Linux fréttir

200 orgs and 5,000 devices compromised so far in Vlad's latest intelligence grab, Microsoft reckons

The UK's National Cyber Security Centre (NCSC) has issued a fresh warning about Russia's ongoing targeting of routers to steal passwords and other secrets.…

Cloudflare is accelerating its post-quantum security plans and now aims to make its entire platform fully post-quantum secure by 2029. "The updated timeline follows new developments in quantum computing research that suggest current cryptographic standards could be broken sooner than previously expected," reports SiliconANGLE. From the report: The decision by Cloudflare to move its post-quantum security roadmap forward comes after Google LLC and research from Oratomic demonstrated significant advances in algorithms and hardware capable of breaking widely used encryption methods such as RSA-2048 and elliptic curve cryptography. [...] The company said progress across three key areas -- quantum hardware, error correction and quantum algorithms -- is advancing in parallel and compounding overall capability. Improvements in areas such as neutral atom architectures and more efficient error correction are reducing the resources required to break encryption, while algorithmic advances are lowering computational complexity. [...] Cloudflare has already deployed post-quantum encryption across a large portion of its network and reports that more than half of human traffic it processes now uses post-quantum key agreement. The company plans to expand support for post-quantum authentication in 2026, followed by broader deployment across its network and products through 2028. By 2029, Cloudflare said, it expects all of its services to be fully post-quantum secure, with those services being available by default across its platform, without requiring customer action or additional cost as part of the company's commitment to security upgrades. Google said it plans to accelerate its post-quantum encryption migration target to 2029.

Read more of this story at Slashdot.

Fabled Q&A site for devs struggles with its future as AI takes over its original purpose

Stack Overflow, the once-popular dev community, has abandoned a planned redesign that was meant to refocus the site more on discussions than the question-and-answer format that built its reputation.…

An anonymous reader quotes a report from the New York Times: President Javier Milei of Argentina promoted a cryptocurrency last year that quickly skyrocketed in value then cratered just as fast, costing investors millions of dollars and setting off a scandal and an investigation. Mr. Milei said he was simply highlighting a private venture and had no connection to the digital coin called $Libra. New evidence is now raising questions about his assertion. Phone logs from a federal investigation by Argentine prosecutors into the coin's collapse show seven phone calls between Mr. Milei and one of the entrepreneurs behind the cryptocurrency on the night in 2025 when Mr. Milei posted about $Libra on X. The contents of the calls, which took place before and after Mr. Milei's post, are not known. But the phone logs -- which were obtained by The New York Times and first reported by a local cable news channel, C5N -- suggest a greater degree of communication between Mr. Milei and the entrepreneurs who launched the token than what the president has publicly acknowledged. Newly uncovered messages also suggest Mr. Milei received regular payments from one of the entrepreneurs while he was a congressman. Mr. Milei has not publicly commented on the call logs and other documents, and he did not respond to a request for comment. He is named as a person of interest in the federal prosecutor's continuing investigation into the digital coin, according to court documents reviewed by The Times, but has not been formally charged with any crime. The latest revelations have revived a scandal that threatens the very foundation of a president who rose to power and was elected president in 2023 by attacking a political class he called corrupt.

Read more of this story at Slashdot.

Turns out deep space still looks better without AI helping

The Artemis II mission has produced some stunning imagery as the spacecraft loops around the Moon on its journey from Earth and back.…

Motorola and Google top PIRG's latest scorecard

Samsung and Apple phones are more difficult to repair than those from other makers, according to a report ranking devices by how easy to fix they are.…

theodp writes: "Gates Computer Science Building renamed Peter Thiel Center for Panoptic Computing" reads the headline of an April Fools' Day story that ran in the Humor section of The Stanford Daily (with the further disclaimer that "This article is purely satirical and fictitious"). The story begins: "Following revelations that the billionaire founder of Microsoft, Bill Gates, had a longstanding relationship with convicted child sex trafficker Jeffrey Epstein, Stanford has announced it will strip Gates' name from the William H. Gates Computer Science Building and instead honor alumnus Peter Thiel B.A. '89, JD '92. Gates, who is not a Stanford alumnus, gave an initial gift of $6 million toward the building's construction in 1992." While fictional, the story does make one wonder what may become of the academic and institutional buildings worldwide named after Bill Gates in the blowback over his past ties to Epstein, which have already played a factor in the breakdown of his marriage to Melinda French Gates and friendship with Warren Buffet. In addition to The Gates Computer Science Building at Stanford, this includes the Bill and Melinda Gates Computer Science Complex at the University of Texas at Austin, Bill and Melinda Gates Hall at Cornell, The Bill & Melinda Gates Center for Computer Science & Engineering at the University of Washington, and The William H. Gates Building at MIT's Stata Center. Buildings named after Gates' parents include Mary Gates Hall and William H. Gates Hall at the University of Washington, and The William Gates Building at the University of Cambridge (UK). Aside from the Thiel angle, The Stanford Daily's April Fools' Day story may not be as far-fetched as it may seem -- many universities' naming policies include provisions allowing donors' names to be removed from buildings, programs, or other facilities under extraordinary circumstances. For example, the University of Washington's Regent Policy No. 50 states, "The University reserves the right to revoke and terminate any naming on reasonable grounds not limited to the revelation of corporate or individual acts detracting from the University's mission, integrity, or reputation." Then again, UW notes that Bill's parents and siblings served as UW Regents for decades, so one expects Bill will be granted some leeway here for what he has characterized as 'foolish' choices on his part.

Read more of this story at Slashdot.

ITSM the area most likely to offer wins, according to Gartner research

Tech leaders hoping AI might help save money and improve efficiency in IT infrastructure should know that only 28 percent of use cases fully succeed and offer return on investment (ROI).…

'Proposal resurrects an existential threat to US leadership in space science and exploration'

First, the good news: the Artemis II crew has successfully swung around the far side of the Moon and surpassed Apollo 13's record for the farthest distance traveled by humans in space. Now the bad news: the White House is sharpening the budget blade once again.…

UALink splits work on physical layer and protocol specs to speed things up, literally and metaphorically

The UALink Consortium, a group of tech giants working on GPU networking standards to provide an alternative to Nvidia's NVLink and NVSwitch, has released new specs, but is still months away from shipping silicon.…

Quite literally, from a gun, into the front door of a councilor who supports plan

Datacenter protests have taken an ugly turn in the US, with gunshots fired at the home of an Indianapolis councilor who recently lent his support to plans for a server farm in the area.…

LinkedIn is facing allegations that it quietly scans users' browsers for installed Chrome extensions. The German group Fairlinked e.V. goes so far as to claim that the site is "running one of the largest corporate espionage operations in modern history." "The program runs silently, without any visible indicator to the user," the group says. "It does not ask for consent. It does not disclose what it is doing. It reports the results to LinkedIn's servers. This is not a one-time check. The scan runs on every page load, for every visitor." PCMag reports: This browser extension "fingerprinting" technique has been spotted before, but it was previously found to probe only 2,000 to 3,000 extensions. Fairlinked alleges that LinkedIn is now scanning for 6,222 extensions that could indicate a user's political opinions or religious views. For example, the extensions LinkedIn will look for include one that flags companies as too "woke," one that can add an "anti-Zionist" tag to LinkedIn profiles, and two others that can block content forbidden under Islamic teachings. It would also be a cakewalk to tie the collected extension data to specific users, since LinkedIn operates as a vast professional social network that covers people's work history. Fairlinked's concern is that Microsoft and LinkedIn can allegedly use the data to identify which companies use competing products. "LinkedIn has already sent enforcement threats to users of third-party tools, using data obtained through this covert scanning to identify its targets," the group claims. However, LinkedIn claims that Fairlinked mischaracterizes a LinkedIn safeguard designed to prevent web scraping by browser extensions. "We do not use this data to infer sensitive information about members," the company says. "To protect the privacy of our members, their data, and to ensure site stability, we do look for extensions that scrape data without members' consent or otherwise violate LinkedIn's Terms of Service," LinkedIn adds. [...] The statement goes on to allege that Fairlinked is from a developer whose account was previously suspended for web scraping. One of the group's board members is listed as "S.Morell," which appears to be Steven Morell, the founder of Teamfluence, a tool that helps businesses monitor LinkedIn activity. [...] Still, the Microsoft-owned site is facing some blowback for not clearly disclosing the browser extension scanning in LinkedIn's privacy policy. Fairlinked is soliciting donations for a legal fund to take on Microsoft and is urging the public to encourage local regulators to intervene.

Read more of this story at Slashdot.

Geopolitics enter the room as Thierry Carrez shows that there's more to Kubecon than AI

Kubecon Sovereignty was a big topic was at last week's Kubecon, and Thierry Carrez, the General Manager of the OpenInfra Foundation, shared strong feelings around it that included raising the idea that tech companies might be forced by their countries' governments to deploy "kill switches."…

Walled gardens make more sense when it's an AI-lligator infested swamp outside

Opinion When the first M1 Apple Silicon systems sprouted at the end of 2020, we loved the tech but not the walled garden it grew in. Apple had complete control over all its platforms and could set its own rules, but only to become more Apple-y. There was a whole world outside that area where Apple Silicon would never tread, even if Cupertino could iterate fast enough to keep up. Plus, Apple's appliance sensibility limited its expansion options, especially with performance dependent on its own silicon. …

Ofcom finds social media participation dropping as skepticism about digital life grows

British adults are now less active on social media, according to Ofcom, with just half of users actively posting, and fewer now believe the benefits outweigh the risks of being online.…

Longtime Slashdot reader walterbyrd shares a report from Fuel Cells Works: China says the AEP100, a megawatt-class hydrogen-fueled turboprop engine developed by the Aero Engine Corporation of China, has completed its maiden flight on a 7.5-ton unmanned cargo aircraft in Zhuzhou, Hunan. The 16-minute test covered 36km at 220km/h and 300 meters altitude, with the aircraft returning safely after completing its planned maneuvers. State media described it as the world's first test flight of a megawatt-class hydrogen-fueled turboprop engine. [...] The Aero Engine Corporation of China (AECC) says the result shows China now has a full technical chain for hydrogen aviation engines, from core parts to system integration, which is the kind of capability needed before any industrial rollout can begin. You can watch a video of the test flight here.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: A federal appeals court ruled on Monday that New Jersey gaming regulators cannot prevent Kalshi from allowing people in the state to use its prediction market to place financial bets on the outcome of sporting events. A three-judge panel of the Philadelphia-based 3rd U.S. Circuit Court of Appeals ruled 2-1 (PDF) in finding that the U.S. Commodity Futures Trading Commission has exclusive jurisdiction over the sports-related event contracts that Kalshi allows people to trade on its platform. The ruling marked the first time a federal appeals court has ruled on what has become the central issue in an escalating battle over the ability of state gaming regulators to police the activity of prediction market operators. Kalshi and companies like it allow users to place trades and profit from predictions on events such as sports and elections. States argue that firms like Kalshi are operating without required state licenses, in violation of gaming laws, including bans on wagers by those under 21. Those states include New Jersey, which last year sent Kalshi a cease-and-desist letter stating that its listing of sports-related event contracts on its platform violated state gambling laws that prohibit betting on collegiate sports. Kalshi sued the state, arguing its event contracts qualify as "swaps," a type of derivative contract, that under the Commodity Exchange Act can only be regulated by the CFTC, which had granted the company a license to operate a designated contract market (DCM). A lower-court judge had sided with New York-based Kalshi and issued a preliminary injunction, prompting New Jersey to appeal. But a majority of the judges on the 3rd Circuit panel concluded the Commodity Exchange Act likely preempted state law. "Kalshi's sports-related event contracts are swaps traded on a CFTC-licensed DCM, so the CFTC has exclusive jurisdiction," U.S. Circuit Judge David Porter wrote. The ruling was in line with the position advanced in other litigation by the CFTC under President Donald Trump's administration. The regulator last week sued Arizona, Connecticut and Illinois to prevent them from pursuing what it called unlawful efforts to regulate prediction markets.

Read more of this story at Slashdot.

Customizations are causing pain so new cloud will stick to upstream cuts of the open source stack

LY Corporation, the Japanese web giant that dominates messaging, e-commerce and payments in many Asian countries, has revealed it is replacing a heavily-customized OpenStack cloud with a more conventional cut of the open source cloud stack – and making massive consolidations along the way.…

Broadcom's building the silicon and is chuffed about that, but also notes Anthropic remains a risk

Broadcom has announced that Google has asked it to build next-generation AI and datacenter networking chips, and that Anthropic plans to consume 3.5GW worth of the accelerators it delivers to the ads and search giant.…

CUPS server shown spilling out remote code execution and root access

In the latest chapter on leaky CUPS, a security researcher and his band of bug-hunting agents have found two flaws that can be chained to allow an unauthenticated attacker to remotely execute code and achieve root file overwrite on the network.…