RSS 생중계

Greg Kroah-Hartman has released the 6.10.1 stable kernel update. This release contains a small number of seemingly urgent regression fixes. Users of this kernel series are advised to upgrade.

T-Mobile and investment firm KKR have formed a joint venture (JV) to acquire fiber service provider Metronet. From a report: The fiber provider reaches over 300 communities and more than 2 million homes in 17 states. Metronet is both a pure-play fiber company and independent FTTH operator. In some markets, Metronet delivers residential speeds up to 5 Gbit/s. The acquisition includes Metronet's broadband infrastructure, residential fiber business operations and existing customers. The JV will acquire Oak Hill Capital's existing stake; Oak Hill Capital will re-invest for a minority position and Metronet CEO John Cinelli will retain a minority position after the deal closes. T-Mobile said it plans to invest nearly $4.9 billion to acquire a 50% equity stake in the JV and 100% of Metronet's residential fiber retail operations and customers, as well as funding of the JV. After the close of the deal, Metronet, based in Evansville, Indiana, will transition to a wholesale service provider for its retail customers. T-Mobile will take on management of residential customer acquisition and support, using T-Mobile's marketing and service model and Metronet's fiber broadband services.

Read more of this story at Slashdot.

Updated installation images for the OpenMandriva ROME rolling release Linux distribution are now available. Notable features in the 24.07 snapshot include KDE Plasma 6 as the default desktop, the addition of Proton and Proton experimental packages for playing Windows games on Linux, as well as GNOME 46.3 and LXQt 2.0.0 spins.

Lorenzo Franceschi-Bicchierai, reporting for TechCrunch: CrowdStrike, the cybersecurity firm that crashed millions of computers with a botched update all over the world last week, is offering its partners a $10 Uber Eats gift card as an apology, according to several people who say they received the gift card, as well as a source who also received one. On Tuesday, a source told TechCrunch that they received an email from CrowdStrike offering them the gift card because the company recognizes "the additional work that the July 19 incident has caused." "And for that, we send our heartfelt thanks and apologies for the inconvenience," the email read, according to a screenshot shared by the source. The same email was also posted on X by someone else. "To express our gratitude, your next cup of coffee or late night snack is on us!" The report adds that some people are having trouble redeeming the card. Some are seeing the error that says the gift card "has been canceled by the issuing party and is no longer valid."

Read more of this story at Slashdot.

OpenSSL has announced that it has adopted a new governance framework:

The OpenSSL Management Committee (OMC) has been dissolved, and two boards of directors have been elected for the Foundation and the Corporation. Each organization has ten voting members. These boards share all the responsibilities and authorities of the former OMC co-equally.

To further engage our communities, we are establishing two advisory committees for each entity: a Business Advisory Committee (BAC) and a Technical Advisory Committee (TAC). The communities will elect the members of the BACs and TACs, creating a direct channel for community input in roadmap development and reflecting the diverse perspectives of OpenSSL's communities.

OpenSSL has also announced that two projects have adopted the OpenSSL Mission and become OpenSSL projects: Bouncy Castle, which provides cryptographic APIs for Java and C#, and the cryptlib security software development toolkit. See the announcement for full details.

David Howells wanted to discuss swap handling in light of multi-page folios in a combined storage, filesystem, and memory-management session at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit. Swapping has always been done with a one-to-one mapping of memory pages to swap slots, he said, but swapping multi-page folios breaks that assumption. He wondered if it would make sense to use filesystem techniques to track swapped-out folios.

The US is warning homegrown tech startups and venture capital firms that some foreign investments may be fronts for hostile nations seeking data and technology for their governments or to undermine American businesses. From a report: Several US intelligence agencies are spotlighting the concern in a joint bulletin Wednesday to small businesses, trade associations and others associated with the venture capital community, according to the National Counterintelligence and Security Center. "Unfortunately our adversaries continue to exploit early-stage investments in US startups to take their sensitive data," said Michael Casey, director of the NCSC. "These actions threaten US economic and national security and can directly lead to the failure of these companies." Washington has ramped up scrutiny of investments related to countries it considers adversaries, most notably China, as advanced technologies with breakthrough commercial potential, such as artificial intelligence, can also be used to enhance military or espionage capabilities. [...] Small tech companies and venture capitalists "are not in a position to assess the national security implications of their investments," said Mark Montgomery, former executive director of the Cyberspace Solarium Commission, which was assigned to develop a US cybersecurity strategy. "There are way too many examples where what appears to be, at best, potentially only dual-use or non-military-use technology is quickly twisted and used as a national security tool."

Read more of this story at Slashdot.

A surge in new oil and gas production in 2024 threatens to unleash nearly 12 billion tonnes of planet-heating emissions, with the world's wealthiest countries -- such as the US and the UK -- leading a stampede of fossil fuel expansion in spite of their climate commitments, new data reveals. From a report: The new oil and gas field licences forecast to be awarded across the world this year are on track to generate the highest level of emissions since those issued in 2018, as heatwaves, wildfires, drought and floods cause death and destruction globally, according to analysis of industry data by the International Institute for Sustainable Development (IISD). The 11.9bn tonnes of greenhouse gas emissions -- which is roughly the same as China's annual carbon pollution -- resulting over their lifetime from all current and upcoming oil and gas fields forecast to be licensed by the end of 2024 would be greater than the past four years combined. The projection includes licences awarded as of June 2024, as well as the oil and gas blocks open for bidding, under evaluation or planned. Meanwhile, fossil fuel firms are ploughing more money into developing new oil and gas sites than at any time since the 2015 Paris climate deal, when the world's governments agreed to take steps to cut emissions and curb global heating. The world's wealthiest countries are economically best placed -- and obliged under the Paris accords -- to lead the transition away from fossil fuels to cleaner energy sources. But these high-capacity countries with a low economic dependence on fossil fuels are spearheading the latest drilling frenzy despite dwindling easy-to-reach reserves, handing out 825 new licences in 2023, the largest number since records began.

Read more of this story at Slashdot.

Ryan Sipes told the audience during his keynote at GUADEC 2024 in Denver, Colorado that the Thunderbird mail client "probably shouldn't still be alive". Thunderbird, however, is not only alive—it is arguably in better shape than ever before. According to Sipes, the project's turnaround is a result of governance, storytelling, and learning to be comfortable asking users for money. He would also like it quite a bit if Linux distributions stopped turning off telemetry.

Global enterprises are grappling with the complexities of AI adoption, according to hundreds of top industry executives at a recent private software conference hosted by UBS. UBS adds: We heard: 1. The data points from a private GPU cloud infrastructure provider were a very bullish readthrough to GPU demand, Microsoft's AI infra capabilities and the ramp of enterprise/software demand for training and inference compute. 2. One F500 customer was at 1% Office Copilot roll-out, moving to perhaps 2% in a year as they a) fine-tune internal best practices and b) negotiate to get Microsoft much lower on price. 3. One private flagged "copilot chaos," with customers having to choose between AI copilots from seemingly every tech firm (we wonder if this creates pricing pressure and/or an evaluation slowdown). 4. Popular use cases are AI apps for internal, domain-specific tasks (simple workflow automation). 5. Little evidence of AI resulting in customer headcount cuts, but headcount reduction with 3rd-party managed services providers and (India-based) SI firms.

Read more of this story at Slashdot.

Let's Encrypt has announced that it intends to end support "as soon as possible" for the Online Certificate Status Protocol (OCSP) over privacy concerns. OCSP was developed as a lighter-weight alternative to Certificate Revocation Lists (CRLs) that did not involve downloading the entire CRL in order to check whether a certificate was valid. Let's Encrypt will continue supporting OCSP as long as it is a requirement for Microsoft's Trusted Root Program, but hopes to discontinue it soon:

We plan to end support for OCSP primarily because it represents a considerable risk to privacy on the Internet. When someone visits a website using a browser or other software that checks for certificate revocation via OCSP, the Certificate Authority (CA) operating the OCSP responder immediately becomes aware of which website is being visited from that visitor's particular IP address. Even when a CA intentionally does not retain this information, as is the case with Let's Encrypt, CAs could be legally compelled to collect it. CRLs do not have this issue.

People using Let's Encrypt as their CA should, for the most part, not need to change their setups. All modern browsers support CRLs, so end-users shouldn't notice an impact either.

An anonymous reader quotes a report from TechCrunch: Content creators are busy people. Most spend more than 20 hours a week creating new content for their respective corners of the web. That doesn't leave much time for audience engagement. But Mark Zuckerberg, Meta's CEO, thinks that AI could solve this problem. In an interview with internet personality Rowan Cheung, Zuckerberg laid out his vision for a future in which creators have their own bots, of sorts, that capture their personalities and "business objectives." Creators will offload some community outreach to these bots to free up time for other, presumably more important tasks, Zuckerberg says. "I think there's going to be a huge unlock where basically every creator can pull in all their information from social media and train these systems to reflect their values and their objectives and what they're trying to do, and then people can can interact with that," Zuckerberg said. "It'll be almost like this artistic artifact that creators create that people can kind of interact with in different ways." [...] It's tough to imagine creators putting trust in the hands of flawed AI bots to interact with their fans. In the interview, Zuckerberg acknowledges that Meta has to "mitigate some of the concerns" around its use of generative AI and win users' trust over the long term. This is especially true as some of Meta's AI training practices are actively driving creators away from its platforms.

Read more of this story at Slashdot.

Security updates have been issued by Fedora (ghostscript and xmedcon), Gentoo (Dmidecode, ExifTool, and Freenet), Red Hat (containernetworking-plugins, cups, edk2, httpd, httpd:2.4, kernel, kernel-rt, krb5, libreoffice, libuv, libvirt, linux-firmware, nghttp2, nodejs, openssh, python3, runc, thunderbird, and tpm2-tss), Slackware (aaa_glibc, bind, and mozilla), SUSE (postgresql14, python-sentry-sdk, and shadow), and Ubuntu (activemq, bind9, haproxy, nova, provd, python-zipp, squid, squid3, and tomcat).

Negotiations on a global tax deal have extended beyond the June 30 deadline, with countries now looking to the G20 finance leaders meeting for progress. "The stakes in the negotiations are high," reports Reuters. "A failure to reach agreement on final terms could prompt several countries to reinstate their taxes on U.S. tech giants and risk punitive duties on billions of dollars in exports to the U.S." Some countries, like Canada, have already implemented their own digital services tax. Reuters reports: The so-called "Pillar 1" arrangement, part of a 2021 global two-part tax deal, aims to replace unilateral digital services taxes (DSTs) on U.S. tech giants including Alphabet's Google, Amazon.com and Apple through a new mechanism to share taxing rights on a broader, global group of companies. Standstill agreements under which Washington has suspended threatened trade retaliation against seven countries -- Austria, Britain, France, India, Italy, Spain and Turkey -- expired on June 30, but the U.S. has not taken steps to impose tariffs. Discussions on the matter are continuing. An Italian government source said that European countries were seeking assurances that the U.S. tariffs on some $2 billion worth of annual imports from French Champagne to Italian handbags and optical lenses remained frozen while the talks continue, including at the G20 meeting in Rio de Janeiro. A European Union document prepared for the G20 meeting lists finalizing the international tax deal as a "top priority." It said the G20 should urge countries and jurisdictions participating in the tax deal "to finalize discussions on all aspects of Pillar 1, with a view to signing the Multilateral Convention (MLC) by summer end and ratifying it as soon as possible." "Treasury continues to oppose all tax measures that discriminate against U.S. businesses," a U.S. Treasury spokesperson said in response to Canada's move. "We encourage all countries to finalize the work on the Pillar 1 agreement. We are in active discussions on next steps related to the existing DST joint statements."

Read more of this story at Slashdot.

On Sunday, global temperatures reached their highest levels in recorded history (source may be paywalled; alternative source), with a daily average of 17.09 degrees Celsius (62.76 degrees Fahrenheit). "The historic day comes on the heels of 13 straight months of unprecedented temperatures and the hottest year scientists have ever seen," adds the Washington Post, citing preliminary data from the Copernicus Climate Change Service. From the report: Though Sunday was only slightly warmer than the world's previous hottest day, Copernicus researchers noted, it was extraordinarily hotter than anything that came before. Before July 2023, Earth's daily average temperature record -- set in August 2016 -- was 16.8 degrees Celsius (62.24 degrees Fahrenheit). But in the past year, the global has exceeded that old record on 57 days. Scientists have been tracking global temperatures only for the past few centuries. Yet there is good reason to believe that Sunday was the hottest day on Earth since the start of the last Ice Age more than 100,000 years ago. Research from paleoclimate scientists -- who use tree rings, ice cores, lake sediments and other ancient material to understand past environments -- suggests that recent heat would have been all but impossible over the last stretch of geologic time. "We are in truly uncharted territory," Copernicus director Carlo Buontempo said in a statement. "And as the climate keeps warming, we are bound to see records being broken in future months and years. What is truly staggering is how large the difference is between the temperature of the last 13 months and the previous temperature records."

Read more of this story at Slashdot.

An anonymous reader quotes a report from 404 Media's Jason Koebler: The Department of Homeland Security bought a dog-like robot that it has modified with an "antenna array" that gives law enforcement the ability to overload people's home networks in an attempt to disable any internet of things devices they have, according to the transcript of a speech given by a DHS official at a border security conference for cops obtained by 404 Media. The DHS has also built an "Internet of Things" house to train officers on how to raid homes that suspects may have "booby trapped" using smart home devices, the official said. The robot, called "NEO," is a modified version of the "Quadruped Unmanned Ground Vehicle (Q-UGV) sold to law enforcement by a company called Ghost Robotics. Benjamine Huffman, the director of DHS's Federal Law Enforcement Training Centers (FLETC), told police at the 2024 Border Security Expo in Texas that DHS is increasingly worried about criminals setting "booby traps" with internet of things and smart home devices, and that NEO allows DHS to remotely disable the home networks of a home or building law enforcement is raiding. The Border Security Expo is open only to law enforcement and defense contractors. A transcript of Huffman's speech was obtained by the Electronic Frontier Foundation's Dave Maass using a Freedom of Information Act request and was shared with 404 Media. [...] The robot is a modified version of Ghost Robotics' Vision 60 Q-UGV, which the company says it has sold to "25+ National Security Customers" and which is marketed to both law enforcement and the military. "Our goal is to make our Q-UGVs an indispensable tool and continuously push the limits to improve its ability to walk, run, crawl, climb, and eventually swim in complex environments," the company notes on its website. "Ultimately, our robot is made to keep our warfighters, workers, and K9s out of harm's way." "NEO can enter a potentially dangerous environment to provide video and audio feedback to the officers before entry and allow them to communicate with those in that environment," Huffman said, according to the transcript. "NEO carries an onboard computer and antenna array that will allow officers the ability to create a 'denial-of-service' (DoS) event to disable 'Internet of Things' devices that could potentially cause harm while entry is made."

Read more of this story at Slashdot.

According to Bloomberg, hackers have leaked internal documents stolen from Leidos Holdings, one of the largest IT services providers of the U.S. government. Reuters reports: The company recently became aware of the issue and believes the documents were taken during a previously reported breach of a Diligent Corp. system it used, the report said, adding that Leidos is investigating it. The Virginia-based company, which counts the U.S. Department of Defense as its primary customer, used the Diligent system to host information gathered in internal investigations, the report added, citing a filing from June 2023. A spokesperson for Diligent said the issue seems to be related to an incident from 2022, affecting its subsidiary Steele Compliance Solutions. The company notified impacted customers and had taken corrective action to contain the incident in November 2022.

Read more of this story at Slashdot.

During Alphabet's second-quarter earnings call today, Alphabet CFO Ruth Porat announced the organization will spend an additional $5 billion on its self-driving subsidiary, Waymo. "This new round of funding, which is consistent with recent annual investment levels, will enable Waymo to continue to build the world's leading autonomous driving technology company," said Porat. TechCrunch reports: Porat noted that Google will focus on improving overall efficiencies in its "other bets" segment, which includes innovative projects that are distinct from the tech giant's core search and advertising business. Other companies in this segment are Verily, Calico, Google Ventures and drone company Wing. "Waymo is an important example of this, with its technical leadership coupled with progress on operational performance," Porat continued. The executive noted that parent company Alphabet's 10-Q form, which has yet to be filed, will have more details.

Read more of this story at Slashdot.

Humble Games, the indie game publisher behind the popular pay-what-you-want "Humble Game Bundle," has laid off its entire staff of 36 people. However, the company says it is not shutting down and Humble Bundle will not be impacted. Instead, the job cuts are part of a restructuring of operations. GameSpot reports: In a statement shared with GameSpot, Humble Games confirmed that Humble Bundle will have "no impact on its operations. Additionally, ongoing and upcoming games from Humble Games will still move ahead and be published by the company. Humble Games is the publisher of many notable indie games, including Stray Gods, Bo: Path of the Teal Lotus, Chinatown Detective Agency, Ikenfell, Unpacking, Slay the Spire, and Midnight Fight Express, just to name a few. Humble Games is the separate publishing arm of digital storefront Humble Bundle. Both companies are owned by IGN Entertainment, but operate as a separate entities. Earlier this year, IGN Entertainment also bought video game websites Eurogamer, Rock Paper Shotgun, VG247, GamesIndustry.biz, and Dicebreaker from Gamer Network.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Center for European Policy Analysis (CEPA): Alexey Soldatov, a Russian Internet pioneer and a founder of the first Internet provider in the country, has been sentenced by a court to two years in a labor colony on charges of "abuse of power." Soldatov, 72, had been detained by a court in Moscow. He is terminally ill. Very few in Russia believe in the government charges against a man widely known as a Father of the Russian Internet -- and who is less well known as the father of Andrei Soldatov, one of this article's authors. Soldatov was accused of abuse of power when managing a pool of IP-addresses by an organization he had no position at. This legal absurdity was enough to see him imprisoned even though the court knew of Soldatov's illness, which meant the court had no legal right to pass a custodial sentence. His family believes that the decision is essentially a death sentence. The article details Soldatov's history and his pivotal role in creating the Relcom network, which connected Soviet research centers and established the Soviet Union's first link to the global internet in 1990. During the 1991 KGB coup attempt, Relcom remained operational, highlighting its role in bypassing traditional media control and connecting people both within the Soviet Union and globally.

Read more of this story at Slashdot.