RSS 생중계

Inside this week's LWN.net Weekly Edition:

• Front: Pixnapping attack; Fil-C; Debian ftpmasters; GoFundMe complaints; Safer user-space access.
• Briefs: Man pages 6.16; Btrfs on AlmaLinux; Fedora Linux 43; ICANN report; PSF grants; Rust Coreutils 0.3.0; Tor Browser 15.0; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

An anonymous reader quotes a report from Reuters: Substrate, a small U.S. startup, said on Tuesday that it had developed a chipmaking tool capable of competing with the most advanced lithography equipment made by Dutch firm ASML. Substrate's tool is the first step in the startup's ambitious plan to build a U.S.-based contract chip-manufacturing business that would compete with Taiwan's TSMC in making the most advanced AI chips, its CEO James Proud told Reuters in an interview. Proud wants to slash the cost of chipmaking by producing the tools needed much more cheaply than rivals. [...] An engineering feat that has eluded even large companies, lithography needs extreme precision. ASML is the only company in the world that has been able to make at scale the complex tools that use extreme ultraviolet (EUV) to produce patterns on silicon wafer at a high rate of throughput. Substrate said that it has developed a version of lithography that uses X-ray light and is capable of printing features at resolutions that are comparable to the most advanced chipmaking tools made by ASML that cost more than $400 million apiece. The company said it has conducted demonstrations at U.S. National Laboratories and at its facilities in San Francisco. The company provided high resolution images that demonstrate the Substrate tool's capabilities. "This is an opportunity for the U.S. to recapture this market with a homegrown company," Oak Ridge National Laboratory director Stephen Streiffer, an expert on high-energy x-ray beams, said in an interview. "It's a nationally important effort and they know what they're doing."

Read more of this story at Slashdot.

Nvidia is taking a $1 billion stake in Nokia, sending the Finnish telecom giant's shares up 22%. The two companies also struck a partnership to co-develop next-generation 6G and AI-driven networking technology. CNBC reports: The two companies also struck a strategic partnership to work together to develop next-generation 6G cellular technology. Nokia said that it would adapt its 5G and 6G software to run on Nvidia's chips, and will collaborate on networking technology for AI. Nokia said Nvidia would consider incorporating its technology into its future AI infrastructure plans. Nokia, a Finnish company, is best known for its early cellphones, but in recent years, it has primarily been a supplier of 5G cellular equipment to telecom providers.

Read more of this story at Slashdot.

Grammarly is rebranding itself as "Superhuman" following its acquisition of the email client, while keeping its existing product names for now. Along with the rebrand, the company is launching "Superhuman Go," an AI assistant that integrates with tools like Gmail, Jira, and Google Drive to enhance writing and automate productivity tasks. "The assistant can use these connections to do tasks like logging tickets or fetching your availability when you're scheduling a meeting," adds TechCrunch. "Superhuman said it plans to add functionality to enable the assistant to fetch data from sources like CRMs and internal systems to suggest changes to your emails." "Users can try Superhuman Go by turning on a toggle in the Grammarly extension, which will let them connect it to different apps. Users can also try out different agents in the company's agent store, which include a plagiarism checker and a proofreader, launched in August."

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: Character.AI said on Wednesday that it would bar people under 18 from using its chatbots starting late next month, in a sweeping move to address concerns over child safety. The rule will take effect Nov. 25, the company said. To enforce it, Character.AI said, over the next month the company will identify which users are minors and put time limits on their use of the app. Once the measure begins, those users will not be able to converse with the company's chatbots. "We're making a very bold step to say for teen users, chatbots are not the way for entertainment, but there are much better ways to serve them," said Karandeep Anand, Character.AI's chief executive. He said the company also plans to establish an AI safety lab. Last October, a Florida teenager took his own life after interacting for months with Character.AI chatbots imitating fictitious characters from the Game of Thrones. His mother filed a lawsuit against the company, alleging the platform's "dangerous and untested" technology led to his death.

Read more of this story at Slashdot.

An anonymous reader shares a report: The FCC adopted a notice of proposed rulemaking (NPRM) to rescind and revise certain rules attached to consumer broadband labels. The measure passed on a two-to-one vote, with Commissioner Anna Gomez, the lone Democrat on the FCC, voting no and calling the notice "one of the most anti-consumer items I have seen." The vote was held at the Commission's open meeting for the month of October. As per a draft notice circulated earlier this month, the FCC is looking to roll back several rules, including requirements that service providers read the label to consumers via phone, itemize state and local pass-through fees, and display labels in consumer account portals, among others. Advocates at Public Knowledge urged the Commission to reconsider, saying in a recent filing that "the Commission could create a permission structure for ISPs to continue to act without accountability." In her remarks during Tuesday's open meeting, Commissioner Gomez appeared to concur, depicting the move as "anti-consumer" and counter to the goals of Congress. The FCC was mandated via the 2021 Infrastructure Investment and Jobs Act (IIJA) to create rules for implementing consumer broadband labels. After a lengthy rulemaking process and discussions with industry and consumer groups, ISPs were required to start displaying labels in 2024. "I typically vote in favor of notices of proposed rulemaking because I believe in asking balanced questions, even on proposals that I dislike, so that we can encourage fruitful and helpful public comment. Answers to tough questions help us strike the right balance so that our rules can both encourage competition and serve consumers. However, the questions posed in this NPRM are so anti-consumer that I could not bring myself to even agree to them," said Gomez. Gomez stressed that the notice will harm consumers by enabling ISPs to hide add-on fees and stripping people of their ability to access information in their own language. Moreover, added Gomez, it's unclear why the FCC is doing this. "What adds insult to injury is that the FCC does not even explain why this proposal is necessary. Make it make sense," she added.

Read more of this story at Slashdot.

Microsoft shipped its first Xbox handheld nearly two weeks ago. The $600 white Xbox Ally cannot reliably sleep, wake, or hold a charge while asleep. Neither Microsoft nor Asus would admit there's a problem or offer a timeline to fix it after repeated requests by The Verge. Asus said it needs more time to test. Installing Bazzite, a Linux-based operating system, solves the problems, the publication reports. The same hardware runs games up to 30% faster than Windows and beats the Steam Deck in all but one benchmark. Steam runs more responsively without Windows bloat. The device can be used like a Nintendo Switch, pausing games with the power button and resuming hours or days later. Bazzite initially had sleep issues but fixed them two days after programmer Antheas Kapenekakis obtained the hardware and consulted with two AMD contacts. The black Xbox Ally X, which doesn't have as many sleep issues, gets a similar speed boost with Bazzite. Two Xbox Ally units tested on Windows repeatedly woke themselves at random intervals. One lost 10% battery after 12 hours of supposed sleep, the other 23%. After another 12 hours, both had only 30% battery remaining. One tried to apply a Windows Update while asleep. Both units refused to wake from sleep at times and required hard resets. Many users have reported similar issues on Reddit with both Xbox Ally versions. Further reading: Microsoft's Next Xbox Will Run Full Windows and Eliminate Multiplayer Paywall, Report Says.

Read more of this story at Slashdot.

Nvidia chief executive Jensen Huang said that maintaining the US edge in AI will require a steady approach that ensures China remains hooked on American technology. From a report: The chipmaker is in an "awkward place" as President Donald Trump prepares to meet with his Chinese counterpart Xi Jinping later this week, Huang told reporters Tuesday at a company conference in Washington. The Nvidia chief praised Trump's commitment to winning but urged careful engagement with China because of the country's massive software developer base and its growing technology capabilities. During the meeting, Trump and Xi are expected to finalize an agreement to ease trade tensions between the world's two largest economies. When it comes to those negotiations, Huang said he has "no idea" if GPUs -- the chips central to artificial intelligence capabilities -- will be a topic between Trump and Xi. Huang was careful to leave the negotiating to Trump but encouraged US leadership to think longer term on its overall AI strategy. "A policy that causes America to lose half of the world's developers is not beneficial long-term," Huang said, warning that it was still possible for the US to cede the AI race to China. Keeping US technology in front requires finesse," he said. "It requires balance. It requires long-term thinking."

Read more of this story at Slashdot.

An anonymous reader shares a report: The transition to the more-secure HTTPS web protocol has plateaued, according to Google. As of 2020, 95 to 99 percent of navigations in Chrome use HTTPS. To help make it safer for users to click on links, Chrome will enable a setting called Always Use Secure Connections for public sites for all users by default. This will happen in October 2026 with the release of Chrome 154. The change will happen earlier for those who have switched on Enhanced Safe Browsing protections in Chrome. Google will enable Always Use Secure Connections by default in April when Chrome 147 drops. When this setting is on, Chrome will ask for your permission before it first accesses a public website that doesn't use HTTPS.

Read more of this story at Slashdot.

Blogger and technologist Anil Dash, writing about OpenAI's recently launched browser, Atlas: When I first got Atlas up and running, I tried giving it the easiest and most obvious tasks I could possibly give it. I looked up "Taylor Swift showgirl" to see if it would give me links to videos or playlists to watch or listen to the most popular music on the charts right now; this has to be just about the easiest possible prompt. The results that came back looked like a web page, but they weren't. Instead, what I got was something closer to a last-minute book report written by a kid who had mostly plagiarized Wikipedia. The response mentioned some basic biographical information and had a few photos. Now we know that AI tools are prone to this kind of confabulation, but this is new, because it felt like I was in a web browser, typing into a search box on the Internet. And here's what was most notable: there was no link to her website. I had typed "Taylor Swift" in a browser, and the response had literally zero links to Taylor Swift's actual website. If you stayed within what Atlas generated, you would have no way of knowing that Taylor Swift has a website at all. Unless you were an expert, you would almost certainly think I had typed in a search box and gotten back a web page with search results. But in reality, I had typed in a prompt box and gotten back a synthesized response that superficially resembles a web page, and it uses some web technologies to display its output. Instead of a list of links to websites that had information about the topic, it had bullet points describing things it thought I should know. There were a few footnotes buried within some of those response, but the clear intent was that I was meant to stay within the AI-generated results, trapped in that walled garden. During its first run, there's a brief warning buried amidst all the other messages that says, "ChatGPT may give you inaccurate information", but nobody is going to think that means "sometimes this tool completely fabricates content, gives me a box that looks like a search box, and shows me the fabricated content in a display that looks like a web page when I type in the fake search box." And it's not like the generated response is even that satisfying.

Read more of this story at Slashdot.

YouTube says it will automatically upscale videos uploaded below 1080p (full-HD to higher resolution using AI. The Google-owned platform, however, assured that it will give creators and viewers the option to opt out of the enhancement. The feature will apply only to videos uploaded in resolutions from 240p to 720p and will not affect videos that creators have already remastered to 1080p. Creators will retain control over their original files, and viewers will be able to watch videos in their uploaded resolution through a settings option. YouTube said it plans to support upscaling to 4K in the near future. The company also said it is expanding the video thumbnail size limit from 2MB to 50MB to support 4K images. On videos with tagged products, viewers will soon be able to scan a QR code on TV screens to purchase items directly.

Read more of this story at Slashdot.

The best way to innovate in gaming is to have good margins, that's according to Microsoft chief executive Satya Nadella. He made the comments during an interview days after Bloomberg reported that Microsoft has expected unrealistic profit margins from its gaming division, which the report suggested was a likely reason for studio closures, game cancelations and thousands of layoffs at Xbox. Nadella used the word "innovation" at least five times during the interview but never offered specifics about what he meant by it. He said Microsoft needs to "invent, maybe, some new interactive media" because gaming's competition is short-form video rather than other games. The CEO described Microsoft's new gaming strategy as being "everywhere, on every platform" after comparing the company's game publishing business to Microsoft Office. He said "the biggest gaming business is the Windows business" and added that he is looking forward to "the next console, the next PC gaming."

Read more of this story at Slashdot.

Alejandro Colomar has announced the release of version 6.16 of the GNU/Linux man pages. This release includes new or rewritten man pages for fsconfig(), fsmount(), and fsopen(), as well as a number of newly documented interfaces in existing man pages. The release is also available as a PDF book.

ICANN's Security and Stability Advisory Committee (SSAC) has announced a report on "the critical role of Free and Open Source Software (FOSS) within the Domain Name System (DNS)". The report is aimed at policymakers and examines recent cybersecurity regulations in the US, UK, and EU as they apply to FOSS in the DNS system; it includes findings and guidelines "to strengthen the FOSS ecosystem that is critical to the secure and stable operation of the Internet". From the report's summary:

This ecosystem depends on a global network of maintainers and contributors who are often unpaid volunteers. While many are unpaid volunteers, the DNS space is unique in also relying on a handful of long-lived maintenance organizations. This creates a model based on community collaboration rather than the commercial contracts that define a traditional software supply chain, which introduces unique risks related to financial sustainability for the maintenance organizations and maintainer burnout for volunteers.

These unique characteristics mean that regulatory frameworks designed for proprietary software may not be well-suited for FOSS and therefore could have severe unintended consequences to the stability of critical Internet infrastructure.

Thanks to SSAC member Maarten Aertsen for the tip.

A new class of attacks on Android phones, called "Pixnapping", was announced on October 13. It allows a malicious app to gather output rendered in a victim app, pixel-by-pixel, by exploiting a GPU side-channel. Depending on what the victim app displays, anything from sensitive email and chats to two-factor authentication (2FA) codes could be captured—and shipped off to an attacker's site.

Hedge fund Apollo has reached a deal to sell AOL to Italian tech holding group Bending Spoons in a deal valued at roughly $1.5 billion, Axios reported Wednesday From the report: AOL still drives hundreds of millions of dollars of free cash flow. Bending Spoons CEO Luca Ferrari said AOL has around 30 million monthly active users across its email and web content properties. That "incredibly loyal user base," as he called it, could be better served with greater investments in AOL's product and user experience, he noted. [...] Bending Spoons is a privately held Italian holding company that acquires assets with large user bases and invests in their turnaround with technology improvements. The company tends to sit on their investments long term after acquiring them. Some of the other companies Bending Spoons has acquired include Vimeo, Evernote, WeTransfer, Brightcove.

Read more of this story at Slashdot.

schwit1 writes: China has enacted a new law regulating social media influencers, requiring them to hold verified professional qualifications before posting content on sensitive topics such as medicine, law, education, and finance, IOL reported. The new law went into effect on Saturday. The regulation was introduced by the Cyberspace Administration of China (CAC) as part of its broader effort to curb misinformation online. Under the new rules, influencers must prove their expertise through recognized degrees, certifications, or licenses before discussing regulated subjects. Major platforms such as Douyin (China's TikTok), Bilibili, and Weibo are now responsible for verifying influencer credentials and ensuring that content includes clear citations, disclaimers, and transparency about sources. Audiences expect influencers to be both creative and credible. Yet when they blur the line between opinion and expertise, the impact can be severe. A single misleading financial tip could wipe out someone's savings. A viral health trend could cause real harm. That's why many believe it's time for creators to acknowledge the weight of their influence. However, China's new law raises deeper questions: Who defines "expertise"? What happens to independent creators who challenge official narratives but lack formal credentials? And how far can regulation go before it suppresses free thought?

Read more of this story at Slashdot.

Computer scientists at the University of Pennsylvania have proved that pricing algorithms can drive up prices even when they lack the capacity to collude. Aaron Roth and four colleagues studied so-called no-swap-regret algorithms, which are designed to minimize losses and were previously thought to guarantee competitive pricing. The researchers found that when such an algorithm faces an opponent using a nonresponsive strategy -- one that randomly selects from predetermined price probabilities without reacting to competitor moves -- both players can end up in equilibrium at high prices. Neither has an incentive to switch strategies because their profits are nearly equal and as high as possible under the circumstances. The nonresponsive strategy cannot express threats because it does not respond to opponent behavior, yet it effectively coaxes the learning algorithm into raising prices. Mallesh Pai, an economist at Rice University not involved in the research, said the finding matters because regulators have no clear grounds to intervene without evidence of threats or agreements. Roth conceded however that he lacks a solution to the regulatory challenge his team identified.

Read more of this story at Slashdot.

Version 15.0 of the Tor Browser has been released:

This is our first stable release based on Firefox ESR 140, incorporating a year's worth of changes that have been shipped upstream in Firefox. As part of this process, we've also completed our annual ESR transition audit, where we reviewed and addressed around 200 Bugzilla issues for changes in Firefox that may negatively affect the privacy and security of Tor Browser users. Our final reports from this audit are now available in the tor-browser-spec repository on our GitLab instance.

This release inherits the vertical tabs feature, unified search button, as well as other new features and usability improvements in Firefox that have passed the Tor Project's audit.

Nvidia became the world's first $5 trillion company on Wednesday after its stock climbed 5% in early Wall Street trading to push its market capitalization to $5.13 trillion. The Silicon Valley chipmaker reached the milestone three months after hitting $4 trillion and three years after it was valued at roughly $400 billion before the debut of ChatGPT. Nvidia chief executive Jensen Huang said Tuesday that Nvidia had secured half a trillion dollars in orders for its AI chips over the next five quarters. The stock had already gained 5% on Tuesday and added more than $200 billion to its market value. President Donald Trump said Wednesday he planned to discuss Nvidia's Blackwell chip with China's President Xi Jinping when the two leaders meet later this week. Nvidia's latest generation of graphics processing units is not currently available in China because of US export controls. The company's shares have risen more than 85% in the past six months.

Read more of this story at Slashdot.