ship in the Atlantic Ocean on just its second attempt -- making it the second company to perform such a feat, following Elon Musk's SpaceX. It's an accomplishment that will help the new rocket system become an option to send larger payloads to space, the Moon, and beyond. Thursday's launch wasn't just about the landing attempt, though. Roughly 34 minutes after takeoff, the upper stage of New Glenn successfully deployed the rocket's first commercial payload: twin spacecraft for NASA that will travel to Mars to study the red planet's atmosphere. The pair of achievements are remarkable for the second-ever launch of such a massive rocket system. And it could put Blue Origin in position to compete with SpaceX, which dominates the world's launch market with its Falcon 9, Falcon Heavy, and Starship rockets. You can watch a recording of the launch here.

Read more of this story at Slashdot.

German Chancellor Friedrich Merz said Chinese suppliers such as Huawei will be excluded from the country's future telecommunication networks on security grounds as he pushes for more digital sovereignty. From a report: "We have decided within the government that everywhere it's possible we'll replace components, for example in the 5G network, with components we have produced ourselves," Merz told a business conference in Berlin on Thursday. "And we won't allow any components from China in the 6G network." Europe is increasingly concerned about its reliance on foreign technology, ranging from Asian semiconductors to US artificial intelligence and cloud infrastructure, as trade and geopolitical tensions threaten critical supply chains. Germany last year ordered telecom operators to remove Huawei equipment from their core networks, citing risks to national security. Berlin is now considering using public funds to pay Deutsche Telekom AG and others to strip out Chinese gear, Bloomberg News reported last month.

Read more of this story at Slashdot.

bobthesungeek76036 writes: Beijing's proposed regulation aims to tame rapid launches by forcing cars to boot up in a restricted performance mode after every ignition. Under a proposed update to the National Standard, every passenger car would need a default mode in which it takes no less than five seconds to reach 100 km/h (62 mph) at startup, unless the driver manually selects a quicker setting. The draft title "Technical Specifications for Power-Driven Vehicles Operating on Roads" appears to be part of a broader safety and road behavior initiative in China. It is intended to replace the current GB 7258-2017 standard that didn't impose such restrictions.

Read more of this story at Slashdot.

The Google Security Blog has a new post on just how well the use of Rust is working out for the Android project.

We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android's C and C++ code. But the biggest surprise was Rust's impact on software delivery. With Rust changes having a 4x lower rollback rate and spending 25% less time in code review, the safer path is now also the faster one.

Michael Burry, the investor made famous for his bet against the US housing market ahead of the 2008 financial crisis, is closing his hedge fund [non-paywalled source] as he warned that market valuations had become unhinged from fundamentals. From a report: Scion Asset Management this week terminated its registration with US securities regulators, according to a Securities and Exchange Commission database. Burry told investors that he would "liquidate the funds and return capital -- but for a small audit/tax holdback -- by year's end," according to two people with direct knowledge of a letter he sent to investors. "My estimation of value in securities is not now, and has not been for some time, in sync with the markets," said the letter, which was dated October 27. The move to close Scion comes as some investors have become concerned that markets are trading at frothy levels after years of strong returns. Those jitters flared up on Thursday, with the tech-heavy Nasdaq Composite sliding nearly 2%. Still, the big gains for tech stocks this year, driven by hopes that artificial intelligence will transform business and society, have left valuations at lofty heights compared with their average in recent years.

Read more of this story at Slashdot.

China's state-sponsored hackers used AI technology from Anthropic to automate break-ins of major corporations and foreign governments during a September hacking campaign, the company said Thursday. From a report: The effort focused on dozens of targets and involved a level of automation that Anthropic's cybersecurity investigators had not previously seen, according to Jacob Klein, the company's head of threat intelligence. Hackers have been using AI for years now to conduct individual tasks such as crafting phishing emails or scanning the internet for vulnerable systems, but in this instance 80% to 90% of the attack was automated, with humans only intervening in a handful of decision points, Klein said. The hackers conducted their attacks "literally with the click of a button, and then with minimal human interaction," Klein said. Anthropic disrupted the campaigns and blocked the hackers' accounts, but not before as many as four intrusions were successful. In one case, the hackers directed Anthropic's Claude AI tools to query internal databases and extract data independently.

Read more of this story at Slashdot.

An anonymous reader shares a report: Robinhood Markets is betting its Gen Z and millennial clientele are as eager to send out for delivery of a wad of cash as they are to order pizza or a pint of ice cream. The brokerage is joining with food-and-drink delivery app Gopuff to allow customers to withdraw cash from their Robinhood bank accounts and have it brought right to their door. For a $6.99 delivery fee -- or $2.99 if they have more than $100,000 in assets across their Robinhood accounts -- users can skip the ATM and have money delivered in a sealed paper bag while they are at home. It is a new feature that Robinhood first teased in March, when Chief Executive Vlad Tenev unveiled the company's plans to roll out many traditional and -- as with its cash-delivery service -- unconventional banking services.

Read more of this story at Slashdot.

The SUSE Security Team has published an in-depth article on its findings after reviewing a D-Bus service contained in LightDM Greeter by KDE (the lightdm-kde-greeter package) for addition to openSUSE Tumbleweed. The team found a privilege escalation from the lightdm service user to root, as well as other attack vectors in the service:

In agreement with upstream, we assigned CVE-2025-62876 to track the lightdm service user to root privilege escalation aspect described in this report. The severity of the issue is low, since it only affects defense-in-depth (if the lightdm service user were compromised) and the problematic logic can only be reached and exploited if triggered interactively by a privileged user.

The fixes are contained in the 6.0.4 release of the project.

Version 145 of the Thunderbird email client has been released. Notable changes in this release include enabling DNS over HTTPS, support for Microsoft Exchange via Exchange Web Services, and quite a few bug fixes. As of 145, the project is no longer shipping 32-bit binaries for Linux on x86.

Mozilla announced on Thursday that it is building an AI Window for Firefox, a new opt-in browsing mode that will let users interact with an AI assistant and chatbot. The feature will become one of three browsing experiences in Firefox alongside the existing classic and private windows. Users will be able to select which AI model they want to use in the AI Window, according to a post on the Mozilla Connect forum. The company opened a waitlist for users who want to receive updates and be among the first to test the feature. Mozilla described the AI Window as an "intelligent and user-controlled space" that it is developing in the open through community feedback. Users who try the feature and decide against it can switch it off entirely.

Read more of this story at Slashdot.