RSS 생중계

The kernel samepage merging (KSM) subsystem works by finding pages in memory with the same contents, then replacing the duplicated copies with a single, shared copy. KSM can improve memory utilization in a system, but has some problems as well. In two memory-management-track sessions at the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit, Mathieu Desnoyers and Sourav Panda proposed improvements to KSM to make it work better for specific use cases.

OpenSSH 10.0 has been released. Support for the DSA signature algorithm, which was disabled by default beginning in 2015, has been removed. Other notable changes include using the post-quantum algorithm mlkem768x25519-sha256 for key agreement by default, support for systemd-style socket activation in Portable OpenSSH, and moving code for user authentication from the sshd-session binary to the new ssh-auth binary:

Splitting this code into a separate binary ensures that the crucial pre-authentication attack surface has an entirely disjoint address space from the code used for the rest of the connection. It also yields a small runtime memory saving as the authentication code will be unloaded after the authentication phase completes. This change should be largely invisible to users, though some log messages may now come from "sshd-auth" instead of "sshd-session". Downstream distributors of OpenSSH will need to package the sshd-auth binary.

The release notes also warn that "software that naively matches versions using patterns like "OpenSSH_1*"" may be confused by the new version number.

Security updates have been issued by Debian (lemonldap-ng, libbssolv-perl, and phpmyadmin), Fedora (augeas, mariadb10.11, and thunderbird), Oracle (gimp, libxslt, python3.11, python3.12, tomcat, and xorg-x11-server), Red Hat (expat, grafana, opentelemetry-collector, and webkit2gtk3), SUSE (azure-cli-core, doomsday, kernel, and poppler), and Ubuntu (dotnet8, dotnet9, erlang, and poppler).

China retaliated against the US after new tariffs imposed by President Donald Trump, announcing it would raise the tariff on US goods to 84%, escalating the trade conflict between the world's two largest economies. From a report: The Chinese countermeasures are effective April 10, according to a government statement Wednesday. China's move came after Trump's latest tariffs went into force at midday Wednesday in Beijing, taking the cumulative rate announced this year to 104%. A day earlier, China vowed to "fight to the end" if the US insists on new tariffs. Where US-China Decoupling Is Hardest: After decades of trade integration, Chinese companies have become increasingly essential suppliers of goods and materials that range from niche to ones many Americans can barely do without. At $41 billion last year, smartphones -- largely consisting of Apple's iPhones -- were the single largest US import from China. More than 70% of all smartphone imports are from China, according to Bloomberg analysis of 2024 trade data from the US International Trade Commission. Farther afield, China supplies the entirety of hair from badgers and other animals imported into the US for brush-making. It also delivers almost 90% of the gaming consoles US consumers buy from overseas. Over 99% of the electric toasters, heated blankets, calcium, and alarm clocks the US imports are from China. Ditto for more than 90% of folding umbrellas, vacuum flasks, artificial flowers, LED lamps, and wooden coat-hangers.

Read more of this story at Slashdot.

Established software companies hoping to ride the AI wave are facing a stiff headwind: many of their potential customers are building AI tools themselves. This do-it-yourself approach is channeling billions in spending towards cloud computing providers but leaving traditional software vendors struggling to capitalize, complicating their AI growth plans. Cloud platforms like Microsoft Azure and Amazon Web Services are pulling in an estimated $22 billion from AI services, with Azure alone capturing $11.3 billion. Yet, software application vendors have collectively garnered only about $2 billion from selling AI products. Stripping out Microsoft's popular Copilot tools, that figure drops to a mere $450 million across all other vendors combined. Why are companies choosing the harder path of building? Feedback gathered by UBS points to several key factors driving this "persistent DIY trend." Many business uses for AI are highly specific or narrow, making generic software unsuitable. Off-the-shelf AI products are often considered too expensive, and crucially, the essential ingredients -- powerful AI models, cloud computing access, and the company's own data -- are increasingly available directly, lessening the need for traditional software packages.

Read more of this story at Slashdot.

The world used clean power sources to meet more than 40% of its electricity demand last year for the first time since the 1940s, figures show. The Guardian: A report by the energy thinktank Ember said the milestone was powered by a boom in solar power capacity, which has doubled in the last three years. The report found that solar farms had been the world's fastest-growing source of energy for the last 20 consecutive years. Phil MacDonald, Ember's managing director, said: "Solar power has become the engine of the global energy transition. Paired with battery storage, solar is set to be an unstoppable force. As the fastest-growing and largest source of new electricity, it is critical in meeting the world's ever-increasing demand for electricity." Overall, solar power remains a relatively small part of the global energy system. It made up almost 7% of the world's electricity last year, according to Ember, while wind power made up just over 8% of the global power system. The fast-growing technologies remain dwarfed by hydro power, which has remained relatively steady in recent years, and made up 14% of the worldâ(TM)s electricity in 2024.

Read more of this story at Slashdot.

Fake job seekers using AI tools to impersonate candidates are increasingly targeting U.S. companies with remote positions, creating a growing security threat across industries. By 2028, one in four global job applicants will be fake, according to Gartner. These imposters use AI to fabricate photo IDs, generate employment histories, and provide interview answers, often targeting cybersecurity and cryptocurrency firms, CNBC reports. Once hired, fraudulent employees can install malware to demand ransoms, steal customer data, or simply collect salaries they wouldn't otherwise obtain, according to Vijay Balasubramaniyan, CEO of Pindrop Security. The problem extends beyond tech companies. Last year, the Justice Department alleged more than 300 U.S. firms inadvertently hired impostors with ties to North Korea, including major corporations across various sectors.

Read more of this story at Slashdot.

Hackers intercepted about 103 bank regulators' emails for more than a year, gaining access to highly sensitive financial information, Bloomberg News reported Tuesday, citing two people familiar with the matter and a draft letter to Congress. From the report: The attackers were able to monitor employee emails at the Office of the Comptroller of the Currency after breaking into an administrator's account, said the people, asking not to be identified because the information isn't public. OCC on Feb. 12 confirmed that there had been unauthorized activity on its systems after a Microsoft security team the day before had notified OCC about unusual network behavior, according to the draft letter. The OCC is an independent bureau of the Treasury Department that regulates and supervises all national banks, federal savings associations and the federal branches and agencies of foreign banks -- together holding trillions of dollars in assets. OCC on Tuesday notified Congress about the compromise, describing it as a "major information security incident." "The analysis concluded that the highly sensitive bank information contained in the emails and attachments is likely to result in demonstrable harm to public confidence," OCC Chief Information Officer Kristen Baldwin wrote in the draft letter to Congress that was seen by Bloomberg News. While US government agencies and officials have long been the targets of state-sponsored espionage campaigns, multiple high-profile breaches have surfaced over the past year.

Read more of this story at Slashdot.

New submitter toutankh writes: The UK government is developing a tool to predict murder. The scheme was originally called the "homicide prediction project", but its name has been changed to "sharing data to improve risk assessment". The Ministry of Justice hopes the project will help boost public safety but campaigners have called it "chilling and dystopian".The existence of the project was uncovered by Statewatch rather than announced by the UK government. PR following this discovery looks like uncoordinated damage control: one stated goal is to "ultimately contribute to protecting the public via better analysis", but a spokesperson also said that it is "for research purpose[s] only". One criticism is that such a system will inevitably reproduce existing bias from the police. What could go wrong?

Read more of this story at Slashdot.

Microsoft has scrapped plans to build three data center campuses in Licking County, Ohio, in a $1 billion investment pullback, the company said. The canceled developments in New Albany, Heath, and Hebron join a growing list of Microsoft data center project cancellations across the United States, Europe, Asia-Pacific and the United Kingdom. Microsoft will retain ownership of the land and plans to eventually develop the sites at an unspecified future date. Two properties will remain available for farming in the interim.

Read more of this story at Slashdot.

Razer's upcoming Blade 16 and other laptops are no longer available for preorder or purchase on its US site. From a report: The configurator for preordering its new Blade 16 laptop was available as recently as April 1st, according to the Internet Archive -- one day before the Trump administration announced sweeping US tariffs on China, Taiwan, and others that make laptop components. When asked recently if tariffs might affect Razer's prices or availability, its Public Relations Manager, Andy Johnston, told The Verge, "We do not have a comment at this stage regarding tariffs." Razer may not be openly talking about the impact of tariffs, but Framework halted sales of its entry-level Laptop 13 in the US on April 7th, and Micron reportedly confirmed surcharges for its memory chips will apply once the tariffs take effect after midnight tonight.

Read more of this story at Slashdot.

Version 3.5.0 of OpenSSL has been released. This release adds support for server-side QUIC (RFC 9000), a new configuration option (no-tls-deprecated-ec) that disables support for TLS groups deprecated in RFC 8422, and more.

Children in a small Japanese town are obsessively collecting trading cards featuring local elderly men rather than popular fantasy creatures, helping bridge generational gaps in an aging rural community. In Kawara, Fukuoka Prefecture, the "Ojisan TCG" (Middle-aged Man Trading Card Game) features 28 local men with assigned elemental types and battle stats. The collection includes a former fire brigade chief and a prison officer-turned-volunteer whose card has become so sought-after that children request his autograph. Created by Eri Miyahara of the Saidosho Community Council, the initiative has doubled participation in town events. "We wanted to strengthen the connection between children and older generations," Miyahara told Fuji News Network. "So many kids are starting to look up to these men as heroic figures."

Read more of this story at Slashdot.

Version 1.4 of FreeDOS has been released. This is the first stable release since 2022, and includes improvements to the Fdisk hard-disk-management program, and reliability updates for the mTCP set of TCP/IP applications for DOS.

This version was much smoother because Jerome Shidel, our distribution manager, had an idea after FreeDOS 1.3 that we could have a rolling test release that collected all of the changes that people make over time. Previous to this, each new FreeDOS distribution (like 1.0, 1.1, 1.2, and 1.3) required bundling up packages into a "release candidate," and we would go through several iterations of updating the release candidates.

Jerome's method of building the FreeDOS distribution made it easier to automate a test release, which we decided to update every month. As the test releases accumulated enough changes to warrant a release, we could then make the next test release a "release candidate" which would iterate to the next version of the FreeDOS distribution. Since 2022, we've released monthly test releases. Thanks Jerome!

LWN covered FreeDOS last year for its 30th anniversary.

China is moving fast to dominate biotechnology, and the U.S. risks falling behind permanently unless it takes action over the next three years, a congressional commission said. WSJ: Congress should invest at least $15 billion to support biotech research over the next five years and take other steps to bolster manufacturing in the U.S., while barring companies from working with Chinese biotech suppliers, the National Security Commission on Emerging Biotechnology said in a report Tuesday. To achieve its goals, the federal government and U.S.-based researchers will also need to work with allies and partners around the world. "China is quickly ascending to biotechnology dominance, having made biotechnology a strategic priority for 20 years," the commission said. Without prompt action, the U.S. risks "falling behind, a setback from which we may never recover." The findings convey the depth of worry in Washington that China's rapid biotechnology advances jeopardize U.S. national security. Yet translating the concern into tangible actions could prove challenging. [...] China plays a large role supplying drug ingredients and even some generic medicines to the U.S. For years, it produced copycat versions of drugs developed in the West. Recent years have seen it become a formidable hub of biotechnology innovation, after the Chinese government gave priority to the field as a critical sector in China's efforts to become a scientific superpower.

Read more of this story at Slashdot.

Shopify CEO Tobi Lutke is changing his company's approach to hiring in the age of AI. Employees will be expected to prove why they "cannot get what they want done using AI" before asking for more headcount and resources, Lutke wrote in a memo to staffers that he posted to X. From a report: "What would this area look like if autonomous AI agents were already part of the team?" Lutke wrote in the memo, which was sent to employees late last month. "This question can lead to really fun discussions and projects." Lutke also said there's a "fundamental expectation" across Shopify that employees embrace AI in their daily work, saying it has been a "multiplier" of productivity for those who have used it. "I've seen many of these people approach implausible tasks, ones we wouldn't even have chosen to tackle before, with reflexive and brilliant usage of AI to get 100X the work done," Lutke wrote. The company, which sells web-based software that helps online retailers manage sales and run their operations, will factor AI usage into performance reviews, he added.

Read more of this story at Slashdot.

Joplin is an open-source note-taking application designed to handle taking many kinds of notes, whether it is managing code snippets, writing documentation, jotting down lecture notes, or drafting a novel. Joplin has Markdown support, a plugin system for extensibility, and accepts multimedia content, allowing users to attach images, videos, and audio files to their notes. It can provide synchronization of content across devices using end-to-end encryption, or users can opt to stick to local storage only. Joplin even offers a command-line version for terminal-based usage. Joplin 3.2, the most recent feature release, brought long-awaited multi-window support, multi-column layouts, enhanced accessibility, and theme detection.

Micron has informed US customers it will implement surcharges on memory modules and solid-state drives starting Wednesday to offset President Trump's new tariffs, according to Reuters. While semiconductors received exemptions in Trump's recent trade action, memory storage products didn't escape the new duties. Micron, which manufactures primarily in Asian countries including China and Taiwan, had previously signaled during a March earnings call that tariff costs would be passed to customers.

Read more of this story at Slashdot.

Meta released two new Llama 4 models over the weekend -- Scout and Maverick -- with claims that Maverick outperforms GPT-4o and Gemini 2.0 Flash on benchmarks. Maverick quickly secured the number-two spot on LMArena, behind only Gemini 2.5 Pro. Researchers have since discovered that Meta used an "experimental chat version" of Maverick for LMArena testing that was "optimized for conversationality" rather than the publicly available version. In response, LMArena said "Meta's interpretation of our policy did not match what we expect from model providers" and announced policy updates to prevent similar issues.

Read more of this story at Slashdot.