Linux fréttir

Prepare to take tests in stuff you already know how to do, just to keep you sharp

Using AI may cause some of your skills atrophy, and your employer therefore needs to take steps to keep you sharp.…

Including messages sent to users, a potential problem for the privacy-conscious

Encrypted messaging app Signal is rolling out a free storage system for its users, with extra space if folks are willing to pay for it.…

An anonymous reader quotes a report from the Associated Press: For decades, scientists believed Prochlorococcus, the smallest and most abundant phytoplankton on Earth, would thrive in a warmer world. But new research suggests the microscopic bacterium, which forms the foundation of the marine food web and helps regulate the planet's climate, will decline sharply as seas heat up. A study published Monday in the journal Nature Microbiology found Prochlorococcus populations could shrink by as much as half in tropical oceans over the next 75 years if surface waters exceed about 82 degrees Fahrenheit (27.8 Celsius). Many tropical and subtropical sea surface temperatures are already trending above average and are projected to regularly surpass 86 degrees Fahrenheit (30 Celsius) over that same period. "These are keystone species -- very important ones," said Francois Ribalet, a research associate professor at the University of Washington's School of Oceanography and the study's lead author. "And when a keystone species decreases in abundance, it always has consequences on ecology and biodiversity. The food web is going to change." Prochlorococcus inhabit up to 75% of Earth's sunlit surface waters and produce about one-fifth of the planet's oxygen through photosynthesis. More crucially, Ribalet said, they convert sunlight and carbon dioxide into food at the base of the marine ecosystem. "In the tropical ocean, nearly half of the food is produced by Prochlorococcus," he said. "Hundreds of species rely on these guys." Though other forms of phytoplankton may move in and help compensate for the loss of oxygen and food, Ribalet cautioned they are not perfect substitutes. "Evolution has made this very specific interaction," he said. "Obviously, this is going to have an impact on this very unique system that has been established." The findings challenge decades of assumptions that Prochlorococcus would thrive as waters warmed. Those predictions, however, were based on limited data from lab cultures. For this study, Ribalet and his team tested water samples while traversing the Pacific over the course of a decade.

Read more of this story at Slashdot.

Brace for ‘loss of functionality’ next April, and an upsell conversation before that deadline

Citrix on Monday advised its customers that products acquired under its current file-based licensing system will experience “loss of functionality and potential impacts on end-users” next April, and that upgrading to a new cloudy licensing scheme is the way to avoid potential problems.…

alternative_right shares a report from The Guardian: It has been estimated that during the height of the coronavirus pandemic 129bn disposable face masks, mostly made from polypropylene and other plastics, were being used every month around the world. With no recycling stream, most ended up either in landfill or littered in streets, parks, beaches, waterways and rural areas, where they have now begun to degrade. Recent research has reported a significant presence of disposable face masks in both terrestrial and aquatic environments. They left newly bought masks of several different kinds for 24 hours in flasks containing 150ml of purified water, then filtered the liquid through a membrane to see what came out. Every mask examined ... leached microplastics, but it was the FFP2 and FFP3 masks -- marketed as the gold-standard protection against the transmission of the virus -- that leached the most, releasing four to six times as many. And they made an even more worrying discovery. Subsequent chemical analysis of the leachate found medical masks also released bisphenol B, an endocrine-disrupting chemical that acts like oestrogen when absorbed into the bodies of humans and animals. Taking into account the total amount of single-use face masks produced during the height of the pandemic, the researchers estimated they led to the release of 128-214kg of bisphenol B into the environment. The findings have been published in the journal Environmental Pollution.

Read more of this story at Slashdot.

Michelle Johnston Holthaus' tenure as Intel Products CEO lasted just ten months

Intel’s CEO of Products, Michelle Johnston Holthaus, will leave the business, as part of the latest executive shake-up since CEO Lip Bu Tan seized the company's reins.…

In a new interview with The Telegraph (paywalled), William Shatner revealed he has never earned residuals from reruns of the original Star Trek series, since syndication royalties weren't in place until after the show ended in 1969. "Nobody knew about reruns," said Shatner. "The concept of syndication only came in after 'Star Trek' was canceled when someone from the unions said: 'Wait a minute, you're replaying all those films, those shows.' There was a big strike. But in the end, the unions secured residual fees shortly after 'Star Trek' finished, so I didn't benefit." The now 94-year-old actor said he's actually only seen a "few" episodes of his work and has "never seen" any of the spinoffs. "I'm gonna tell you something that nobody knows. I've never seen another 'Star Trek' and I've seen as few 'Star Treks' of the show I was on, I've seen as few as possible," he told Entertainment Tonight. "I don't like to look at myself, and I've never seen any other. I love it, I think it's great. I just don't, you know, I don't watch television, per se."

Read more of this story at Slashdot.

Meta shrugs off allegations of improper dismissal, ignoring privacy and security

WhatsApp's former head of security, Attaullah Baig, has filed a lawsuit against its parent company, Meta, alleging that the social media megalith retaliated against him for reporting security failings that violated legal commitments.…

BrianFagioli shares a report from NERDS.xyz: Plex has alerted its customers about a security incident that may have affected user accounts. In an email sent to subscribers, the popular media server company confirmed that an unauthorized third party gained access to one of its databases. The breach exposed emails, usernames, and hashed passwords. Plex emphasized that passwords were encrypted following best practices, so attackers cannot simply read them. The company also reassured users that no credit card data was compromised, since Plex does not store that information on its servers. Still, out of caution, it is requiring all account holders to reset their credentials. Users are being directed to reset their passwords at plex.tv/reset. During the process, Plex recommends enabling the option to sign out all connected devices. This measure logs out every device associated with the account, including Plex Media Servers, forcing a fresh login with the updated password. The company says it has already fixed the method used by the intruder to gain entry and is conducting additional security reviews. Plex is also urging subscribers to enable two-factor authentication if they have not already done so.

Read more of this story at Slashdot.

Why reinvent the CPU wheel when you can spend your time engineering a way out of your dependence on Nvidia?

Every quarter, Nvidia CEO Jensen Huang is asked about the growing number of custom ASICs encroaching on his AI empire, and each time he downplays the threat, arguing that GPUs offer superior programmability in a rapidly changing environment.…

An anonymous reader quotes a report from Ars Technica: Last year, we reported on the efforts of classic iPod fans to preserve playable copies of the downloadable clickwheel games that Apple sold for a brief period in the late '00s. The community was working to get around Apple's onerous FairPlay DRM by having people who still owned original copies of those (now unavailable) games sync their accounts to a single iTunes installation via a coordinated Virtual Machine. That "master library" would then be able to provide playable copies of those games to any number of iPods in perpetuity. At the time, the community was still searching for iPod owners with syncable copies of the last few titles needed for their library. With today's addition of Real Soccer 2009 to the project, though, all 54 official iPod clickwheel games are now available together in an easily accessible format for what is likely the first time. [...] Now that the consolidated clickwheel game collection is complete, though, owners of any iPod 5G+ or iPod Nano 3G+ should be able to sync the complete library to their personal device completely offline, without worrying about any server checks from Apple. They can do that by setting up a Virtual Machine using these GitHub instructions or by downloading this torrented Internet Archive collection and creating their own Virtual Machine from the files contained therein. The effort was made possible by GitHub user Olsro, with help from other iPod enthusiasts. To Olsro, completing the project "means this whole part from the early 2000s will remain with us forever." He also expressed hope that "this Virtual Machine can also be useful towards any security [or] archeologist researcher who want to understand how the DRM worked."

Read more of this story at Slashdot.

'Stop this garbage already!'

The latest release candidate for Linux is out, but before its release, Linus Torvalds had something he wanted to get off his chest in his usual style.…

Kevin Barry, founder and sole developer of Nova Launcher, has left parent company Branch Metrics after being told to stop work on both the launcher and an open-source release. While the app remains on Google Play, the launcher's website currently shows a 404 error. The Verge reports: Mobile analytics company Branch Metrics acquired Nova in 2022. The company's CEO at the time, co-founder Alex Austin, said on Reddit that if Barry were to leave Branch, "it's contracted that the code will be open-sourced and put in the hands of the community." Austin left Branch in 2023, and now with Barry officially gone from the company, too, it's unclear if the launcher will now actually be open-sourced. "I think the newer leadership since Alex Austin left has put a different focus on the company and Nova simply isn't part of that focus in any way at all," Cliff Wade, Nova's former customer relations lead who left as part of the 2024 layoffs, tells The Verge. "It's just some app that they own but no longer feel they need or want." Wade also said that "I don't believe Branch will do the right thing any time soon with regards to open-sourcing Nova. I think they simply just don't care and don't want to invest time, unless of course, they get enough pressure from the community and individuals who care." Users have started a change.org petition to ask for the project to be open-sourced, and Wade says it's a "great start" to apply that pressure. Wade said he hasn't personally seen Barry's contract, so couldn't corroborate the claim of a contractual obligation to open-source Nova. Still, he said that the community "deserves" for the launcher to be open-sourced. "Branch just simply needs to do the right thing here and honor what they as a company have stated as well as what then CEO Alex Austin has stated numerous times prior to him leaving Branch."

Read more of this story at Slashdot.

Jaguar Land Rover has extended the shutdown of its UK and overseas factories after a cyberattack forced it to take IT systems offline, disrupting production, dealerships, and suppliers. The BBC reports: Jaguar Land Rover's (JLR) UK factories are now expected to remain closed until at least Wednesday after work was disrupted by a cyber attack just over a week ago. The car plants at Halewood and Solihull and its Wolverhampton engine facility, along with production facilities in Slovakia, China and India, have been unable to operate since the company fell victim to the cyber attack. Staff who work on the production lines have been told to remain at home. JLR shut down its IT systems in response to the attack on 31 August, in order to protect them from damage. However, this caused major disruption. [...] Under normal circumstances, the company builds about 1,000 cars a day. The production stoppage has had a significant impact on the company's suppliers, with some understood to have told their own staff not to come into work. As well as forcing the factories to stop building cars, it also left dealerships unable to register new cars and garages that maintain JLR vehicles unable to order the parts they needed -- although it is understood workarounds have since been put in place. The attack began at what is traditionally a popular time for consumers to take delivery of new vehicles. The latest batch of new registration plates became available on Monday, September 1.

Read more of this story at Slashdot.

Auditors find federal cybersecurity workforce data messy, incomplete, and unreliable

The US federal government employs tens of thousands of cybersecurity professionals at a cost of billions per year – or at least it thinks it does, as auditors have found the figures are incomplete and unreliable. …

An anonymous reader quotes a report from The Register: All work in IT departments will be done with the help of AI by 2030, according to analyst firm Gartner, which thinks massive job losses won't result. Speaking during the keynote address of the firm's Symposium event in Australia today, VP analyst Alicia Mullery said 81 percent of work is currently done by humans acting alone without AI assistance. Five years from now Gartner believes 75 percent of IT work will be human activity augmented by AI, with the remainder performed by bots alone. Distinguished VP analyst Daryl Plummer said this shift will mean IT departments gain labor capacity and will need to show they deserve to keep it. "You never want to look like you have too many people," he advised, before suggesting technology leaders consult with peers elsewhere in a business to identify value-adding opportunities IT departments can execute. Plummer said Gartner doesn't foresee an "AI jobs bloodbath" in IT or other industries for at least five years, adding that just one percent of job losses today are attributable to AI. He and Mullery did predict a reduction in entry-level jobs, as AI lets senior staff tackle work they would once have assigned to juniors. The two analysts also forecast that businesses will struggle to implement AI effectively, because the costs of running AI workloads balloon. ERP, Plummer said, has straightforward up-front costs: You pay to license and implement it, then to train people so they can use it. AI needs that same initial investment but few organizations can keep up with AI vendors' pace of innovation. Adopting AI therefore creates a requirement for near-constant exploration of use cases and subsequent retraining. Plummer said orgs that adopt AI should expect to uncover 10 unanticipated ancillary costs, among them the need to acquire new datasets, and the costs of managing multiple models. The need to use one AI model to check the output of others -- a necessary step to verify accuracy -- is another cost to consider. AI's hidden costs mean Gartner believes 65 percent of CIOs aren't breaking even on AI investments.

Read more of this story at Slashdot.

Meanwhile the victim count grows

The Salesloft Drift breach that compromised "hundreds" of companies including Google, Palo Alto Networks, and Cloudflare, all started with miscreants gaining access to the Salesloft GitHub account in March.…

An anonymous reader shares a report: In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. The package maintainer whose accounts were hijacked in this supply-chain attack confirmed the incident earlier today, stating that he was aware of the compromise and adding that the phishing email came from support [at] npmjs [dot] help, a domain that hosts a website impersonating the legitimate npmjs.com domain. In the emails, the attackers threatened that the targeted maintainers' accounts would be locked on September 10th, 2025, as a scare tactic to get them to click on the link redirecting them to the phishing sites.

Read more of this story at Slashdot.

Popular npm packages debug, chalk, and others hijacked in massive supply chain attack

Crims have added backdoors to at least 18 npm packages after developer Josh Junon inadvertently authorized a reset of the two-factor authentication protecting his npm account.…

Signal has begun rolling out end-to-end encrypted cloud backups in its latest Android beta release. The opt-in feature allows users to restore message history if their phone is lost or damaged. Free backups include all text messages and 45 days of media attachments. A $1.99 monthly subscription extends media storage to 100GB. Users generate a 64-character recovery key on their device that Signal's servers never access. Backups refresh daily, excluding view-once messages and those set to disappear within 24 hours. The nonprofit cited storage costs as the reason for its first paid tier. iOS and Desktop support will follow the Android rollout. Signal said it stores backup archives without linking them to specific user accounts or payment information.

Read more of this story at Slashdot.