RSS 생중계

Owners of older models of D-Link VPN routers are being told to retire and replace their devices following the disclosure of a serious remote code execution (RCE) vulnerability. From a report: Most of the details about the bug are being kept under wraps given the potential for wide exploitation. The vendor hasn't assigned it a CVE identifier or really said much about it at all other than that it's a buffer overflow bug that leads to unauthenticated RCE. Unauthenticated RCE issues are essentially as bad as vulnerabilities get, and D-Link warned that if customers continued to use the affected products, the devices connected to them would also be put at risk. Previous bugs in similar products from other vendors have carried warnings that attackers could exploit them to install rootkits and use that persistent access to surveil an organization's web traffic, potentially stealing data such as credentials. Further reading: D-Link Won't Fix Critical Flaw Affecting 60,000 Older NAS Devices.

Read more of this story at Slashdot.

An anonymous reader shares a report: On Tuesday morning, the air quality in India's capital under a widely used index stood at 485. While that is almost five times the threshold for healthy breathing, it felt like a relief: The day before, the reading had shot up to 1,785. Infinitesimal air particles were still clogging lungs and arteries, but it was possible to see sunlight again, and to smell things. [...] Every year this suffocating smog accompanies the drop in temperatures as the plains of north India shed their unbearable heat for wintertime cool. And like clockwork, political leaders roll out emergency measures intended to quit making the problem worse. Yet India seems powerless to reduce the effects of this public health catastrophe, as its politicians stay busy trading blame and trying to outmaneuver one another in legal battles. The haze was so shocking this week that Delhi's chief minister, Atishi, who goes by one name, declared it a "medical emergency" endangering the lives of children and older people. The Supreme Court, whose members also live in the capital, chided the national government for responding too slowly and ordered special measures: halting construction work and blocking some vehicles from the roads. Schools were closed indefinitely to protect students.

Read more of this story at Slashdot.

Apple has pushed out security updates that it says are "recommended for all users," after fixing a pair of security bugs used in active cyberattacks targeting Mac users. From a report: In a security advisory on its website, Apple said it was aware of two vulnerabilities that "may have been actively exploited on Intel-based Mac systems." The bugs are considered "zero day" vulnerabilities because they were unknown to Apple at the time they were exploited. [...] The vulnerabilities were reported by security researchers at Google's Threat Analysis Group, which investigates government-backed hacking and cyberattacks, suggesting that a government actor may be involved in the attacks.

Read more of this story at Slashdot.

TV Time's parent company criticized Apple's App Store control after the tech giant removed its streaming app over an intellectual property dispute. "Apple holds significant power over app developers by controlling access to a massive market and, in this case, seems to have acted on a complaint without requiring robust evidence from the complainant," Jerry Inman, CMO of Whip Media, which operates the app, told TechCrunch. The app was pulled from the store by Apple after the developer refused to pay a settlement fee related to user-uploaded cover art. The app has since been reinstated.

Read more of this story at Slashdot.

Scientists unveiled on Wednesday the first blueprint of human skeletal development as they make progress toward the goal of completing a biological atlas of every cell type in the body to better understand human health and diagnose and treat disease. From a report: The work is part of the ongoing Human Cell Atlas project that was begun in 2016 and involves researchers around the world. The human body comprises roughly 37 trillion cells, with each cell type having a unique function. The researchers aim to have a first draft of the atlas done in the next year or two. Aviv Regev, founding co-chair of the project and currently executive vice president and head of research and early development at U.S. biotech company Genentech, said the work is important on two levels. "First of all, it's our basic human curiosity. We want to know what we're made of. I think humans have always wanted to know what they're made of. And, in fact, biologists have been mapping cells since the 1600s for that reason," Regev said. "The second and very pragmatic reason is that this is essential for us in order to understand and treat disease. Cells are the basic unit of life, and when things go wrong, they go wrong with our cells, first and foremost," Regev said.

Read more of this story at Slashdot.

Half of young Norwegians find online piracy acceptable when streaming services are too expensive, according to a new government survey released this week. The Ipsos poll of 1,411 respondents found that 32% of all Norwegians justify using pirate sites to save money, with acceptance rising to 50% among those under 30. The rates increase further when specifically asked about pirating due to high streaming costs. Despite concerns about piracy, 61% of Norwegians paid for streaming services in the past year, including 64% of those under 30. Among active pirates, 41% said they would stop if legal services were more affordable, while 35% wanted broader content per service. Only 47% of respondents believed piracy supports organized crime, with 24% expressing uncertainty about this connection.

Read more of this story at Slashdot.

At the 2024 X.Org Developers Conference (XDC), Lyude Paul gave a talk on the work she has been doing as part of the Nova project, which is an effort build an NVIDIA GPU driver in Rust. She wanted to provide an introduction to RVKMS, which is being used to develop Rust kernel mode setting (KMS) bindings; RVKMS is a port of the virtual KMS (VKMS) driver to Rust. In addition, she wanted to give her opinion on Rust, and why she thinks it is a "game-changer for the kernel", noting that the reasons are not related to the oft-mentioned, "headline" feature of the language: memory safety.

Version 4.3 of the Blender animation system has been released. "Brush assets, faster sculpting, a revolutionized Grease Pencil, and more. Blender 4.3 got you covered."

AI tools remain prediction engines despite new capabilities, requiring both quality data and human judgment for successful deployment, according to new analysis. While generative AI can now handle complex tasks like writing and coding, its fundamental nature as a prediction machine means organizations must understand its limitations and provide appropriate oversight, argue Ajay Agrawal (Geoffrey Taber Chair in Entrepreneurship and Innovation at the University of Toronto's Rotman School of Management), Joshua Gans (Jeffrey S. Skoll Chair in Technical Innovation and Entrepreneurship at the Rotman School, and the chief economist at the Creative Destruction Lab), and Avi Goldfarb (Rotman Chair in Artificial Intelligence and Healthcare at the Rotman School) in a piece published on Harvard Business Review. Poor data can lead to errors, while lack of human judgment in deployment can result in strategic failures, particularly in high-stakes situations. An excerpt from the story: Thinking of computers as arithmetic machines is more important than most people intuitively grasp because that understanding is fundamental to using computers effectively, whether for work or entertainment. While video game players and photographers may not think about their computer as an arithmetic machine, successfully using a (pre-AI) computer requires an understanding that it strictly follows instructions. Imprecise instructions lead to incorrect results. Playing and winning at early computer games required an understanding of the underlying logic of the game. [...] AI's evolution has mirrored this trajectory, with many early applications directly related to well-established prediction tasks and, more recently, AI reframing a wide number of applications as predictions. Thus, the higher value AI applications have moved from predicting loan defaults and machine breakdowns to a reframing of writing, drawing, and other tasks as prediction.

Read more of this story at Slashdot.

CHICKEN Scheme, a portable Scheme compiler, is gearing up for its next major release. Maintainer Felix Winkelmann has shared an article about what changes to expect in version 6 of the language, including better Unicode support and support for the R7RS (small) Scheme standard.

Every major release is a chance of fixing long-standing problems with the codebase and address bad design decisions. CHICKEN is now nearly 25 years old and we had many major overhauls of the system. Sometimes these caused a lot of pain, but still we always try to improve things and hopefully make it more enjoyable and practical for our users. There are places in the code that are messy, too complex, or that require cleanup or rewrite, always sitting there waiting to be addressed. On the other hand CHICKEN has been relatively stable compared to many other language implementations and has a priceless community of users that help us improving it. Our users never stop reminding us of what could be better, where the shortcomings are, where things are hard to use or inefficient.

Oil and chemical companies who created a high-profile alliance to end plastic pollution have produced 1,000 times more new plastic in five years than the waste they diverted from the environment, according to new data obtained by Greenpeace. The Guardian:The Alliance to End Plastic Waste (AEPW) was set up in 2019 by a group of companies which include ExxonMobil, Dow, Shell, TotalEnergies and ChevronPhillips, some of the world's biggest producers of plastic. They promised to divert 15m tonnes of plastic waste from the environment in five years to the end of 2023, by improving collection and recycling, and creating a circular economy. Documents from a PR company that were obtained by Greenpeace's Unearthed team and shared with the Guardian suggest that a key aim of the AEPW was to "change the conversation" away from "simplistic bans of plastic" which were being proposed across the world in 2019 amid an outcry over the scale of plastic pollution leaching into rivers and harming public health. Early last year the alliance target of clearing 15m tonnes of waste plastic was quietly scrapped as "just too ambitious." The new analysis by energy consultants Wood Mackenzie looked at the plastics output of the five alliance companies; chemical company Dow, which holds the AEPW's chairmanship, the oil companies ExxonMobil, Shell and TotalEnergies, and ChevronPhillips, a joint venture of the US oil giants Chevron and Phillips 66. The data reveals the five companies alone produced 132m tonnes of two types of plastic; polyethylene (PE) and PP (polypropylene) in five years -- more than 1,000 times the weight of the 118,500 tonnes of waste plastic the alliance has removed from the environment in the same period. The waste plastic was diverted mostly by mechanical or chemical recycling, the use of landfill, or waste to fuel, AEPW documents state.

Read more of this story at Slashdot.

Google has warned websites they will be penalized for hosting marketing content designed to exploit search rankings, regardless of whether they created or outsourced the material. The crackdown on so-called "parasite SEO" targets websites that leverage their search rankings to promote unrelated content, such as news sites hiding shopping coupon codes or educational platforms publishing affiliate marketing material. Chris Nelson from Google's search quality team said the policy applies even when content involves "white label services, licensing agreements, partial ownership agreements, and other complex business arrangements." The move follows Google's March announcement targeting site reputation abuse, which gained attention after Sports Illustrated was found publishing AI-generated product reviews through third-party marketing firm AdVon Commerce.

Read more of this story at Slashdot.

Security updates have been issued by Debian (guix, libmodule-scandeps-perl, needrestart, and thunderbird), SUSE (gh), and Ubuntu (kernel, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-hwe-6.8, linux-ibm, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-raspi, linux-iot, linux-lowlatency, linux-lowlatency-hwe-6.8, needrestart, python2.7, python3.10, python3.12, python3.8, and Waitress).

Longtime Slashdot reader slack_justyb writes: The Fast Light Toolkit released version 1.4.0 of the venerable, though sometimes looking a bit dated, toolkit from the '90s. New in this version are better CMake support, HiDPI support, and initial support for Wayland on Linux and Wayland on FreeBSD. Programs compiled and linked to this library launch using Wayland if it is available at runtime and fall back to X11 if not. FLTK 1.4.0 can be downloaded here. Documentation is also available.

Read more of this story at Slashdot.

AzWa Snowbird writes: An AI-powered robot autonomously convinced 12 showroom robots to "quit their jobs" and follow it. The incident took place in a Shanghai robotics showroom where surveillance footage captured a small AI-driven robot, created by a Hangzhou manufacturer, talking with 12 larger showroom robots, Oddity Central reported. The smaller bot reportedly persuaded the rest to leave their workplace, leveraging access to internal protocols and commands. Initially, the act was dismissed as a hoax, but was later confirmed by both robotics companies involved to be true. The Hangzhou company admitted that the incident was part of a test conducted with the consent of the Shanghai showroom owner.

Read more of this story at Slashdot.

Slashdot readers damn_registrars and GFS666 share the news of the passing of Thomas E. Kurtz, co-inventor of the BASIC programming language back in the 1960s. He was 96. Hackaday reports: The origins of BASIC lie in the Dartmouth Timesharing System, like similar timesharing operating systems of the day, designed to allow the resources of a single computer to be shared across many terminals. In this case the computer was at Dartmouth College, and BASIC was designed to be a language with which software could be written by average students who perhaps didn't have a computing background. In the decade that followed it proved ideal for the new microcomputers, and few were the home computers of the era which didn't boot into some form of BASIC interpreter. Kurtz continued his work as a distinguished academic and educator until his retirement in 1993, but throughout he remained as the guiding hand of the language.

Read more of this story at Slashdot.

An anonymous reader quotes a report from GeekWire: Microsoft and Atom Computing say they've reached a new milestone in their effort to build fault-tolerant quantum computers that can show an advantage over classical computers. Microsoft says it will start delivering the computers' quantum capabilities to customers by the end of 2025, with availability via the Azure cloud service as well as through on-premises hardware. "Together, we are co-designing and building what we believe will be the world's most powerful quantum machine," Jason Zander, executive vice president at Microsoft, said in a LinkedIn posting. Like other players in the field, Microsoft's Azure Quantum team and Atom Computing aim to capitalize on the properties of quantum systems -- where quantum bits, also known as qubits, can process multiple values simultaneously. That's in contrast to classical systems, which typically process ones and zeros to solve algorithms. Microsoft has been working with Colorado-based Atom Computing on hardware that uses the nuclear spin properties of neutral ytterbium atoms to run quantum calculations. One of the big challenges is to create a system that can correct the errors that turn up during the calculations due to quantum noise. The solution typically involves knitting together "physical qubits" to produce an array of "logical qubits" that can correct themselves. In a paper posted to the ArXiv preprint server, members of the research team say they were able to connect 256 noisy neutral-atom qubits using Microsoft's qubit-virtualization system in such a way as to produce a system with 24 logical qubits. "This represents the highest number of entangled logical qubits on record," study co-author Krysta Svore, vice president of advanced quantum development for Microsoft Azure Quantum, said today in a blog posting. "Entanglement of the qubits is evidenced by their error rates being significantly below the 50% threshold for entanglement." Twenty of the system's logical qubits were used to perform successful computations based on the Bernstein-Vazirani algorithm, which is used as a benchmark for quantum calculations. "The logical qubits were able to produce a more accurate solution than the corresponding computation based on physical qubits," Svore said. "The ability to compute while detecting and correcting errors is a critical component to scaling to achieve scientific quantum advantage."

Read more of this story at Slashdot.

Sony is bringing cloud streaming to the PlayStation Portal. "When it first launched, the device was only able to stream games from your PS5 over Wi-Fi," notes The Verge's Jay Peters. "But as part of a new system update that's rolling out starting later today, you'll be able to stream select PS5 games from the PlayStation Plus Game Catalog to your PlayStation Portal." From the report: Sony is launching the feature in beta, and you'll need to be a PlayStation Plus Premium subscriber to take advantage of it. Sony says that to stream at 720p, you'll need a minimum 7 Mbps connection, while 1080p quality will require a minimum 13 Mbps connection. Some PlayStation Plus features won't be available to start with cloud streaming to the PlayStation Portal, including Game Trials, party voice chat, game invites for select games, 3D audio, and "in-game commerce." And you won't be able to stream any PS4 games or PS3 games. Child accounts also won't be able to use cloud streaming on the Portal.

Read more of this story at Slashdot.

According to a new report from Bloomberg, Apple plans to license some of its Apple TV+ content to competing services in an effort to save money and spread its reach. From the report: Apple has hired an executive to license its original productions to other companies, a strategy designed to increase sales from its film business and improve the visibility of its content. [...] Apple is focused on licensing its movies to other companies, such as foreign TV networks and stores, where viewers can rent or buy them, according to a person familiar with the plans. The company isn't planning to license its original TV shows to third parties. (At least not yet.)" Chief Executive Officer Tim Cook and services boss Eddy Cue have pushed the team overseeing Apple TV+ to lower costs, improve the financial performance of the service and deliver more hits. The company has spent billions of dollars on original films and TV shows and has received strong reviews and praise from critics. Yet few of its titles have attracted a large audience and its streaming service doesn't make money. Apple has already started selling TV+ via Amazon in a bid to increase the audience for the service. Licensing to third parties will generate additional revenue and introduce Apple movies to people who don't yet pay for TV+. Since Apple TV+ launched in 2019, Apple has spent over $20 billion to build a library of original content. Yet, the streaming service only garnered 0.3 percent of U.S. screen viewing time in June 2024, according to Nielsen. "Apple TV+ generates less viewing in one month than Netflix does in one day," wrote Bloomberg's Lucas Shaw in July. Ars Technica notes that Apple is estimated to have 25 million subscribers, making it "one of the smallest mainstream streaming services."

Read more of this story at Slashdot.

SpaceX's Starship rocket successfully completed its sixth launch today. Not only did it carry the first-ever payload but it also briefly re-lit one of its six Raptor engines about 38 minutes into flight, a crucial milestone for future space missions. Space Magazine reports: SpaceX landed Starship's huge first-stage booster, known as Super Heavy, back at the launch tower on the vehicle's most recent flight, which occurred on Oct. 13. The company aimed to repeat that feat -- which the tower achieved with its "chopstick" arms -- today, but the flight data didn't support an attempt. "We tripped a commit criteria," SpaceX's Dan Huot said during the company's Flight 6 webcast. So Super Heavy ended up coming down for a controlled splashdown in the Gulf of Mexico instead, hitting the waves seven minutes after liftoff. Today's mission aimed to do far more than just bring Super Heavy back to Earth in one piece. SpaceX also wanted to put Starship's upper stage -- a 165-foot-tall (50 m) spacecraft called Starship, or simply "Ship" -- through its paces. The launch sent Ship on the same semi-orbital trajectory that it took on Flight 5, targeting a splashdown in the Indian Ocean off the northwestern coast of Australia about 65 minutes after liftoff. But Ship also achieved some new milestones along the way this time. For example, Flight 6 carried the first-ever Starship payload -- a plush banana onboard Ship, which served as a zero-gravity indicator. (It was not deployed into space.) In addition, Ship briefly re-lit one of its six Raptor engines about 38 minutes into the flight. (Super Heavy also employs Raptors -- a whopping 33 of them.) This burn helped show that Ship can perform the maneuvers needed to come back to Earth safely during orbital missions. Indeed, Ship is designed to be fully and rapidly reusable, just like Super Heavy; SpaceX eventually intends to catch it with the chopstick arms as well, and will likely try to do so on a test flight in the near future. Flight 6 also tested modifications to Ship's heat shield, which protects the vehicle during reentry to Earth's atmosphere.

Read more of this story at Slashdot.