RSS 생중계

One year from today, on October 14, 2025, Microsoft will stop releasing security updates for PCs that are still running Windows 10. From a report: Organizations and individuals will still be able to pay for three more years of updates, with prices that go up steadily each year (Microsoft still hasn't provided pricing for end users, only saying that it will release pricing info "closer to the October 2025 date.") But for most PCs running Windows 10, the end of the line is in sight.

Read more of this story at Slashdot.

Following moves by both the European Union and India to implement USB-C as the default charging port for all consumer devices, the British government has now begun a consultation on whether it should follow suit and implement a common standard for charging, and if this should be USB-C. From a report: The consultation has been started by the Office for Product Safety and Standards which sits within the Department for Business and Trade, and it calls for manufacturers, importers, distributors, and trade associations to provide their input on the matter. Of course, should the UK decide against adopting USB-C and implement a separate standard, expect that device manufacturers just provide dongles to support this rather than having unique device versions. The Office for Product Safety and Standards stated the following on this topic: "We consider that it would potentially help businesses and deliver consumer and environmental benefits if we were to introduce standardized requirements for chargers for certain portable electrical/electronic devices across the whole UK. We are seeking views from manufacturers, importers, distributors, and trade associations as to whether it would be helpful to do so and, if so, whether this should be based on USB-C â" as adopted by the EU."

Read more of this story at Slashdot.

Version 1.4 of the Inkscape open-source vector-graphics editor has been released. Highlights of this release include a filter gallery, import for Affinity Designer files, internal links in exported PDFs, and more. See the release notes for all of the new features. LWN previewed the 1.4 release in early October.

It is too early to say what the outcome will be in the ongoing fight between Automattic and WP Engine, but the WordPress community at large is already the loser. Automattic founder and CEO Matt Mullenweg has been using his control of the project, and the WordPress.org infrastructure, to punish WP Engine and remove some dissenting contributors from discussion channels. Most recently, Mullenweg has instituted a hostile fork of a WP Engine plugin and the forked plugin is replacing the original via WordPress updates.

schwit1 writes: Chinese scientists have mounted what they say is the world's first effective attack on a widely used encryption method using a quantum computer. The breakthrough poses a "real and substantial threat" to the long-standing password-protection mechanism employed across critical sectors, including banking and the military, according to the researchers. Despite the slow progress in general-purpose quantum computing, which currently poses no threat to modern cryptography, scientists have been exploring various attack approaches on specialised quantum computers. In the latest work led by Wang Chao, of Shanghai University, the team said it used a quantum computer produced by Canada's D-Wave Systems to successfully breach cryptographic algorithms. Using the D-Wave Advantage, they successfully attacked the Present, Gift-64 and Rectangle algorithms -- all representative of the SPN (Substitution-Permutation Network) structure, which forms part of the foundation for advanced encryption standard (AES) widely used in the military and finance. AES-256, for instance, is considered the best encryption available and often referred to as military-grade encryption. While the exact passcode is not immediately available yet, it is closer than ever before, according to the study. "This is the first time that a real quantum computer has posed a real and substantial threat to multiple full-scale SPN structured algorithms in use today," they said in the peer-reviewed paper.

Read more of this story at Slashdot.

An anonymous reader shares a report: A Florida data broker that lost hundreds of millions of Social Security numbers and other personally identifiable information in a data breach earlier this year, has filed for Chapter 11 bankruptcy protection as the company faces a wave of litigation. Jericho Pictures, the parent company of the hacked data broker National Public Data, told a Florida bankruptcy court that it was unlikely to be able to repay its debtors or address its anticipated liabilities and class-action lawsuits, including paying "for credit monitoring for hundreds of millions of potentially impacted individuals." In its initial filing, Jericho Pictures' owner, Salvatore Verini, said the company "faces substantial uncertainty facing regulatory challenges by the Federal Trade Commission and more than 20 states with civil penalties for data breaches."

Read more of this story at Slashdot.

NASA's Europa Clipper mission lifted off successfully on Monday, marking the agency's first mission to Jupiter in over a decade. The $5.2 billion spacecraft aims to investigate whether Europa, Jupiter's fourth-largest moon, could harbor conditions suitable for life. A SpaceX Falcon Heavy rocket launched from NASA's Kennedy Space Center in Florida at 12:06 p.m. Eastern time, lifting the Europa Clipper spacecraft into orbit around Earth. Europa Clipper, NASA's largest-ever interplanetary craft, weighs 12,500 pounds and boasts solar panels spanning 100 feet. Its nine scientific instruments will study Europa's surface and interior in unprecedented detail. After a 1.8 billion-mile journey, the spacecraft will reach Jupiter in April 2030. It will then conduct 49 flybys of Europa over four years, coming within 16 miles of the moon's surface. Scientists believe Europa's subsurface ocean could contain twice as much water as Earth's oceans. The mission will measure ocean depth, analyze surface compounds, and map Europa's magnetic field to gather clues about its internal composition. Instruments will search for warm spots indicating thin ice, potential cryovolcanoes, and plumes of water vapor. The spacecraft will also attempt to identify carbon-based molecules that could serve as building blocks for life. "Europa is certainly the most likely place for life beyond Earth in our solar system," Robert Pappalardo, Europa Clipper project scientist, told the New York Times.

Read more of this story at Slashdot.

While Debian's "sauce" is not actually all that secret, it is not particularly well-known either, Samuel Henrique said at the start of his DebConf24 talk. There is a lot of software-engineering effort that has been put in place by the distribution in order to create and maintain its releases, but "loads of people are not aware" of it. That may be due to the fact that all of that is not really documented anywhere in a central location that he can just point someone to. Recognizing that is what led him to give the talk; hopefully it will be a "first step toward" helping solve the problem.

WordPress.org has seized control of WP Engine's Advanced Custom Fields plugin, renaming it "Secure Custom Fields" and removing commercial elements, according to WordPress co-founder Matt Mullenweg. The move, justified by alleged security concerns and linked to ongoing litigation between WP Engine and Automattic, marks an unprecedented forcible takeover in the WordPress ecosystem. David Heinemeier Hansson, creator of Ruby on Rails and co-founder and chief technology officer of Basecamp-maker 37signals, opines on the situation: For a dispute that started with a claim of "trademark confusion", there's an incredible irony in the fact that Automattic is now hijacking users looking for ACF onto their own plugin. And providing as rational for this unprecedented breach of open source norms that ACF needs maintenance, and since WPE is no longer able to provide that (given that they were blocked!), Automattic has to step in to do so. I mean, what?! Imagine this happening on npm? Imagine Meta getting into a legal dispute with Microsoft (the owners of GitHub, who in turn own npm), and Microsoft responding by directing GitHub to ban all Meta employees from accessing their repositories. And then Microsoft just takes over the official React repository, pointing it to their own Super React fork. This is the kind of crazy we're talking about. Weaponizing open source code registries is something we simply cannot allow to form precedence. They must remain neutral territory. Little Switzerlands in a world of constant commercial skirmishes. And that's really the main reason I care to comment on this whole sordid ordeal. If this fight was just one between two billion-dollar companies, as Automattic and WPE both are, I would not have cared to wade in. But the principles at stake extend far beyond the two of them. Using an open source project like WordPress as leverage in this contract dispute, and weaponizing its plugin registry, is an endangerment of an open source peace that has reigned decades, with peace-time dividends for all. Not since the SCO-Linux nonsense of the early 2000s have we faced such a potential explosion in fear, doubt, and uncertainty in the open source realm on basic matters everyone thought they could take for granted.

Read more of this story at Slashdot.

The growing use of AI and machine learning in financial services globally can lead to financial stability risks and warrants adequate risk mitigation practices by banks, the Governor of the Reserve Bank of India said on Monday. From a report: "The heavy reliance of AI can lead to concentration risks, especially when a small number of technology providers dominate the market," Shaktikanta Das said at an event in New Delhi. This could amplify systemic risks as failures or disruptions in these systems may cascade across the financial sector, Das added. India's financial service providers are using AI to enhance customer experience, reduce costs, manage risks and drive growth through chatbots and personalised banking. The growing use of AI introduces new vulnerabilities like increased susceptibility to cyber attacks and data breaches, Das said. AI's "opacity" makes it difficult to audit and interpret algorithms which drive lender's decisions and could potentially lead to "unpredictable consequences in the market," he warned.

Read more of this story at Slashdot.

Security updates have been issued by Debian (docker.io, libreoffice, node-dompurify, python-reportlab, and thunderbird), Fedora (buildah, chromium, kernel, kernel-headers, libgsf, mosquitto, p7zip, podman, python-cramjam, python-virtualenv, redis, rust-async-compression, rust-brotli, rust-brotli-decompressor, rust-libcramjam, rust-libcramjam0.2, rust-nu-command, rust-nu-protocol, rust-redlib, rust-tower-http, thunderbird, and webkit2gtk4.0), Oracle (.NET 6.0, .NET 8.0, e2fsprogs, firefox, golang, openssl, python3-setuptools, systemd, and thunderbird), SUSE (chromium, firefox, java-jwt, libmozjs-128-0, libwireshark18, ntpd-rs, OpenIPMI, thunderbird, and wireshark), and Ubuntu (firefox, python2.7, python3.5, thunderbird, and ubuntu-advantage-desktop-daemon).

The Internet Archive has resumed operations in a read-only state following a cyberattack that took the digital library offline on October 9, coupled with the theft of 31 million user authentication records. "Safe to resume but might need further maintenance, in which case it will be suspended again," said Brewster Kahle, Internet Archive's founder. The website is currently now allowing users to save pages.

Read more of this story at Slashdot.

Meta senior research Yann LeCun (also a professor at New York University) told the Wall Street Journal that worries about AI threatening humanity are "complete B.S." When a departing OpenAI researcher in May talked up the need to learn how to control ultra-intelligent AI, LeCun pounced. "It seems to me that before 'urgently figuring out how to control AI systems much smarter than us' we need to have the beginning of a hint of a design for a system smarter than a house cat," he replied on X. He likes the cat metaphor. Felines, after all, have a mental model of the physical world, persistent memory, some reasoning ability and a capacity for planning, he says. None of these qualities are present in today's "frontier" AIs, including those made by Meta itself. LeCun shared a Turing Award with Geoffrey Hinton and Hoshua Bengio (who hopes LeCun is right, but adds "I don't think we should leave it to the competition between companies and the profit motive alone to protect the public and democracy. That is why I think we need governments involved.") But LeCun still believes AI is a very powerful tool — even as Meta joins the quest for artificial general intelligence: Throughout our interview, he cites many examples of how AI has become enormously important at Meta, and has driven its scale and revenue to the point that it's now valued at around $1.5 trillion. AI is integral to everything from real-time translation to content moderation at Meta, which in addition to its Fundamental AI Research team, known as FAIR, has a product-focused AI group called GenAI that is pursuing ever-better versions of its large language models. "The impact on Meta has been really enormous," he says. At the same time, he is convinced that today's AIs aren't, in any meaningful sense, intelligent — and that many others in the field, especially at AI startups, are ready to extrapolate its recent development in ways that he finds ridiculous... OpenAI's Sam Altman last month said we could have Artificial General Intelligence within "a few thousand days...." But creating an AI this capable could easily take decades, [LeCun] says — and today's dominant approach won't get us there.... His bet is that research on AIs that work in a fundamentally different way will set us on a path to human-level intelligence. These hypothetical future AIs could take many forms, but work being done at FAIR to digest video from the real world is among the projects that currently excite LeCun. The idea is to create models that learn in a way that's analogous to how a baby animal does, by building a world model from the visual information it takes in. In contrast, today's AI models "are really just predicting the next word in a text, he says... And because of their enormous memory capacity, they can seem to be reasoning, when in fact they're merely regurgitating information they've already been trained on."

Read more of this story at Slashdot.

Bobby Renfro spent $1,200 to buy a gas-powered electricity generator for a community resource hub he set up in a former church near hurricane-struck Asheville, North Carolina. He's spending thousands more on fuel, reports the Associated Press — though he's just one of many. Right now over 500,000 people are without power in Florida, according to the PowerOutage.us project — with more than 9,000 in Georgia, and over 17,000 in North Carolina" Without it, they can't keep medicines cold or power medical equipment or pump well water. They can't recharge their phones or apply for federal disaster aid... Residents who can get their hands on gas and diesel-powered generators are depending on them, but that is not easy. Fuel is expensive and can be a long drive away. Generator fumes pollute and can be deadly. Small home generators are designed to run for hours or days, not weeks and months. Now, more help is arriving. Renfro received a new power source this week, one that will be cleaner, quieter and free to operate. Volunteers with the nonprofit Footprint Project and a local solar installation company delivered a solar generator with six 245-watt solar panels, a 24-volt battery and an AC power inverter. The panels now rest on a grassy hill outside the community building. Renfro hopes his community can draw some comfort and security, "seeing and knowing that they have a little electricity." The Footprint Project is scaling up its response to this disaster with sustainable mobile infrastructure. It has deployed dozens of larger solar microgrids, solar generators and machines that can pull water from the air to 33 sites so far, along with dozens of smaller portable batteries. With donations from solar equipment and installation companies as well as equipment purchased through donated funds, the nonprofit is sourcing hundreds more small batteries and dozens of other larger systems and even industrial-scale solar generators known as "Dragon Wings."

Read more of this story at Slashdot.

"Google is developing a Linux terminal app for Android," reports the blog Android Authority. "The Terminal app can be enabled via developer options and will install Debian in a virtual machine. "This app is likely intended for Chromebooks but might also be available for mobile devices, too." While there are ways to run some Linux apps on Android devices, all of those methods have some limitations and aren't officially supported by Google. Fortunately, though, Google is finally working on an official way to run Linux apps on Android... This Terminal app is part of the Android Virtualization Framework (AVF) and contains a WebView that connects to a Linux virtual machine via a local IP address, allowing you to run Linux commands from the Android host... A set of patches under the tag "ferrochrome-dev-option" was recently submitted to the Android Open Source Project that adds a new developer option called Linux terminal under Settings > System > Developer options. This new option will enable a "Linux terminal app that runs inside the VM," according to its proposed description. Toggling this option enables the Terminal app that's bundled with AVF... Google is still working on improving the Terminal app as well as AVF before shipping this feature... What's particularly interesting about the patch that adds these settings is that it was tested on "tangorpro" and "komodo," the codenames for the Pixel Tablet and Pixel 9 Pro XL respectively. This suggests that the Terminal app won't be limited to Chromebooks like the new desktop versions of Chrome for Android.

Read more of this story at Slashdot.

"Some prominent privacy advocates are encouraging customers to pull their data" from 23andMe, reports SFGate. But can you actually do that? 23andMe makes it easy to feel like you've protected your genetic footprint. In their account settings, customers can download versions of their data to a computer and choose to delete the data attached to their 23andMe profile. An email then arrives with a big pink button: "Permanently Delete All Records." Doing so, it promises, will "terminate your relationship with 23andMe and irreversibly delete your account and Personal Information." But there's another clause in the email that conflicts with that "terminate" promise. It says 23andMe and whichever contracted genotyping laboratory worked on a customer's samples will still hold on to the customer's sex, date of birth and genetic information, even after they're "deleted." The reason? The company cites "legal obligations," including federal laboratory regulations and California lab rules. The federal program, which sets quality standards for laboratories, requires that labs hold on to patient test records for at least two years; the California rule, part of the state's Business and Professions Code, requires three. When SFGATE asked 23andMe vice president of communications Katie Watson about the retention mandates, she said 23andMe does delete the genetic data after the three-year period, where applicable... Before it's finally deleted, the data remains 23andMe property and is held under the same rules as the company's privacy policy, Watson added. If that policy changes, customers are supposed to be informed and asked for their consent. In the meantime, a hack is unfortunately always possible. Another 23andMe spokesperson, Andy Kill, told SFGATE that [CEO Anne] Wojcicki is "committed to customers' privacy and pledges to retain the current privacy policy in force for the foreseeable future, including after the acquisition she is currently pursuing." An Electronic Frontier Foundation privacy lawyer tells SFGate there's no information more personal than your DNA. "It is like a Social Security number, it can't be changed. But it's not just a piece of paper, it's kind of you." He urged 23andMe to leave customers' data out of any acquisition deals, and promise customers they'd avoid takeover attempts from companies with bad security — or with ties to law enforcement.

Read more of this story at Slashdot.

America's electric vehicle subsidies brought a 2-to-1 return on investment, according to a paper by the National Bureau of Economic Research. "That includes environmental benefits, but mostly reflects a shift of profits to the United States," reports the New York Times. "Before the climate law, tax credits were mainly used to buy foreign-made cars." "What the [subsidy legislation] did was swing the pendulum the other way, and heavily subsidized American carmakers," said Felix Tintelnot, an associate professor of economics at Duke University who was a co-author of the paper. Those benefits were undermined, however, by a loophole allowing dealers to apply the subsidy to leases of foreign-made electric vehicles. The provision sends profits to non-American companies, and since those foreign-made vehicles are on average heavier and less efficient, they impose more environmental and road-safety costs. Also, the researchers estimated that for every additional electric vehicle the new tax credits put on the road, about three other electric vehicle buyers would have made the purchases even without a $7,500 credit. That dilutes the effectiveness of the subsidies, which are forecast to cost as much as $390 billion through 2031. The chief economist at Cox Automotive (which provided some of the data) tells the Times that "we could do better", but adds that the subsidies were "worth the money invested". But of course, that depends partly on how benefits were calculated: [U]ing the Environmental Protection Agency's "social cost of carbon" metric, they calculated the dollar cost of each model's lifetime carbon emissions from both manufacturing and driving. On average, emissions by gas-powered vehicles impose 57% greater costs than electric vehicles. The study then calculated harms from air pollution other than greenhouse gases — smog, for example. That's where electric vehicles start to perform relatively poorly, since generating the electricity for them still creates pollution. Those harms will probably fade as more wind and solar energy comes online, but they are significant. Finally, the authors added the road deaths associated with heavier cars. Batteries are heavy, so electric vehicles — especially the largest — are likelier to kill people in crashes. Totaling these costs and then subtracting fiscal benefits through gas taxes and electricity bills, electric vehicles impose $16,003 in net harms, the authors said, while gas vehicles impose $19,239. But the range is wide, with the largest electric vehicles far outpacing many internal combustion cars. By this methodology, a large electric pickup like the Rivian imposes three times the harms of a Prius, according to one of the study's co-authors (a Stanford professor of global environmental). And yet "we are subsidizing the Rivian and not the Prius..."

Read more of this story at Slashdot.

To avoid overloading local electric grids, Britain's most productive windfarm "is paid to turn off," reports the Guardian — and across the industry these so-called "constraint payments" amount to billions every year. "Government officials are hoping to correct the clear inefficiencies in the market by overhauling the market itself." Greg Jackson, the founder of Octopus Energy, told the Guardian: "It's grotesque that energy costs are rising again this winter, whilst we literally pay windfarms these extortionate prices not to generate. Locational pricing would instead mean that local people got cheap power when it's windy. Scotland would have the cheapest power in Europe, instead of among the most expensive, and every region would be cheaper than today. Companies would invest in infrastructure where we need it — not where they get the highest subsidies." The changes could catalyse an economic osmosis of high energy users — such as datacentres and factories — into areas of the country with low energy prices, creating new job opportunities beyond the south-east. It could also spur the development of new energy projects — particularly rooftop solar — across buildings in urban areas where energy demand is high. This rebalancing of the energy market could save the UK nearly £49bn in accumulated network costs by 2040, according to a study commissioned by the energy regulator from FTI Consulting. But others fear the changes could come at a deeper cost to Britain's climate goals — and bill payers too. The clean energy companies preparing to spend billions on building new wind and solar farms are concerned that a redrawing of the market boundaries could radically change the economics of new renewable energy projects — which would ultimately raise the costs, which would be passed on to consumers, or see the projects scrapped altogether... With stiff competition in the international markets for investment in clean energy, Renewable UK [the industry's trade group] fears that companies and their investors will simply choose to build new clean energy projects elsewhere. "The debate has driven deep rifts across the industry," the article concludes, "between modernisers who believe the new price signals would give rise to a new, rational market and those who fear the changes risk unravelling Britain's low-carbon agenda... "The government is expected to make a decision on how to proceed in the coming months, but the fierce debate between warring factions of the energy industry is likely to continue for far longer." Thanks to long-time Slashdot reader AmiMoJo for sharing the news.

Read more of this story at Slashdot.

The 6.12-rc3 kernel prepatch is out for testing.

So the diffstat looks a bit odd, because one of the fixes here caused the UTF tables to be regenerated, and an effective one-liner change turned into 6703 lines of diff.

But if you ignore that effect, everything looks normal.

Slashdot reader Rick Schumann shared this report from the blog AppleInsider: A new paper from Apple's artificial intelligence scientists has found that engines based on large language models, such as those from Meta and OpenAI, still lack basic reasoning skills. The group has proposed a new benchmark, GSM-Symbolic, to help others measure the reasoning capabilities of various large language models (LLMs). Their initial testing reveals that slight changes in the wording of queries can result in significantly different answers, undermining the reliability of the models. The group investigated the "fragility" of mathematical reasoning by adding contextual information to their queries that a human could understand, but which should not affect the fundamental mathematics of the solution. This resulted in varying answers, which shouldn't happen... The study found that adding even a single sentence that appears to offer relevant information to a given math question can reduce the accuracy of the final answer by up to 65 percent. "There is just no way you can build reliable agents on this foundation, where changing a word or two in irrelevant ways or adding a few bit of irrelevant info can give you a different answer," the study concluded... "We found no evidence of formal reasoning in language models," the new study concluded. The behavior of LLMS "is better explained by sophisticated pattern matching" which the study found to be "so fragile, in fact, that [simply] changing names can alter results."

Read more of this story at Slashdot.