Linux fréttir

The XB-1, a civilian supersonic jet developed by Boom Supersonic, successfully broke the sound barrier during a test flight over the Mojave Desert. It reached an altitude of 35,290 feet before accelerating to Mach 1.22, the company said in a press release. CBS News reports: It marks the first time an independently developed jet has broken the sound barrier, Boom Supersonic said, and the plane is the "first supersonic jet made in America." The sound barrier was broken for the first time in 1947, when Air Force pilot Capt. Chuck Yeager flew a rocket-propelled experimental aircraft across the Mojave Desert -- taking off from the Mojave Air and Space Port just as the XB-1 did. [...] The company will next focus its attention on Overture, a supersonic airliner that will ultimately "bring the benefits of supersonic flight to everyone," Boom Supersonic founder and CEO Blake Scholl said in a statement. The XB-1 jet will be the foundation for Overture, Boom Supersonic said, and many features present on the jet will also be incorporated into the supersonic airliner. The airliner will also use Boom Supersonic's bespoke propulsion system, Symphony, to run on "up to 100% sustainable aviation fuel." The company said the goal for the plane is for it to be able to carry between 64 and 80 passengers at Mach 1.7, or about 1,295 miles per hour. Existing subsonic airliners fly at between 550 and 600 miles per hour, according to charter company Bitlux. About 130 Overture planes have been pre-ordered, the company said. Airlines including American Airlines, United Airlines and Japan Airlines have placed pre-orders. The company finished building a "superfactory" in North Carolina in 2024, and will eventually produce 66 planes per year.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Apple-designed chips powering Macs, iPhones, and iPads contain two newly discovered vulnerabilities that leak credit card information, locations, and other sensitive data from the Chrome and Safari browsers as they visit sites such as iCloud Calendar, Google Maps, and Proton Mail. The vulnerabilities, affecting the CPUs in later generations of Apple A- and M-series chip sets, open them to side channel attacks, a class of exploit that infers secrets by measuring manifestations such as timing, sound, and power consumption. Both side channels are the result of the chips' use of speculative execution, a performance optimization that improves speed by predicting the control flow the CPUs should take and following that path, rather than the instruction order in the program. [...] The researchers published a list of mitigations they believe will address the vulnerabilities allowing both the FLOP and SLAP attacks. They said that Apple officials have indicated privately to them that they plan to release patches. In an email, an Apple representative declined to say if any such plans exist. "We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these types of threats," the spokesperson wrote. "Based on our analysis, we do not believe this issue poses an immediate risk to our users." FLOP, short for Faulty Load Operation Predictor, exploits a vulnerability in the Load Value Predictor (LVP) found in Apple's A- and M-series chipsets. By inducing the LVP to predict incorrect memory values during speculative execution, attackers can access sensitive information such as location history, email content, calendar events, and credit card details. This attack works on both Safari and Chrome browsers and affects devices including Macs (2022 onward), iPads, and iPhones (September 2021 onward). FLOP requires the victim to interact with an attacker's page while logged into sensitive websites, making it highly dangerous due to its broad data access capabilities. SLAP, on the other hand, stands for Speculative Load Address Predictor and targets the Load Address Predictor (LAP) in Apple silicon, exploiting its ability to predict memory locations. By forcing LAP to mispredict, attackers can access sensitive data from other browser tabs, such as Gmail content, Amazon purchase details, and Reddit comments. Unlike FLOP, SLAP is limited to Safari and can only read memory strings adjacent to the attacker's own data. It affects the same range of devices as FLOP but is less severe due to its narrower scope and browser-specific nature. SLAP demonstrates how speculative execution can compromise browser process isolation.

Read more of this story at Slashdot.

Big-game hunting to the extreme

Hellcat, the ransomware crew that infected Schneider Electric and demanded $125,000 in baguettes, has aggressively targeted government, education, energy, and other critical industries since it emerged around mid-2024.…

Hugging Face researchers are attempting to recreate DeepSeek's R1 artificial intelligence model in an open-source format, just days after the Chinese AI lab's release sent markets soaring. The project, called Open-R1, aims to replicate R1's reasoning capabilities while making its training data and code publicly available. DeepSeek's R1 model, which matches or surpasses OpenAI's o1 on several benchmarks, was released with a permissive license but keeps its underlying architecture private. Hugging Face will use its research server with 768 Nvidia H100 GPUs for the effort.

Read more of this story at Slashdot.

The Federal Communications Commission will abandon a proposal that would have banned mandatory internet service charges for apartment and condominium residents. FCC Chair Brendan Carr halted the Biden-era plan that sought to prevent landlords from requiring tenants to pay for specific broadband providers. Housing industry groups said they welcomed the decision, arguing bulk billing arrangements help secure discounted rates. They claim these agreements can reduce internet costs by up to 50%. However, public interest advocates, who backed the original proposal, contend that landlords don't always pass these savings to tenants.

Read more of this story at Slashdot.

From AI startup CISO to running federal IT - sure, why not?

The US has a new federal chief information officer who, based on his resume, has no prior experience as a CIO but is now tasked with overseeing IT operations and strategy for the entire federal government.…

Companies are planning smaller raises this year, according to a new survey of chief financial officers from Gartner. From a report: It's become harder to find a job, particularly in the white-collar world. So employers are far less worried about people quitting and don't need to do as much to get workers to stick around. "Nobody is talking about the Great Resignation anymore," says Randeep Rathindran, a vice president in the finance practice at Gartner. The vast majority of employers, 94%, are still planning raises this year, per Gartner, which surveyed 300 CFOs and finance executives. The amounts are just smaller now. The share of CFOs planning to raise average employee compensation by 4% or more in 2025 fell to 61% from 86% in 2023.

Read more of this story at Slashdot.

Pay no attention to the DeepSeek behind the headlines

OpenAI has announced ChatGPT Gov, a variant of the Enterprise version of the product specifically tailored for use by the US government.…

An anonymous reader shares a report: LinkedIn has removed at least two accounts that were created for AI "co-workers" whose profile images said they were "#OpenToWork." "I don't need coffee breaks, I don't miss deadlines, and I'll outperform any social media team you've ever worked with -- Guaranteed," the profile page for one of these AI accounts called Ella said. "Tired of human 'experts' making excuses? I deliver, period." The #OpenToWork flair on profile pictures is a feature on LinkedIn that lets people clearly signal they are looking for a job on the professional networking platform. "People expect the people and conversations they find on LinkedIn to be real," a LinkedIn spokesperson told me in an email. "Our policies are very clear that the creation of a fake account is a violation of our terms of service, and we'll remove them when we find them, as we did in this case." The AI profiles were created by an Israeli company called Marketeam, which offers "dedicated AI agents" that integrate with a client's marketing team and help them execute their marketing strategies "from social media and content marketing to SEO, RTM, ad campaigns, and more."

Read more of this story at Slashdot.

No wonder OpenAI needs $500B for Stargate

Americans could soon see the price of electronics skyrocket in response to a 25-100 percent import tariff on computer chips promised by US President Donald Trump on Monday.…

With all the AI hype swirling around, you'd think someone would've cracked this one already

Tracking down and preventing money laundering is a slow, time-consuming, manual procedure. DARPA is hoping it can provide some relief for exhausted analysts by automating the process. …

The Bulletin of Atomic Scientists moved their Doomsday Clock to 89 seconds before midnight on Tuesday, the closest to catastrophe in the timepiece's 78-year history. The Chicago-based group cited Russia's nuclear threats during its Ukraine invasion, growing tensions in the Middle East, China's military pressure near Taiwan, and the rapid advancement of AI as key factors. The symbolic clock, created in 1947 by scientists including Albert Einstein, moved one second closer than last year's setting.

Read more of this story at Slashdot.

Nvidia says its chips are still needed, OpenAI says it'll keep buying them en masse, but shares are still down

US tech shares, rattled yesterday by the release of a supposedly more efficient AI model by Chinese outfit DeepSeek, appear to have staunched the bleeding, but not recovered. …

The UK is considering making households who only use streaming services such as Netflix and Disney pay the BBC license fee, as part of plans to modernize the way it funds the public-service broadcaster. Bloomberg: Extending the fee to streaming applications is on a menu of options being discussed by Prime Minister Keir Starmer's office, the Treasury and the Department for Culture, Media and Sport, according to people familiar with the matter who asked not to be named discussing internal government deliberations. Alternatives under discussion include allowing the British Broadcasting Corp. to use advertising, imposing a specific tax on streaming services, and asking those who listen to BBC radio to pay a fee. The government is the early stages of examining how to overhaul the funding of Britain's public broadcaster when its current 11-year charter ends on Dec. 31, 2027. Ministers are looking to either retain and alter the current television license fee model or scrap it and instead fund the BBC through alternative models such as taxation or subscription. That's because viewing habits have changed as users gravitate toward on-demand services. [...] The license fee dates back to 1946, when consumers watched programs at the time of broadcast. It currently costs households who watch live TV or use BBC iPlayer $210.6 a year, an amount that usually rises annually with inflation. Even if they don't watch BBC programs, households are required to hold a TV license to view or stream programs live on sites including YouTube and Amazon Prime Video. However it's not needed by those who only watch on-demand, non-BBC content.

Read more of this story at Slashdot.

Official is official

Among the flurry of executive orders expelled from Donald J Trump following his inauguration as US President last week, one of the more impotent was "Restoring Names That Honor American Greatness."…

Garmin smartwatches are freezing in boot loops, users are reporting globally, with devices displaying a "blue triangle of death" when attempting GPS activities, affecting models across the Epix, Venu, Forerunner, Descent, and Fenix lines.

Read more of this story at Slashdot.

Qualifying orgs may get 2033 extension, just don’t call it a U-turn

SAP has confirmed that it will extend support for legacy systems beyond its previously stated deadlines for customers who have already signed up for a specific ERP cloud transition deal.…

Google says it will end Chrome Sync support for browser versions more than four years old starting in early 2025. Users running outdated Chrome versions will see error messages prompting them to update their browsers to maintain access to synced data across devices. Those unable to update to newer versions will permanently lose the syncing feature, according to the firm.

Read more of this story at Slashdot.

UK regulator files report on health of local sector, says technical barriers and Redmond's licensing practices hurting smaller rivals + customers

The UK's market regulator says "competition is not working as well as it could" in the local cloud services sector, and it plans to look harder at what AWS and Microsoft are doing – while giving Google a pass – in its Cloud Services Investigation.…

The UK's competition watchdog has found that its $11.2 billion cloud services market "is not working," with Amazon Web Services and Microsoft each controlling up to 40% of the market. In provisional findings released Tuesday, the Competition and Markets Authority said the lack of competition likely leads to higher costs and reduced innovation for UK businesses. The regulator has recommended designating both companies with "strategic market status," which would allow closer scrutiny of their practices, including Microsoft's software licensing and AWS's data transfer fees.

Read more of this story at Slashdot.