Linux fréttir

Linux kernel 6.7 has been released, including support for the new next-gen copy-on-write (COW) bcachefs file system. The Register reports: Linus Torvalds announced the release on Sunday, noting that it is "one of the largest kernel releases we've ever had." Among the bigger and more visible changes are a whole new file system, along with fresh functionality for several existing ones; improved graphics support for several vendors' hardware; and the removal of an entire CPU architecture. [...] The single biggest feature of 6.7 is the new bcachefs file system, which we examined in March 2022. As this is the first release of Linux to include the new file system, it definitely would be premature to trust any important data to it yet, but this is a welcome change. The executive summary is that bcachefs is a next-generation file system that, like Btrfs and ZFS, provides COW functionality. COW enables the almost instant creation of "snapshots" of all or part of a drive or volume, which enables the OS to make disk operations transactional: In other words, to provide an "undo" function for complex sets of disk write operations. Having a COW file system on Linux isn't new. The existing next-gen file system in the kernel, Btrfs, also supports COW snapshots. The version in 6.7 sees several refinements. It inherits a feature implemented for Steam OS: Two Btrfs file systems with the same ID can be mounted simultaneously, for failover scenarios. It also has improved quota support and a new raid_stripe_tree that improves handling of arrays of dissimilar drives. Btrfs remains somewhat controversial. Red Hat banished it from RHEL years ago (although Oracle Linux still offers it) but SUSE's distros depend heavily upon it. It will be interesting to see how quickly SUSE's Snapper tool gains support for bcachefs: This new COW contender may reveal unquestioned assumptions built into the code. Since Snapper is also used in several non-SUSE distros, including Spiral Linux, Garuda, and siduction, they're tied to Btrfs as well. The other widely used FOSS next-gen file system, OpenZFS, also supports COW, but licensing conflicts prevent ZFS being fully integrated into the Linux kernel. So although multiple distros (such as NixOS, Proxmox, TrueNAS Scale, Ubuntu, and Void Linux) support ZFS, it must remain separate and distinct. This results in limitations, such as the ZFS Advanced Read Cache being separate from Linux's page cache. Bcachefs is all-GPL and doesn't suffer from such limitations. It aims to supply the important features of ZFS, such as integrated volume management, while being as fast as ext4 or XFS, and also surpass Btrfs in both performance and, crucially, reliability. A full list of changes in this release can be viewed via KernelNewbies.

Read more of this story at Slashdot.

The Federal Aviation Administration on Thursday said it had opened an investigation into whether Boeing failed to ensure that its 737 Max 9 plane was safe and manufactured to match the design approved by the agency. The New York Times (non-paywalled source): The F.A.A. said the investigation stemmed from the loss of a fuselage panel of a Boeing 737 Max 9 operated by Alaska Airlines shortly after it took off on Friday from Portland, Ore., leaving a hole in the side of the passenger cabin. The plane returned to Portland for an emergency landing. "This incident should have never happened and it cannot happen again," the agency said. In a letter to Boeing dated Jan. 10, the F.A.A. said that after the Portland incident, it was notified of additional issues with other Boeing 737 Max 9 planes. The letter does not detail what other issues were reported to the agency. Alaska and United Airlines, which operate most of the Max 9s in use in the United States, said on Monday that they discovered loose hardware on the panel when conducting preliminary inspections on their planes. The new investigation is the latest setback for Boeing, which is one of just two suppliers of large planes for most airlines. The company has struggled to regain the public's trust after two crashes, in Indonesia in 2018 and Ethiopia in 2019, involving the 737 Max 8 killed a total of 346 people.

Read more of this story at Slashdot.

Staff sent live cockroaches, porno – and more – in harassment campaign to silence pair

eBay will pay $3 million to settle criminal charges that its security team stalked and harassed a Massachusetts couple in retaliation for their website's critical coverage of the online tat bazaar.…

An anonymous reader quotes a report from SecurityWeek.com: A Dutch engineer recruited by the country's intelligence services used a water pump to deploy the now-infamous Stuxnet malware in an Iranian nuclear facility, according to a two-year investigation conducted by Dutch newspaper De Volkskrant. Stuxnet, whose existence came to light in 2010, is widely believed to be the work of the United States and Israel, its goal being to sabotage Iran's nuclear program by compromising industrial control systems (ICS) associated with nuclear centrifuges. The malware, which had worm capabilities, is said to have infected hundreds of thousands of devices and caused physical damage to hundreds of machines. De Volkskrant's investigation, which involved interviews with dozens of people, found that the AIVD, the general intelligence and security service of the Netherlands, the Dutch equivalent of the CIA, recruited Erik van Sabben, a then 36-year-old Dutch national working at a heavy transport company in Dubai. Van Sabben was allegedly recruited in 2005 -- a couple of years before the Stuxnet malware was triggered -- after American and Israeli intelligence agencies asked their Dutch counterpart for help. However, the Dutch agency reportedly did not inform its country's government and it was not aware of the full extent of the operation. Van Sabben was described as perfect for the job as he had a technical background, he was doing business in Iran and was married to an Iranian woman. It's believed that the Stuxnet malware was planted on a water pump that the Dutch national installed in the nuclear complex in Natanz, which he had infiltrated. It's unclear if Van Sabben knew exactly what he was doing, but his family said he appeared to have panicked at around the time of the Stuxnet attack. [...] Michael Hayden, who at the time was the chief of the CIA, did agree to talk to De Volkskrant, but could not confirm whether Stuxnet was indeed delivered via water pumps due to it still being classified information. One interesting piece of information that has come to light in De Volkskrant's investigation is that Hayden reportedly told one of the newspaper's sources that it cost between $1 and $2 billion to develop Stuxnet.

Read more of this story at Slashdot.

Hint: US, UK, European antitrust police are on the hunt

Data egress fees aren't going away, but if you really want to ditch Google Cloud and take your data somewhere else, the search giant is willing to cut you a break.…

quonset writes: Hertz rental has announced it's selling off one third of its 20,000 electric vehicle fleet and replacing them with gas powered vehicles. The reason? It's costing them too much to repair damaged EVs and their depreciation is hurting the bottom line. "[C]ollision and damage repairs on an EV can often run about twice that associated with a comparable combustion engine vehicle," Hertz CEO Stephen Scherr said in a recent analyst call. And EV price declines in the new car market have pushed down the resale value of Hertz's used EV rental cars.

Read more of this story at Slashdot.

Discord is laying off 17 percent of its staff, a move that CEO Jason Citron said is meant to "sharpen our focus and improve the way we work together to bring more agility to our organization." From a report: The cuts were announced today to employees in an all-hands meeting and internal memo The Verge has obtained. They'll impact 170 people across various departments. Based on Citron's message to employees and my understanding of the business, Discord isn't in dire financial straits, though it has yet to become profitable and is still trying to revive user growth after a surge during the pandemic. In his memo to employees, which you can read in full below, Citron said Discord grew its headcount too fast over the last few years -- an admission that has become quite common among tech CEOs as of late. "We grew quickly and expanded our workforce even faster, increasing by 5x since 2020," Citron wrote. "As a result, we took on more projects and became less efficient in how we operated."

Read more of this story at Slashdot.

Google formally endorsed the concept of right to repair Thursday and is set to testify in favor of a strong right to repair bill in Oregon later Thursday, a massive step forward for the right to repair movement. 404 Media: "Google believes that users should have more control over repair -- including access to the same documentation, parts and tools that original equipment manufacturer (OEM) repair channels have -- which is often referred to as 'Right to Repair,'" Google's Steven Nickel wrote in a white paper published Thursday. Crucially, Google specifically says that regulators should ban "parts pairing," which is a tactic used by Apple, John Deere, and other major manufacturers to artificially restrict which repair parts can be used with a given device: "Policies should constrain OEMs from imposing unfair anti-repair practices. For example, parts-pairing, the practice of using software barriers to obstruct consumers and independent repair shops from replacing components, or other restrictive impediments to repair should be discouraged," the white paper says.

Read more of this story at Slashdot.

Zack Whittaker, reporting for TechCrunch: Civil liberties advocates have long argued that "geofence" search warrants are unconstitutional for their ability to ensnare entirely innocent people who were nearby at the time a crime was committed. But errors in the geofence warrant applications that go before a judge can violate the privacy of vastly more people -- in one case almost two miles away. Attorneys at the ACLU of Northern California found what they called an "alarming error" in a geofence warrant application that "resulted in a warrant stretching nearly two miles across San Francisco." The error, likely caused by a typo, allowed the requesting law enforcement agency to capture information on anyone who entered the stretch of San Francisco erroneously marked on the search warrant. "Many private homes were also captured in the massive sweep," wrote Jake Snow, ACLU staff attorney, in a blog post about the findings. It's not known which law enforcement agency requested the nearly two-mile-long geofence warrant, or for how long the warrant was in effect. The attorneys questioned how many other geofence warrant application mistakes had slipped through and resulted in the return of vastly more data in error.

Read more of this story at Slashdot.

Wonder when he's going to give that 28-year-old their skin back

We're born, we work, we die. That biological injustice just doesn't mesh with the Silicon Valley mindset.…

U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely-used corporate VPN appliance, but said that patches won't be available until the end of the month. From a report: Ivanti said the two vulnerabilities -- tracked as CVE-2023-46805 and CVE-2024-21887 -- were found in its Ivanti Connect Secure software. Formerly known as Pulse Connect Secure, this is a remote access VPN solution that enables remote and mobile users to access corporate resources over the internet. Ivanti said it is aware of "less than 10 customers" impacted so far by the "zero day" vulnerabilities, described as such given Ivanti had zero time to fix the flaws before they were maliciously exploited.

Read more of this story at Slashdot.

Plus: Analyst believes Samsung might give up on own cores and use Arm designs instead

Arm has confirmed it is working on a CPU core expected to deliver a jump in performance, thus taking aim at the closing the gap between its own chips and those produced by Apple.…

An anonymous reader writes: Millions of dollars have gone down the drain right when the Chicago Public Schools face a looming budget deficit -- as a brand-new CPS Inspector General report revealed the district lost thousands of computers and devices in a school year. In all, more than $20 million were lost -- as about students failed to return 77,505 laptops and other electronic devices within a year. This is even though the district spends millions to track such devices. The underlying concern is that taxpayer dollars will be used to replace them.

Read more of this story at Slashdot.

Speculation builds over whether a nearly year-old policy change was to blame

Google-owned security house Mandiant's investigation into how its X account was taken over to push cryptocurrency scams concludes the "likely" cause was a successful brute-force password attack.…

The stock market has a new, but familiar, monarch. Microsoft's AI-powered stock rally has made the software giant the largest U.S. company by market value, surpassing Apple for the first time since November 2021. WSJ: Shares edged higher Thursday morning, bringing Microsoft's market value to nearly $2.87 trillion. Apple, meanwhile, fell 1%, pulling its market capitalization just below that threshold. Either Apple or Microsoft has held the title since Feb. 4, 2019, according to Dow Jones Market Data. Microsoft's stock has been on the rise for the past year thanks to the continued growth of its cloud computing division, even as major competitors like Amazon and Google have experienced a gradual slowdown in sales growth.

Read more of this story at Slashdot.

Benefits include no snacking on your sensitive data

OpenAI is updating its subscription plans to add a "Team" tier for businesses to sit below its existing Enterprise level.…

Real-life Kerbal Space Program?

A Chinese startup has launched its first rocket from a sea-based platform, sending three satellites into orbit.…

Brendan Carr, the senior Republican on the Federal Communications Commission, in a wide-ranging interview with Indian newspaper Economic Times praised the South Asian market for blocking Chinese apps in 2020 and said he hopes the U.S. will follow suit. He said: I hope there will be a movement towards a nationwide ban of the application soon, much like India led the way so many years ago. It is taking time, and I wish it was done as swiftly and with the alacrity that India banned not just TikTok but a number of other Chinese apps that had questionable data sharing and privacy policies. If TikTok is neither banned nor ByteDance is forced to divest this year, I would consider it a huge miss. Because only when action is taken would it be possible for us to go after the smaller players too.

Read more of this story at Slashdot.

Oz online safety czar receives evidence of cull despite platform reinstating hundreds of banned accounts

Twitter, the social media service now calling itself X, executed a 30 percent reduction in its Trust and Safety staff globally after Elon Musk's acquisition in October 2022.…

An anonymous reader shares a report: The cost of switching between cloud-computing providers has long drawn complaints, with the services derided as "roach motels" that let businesses check in but not out. Now Google is taking steps to change that. Effective immediately, the company is eliminating fees levied on customers who want to leave its cloud for a rival service -- a policy shift that may pressure competitors Amazon and Microsoft to do the same. The move follows intensifying scrutiny of cloud services by regulators and lawmakers around the world. UK antitrust authorities launched a probe that is looking at such penalties, and the fees emerged as a key issue when the US Federal Trade Commission asked for public comments on a variety of cloud concerns. Google Vice President Amit Zavery, who helps oversee the cloud business, said switching fees only represent about 2% of the total costs of migrating to a new provider -- and don't deter many clients from moving their data.

Read more of this story at Slashdot.