RSS 생중계

Security updates have been issued by AlmaLinux (sssd), Debian (linux-6.1 and python-parsl), Fedora (chezmoi, complyctl, composer, and firefox), Oracle (kernel), Red Hat (buildah, libpq, podman, postgresql, postgresql16, postgresql:13, postgresql:15, and postgresql:16), SUSE (avahi, curl, ffmpeg-4, ffmpeg-7, firefox, istioctl, k6, kubelogin, libmicrohttpd, libpcap-devel, libpng16, libtasn1-6-32bit, matio, ovmf, python-tornado6, python311-Authlib, and teleport), and Ubuntu (angular.js, python-urllib3, and webkit2gtk).

The European Union published guidance on December 30 that reclassified nuclear weapons as acceptable investments under its sustainable finance framework, completing a policy change approved in November that narrowed the definition of banned armaments from "controversial" to "prohibited." The shift addresses earlier vagueness that the Commission said hindered efforts to raise $932 billion in defense investments over four years. Under the revised rules, only four weapon categories remain expressly outlawed by a majority of EU states: personnel mines, cluster munitions, and biological and chemical weapons. Nuclear weapons manufacturers avoided exclusion because only Austria, Ireland and Malta signed the Treaty on the Prohibition of Nuclear Weapons, though all EU members support non-proliferation under the Non-Proliferation Treaty. The updated guidance also permits ESG labeling for companies handling depleted uranium for anti-tank ammunition and white phosphorus, which is toxic but not classified as a chemical weapon. European ESG funds currently hold minimal defense stocks, according to Jefferies data. The Commission's notice now makes these investments eligible for funds operating under Article 8 and Article 9 sustainable investment mandates.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers' needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign. VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor's API. Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is "far more advanced than typical Linux malware," said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker's focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments. "VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments," the researchers said in a separate post. "Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over." The researchers note that VoidLink poses no immediate threat or required action since it's not actively targeting systems. However, defenders should remain vigilant.

Read more of this story at Slashdot.

NASA and the U.S. Department of Energy plan to deploy a nuclear fission reactor on the Moon by 2030 to provide continuous, long-duration power for lunar bases, science missions, and future Mars exploration. space & defense reports: NASA said fission surface power will provide a critical capability for long-duration missions by delivering continuous, reliable electrical power independent of sunlight, lunar night cycles or extreme temperature conditions. Unlike solar-based systems, a nuclear reactor could operate for years without refuelling, supporting habitats, science payloads, resource utilisation systems and surface mobility. NASA Administrator Jared Isaacman said achieving long-term human presence on the Moon and future missions to Mars will require new approaches to power generation. He said closer collaboration with the Department of Energy is essential to delivering the capabilities needed to support sustained exploration and infrastructure development beyond Earth orbit. The fission surface power system is expected to produce safe, efficient and scalable electrical power, forming a foundational element of NASA's Moon-to-Mars architecture. Continuous power availability is seen as a key enabler for permanent lunar bases, in-situ resource utilisation and expanded scientific operations in permanently shadowed regions. Further reading: You Can Now Reserve a Hotel Room On the Moon For $250,000

Read more of this story at Slashdot.

Thelasko shares a report from Forbes: We have not seen this before. Iran's digital blackout has now deployed military jammers, reportedly supplied by Russia, to shut down access to Starlink Internet. This is a game-changer for the Plan-B connectivity frequently used by protesters and anti-regime activists when ordinary access to the internet is stopped. "Despite reports that tens of thousands of Starlink units are operating inside Iran," says Iran Wire, "the blackout has also reached satellite connections." It is reported that about 30 percent of Starlink's uplink and downlink traffic was (initially) disrupted," quickly rising "to more than 80 percent" within hours. The Times of Israel reports "the deployment of (Starlink) receivers is now far greater in Iran" than during previous blackouts. "That's despite the government never authorizing Starlink to function, making the service illegal to possess and use." "While it's not clear how Starlink's service was being disrupted in Iran," The Times says, "some specialists say it could be the result of jamming of Starlink terminals that would overpower their ability to receive signals from the satellites." Multiple reports suggest Russia's military technology may be responsible. Channel 4 News describes Russia's activities as a "technological race with Starlink," which it says "is known to deploy trucks which deploy radio noise to disrupt satellite signals." Simon Migliano, Head of Research at Top10VPN.com, said "Iran's current nationwide blackout is a blunt instrument intended to crush dissent," and this comes at a stark cost to the country, underpinning the regime's desperation. "This 'kill switch' approach comes at a staggering price, draining $1.56 million from Iran's economy every single hour the internet is down." He added: "Iranian authorities have proven they are prepared to weaponize connectivity, even at a tremendous domestic cost. We are looking at losses already exceeding $130 million. If the 2019 shutdown is any indicator, the regime could maintain this digital siege for days, prioritizing control over their own economic stability."

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Guardian: High-profile studies reporting the presence of microplastics throughout the human body have been thrown into doubt by scientists who say the discoveries are probably the result of contamination and false positives. One chemist called the concerns "a bombshell." Studies claiming to have revealed micro and nanoplastics in the brain, testes, placentas, arteries and elsewhere were reported by media across the world, including the Guardian. There is no doubt that plastic pollution of the natural world is ubiquitous, and present in the food and drink we consume and the air we breathe. But the health damage potentially caused by microplastics and the chemicals they contain is unclear, and an explosion of research has taken off in this area in recent years. However, micro- and nanoplastic particles are tiny and at the limit of today's analytical techniques, especially in human tissue. There is no suggestion of malpractice, but researchers told the Guardian of their concern that the race to publish results, in some cases by groups with limited analytical expertise, has led to rushed results and routine scientific checks sometimes being overlooked. The Guardian has identified seven studies that have been challenged by researchers publishing criticism in the respective journals, while a recent analysis listed 18 studies that it said had not considered that some human tissue can produce measurements easily confused with the signal given by common plastics. There is an increasing international focus on the need to control plastic pollution but faulty evidence on the level of microplastics in humans could lead to misguided regulations and policies, which is dangerous, researchers say. It could also help lobbyists for the plastics industry to dismiss real concerns by claiming they are unfounded. While researchers say analytical techniques are improving rapidly, the doubts over recent high-profile studies also raise the questions of what is really known today and how concerned people should be about microplastics in their bodies.

Read more of this story at Slashdot.

"Since the United States reopened its embassy in Cuba in 2015, a number of personnel have reported a series of debilitating medical ailments which include dizziness, fatigue, problems with memory, and impaired vision," writes longtime Slashdot reader smooth wombat. "For ten years, these sudden and unexplained onsets have been studied with no conclusive evidence one way or the other. Now comes word that a device, purchased by the Pentagon, has been tested which may be linked to what is known as Havana Syndrome." From a report: A division of the Department of Homeland Security, Homeland Security Investigations, purchased the device for millions of dollars in the waning days of the Biden administration, using funding provided by the Defense Department, according to two of the sources. Officials paid âoeeight figuresâ for the device, these people said, declining to offer a more specific number. [...] The device acquired by HSI produces pulsed radio waves, one of the sources said, which some officials and academics have speculated for years could be the cause of the incidents. Although the device is not entirely Russian in origin, it contains Russian components, this person added. Officials have long struggled to understand how a device powerful enough to cause the kind of damage some victims have reported could be made portable; that remains a core question, according to one of the sources briefed on the device. The device could fit in a backpack, this person said. [...] One key concern now for some officials is that if the technology proves viable it may have proliferated, several of the sources said, meaning that more than one country could now have access to a device that may be capable of causing career-ending injuries to US officials. Further reading: 'Havana Syndrome' Debate Rises Again in US Government

Read more of this story at Slashdot.

Meta is shutting down three acquired VR studios as part of Reality Labs layoffs and a strategic pivot away from VR content toward AI-powered smart glasses. UploadVR reports: Meta shut down Twisted Pixel Games (Deadpool VR), Sanzaru Games (Asgard's Wrath), and Armature Studio (Resident Evil 4 VR). [...] Twisted Pixel Games was founded in 2006 and mostly made Xbox games published by Microsoft for the first decade of its existence. In fact, Microsoft owned the studio from 2011 until 2015, when it became an independent company again. On contract from Facebook, between 2017 and 2019 Twisted Pixel released four VR games: Wilson's Hearth (Rift); B-Team (Go/Quest); Defector (Rift); and Path of the Warrior (Rift/Quest). In 2022, Twisted Pixel Games was acquired by Meta. And just two months ago, it released what it had been working on since then: Deadpool VR, the latest Quest-exclusive VR game. [...] Sanzaru Games was also founded in 2006, and made a combination of its own games and contract titles for companies such as Sony, porting the original God of War series to PS Vita. Sanzaru Games was also contracted by Facebook to build VR games for the Oculus Rift and its Touch controllers, between 2016 and 2019: Ripcoil (2016); VR Sports Challenge (2016); Marvel Powers United VR (2018); and Asgard's Wrath (2019). In 2020, Sanzaru Games was acquired by Facebook, and in 2023 released Asgard's Wrath 2, taking the core essence of Asgard's Wrath to Quest 2 and Quest 3 standalone, with a semi-open world and a campaign more than 60 hours long. Exactly one year ago, Sanzaru released the last major content update for Asgard's Wrath 2, stating that it was now working on the "next big thing" with no detail released on what that would be before the studio closed. Founded in 2008, Armature Studio was mainly a porting studio, bringing PC titles to consoles and console titles to PS Vita. Like Twisted Pixel and Sanzaru, Armature too was contracted by Facebook to build early consumer VR games: Fail Factory (2017); Sports Scramble (2019); and Resident Evil 4 VR (2021). Armature was acquired by Meta in 2022, and many VR gamers had been eagerly anticipating what it had been working on since. Whatever it was, Armature too is now shut down.

Read more of this story at Slashdot.

The U.S. Senate unanimously passed the Disrupt Explicit Forged Images and Non-Consensual Edits Act (DEFIANCE Act), giving victims of sexually explicit AI deepfakes the right to sue the individuals who created them. The Verge reports: The bill passed with unanimous consent -- meaning there was no roll-call vote, and no Senator objected to its passage on the floor Tuesday. It's meant to build on the work of the Take It Down Act, a law that criminalizes the distribution of nonconsensual intimate images (NCII) and requires social media platforms to promptly remove them. [...] Now the ball is again in the House leadership's court; if they decide to bring the bill to the floor, it will have to pass in order to reach the president's desk.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Network World: The global technology sector eliminated some 244,851 jobs in 2025, according to a report from RationalFX. The U.K.-based financial services company says the worldwide downsizing reflects how companies in 2025 restructured their operations to focus on efficiency, profitability, and AI-driven productivity. The RationalFX analysis, which examined layoffs reported by TrueUp, TechCrunch, and multiple state WARN databases, points to economic uncertainty, elevated interest rates, and accelerating AI and automation adoption as reasons that 2025 marked "another year of sustained downsizing following the post-pandemic correction that began in 2022." Companies indicated that AI and automation were among the most frequently cited drivers for layoffs in 2025. Some companies retrained employees when faced with the technology; many replaced roles entirely, RationalFX reports. "Tech sector layoffs in 2025 displaced hundreds of thousands of workers worldwide as companies accelerated structural resets rather than short-term cost corrections," said Alan Cohen, analyst at RationalFX, in a statement. "While macroeconomic pressures such as high interest rates, trade restrictions, and geopolitical uncertainty continued to weigh on business confidence, the dominant force behind last year's job cuts was the rapid adoption of automation and artificial intelligence." The analysis also uncovered that U.S.-headquartered technology companies were responsible for the majority of job losses, accounting for approximately 69.7% of all global tech layoffs. This resulted in more than 170,000 employees being cut across both domestic and offshore operations from U.S. tech companies. California spearheaded layoffs in the U.S. tech sector this year, with 73,499 job cuts accounting for roughly 43.08% of all tech layoffs in the country, according to the RationalFX report. The report also points out that Washington has seen 42,221 tech jobs cut since the start of the year, accounting for 24.74% of all U.S. tech layoffs. Intel contributed the single largest number of layoffs last year, reducing its headcount from 109,000 people at the end of 2024 to around 75,000 by the end of 2025. Other major U.S. tech companies with large-scale layoffs last year include Amazon (more than 20,000 jobs cut), Microsoft (approximately 19,215 layoffs), Verizon (15,000 employees), Accenture (11,000 employees), IBM (9,000 job cuts), and HP (6,000 roles).

Read more of this story at Slashdot.

BrianFagioli writes: Wine 11.0 has officially landed, wrapping up a year of development with more than 6,000 code changes and a broad set of upgrades that touch gaming, desktop behavior, and long-standing architectural work. The biggest milestone is the completion of the new WoW64 model, which is now considered fully supported and allows 32-bit and even 16-bit applications to run in a cleaner way inside 64-bit prefixes. Wine also gains support for the NTSYNC kernel module now bundled in Linux 6.14, which cuts overhead from thread synchronization and should deliver observable performance benefits in games and multi-threaded applications. A single unified wine binary now replaces the old wine64 launcher, and several system behaviors align more closely with modern Windows, including syscall numbering and NT reparse points. Graphics and desktop integration received more polish, including deeper Vulkan support (up to API 1.4.335), hardware-accelerated H.264 decoding through Direct3D, and further improvements to Wine's Wayland driver, which now supports clipboard operations, IMEs, and shaped windows. X11 users gain better window activation and fullscreen handling, and legacy DirectX features continue to expand under Wine's Vulkan renderer. Device support also moves forward, with better joystick handling, improved Bluetooth visibility and pairing, and working TWAIN scanning on 64-bit apps. Broad multimedia updates, DirectMusic refinements, .NET/XNA improvements, and developer-facing tools round out a release that appears focused on smoothing sharp edges rather than introducing flashy experiments. As always, source is live now and distro packages are rolling out.

Read more of this story at Slashdot.

After widespread backlash over its 2022 decision to remove JPEG-XL support, Google has quietly restored the image format in the latest Chrome/Chromium codebase. Phoronix reports: Back in December they merged jxl-rs as a pure Rust-based JPEG-XL image decoder from the official libjxl organization. At the end of December they did more JPEG-XL plumbing with the enums and build flags for the support. Now as of yesterday they wired up the JXL decoder! The jxl-rs-powered JPEG-XL image decoding is gated by the enable_jxl_decoder build flag but it's enabled by default.

Read more of this story at Slashdot.

An anonymous reader quotes a report from MacRumors: Apple today introduced a new Apple Creator Studio bundle that offers access to six creative apps, as well as exclusive AI features and content, as part of a single subscription. In the U.S., pricing is set at $12.99 per month or $129 per year. Here are the six apps included with an Apple Creator Studio subscription: Final Cut Pro on the Mac and iPad; Logic Pro on the Mac and iPad; Pixelmator Pro on the Mac and iPad; Motion on the Mac; Compressor on the Mac; and MainStage on the Mac. Pixelmator Pro was previously only available on the Mac, but it is coming to the iPad. Apple Creator Studio subscribers will also receive access to exclusive AI features and premium content across not only the Final Cut Pro and Pixelmator Pro apps, but also the iWork apps Numbers, Pages, and Keynote, and the Freeform app later this year. So if you want the best, fully-featured versions of all of these apps going forward, you will need to subscribe to the bundle. Apple says there will be separate Creator Studio and one-time purchase "versions" of each app. If you have both versions installed on your Mac, the Creator Studio versions will have "unique icons" so that they stand out, according to Apple. Apple Creator Studio will be available through the App Store starting Wednesday, January 28. All new subscribers will be able to receive a one-month free trial, and customers who purchase a new Mac or a qualifying iPad model with an A16, A17 Pro, or M-series chip or later will be eligible for an extended three-month free trial. "If you are not interested in subscribing to the new Apple Creator Studio bundle introduced today, you will officially start to miss out on some new features," adds MacRumors in a separate article. If you bought the apps via a one-time purchase, or plan to do so in the future, "you will no longer have access to all new features," though they will continue to receive updates. "There are some exceptions, as Apple says Logic Pro and MainStage will have all the same features whether they are subscription or one-time-purchase versions," notes MacRumors. "It looks like most if not all of the new features that will be limited to Creator Studio subscribers will be powered by AI, as Apple repeatedly describes them as 'intelligent' features. The apps are continuing to receive other new features that do not require a subscription over time, so one-time purchasers are not completely left out."

Read more of this story at Slashdot.

Prosecutors in Taiwan issued an arrest warrant [non-paywalled source] for the chief executive officer of the Chinese smartphone company OnePlus, stepping up the island's efforts to block China's tech players from recruiting Taiwanese talent. From a report: The Shilin district prosecutors office issued the warrant for CEO and co-founder Pete Lau and indicted two Taiwanese citizens who worked for him, according to an indictment by the office. OnePlus, a niche player whose phones run on a customized version of Android, is suspected of illegally recruiting more than 70 engineers in Taiwan. The autonomous territory has stepped up its efforts to stop Chinese companies from raiding workers, who are often coveted because of their technical knowledge and experience. The Taiwanese officials put such limitations in place because they say recruiting from the semiconductor sector and other tech operations could jeopardize national security.

Read more of this story at Slashdot.

Electric vehicles are more likely to be fixed at the roadside than petrol or diesel cars despite public fears to the contrary, according to new breakdown data from the AA. From a report: New research from Autotrader and the AA, carried out in December among more than 2,000 consumers, found 44% of respondents are concerned about the risk of breakdowns or roadside repairs when considering switching to an EV. Concern was highest among drivers aged 75 and over, with 56% saying they were worried. The North East recorded the highest level of concern at 52%, while women were slightly more likely to express reservations than men - 46% versus 41%. Even so, AA call-out data indicates EVs are more likely to be successfully repaired at the roadside than a 12-volt battery in a petrol or diesel car. Separately, industry data continues to indicate growing readiness to service electric cars. A recent Society of Motor Manufacturers and Traders (SMMT) survey of aftermarket businesses found 81.2% of UK workshops are already equipped to work on EVs, according to the campaign partners.

Read more of this story at Slashdot.

Analyst Ben Thompson, sharing the experience of watching an NBA game on the Vision Pro: When I started the broadcast [on Apple Vision Pro's immersive view of the Bucks vs. Lakers NBA game] I had, surprise surprise, a studio show, specially tailored for the Apple Vision Pro. In other words, there was a dedicated camera, a dedicated presenter, a dedicated graphics team, etc. There was even a dedicated announcing team! This all sounds expensive and special, and I think it was a total waste. Here's the thing that you don't seem to get, Apple: the entire reason why the Vision Pro is compelling is because it is not a 2D screen in my living room; it's an immersive experience I wear on my head. That means that all of the lessons of TV sports production are immaterial. In fact, it's worse than that: insisting on all of the trappings of a traditional sports broadcast has two big problems: first, because it is costly, it means that less content is available than might be otherwise. And second, it makes the experience significantly worse. [...] I have, as I noted, had the good fortune of sitting courtside at an NBA game, and this very much captured the experience. The biggest sensation you get by being close to the players is just how tall and fast and powerful they are, and you got that sensation with the Vision Pro; it was amazing. The problem, however, is that you would be sitting there watching Giannis or LeBron or Luka glide down the court, and suddenly you would be ripped out of the experience because the entirely unnecessary producer decided you should be looking through one of these baseline cameras under the hoop [...]

Read more of this story at Slashdot.

Mercedes-Benz is pausing the roll-out of Drive Pilot, an "eyes off" conditionally automated driving feature that was available in Europe and the US. From a report: As first reported by German publication Handelsblatt, the revised S-Class will not have the Level 3 system when it arrives at the end of this month. Mercedes was one of the first automakers to offer a Level 3 driving system to its customers when it launched Drive Pilot with the electric EQS sedan and the gas-powered S-Class in the fall of 2023. At up to 40mph in traffic jam situations on highways, Drive Pilot provided hands-free, eyes-off driving that allows the driver to look away from the road at something else, like a game or a movie. It was big leap up from hands-free Level 2 systems -- Tesla's Autopilot and Full Self-Driving (FSD) included -- which still require the driver to be in full control, looking ahead and paying attention while the system is active. But now Mercedes says it is temporarily scrapping the feature, citing middling demand and the high production costs of developing the technology.

Read more of this story at Slashdot.

Quality-of-service (QoS) mechanisms attempt to prioritize some processes (or network traffic, disk I/O, etc.) over others in order to meet a system's performance goals. This is a difficult topic to handle in the world of Linux, where workloads, hardware, and user expectations vary wildly. Qais Yousef spoke at the 2025 Linux Plumbers Conference, alongside his collaborators John Stultz, Steven Rostedt, and Vincent Guittot, about their plans for introducing a high-level QoS API for Linux in a way that leaves end users in control of its configuration. The talk focused specifically on a QoS mechanism for the scheduler, to prioritize access to CPU resources differently for different kinds of processes. (slides; video)

The Federal Communications Commission is letting Verizon lock phones to its network for longer periods, eliminating a requirement to unlock handsets 60 days after they are activated on its network. From a report: The change will make it harder for people to switch from Verizon to other carriers. The FCC today granted Verizon's petition for a waiver of the 60-day unlocking requirement. While the waiver is in effect, Verizon only has to comply with the CTIA trade group's voluntary unlocking policy. The CTIA policy calls for unlocking prepaid mobile devices one year after activation, while devices on postpaid plans can be unlocked after a contract, device financing plan, or early termination fee is paid. Unlocking a phone allows it to be used on another carrier's network. While Verizon was previously required to unlock phones automatically after 60 days, the CTIA code says carriers only have to unlock phones "upon request" from consumers. The FCC said the Verizon waiver will remain in effect until the agency "decides on an appropriate industry-wide approach for the unlocking of handsets."

Read more of this story at Slashdot.

America's largest power-grid operator, PJM, which delivers electricity to 67 million people across a 13-state region from New Jersey to Kentucky, is approaching a supply crisis as AI data centers in Northern Virginia's "Data Center Alley" consume electricity at an unprecedented rate. The nonprofit expects demand to grow by 4.8% annually over the next decade. Mark Christie, former chairman of the Federal Energy Regulatory Commission, said the reliability risk that was once "on the horizon" is now "across the street." Dominion Energy, the utility serving parts of Virginia, has received requests from data-center developers requiring more than 40 gigawatts of electricity -- roughly twice its Virginia network capacity at the end of 2024. Older power plants are going out of service faster than new ones can be built, and the grid could max out during periods of high demand, forcing rolling blackouts during heat waves or deep freezes. In November, efforts to establish new rules for data centers stalled when PJM, tech companies, power suppliers and utilities couldn't agree on a plan. Monitoring Analytics, the firm that oversees the market, warned that unless data centers bring their own power supply, "PJM will be in the position of allocating blackouts rather than ensuring reliability."

Read more of this story at Slashdot.