news aggregator

A group of Linux gaming-focused distros and developers have formed the Open Gaming Collective to pool work on shared components like kernels, input systems, and Valve tooling. The Verge reports: Universal Blue, developer of the gaming-focused Linux distribution Bazzite, announced on Wednesday that its helping to form the OGC with several other groups, which will collaborate on improvements to the Linux gaming ecosystem and âoecentralize efforts around critical components like kernel patches, input tooling, and essential gaming packages such as gamescope." The other founding members of the OGC include Nobara, ChimeraOS, Playtron, Fyra Labs, PikaOS, ShadowBlip, and Asus Linux. [...] It's worth noting that this will mean some changes to Bazzite, which is switching to the OGC kernel, replacing HHD with InputPlumber as its input framework, and integrating features like RGB and fan control into the Steam UI. Bazzite also added that, "We'll be sharing patches we've made to various Valve packages with the OGC and attempting to upstream everything we can."

Read more of this story at Slashdot.

BellSoft survey finds 48% prefer pre‑hardened images over managing vulnerabilities themselves

Java developers still struggle to secure containers, with nearly half (48 percent) saying they'd rather delegate security to providers of hardened containers than worry about making their own container security decisions.…

An anonymous reader quotes a report from Wired: Earlier this month, Joseph Thacker's neighbor mentioned to him that she'd preordered a couple of stuffed dinosaur toys for her children. She'd chosen the toys, called Bondus, because they offered an AI chat feature that lets children talk to the toy like a kind of machine-learning-enabled imaginary friend. But she knew Thacker, a security researcher, had done work on AI risks for kids, and she was curious about his thoughts. So Thacker looked into it. With just a few minutes of work, he and a web security researcher friend named Joel Margolis made a startling discovery: Bondu's web-based portal, intended to allow parents to check on their children's conversations and for Bondu's staff to monitor the products' use and performance, also let anyone with a Gmail account access transcripts of virtually every conversation Bondu's child users have ever had with the toy. Without carrying out any actual hacking, simply by logging in with an arbitrary Google account, the two researchers immediately found themselves looking at children's private conversations, the pet names kids had given their Bondu, the likes and dislikes of the toys' toddler owners, their favorite snacks and dance moves. In total, Margolis and Thacker discovered that the data Bondu left unprotected -- accessible to anyone who logged in to the company's public-facing web console with their Google username -- included children's names, birth dates, family member names, "objectives" for the child chosen by a parent, and most disturbingly, detailed summaries and transcripts of every previous chat between the child and their Bondu, a toy practically designed to elicit intimate one-on-one conversation. More than 50,000 chat transcripts were accessible through the exposed web portal. When the researchers alerted Bondu about the findings, the company acted to take down the console within minutes and relaunched it the next day with proper authentication measures. "We take user privacy seriously and are committed to protecting user data," Bondu CEO Fateen Anam Rafid said in his statement. "We have communicated with all active users about our security protocols and continue to strengthen our systems with new protections," as well as hiring a security firm to validate its investigation and monitor its systems in the future.

Read more of this story at Slashdot.

Google is letting outsiders experiment with DeepMind's Genie 3 "world model" via Project Genie, a tool for generating short, interactive AI worlds. The caveat: it requires a $250/month AI Ultra subscription, is U.S.-only, and has tight limits that make it more of a tech demo than a game engine. Engadget reports: At launch, Project Genie offers three different modes of interaction: World Sketching, exploration and remixing. The first sees Google's Nano Banana Pro model generating the source image Genie 3 will use to create the world you will later explore. At this stage, you can describe your character, define the camera perspective -- be it first-person, third-person or isometric -- and how you want to explore the world Genie 3 is about to generate. Before you can jump into the model's creation, Nano Banana Pro will "sketch" what you're about to see so you can make tweaks. It's also possible to write your own prompts for worlds others have used Genie to generate. One thing to keep in mind is that Genie 3 is not a game engine. While its outputs can look game-like, and it can simulate physical interactions, there aren't traditional game mechanics here. Generations are also limited to 60 seconds, as is the presentation, which is capped at 24 frames per second and 720p.

Read more of this story at Slashdot.

The call is coming from inside the house

opinion Maybe everything is all about timing, like the time (this week) America's lead cyber-defense agency sounded the alarm on insider threats after it came to light that its senior official uploaded sensitive documents to ChatGPT.…

NVIDIA has officially launched a native GeForce NOW client for Linux as a Flatpak, giving Linux gamers access to cloud-rendered RTX gaming. Phoronix reports: While confined to a Flatpak, for now NVIDIA is just "officially" supporting it on Ubuntu 24.04 LTS and later. Granted, thanks to Flatpak it should run on other non-Ubuntu distributions too but in terms of the official support and where they are qualifying their builds they are limiting it just to Ubuntu 24.04 LTS and later. [...] At launch the Flatpak build is also just for x86_64 Linux with no AArch64 Linux builds or similar at this time. Running GeForce NOW on Linux while games are rendered in NVIDIA's cloud with Blackwell GPUs, you still need to be using a modern GPU with H.264 or H.265 Vulkan Video support NVIDIA isn't yet supporting Vulkan Video AV1 with GeForce NOW on Linux but just H.264/H.265. If you are using NVIDIA graphics the NVIDIA R580 series or newer is recommended while using the X.Org session. If you are using Intel or AMD Radeon graphics, Mesa 24.2+ is recommended and using the Wayland session. When you are up and running with GeForce NOW on Linux, you have access to over 4,500 games. The free tier of GeForce NOW provides standard access to the gaming servers and limited session caps for an introductory-level experience. It's with the performance tier where you can enjoy RTX ray-tracing and 1440p @ 60 FPS performance and up to six hour sessions. With GeForce NOW's Ultimate tier is where you are running on GeForce RTX 5080 GPU servers with support for up to 5K @ 120 FPS gaming or 1080p @ 360 FPS with up to eight hour gaming sessions in length.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica, written by Dan Goodin: Two security professionals who were arrested in 2019 after performing an authorized security assessment of a county courthouse in Iowa will receive $600,000 to settle a lawsuit they brought alleging wrongful arrest and defamation. The case was brought by Gary DeMercurio and Justin Wynn, two penetration testers who at the time were employed by Colorado-based security firm Coalfire Labs. The men had written authorization from the Iowa Judicial Branch to conduct "red-team" exercises, meaning attempted security breaches that mimic techniques used by criminal hackers or burglars. The objective of such exercises is to test the resilience of existing defenses using the types of real-world attacks the defenses are designed to repel. The rules of engagement for this exercise explicitly permitted "physical attacks," including "lockpicking," against judicial branch buildings so long as they didn't cause significant damage. [...] DeMercurio and Wynn's engagement at the Dallas County Courthouse on September 11, 2019, had been routine. A little after midnight, after finding a side door to the courthouse unlocked, the men closed it and let it lock. They then slipped a makeshift tool through a crack in the door and tripped the locking mechanism. After gaining entry, the pentesters tripped an alarm alerting authorities. Within minutes, deputies arrived and confronted the two intruders. DeMercurio and Wynn produced an authorization letter -- known as a "get out of jail free card" in pen-testing circles. After a deputy called one or more of the state court officials listed in the letter and got confirmation it was legit, the deputies said they were satisfied the men were authorized to be in the building. DeMercurio and Wynn spent the next 10 or 20 minutes telling what their attorney in a court document called "war stories" to deputies who had asked about the type of work they do. When Sheriff Leonard arrived, the tone suddenly changed. He said the Dallas County Courthouse was under his jurisdiction and he hadn't authorized any such intrusion. Leonard had the men arrested, and in the days and weeks to come, he made numerous remarks alleging the men violated the law. A couple months after the incident, he told me that surveillance video from that night showed "they were crouched down like turkeys peeking over the balcony" when deputies were responding. I published a much more detailed account of the event here. Eventually, all charges were dismissed.

Read more of this story at Slashdot.

To what end? Who knows? Tesla isn't even using them in its own factories yet

Elon Musk's car company is getting ready to be Skynet. Tesla, facing an 11 percent decline in automotive revenue in Q4 2025, has committed to $20 billion in capex spending this year on manufacturing and compute infrastructure. The goal: build lots of humanoid robots.…

The preprint repository arXiv will require all submissions to be written in English or accompanied by a full English translation starting February 11, a policy change that explicitly permits the use of AI translators even as research suggests large language models remain inconsistent at the task. Until now, authors only needed to submit an abstract in English. ArXiv hosts nearly 3 million preprints and receives more than 20,000 submissions monthly, though just 1% are in languages other than English. Ralph Wijers, chair of arXiv's editorial advisory council, advises authors to verify any AI-generated translations. "Our own experience is that AI translation is good but not good enough," he says. A 2025 study from ByteDance Seed and Peking University ranked 20 LLMs on translation quality between Chinese and English; GPT-5-high scored nearly 77, just below the human expert benchmark of 80, but most models including GPT-4o, Claude 4, and Deepseek-V3 scored under 60.

Read more of this story at Slashdot.

A Labs prototype turns prompts into short, explorable 3D worlds

Google has put the video gaming industry on notice with the rollout of Project Genie, an experimental AI world-model prototype that generates explorable 3D environments from text or image prompts.…

An anonymous reader shares a report: The US is leading a huge global surge in new gas-fired power generation that will cause a major leap in planet-heating emissions, with this record boom driven by the expansion of energy-hungry datacenters to service AI, according to a new forecast. This year is set to shatter the annual record for new gas power additions around the world, with projects in development expected to grow existing global gas capacity by nearly 50%, a report by Global Energy Monitor (GEM) found. The US is at the forefront of a global push for gas that is set to escalate over the next five years, after tripling its planned gas-fired capacity in 2025. Much of this new capacity will be devoted to the vast electricity needs of AI, with a third of the 252 gigawatts of gas power in development set to be situated on site at datacenters. All of this new gas energy is set to come at a significant cost to the climate, amid ongoing warnings from scientists that fossil fuels must be rapidly phased out to avoid disastrous global heating.

Read more of this story at Slashdot.

An anonymous reader shares a report: U.S. life expectancy rose to a record high of 79 years in 2024, an increase of six months from the previous year, reflecting a sharp decline in deaths from COVID-19 and drug overdoses, the Centers for Disease Control and Prevention said on Thursday. According to a report from the CDC's National Center for Health Statistics, life expectancy improved for both men and women across races and among Hispanics, surpassing the previous peak set in 2014.

Read more of this story at Slashdot.

Microsoft wants you to know that it knows that Windows 11, now used by a billion users, has been testing your patience and announced that its engineers are being redirected to urgently address the operating system's performance and reliability problems through an internal process the company calls "swarming." "The feedback we're receiving from our community of passionate customers and Windows Insiders has been clear. We need to improve Windows in ways that are meaningful for people," Pavan Davuluri, president of Windows and devices, told The Verge. The company plans to spend the rest of 2026 focusing on pain points including system performance, reliability, and overall user experience. January has been particularly rough for Windows 11. Microsoft issued an emergency out-of-band update to fix shutdown issues on some machines, then released a second out-of-band fix a week later to address OneDrive and Dropbox crashes. Some business PCs are also failing to boot after the January update because they were left in an "improper state" after December's monthly update failed to install. Users have also grown frustrated by aggressive Edge and Bing prompts, constant OneDrive upselling nags, and Microsoft's push to require Microsoft accounts. The core members of the company's Windows Insider team recently moved to different roles. "Trust is earned over time and we are committed to building it back with the Windows community," Davuluri said.

Read more of this story at Slashdot.

The private equity industry is experiencing a quiet reckoning as hundreds of midsize firms find themselves trapped between investors who have lost patience and portfolios of companies they cannot sell at acceptable prices. "There is existential risk for a number [of funds] because of the fundraising environment," said Sunaina Sinha Haldea, global head of private capital advisory at Raymond James. "If existing investors don't come and support them, new investors are highly unlikely to." According to data from Preqin, the average buyout fund that closed in 2025 spent 23 months fundraising, up from 16 months in 2021, and the total number of funds raised fell to 1,191 from 2,679 over the same period. New York's Vestar Capital scrapped plans for its eighth fund in late 2024 and has not invested in a new portfolio company since 2023. The firm's assets under management dropped from $7 billion fifteen years ago to $3.3 billion in 2024. Three-year annualized returns through June 2025 for the Cambridge Associates U.S. Private Equity Index stand at 7.4%, trailing the MSCI World stock index by 11 percentage points annually. The average holding period for buyout deals has stretched to 6.3 years from 5.1 years in 2020. Blue-chip megafunds continue raising capital normally, but smaller firms face existential pressure.

Read more of this story at Slashdot.

'We're letting thousands of interns run around in our production environment'

Corporate use of AI agents in 2026 looks like the Wild West, with bots running amok and no one quite knowing what to do about it - especially when it comes to managing and securing their identities.…

The 129 year old chemical company uses Palantir-rival C3's AI as its software of choice.

ai-pocalypse The jury is still out when it comes to determining how much job loss AI is causing. However, we now have another case study. Dow Chemical blames AI automation for its plans to cut 4,500 jobs, about 12.5 percent of its work force.…

Apple has acquired Q.AI, a secretive Israeli startup whose technology can analyze facial skin micro-movements to interpret "silent speech," in a deal valued at close to $2 billion that marks the iPhone maker's second-largest acquisition ever, according to backer GV (formerly Google Ventures). The four-year-old company was founded in Tel Aviv in 2022 by Aviad Maizels, Yonatan Wexler and Avi Barliya. Patents filed by Q.AI show its technology being deployed in headphones or smart glasses to enable non-verbal communication with an AI assistant. The acquisition comes as Meta's Ray-Ban smart glasses already let wearers talk to its AI, and Google and Snap are preparing to launch competing devices later this year.

Read more of this story at Slashdot.

An anonymous reader shares a report: Chat & Ask AI, one of the most popular AI apps on the Google Play and Apple App stores that claims more than 50 million users, left hundreds of millions of those users' private messages with the app's chatbot exposed, according to an independent security researcher and emails viewed by 404 Media. The exposed chats showed users asked the app "How do I painlessly kill myself," to write suicide notes, "how to make meth," and how to hack various apps. The exposed data was discovered by an independent security researcher who goes by Harry. The issue is a misconfiguration in the app's usage of the mobile app development platform Google Firebase, which by default makes it easy for anyone to make themselves an "authenticated" user who can access the app's backend storage where in many instances user data is stored. Harry said that he had access to 300 million messages from more than 25 million users in the exposed database, and that he extracted and analyzed a sample of 60,000 users and a million messages. The database contained user files with a complete history of their chats with the AI, timestamps of those chats, the name they gave the app's chatbot, how they configured the model, and which specific model they used. Chat & Ask AI is a "wrapper" that plugs into various large language models from bigger companies users can choose from, Including OpenAI's ChatGPT, Anthropic's Claude, and Google's Gemini.

Read more of this story at Slashdot.

Reduce emissions? Screw that - we have money to lose and memes to generate

Fossil fuel-fired power plant development is roaring back to life in the US thanks to the AI datacenter boom, with data from 2025 suggesting we're reaching the point where the renewable energy transition - and efforts to ease carbon emissions - may well be doomed.…

The Chocolate Factory strikes again, targeting the infrastructure attackers use to stay anonymous

Crims love to make it look like their traffic is actually coming from legit homes and businesses, and they do so by using residential proxy networks. Now, Google says it has "significantly degraded" what it believes is one of the world's largest residential proxy networks.…