RSS 생중계

In September, a group of long-time maintainers of Ruby packaging tools projects had their GitHub privileges for revoked by nonprofit corporation Ruby Central in what many people are calling a hostile takeover. Ruby Central and its board members have issued several public statements that have, so far, failed to satisfy many in the Ruby community. In response, some of the former contributors to RubyGems are working on an alternative service called gem.coop. On October 17, ownership of the RubyGems and Bundler repositories was handed over to the Ruby core team, even though those projects had never been part of core Ruby previously. The takeover and subsequent events have raised a number of questions in the Ruby community.

A Court of Accounts report written before Sunday's theft of crown jewels from the Louvre revealed the museum's security systems were outdated and inadequate [non-paywalled source]. The report noted a lack of basic CCTV equipment across multiple wings. Cameras had mainly been installed only when rooms were refurbished due to repeated postponements of scheduled modernization. In the Denon wing where the Apollo Gallery was targeted, a third of rooms had no CCTV cameras. Three-quarters of rooms in the Richelieu wing and nearly two-thirds in the Sully wing lacked cameras. The thieves were caught on camera at one point but were masked and impossible to identify, according to Paris public prosecutor Laure Beccuau. The alarm system activated when thieves cut open display cases, but they threatened staff who left the area. Culture minister Rachida Dati confirmed new CCTV cameras would be installed. President Macron had earmarked $186.30 million to upgrade the Louvre's security systems under a renaissance plan launched in June.

Read more of this story at Slashdot.

Nvidia CEO Jensen Huang says his company has lost all access to China's market after U.S. export restrictions eliminated what was once a 95% share. Speaking in an interview with Citadel Securities, Huang questioned the wisdom of policies that cost America one of the world's largest markets. The Biden Administration imposed rules in 2022 to restrict exports of Nvidia's most advanced AI chips to China. The Trump Administration blocked additional chip sales in April and later granted export licenses for certain Nvidia and AMD chips in exchange for 15% of revenues. Chinese regulators responded by telling domestic tech companies to avoid Nvidia chips designed to meet U.S. export requirements. Beijing also placed strict limits on exports of rare earths. Huang noted that about half the world's AI researchers are in China and called it a mistake not to have them build AI on American technology.

Read more of this story at Slashdot.

Google plans to let Pixel smartphone enthusiasts test out the company's next handset ahead of its public introduction. From a report: Google has invited members of its "Superfans" group to apply to test future Pixel hardware, asking entrants to profess their knowledge and passion for the brand in hopes of being able to beta test forthcoming products. Consumer tech companies often let small groups of customers try out unreleased products under strict secrecy to gather feedback during development. But it's incredibly rare for a company of Google's size to do it with something as high-profile as the Pixel lineup. The search giant will select 15 people from the pool of entrants, and winners must all sign a non-disclosure agreement to receive devices, according to official rules for the contest reviewed by Bloomberg News. "The Trusted Tester program is an opportunity to provide feedback and help shape a Pixel phone currently in development," the document reads.

Read more of this story at Slashdot.

An anonymous reader writes: "Hoisted by their own GPTards." That's how Meta's Chief AI Scientist Yann LeCun described the blowback after OpenAI researchers did a victory lap over GPT-5's supposed math breakthroughs. Google DeepMind CEO Demis Hassabis added, "this is embarrassing." The Decoder reports that in a since-deleted tweet, OpenAI VP Kevin Weil declared that "GPT-5 found solutions to 10 (!) previously unsolved Erdos problems and made progress on 11 others." ("Erdos problems" are famous conjectures posed by mathematician Paul Erdos.) However, mathematician Thomas Bloom, who maintains the Erdos Problems website, said Weil's post was "a dramatic misrepresentation" -- while these problems were indeed listed as "open" on Bloom's website, he said that only means, "I personally am unaware of a paper which solves it." In other words, it's not accurate to claim GPT-5 was able to solve previously unsolved problems. Instead, Bloom wrote, "GPT-5 found references, which solved these problems, that I personally was unaware of."

Read more of this story at Slashdot.

The Sims is in a period of transition -- and as part of that, the ongoing mobile version will be shutting down in a few months. From a report: EA announced that today's update for The Sims Mobile will be its last, and that on January 20th, 2026 the game "will no longer be accessible to play and will be sunset." The mobile iteration of the franchise first launched in 2018, and has seen more than 50 updates since then. EA says that starting today players will no longer be able to spend real money in the game, and that it will be delisted on both iOS and Android tomorrow before the servers shut down completely next year, making it entirely unplayable.

Read more of this story at Slashdot.

China says it has uncovered what it describes as irrefutable evidence of American government cyber attacks targeting the National Time Service Center. The Ministry of State Security said the National Security Agency exploited vulnerabilities in employees' mobile phones beginning March 25, 2022, and later used stolen login credentials to access the center's computers starting April 18, 2023. The facility in Xi'an provides high-precision timekeeping service for the government, civil society, and various industries. It also supplies data used to calculate international standard time. Chinese authorities said investigators found that private servers worldwide were employed to conceal the attacks' origin. The accusations emerge against a backdrop of mutual cyber-espionage claims between Washington and Beijing. Western governments and companies have repeatedly blamed Chinese hackers for intrusions in recent years.

Read more of this story at Slashdot.

An electronic eye implant has restored reading ability to patients blinded by geographic atrophy, a form of dry age-related macular degeneration. Results published Monday in the New England Journal of Medicine showed that 84% of trial participants regained the ability to read letters, numbers, and words after receiving the Prima device. The microchip measures two millimetres by two millimetres and is implanted beneath the center of the retina. Patients wear augmented reality glasses containing a camera that projects images onto the chip. The device converts light into electrical pulses transmitted to the brain. Frank Holz, the study's lead author and chair of ophthalmology at the University Hospital of Bonn, called the implant "a paradigm shift in treating late-stage age-related macular degeneration." Mahi Muqit, a consultant at Moorfields Eye Hospital in London, said the trial enabled "meaningful central vision restoration, which has never been done before." The procedure takes less than two hours and requires intensive rehabilitation. Science Corporation, which manufactures the device, has applied for clinical authorization in the United States and Europe.

Read more of this story at Slashdot.

Importing modules in Python is ubiquitous; most Python programs start with at least a few import statements. But the performance impact of those imports can be large—and may be entirely wasted effort if the symbols imported end up being unused. There are multiple ways to lazily import modules, including one in the standard library, but none of them are part of the Python language itself. That may soon change, if the recently proposed PEP 810 ("Explicit lazy imports") is approved.

Food allergies in children dropped sharply in the years after new guidelines encouraged parents to introduce infants to peanuts, a study has found. The New York Times: For decades, as food allergy rates climbed, experts recommended that parents avoid exposing their infants to common allergens. But a landmark trial in 2015 found that feeding peanuts to babies could cut their chances of developing an allergy by over 80%. [non-paywalled source.] In 2017, the National Institute of Allergy and Infectious Diseases formally recommended the early-introduction approach and issued national guidelines. The new study, published Monday in the journal Pediatrics, found that food allergy rates in children under 3 fell after those guidelines were put into place -- dropping to 0.93% between 2017 and 2020, from 1.46% between 2012 and 2015. That's a 36% reduction in all food allergies, driven largely by a 43% drop in peanut allergies. The study also found that eggs overtook peanuts as the No. 1 food allergen in young children. The study did not examine what infants ate, so it does not show that the guidelines caused the decline. Still, the data is promising. While all food allergies can be dangerous, 80% of people never outgrow one.

Read more of this story at Slashdot.

India will need as much as $21 trillion to achieve its climate goals and lift its population out of poverty, according to a draft government plan seen by Bloomberg. From the report: The estimate offers a first glimpse of how the country intends to live up to its target of net zero emissions by 2070. The updated scenario implies hitting peak emissions in 2045, which is a decade earlier than the current trajectory. India is already being severely battered by the fallout of climate change, as deadly floods and heat waves become more destructive each year. But the need to mitigate the emissions that feed climate change has historically been at odds with India's priorities of economic growth and energy security, with the latter still mostly provided through coal. The new plan shows India will seek to achieve climate and economic development goals simultaneously, with low-carbon options envisaged for much of its yet-to-be-built residential and industrial infrastructure.

Read more of this story at Slashdot.

Test scores across OECD countries peaked around 2012 and have declined since. IQ scores in many developed countries appear to be falling after rising throughout the twentieth century. Nataliya Kosmyna at MIT's Media Lab began noticing changes around two years ago when strangers started emailing her to ask if using ChatGPT could alter their brains. She posted a study in June tracking brain activity in 54 students writing essays. Those using ChatGPT showed significantly less activity in networks tied to cognitive processing and attention compared to students who wrote without digital help or used only internet search engines. Almost none could recall what they had written immediately after submitting their work. She received more than 4,000 emails afterward. Many came from teachers who reported students producing passable assignments without understanding the material. A British survey found that 92% of university students now use AI and roughly 20% have used it to write all or part of an assignment. Independent research has found that more screen time in schools correlates with worse results. Technology companies have designed products to be frictionless, removing the cognitive challenges brains need to learn. AI now allows users to outsource thinking itself.

Read more of this story at Slashdot.

Security updates have been issued by Debian (imagemagick, incus, lxd, pgagent, svgpp, and sysstat), Fedora (chromium, complyctl, fetchmail, firefox, mbedtls, mingw-binutils, mingw-python3, mingw-qt5-qtsvg, mingw-qt6-qtsvg, python3.10, python3.11, python3.12, python3.9, runc, and suricata), Mageia (expat), Red Hat (firefox, kernel, qt5-qtbase, and qt6-qtbase), Slackware (stunnel), SUSE (chromium, coredns, ctdb, firefox, kernel, libexslt0, libpoppler-cpp2, ollama, openssl-1_1, pam, samba, and thunderbird), and Ubuntu (samba).

AWS experienced a three-hour outage early Monday morning that disrupted thousands of websites and applications across the globe. The cloud computing provider reported DNS problems with DynamoDB in its US-EAST-1 region in northern Virginia starting at 12:11 a.m. Pacific time. Over 4 million users reported issues, according to Downdetector. Snapchat saw reports spike from more than 22,000 to around 4,000 as systems recovered. Roblox dropped from over 12,600 complaints to fewer than 500. Reddit and the financial platform Chime remained affected longer. Perplexity, Coinbase and Robinhood attributed their platform disruptions directly to AWS. Gaming platforms including Fortnite, Clash Royale and Clash of Clans went offline. Signal confirmed the messaging app was down. In Britain, Lloyd Bank, Bank of Scotland, Vodafone, BT, and the HMRC website faced problems. United Airlines reported disrupted access to its app and website overnight. Some internal systems were temporarily affected. Delta experienced a small number of minor flight delays. By 3:35 a.m. Pacific time, AWS said the issue had been fully mitigated. Most service operations were succeeding normally though some requests faced throttling during final resolution. AWS holds roughly one-third of the cloud infrastructure market ahead of Microsoft and Google.

Read more of this story at Slashdot.

A recent article in Noema magazines explores the issues in "editing nature to fix our failures." "It turns out playing God is neither difficult nor expensive," the article points out. "For about $2,000, I can go online and order a decent microscope, a precision injection rig, and a vial of enough CRISPR-Cas9 — an enzyme-based genome-editing tool — to genetically edit a few thousand fish embryos..." So when going beyond the kept-in-captivity Dire Wolf to the possibility of bringing back forests of the American chestnut tree, "The process is deceptively simple; the implications are anything but..." If scientists could use CRISPR to engineer a more heat-tolerant coral, it would give coral a better chance of surviving a marine environment made warmer by climate change. It would also keep the human industries that rely on reefs afloat. But should we edit nature to fix our failures? And if we do, is it still natural...? Evolution is not keeping pace with climate change, so it is up to us to give it an assist [according to Christopher Preston, an environmental philosopher from the University of Montana, who wrote a book on CRISPR called "Ma href="https://mitpress.mit.edu/9780262537094/the-synthetic-age/">The Synthetic Age."] In some cases, the urgency is so great that we may not have time to waste. "There's no doubt there are times when you have to act," Preston continued. "Corals are a case where the benefits of reefs are just so enormous that keeping some alive, even if they're genetically altered, makes the risks worth it." Kate Quigley, a molecular ecologist and a principal research scientist at Australia's Minderoo Foundation, says "Engineering the ocean, or the atmosphere, or coral is not something to be taken lightly. Science is incredible. But that doesn't mean we know everything and what the unintended consequences might be." Phillip Cleves, a principal investigator at the Carnegie Institute for Science's embryology department, is already researching whether coral could be bioengineered to be more tolerant to heat. But both of them have concerns: For all the research Quigley and Cleves have dedicated to climate-proofing coral, neither wants to see the results of their work move from experimentation in the lab to actual use in the open ocean. Needing to do so would represent an even greater failure by humankind to protect the environment that we already have. And while genetic editing and selective breeding offer concrete solutions for helping some organisms adapt, they will never be powerful enough to replace everything lost to rising water temperatures. "I will try to prepare for it, but the most important thing we can do to save coral is take strong action on climate change," Quigley told me. "We could pour billions and billions of dollars — in fact, we already have — into restoration, and even if, by some miracle, we manage to recreate the reef, there'd be other ecosystems that would need the same thing. So why can't we just get at the root issue?" And then there's the blue-green algae dilemma: George Church, the Harvard Medical School professor of genetics behind Colossal's dire wolf project, was part of a team that successfully used CRISPR to change the genome of blue-green algae so that it could absorb up to 20% more carbon dioxide via photosynthesis. Silicon Valley tech incubator Y Combinator seized on the advance to call for scaled-up proposals, estimating that seeding less than 1% of the ocean's surface with genetically engineered phytoplankton would sequester approximately 47 gigatons of CO2 a year, more than enough to reverse all of last year's worldwide emissions. But moving from deploying CRISPR for species protection to providing a planetary service flips the ethical calculus. Restoring a chestnut forest or a coral reef preserves nature, or at least something close to it. Genetically manipulating phytoplankton and plants to clean up after our mistakes raises the risk of a moral hazard. Do we have the right to rewrite nature so we can perpetuate our nature-killing ways?

Read more of this story at Slashdot.

"The gig economy is facing a reckoning," argues Business Insider's BI Today newsletter." Two stories this past week caught my eye. Uber unveiled a new way for its drivers to earn money. No, not by giving rides, but by helping train the ride-sharing company's AI models instead. On the same day, Waymo announced a partnership with DoorDash to test driverless grocery and meal deliveries. Both moves point toward the same future: one where the very workers who built the gig economy may soon find themselves training the technology that replaces them. Uber's new program allows drivers to earn cash by completing microtasks, such as taking photos and uploading audio clips, that aim to improve the company's AI systems. For drivers, it's a way to diversify income. For Uber, it's a way to accelerate its automated future. There's an irony here. By helping Uber strengthen its AI, drivers could be accelerating the very driverless world they fear... Uber already offers autonomous rides in Waymo vehicles in Atlanta and Austin, and plans to expand. Meanwhile, Waymo is rolling out its pilot partnership with DoorDash [for driverless grocery/meal deliveries] starting in Phoenix.

Read more of this story at Slashdot.

"Windows Recovery Environment (RE), as the name suggests, is a built-in set of tools inside Windows that allow you to troubleshoot your computer, including booting into the BIOS, or starting the computer in safe mode," writes Tom's Hardware. "It's a crucial piece of software that has now, unfortunately, been rendered useless (for many) as part of the latest Windows update." A new bug discovered in Windows 11's October build, KB5066835, makes it so that your USB keyboard and mouse stop working entirely, so you cannot interact with the recovery UI at all. This problem has already been recognized and highlighted by Microsoft, who clarified that a fix is on its way to address this issue. Any plugged-in peripherals will continue to work just fine inside the actual operating system, but as soon as you go into Windows RE, your USB keyboard and mouse will become unresponsive. It's important to note that if your PC fails to start-up for any reason, it defaults to the recovery environment to, you know, recover and diagnose any issues that might've been preventing it from booting normally. Note that those hanging onto old PS/2-connector equipped keyboards and mice seem to be unaffected by this latest Windows software gaffe.

Read more of this story at Slashdot.

Readers in 2025 "may struggle to remember the optimism of the aughts, when the internet seemed to offer endless possibilities for virtual art and writing that was free..." argues a new review at Bookforum. "The content we do create online, if we still create, often feels unreflectively automatic: predictable quote-tweet dunks, prefabricated poses on Instagram, TikTok dances that hit their beats like clockwork, to say nothing of what's literally thoughtlessly churned out by LLM-powered bots." They write that author Joanna Walsh "wants us to remember how truly creative, and human, the internet once was," in the golden age of user-generated content — and funny cat picture sites like I Can Has Cheezburger: I Can Has Cheezburger... was an amateur project, an outlet for tech professionals who wanted an easier way to exchange cute cat pics after a hard day at work. In Amateurs!: How We Built Internet Culture and Why It Matters, Walsh documents how unpaid creative labor is the basis for almost everything that's good (and much that's bad) online, including the open-source code Linux, developed by Linus Torvalds when he was still in school ("just as a hobby, won't be big and professional"), and even, in Walsh's account, the World Wide Web itself. The platforms that emerged in the 2000s as "Web 2.0," including Facebook, YouTube, Reddit, and Twitter, allowed anyone to experiment in a space that had been reserved for coders and hackers, making the internet interactive even for the inexpert and virtually unlimited in potential audience. The explosion in amateur creativity that followed took many forms, from memes to tweeted one-liners to diaristic blogs to durational digital performances to sloppy Photoshops to the formal and informal taxonomic structures — wikis, neologisms, digitally native dialects... [U]ser-generated content was also, at bottom, about the bottom line, a business model sold to us under the guise of artistic empowerment. Even referring to an anonymous amateur as a "user," Walsh argues, cedes ground: these platforms are populated by producers, but their owners see us as, and turn us into, "helpless addicts." For some, online amateurism translated to professional success, a viral post earning an author a book deal, or a reputation as a top commenter leading to a staff writing job on a web publication... But for most, these days, participation in the online attention economy feels like a tax, or maybe a trickle of revenue, rather than free fun or a ticket to fame. The few remaining professionals in the arts and letters have felt pressured to supplement their full-time jobs with social media self-promotion, subscription newsletters, podcasts, and short-form video. On what was once called Twitter, users can pay, and sometimes get paid, to post with greater reach... The chapters are bookended by an introduction on the early promise of 2004 and a coda on the defeat of 2025 and supplemented by an appendix with a straightforward timeline of the major events and publications that serve as the book's touchstones... The online spaces where amateur content creators once "created and steered online culture" have been hollowed out and replaced by slop, but what really hurts is that the slop is being produced by bots trained on precisely that amateur content.

Read more of this story at Slashdot.

The 6.18-rc2 kernel prepatch is out.

End result: rc2 is on the bigger side, and we still have some of the remaining regressions outstanding, but we should be making slow progress. It's fairly early days yet, so I'm not very worried. Things on the whole look fairly normal.

On Cloudflare's blog, a senior research engineer shares a plan for "improving the trustworthiness of JavaScript on the web." "It is as true today as it was in 2011 that Javascript cryptography is Considered Harmful." The main problem is code distribution. Consider an end-to-end-encrypted messaging web application. The application generates cryptographic keys in the client's browser that lets users view and send end-to-end encrypted messages to each other. If the application is compromised, what would stop the malicious actor from simply modifying their Javascript to exfiltrate messages? It is interesting to note that smartphone apps don't have this issue. This is because app stores do a lot of heavy lifting to provide security for the app ecosystem. Specifically, they provide integrity, ensuring that apps being delivered are not tampered with, consistency, ensuring all users get the same app, and transparency, ensuring that the record of versions of an app is truthful and publicly visible. It would be nice if we could get these properties for our end-to-end encrypted web application, and the web as a whole, without requiring a single central authority like an app store. Further, such a system would benefit all in-browser uses of cryptography, not just end-to-end-encrypted apps. For example, many web-based confidential LLMs, cryptocurrency wallets, and voting systems use in-browser Javascript cryptography for the last step of their verification chains. In this post, we will provide an early look at such a system, called Web Application Integrity, Consistency, and Transparency (WAICT) that we have helped author. WAICT is a W3C-backed effort among browser vendors, cloud providers, and encrypted communication developers to bring stronger security guarantees to the entire web... We hope to build even wider consensus on the solution design in the near future.... We would like to have a way of enforcing integrity on an entire site, i.e., every asset under a domain. For this, WAICT defines an integrity manifest, a configuration file that websites can provide to clients. One important item in the manifest is the asset hashes dictionary, mapping a hash belonging to an asset that the browser might load from that domain, to the path of that asset. The blog post points out that the WEBCAT protocol (created by the Freedom of Press Foundation) "allows site owners to announce the identities of the developers that have signed the site's integrity manifest, i.e., have signed all the code and other assets that the site is serving to the user... We've made WAICT extensible enough to fit WEBCAT inside and benefit from the transparency components." The proposal also envisions a service storing metadata for transparency-enabled sites on the web (along with "witnesses" who verify the prefix tree holding the hashes for domain manifests). "We are still very early in the standardization process," with hopes to soon "begin standardizing the integrity manifest format. And then after that we can start standardizing all the other features. We intend to work on this specification hand-in-hand with browsers and the IETF, and we hope to have some exciting betas soon. In the meantime, you can follow along with our transparency specification draft,/A>, check out the open problems, and share your ideas."

Read more of this story at Slashdot.