Linux fréttir

Sysadmins Rage Over Apple's 'Nightmarish' SSL/TLS Cert Lifespan Cuts

Slashdot - Wed, 2024-10-16 00:50
The Register's Jessica Lyons reports: Apple wants to shorten SSL/TLS security certificates' lifespans, down from 398 days now to just 45 days by 2027, and sysadmins have some very strong feelings about this "nightmarish" plan. As one of the hundreds that took to Reddit to lament the proposal said: "This will suck. My least favorite vendor manages something like 10 websites for us, and we have to provide the certs manually every time. Between live and test this is gonna suck." The Apple proposal, a draft ballot measure that will likely go up for a vote among Certification Authority Browser Forum (CA/B Forum) members in the upcoming months, was unveiled by the iThings maker during the Forum's fall meeting. If approved, it will affect all Safari certificates, which follows a similar push by Google, that plans to reduce the max-validity period on Chrome for these digital trust files down to 90 days. ... [W]hile it's generally agreed that shorter lifespans improve internet security overall -- longer certificate terms mean criminals have more time to exploit vulnerabilities and old website certificates -- the burden of managing these expired certs will fall squarely on the shoulders of systems administrators. [...] Even certificate provider Sectigo, which sponsored the Apple proposal, admitted that the shortened lifespans "will no doubt prove a headache for busy IT security teams, juggling with lots of certificates expiring at different times." While automation is often touted as the solution to this problem, sysadmins were quick to point out that some SSL certs can't be automated. "This is somewhat nightmarish," said one sysadmin. "I have about 20 appliance like services that have no support for automation. Almost everything in my environment is automated to the extent that is practical. SSL renewal is the lone achilles heel that I have to deal with once every 365 days."

Read more of this story at Slashdot.

Categories: Linux fréttir

Uncle Sam reportedly considers capping AI chip shipments to Middle East

TheRegister - Wed, 2024-10-16 00:15
Meanwhile, ASML shares plunge as China export curbs hit forecast

Amid fears that Middle Eastern nations are being used to funnel AI accelerators and other sensitive technologies to China, the Biden administration is reportedly considering capping shipments of the products to certain countries in the region.…

Categories: Linux fréttir

Trump's Coin Sale Misses Early Targets As Crypto Project's Website Crashes

Slashdot - Wed, 2024-10-16 00:10
Donald Trump's new crypto project, World Liberty Financial, had a rocky start today with frequent website outages during its token sale. According to CNBC, only about 4% of registered investors have bought tokens, and the project sold less than 3% of the 20 billion tokens available. From the report: WLF's website suffered regular and lengthy outages for much of the morning and early afternoon, contributing to a limited number of sales. Only about 4,300 unique walled addresses hold the token as of Tuesday afternoon, according to blockchain data tracked by Etherscan, representing roughly 4% of the total number of people who registered. The platform says it has sold more than 532 million tokens at 15 cents per token. That is less than 3% of the 20 billion tokens made available for public sale. Over the course of the day, the website frequently showed a page saying, "We are under maintenance." The glitchy launch is a potential setback to the Republican presidential nominee with just three weeks until the election. Trump and his family have been touting the project since August, branding it as "The DeFiant Ones," a play on DeFi, which is short for decentralized finance.

Read more of this story at Slashdot.

Categories: Linux fréttir

Pentagon stumped by mystery drone swarm flying over Langley Air Force Base

TheRegister - Tue, 2024-10-15 23:44
Not that there's anything important there – just F-22s and stuff

The former commander of the the Langley Air Force Base in Hampton, Virginia, has revealed an unidentified drone swarm buzzed the facility for 17 days last December.…

Categories: Linux fréttir

Cisco Investigates Breach After Stolen Data For Sale On Hacking Forum

Slashdot - Tue, 2024-10-15 23:30
Longtime Slashdot reader mprindle shares a report from BleepingComputer: Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. [...] This statement comes after a well-known threat actor named "IntelBroker" said that he and two others called "EnergyWeaponUser and "zjj" breached Cisco on October 6, 2024, and stole a large amount of developer data from the company. "Compromised data: Github projects, Gitlab Projects, SonarQube projects, Source code, hard coded credentials, Certificates, Customer SRCs, Cisco Confidential Documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products & More!," reads the post to a hacking forum. IntelBroker also shared samples of the alleged stolen data, including a database, customer information, various customer documentation, and screenshots of customer management portals. However, the threat actor did not provide further details about how the data was obtained.

Read more of this story at Slashdot.

Categories: Linux fréttir

Global EV Sales Up 30.5% In September

Slashdot - Tue, 2024-10-15 22:50
An anonymous reader quotes a report from Reuters: Global sales of fully electric and plug-in hybrid vehicles rose by an annual 30.5% in September, as China surpassed its record numbers recorded in August and Europe resumed growth, market research firm Rho Motion said on Tuesday. Gains in the U.S. market have been slow and steady in anticipation of the Nov. 5 election, which makes it difficult to predict future trends in the country, data manager Charles Lester told Reuters. EVs -- whether fully electric (BEV) or plug-in hybrids (PHEVs) -- sold worldwide reached 1.69 million in September, Rho Motion data showed. Sales in China jumped 47.9% in September and reached 1.12 million vehicles, while in the United States and Canada they were up 4.3% to 0.15 million. In Europe, EV sales rose 4.2% to 0.3 million units, thanks to a 24% jump in the United Kingdom and gains in Italy, Germany and Denmark, Lester said. In the Chinese market, the penetration rate of BEV and PHEV is growing faster than some expected and sales "could be a record every month until the end of the year", Lester said. He added that Germany's 7% year-on-year growth was "definitely positive news", and that intermediate carbon emission reduction goals set in the EU for next year will test the bloc's market.

Read more of this story at Slashdot.

Categories: Linux fréttir

Cisco confirms 'ongoing investigation' after crims brag about selling tons of data

TheRegister - Tue, 2024-10-15 22:30
IntelBroker claims the breach impacts Microsoft, SAP, AT&T, Verizon, T-Mobile US, and more

Cisco has confirmed it is investigating claims of stealing — and now selling — data belonging to the networking giant.…

Categories: Linux fréttir

Intel and AMD Form an x86 Ecosystem Advisory Group

Slashdot - Tue, 2024-10-15 22:10
Phoronix's Michael Larabel reports: Intel and AMD have jointly announced the creation of an x86 ecosystem advisory group to bring together the two companies as well as other industry leaders -- both companies and individuals such as Linux creator Linus Torvalds. Intel and AMD are forming this x86 ecosystem advisory group to help foster collaboration and innovations around the x86 (x86_64) ISA. [...] Besides Intel amd AMD, other founding members include Broadcom, Dell, Google, HPE, HP Inc, Lenovo, Microsoft, Oracle, and Red Hat. Here are the "intended outcomes" for the group, as stated in the press release: The intended outcomes include: - Enhancing customer choice and compatibility across hardware and software, while accelerating their ability to benefit from new, cutting-edge features. - Simplifying architectural guidelines to enhance software consistency and standardize interfaces across x86 product offerings from Intel and AMD. - Enabling greater and more efficient integration of new capabilities into operating systems, frameworks and applications.

Read more of this story at Slashdot.

Categories: Linux fréttir

Apple Announces New, Faster iPad Mini Built For Apple Intelligence

Slashdot - Tue, 2024-10-15 21:30
In a press release this morning, Apple announced a new iPad Mini with a faster A17 Pro chip that supports Apple Intelligence. The Verge reports: The new Mini is mostly a spec bump: it runs a new A17 Pro chip, which Apple says has a 30 percent faster CPU, 25 percent faster GPU, and a Neural Engine twice as fast as the previous model. The device also supports the new Apple Pencil Pro, which is a nice touch for the Mini-toting artists out there, and comes with 128GB of storage in the base model rather than 64GB. (Those AI models need all the space they can get.) The Wi-Fi 6E chip is faster, the USB-C port is faster, everything about the iPad Mini is the same as before only faster this time. The only real design change with the new Mini is the colors. Apple's gone more colorful with a lot of its products this year, and the Mini comes in new purple and blue models. In photos they look muted rather than vivid, though, so don't expect the eye-popping new colors on the iPhone 16.

Read more of this story at Slashdot.

Categories: Linux fréttir

DARPA pays $6M to see fully autonomous Black Hawk helicopters

TheRegister - Tue, 2024-10-15 21:00
Resupply like Call of Duty? Not yet - only one planned for now

The US military is betting the Black Hawk helicopter of the future won't need pilots, and it's giving the bird's maker Sikorsky $6 million to prove it. …

Categories: Linux fréttir

Spotify Criticized For Letting Fake Albums Appear On Real Artist Pages

Slashdot - Tue, 2024-10-15 20:48
An anonymous reader quotes a report from Ars Technica: This fall, thousands of fake albums were added to Spotify, with some appearing on real artist pages, where they're positioned to lure unsuspecting listeners into streaming by posing as new releases from favorite bands. An Ars reader flagged the issue after finding a fake album on the Spotify page of an UK psych rock band called Gong. The Gong fan knew that the band had begun touring again after a surprise new release last year, but the "latest release" listed by Spotify wasn't that album. Instead, at the top of Gong's page was a fake self-titled album supposedly released in 2024. The real fan detected the fake instantly, and not just because the generic electronic music sounded nothing like Gong's experimental sounds. The album's cover also gave the scheme away, using a generic font and neon stock image that invoked none of the trippy imagery that characterized Gong's typical album covers. Ars confirmed with Gong member Dave Sturt that the self-titled item was an obvious fake on Monday. At that time, Sturt said the band was working to get the junk album removed from its page, but as of Tuesday morning, that album remained online, along with hundreds of other albums uploaded by a fake label that former Spotify data "alchemist" Glenn McDonald flagged in a social media post that Spotify seemingly ignored. On his site, McDonald gathered the junk album data by label, noting that Beat Street Music, which has no web presence but released the fake Gong album, uploaded 240 junk albums on Friday alone. Similarly, Ancient Lake Records uploaded 471 albums on Friday. And Gupta Music added 483 just a few days prior, along with 600 junk albums from Future Jazz Records uploaded between September 30 and October 8. These junk albums don't appear to be specifically targeting popular artists, McDonald told Ars. Rather, generic music is uploaded under a wide range of one-word artist names. However, by using that tactic, some of these fake albums appeared on real artist pages, such as Gong, experimental rock band Swans, and English rock bands Asia and Yes. And that oversight is on Spotify, McDonald suggested. "We are aware of the issue, have relocated the content in question, and are considering our further options against the providing licensor," a Spotify spokesperson said. "When we identify or are alerted to attempts by bad actors to game the system, we take action that may include removing stream counts and withholding royalties. Spotify invests heavily in automated and manual reviews to prevent, detect, and mitigate the impact of bad actors attempting to collect unearned royalties."

Read more of this story at Slashdot.

Categories: Linux fréttir

Digital River runs dry, hasn't paid developers for sales since July

TheRegister - Tue, 2024-10-15 20:15
Vendor told El Reg the biz's law firm claims merchant debts aren’t valid obligations

Digital River has not paid numerous merchants since midsummer for software and digital products they sold through its MyCommerce platform.…

Categories: Linux fréttir

FCC Launches Formal Inquiry Into Why Broadband Data Caps Are Terrible

Slashdot - Tue, 2024-10-15 20:02
The Federal Communications Commission announced that it will open a renewed investigation into broadband data caps and how they impact both consumer experience and company competition. From a report: The FCC is soliciting stories from consumers about their experiences with capped broadband service. The agency also opened a formal Notice of Inquiry to collect public comment that will further inform its actions around broadband data caps. "Restricting consumers' data can cut off small businesses from their customers, slap fees on low-income families and prevent people with disabilities from using the tools they rely on to communicate," FCC Chairwoman Jessica Rosenworcel said. "As the nation's leading agency on communications, it's our duty to dig deeper into these practices and make sure that consumers are put first."

Read more of this story at Slashdot.

Categories: Linux fréttir

Sysadmins rage over Apple’s ‘nightmarish’ SSL/TLS cert lifespan cuts

TheRegister - Tue, 2024-10-15 19:45
Maximum validity down from 398 days to 45 by 2027

Apple wants to shorten SSL/TLS security certificates' lifespans, down from 398 days now to just 45 days by 2027, and sysadmins have some very strong feelings about this "nightmarish" plan. …

Categories: Linux fréttir

Apple Study Reveals Critical Flaws in AI's Logical Reasoning Abilities

Slashdot - Tue, 2024-10-15 19:21
Apple's AI research team has uncovered significant weaknesses in the reasoning abilities of large language models, according to a newly published study. MacRumors: The study, published on arXiv [PDF], outlines Apple's evaluation of a range of leading language models, including those from OpenAI, Meta, and other prominent developers, to determine how well these models could handle mathematical reasoning tasks. The findings reveal that even slight changes in the phrasing of questions can cause major discrepancies in model performance that can undermine their reliability in scenarios requiring logical consistency. Apple draws attention to a persistent problem in language models: their reliance on pattern matching rather than genuine logical reasoning. In several tests, the researchers demonstrated that adding irrelevant information to a question -- details that should not affect the mathematical outcome -- can lead to vastly different answers from the models.

Read more of this story at Slashdot.

Categories: Linux fréttir

Microsoft teases latest Windows 10 build despite looming end

TheRegister - Tue, 2024-10-15 19:00
Rearranging the deckchairs as support iceberg approaches

Microsoft has released a Windows Insider build of Windows 10 despite the impending end of support for many flavors of the operating system.…

Categories: Linux fréttir

More Colleges Set To Close in 2025, Even as 'Ivy Plus' Schools Experience Application Boom

Slashdot - Tue, 2024-10-15 18:40
Many colleges are under financial pressure, and the cracks are starting to show. From a report: At least 20 colleges closed in 2024, and more are set to shut down after the current academic year, according to the latest tally by Implan, an economic software and analysis company. Altogether, more than 40 colleges have closed since 2020, according to a separate report by Best Colleges. As the sticker price at some private colleges nears six figures a year, students have increasingly opted for less expensive public schools or alternatives to a four-year degree altogether, such as trade programs or apprenticeships. At the same time, the population of college-age students is also shrinking, a trend referred to as the "enrollment cliff."

Read more of this story at Slashdot.

Categories: Linux fréttir

VMware settles securities fraud class suit with $102.5M payout

TheRegister - Tue, 2024-10-15 18:15
Traded its shares between 2018 and 2020? You could cash in

Old accusations of securities fraud continue to dog VMware, with the virtualization juggernaut agreeing to pay $102.5 million to settle a shareholder suit over its alleged creation of an artificial sales backlog to hide slowing sales.…

Categories: Linux fréttir

Google's Chrome Browser Starts Disabling uBlock Origin

Slashdot - Tue, 2024-10-15 18:01
An anonymous reader shares a report: If you're a fan of uBlock Origin, don't be surprised if it stops functioning on Chrome. The Google-owned browser has started disabling the free ad blocker as part of the company's plan to phase out older "Manifest V2" extensions. On Tuesday, the developer of uBlock Origin, Raymond Hill, retweeted a screenshot from one user, showing the Chrome browser disabling the ad blocker. "These extensions are no longer supported. Chrome recommends that you remove them," the pop-up from the Chrome browser told the user. In response, Hill wrote: "The depreciation of uBO in the Chrome Web Store has started."

Read more of this story at Slashdot.

Categories: Linux fréttir

Intel, AMD, team with tech titans for x86 ISA overhaul

TheRegister - Tue, 2024-10-15 17:41
Linus Torvalds, Broadcom, Dell, HPE, and Lenovo on the list

The shape of the x86 instruction set architecture (ISA) is evolving. On Tuesday, Intel and AMD announced the formation of an ecosystem advisory group intended to drive greater consistency between the brands' x86 implementations.…

Categories: Linux fréttir

Pages

Subscribe to www.netserv.is aggregator - Linux fréttir