RSS 생중계

More than half the world's food production will be at risk of failure within the next 25 years as a rapidly accelerating water crisis grips the planet, unless urgent action is taken to conserve water resources and end the destruction of the ecosystems on which our fresh water depends, experts have warned in a landmark review. From a report: Half the world's population already faces water scarcity, and that number is set to rise as the climate crisis worsens, according to a report from the Global Commission on the Economics of Water published on Thursday. Demand for fresh water will outstrip supply by 40% by the end of the decade, because the world's water systems are being put under "unprecedented stress," the report found. The commission found that governments and experts have vastly underestimated the amount of water needed for people to have decent lives. While 50 to 100 litres a day are required for each person's health and hygiene, in fact people require about 4,000 litres a day in order to have adequate nutrition and a dignified life. For most regions, that volume cannot be achieved locally, so people are dependent on trade -- in food, clothing and consumer goods -- to meet their needs. Some countries benefit more than others from "green water," which is soil moisture that is necessary for food production, as opposed to "blue water" from rivers and lakes. The report found that water moves around the world in "atmospheric rivers" which transport moisture from one region to another.

Read more of this story at Slashdot.

Email has become somewhat unfashionable as a collaboration tool for open-source projects, but there are still a number of projects—such as PostgreSQL and the Linux kernel—that expect contributors to send and review patches via email. The aerc mail client is aimed at developers looking for a text-based, efficient, and extensible client that is meant to be used for working with Git and email. It uses Vim-style keybindings by default, and has an interface inspired by tmux that lets users manage multiple accounts, mails, and embedded terminals at once.

An anonymous reader shares a report: Starting on October 14, 2024, news outlets including Yahoo and NME reported that year-over-year, the U.S. vinyl market was down 33 percent. The data for these articles came from a weekly report from Billboard called "Market Watch," which automatically updates with data provided by the company Luminate. Amid the vinyl revolution, this news signified a shift in buyer habits: a sales decline among vinyl for the first time in 17 years. On October 15, Discogs contacted Chris Muratore, director of partnerships at Luminate, who confirmed that the reported data is incorrect. Vinyl sales are actually up 6.2 percent. Billboard has since added language to their "Market Watch" report, clearing up the error. Luminate has been the gold standard for physical music sales numbers for decades. However, at the beginning of this year, the company changed its reporting process, frustrating many record store owners and industry personnel.

Read more of this story at Slashdot.

Greg Kroah-Hartman has announced the release of the 6.11.4, 6.6.57, 6.1.113, 5.15.168, and 5.10.227 stable kernels. As usual, this set of updates contains a long list of important fixes throughout the kernel tree.

Security updates have been issued by Debian (python-cryptography), Fedora (dnsdist and python-virtualenv), Red Hat (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and java-21-openjdk), Slackware (libssh2 and mozilla), SUSE (haproxy, keepalived, libarchive, libnss_slurm2, php8, and python310-pytest-html), and Ubuntu (linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, and linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-hwe-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-raspi).

South Korea will prepare stronger measures in a bid to prevent overseas leaks of business secrets amid intensifying competition for advanced technologies, the finance minister said on Thursday. From a report: "We will prevent illegal leaks of advanced technologies to raise the global competitiveness of our companies and strengthen technology leadership," Minister Choi Sang-mok said. The government will set up a "big data" system aimed at preventing technology leaks at the patent agency and introduce new regulations to ensure stronger punishment for culprits, Choi said. He did not specify what the stronger penalties would be under the new regulations. In the past five years, there have been 97 attempts to leak business secrets to a foreign country, with 40 of them in the semiconductor industry, according to the National Intelligence Service.

Read more of this story at Slashdot.

An anonymous reader shares a report: Impact, an app that describes itself as "AI-powered infrastructure for shaping and managing narratives in the modern world," is testing a way to organize and activate supporters on social media in order to promote certain political messages. The app aims to summon groups of supporters who will flood social media with AI-written talking points designed to game social media algorithms. In video demos and an overview document provided to people interested in using a prototype of the app that have been viewed by 404 Media, Impact shows how it can send push notifications to groups of supporters directing them at a specific social media post and provide them with AI-generated text they can copy and paste in order to flood the replies with counter arguments.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Hackread: The United States Department of Justice (DoJ) has indicted two Sudanese nationals for their alleged role in operating the hacktivist group Anonymous Sudan. The group claimed fame for conducting "tens of thousands" of large-scale and crippling Distributed Denial of Service attacks (DDoS attacks) targeting critical infrastructure, corporate networks, and government agencies globally. Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, stand accused of conspiracy to damage protected computers. Ahmed Salah faces additional charges for damaging protected computers. The duo is believed to have controlled Anonymous Sudan, which, since early 2023, launched attacks on high-profile entities such as ChatGPT, UAE's Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group. The group and its clients also utilized the Distributed Cloud Attack Tool (DCAT) to conduct over 35,000 DDoS attacks. These attacks targeted sensitive government and critical infrastructure in the U.S. and globally, including the Department of Justice, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles. The attacks, which sometimes lasted days, reportedly caused major damage, often crippling websites and networks. For instance, the attack on Cedars-Sinai Medical Center forced the redirection of incoming patients for eight hours, causing over $10 million in damages to U.S. victims.

Read more of this story at Slashdot.

The Cybersecurity Association of China (CSAC) has recommended a security review of Intel's products sold in China, accusing the U.S. chipmaker of harming national security and citing vulnerabilities in its chips. Reuters reports: While CSAC is an industry group rather than a government body, it has close ties to the Chinese state and the raft of accusations against Intel, published in a long post on its official WeChat account, could trigger a security review from China's powerful cyberspace regulator, the Cyberspace Administration of China (CAC). "It is recommended that a network security review is initiated on the products Intel sells in China, so as to effectively safeguard China's national security and the legitimate rights and interests of Chinese consumers," CSAC said. [...] CSAC in its post accuses Intel chips, including Xeon processors used for artificial intelligence tasks, of carrying several vulnerabilities, concluding that Intel "has major defects when it comes to product quality, security management, indicating that it is extremely irresponsible attitude towards customers." The industry group goes on to state that operating systems embedded in all Intel processors are vulnerable to backdoors created by the U.S. National Security Agency (NSA). "This poses a great security threat to the critical information infrastructures of countries all over the world, including China...the use of Intel products poses a serious risk to national security." CSAC said.

Read more of this story at Slashdot.

Longtime Slashdot reader schwit1 shares a report from Via Satellite: SpaceX submitted a request to the FCC to modify the second generation, Gen2, of its Starlink satellite system with changes that SpaceX said will allow the constellation to deliver gigabit-speed broadband. SpaceX submitted the filing to the FCC on Oct. 11, and it was made public on Tuesday. The operator wants to make changes to the orbital configuration and operational parameters, and requests modifications for its Gen2 frequency authorization. These modifications "will enable the Gen2 system to deliver gigabit-speed, truly low-latency broadband and ubiquitous mobile connectivity to all Americans and the billions of people globally who still lack access to adequate broadband," Jameson Dempsey, SpaceX director of Satellite Policy said in the filing. For comparison, Starlink's current statement on service speeds is that users typically experience download speeds between 25 and 220 Mbps, and a majority of users experience speeds over 100 Mbps. In 2022, the FCC partially approved SpaceX to deploy a Gen2 Starlink constellation of up to 7,500 satellites for fixed satellite services (FSS) in the Ku- and Ka-bands, then later authorized Gen2 operations using additional frequencies in the E- and V-bands. SpaceX reported that since then, it has deployed more than 3,000 satellites in the Gen2 system and the full Starlink constellation serves more than four million people.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Wired: Real-time video deepfakes are a growing threat for governments, businesses, and individuals. Recently, the chairman of the US Senate Committee on Foreign Relations mistakenly took a video call with someone pretending to be a Ukrainian official. An international engineering company lost millions of dollars earlier in 2024 when one employee was tricked by a deepfake video call. Also, romance scams targeting everyday individuals have employed similar techniques. "It's probably only a matter of months before we're going to start seeing an explosion of deepfake video, face-to-face fraud," says Ben Colman, CEO and cofounder at Reality Defender. When it comes to video calls, especially in high-stakes situations, seeing should not be believing. The startup is laser-focused on partnering with business and government clients to help thwart AI-powered deepfakes. Even with this core mission, Colman doesn't want his company to be seen as more broadly standing against artificial intelligence developments. "We're very pro-AI," he says. "We think that 99.999 percent of use cases are transformational -- for medicine, for productivity, for creativity -- but in these kinds of very, very small edge cases the risks are disproportionately bad." Reality Defender's plan for the real-time detector is to start with a plug-in for Zoom that can make active predictions about whether others on a video call are real or AI-powered impersonations. The company is currently working on benchmarking the tool to determine how accurately it discerns real video participants from fake ones. Unfortunately, it's not something you'll likely be able to try out soon. The new software feature will only be available in beta for some of the startup's clients. As Reality Defender works to improve the detection accuracy of its models, Colman says that access to more data is a critical challenge to overcome -- a common refrain from the current batch of AI-focused startups. He's hopeful more partnerships will fill in these gaps, and without specifics, hints at multiple new deals likely coming next year. After ElevenLabs was tied to a deepfake voice call of US president Joe Biden, the AI-audio startup struck a deal with Reality Defender to mitigate potential misuse. [...] "We don't ask my 80-year-old mother to flag ransomware in an email," says Colman. "Because she's not a computer science expert." In the future, it's possible real-time video authentication, if AI detection continues to improve and shows to be reliably accurate, will be as taken for granted as that malware scanner quietly humming along in the background of your email inbox.

Read more of this story at Slashdot.

The LWN.net Weekly Edition for October 17, 2024 is available.

A new study counters the widely held belief that standing desks are good for your health, discovering that it does not reduce the risk of diseases such as stroke and heart failure. In fact, it "found that being on your feet for more than two hours a day may increase the risk of developing problems such as deep vein thrombosis and varicose veins," reports The Guardian. The findings have been published in the International Journal of Epidemiology. From the report: To establish if standing provided any health benefits, the researchers studied data from 83,013 adults who are part of the UK Biobank health records database. These people did not have heart disease at the start of the study and wore devices on their wrists to track movement. The team found that for every extra 30 minutes spent standing beyond two hours, the risk of circulatory disease increased by 11%. Standing was not found to reduce the risk of heart conditions such as stroke, heart failure and coronary heart disease, the researchers said. "The key takeaway is that standing for too long will not offset an otherwise sedentary lifestyle and could be risky for some people in terms of circulatory health," said Dr Matthew Ahmadi, of the University of Sydney's faculty of medicine and health. "We found that standing more does not improve cardiovascular health over the long-term and increases the risk of circulatory issues."

Read more of this story at Slashdot.

wiredmikey shares a report from SecurityWeek: Dane Stuckey, the former Chief Information Security Officer (CISO) of big data analytics and AI firm Palantir, has joined OpenAI CISO. Stuckey served in senior security roles at Palantir for more than ten years, including 6 plus years as the company's CISO. In his new role, Stuckey said he would be working alongside Matt Knight, Head of Security at OpenAI. "Security is germane to OpenAI's mission," said Stuckey in a post on X. "It is critical we meet the highest standards for compliance, trust, and security to protect hundreds of millions of users of our products, enable democratic institutions to maximally benefit from these technologies, and drive the development of safe AGI for the world." "I am so excited for this next chapter, and can't wait to help secure a future where AI benefits us all," Stuckey added.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Robinhood launched its long-awaited desktop platform and added futures and index options trading features to its mobile app on Wednesday, as the fintech firm aims to take market share from traditional brokerages. The 11-year-old commission-free trading app, which became synonymous with mom-and-pop investors in 2021, is now seeking to mature into a full-fledged financial services provider and compete with established brokerages that serve institutional investors. The Menlo Park, California-based company said its desktop trading platform, dubbed "Robinhood Legend," will focus on active traders. The platform, available at no additional cost, will offer advanced trading tools, real-time data, as well as custom and preset layouts. Meanwhile, the app will allow users to trade futures on the benchmark S&P 500 index, oil and bitcoin, among others. Customers can also trade index options. [...] Subscribers to Robinhood's premium Gold tier will be able to trade futures for as low as 50 cents per contract, while non-Gold users will need to pay a commission of 75 cents. You can tune in to the company's live product announcement on YouTube.

Read more of this story at Slashdot.

Apple is enhancing its Business Connect tool, allowing companies to customize how they appear in emails, phone calls, and payment interfaces on iPhones. The Verge reports: Each registered business can confirm its info is accurate and add additional details like photos or special offers. Collecting verified, up-to-date business information could be useful for Apple if it ever launches its own search engine or inside features for Apple Intelligence instead of sending users to outside sources like Google, Yelp, or Meta. Branded Mail is a feature businesses can sign up for today before it starts rolling out to users later this year, potentially making emails easier to identify in a sea of unread messages. Additionally, if companies opt into Business Caller ID, Apple will display their name, logo, and department on an iPhone's inbound call screen. This feature should come in handy when you're trying to figure out whether the random number that's calling you is spam, or if it's a legitimate business. It will start rolling out next year. A smaller update coming to Apple's Tap to Pay service will let companies show their logo when accepting payments instead of just displaying a category icon. You can read more about it in Apple's press release.

Read more of this story at Slashdot.

According to The Verge, Meta has "begun laying off employees across various departments, including WhatsApp, Instagram, and Reality Labs." From the report: Rather than a mass, companywide layoff, these smaller cuts seem to coincide with reorganizations of specific teams. Some Meta employees have started posting that they've been laid off. Among them is Jane Manchun Wong, who gained notoriety for reporting on unannounced features coming to apps before joining the Threads team in 2023. Meta laid off 11,000 employees in 2022 and then cut 10,000 more people as part of CEO Mark Zuckerberg's "year of efficiency" in 2023. Further reading: Tech Layoffs Highest Since Dot-Com Crash

Read more of this story at Slashdot.

The parents of a Massachusetts student are suing his school after he was penalized for using AI in a Social Studies project, claiming it was for research purposes only. The student received a detention and a lower grade, which his parents argue could harm his college prospects. The school is defending its AI policy and fighting to dismiss the case. The Register reports: "The Plaintiff Student will suffer irreparable harm that far outweighs any harm that may befall the Defendants," their filing reads [PDF]. "He is applying to elite colleges and universities given his high level of academic and personal achievement. Early decision and early action applications in a highly competitive admissions process are imminent and start in earnest on October 1, 2024. Absent the grant of an injunction by this Court, the Student will suffer irreparable harm that is imminent." The school, however, is fighting back with a motion to dismiss [PDF] the case. The school argues that RNH, along with his classmates, was given a copy of the student handbook in the Fall of last year, which specifically called out the use of AI by students. The class was also shown a presentation about the school's policy. Students should "not use AI tools during in-class examinations, processed writing assignments, homework or classwork unless explicitly permitted and instructed," the policy states. "RNH unequivocally used another author's language and thoughts, be it a digital and artificial author, without express permission to do so," the school argues. "Furthermore, he did not cite to his use of AI in his notes, scripts or in the project he submitted. Importantly, RNH's peers were not allowed to cut corners by using AI to craft their projects; thus, RNH acted 'unfairly in order to gain an advantage.'"

Read more of this story at Slashdot.

An anonymous reader quotes a report from 404 Media: The code that runs Redbox DVD rental machines has been dumped online, and, in the wake of the company's bankruptcy, a community of tinkerers and reverse engineers are probing the operating system to learn how it works. Naturally, one of the first things people did was make one of the machines run Doom. As has been detailed in several great articles elsewhere, the end of Redbox has been a clusterfuck, with pharmacies, grocery stores, and other retailers stuck with very large, heavy, abandoned DVD rental kiosks. To many people's surprise, many of the kiosks remain operational even with the bankruptcy of Redbox's parent company, which has led some people to "liberate" DVDs from the abandoned kiosks. Reddit is full of posts by people who say they have taken dozens of DVDs from kiosks all over the country. Free DVDs is one thing. But in recent days, people have realized that they can, in some cases, get free Redbox kiosks. In an August filing, Walgreens told the bankruptcy court that it has 5,400 abandoned kiosks at its stores, and that it is spending $184,000 a month keeping them powered. "Walgreens should not be required to continue to 'store' and power Redbox kiosks across the country without any form of payment," the company wrote. And so tinkerers and reverse engineers have begun asking stores whether they can take the devices off their hands. There are also posts on Reddit by contractors who are selling them, and I was able to find various Redbox DVD kiosks being advertised for sale on Facebook Marketplace. (There are far more listings on Facebook Marketplace from people who have obtained hundreds or thousands of Redbox DVDs and are now selling them.) Recently the operating system for Redbox kiosks was dumped online, and this community is now probing it to see how it works. In a thread on Mastodon, reverse engineer Foone Turing has been posting some of her findings, which include the fact that Redbox machines contain a file that has "a complete list of titles ever rented, and the email addresses of the people who rented them, and where and when." She also found that the first six and last four digits of credit card information was logged. She said that the records on the particular unit that she was looking at contained 2,471 different transactions and had records on it dating back to 2015. Other reverse engineers have found that Redbox kiosks contained information about the physical locations of every other kiosk. The server that they communicated with is currently offline (because the company is bankrupt). But people have also been putting together information about what different error codes in the software mean (for example, the error code "0020BDT" would happen when an obstruction was detected in the machine). They have also found and dumped service manuals for different parts of the device and have found a few login passwords (one password is "US#1Choice4movierentals"). [...] There has also been discussion about how the machines could be modified to talk to a new server, or whether the operating system could be put on a DIY Redbox device. Another person installed Minecraft on their Redbox. It is still very early days, but, with the bankruptcy of Redbox's parent company, ironically these devices are being given new life.

Read more of this story at Slashdot.

Apple's $3,499 Vision Pro is struggling to attract major software-makers to develop apps for the device, a challenge that threatens to slow the progress of the company's biggest new product in a decade. WSJ: New apps released on the Vision Pro every month have slowed since its launch in January. Some of the most successful virtual-reality software developers have so far opted not to build apps for the headset. Without enough killer apps, certain users have found the device less useful and are opting to sell it. "It's a chicken-or-egg problem," said Bertrand Nepveu, who previously worked on the Vision Pro at Apple and is now an investor in this area at Triptyq Capital. Nepveu and app developers think Apple should fund app makers to give them an incentive to port over their existing apps from other headsets or to develop fresh content. This practice has become common in the industry, with headset leader Meta Platforms funding many developers and even buying several app makers. The social-media company is a formidable competitor to Apple, with a market share of all headsets reaching 74% in the second quarter this year, according to Counterpoint Research.

Read more of this story at Slashdot.