Linux fréttir

Leaders at CERN, Europe's particle-physics laboratory in Geneva, Switzerland, will introduce financial incentives for academic publishers to adopt open science policies as part of the organization's collective agreement with 11 particle-physics journals. From a report: The current scheme sees those journals publish work from the field openly and at no cost to authors, in exchange for bulk payments. Under the newly launched initiative, CERN will pay more to publishers that adopt polices such as use of public or open peer review and linking research to data sets, and less to those that do not. Some open-science specialists say the policy could be a game-changer in encouraging transparent science. Others caution that it could set a precedent for publishers to boost their fees in exchange for becoming more open. "Particle physics is large, international, highly complex, highly dynamic. Openness is the only really effective way of practising science in the discipline," says Kamran Naim, head of open science at CERN. The move comes as a result of CERN's success in encouraging journals that publish its work to do so more openly, through a programme called the Sponsoring Consortium for Open Access Publishing in Particle Physics (SCOAP3). SCOAP3 launched in 2014 and its members include 3,000 libraries, research funders and research organizations worldwide, all of which contribute to a common fund at CERN. This is used to pay annual or quarterly lump sums to journals, in amounts depending on how many papers they publish. The initiative has so far supported the publication of more than 70,000 open-access articles. It has an annual budget of around $10.4 million.

Read more of this story at Slashdot.

SYSTEM-level command injection via API parameter *chef's kiss*

A now-fixed command-injection bug in Kubernetes can be exploited by a remote attacker to gain code execution with SYSTEM privileges on all Windows endpoints in a cluster, and thus fully take over those systems, according to Akamai researcher Tomer Peled.…

Google will take firmer action against British businesses that use fake reviews to boost their star ratings on the search giant's reviews platform. From a report: The UK's Competition and Markets Authority (CMA) announced on Friday that Google has agreed to improve its processes for detecting and removing fake reviews, and will take action against the businesses and reviewers that post them. This includes deactivating the ability to add new reviews for businesses found to be using fake reviews, and deleting all existing reviews for at least six months if they repeatedly engage in suspicious review activity. Google will also place prominent "warning alerts" on the Google profiles of businesses using fake reviews to help consumers be more aware of potentially misleading feedback. Individuals who repeatedly post fake or misleading reviews on UK business pages will be banned and have their review history deleted, even if they're located in another country.

Read more of this story at Slashdot.

Calamity Capsule continues to be calamitous for the bottom line

Boeing is warning of another hit to its bottom line, at least partly at the hands of the company's Calamity Capsule, the CST-100 Starliner.…

5 indicted as FBI warns North Korea dials up aggression, plus Russian devs allegedly get in on the act

The US is indicting yet another five suspects it believes were involved in North Korea's long-running, fraudulent remote IT worker scheme – including one who changed their last name to "Bane" and scored a gig at a tech biz in San Francisco.…

Chinese venture capital and private equity firm HongShan, formerly part of Sequoia, said on Friday it has struck a deal to acquire a majority stake in Marshall in a deal valuing the audio equipment maker at $1.15 billion.

Read more of this story at Slashdot.

Hyperscaler mystery deepens as Hertfordshire braces for bit barn blitz

Approval was last night granted for a mega datacenter in Hertfordshire, close to London's M25 orbital motorway, clearing the way for construction to begin. The identity of the eventual occupier, said to be a hyperscale operator, has yet to be disclosed.…

An anonymous reader quotes a report from Ars Technica: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can't be leveraged by competing groups or detected by defenders. One countermeasure is to equip the backdoor with a passive agent that remains dormant until it receives what's known in the business as a "magic packet." On Thursday, researchers revealed that a never-before-seen backdoor that quietly took hold of dozens of enterprise VPNs running Juniper Network's Junos OS has been doing just that. J-Magic, the tracking name for the backdoor, goes one step further to prevent unauthorized access. After receiving a magic packet hidden in the normal flow of TCP traffic, it relays a challenge to the device that sent it. The challenge comes in the form of a string of text that's encrypted using the public portion of an RSA key. The initiating party must then respond with the corresponding plaintext, proving it has access to the secret key. The lightweight backdoor is also notable because it resided only in memory, a trait that makes detection harder for defenders. The combination prompted researchers at Lumin Technology's Black Lotus Lab to sit up and take notice. "While this is not the first discovery of magic packet malware, there have only been a handful of campaigns in recent years," the researchers wrote. "The combination of targeting Junos OS routers that serve as a VPN gateway and deploying a passive listening in-memory only agent, makes this an interesting confluence of tradecraft worthy of further observation." The researchers found J-Magic on VirusTotal and determined that it had run inside the networks of 36 organizations. They still don't know how the backdoor got installed.

Read more of this story at Slashdot.

The U.S. may have led China in the AI race for the past decade, according to Alexandr Wang, CEO of Scale AI, but on Christmas Day, everything changed. From a report: Wang, whose company provides training data to key AI players including OpenAI, Google and Meta , said Thursday at the World Economic Forum in Davos, Switzerland, that DeepSeek, the leading Chinese AI lab, released an "earth-shattering model" on Christmas Day, then followed it up with a powerful reasoning-focused AI model, DeepSeek-R1, which competes with OpenAI's recently released o1 model. "What we've found is that DeepSeek ... is the top performing, or roughly on par with the best American models," Wang said. In an interview with CNBC, Wang described the artificial intelligence race between the U.S. and China as an "AI war," adding that he believes China has significantly more Nvidia H100 GPUs -- AI chips that are widely used to build leading powerful AI models -- than people may think, especially considering U.S. export controls. [...] "The United States is going to need a huge amount of computational capacity, a huge amount of infrastructure," Wang said, later adding, "We need to unleash U.S. energy to enable this AI boom." DeepSeek's holding company is a quant firm, which happened to have a lot of GPUs for trading and mining. DeepSeek is their "side project."

Read more of this story at Slashdot.

New double-digit vintage goes well with all sorts of things

After 32 years of maturation, even now, WINE is Not an Emulator, but it can work alongside them to run Windows apps on Arm Linux.…

28nm and fatter processes first, says minister, as semiconductor supply chain players move to cash in

India's ambition to become a semiconductor manufacturing player will bear fruit later this year with the debut of the first silicon designed and built in the nation.…

Longtime Slashdot readers smooth wombat and AmiMoJo shares a fusion energy breakthrough from China. Charming Science reports: China's "artificial sun," officially known as the Experimental Advanced Superconducting Tokamak (EAST), has achieved a groundbreaking milestone in fusion energy research. According to the Chinese Academy of Sciences (CAS), EAST recently sustained high-confinement plasma operation for an unprecedented 1,066 seconds, shattering the previous world record of 403 seconds, also set by EAST in 2023. [...] The 1,000-second mark is considered a critical threshold in fusion research. Sustaining plasma for such extended durations is essential for demonstrating the feasibility of operating fusion reactors. This breakthrough, accomplished by the Institute of Plasma Physics under the CAS, signifies a major leap towards realizing the potential of fusion energy. [...] The success of EAST's recent experiment can be attributed to several key advancements. Researchers have made significant strides in improving the stability of the heating system, enhancing the accuracy of the control system, and refining the precision of the diagnostic systems. Warning: the source originates from China Daily, an English-language daily newspaper owned by the Central Propaganda Department of the Chinese Communist Party. It's rated "questionable" by Media Bias/Fact Check because of its association with the CCP.

Read more of this story at Slashdot.

Then suggested a bloke down the pub might be able to help fix it

On Call Friday brings the prospect of spending time with loved ones. But before we get there, The Register offers another instalment of On Call, the column that chronicles experiences from the global family of readers who have traumatic tech support tales to tell.…

President Donald Trump signed an executive order on AI Thursday that will revoke past government policies his order says "act as barriers to American AI innovation." From a report: To maintain global leadership in AI technology, "we must develop AI systems that are free from ideological bias or engineered social agendas," Trump's order says. The new order doesn't name which existing policies are hindering AI development but sets out to track down and review "all policies, directives, regulations, orders, and other actions taken" as a result of former President Joe Biden's sweeping AI executive order of 2023, which Trump rescinded Monday. Any of those Biden-era actions must be suspended if they don't fit Trump's new directive that AI should "promote human flourishing, economic competitiveness, and national security." Last year, the Biden administration issued a policy directive that said U.S. federal agencies must show their artificial intelligence tools aren't harming the public, or stop using them. Trump's order directs the White House to revise and reissue those directives, which affect how agencies acquire AI tools and use them.

Read more of this story at Slashdot.

Paint a target on Myanmar, pledge more info-sharing to get the job done

A group established by six Asian nations to fight criminal cyber-scam slave camps that infest the region claims it’s made good progress dismantling the operations.…

Longtime Slashdot reader schwit1 shares a report from MotorTrend: A coming ground-fault circuit-interrupter revision could make slow-charging your car nearly impossible. The National Fire Protection Agency (NFPA) publishes a new National Electric Code every three years, and we almost never notice or care. But the next one, NFPA 70 2026, has the Society of Automotive Engineers (SAE) electric-vehicle charging subcommittee, OEMs, and companies in the EV Supply Equipment (EVSE, or charger) biz mightily concerned. That's because it proposes to require the same exact ground-fault circuit-interrupter protection that makes you push that little button on your bathroom outlet every time the curling iron won't heat up. Only now, that reset button will often be down in an electric panel, maybe locked in a room where you can't reset it. If EV drivers can't reliably plug in and expect their cars to charge overnight at home or while at work, those cars will become far less practical. [...] The national code doesn't care what you're plugging in, but vehicle chargers deserve their own carve-out. That's because no current ever flows until the charger has verified a solid ground connection from car to charger and from charger to electrical panel. They also include their own GFPE (Ground Fault Protection of Equipment), which is intended to protect equipment and is permitted to trip at values larger than 5mA, often in the 15-20mA range. That's why this new code REALLY needs to set a higher supply-side cutout (like what is allowed for marine vehicle shore power, which is up to 30mA). Because even if the Special Purpose GFCI with its 15-20mA trip level were allowed, it would be a 50/50 chance that any fault would trip the electrical-supply breaker or the device's internal breaker. But while the device is programmed to automatically reset and try again, the panel requires a manual reset. There is one EV-charger carve-out: Bi-directional chargers are exempt. This problematic application of 5 mA trip to most 240-volt equipment was added into this regulation late, during a second draft, and now the only way to head it off is for interested parties (SAE, OEMs, and EVSE manufacturers) to register their notice of motion in February for consideration in March. This isn't a government regulation, so it's utterly unaffected by the change in federal administration. These are functionary folks with minimal experience of EV charging, so the arguments must aim to convince the NFPA that implementing this code as is could grossly embarrass the Agency. (Understanding that any such embarrassment will only arise after buildings and projects are completed under the new code.)

Read more of this story at Slashdot.

'Public interest alone does not justify warrantless querying' says judge

It was revealed this week a court in New York made a landmark ruling that sided against the warrantless state surveillance of people's private communications in America.…

An anonymous reader quotes a report from The Verge: TerraPower, a nuclear energy startup founded by Bill Gates, struck a deal this week with one of the largest data center developers in the US to deploy advanced nuclear reactors. TerraPower and Sabey Data Centers (SDC) are working together on a plan to run existing and future facilities on nuclear energy from small reactors. A memorandum of understanding signed by the two companies establishes a "strategic collaboration" that'll initially look into the potential for new nuclear power plants in Texas and the Rocky Mountain region that would power SDC's data centers. [...] There's still a long road ahead before that can become a reality. The technology TerraPower and similar nuclear energy startups are developing still have to make it through regulatory hurdles and prove that they can be commercially viable. Compared to older, larger nuclear power plants, the next generation of reactors are supposed to be smaller and easier to site. Nuclear energy is seen as an alternative to fossil fuels that are causing climate change. But it still faces opposition from some advocates concerned about the impact of uranium mining and storing radioactive waste near communities. TerraPower's reactor design for this collaboration, Natrium, is the only advanced technology of its kind with a construction permit application for a commercial reactor pending with the U.S. Nuclear Regulatory Commission, according to the company. The company just broke ground on a demonstration project in Wyoming last year, and expects it to come online in 2030.

Read more of this story at Slashdot.

The World Economic Forum's Global Risks Report 2025 (PDF) highlights misinformation as the top global risk due to generative AI tools and state-sponsored campaigns undermining democratic systems, while cyberespionage ranks as a persistent threat with inadequate cyber resilience, especially among small organizations. From a report: The manipulation of information through gen AI and state-sponsored campaigns is disrupting democratic systems and undermining public trust in critical institutions. Efforts to combat this risk have a "formidable opponent" in gen AI-created false or misleading content that can be produced and distributed at scale, the report warned. Misinformation campaigns in the form of deepfakes, synthetic voice recordings or fabricated news stories are now a leading mechanism for foreign entities to influence "voter intentions, sow doubt among the general public about what is happening in conflict zones, or tarnish the image of products or services from another country." This is especially acute in India, Germany, Brazil and the United States. Concern remains especially high following a year of the so-called "super elections," which saw heightened state-sponsored campaigns designed to manipulate public opinion. But while it has become increasingly difficult to distinguish AI-generated fake content from human-generated one, AI technologies, in itself, is low in WEF's risk ranking. In fact, it has declined in the two-year outlook, from 29 in last year's report to 31 this year. Cyberespionage and warfare continue to be a reason for unease for most organizations, ranked fifth in the global risk landscape. According to the report, one in three CEOs cited cyberespionage and intellectual property theft as their top concerns in 2024. Seventy-one percent of chief risk officers say cyber risk and criminal activity such as money laundering and cybercrime could severely impact their organizations, while 45% of cyber leaders are concerned about disruption of operations and business processes, according to WEF's Global Cybersecurity Outlook 2025 report. The rising likelihood of threat actor activity and sophisticated technological disruption is listed as immediate concerns among security leaders.

Read more of this story at Slashdot.

Who guards the guardrail makers? Not the bosses who hire them, it's alleged

Scale AI, which labels training data for machine-learning models, was sued this month, alongside labor platform Outlier, for allegedly failing to protect the mental health of contractors hired to protect people from harmful interactions with AI models.…