RSS 생중계

Security updates have been issued by Debian (ffmpeg, firefox-esr, libsndfile, and rear), Fedora (httpd, perl-CGI-Simple, and tinyproxy), Oracle (firefox, kernel, libsoup, mysql8.4, tigervnc, tomcat, tomcat9, and uek-kernel), SUSE (alloy, curl, dovecot24, fontforge, glib2, himmelblau, java-17-openjdk, java-21-openjdk, kernel, krb5, lasso, libvirt, mozjs128, mysql-connector-java, nvidia-open-driver-G07-signed-check, openssh, poppler, postgresql17, postgresql18, python-cbor2, python-Django, python310, python311-Django, runc, strongswan, tomcat11, and xwayland), and Ubuntu (binutils, libpng1.6, linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-6.14, linux-gcp, linux-hwe-6.14, linux-raspi, linux, linux-aws, linux-gcp, linux-realtime, and qtbase-opensource-src).

Tourists from dozens of countries including the UK could be asked to provide a five-year social media history as a condition of entry to the United States, under a new proposal unveiled by American officials. From a report: The new condition would affect people from dozens of countries who are eligible to visit the US for 90 days without a visa, as long as they have filled out an Electronic System for Travel Authorization (ESTA) form. Since returning to the White House in January, President Donald Trump has moved to toughen US borders more generally - citing national security as a reason. Analysts say the new plan could pose an obstacle to potential visitors, or harm their digital rights. Asked whether the proposal could lead to a steep drop-off in tourism to the US, Trump said he was not concerned. "No. We're doing so well," the president said on Wednesday. "We just want people to come over here, and safe. We want safety. We want security. We want to make sure we're not letting the wrong people come enter our country."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Axios: OpenAI says the cyber capabilities of its frontier AI models are accelerating and warns Wednesday that upcoming models are likely to pose a "high" risk, according to a report shared first with Axios. The models' growing capabilities could significantly expand the number of people able to carry out cyberattacks. OpenAI said it has already seen a significant increase in capabilities in recent releases, particularly as models are able to operate longer autonomously, paving the way for brute force attacks. The company notes that GPT-5 scored a 27% on a capture-the-flag exercise in August, GPT-5.1-Codex-Max was able to score 76% last month. "We expect that upcoming AI models will continue on this trajectory," the company says in the report. "In preparation, we are planning and evaluating as though each new model could reach 'high' levels of cybersecurity capability as measured by our Preparedness Framework." "High" is the second-highest level, below the "critical" level at which models are unsafe to be released publicly. "What I would explicitly call out as the forcing function for this is the model's ability to work for extended periods of time," said OpenAI's Fouad Matin.

Read more of this story at Slashdot.

schwit1 shares a report from CBS News: perm from a donor who unknowingly carried a cancer-causing gene has been used to conceive nearly 200 babies across Europe, an investigation by 14 European public service broadcasters, including CBS News' partner network BBC News, has revealed. Some children conceived using the sperm have already died from cancer, and the vast majority of those who inherited the gene will develop cancer in their lifetimes, geneticists said. The man carrying the gene passed screening checks before he became a donor at the European Sperm Bank when he was a student in 2005. His sperm has been used by women trying to conceive for 17 years across multiple countries. The cancer-causing mutation occurred in the donor's TP53 gene -- which prevents cells in the body from turning cancerous -- before his birth, according to the investigation. It causes Li Fraumeni syndrome, which gives affected people a 90% chance of developing cancers, particularly during childhood, as well as breast cancer in later life. Up to 20% of the donor's sperm contained the mutated TP53 gene. Any children conceived with affected sperm will have the dangerous mutation in every cell of their body. The affected donor sperm was discovered when doctors seeing children with cancers linked to sperm donation raised concerns at this year's European Society of Human Genetics. At the time, 23 children with the genetic mutation had been discovered, out of 67 children linked to the donor. Ten of those children with the mutation had already been diagnosed with cancer. Freedom of Information requests submitted by journalists across multiple countries revealed at least 197 children were affected, though it is not known how many inherited the genetic mutation. More affected children could be discovered as more data becomes available.

Read more of this story at Slashdot.

NASA has lost contact with its MAVEN Mars orbiter after it passed behind Mars. When it remerged from behind the planet, the spacecraft never resumed communications. SpaceNews reports: MAVEN launched in November 2013 and entered orbit around Mars in September 2014. The spacecraft's primary science mission is to study the planet's upper atmosphere and interactions with the solar wind, including how the atmosphere escapes into space. That is intended to help scientists understand how the planet changes from early in its history, when it had a much thicker atmosphere and was warm enough to support liquid water on its surface. MAVEN additionally serves as a communications relay, using a UHF antenna to link the Curiosity and Perseverance rovers on the Martian surface with the Deep Space Network. NASA's Mars Odyssey and Mars Reconnaissance Orbiter spacecraft also serve as communications relays for the rovers, but are both significantly older than MAVEN. The spacecraft has suffered some technical problems in the past, notably with its inertial measurement units (IMUs) used for navigation. In 2022, MAVEN switched to an "all-stellar" navigation system to minimize the use of the IMUs. MAVEN has enough propellant to maintain its orbit through at least the end of the decade. NASA's fiscal year 2026 budget proposal, though, zeroed out funding for MAVEN, which cost $22.6 million to operate in 2024. MAVEN was one of several missions "operating well past the end of prime mission" the proposal would terminate, despite MAVEN's role as a communications relay.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Apple on Wednesday released its annual list of the most downloaded apps and games for the year. For the U.S. market, OpenAI's ChatGPT topped the ranks of free iPhone apps (not including games) with the most installs in 2025. The AI app was followed by Threads, Google, TikTok, WhatsApp, Instagram, YouTube, Google Maps, Gmail, and Google's Gemini. ChatGPT made it to No. 4 last year, but the top spot was taken by Chinese shopping app Temu. In 2023, the AI app didn't make the top-10 list despite being released on the iPhone in May 2023 to a strong debut.

Read more of this story at Slashdot.

A startup called Operation Bluebird is petitioning the US Patent and Trademark Office to strip X Corp of the "Twitter" and "tweet" trademarks, hoping to relaunch a new Twitter with the old brand, bird logo, and "town square" vibe. "The TWITTER and TWEET brands have been eradicated from X Corp.'s products, services, and marketing, effectively abandoning the storied brand, with no intention to resume use of the mark," the petition states. "The TWITTER bird was grounded." Ars Technica reports: If successful, two leaders of the group tell Ars, Operation Bluebird would launch a social network under the name Twitter.new, possibly as early as late next year. (Twitter.new has created a working prototype and is already inviting users to reserve handles.) Michael Peroff, an Illinois attorney and founder of Operation Bluebird, said that in the intervening years, more Twitter-like social media networks have sprung up or gained traction -- like Threads, Mastodon, and Bluesky. But none have the scale or brand recognition that Twitter did prior to Musk's takeover. "There certainly are alternatives," Peroff said. "I don't know that any of them at this point in time are at the scale that would make a difference in the national conversation, whereas a new Twitter really could." Similarly, Peroff's business partner, Stephen Coates, an attorney who formerly served as Twitter's general counsel, said that Operation Bluebird aims to recreate some of the magic that Twitter once had. "I remember some time ago, I've had celebrities react to my content on Twitter during the Super Bowl or events," he told Ars. "And we want that experience to come back, that whole town square, where we are all meshed in there." "Mere 'token use' won't be enough to reserve the mark," said Mark Lemley, a Stanford Law professor and expert in trademark law. "Or [X] could defend if it can show that it plans to go back to using Twitter. Consumers obviously still know the brand name. It seems weird to think someone else could grab the name when consumers still associate it with the ex-social media site of that name. But that's what the law says."

Read more of this story at Slashdot.

Inside this week's LWN.net Weekly Edition:

• Front: Rust in CPython; Python frozendict; Bazzite; IETF post-quantum disagreement; Distrobox; 6.19 merge window; Leaving the TAB.
• Briefs: Let's Encrypt retrospective; PKI infrastructure; Rust in kernel to stay; CNA series; Alpine 3.23.0; cmocka 2.0; Firefox 146; 2024 Free Software Awards; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

EU regulators say Google's Play Store changes still don't meet fairness rules and are preparing a potentially hefty 2026 fine unless Google makes deeper concessions. Reuters reports: Google Play has been in the European Commission's crosshairs since March, with regulators singling out technical restrictions preventing app developers from steering users to other channels for cheaper offers. Another issue is the service fee charged by Google for facilitating an app developer's initial acquisition of a new customer via Google Play which the regulator said goes beyond what is justified. Tweaks to Google Play announced in August to make it easier for app developers to direct customers to other channels and choose a fee model are still falling short, the people said, with the EU antitrust regulator viewing Apple's recent changes to its App Store as a benchmark. [...] Google can still offer to make more changes before regulators impose a fine, likely in the first quarter of the next year, the people said, adding that the timing of any sanction can still change. "We continue to work closely with the European Commission in its ongoing investigation but have serious concerns that further changes would put Android and Play users at risk of malware, scams and data theft. Unlike iOS, Android is already open by design," a Google spokesperson said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: On Tuesday, India's Department for Promotion of Industry and Internal Trade released a proposed framework that would give AI companies access to all copyrighted works for training in exchange for paying royalties to a new collecting body composed of rights-holding organizations, with payments then distributed to creators. The proposal argues that this "mandatory blanket license" would lower compliance costs for AI firms while ensuring that writers, musicians, artists, and other rights holders are compensated when their work is scraped to train commercial models. [...] The eight-member committee, formed by the Indian government in late April, argues the system would avoid years of legal uncertainty while ensuring creators are compensated from the outset. Defending the system, the committee says in a 125-page submission (PDF) that a blanket license "aims to provide an easy access to content for AI developers reduce transaction costs [and] ensure fair compensation for rightsholders," calling it the least burdensome way to manage large-scale AI training. The submission adds that the single collecting body would function as a "single window," eliminating the need for individual negotiations and enabling royalties to flow to both registered and unregistered creators.

Read more of this story at Slashdot.

Qualcomm has acquired RISC-V startup Ventana to strengthen its CPU ambitions beyond mobile, "reinforcing its commitment and leadership in the development of the RISC-V standard and ecosystem," the company said in a press release. CRN Magazine reports: The San Diego-based company said Ventana's expertise in RISC-V, a free and open alternative to the Arm and x86 instruction set architectures, will enhance its CPU engineering capabilities and complement "existing efforts to develop custom Oryon CPU technology." Financial terms of the deal were not disclosed. Qualcomm, which has already been using RISC-V for some products outside the PC and server markets, said Ventana's contributions will boost its "technology leadership in the AI era across all businesses," indicating the broad impact expected by this acquisition. "We believe the RISC-V instruction set architecture has the potential to advance the frontier on CPU technology, enabling innovation across products," Durga Malladi, executive vice president and general manager of technology planning, edge solutions and data center for Qualcomm, said in a statement. "The acquisition of Ventana Micro Systems marks a pivotal step in our journey to deliver industry-leading RISC-V-based CPU technology across products." Further reading: Qualcomm Is Buying Arduino, Releases New Raspberry Pi-Esque Arduino Board

Read more of this story at Slashdot.

Longtime Slashdot reader MadCow42 writes: Canonical just announced that they're packaging AMD's ROCm libraries (for AIML and HPC with both data-center GPUs as well as desktop/laptop GPUs), directly into the Ubuntu Universe archive. You can run ROCm on Ubuntu today but you have to install it via a script from AMD and manually remove and reinstall for any upgrades or bug fixes. Having it in Ubuntu as a normal Debian package will make it much easier to install and also to maintain in the long run via normal apt tooling ('apt upgrade'). This also means that ROCm can be an automatically-installed dependency for other packages, which doesn't happen today. And, interestingly, Canonical has committed to providing long-term-support for ROCm in Ubuntu -- which is particularly exciting for edge and IoT devices that may have a long life in the field and need regular security patches and updates.

Read more of this story at Slashdot.

Adobe is integrating Photoshop, Express, and Acrobat directly into ChatGPT so users can edit photos, design graphics, and tweak PDFs through the chatbot. The Verge reports: The Adobe apps are free to use, and can be activated by typing the name of the app alongside an uploaded file and conversational instruction, such as "Adobe Photoshop, help me blur the background of this image." ChatGPT users won't have to specify the name of the app again during the same conversation to make additional changes. Depending on the instructions, Adobe's apps may offer a selection of results to choose from, or provide a UI element that the user can manually control -- such as Photoshop sliders for adjusting contrast and brightness. The ChatGPT apps don't provide the full functionality of Adobe's desktop software. Adobe says the Photoshop app can edit specific sections of images, apply creative effects, and adjust image settings like brightness, contrast and exposure. Acrobat in ChatGPT can edit existing PDFs, compress and convert other documents into a PDF format, extract text or tables, and merge multiple files together. The Adobe Express app allows ChatGPT users to both generate and edit designs, such as posters, invitations, and social media graphics. Everything in the design can be edited without leaving ChatGPT, from replacing text or images, to altering colors and animating specific sections. If ChatGPT users do want more granular control over a project they started in the chatbot, those photos, PDFs, and designs can be opened directly in Adobe's native apps to pick up where they left off.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: On Monday, research analyst MoffettNathanson released its "Cord-Cutting Monitor Q3 2025: Signs of Life?" report. It found that the pay TV operators, including cable companies, satellite companies, and virtual multichannel video programming distributors (vMVPDs) like YouTube TV and Fubo, added 303,000 net subscribers in Q3 2025. According to the report, "There are more linear video subscribers now than there were three months ago. That's the first time we've been able to say that since 2017." In Q3 2017, MoffettNathanson reported that pay TV gained 318,000 net new subscribers. But since then, the industry's subscriber count has been declining, with 1,045,000 customers in Q2 2025, as depicted in the graph [here]. The world's largest vMVPD by subscriber count, YouTube TV, claimed 8 million subscribers in February 2024; some analysts estimate that number is now at 9.4 million. In its report, MoffettNathanson estimated that YouTube TV added 750,000 subscribers in Q3 2025, compared to 1 million in Q3 2024. Traditional pay TV companies also contributed to the industry's unexpected growth by bundling its services with streaming subscriptions. Charter Communications offers bundles with nine streaming services, including Disney+, Hulu, and HBO Max. In Q3 2024, it saw net attrition of 294,000 customers, compared to about 70,000 in Q3 2025. Other cable companies have made similar moves. Comcast, for example, launched a streaming bundle with Netflix, Peacock, and Apple TV in May 2024. For Q3 2025, Comcast reported its best pay TV subscriber count in almost five years, which was a net loss of 257,000 customers. "Traditional pay TV -- i.e. cable and satellite -- still declined quarter over quarter in Q3, but again, by less," noted SteamTV Insider. "The [year-over-year] rate of attrition dropped from -12.4 percent to -10.2 percent over 12 months." MoffettNathanson added: "Yes, Q3 saw a positive net add number for [pay TV for] the first time in eight years, but that positive result came in the year's seasonally strongest quarter. We're not yet close to seeing the category actually grow again..."

Read more of this story at Slashdot.

Wells Fargo expects more job cuts and higher severance costs in this quarter that ends in three weeks, bank CEO and President Charlie Scharf said Tuesday at an investors conference in New York. He's also betting on AI to drive efficiency and, eventually, further workforce reduction.From a report: "As we've gone through the budgeting process, and even pre AI, we do expect to have less people as we go into next year," Scharf said at the Goldman Sachs Financial Services Conference in New York City. "We'll likely have more severance in the fourth quarter." The fourth quarter runs Oct. 1 through Dec. 31 for the San Francisco-basaed bank. Wells Fargo already has shrunk from 275,000 employees to about 210,000 since Scharf joined the bank in 2019 -- about a 24% decrease. Its largest employee base remains in Charlotte, with about 27,000 workers.

Read more of this story at Slashdot.

Let's Encrypt has published a retrospective that covers the decade since it published its first publicly trusted certificate in September 2015:

In March 2016, we issued our one millionth certificate. Just two years later, in September 2018, we were issuing a million certificates every day. In 2020 we reached a billion total certificates issued and as of late 2025 we're frequently issuing ten million certificates per day. We're now on track to reach a billion active sites, probably sometime in the coming year.

Greg Kroah-Hartman is writing a series of blog posts about Linux becoming a Certificate Numbering Authority (CNA):

It's been almost 2 full years since Linux became a CNA (Certificate Numbering Authority) which meant that we (i.e. the kernel.org community) are now responsible for issuing all CVEs for the Linux kernel. During this time, we've become one of the largest creators of CVEs by quantity, going from nothing to number 3 in 2024 to number 1 in 2025. Naturally, this has caused some questions about how we are both doing all of this work, and how people can keep track of it.

So far, Kroah-Hartman has published the introductory post, as well as a detailed post about kernel version numbers that is well worth reading.

As the battle over Warner Bros. Discovery grows, two Democratic lawmakers are warning that their party may try to block or unravel any acquisition by Paramount when it returns to power. Semafor: In a letter to the WBD board and Treasury Secretary Scott Bessent first shared with Semafor, Reps. Sam Liccardo (D-Calif.) and Ayanna Pressley (D-Mass.) said they were concerned about the national security risk of letting foreign entities control a large portion of the US entertainment and media industry. They also hinted that a future Democratic Congress and administration could try to unravel any Paramount-WBD deal. "Future Congresses ... will review many of the decisions of the current Administration, and may recommend that regulators push for divestitures, which would undermine the strategic logic of this merger," they wrote. "We urge the Board to weigh these national security and regulatory liabilities in evaluating a transaction burdened by uncertain but potentially extensive mitigation obligations, foreign influence risks, or adverse regulatory action."

Read more of this story at Slashdot.

Amazon says it will allow authors to offer their DRM-free ebooks in the EPUB and PDF formats through its self-publishing platform, Kindle Direct Publishing. Starting on January 20, 2026, authors who set their titles as DRM-free will see their books made available in these more open formats. From a report: The decision to use Digital Rights Management (DRM), a copyright protection mechanism, is set by the authors when they publish their ebooks on Amazon's platform. The company notes these changes won't impact previously published titles. If authors want to change the status of older titles, they'll have to log into the Kindle Direct Publishing (KDP) author portal and change an option in the settings. (Instructions on how to make that change are on Amazon's KDP support site here.) This move may actually incentivize authors to apply DRM to their ebooks.

Read more of this story at Slashdot.

New submitter emangwiro shares a report: The HDMI Forum, responsible for the HDMI specification, continues to stonewall open source. Valve's Steam Machine theoretically supports HDMI 2.1, but the mini-PC is software-limited to HDMI 2.0. As a result, more than 60 frames per second at 4K resolution are only possible with limitations. In a statement to Ars Technica, a Valve spokesperson confirmed that HDMI 2.1 support is "still a work-in-progress on the software side." "We've been working on trying to unblock things there." The Steam Machine uses an AMD Ryzen APU with a Radeon graphics unit. Valve strictly adheres to open-source drivers, but the HDMI Forum is unwilling to disclose the 2.1 specification. According to Valve, they have validated the HDMI 2.1 hardware under Windows to ensure basic functionality.

Read more of this story at Slashdot.