Linux fréttir

Everything a criminal needs for targeted attacks exposed, but telco insists 'no critical data compromised'

A significant data theft at Orange Belgium has opened hundreds of thousands of its customers to serious cybersecurity risks.…

A complete shutdown of encrypted web traffic isolated China from the global internet for 74 minutes Wednesday morning, blocking citizens from accessing foreign websites and disrupting international business operations that depend on secure connections to offshore servers. The Great Firewall began injecting forged TCP RST+ACK packets to terminate all connections on port 443 at 00:34 Beijing time on August 20, according to activist group Great Firewall Report. The standard HTTPS port carries most modern web traffic, meaning Chinese users lost access to virtually all foreign-hosted websites while companies including Apple and Tesla couldn't connect to servers powering their basic services. The blocking device didn't match known Great Firewall hardware fingerprints, suggesting Beijing either deployed new censorship equipment or experienced a configuration error. No significant events requiring information blackout occurred during the outage window. Pakistan's internet traffic dropped significantly hours before China's incident, potentially connected through shared firewall technology.

Read more of this story at Slashdot.

Feds say Mirai-spawned botnet blasted 370K attacks before AWS and pals helped yank its servers

RapperBot, a botnet-for-hire blamed for hundreds of thousands of DDoS attacks, has been yanked offline by the Feds, who also hauled in its alleged Oregon-based mastermind.…

An anonymous reader quotes a report from Adweek: Meta wanted advertisers to believe its ecommerce ad product, Shops ads, was outperforming the competition, per a whistleblower complaint filed in a U.K. court. The former employee alleges the social media giant artificially inflated return on ad spend (ROAS) by counting shipping fees as revenue, subsidizing bids in ad auctions, and applying undisclosed discounts. The complaint, viewed by ADWEEK, was filed with the London Central Employment Tribunal on Wednesday (August 20) by Samujjal Purkayastha, a former product manager on Meta's Shops ads team. The document claims Meta artificially inflated performance metrics to push brands toward its fledgling ecommerce ad product. The company's motivation, the complaint says, was in part to combat Apple's 2021 privacy changes that cut the troves of iOS tracking information that had long powered Meta's ad machine. Meta's former chief financial officer (CFO), David Wehner, said the changes would cost "on the order of $10 billion" in losses during the company's Q4 2021 earnings call. User purchases on Facebook or Instagram Shops pages would provide more first-party data, however. Purkayastha, who joined Meta (then Facebook) in 2020 as a product manager on the Facebook Artificial Intelligence Applied Research team, was reassigned to the Shops Ads team in March 2022 and remained at the company until Feb. 19, 2025, when he was terminated. He alleged that during internal reviews in early 2024, Meta data scientists found the return on ad spend (ROAS) from Shops ads had been inflated between 17% and 19%. This discrepancy stemmed from Meta counting shipping fees and taxes as part of a sale, even though that money never went to merchants, he alleged. The company's other ad products exclude those figures, in line with competitors like Google, the complaint reads. Without including the fees and taxes, Shops ads performed no better than Meta's traditional ads, Purkayastha claimed. "This was significant," the complaint reads. "In addition to the ROAS performance metric being overstated by nearly a fifth, it meant that, rather than having exceeded our primary target, the Shops Ads team had in fact missed it once the figure was reduced to take account of the artificial inflation." Purkayastha raised these concerns with senior leadership in multiple meetings between 2022 and 2024, and is now seeking interim relief through his employment tribunal filing to have his former position reinstated. A Meta spokesperson told ADWEEK the company is "actively defending these proceedings," adding that "allegations related to the integrity of our advertising practices are without merit and we have full confidence in our performance review processes."

Read more of this story at Slashdot.

Another 'extremely sophisticated' exploit chewing at Cupertino's walled garden

Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks.…

Worried about your data? Not to worry, we'll check the dark web for you! Yes really

A week after its services were disrupted by a cyberattack, UK telco Colt Technology Services has gone back on its initial statement to confirm that data has indeed been stolen.…

Researcher claims extension didn't start out by exfiltrating info... while dev says its actions are 'compliant'

Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently appears to have begun snaffling screenshots of users' page activity and transmitting them to a remote server without their knowledge – and Google has yet to take it down.…

One fetcher bot seen smacking a website with 39,000 requests per minute

Cloud services giant Fastly has released a report claiming AI crawlers are putting a heavy load on the open web, slurping up sites at a rate that accounts for 80 percent of all AI bot traffic, with the remaining 20 percent used by AI fetchers. Bots and fetchers can hit websites hard, demanding data from a single site in thousands of requests per minute.…

Longtime Slashdot reader Xesdeeni writes: I received an email indicating Intuit will not support Windows 10 for the desktop versions of TurboTax starting this tax year. Laughably, they say "security is a top priority for us" before adding: "To use TurboTax Desktop software for tax year 2025, your computer will need to run on Microsoft Windows 11 [or] TurboTax Online." I'm just paranoid enough to use the desktop version, since at least it limits what they see to the forms they send to the IRS -- rather than everything. Even if I was willing to endure the added burden of printing and mailing the forms, this would be the end of that, since I'm out on Windows 11 for the reasons you already know. Here's what they sent: Hi there, We're reaching out to provide an update on TurboTax Desktop software for tax year 2025. After October 14, 2025, Microsoft will no longer provide software updates, technical assistance, or security fixes for Windows 10 operating system. Because security is a top priority for us, TurboTax Desktop software for tax year 2025 onwards will not be compatible with Windows 10 operating system. To use TurboTax Desktop software for tax year 2025, your computer will need to run on Microsoft Windows 11 operating system. You can also consider switching to TurboTax Online, which will work on any supported browser (available December 2025). For more resources and additional information about this change, go to this help article: How does the end of support for Windows 10 affect my TurboTax Desktop experience? Thanks for being part of the TurboTax family. Warm regards, The TurboTax Team Xesdeeni comments: "I've wanted a Linux offering for years now and only kept Windows for such limited products as this. I guess I can completely punt it now."

Read more of this story at Slashdot.

Compositional risk from multiple MCP Servers highlighted by report

Microsoft has declared general availability for MCP (model context protocol) servers in Visual Studio, likely to be the second most popular IDE after Visual Studio Code and with wide enterprise use.…

Fork runs Android apps and keeps old PCs ticking over ... all without signing into an account with the mothership

FydeOS is an alternative to ChromeOS Flex, but with a few significant differences – including Google-account-free operation.…

Google, TVA, and Kairos Power are teaming up to power data centers with advanced nuclear energy through a collaboration in Oak Ridge, Tennessee. The project aims to deliver 50 MW of nuclear energy by 2030. From a blog post: Today we announced the first deployment of Kairos Power's advanced nuclear reactor -- the Hermes 2 Plant in Oak Ridge, Tennessee -- through a new power purchase agreement (PPA) between Kairos Power and Tennessee Valley Authority (TVA). Marking the first purchase of electricity from an advanced GEN IV reactor by a U.S. utility, this agreement will enable 50 megawatts (MW) of nuclear energy on TVA's grid that powers our data centers in Montgomery County, Tennessee and Jackson County, Alabama. Last October, we began a long-term collaboration with Kairos Power to unlock up to 500 MW of nuclear power for the U.S. electricity system through multiple deployments of their small modular reactor. With this next step, we are creating a three-party solution where energy customers, utilities, and technology developers work together to advance new technologies that can help meet the world's growing energy needs with reliable, affordable capacity. Here's how it works: TVA will purchase electricity from Kairos Power's Hermes 2 plant, scheduled to begin operations in 2030. In this initial phase of the collaboration, we will procure clean energy attributes from the plant through TVA to help power our data centers in the region with locally sourced clean energy, every hour of every day.

Read more of this story at Slashdot.

US policymakers should take heed, says the Electronic Frontier Foundation

opinion Implementation of the U.K.'s Online Safety Act is giving internet users around the globe – including those in U.S. states moving to enact their own age verification laws – real-time proof that such laws impinge on everyone's rights to speak, read, and view freely. …

They’re cheap and grew up with AI … so you’re firing them why?

Amazon Web Services CEO Matt Garman has suggested firing junior workers because AI can do their jobs is “the dumbest thing I've ever heard.”…

Web giant reworks AI infra to improve utilization, with mix of chips from home and away

Chinese web giant Baidu is already breaking even with robotaxi operations in China and is confident they will be profitable once the company rolls into global markets.…

An anonymous reader quotes a report from Reuters: Serbian scientists have been experimenting with mealworms as a way to break down polystyrene. Larisa Ilijin, a principal research fellow at Belgrade's Institute for Biology, said the scientists had discovered that mealworms can digest various plastics, including polystyrene, which is used in packaging, insulation and food containers. In the project endorsed by the government and the United Nations' agency for international development, UNDP, and other international donors, they have been including the polystyrene in the regular food of the larval form of the yellow mealworm beetle, or Tenebrio molitor. They habitually eat more or less anything, but need the training to eat the plastic products. "We have larvae that have been adapted over a long time to biodegrade plastic, to be as efficient as possible in the process," Ilijin told Reuters. She said the bacteria living in their guts break down the plastic into carbon dioxide and water, and showed no evidence of leaving microplastic residue in their innards or faeces. The work builds on similar research projects in the U.S. and Africa. [...] The institute has given Belgrade-based Belinda Animals several containers of the mealworms. It is now breeding them and hoping to attract a network of similar farms. "When breaking down 1 kg of Styrofoam, larvae emit one to two grams of carbon dioxide ... If we incinerate it ... (Styrofoam) emits over 4,000 times more," owner Boris Vasiljev said. He also envisages the larvae being used as animal feed, should it reach a large commercial scale. The use of mealworms is still in its infancy, Ilijin said, as Serbia still needs to adopt regulations that would allow the use and sale of insect products for animal fodder. "Styrofoam takes over 500 years to decompose in nature ... this would be one of the good ways for solving the problem of plastic waste in nature," Ilijin said.

Read more of this story at Slashdot.

According to the Wall Street Journal, Meta has paused hiring in its artificial intelligence division after bringing on more than 50 researchers and engineers. "All that's happening here is some basic organizational planning: creating a solid structure for our new superintelligence efforts after bringing people on board and undertaking yearly budgeting and planning exercises," a spokesperson for Meta said in an emailed statement to Reuters. Over the last few months, Meta has been offering AI researchers salaries that dwarf those of the Manhattan Project and the Space Race. The company recently offered AI researcher Matt Deitke $250 million over four years (an average of $62.5 million per year), with potentially $100 million in the first year alone. Meta CEO Mark Zuckerberg reportedly also offered an unnamed AI engineer $1 billion in compensation to be paid out over several years.

Read more of this story at Slashdot.

Took out all traffic to port 443 at a time Beijing didn't have an obvious need to keep its netizens in the dark

China cut itself off from much of the global internet for just over an hour on Wednesday.…

A new review of nearly 700 studies on portable air cleaners found that over 90% of them were tested in empty spaces, not on people, leaving major gaps in evidence about whether these devices actually prevent infections or if they might even cause harm by releasing chemicals like ozone or formaldehyde. The Conversation reports: Many respiratory viruses, such as COVID-19 and influenza, can spread through indoor air. Technologies such as HEPA filters, ultraviolet light and special ventilation designs -- collectively known as engineering infection controls -- are intended to clean indoor air and prevent viruses and other disease-causing pathogens from spreading. Along with our colleagues across three academic institutions and two government science agencies, we identified and analyzed every research study evaluating the effectiveness of these technologies published from the 1920s through 2023 -- 672 of them in total. These studies assessed performance in three main ways: Some measured whether the interventions reduced infections in people; others used animals such as guinea pigs or mice; and the rest took air samples to determine whether the devices reduced the number of small particles or microbes in the air. Only about 8% of the studies tested effectiveness on people, while over 90% tested the devices in unoccupied spaces. We found substantial variation across different technologies. For example, 44 studies examined an air cleaning process called photocatalytic oxidation, which produces chemicals that kill microbes, but only one of those tested whether the technology prevented infections in people. Another 35 studies evaluated plasma-based technologies for killing microbes, and none involved human participants. We also found 43 studies on filters incorporating nanomaterials designed to both capture and kill microbes -- again, none included human testing.

Read more of this story at Slashdot.

Last week, following a recent U.S. Customs ruling, Apple reintroduced blood oxygen monitoring to certain Apple Watch models in the U.S., sidestepping an ITC import ban stemming from its legal dispute with medical device maker Masimo. Today, Masimo fired back with a new lawsuit against the U.S. Customs and Border Protection. 9to5Mac reports: The company says US Customs and Border Protection (CBP) overstepped its authority and violated due process when it reversed its earlier decision on August 1 and allowed Apple to restore the feature. Moreover, Masimo says it found out about the decision when Apple publicly announced the return of the feature: "It has now come to light that CBP thereafter reversed itself without any meaningful justification, without any material change in circumstances, and without any notice to Masimo, let alone an opportunity for Masimo to be heard. CBP changed its position on Apple's watch-plus-iPhone redesign through an ex parte proceeding. Specifically, on August 1, 2025, CBP issued an 3 ex parte ruling permitting Apple to import devices that, when used with iPhones already in the United States, perform the same functionality that the ITC found to infringe Masimo's patents. Masimo only discovered this ruling on Thursday, August 14, 2025, when Apple publicly announced it would be reintroducing the pulse oximetry functionality through a software update." The company is now asking the court for a temporary restraining order and preliminary injunction to block the CBP's decision, and reinstate the original ruling that "determined that Apple's redesigned watches could be imported only to the extent the infringing functionality was completely disabled." As reported by Bloomberg Law, Masimo says the following in its supporting brief: "Each passing day that this unlawful ruling remains in effect irreparably deprives Masimo of its right to be free from unfair trade practices and to preserve its competitive standing in the U.S. marketplace." Masimo further argues that CBP's move "effectively nullified" the ITC's exclusion order against Apple. Apple's appeal of that ban is still pending before the Federal Circuit.

Read more of this story at Slashdot.