Linux fréttir

Google dumped io_uring after $1M in bug bounties

A proof-of-concept program has been released to demonstrate a so-called monitoring "blind spot" in how some Linux antivirus and other endpoint protection tools use the kernel's io_uring interface.…

South Korean telecom network SK Telecom is providing free SIM card replacements to all 25 million mobile subscribers following an April 19 security breach where malware compromised Universal Subscriber Identity Module data. Despite the company's announcement, only 6 million replacement cards will be available through May 2025. The stolen data potentially includes IMSI numbers, authentication keys, and network usage information, though customer names, identification details, and financial information remain secure. The primary risk is unauthorized SIM swapping attacks, where threat actors could clone SIM cards.

Read more of this story at Slashdot.

Carbon removal technologies, potentially a $250 billion market, are failing to gain traction as buyers remain scarce. The Intergovernmental Panel on Climate Change projects a need for 10 billion metric tons of carbon removals annually by 2050, yet only 175 million tons have been sold to date -- less than 2% of requirements. Microsoft dominates the market, accounting for 35% of all purchases and 76% of engineered removal solutions specifically. The market suffers from significant barriers: unproven technologies, vast price disparities ($80 per ton for forest projects versus $1,000 for direct air capture), and lack of standardization. Industry experts at a recent London gathering concluded that without more buyers willing to accept early adoption risks, the market cannot meaningfully grow.

Read more of this story at Slashdot.

The Karnataka High Court on Tuesday directed India's government to block Switzerland-based email service Proton Mail, citing national security concerns and law enforcement challenges. Justice M Nagaprasanna ordered authorities to initiate proceedings under Section 69A of the Information Technology Act to ban the service, while mandating immediate blocking of "offending URLs" until final decisions are made. The ruling followed a petition from M Moser Design Associates India, which claimed its female employees were targeted with obscene emails containing "AI-generated deepfake images" sent via Proton Mail. Petitioners argued Proton Mail operates servers outside India, making it inaccessible to law enforcement. The court noted several bomb threats to Indian schools were sent using the service, which has already been banned in Russia and Saudi Arabia. Additional Solicitor General Aravind Kamath, representing the government, said authorities would comply with the court's direction.

Read more of this story at Slashdot.

Luis von Ahn says small quality hits are a price worth paying to ride the wave

Duolingo has become the latest tech outfit to attempt to declare itself 'AI-first,' with CEO Luis von Ahn telling staff the biz hopes to gradually phase out contractors for work neural networks can take over.…

As Big Tech gets used to the pain, smaller vendors urged to up their game

Bitcoin mining has crossed a critical economic threshold, with costs now exceeding market value for most operators. According to data cited by CoinShares, large public mining companies spend over $82,000 to produce a single Bitcoin -- nearly double last quarter's figure -- while smaller operations face even steeper costs of approximately $137,000 per coin. With Bitcoin currently trading around $94,703, the math no longer works for most miners. The economics become particularly challenging in high-electricity-cost regions like Germany, where mining a single coin requires approximately $200,000. Industry analysts suggest larger mining operations are adapting by optimizing energy consumption and positioning their computational infrastructure for alternative uses. These companies can potentially lease their mining setups for other computational tasks during unprofitable mining periods, then resume mining when market conditions improve. For individual miners, however, the era of profitable home operations appears effectively over, as industrial-scale facilities with strategic positioning and optimized technology have fundamentally altered the mining landscape.

Read more of this story at Slashdot.

Cloud storage biz says 'baseless allegations' are attempts by analysts to profit

Cloud storage and backup provider Backblaze has denied accusations made by financial analysts of "sham accounting" and "insider dumping," as well as claims it inflated cash flow forecasts to hide its real performance.…

An anonymous reader shares a report: Reddit's top lawyer, Ben Lee, said the company is considering legal action against researchers from the University of Zurich who ran what he called an "improper and highly unethical experiment" by surreptitiously deploying AI chatbots in a popular debate subreddit. The University of Zurich told 404 Media that the experiment results will not be published and said the university is investigating how the research was conducted. As we reported Monday, researchers at the University of Zurich ran an "unauthorized" and secret experiment on Reddit users in the r/changemyview subreddit in which dozens of AI bots engaged in debates with users about controversial issues. In some cases, the bots generated responses which claimed they were rape survivors, worked with trauma patients, or were Black people who were opposed to the Black Lives Matter movement. The researchers used a separate AI to mine the posting history of the people they were responding to in an attempt to determine personal details about them that they believed would make their bots more effective, such as their age, race, gender, location, and political beliefs.

Read more of this story at Slashdot.

Hackers working for governments were responsible for the majority of attributed zero-day exploits used in real-world cyberattacks last year, per new research from Google. From a report: Google's report said that the number of zero-day exploits -- referring to security flaws that were unknown to the software makers at the time hackers abused them -- had dropped from 98 exploits in 2023 to 75 exploits in 2024. But the report noted that of the proportion of zero-days that Google could attribute -- meaning identifying the hackers who were responsible for exploiting them -- at least 23 zero-day exploits were linked to government-backed hackers. Among those 23 exploits, 10 zero-days were attributed to hackers working directly for governments, including five exploits linked to China and another five to North Korea.

Read more of this story at Slashdot.

Former Rear Admiral calls for National Guard online deployment and corporates to be held accountable

RSAC Russia used to be considered America's biggest adversary online, but over the past couple of years China has taken the role, and is proving highly effective at it.…

A former Disney employee who hacked into the company's servers to alter its restaurant menus, including falsifying allergen information and printing profane language, has been sentenced to three years in prison. From a report: Michael Scheuer, a Florida resident, was sentenced last week in federal court and ordered to pay nearly $690,000 in restitution, with most of that going to Disney. He pled guilty in January to one count of computer fraud and one count of aggravated identity theft. "Scheuer remains remorseful and apologetic to his former co-workers. We are grateful that the judge heard all of our arguments and mitigation when fashioning a sentence that was half of what the government was seeking," said David Haas, Scheuer's lawyer, in a statement to CNN. Scheuer worked as a menu production manager for Disney and was fired last June for misconduct, according to the original complaint. He had access to, and also used, secure internal servers for creating and publishing menus for all of Disney's restaurants as part of his job at the company.

Read more of this story at Slashdot.

The OS refresh brings Ryzen AI and Arrow Lake compatibility

Fresh from their respective bunkers, OpenBSD 7.7 and a new version of Plan 9 fork 9Front have dropped, bringing hardened security, obscure charm, and, oddly enough, artwork from the same designer.…

Top voices warn that political retaliation puts democracy and national defense at risk

The Electronic Frontier Foundation (EFF) and numerous infosec leaders are lobbying US President Donald Trump to drop his enduring investigation into Chris Krebs, claiming that targeting the former CISA boss amounts to bullying.…

Longtime Slashdot reader me34point5 writes: OpenBSD quietly released the new version (7.7) of its "secure by default" operating system. This is the 58th release. Changes include improved hardware and VMM support, along with many kernel improvements. This release brings several specific improvements, including performance boosts on ARM64, Arm SVE support, AMD SEV virtualization enhancements, better low-memory handling on i386, and improved suspend/hibernate and SMP performance. It also updates graphics drivers with support for AMD Ryzen IA 300, Radeon RX 9070, and Intel Arrow Lake, along with expanded hardware support for MediaTek SoCs. A full list of changes can be found here.

Read more of this story at Slashdot.

The good news: everyone's using it. The bad news: have you seen how they're using it?

OpenLogic's 2025 State of Open Source Report offers a slightly different perspective on modern corporate adoption of FOSS – and it's not a reassuring one.…

Artificial intelligence is helping Beijing's goons break in faster and stay longer

RSAC The biggest threat to US critical infrastructure, according to FBI Deputy Assistant Director Cynthia Kaiser, can be summed up in one word: "China."…

An anonymous reader shares a report: Amazon doesn't want to shoulder the blame for the cost of President Donald Trump's trade war. So the e-commerce giant will soon show how much Trump's tariffs are adding to the price of each product, according to a person familiar with the plan. The shopping site will display how much of an item's cost is derived from tariffs -- right next to the product's total listed price.

Read more of this story at Slashdot.

'We thought it was a really obvious way to build a processor and everybody would be doing it'

It is 40 years since the first Arm processor was powered up, and the UK's Centre for Computing History (CCH) celebrated in style, with speakers to mark the event, hardware on show, and a countdown to the anniversary.…

The once-celebrated partnership between OpenAI's Sam Altman and Microsoft's Satya Nadella is deteriorating amid fundamental disagreements over computing resources, model access, and AI capabilities, according to WSJ. The relationship that Altman once called "the best partnership in tech" has grown strained as both companies prepare for independent futures. Tensions center on several critical areas: Microsoft's provision of computing power, OpenAI's willingness to share model access, and conflicting views on achieving humanlike intelligence. Altman has expressed confidence OpenAI can build models with humanlike intelligence soon -- a milestone Nadella publicly dismissed as "nonsensical benchmark hacking" during a February podcast. The companies retain significant leverage over each other. Microsoft can block OpenAI's conversion to a for-profit entity, potentially costing the startup billions if not completed this year. Meanwhile, OpenAI's board can trigger contract clauses preventing Microsoft from accessing its most advanced technology. After Altman's brief ouster in 2023 -- dubbed "the blip" within OpenAI -- Nadella pursued an "insurance policy" by hiring DeepMind co-founder Mustafa Suleyman for $650 million to develop competing models. The personal relationship has also cooled, with the executives now communicating primarily through scheduled weekly calls rather than frequent text exchanges.

Read more of this story at Slashdot.