Linux fréttir

An anonymous reader quotes a report from The Register: Ten vulnerabilities in Copeland controllers, which are found in thousands of devices used by the world's largest supermarket chains and cold storage companies, could have allowed miscreants to manipulate temperatures and spoil food and medicine, leading to massive supply-chain disruptions. The flaws, collectively called Frostbyte10, affect Copeland E2 and E3 controllers, used to manage critical building and refrigeration systems, such as compressor groups, condensers, walk-in units, HVAC, and lighting systems. Three received critical-severity ratings. Operational technology security firm Armis found and reported the 10 bugs to Copeland, which has since issued firmware updates that fix the flaws in both the E3 and the E2 controllers. The E2s reached their official end-of-life in October, and affected customers are encouraged to move to the newer E3 platform. Upgrading to Copeland firmware version 2.31F01 mitigates all the security issues detailed here, and the vendor recommends patching promptly. In addition to the Copeland updates, the US Cybersecurity and Infrastructure Security Agency (CISA) is also scheduled to release advisories today, urging any organization that uses vulnerable controllers to patch immediately. Prior to these publications, Copeland and Armis execs spoke exclusively to The Register about Frostbyte10, and allowed us to preview an Armis report about the security issues. "When combined and exploited, these vulnerabilities can result in unauthenticated remote code execution with root privileges," it noted. [...] To be clear: there is no indication that any of these vulnerabilities were found and exploited in the wild before Copeland issued fixes. However, the manufacturer's ubiquitous reach across retail and cold storage makes it a prime target for all manner of miscreants, from nation-state attackers looking to disrupt the food supply chain to ransomware gangs looking for victims who will quickly pay extortion demands to avoid operational downtime and food spoilage.

Read more of this story at Slashdot.

Chrome has extended its dominance in the browser wars, surpassing 70% market share on desktops while Edge, Safari, Firefox, and Opera trail far behind. Neowin reports: According to [Statcounter], in August 2025, Chrome kept on increasing its overwhelming market share, which is now above the 70% mark (70.25%, to be precise) in the desktop browser market. The gap between Chrome and its closest competitor, Microsoft Edge, is immense, with Edge holding just 11.8% (+0.01 points over the previous month). Apple's Safari is third with 6.34% (+1.04 points); Firefox has 4.94% (-0.36 points); and Opera is fifth with a modest 2.06% market share (-0.13 points). Things look similar on the mobile side of the market, with Google Chrome having 69.15% (+1.92 points) and Safari being second with 20.32% (-2.2 points). Samsung Internet is third with 3.33% (-0.17 points). As for Microsoft Edge, its mobile share is only 0.59% (+0.06 points). The findings can be found here.

Read more of this story at Slashdot.

SAP will invest over 20 billion euros ($23 billion) in European sovereign cloud infrastructure over the next decade. "Innovation and sovereignty cannot be two separate things -- it needs to come together," said Thomas Saueressig, SAP's board member tasked with leading customer services and delivery. CNBC reports: The company said it was expanding its sovereign cloud offerings to include an infrastructure-as-a-service (IaaS) platform enabling companies to access various computing services via its data center network. IaaS is a market dominated by players like Microsoft and Amazon. It will also roll out a new on-site option that allows customers to use SAP-operated infrastructure within their own data centers. The aim of the initiative is to ensure that customer data is stored within the European Union to maintain compliance with regional data protection regulations such as the General Data Protection Regulation, or GDPR. [...] Saueressig said that SAP is "closely" involved in the creation of the new AI gigafactories but would not be the lead partner for the initiative. He added that the company's more than 20-billion-euro investment in Europe's sovereign cloud capabilities will not alter the company's capital expenditure for the next year and has already been baked into its financial plans.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: OpenAI said on Tuesday it will acquire Statsig in an all-stock deal valuing the product testing startup at about $1.1 billion based on OpenAI's current valuation of $300 billion. The ChatGPT maker will also appoint Statsig's chief executive officer, Vijaye Raji, as OpenAI's tech chief of applications, in a push to build on its artificial intelligence products amid strong competition from rivals. [...] In his role, Vijaye will head product engineering for ChatGPT and the company's coding agent, Codex, with responsibilities that span core systems and product lines including infrastructure, the company said. Statsig builds tools to help software developers test and flag new features. It raised $100 million in funding earlier this year. Once the acquisition is finalized, Statsig employees will work for OpenAI but will continue operating independently out of its Seattle office, OpenAI said. The move follows the acquisition of iPhone designer Jony Ive's startup, io Products, in a $6.5 billion deal to usher in "a new family of products" for the age of artificial general intelligence.

Read more of this story at Slashdot.

A federal judge spared Google from the harshest penalties in its antitrust case. The search giant can keep Chrome and avoid breaking up Android, but it has been barred from exclusive contracts and ordered to limit data sharing with rivals. CNBC reports: U.S. District Judge Amit Mehta ruled against the most severe consequences that were proposed by the U.S. Department of Justice, including selling off its Chrome browser, which provides data that helps its advertising business deliver targeted ads. "Google will not be required to divest Chrome; nor will the court include a contingent divestiture of the Android operating system in the final judgment," the decision stated. "Plaintiffs overreached in seeking forced divesture of these key assets, which Google did not use to effect any illegal restraints." The company can make payments to preload products, but it cannot have exclusive contracts, the decision stated. The DOJ asked Google to stop the practice of "compelled syndication," which refers to the practice of making certain deals with companies to ensure its search engine remains the default choice in browsers and smartphones. [...] The judge ordered the parties to meet by September 10th for the final judgement. "Google will not be barred from making payments or offering other consideration to distribution partners for preloading or placement of Google Search, Chrome, or its GenAI products. Cutting off payments from Google almost certainly will impose substantial -- in some cases, crippling -- downstream harms to distribution partners, related markets, and consumers, which counsels against a broad payment ban." [...] Google said it will appeal the ruling, which would delay any potential penalties. Mehta ruled Tuesday that Google will have to make available certain search index data and user interaction data though "not ads data." The court narrowed the datasets Google will be required to share and said they must occur on "ordinary commercial terms that are consistent with Google's current syndication services."

Read more of this story at Slashdot.

Show of hands: who WASN'T targeted?

The list of victims keeps growing, as yet another company — Cloudflare — today disclosed that some of its customers' data was also compromised in the Salesloft Drift breach.…

An old school ransomware attack has a new twist: threatening to feed data to AI companies so it'll be added to LLM datasets. 404 Media reports: Artists&Clients is a website that connects independent artists with interested clients. Around August 30, a message appeared on Artists&Clients attributed to the ransomware group LunaLock. "We have breached the website Artists&Clients to steal and encrypt all its data," the message on the site said, according to screenshots taken before the site went down on Tuesday. "If you are a user of this website, you are urged to contact the owners and insist that they pay our ransom. If this ransom is not paid, we will release all data publicly on this Tor site, including source code and personal data of users. Additionally, we will submit all artwork to AI companies to be added to training datasets." LunaLock promised to delete the stolen data and allow users to decrypt their files if the site's owner paid a $50,000 ransom. "Payment is accepted in either Bitcoin or Monero," the notice put on the site by the hackers said. The ransom note included a countdown timer that gave the site's owners several days to cough up the cash. "If you do not pay, all files will be leaked, including personal user data. This may cause you to be subject to fines and penalties under the GDPR and other laws."

Read more of this story at Slashdot.

Enough governments love it and it's highly lucrative

Governments can't get enough of hacking services to use against their citizens, despite their protestations that elements of the trade need sanctioning.…

An anonymous reader shares a report: It's broadly understood that electric vehicles are more environmentally friendly than their counterparts that burn only gasoline. And yes -- that includes the impact of manufacturing batteries and generating power to charge them. But even then, such generalizations gloss over specifics, like which EVs are especially eco-friendly, not to mention where. The efficiency of an electric car varies greatly depending on ambient temperature, which is less compromising for gas-burning vehicles. We now have the data and math to answer these questions, courtesy of the University of Michigan. Last week, researchers there released a study along with a calculator that allows users to compare the lifetime difference in greenhouse gas emissions of various vehicle types and powertrains from "cradle to grave," as they say. That includes vehicle production and disposal, as well as use-phase emissions from "driving and upstream fuel production and/or electricity generation," per the university itself. What's more, these calculations can be skewed by where you live. So, if I punch in my location of Bucks County, Pennsylvania, I can see that my generic, pure-ICE "compact sedan" emits 309 grams of carbon dioxide equivalent (gCO2e) per mile. A compact hybrid would emit 20% less; a plug-in hybrid, 44% less; and an EV with a 200-mile range, a whopping 63% less. And, if I moved to Phoenix, the gains would be even larger by switching to pure electric, to the tune of a 79% reduced carbon impact.

Read more of this story at Slashdot.

Privacy advocates don't care if Paragon is based in the US now - they still don't want ICE armed with spyware

ICE may soon have a new weapon in its arsenal. The White House has reversed a Biden-era decision to suspend the Immigration and Customs Enforcement (ICE)'s purchase of software from commercial spyware maker Paragon Solutions.…

UK weather agency Met Office, in a blog post: Provisional Met Office statistics confirm that summer 2025 is officially the warmest summer on record for the UK. Analysis by Met Office climate scientists has also shown that a summer as hot or hotter than 2025 is now 70 times more likely than it would be in a 'natural' climate with no human caused greenhouse gas emissions. The UK's mean temperature from 1 June to 31 August stands at 16.10C, which is 1.51C above the long-term meteorological average. This surpasses the previous record of 15.76C, set in 2018, and pushes the summer of 1976 out of the top five warmest summers in a series dating back to 1884.

Read more of this story at Slashdot.

A host of plugins also make it a better business tool

Mistral AI can now remember personal details about you and use them to offer better prompts. It also has new MCP connectors that businesses can deploy to connect their users to third-party tech services.…

Taylor Otwell, inventor and maintainer of popular PHP framework Laravel, is warning against overly complex code and the risks of bypassing the framework. From a report: Developers are sometimes drawn to building "cathedrals of complexity that aren't so easy to change," he said, speaking in a podcast for maintainable.fm, a series produced by Ruby on Rails consultancy Planet Argon. Software, he said, should be "simple and disposable and easy to change." Some problems are genuinely complex, but in general, if a developer finds a "clever solution" which goes beyond the standard documented way in a framework such as Laravel or Ruby on Rails, "that would be like a smell." A code smell -- for the uninitiated in the The Reg readership -- is a term developers use for code that works but may cause problems at a later date. Otwell described himself as a "pretty average programmer" but reckons many others are the same, solving basic problems as quickly and efficiently as they can.

Read more of this story at Slashdot.

For decades, the dry season in the Amazon rainforest has been getting drier. A new study, published on Tuesday, found that about 75% of the decrease in rainfall is directly linked to deforestation. From a report: The study, in Nature Communications, also found that tree loss was partly responsible for increased heat across the Amazon. Since 1985, the hottest days in the Amazon have warmed by about 2 degrees Celsius. About 16% of that increase, the researchers found, was because of deforestation. Marco Franco, an assistant professor at the University of Sao Paulo who led the study, said he was surprised by the findings. "We were expecting to see deforestation as a driver, but not this much," he said. "It tells us a lot about what's going on in the biome." The Amazon rainforest is often called the lungs of the planet because its trees help to regulate the global climate by absorbing planet-warming carbon dioxide. But decades of large-scale logging and burning in the forest have recently flipped that script, and parts of the region have become net producers of greenhouse gases.

Read more of this story at Slashdot.

Joins Google, Palo Alto Networks in the ever-growing supply chain compromise

Zscaler is the latest company to disclose some of its customers' data was exposed in the recent spate of Salesloft Drift attacks affecting Salesforce databases.…

An anonymous reader shares a report: If you're sharing an ad-free YouTube Premium or YouTube Music account with friends or family who live outside of your home, you could lose your premium privileges. Customers who lose these can still watch YouTube or listen to music with ads -- but let's be real, it's not the same. Multiple reports have shown people who have the service have been receiving notices that their premium service will be paused for 15 days due to violating a policy that's been in place since 2023. On its support page, YouTube says that an account manager can add up to five family members in a household to their Premium membership. But, the post says, "Family members sharing a YouTube family plan must live in the same household as the family manager."

Read more of this story at Slashdot.

Free Copilot for any agency who actually wants it

Microsoft, the latest tech firm to agree to big software discounts for the US government, is digging even deeper into its bargain bin than the competition by offering a year of free Copilot access to government agencies willing to put up with its other problem products. …

Steam's August 2025 hardware survey shows 32GB RAM configurations reached 35.42% of users while 16GB systems fell to 41.67%, continuing a six-month trend that positions 32GB to become the dominant memory configuration among PC gamers before year's end. Windows 11 crossed 60% adoption among Steam users. The RTX 4060 continues gaining market share despite newer RTX 5060 availability. Display resolutions at 2560x1600 pixels saw the largest growth, primarily from gaming laptops.

Read more of this story at Slashdot.

America is becoming a nation of economic pessimists. WSJ reports: A new Wall Street Journal-NORC poll [PDF] finds that the share of people who say they have a good chance of improving their standard of living fell to 25%, a record low in surveys dating to 1987. More than three-quarters said they lack confidence that life for the next generation will be better than their own, the poll found. Nearly 70% of people said they believe the American dream -- that if you work hard, you will get ahead -- no longer holds true or never did, the highest level in nearly 15 years of surveys. Republicans in the survey were less pessimistic than Democrats, reflecting the longstanding trend that the party holding the White House has a rosier view of the economy. An index that combined six poll questions found that 55% of Republicans, as well as 90% of Democrats, held a negative view of prospects for themselves and their children. The discontent reaches across demographic lines. By large majorities, both women and men held a pessimistic view in the combined questions. So did both younger and older adults, those with and without a college degree and respondents with more than $100,000 in household income, as well as those with less.

Read more of this story at Slashdot.

Benioff boasts bots now handle half of customer chats as doubts over reliability linger

Speaking ahead of Labor Day – celebrated in the US to recognize the nation's labor movement – Salesforce CEO and co-founder Marc Benioff said the company had slashed 4,000 customer support roles through the application of AI agents.…