Linux fréttir

Alan W. Filion, an 18-year-old from Lancaster, Calif., was sentenced to four years in prison for making nearly 400 false bomb threats and threats of violence (source may be paywalled; alternative source) to religious institutions, schools, universities and homes across the country. The New York Times reports: The threatening calls Mr. Filion made would often cause large deployments of police officers to a targeted location, the Justice Department said in a news release. In some cases, officers would enter people's homes with their weapons drawn and detain those inside. In January 2023, Mr. Filion wrote on social media that his swats had often led the police to "drag the victim and their families out of the house cuff them and search the house for dead bodies." Investigators linked Mr. Filion to over 375 swatting calls made in several states, including one that he made to the police in Sanford, Fla., saying that he would commit a mass shooting at the Masjid Al Hayy Mosque. During the call, he played audio of gunfire in the background. Mr. Filion was arrested in California in January 2024, and was then extradited to Florida to face state charges for making that threat. Mr. Filion began swatting for recreation in August 2022 before making it into a business, the Justice Department said. The teenager became a "serial swatter" and would make social media posts about his "swatting-for-a-fee" services, according to prosecutors. In addition to pleading guilty to the false threat against the mosque in Florida, Mr. Filion pleaded guilty in three other swatting cases: a mass shooting threat to a public school in Washington State in October 2022; a bomb threat call to a historically Black college or university in Florida in May 2023; and a July 2023 call in which he claimed to be a federal law enforcement officer in Texas and told dispatchers that he had killed his mother and would kill any responding officers.

Read more of this story at Slashdot.

Today, the KDE Project announced the release of KDE Plasma 6.3, featuring improved fractional scaling, enhanced Night Light color accuracy, better CPU usage monitoring, and various UI and security refinements. Some of the key features of Plasma 6.3 include: - Improved fractional scaling with KWin to lead to an all-around better desktop experience with fractional scaling as well as when making use of KWin's zoom effect. - Screen colors are more accurate with the KDE Night Light feature. - CPU usage monitoring within the KDE System Monitor is now more accurate and consuming fewer CPU resources. - KDE will now present a notification when the kernel terminated an app because the system ran out of memory. - Various improvements to the Discover app, including a security enhancement around sandboxed apps. - The drawing tablet area of KDE System Settings has been overhauled with new features and refinements. - Many other enhancements and fixes throughout KDE Plasma 6.3. You can read the announcement here.

Read more of this story at Slashdot.

Numerous systemic vulnerabilities could scuttle $5.4T industry

Despite the escalating cyber threats targeting America's maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure - nor does it have reliable access to data on cybersecurity vulnerabilities and past attacks, the Government Accountability Office (GAO) warns.…

An anonymous reader quotes a report from TechCrunch: Since 2022, blogging site Tumblr has been teasing its plans to integrate with the fediverse -- the open social web powered by the protocol ActivityPub also used by Mastodon, Threads, Flipboard, and others. Now, the Automattic-owned blogging platform is sharing more information about when and how that integration could actually happen. As it turns out, the current plan to tie Tumblr into the open social web will come about by way of the site's planned move to the WordPress infrastructure. Automattic confirmed to TechCrunch that when the migration is complete, every Tumblr user will be able to federate their blog via ActivityPub, just as every WordPress.com user can today. The company noted that the migration could also allow for other open web integrations, like giving Tumblr users a way to run other custom plug-ins or themes. Last summer, Automattic announced it would move its half a billion blogs to WordPress, to make it easier for the company to build tools and features that worked across both services, while also allowing Tumblr to take advantage of the open source developments from WordPress.org. Though the WordPress community itself is in a state of upheaval, ultimately running Tumblr's back end on WordPress would allow for greater efficiencies, while not changing the interface and experience that Tumblr's user base has grown to love. Automattic declined to share a time frame as to when the migration would be complete, given its scale, but a rep for the company called the progress so far "exciting." Automattic didn't say if it would consider integrating with the AT Protocol that powers Bluesky.

Read more of this story at Slashdot.

Which is why Cisco is adding these Pensando DPUs to more switches

Cisco is cramming into more of its switches Pensando data processing units (DPUs) from AMD, which will be dedicated to handling security, storage, and other tasks.…

For the first time since 2004, PassMark's global CPU benchmark data shows a decline in average processor performance, with laptop CPUs dropping 3.4% and desktop CPUs falling 0.5% year-over-year. Tom's Hardware reports: We see the biggest drop in laptop CPU performance results. PassMark recorded an average result of 14,632 across 101,316 samples last year. But, in 2025, the average score sat at an average of 14,130 points between 25,541 samples, decreasing the average score by 3.4%. The average desktop PC result in 2024 netted 26,436 points for 186,053 samples. But for 2025, the average score currently sits at 26,311 points for over 47,810 samples -- a 0.5% drop from last year. While that drop is small, we should only see a continued progression of faster performance. [...] Passmark itself mused on X (formerly Twitter) that it could be that people are switching to more affordable machines that deliver lower power and performance. Or maybe Windows 11 is depressing performance scores versus Windows 10, especially as people transition to it with the upcoming demise of the latter. We've certainly seen plenty of examples of reduced performance in gaming with some of the newer versions of Windows 11, particularly as Intel and AMD struggled to upstream needed updates into the OS. [...] PassMark also muses that bloatware could contribute to the sudden decline in performance, but that seems like a longshot.

Read more of this story at Slashdot.

The US, UK, and Australia (AUKUS) have sanctioned Russian bulletproof hosting provider Zservers, accusing it of supporting LockBit ransomware operations by providing secure infrastructure for cybercriminals. The sanctions target Zservers, its UK front company XHOST Internet Solutions, and six individuals linked to its operations. The Register reports: Headquartered in Barnaul, Russia, Zservers provided BPH services to a number of LockBit affiliates, the three nations said today. On numerous occasions, affiliates purchased servers from the company to support ransomware attacks. The trio said the link between Zservers and LockBit was established as early as 2022, when Canadian law enforcement searched a known LockBit affiliate and found evidence they had purchased infrastructure tooling almost certainly used to host chatrooms with ransomware victims. "Ransomware actors and other cybercriminals rely on third-party network service providers like Zservers to enable their attacks on US and international critical infrastructure," said Bradley T Smith, acting under secretary of the Treasury for terrorism and financial intelligence. "Today's trilateral action with Australia and the United Kingdom underscores our collective resolve to disrupt all aspects of this criminal ecosystem, wherever located, to protect our national security." The UK's Foreign, Commonwealth & Development Office (FCDO) said additionally that the UK front company for Zservers, XHOST Internet Solutions, was also included in its sanctions list. According to Companies House, the UK arm was incorporated on January 31, 2022, although the original service was established in 2011 and operated in both Russia and the Netherlands. Anyone found to have business dealings with either entity can face criminal and civil charges under the Sanctions and Anti-Money Laundering Act 2018. The UK led the way with sanctions, placing six individuals and the two entities on its list, while the US only placed two of the individuals -- both alleged Zservers admins -- on its equivalent. Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov, both 30 years old, were named by the US as the operation's heads. Mishin was said to have marketed Zservers to LockBit and other ransomware groups, managing the associated cryptocurrency transactions. Both he and Bolshakov responded to a complaint from a Lebanese company in 2023 and shut down an IP address used in a LockBit attack. The US said, however, it was possible that the pair set up a replacement IP address that LockBit could carry on using, while telling the Lebanese company that they complied with its request. The UK further sanctioned Ilya Vladimirovich Sidorov, Dmitry Konstantinovich Bolshakov (no mention of whether he is any relation to Aleksandr), Igor Vladimirovich Odintsov, and Vladimir Vladimirovich Ananev. Other than that they were Zservers employees and thus were directly or indirectly involved in attempting to inflict economic loss to the country, not much was said about either of their roles.

Read more of this story at Slashdot.

Rustaceans could just wait for unwelcoming C coders to slowly SIGQUIT...

The Rust for Linux project is alive and well, despite suggestions to the contrary, even if not every Linux kernel maintainer is an ally.…

An anonymous reader quotes a report from Wired: Thomson Reuters haswon the first major AI copyright case in the United States. In 2020, the media and technology conglomerate filed an unprecedentedAI copyright lawsuit against the legal AI startup Ross Intelligence. In the complaint, Thomson Reuters claimed the AI firm reproduced materials from its legal research firm Westlaw. Today, a judge ruled (PDF) in Thomson Reuters' favor, finding that the company's copyright was indeed infringed by Ross Intelligence's actions. "None of Ross's possible defenses holds water. I reject them all," wrote US District Court of Delaware judge Stephanos Bibas, in a summary judgement. [...] Notably, Judge Bibas ruled in Thomson Reuters' favor on the question of fair use. The fair use doctrine is a key component of how AI companies are seeking to defend themselves against claims that they used copyrighted materials illegally. The idea underpinning fair use is that sometimes it's legally permissible to use copyrighted works without permission -- for example, to create parody works, or in noncommercial research or news production. When determining whether fair use applies, courts use a four-factor test, looking at the reason behind the work, the nature of the work (whether it's poetry, nonfiction, private letters, et cetera), the amount of copyrighted work used, and how the use impacts the market value of the original. Thomson Reuters prevailed on two of the four factors, but Bibas described the fourth as the most important, and ruled that Ross "meant to compete with Westlaw by developing a market substitute." "If this decision is followed elsewhere, it's really bad for the generative AI companies," says James Grimmelmann, Cornell University professor of digital and internet law. Chris Mammen, a partner at Womble Bond Dickinson who focuses on intellectual property law, adds: "It puts a finger on the scale towards holding that fair use doesn't apply."

Read more of this story at Slashdot.

Anduril will take over management and eventual manufacturing of the U.S. Army's Integrated Visual Augmentation System (IVAS) from Microsoft, a significant shift in one of the military's most ambitious augmented reality projects. The deal, which requires Army approval, could be worth over $20 billion in the next decade if all options are exercised, according to Bloomberg. The IVAS system, based on Microsoft's HoloLens mixed reality platform, aims to equip soldiers with advanced capabilities including night vision and airborne threat detection. Under the new arrangement, Microsoft will transition to providing cloud computing and AI infrastructure, while Anduril assumes control of hardware production and software development. The Army has planned orders for up to 121,000 units, though full production hinges on passing combat testing this year. The program has faced technical hurdles, with early prototypes causing headaches and nausea among soldiers. The current slimmer version has received better feedback, though cost remains a concern - the Army indicated the $80,000 per-unit price needs to "be substantially less" to justify large-scale procurement. Anduril founder Palmer Luckey, writing in a blog post: This move has been so many years in the making, over a decade of hacking and scheming and dreaming and building with exactly this specific outcome clearly visualized in my mind's eye. I can hardly believe I managed to pull it off. Everything I've done in my career -- building Oculus out of a camper trailer, shipping VR to millions of consumers, getting run out of Silicon Valley by backstabbing snakes, betting that Anduril could tear people out of the bigtech megacorp matrix and put them to work on our nation's most important problems -- has led to this moment. IVAS isn't just another product, it is a once-in-a-generation opportunity to redefine how technology supports those who serve. We have a shot to prove that this long-standing dream is no windmill, that this can expand far beyond one company or one headset and act as a a nexus for the best of the best to set a new standard for how a large collection of companies can work together to solve our nation's most important problems.

Read more of this story at Slashdot.

These crooks have no chill

A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims' computers with ransomware, then hijacks their cloud accounts to illegally mine for cryptocurrency.…

Google's Chrome browser might soon get a useful security upgrade: detecting passwords used in data breaches and then generating and storing a better replacement. From a report: Google's preliminary copy suggests it's an "AI innovation," though exactly how is unclear. Noted software digger Leopeva64 on X found a new offering in the AI settings of a very early build of Chrome. The option, "Automated password Change" (so, early stages -- as to not yet get a copyedit), is described as, "When Chrome finds one of your passwords in a data breach, it can offer to change your password for you when you sign in." Chrome already has a feature that warns users if the passwords they enter have been identified in a breach and will prompt them to change it. As noted by Windows Report, the change is that now Google will offer to change it for you on the spot rather than simply prompting you to handle that elsewhere. The password is automatically saved in Google's Password Manager and "is encrypted and never seen by anyone," the settings page claims.

Read more of this story at Slashdot.

The U.S. Federal Trade Commission has ordered DoNotPay to stop making deceptive claims about its AI chatbot advertised as "the world's first robot lawyer," in a ruling that requires the company to pay $193,000 in monetary relief. The final order, announced on February 11, follows FTC charges from September 2024 that DoNotPay's service failed to match the expertise of human lawyers when generating legal documents and giving advice. The company had not tested its AI's performance against human lawyers or hired attorneys to verify the accuracy of its legal services, the FTC said. Under the settlement, approved by commissioners in a 5-0 vote, DoNotPay must notify customers who subscribed between 2021 and 2023 about the FTC action and cannot advertise its service as equivalent to a human lawyer without supporting evidence.

Read more of this story at Slashdot.

Leading cybersecurity researchers at DEF CON, the world's largest hacker conference, have warned that current methods for securing AI systems are fundamentally flawed and require a complete rethink, according to the conference's inaugural "Hackers' Almanack" report [PDF]. The report, produced with the University of Chicago's Cyber Policy Initiative, challenges the effectiveness of "red teaming" -- where security experts probe AI systems for vulnerabilities -- saying this approach alone cannot adequately protect against emerging threats. "Public red teaming an AI model is not possible because documentation for what these models are supposed to even do is fragmented and the evaluations we include in the documentation are inadequate," said Sven Cattell, who leads DEF CON's AI Village. Nearly 500 participants tested AI models at the conference, with even newcomers successfully finding vulnerabilities. The researchers called for adopting frameworks similar to the Common Vulnerabilities and Exposures (CVE) system used in traditional cybersecurity since 1999. This would create standardized ways to document and address AI vulnerabilities, rather than relying on occasional security audits.

Read more of this story at Slashdot.

UK foreign secretary says Putin is running a 'corrupt mafia state'

One of the bulletproof hosting (BPH) providers used by the LockBit ransomware operation has been hit with sanctions in the US, UK, and Australia (AUKUS), along with six of its key allies.…

Seven of the 10 world's largest economies missed a deadline on Monday to submit updated emissions-cutting plans to the United Nations -- and only one, the UK, outlined a strategy for the next decade that keeps pace with expectations staked out under the Paris Agreement. From a report: All countries taking part in the UN process had been due to send their national climate plans for the next decade by Feb. 10, but relatively few got theirs in on time. Dozens more nations will likely come forward with updated plans within the next nine months before the UN's annual climate summit, known as COP30, kicks off in Brazil. The lack of urgency among the more than 170 countries that failed to file what climate diplomats refer to as "nationally determined contributions" (NDCs) adds to concerns about the world's continuing commitment to keeping warming to well below 2C, and ideally 1.5C, relative to pre-industrial levels. Virtually every country adopted those targets a decade ago in the landmark agreement signed in Paris, but a series of lackluster UN summits last year has added to a sense of backsliding. US President Donald Trump has already started the process of pulling the world's second-largest emitter out of the global agreement once again. Political leaders in Argentina, Russia and New Zealand have indicated they would like to follow suit.

Read more of this story at Slashdot.

End of the road in sight for venerable server

Administrators rejoice! The 2025 H1 Cumulative Update (aka CU15) for Exchange Server 2019 has finally arrived, marking the end of an era for the server application.…

Crowdfunding platform Kickstarter will start notifying supporters when a fundraising campaign faces "significant fulfillment failures" and breaks the platform's rules. From a report: The notification will also inform supporters how it's addressing the issue, including by "restricting the creator from launching future projects." The update comes as part of a series of changes Kickstarter plans to make this year that are aimed at "enhancing the backer experience and building trust in our community." Kickstarter has long faced challenges with scams and projects shutting down after raising thousands (or sometimes millions) of dollars, but this change should at least provide more transparency to backers.

Read more of this story at Slashdot.

More than a decade on, waste experts say the odds of finding those coins are next to nil

Denied permission to excavate a landfill in search of his missing Bitcoin, Newport, Wales resident James Howells has a new plan: buy the soon-to-be-capped dumping site outright from the city council.…

The European Union pledged to mobilize 200 billion euros ($206.15 billion) to invest in AI as the bloc seeks to catch up with the U.S. and China in the race to train the most complex models. From a report: European Commission President Ursula von der Leyen said that the bloc wants to supercharge its ability to compete with the U.S. and China in AI. The plan -- dubbed InvestAI -- includes a new 20 billion-euro fund for so-called AI gigafactories, facilities that rely on powerful chips to train the most complex AI models. "We want Europe to be one of the leading AI continents, and this means embracing a life where AI is everywhere," von der Leyen said at the AI Action Summit in Paris. The announcement underscores efforts from the EU to position itself as a key player in the AI race. The bloc has been lagging behind the U.S. and China since OpenAI's 2022 release of ChatGPT ushered in a spending bonanza. [...] The EU is aiming to establish gigafactories to train the most complex and large AI models. Those facilities will be equipped with roughly 100,000 last-generation AI chips, around four times more than the number installed in the AI factories being set up right now.

Read more of this story at Slashdot.