Linux fréttir

An anonymous reader quotes a report from Cybernews: Researchers at Cybernews have uncovered a major privacy breach involving WorkComposer, a workplace surveillance app used by over 200,000 people across countless companies. The app, designed to track productivity by logging activity and snapping regular screenshots of employees' screens, left over 21 million images exposed in an unsecured Amazon S3 bucket, broadcasting how workers go about their day frame by frame. The leaked data is extremely sensitive, as millions of screenshots from employees' devices could not only expose full-screen captures of emails, internal chats, and confidential business documents, but also contain login pages, credentials, API keys, and other sensitive information that could be exploited to attack businesses worldwide. After the company was contacted, access to the unsecured database was secured. An official comment has yet to be received.

Read more of this story at Slashdot.

Microsoft has announced native PyTorch support for Windows on Arm devices with the release of PyTorch 2.7, making it significantly easier for developers to build and run machine learning models directly on Arm-powered Windows machines. This eliminates the need for manual compilation and opens up performance gains for AI tasks like image classification, NLP, and generative AI. Neowin reports: With the release of PyTorch 2.7, native Arm builds for Windows on Arm are now readily available for Python 3.12. This means developers can simply install PyTorch using a standard package manager like pip. According to Microsoft: "This unlocks the potential to leverage the full performance of Arm64 architecture on Windows devices, like Copilot+ PCs, for machine learning experimentation, providing a robust platform for developers and researchers to innovate and refine their models."

Read more of this story at Slashdot.

Thousands face ax, more given RTO orders in drive to be more engineering-focused

Intel's new CEO Lip-Bu Tan is swinging the ax again, with another round of layoffs incoming as Chipzilla tries to reboot its core.…

AMD has open-sourced its "GPU-IOV Module" for enabling SR-IOV-based virtualization on Instinct accelerators using the Linux kernel and KVM hypervisor, with features like GPU scheduling and VF/PF management. Notably, AMD plans to extend this virtualization support to client Radeon GPUs. Phoronix reports: The AMD GPU-IOV Module is for the Linux kernel and for providing SR-IOV based hardware virtualization in conjunction with the KVM hypervisor. GIM provides the GPU IOV virtualization, virtual function (VF) configuration and enablement, GPU scheduling for world switch, hang detection and FLR reset, and PF/VF handshake capabilities. Initially the AMD GIM driver is for the Instinct MI300X hardware and tested atop Ubuntu 22.04 LTS with ROCm 6.4. Those interested can find the AMD GIM code currently via GitHub. It's not laid out in the repository or any other public communications I've seen what any upstreaming plans are for this GIM driver to get it into the mainline Linux kernel.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Russian military personnel are being targeted with recently discovered Android malware that steals their contacts and tracks their location. The malware is hidden inside a modified app for Alpine Quest mapping software, which is used by, among others, hunters, athletes, and Russian personnel stationed in the war zone in Ukraine. The app displays various topographical maps for use online and offline. The trojanized Alpine Quest app is being pushed on a dedicated Telegram channel and in unofficial Android app repositories. The chief selling point of the trojanized app is that it provides a free version of Alpine Quest Pro, which is usually available only to paying users. The malicious module is named Android.Spy.1292.origin. In a blog post, researchers at Russia-based security firm Dr.Web wrote: "Because Android.Spy.1292.origin is embedded into a copy of the genuine app, it looks and operates as the original, which allows it to stay undetected and execute malicious tasks for longer periods of time. Each time it is launched, the trojan collects and sends the following data to the C&C server: - the user's mobile phone number and their accounts; - contacts from the phonebook; - the current date; - the current geolocation; - information about the files stored on the device; - the app's version." If there are files of interest to the threat actors, they can update the app with a module that steals them. The threat actors behind Android.Spy.1292.origin are particularly interested in confidential documents sent over Telegram and WhatsApp. They also show interest in the file locLog, the location log created by Alpine Quest. The modular design of the app makes it possible for it to receive additional updates that expand its capabilities even further.

Read more of this story at Slashdot.

South Korea's data protection authority said on Thursday that Chinese artificial intelligence startup DeepSeek transferred user information and prompts without permission when the service was still available for download in the country's app market. From a report: The Personal Information Protection Commission said in a statement that Hangzhou DeepSeek Artificial Intelligence Co Ltd did not obtain user consent while transferring personal information to a number of companies in China and the United States at the time of its South Korean launch in January.

Read more of this story at Slashdot.

Cursor, Codium makers lose access as add-on goes exclusive

Microsoft's C/C++ extension for Visual Studio Code (VS Code) no longer works with derivative products such as VS Codium and Cursor – and some developers are crying foul.…

An anonymous reader shares a report: Apple will remove its secret robotics unit from the command of its artificial intelligence chief, the latest shake-up in response to the company's AI struggles. Apple plans to relocate the robotics team from John Giannandrea's AI organization to the hardware division later this month, according to people with knowledge of the move. That will place it under Senior Vice President John Ternus, who oversees hardware engineering, said the people, who asked not to be identified because the change isn't public. The pending shift will mark the second major project to be removed from Giannandrea in the past month: The company stripped the flailing Siri voice assistant from his purview in March.

Read more of this story at Slashdot.

At least it wasn't Harvard

Yale New Haven Health has notified more than 5.5 million people that their private details were likely stolen by miscreants who broke into the healthcare system's network last month.…

India's capital New Delhi plans to limit gasoline and diesel-powered cars a family can buy as well as ban sales of fuel-guzzling motorbikes and scooters, according to a draft policy aimed at cleaning up one of the world's most polluted cities. From a report: The measures represent one of the most drastic steps the city has lined up to tackle pollution, which often forces local authorities to ban some construction, shut schools and disrupt flights in the city of more than 30 million people during the winter season. Under Delhi's new electric vehicle policy, the city government will also waive some local taxes on the purchase of hybrids, putting them on par with concessions given to EVs, while imposing a new levy of 0.5 rupees ($0.0059) on every litre of petrol sales, according to the 74-page draft seen by Reuters. The primary objective "is to unlock the next phase of EV adoption, reduce air pollution and contribute to India's energy independence and net-zero targets," the draft stated.

Read more of this story at Slashdot.

Grand Theft Auto V topped Twitch viewership charts in 2024 with a staggering 1.4 billion hours watched, according to data released by the streaming platform. The 11-year-old game outperformed all competitors, including League of Legends, which also surpassed the billion-hour mark. Competitive shooters filled the remaining top spots, with Valorant recording 804 million hours, Fortnite exceeding 500 million, and Call of Duty reaching 451 million hours watched. V-Tubers -- streamers using animated avatars instead of showing their faces -- saw viewership increase by 10% year-over-year, accumulating over a billion hours watched collectively.

Read more of this story at Slashdot.

Watch your partitions – GPT and dual-boot don't always mix

While The Reg FOSS desk was on spring break, both the latest interim Ubuntu and latest Fedora debuted.…

Google's search AI is confidently generating explanations for nonexistent idioms, once again revealing fundamental flaws in large language models. Users discovered that entering any made-up phrase plus "meaning" triggers AI Overviews that present fabricated etymologies with unwarranted authority. When queried about phrases like "a loose dog won't surf," Google's system produces detailed, plausible-sounding explanations rather than acknowledging these expressions don't exist. The system occasionally includes reference links, further enhancing the false impression of legitimacy. Computer scientist Ziang Xiao from Johns Hopkins University attributes this behavior to two key LLM characteristics: prediction-based text generation and people-pleasing tendencies. "The prediction of the next word is based on its vast training data," Xiao explained. "However, in many cases, the next coherent word does not lead us to the right answer."

Read more of this story at Slashdot.

Male college enrollment in Lake County, Ohio plummeted by more than 15% over the last decade -- the steepest decline among any large U.S. county. Nationwide, men now constitute virtually the entirety of the 1.2 million student drop in college attendance between 2011 and 2022. Financial concerns dominate decision-making, with even public in-state education costing approximately $25,000 annually. One high school senior secured a $15/hour collision repair job, Bloomberg reports, calculating he'll earn "upwards of a grand every other week" while avoiding student debt. Social media significantly influences these choices. "You see a lot of influencers saying you don't need to go to college, and when people see that, they listen," explained one student from Perry High School.

Read more of this story at Slashdot.

This one weird trick can stop Windows updates dead in their tracks

Turns out Microsoft's latest patch job might need a patch of its own, again. This time, the culprit is a mysterious inetpub folder quietly deployed by Redmond, now hijacked by a security researcher to break Windows updates.…

US government agencies and Fortune 500 companies are turning to AI to modernize mission-critical systems built on COBOL, a programming language dating back to the late 1950s. The US Social Security Administration plans a three-year, $1 billion AI-assisted upgrade of its legacy COBOL codebase [alternative source], according to Bloomberg. Treasury Secretary Scott Bessent has repeatedly stressed the need to overhaul government systems running on COBOL. As experienced programmers retire, organizations face growing challenges maintaining these systems that power everything from banking applications to pension disbursements. Engineers now use tools like ChatGPT and IBM's watsonX to interpret COBOL code, create documentation, and translate it to modern languages.

Read more of this story at Slashdot.

UK org backing it promises 'legal certainty' for devs, money for creators... but is it too late?

A UK non-profit is planning to introduce a new licensing model which will allow developers of large language models to use copyrighted training data while paying the publishers it represents.…

The software-as-a-service industry is undergoing a fundamental transformation, abandoning the decades-old "per seat" licensing model in favor of usage-based pricing structures. This shift, Business Insider reports, is primarily driven by the astronomical compute costs associated with new "reasoning" AI models that power modern enterprise software. Unlike traditional generative AI, these reasoning models execute multiple computational loops to check their work -- a process called inference-time compute -- dramatically increasing token usage and operational expenses. OpenAI's o3-high model reportedly consumes 1,000 times more tokens than its predecessor, with a single benchmark response costing approximately $3,500, according to Barclays. Companies including Bolt.new, Vercel, and Monday.com have already implemented usage-based or hybrid pricing models that tie costs directly to AI resource consumption. ServiceNow maintains primarily seat-based pricing but has added usage meters for extreme cases. "When it goes beyond what we can credibly afford, we have to have some kind of meter," ServiceNow CEO Bill McDermott said, while emphasizing that customers "still want seat-based predictability."

Read more of this story at Slashdot.

A Government Accountability Office report released this week reveals generative AI systems consume staggering amounts of water, with 250 million daily queries requiring over 1.1 million gallons -- all while companies provide minimal transparency about resource usage. The 47-page analysis [PDF] found cooling data centers -- which demand between 100-1000 megawatts of power -- constitutes 40% of their energy consumption, a figure expected to rise as global temperatures increase. Water usage varies dramatically by location, with geography significantly affecting both water requirements and carbon emissions. Meta's Llama 3.1 405B model has generated 8,930 metric tons of carbon, compared to Google's Gemma2 at 1,247.61 metric tons and OpenAI's GPT3 at 552 metric tons. The report confirms generative AI searches cost approximately ten times more than standard keyword searches. The GAO asserted about persistent transparency problems across the industry, noting these systems remain "black boxes" even to their designers.

Read more of this story at Slashdot.

Collecting data from solo players is a Far Cry from being necessary, says noyb

For anyone who's ever been frustrated by the need to go online to play a single-player video game, the European privacy specialists at noyb have heard you, and they've filed a complaint against Ubisoft in Austria dealing specifically with the issue. …