RSS 생중계

The Debian Project Leader election results have been announced. Andreas Tille has been re-elected and will serve another term through April 2026. LWN looked at the election and candidates in early April.

An anonymous reader quotes a report from Ars Technica: Russian military personnel are being targeted with recently discovered Android malware that steals their contacts and tracks their location. The malware is hidden inside a modified app for Alpine Quest mapping software, which is used by, among others, hunters, athletes, and Russian personnel stationed in the war zone in Ukraine. The app displays various topographical maps for use online and offline. The trojanized Alpine Quest app is being pushed on a dedicated Telegram channel and in unofficial Android app repositories. The chief selling point of the trojanized app is that it provides a free version of Alpine Quest Pro, which is usually available only to paying users. The malicious module is named Android.Spy.1292.origin. In a blog post, researchers at Russia-based security firm Dr.Web wrote: "Because Android.Spy.1292.origin is embedded into a copy of the genuine app, it looks and operates as the original, which allows it to stay undetected and execute malicious tasks for longer periods of time. Each time it is launched, the trojan collects and sends the following data to the C&C server: - the user's mobile phone number and their accounts; - contacts from the phonebook; - the current date; - the current geolocation; - information about the files stored on the device; - the app's version." If there are files of interest to the threat actors, they can update the app with a module that steals them. The threat actors behind Android.Spy.1292.origin are particularly interested in confidential documents sent over Telegram and WhatsApp. They also show interest in the file locLog, the location log created by Alpine Quest. The modular design of the app makes it possible for it to receive additional updates that expand its capabilities even further.

Read more of this story at Slashdot.

South Korea's data protection authority said on Thursday that Chinese artificial intelligence startup DeepSeek transferred user information and prompts without permission when the service was still available for download in the country's app market. From a report: The Personal Information Protection Commission said in a statement that Hangzhou DeepSeek Artificial Intelligence Co Ltd did not obtain user consent while transferring personal information to a number of companies in China and the United States at the time of its South Korean launch in January.

Read more of this story at Slashdot.

An anonymous reader shares a report: Apple will remove its secret robotics unit from the command of its artificial intelligence chief, the latest shake-up in response to the company's AI struggles. Apple plans to relocate the robotics team from John Giannandrea's AI organization to the hardware division later this month, according to people with knowledge of the move. That will place it under Senior Vice President John Ternus, who oversees hardware engineering, said the people, who asked not to be identified because the change isn't public. The pending shift will mark the second major project to be removed from Giannandrea in the past month: The company stripped the flailing Siri voice assistant from his purview in March.

Read more of this story at Slashdot.

India's capital New Delhi plans to limit gasoline and diesel-powered cars a family can buy as well as ban sales of fuel-guzzling motorbikes and scooters, according to a draft policy aimed at cleaning up one of the world's most polluted cities. From a report: The measures represent one of the most drastic steps the city has lined up to tackle pollution, which often forces local authorities to ban some construction, shut schools and disrupt flights in the city of more than 30 million people during the winter season. Under Delhi's new electric vehicle policy, the city government will also waive some local taxes on the purchase of hybrids, putting them on par with concessions given to EVs, while imposing a new levy of 0.5 rupees ($0.0059) on every litre of petrol sales, according to the 74-page draft seen by Reuters. The primary objective "is to unlock the next phase of EV adoption, reduce air pollution and contribute to India's energy independence and net-zero targets," the draft stated.

Read more of this story at Slashdot.

Grand Theft Auto V topped Twitch viewership charts in 2024 with a staggering 1.4 billion hours watched, according to data released by the streaming platform. The 11-year-old game outperformed all competitors, including League of Legends, which also surpassed the billion-hour mark. Competitive shooters filled the remaining top spots, with Valorant recording 804 million hours, Fortnite exceeding 500 million, and Call of Duty reaching 451 million hours watched. V-Tubers -- streamers using animated avatars instead of showing their faces -- saw viewership increase by 10% year-over-year, accumulating over a billion hours watched collectively.

Read more of this story at Slashdot.

Google's search AI is confidently generating explanations for nonexistent idioms, once again revealing fundamental flaws in large language models. Users discovered that entering any made-up phrase plus "meaning" triggers AI Overviews that present fabricated etymologies with unwarranted authority. When queried about phrases like "a loose dog won't surf," Google's system produces detailed, plausible-sounding explanations rather than acknowledging these expressions don't exist. The system occasionally includes reference links, further enhancing the false impression of legitimacy. Computer scientist Ziang Xiao from Johns Hopkins University attributes this behavior to two key LLM characteristics: prediction-based text generation and people-pleasing tendencies. "The prediction of the next word is based on its vast training data," Xiao explained. "However, in many cases, the next coherent word does not lead us to the right answer."

Read more of this story at Slashdot.

Male college enrollment in Lake County, Ohio plummeted by more than 15% over the last decade -- the steepest decline among any large U.S. county. Nationwide, men now constitute virtually the entirety of the 1.2 million student drop in college attendance between 2011 and 2022. Financial concerns dominate decision-making, with even public in-state education costing approximately $25,000 annually. One high school senior secured a $15/hour collision repair job, Bloomberg reports, calculating he'll earn "upwards of a grand every other week" while avoiding student debt. Social media significantly influences these choices. "You see a lot of influencers saying you don't need to go to college, and when people see that, they listen," explained one student from Perry High School.

Read more of this story at Slashdot.

US government agencies and Fortune 500 companies are turning to AI to modernize mission-critical systems built on COBOL, a programming language dating back to the late 1950s. The US Social Security Administration plans a three-year, $1 billion AI-assisted upgrade of its legacy COBOL codebase [alternative source], according to Bloomberg. Treasury Secretary Scott Bessent has repeatedly stressed the need to overhaul government systems running on COBOL. As experienced programmers retire, organizations face growing challenges maintaining these systems that power everything from banking applications to pension disbursements. Engineers now use tools like ChatGPT and IBM's watsonX to interpret COBOL code, create documentation, and translate it to modern languages.

Read more of this story at Slashdot.

The software-as-a-service industry is undergoing a fundamental transformation, abandoning the decades-old "per seat" licensing model in favor of usage-based pricing structures. This shift, Business Insider reports, is primarily driven by the astronomical compute costs associated with new "reasoning" AI models that power modern enterprise software. Unlike traditional generative AI, these reasoning models execute multiple computational loops to check their work -- a process called inference-time compute -- dramatically increasing token usage and operational expenses. OpenAI's o3-high model reportedly consumes 1,000 times more tokens than its predecessor, with a single benchmark response costing approximately $3,500, according to Barclays. Companies including Bolt.new, Vercel, and Monday.com have already implemented usage-based or hybrid pricing models that tie costs directly to AI resource consumption. ServiceNow maintains primarily seat-based pricing but has added usage meters for extreme cases. "When it goes beyond what we can credibly afford, we have to have some kind of meter," ServiceNow CEO Bill McDermott said, while emphasizing that customers "still want seat-based predictability."

Read more of this story at Slashdot.

A Government Accountability Office report released this week reveals generative AI systems consume staggering amounts of water, with 250 million daily queries requiring over 1.1 million gallons -- all while companies provide minimal transparency about resource usage. The 47-page analysis [PDF] found cooling data centers -- which demand between 100-1000 megawatts of power -- constitutes 40% of their energy consumption, a figure expected to rise as global temperatures increase. Water usage varies dramatically by location, with geography significantly affecting both water requirements and carbon emissions. Meta's Llama 3.1 405B model has generated 8,930 metric tons of carbon, compared to Google's Gemma2 at 1,247.61 metric tons and OpenAI's GPT3 at 552 metric tons. The report confirms generative AI searches cost approximately ten times more than standard keyword searches. The GAO asserted about persistent transparency problems across the industry, noting these systems remain "black boxes" even to their designers.

Read more of this story at Slashdot.

The European Union has announced details of new mandatory labels for smartphones and tablets sold in the bloc, which include ratings for energy efficiency, durability, and repairability. From a report: Hardware will also have to meet new "ecodesign requirements" to be sold in the EU, including a requirement to make spare parts available for repair. The labels, which will be required for any devices that go on sale from June 20th onwards, are similar to existing ones for home appliances and TVs. They display the product's energy efficiency rating, on a scale from A to G, along with battery life, the number of charge cycles the battery is rated for, letter grades for durability and repairability, and any applicable IP rating for protection from dust and water.

Read more of this story at Slashdot.

Microsoft has instituted a new "globally consistent" performance improvement process. According to internal documents, employees flagged as underperformers now face two options: enter a performance improvement plan with "clear expectations and a timeline for improvement" or accept a "Global Voluntary Separation Agreement" worth 16 weeks' pay. Affected employees have five days to decide, and those choosing the improvement plan forfeit the severance option. The program, announced in an email from new Chief People Officer Amy Coleman, operates year-round to "address performance issues, while offering employees choice."

Read more of this story at Slashdot.

New compiler releases often bring with them new warnings; those warnings are usually welcome, since they help developers find problems before they turn into nasty bugs. Adapting to new warnings can also create disruption in the development process, though, especially when an important developer upgrades to a new compiler at an unfortunate time. This is just the scenario that played out with the 6.15-rc3 kernel release and the implementation of -Wunterminated-string-initialization in GCC 15.

Sometimes worms have a tendency to multiply once their can is opened. James Bottomley recently encountered that situation; he led a session in the filesystem track at the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF) to discuss filesystem behavior with respect to suspending and resuming the system. As he noted in his topic proposal, he came at the problem because he needed a way to resynchronize the contents of efivarfs after a system resume and thought there should be an API available to use. But, as the resulting thread shows, the filesystem freeze and thaw code had never been used by the system-wide suspend and resume code. Due to a scheduling mixup, though, several of us missed Bottomley's session, including Luis Chamberlain who has been working on hooking those two pieces up; what follows is largely from a second session that Chamberlain led, with some background information from the topic-proposal discussion and an email exchange with Bottomley.

BrianFagioli writes: ARMO, the company behind Kubescape, has uncovered what could be one of the biggest blind spots in Linux security today. The company has released a working rootkit called "Curing" that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught by many of the detection solutions currently on the market. At the heart of the issue is the heavy reliance on monitoring system calls, which has become the go-to method for many cybersecurity vendors. The problem? Attackers can completely sidestep these monitored calls by leaning on io_uring instead. This clever method could let bad actors quietly make network connections or tamper with files without triggering the usual alarms.

Read more of this story at Slashdot.

Security updates have been issued by Debian (haproxy and openrazer), Fedora (c-ares and mingw-poppler), Red Hat (thunderbird), SUSE (epiphany, ffmpeg-6, gopass, and libsoup-3_0-0), and Ubuntu (erlang, haproxy, libapache2-mod-auth-openidc, libarchive, linux, linux-aws, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-raspi, linux, linux-aws, linux-azure, linux-azure-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-aws-6.8, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure-fips, linux-gcp, linux-gke, linux-gkeop, linux-gcp-6.8, linux-ibm-5.15, linux-intel-iot-realtime, linux-realtime, linux-intel-iotg-5.15, linux-realtime, perl, and yelp, yelp-xsl).

An anonymous reader quotes a report from the Washington Post: Oil and gas companies are facing hundreds of lawsuits around the world testing whether they can be held responsible for their role in causing climate change. Now, two scientists say they've built a tool that can calculate how much damage each company's planet-warming pollution has caused -- and how much money they could be forced to pay if they're successfully sued. Collectively, greenhouse emissions from 111 fossil fuel companies caused the world $28 trillion in damage from extreme heat from 1991 to 2020, according to a paper published Wednesday in Nature. The new analysis could fuel an emerging legal fight.The authors, Dartmouth associate professor Justin Mankin and Chris Callahan, a postdoctoral researcher at Stanford University, say their model can determine a specific company's share of responsibility over any time period. [...] Callahan and Mankin's work combines all of these steps -- estimating a company's historical emissions, figuring out how much those emissions contributed to climate change and calculating how much economic damage climate change has caused -- into one "end-to-end" model that links one polluter's emissions to a dollar amount of economic damage from extreme heat. By their calculation, Saudi Aramco is on the hook for $2.05 trillion in economic losses from extreme heat from 1991 to 2020. Russia's Gazprom is responsible for $2 trillion, Chevron for $1.98 trillion, ExxonMobil for $1.91 trillion and BP for $1.45 trillion. Industry groups and companies tend to object to the methodologies of attribution science. They could seek to contest the assumptions that went into each step of Mankin and Callahan's model. Indeed, every step in that process introduces some room for error, and stringing together all of those steps compounds the uncertainty in the model, according to Delta Merner, lead scientist at theScience Hub for Climate Litigation, which connects scientists and lawyers bringing climate lawsuits. She also mentioned that the researchers relied on a commonly used but simplified climate model known as the Finite Amplitude Impulse Response (FAIR) model. "It is robust for the purpose of what the study is doing," Merner said, "but these models do make assumptions about climate sensitivity, about carbon cycle behavior, energy balance, and all of the simplifications in there do introduce some uncertainty." The exact dollar figures in the paper aren't intended as gospel. But outside scientists said Mankin and Callahan use well-established, peer-reviewed datasets and climate models for every step in their process, and they are transparent about the uncertainty in the numbers.

Read more of this story at Slashdot.

To celebrate the Hubble Space Telescope's 35th anniversary in orbit, NASA and ESA released a series of new, out-out-of-this-world images spanning planets, nebulae, and galaxies. From a press release: Hubble today is at the peak of its scientific return thanks to the dedication, perseverance and skills of engineers, scientists and mission operators. Astronaut shuttle crews gallantly chased and rendezvoused with Hubble on five servicing missions from 1993 to 2009. The astronauts, including ESA astronauts on two of the servicing missions, upgraded Hubble's cameras, computers and other support systems. By extending Hubble's operational life the telescope has made nearly 1.7 million observations, looking at approximately 55,000 astronomical targets. Hubble discoveries have resulted in over 22,000 papers and over 1.3 million citations as of February 2025. All the data collected by Hubble is archived and currently adds up to over 400 terabytes. The demand for observing time remains very high with 6:1 oversubscriptions, making it one of the most in-demand observatories today. Hubble's long operational life has allowed astronomers to see astronomical changes spanning over three decades: seasonal variability on the planets in our solar system, black hole jets traveling at nearly the speed of light, stellar convulsions, asteroid collisions, expanding supernova bubbles, and much more.

Read more of this story at Slashdot.

Researchers in Germany successfully demonstrated coherent quantum communications over 254 km of existing commercial telecom fiber, marking the first real-world deployment of such a system without cryogenic cooling. Phys.Org reports: Their system uses a coherence-based twin-field quantum key distribution, which facilitates the distribution of secure information over long distances. The quantum communications network was deployed over three telecommunication data centers in Germany (Frankfurt, Kehl and Kirchfeld), connected by 254 km of commercial optical fiber -- a new record distance for real-world and practical quantum key distribution, according to the authors. This demonstration indicates that advanced quantum communications protocols that exploit the coherence of light can be made to work over existing telecom infrastructure. The research has been published in the journal Nature.

Read more of this story at Slashdot.