Linux fréttir

Customers booted from system and technical integration missing from upgrade

A UK bank serving charities has come under fire from customers unable to log in or make transactions on its new online platform.…

Minimalist glue code offers surprising lifeline for stubborn display setups

A new project addresses one of the biggest differences between how X11 and Wayland work, and that could be a winning combination.…

You probably don't need one, but it's nice to have the option

Let's Encrypt, a certificate authority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.…

Astronomers have detected a mysterious "interstellar object," dubbed A11pl3Z, speeding through the solar system at 152,000 mph. If confirmed, it would be just the third known interstellar visitor, following 'Oumuamua and Comet Borisov. The visiting space object will pass near Mars and the Sun later this year before leaving the solar system forever. Live Science reports: The newly discovered object, currently dubbed A11pl3Z, was first spotted in data collected between June 25 and June 29 by the Asteroid Terrestrial-impact Last Alert System (ATLAS), which automatically scans the night sky using telescopes in Hawaii and South Africa. The mystery object was confirmed by both NASA's Center for Near Earth Object Studies and the International Astronomical Union's Minor Planet Center on Tuesday (July 1), according to EarthSky.org. A11pl3Z is most likely a large asteroid, or maybe a comet, potentially spanning up to 12 miles (20 kilometers). It is traveling toward the inner solar system at around 152,000 mph (245,000 km/h) and is approaching us from the part of the night sky where the bar of the Milky Way is located. Based on A11pl3Z's speed and trajectory, experts think it originated from beyond the sun's gravitational influence and has enough momentum to shoot straight through our cosmic neighborhood without slowing down. However, more observations are needed to tell for sure.

Read more of this story at Slashdot.

Crims have cottoned on to a new way to lead you astray

AI-powered chatbots often deliver incorrect information when asked to name the address for major companies’ websites, and threat intelligence business Netcraft thinks that creates an opportunity for criminals.…

India, Japan, USA and Australia see risks and opportunities in rare earths

India, Japan, USA and Australia have launched a “Critical Minerals Initiative” they hope will harden supply chains.…

‘Eigen+’ finds instances likely to cause out of memory errors and makes sure they can’t do damage

Alibaba Cloud has revealed a cluster manager it says allows it to run databases more efficiently than its hyperscale rivals.…

An anonymous reader quotes a report from TechCrunch: A security vulnerability in a stealthy Android spyware operation called Catwatchful has exposed thousands of its customers, including its administrator. The bug, which was discovered by security researcher Eric Daigle, spilled the spyware app's full database of email addresses and plaintext passwords that Catwatchful customers use to access the data stolen from the phones of their victims. [...] According to a copy of the database from early June, which TechCrunch has seen, Catwatchful had email addresses and passwords on more than 62,000 customers and the phone data from 26,000 victims' devices. Most of the compromised devices were located in Mexico, Colombia, India, Peru, Argentina, Ecuador, and Bolivia (in order of the number of victims). Some of the records date back to 2018, the data shows. The Catwatchful database also revealed the identity of the spyware operation's administrator, Omar Soca Charcov, a developer based in Uruguay. Charcov opened our emails, but did not respond to our requests for comment sent in both English and Spanish. TechCrunch asked if he was aware of the Catwatchful data breach, and if he plans to disclose the incident to its customers. Without any clear indication that Charcov will disclose the incident, TechCrunch provided a copy of the Catwatchful database to data breach notification service Have I Been Pwned. The stalkerware operation uses a custom API and Google's Firebase to collect and store victims' stolen data, including photos and audio recordings. According to Daigle, the API was left unauthenticated, exposing sensitive user data such as email addresses and passwords. The hosting provider temporarily suspended the spyware after TechCrunch disclosed this vulnerability but it returned later on HostGator. Despite being notified, Google has yet to take down the Firebase instance but updated Google Play Protect to detect Catwatchful. While Catwatchful claims it "cannot be uninstalled," you can dial "543210" and press the call button on your Android phone to reveal the hidden app. As for its removal, TechCrunch has a general how-to guide for removing Android spyware that could be helpful.

Read more of this story at Slashdot.

"Slashdot regularly posts milestones on CO2 levels reported by the Mauna Loa Observatory," writes longtime Slashdot reader symbolset, pointing to a new article highlighting how the Trump administration's proposed budget would eliminate funding for the lab's carbon dioxide monitoring. "Continuous observation records since 1958 will end with the new federal budget as ocean and atmospheric sciences are defunded." From a report: [I]t's the Mauna Loa laboratory that is the most prominent target of the President Donald Trump's climate ire, as measurements that began there in 1958 have steadily shown CO2's upward march as human activities have emitted more and more of the planet-warming gas each year. The curve produced by the Mauna Loa measurements is one of the most iconic charts in modern science, known as the Keeling Curve, after Charles David Keeling, who was the researcher who painstakingly collected the data. His son, Ralph Keeling, a professor at the Scripps Institution of Oceanography at UC San Diego, now oversees collecting and updating that data. Today, the Keeling Curve measurements are made possible by the National Oceanic and Atmospheric administration, but the data gathering and maintenance of the historical record also is funded by Schmidt Sciences and Earth Networks, according to the Keeling Curve website. In the event of a NOAA shut down of the lab, Scripps could seek alternate sources of funding to host the instruments atop the same peak or introduce a discontinuity in the record by moving the instruments elsewhere in Hawaii. The proposal to shut down Mauna Loa had been made public previously but was spelled out in more detail on Monday when NOAA submitted a budget document (PDF) to Congress. It made more clear that the Trump administration envisions eliminating all climate-related research work at NOAA, as had been proposed in Project 2025, the conservative blueprint for overhauling the government. It would do this in large part by cutting NOAA's Office of Oceanic and Atmospheric Research entirely, including some labs that are also involved in improving weather forecasting. NOAA has long been one of the world's top climate science agencies, but the administration would steer it instead towards being more focused on operational weather forecasting and warning responsibilities.

Read more of this story at Slashdot.

Apple's expansion in India has hit a snag as Foxconn has sent over 300 Chinese workers back to China, potentially reducing production efficiency just as mass manufacturing of the iPhone 17 begins. AppleInsider reports: It's not known why Foxconn has done this, nor is it clear whether workers have been laid off or redeployed to the company's facilities in China. The move, though, does follow Beijing officials reportedly working to prevent firms moving away from China. Those officials are said to have been verbally encouraging China's local governments and regulatory bodies to curb exports of equipment or technologies to India and Southeast Asia. Overall, China has been making it harder for skilled labor to leave the country. It's not clear how any changes have specifically affected Chinese workers who had already left.What is clear is that Foxconn has used many experienced Chinese engineers as it attempts to rapidly expand in India. It's said, too, that Chinese managers have been vital in training Foxconn staff in India. Since that training has been ongoing for some years, and since at least most of Foxconn's production lines have been set up, it's said that there will not be an impact on the quality of manufacturing. But one source said the changes will impact efficiency on the production line.

Read more of this story at Slashdot.

A politically motivated hacker breached Columbia University's IT systems, stealing vast amounts of sensitive student and employee data -- including admissions decisions and Social Security numbers. The Record reports: The hacker reportedly provided Bloomberg News with 1.6 gigabytes of data they claimed to have stolen from the university, including information from 2.5 million applications going back decades. The stolen data the outlet reviewed reportedly contains details on whether applicants were rejected or accepted, their citizenship status, their university ID numbers and which academic programs they sought admission to. While the hacker's claims have not been independently verified, Bloomberg said it compared data provided by the hacker to that belonging to eight Columbia applicants seeking admission between 2019 and 2024 and found it matched. The threat actor reportedly told Bloomberg he was seeking information that would indicate whether the university continues to use affirmative action in admissions despite a 2023 Supreme Court decision prohibiting the practice. The hacker told Bloomberg he obtained 460 gigabytes of data in total -- after spending two months targeting and penetrating increasingly privileged layers of the university's servers -- and said he harvested information about financial aid packages, employee pay and at least 1.8 million Social Security numbers belonging to employees, applicants, students and their family members.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Intel's new chief executive is exploring a big change to its contract manufacturing business to win major customers, two people familiar with the matter told Reuters, in a potentially expensive shift from his predecessor's plans. The new strategy for Intel's foundry business would mean offering outside customers a newer generation of technology, the people said. That next-generation chipmaking process, analysts believe, will be more competitive against Taiwan Semiconductor Manufacturing Co in trying to land major customers such as Apple or Nvidia. Since taking the company's helm in March, CEO Lip-Bu Tan has moved fast to cut costs and find a new path to revive the ailing U.S. chipmaker. By June, he started voicing that a manufacturing process known as 18A, in which prior CEO Pat Gelsinger had invested heavily, was losing its appeal to new customers, said the sources, who spoke on condition of anonymity. To put aside external sales of 18A and its variant 18A-P, manufacturing processes that have cost Intel billions of dollars to develop, the company would have to take a write-off, one of the people familiar with the matter said. Industry analysts contacted by Reuters said such a charge could amount to a loss of hundreds of millions, if not billions, of dollars. Intel declined to comment on such "hypothetical scenarios or market speculation." It said the lead customer for 18A has long been Intel itself, and it aims to ramp production of its "Panther Lake" laptop chips later in 2025, which it called the most advanced processors ever designed and manufactured in the United States. Persuading outside clients to use Intel's factories remains key to its future. As its 18A fabrication process faced delays, rival TSMC's N2 technology has been on track for production. Tan's preliminary answer to this challenge: focus more resources on 14A, a next-generation chipmaking process where Intel expects to have advantages over Taiwan's TSMC, the two sources said. The move is part of a play for big customers like Apple and Nvidia, which currently pay TSMC to manufacture their chips.

Read more of this story at Slashdot.

Two accessory manufacturers have told The Verge that Nintendo has intentionally locked down the Switch 2's USB-C port using a new encryption scheme, preventing compatibility with third-party docks and accessories. "I haven't yet found proof of that encryption chip myself -- but when I analyzed the USB-C PD traffic with a Power-Z tester, I could clearly see the new Nintendo Switch not behaving like a good USB citizen should," writes The Verge's Sean Hollister. From the report: If you've been wondering why there are basically no portable Switch 2 docks on the market, this is the reason. Even Jsaux, the company that built its reputation by beating the Steam Deck dock to market, tells us it's paused its plans to build a Switch 2 dock because of Nintendo's actions. It's not simply because the Switch 2 now requires more voltage, as was previously reported; it's that Nintendo has made things even more difficult this generation.

Read more of this story at Slashdot.

Grammarly has acquired the AI email client Superhuman to enhance its AI-driven productivity suite and expand AI capabilities within email communication. Financial terms of the deal were not disclosed but Superhuman CEO Rahul Vohra and his team will be joining the AI writing company. TechCrunch reports: Superhuman was founded by Rahul Vohra, Vivek Sodera, and Conrad Irwin. The company raised more than $114 million in funding from backers including a16z, IVP, and Tiger Global, with its last valuation at $825 million, according to data from venture data analytics firm Traxcn. "With Superhuman, we can deliver that future to millions more professionals while giving our existing users another surface for agent collaboration that simply doesn't exist anywhere else. Email isn't just another app; it's where professionals spend significant portions of their day, and it's the perfect staging ground for orchestrating multiple AI agents simultaneously," Shishir Mehrotra, CEO of Grammarly, said in a statement. With this deal, CEO Vohra and other Superhuman employees are moving over to Grammarly. "Email is the main communication tool for billions of people worldwide and the number-one use case for Grammarly customers. By joining forces with Grammarly, we will invest even more in the core Superhuman experience, as well as create a new way of working where AI agents collaborate across the communication tools that we all use every day," Rahul Vohra, CEO of Superhuman, said in a statement.

Read more of this story at Slashdot.

The second max score this week for Netzilla - not a good look

If you're running the Engineering-Special (ES) builds of Cisco Unified Communications Manager or its Session Management Edition, you need to apply Cisco's urgent patch after someone at Switchzilla made a big mistake.…

An anonymous reader quotes a report from Ars Technica: Last week, OpenAI raised objections in court, hoping to overturn a court order requiring the AI company to retain all ChatGPT logs "indefinitely," including deleted and temporary chats. But Sidney Stein, the US district judge reviewing OpenAI's request, immediately denied OpenAI's objections. He was seemingly unmoved by the company's claims that the order forced OpenAI to abandon "long-standing privacy norms" and weaken privacy protections that users expect based on ChatGPT's terms of service. Rather, Stein suggested that OpenAI's user agreement specified that their data could be retained as part of a legal process, which Stein said is exactly what is happening now. The order was issued by magistrate judge Ona Wang just days after news organizations, led by The New York Times, requested it. The news plaintiffs claimed the order was urgently needed to preserve potential evidence in their copyright case, alleging that ChatGPT users are likely to delete chats where they attempted to use the chatbot to skirt paywalls to access news content. A spokesperson told Ars that OpenAI plans to "keep fighting" the order, but the ChatGPT maker seems to have few options left. They could possibly petition the Second Circuit Court of Appeals for a rarely granted emergency order that could intervene to block Wang's order, but the appeals court would have to consider Wang's order an extraordinary abuse of discretion for OpenAI to win that fight. In the meantime, OpenAI is negotiating a process that will allow news plaintiffs to search through the retained data. Perhaps the sooner that process begins, the sooner the data will be deleted. And that possibility puts OpenAI in the difficult position of having to choose between either caving to some data collection to stop retaining data as soon as possible or prolonging the fight over the order and potentially putting more users' private conversations at risk of exposure through litigation or, worse, a data breach. [...] Both sides are negotiating the exact process for searching through the chat logs, with both parties seemingly hoping to minimize the amount of time the chat logs will be preserved. For OpenAI, sharing the logs risks revealing instances of infringing outputs that could further spike damages in the case. The logs could also expose how often outputs attribute misinformation to news plaintiffs. But for news plaintiffs, accessing the logs is not considered key to their case -- perhaps providing additional examples of copying -- but could help news organizations argue that ChatGPT dilutes the market for their content. That could weigh against the fair use argument, as a judge opined in a recent ruling that evidence of market dilution could tip an AI copyright case in favor of plaintiffs.

Read more of this story at Slashdot.

A California jury has ordered Google to pay $314.6 million to Android smartphone users in the state after finding the company liable for collecting data from idle devices without permission. The San Jose jury ruled Tuesday that Google sent and received information from phones while idle, creating "mandatory and unavoidable burdens shouldered by Android device users for Google's benefit." The 2019 class action represented an estimated 14 million Californians who argued Google consumed their cellular data for targeted advertising purposes.

Read more of this story at Slashdot.

Two flaws in TeleMessage are 'frequent attack vectors for malicious cyber actors'

The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone TeleMessage TM SGNL, and has directed federal agencies to patch the flaws or discontinue use of the app by July 22.…

Amazon plans to shut down its standalone Freevee app in August, according to an in-app notice to users. From a report: The free, ad-supported streaming service is directing viewers to continue watching Freevee content on Prime Video. "Prime Video is the new exclusive home for Freevee Tv show, movies, and Live TV," the notice to readers states. "The Freevee app will be accessible until August 2025. Continue watching your favorite Free Originals and our library of hit movies, shows, and live TV on Prime Video for free, no subscription needed. Download Prime Video to get started and sign-in with your Amazon account."

Read more of this story at Slashdot.

China will launch digital IDs for internet use on July 15th, transferring online verification from private companies to government control. Users obtain digital IDs by submitting personal information including facial scans to police via an app. A pilot program launched one year ago enrolled 6 million people. The system currently remains voluntary, though officials and state media are pushing citizens to register for "information security." Companies will see only anonymized character strings when users log in, while police retain exclusive access to personal details. The program replaces China's existing system requiring citizens to register with companies using real names before posting comments, gaming, or making purchases. Police say they punished 47,000 people last year for spreading "rumours" online. The digital ID serves a broader government strategy to centralize data control. State planners classify data as a production factor alongside labor and capital, aiming to extract information from private companies for trading through government-operated data exchanges.

Read more of this story at Slashdot.