Linux fréttir

So much for Jensen's million-dollar dinner at Mar-a-Lago

World War Fee The Trump administration's latest salvo in the US-China trade war has forced Nvidia to take a $5.5 billion charge, the GPU goliath revealed in a Tuesday regulatory filing that sent its stock tumbling in after-hours trading.…

4chan was reportedly hacked Monday night, with rival imageboard Soyjack Party claiming responsibility and sharing screenshots suggesting deep access to 4chan's databases and admin tools. Ars Technica reports: Security researcher Kevin Beaumont described the hack as "a pretty comprehensive own" that included "SQL databases, source, and shell access." 404Media reports that the site used an outdated version of PHP that could have been used to gain access, including the phpMyAdmin tool, a common attack vector that is frequently patched for security vulnerabilities. Ars staffers pointed to the presence of long-deprecated and removed functions like mysql_real_escape_string in the screenshots as possible signs of an old, unpatched PHP version. In other words, there's a possibility that the hackers have gained pretty deep access to all of 4chan's data, including site source code and user data.

Read more of this story at Slashdot.

Because vulnerability management has nothing to do with national security, right?

US government funding for the world's CVE program – the centralized Common Vulnerabilities and Exposures database of product security flaws – ends Wednesday.…

An anonymous reader quotes a report from SecurityWeek: Insurance firm Lemonade is notifying roughly 190,000 individuals that their driver's license numbers were likely exposed due to a technical glitch. Copies of the notification letter that were submitted to regulators in several states show that the incident involved an online application that enables individuals to obtain car insurance quotes and purchase policies. According to the company, a vulnerability in the car insurance quote flow resulted in the exposure of certain driver's license numbers for identifiable individuals. The vulnerability has been addressed, Lemonade says. Between April 2023 and September 2024, the platform transmitted the information unencrypted, which the company says allowed driver's license numbers to be accessed without authorization. "We have no evidence to suggest that your driver's license number has been misused but we are providing this notice as a precaution to inform potentially affected individuals and share some steps you can take to help protect yourself," the company's notification letter reads. The insurer is providing the impacted individuals with 12 months of free credit monitoring and identity protection services.

Read more of this story at Slashdot.

Alamo Drafthouse will not implement Meta's new Movie Mate technology during the April 30 nationwide rerelease of Blumhouse's "M3GAN," Variety reports. The specialty theater chain confirmed it will maintain its strict no-phones policy despite Universal's promotion of the second-screen experience, with staff instructed to remove patrons attempting to access the feature during screenings. Movie Mate represents Meta's first integration of its interactive movie technology, which operates via Instagram direct messaging. Users message the film's official account to activate a chatbot delivering "sneak peeks, exclusive recorded messages from directors and talent" synchronized with the screening. The "M3GAN" event serves as Meta's technological debut ahead of potential wider theatrical implementation.

Read more of this story at Slashdot.

China's outing of alleged US National Security Agency hackers marks a major escalation in the ongoing tit-for-tat between Chinese and American intelligence agencies, according to analysts. From a report: Chinese authorities Tuesday said three NSA employees hacked the Asian Winter Games held this year in Harbin, accusing them of targeting systems that held vast amounts of personal information on people involved in the event. The hacks "severely endangered the security of China's critical information infrastructure, national defense, finance, society, production, as well as citizens' personal information," Chinese foreign ministry spokesman Lin Jian told reporters. While the US has repeatedly published names of alleged Chinese hackers and filed criminal charges against them, China has historically refrained from making similar accusations against American spies. Rafe Pilling, director of threat intelligence at the cyber firm Sophos' Secureworks unit, said the development may signal a broader policy change from Chinese security agencies, with allegations of US cyberattacks becoming more specific and timely. "This is an escalation in China's experimentation with 'name and shame' policies for the alleged perpetrators of cyberattacks, mirroring US pursuit of a similar policy for a number of years now," said Pilling.

Read more of this story at Slashdot.

A Canadian math prodigy is accused of stealing over $65 million through complex exploits on decentralized finance platforms and is currently a fugitive from U.S. authorities. Despite facing criminal charges for fraud and money laundering, he has evaded capture by moving internationally, embracing the controversial "Code is Law" philosophy, and maintaining that his actions were legal under the platforms' open-source rules. The Globe and Mail reports: Andean Medjedovic was 18 years old when he made a decision that would irrevocably alter the course of his life. In the fall of 2021, shortly after completing a master's degree at the University of Waterloo, the math prodigy and cryptocurrency trader from Hamilton had conducted a complex series of transactions designed to exploit a vulnerability in the code of a decentralized finance platform. The maneuver had allegedly allowed him to siphon approximately $16.5-million in digital tokens out of two liquidity pools operated by the platform, Indexed Finance, according to a U.S. court document. Indexed Finance's leaders traced the attack back to Mr. Medjedovic, and made him an offer: Return 90 per cent of the funds, keep the rest as a so-called "bug bounty" -- a reward for having identified an error in the code -- and all would be forgiven. Mr. Medjedovic would then be free to launch his career as a white hat, or ethical, hacker. Mr. Medjedovic didn't take the deal. His social media posts hinted, without overtly stating, that he believed that because he had operated within the confines of the code, he was entitled to the funds -- a controversial philosophy in the world of decentralized finance known as "Code is Law." But instead of testing that argument in court, Mr. Medjedovic went into hiding. By the time authorities arrived on a quiet residential street in Hamilton to search his parents' townhouse less than two months later, Mr. Medjedovic had moved out, taking his electronic devices with him. Then, roughly two years later, he struck again, netting an even larger sum -- approximately $48.4-million -- by conducting a similar exploit on another decentralized finance platform, U.S. authorities allege. Mr. Medjedovic, now 22, faces five criminal charges -- including wire fraud, attempted extortion and money laundering -- according to a U.S. federal court document that was unsealed earlier this year. If convicted, he could be facing decades in prison. First, authorities will have to find him.

Read more of this story at Slashdot.

Trump’s tremendous trade tussle triggers troubling twist, theoretically

World war fee Well, well, well. If it isn't the consequences of thine actions. The Trump administration's global trade war is threatening to hit US military readiness.…

Apple has officially designated all Intel-based Mac minis as "vintage" or "obsolete," marking the end of an era. This means Apple no longer guarantees parts or service for these devices, as they've surpassed the 5- to 7-year support window. 9to5Mac reports: Apple periodically adds devices to its ever-growing list of vintage and obsolete products. That happened today, as spotted by MacRumors, with two noteworthy "vintage" additions: iPhone 6s and Mac mini (2018). The latter product is especially significant, because the 2018 Mac mini was the last remaining Intel model that was not yet labeled either vintage or obsolete. So what are those timelines exactly? Per Apple's definitions: Vintage: "Apple stopped distributing them for sale more than 5 and less than 7 years ago." Obsolete: "Apple stopped distributing them for sale more than 7 years ago." [...] Since these products are now considered vintage, Apple no longer guarantees that parts for repairs will be readily available.

Read more of this story at Slashdot.

800K? Make that double, and we'll need a double, too, for the pain

A Texas firm that provides backend IT and other services for American insurers has admitted twice as many people had their info stolen from it than previously disclosed.…

An anonymous reader quotes a report from TechCrunch: Figma has sent a cease-and-desist letter to popular no-code AI startup Lovable, Figma confirmed to TechCrunch. The letter tells Lovable to stop using the term "Dev Mode" for a new product feature. Figma, which also has a feature called Dev Mode, successfully trademarked that term last year, according to the U.S. Patent and Trademark office. What's wild is that "dev mode" is a common term used in many products that cater to software programmers. It's like an edit mode. Software products from giant companies like Apple's iOS, Google's Chrome, Microsoft's Xbox have features formally called "developer mode" that then get nicknamed "dev mode" in reference materials. Even "dev mode" itself is commonly used. For instance Atlassian used it in products that pre-date Figma's copyright by years. And it's a common feature name in countless open source software projects. Figma tells TechCrunch that its trademark refers only to the shortcut "Dev Mode" -- not the full term "developer mode." Still, it's a bit like trademarking the term "bug" to refer to "debugging." Since Figma wants to own the term, it has little choice but send cease-and-desist letters. (The letter, as many on X pointed out, was very polite, too.) If Figma doesn't defend the term, it could be absorbed as a generic term and the trademarked becomes unenforceable.

Read more of this story at Slashdot.

Uber cofounder Travis Kalanick thinks AI is about to shake up consulting -- and for "traditional" professionals, not in a good way. From a report: The former Uber CEO said consultants who mostly follow instructions or do repetitive tasks are at risk of being replaced by AI. "If you're a traditional consultant and you're just doing the thing, you're executing the thing, you're probably in some big trouble," he said. He joked about what that future of consultancy might look like: "Push a button. Get a consultant." However, Kalanick said the professionals who would come out ahead would be the ones who build tools rather than just use them. "If you are the consultant that puts the things together that replaces the consultant, maybe you got some stuff," he said. "You're going to profitable companies with competitive moats, making that moat bigger," he explained. "Making their profit bigger is probably pretty interesting from a financial point of view."

Read more of this story at Slashdot.

Who said this opt-out approach is OK with GDPR, was it Llama 4, hmm?

Meta on Monday said it plans to start training its AI models using public posts and comments shared by adults in the EU, along with interactions users have with its chatbot.…

Source code, moderator info, IP addresses, more allegedly swiped and leaked

Thousands of 4chan users reported outages Monday night amid rumors on social media that the edgy anonymous imageboard had been ransacked by an intruder, with someone on a rival forum claiming to have leaked its source code, moderator identities, and users' IP addresses.…

You should still learn to code, says GitHub's CEO. And you should start as soon as possible. From a report: "I strongly believe that every kid, every child, should learn coding," Thomas Dohmke said in a recent podcast interview with EO. "We should actually teach them coding in school, in the same way that we teach them physics and geography and literacy and math and what-not." Coding, he added, is one such fundamental skill -- and the only reason it's not part of the curriculum is because it took "us too long to actually realize that." Dohmke, who's been a programmer since the 90s, said he's never seen "anything more exciting" than the current moment in engineering -- the advent of AI, he believes, has made the field that much easier to break into, and is poised to make software more ubiquitous than ever. "It's so much easier to get into software development. You can just write a prompt into Copilot or ChatGPT or similar tools, and it will likely write you a basic webpage, or a small application, a game in Python," Dohmke said. "And so, AI makes software development so much more accessible for anyone who wants to learn coding." AI, Dohmke said, helps to "realize the dream" of bringing an idea to life, meaning that fewer projects will end up dead in the water, and smaller teams of developers will be enabled to tackle larger-scale projects. Dohmke said he believes it makes the overall process of creation more efficient. "You see some of the early signs of that, where very small startups -- sometimes five developers and some of them actually only one developer -- believe they can become million, if not billion dollar businesses by leveraging all the AI agents that are available to them," he added.

Read more of this story at Slashdot.

There's a new tariff in town

World War Fee Uncle Sam is kicking off a probe into the national security risks associated with America relying on imported foreign-made semiconductors.…

Beijing claims NSA went for gold in offensive cyber, got caught in the act

China's state-run press has taken its turn in trying to highlight alleged foreign cyber offensives, accusing the US National Security Agency of targeting the 2025 Asian Winter Games.…

An anonymous reader shares a report: None of the frontier AI research labs have presented any evidence that they are on the brink of achieving artificial general intelligence, no matter how they define that goal, but Google is already planning for a "Post-AGI" world by hiring a scientist for its DeepMind AI lab to research the "profound impact" that technology will have on society. "Spearhead research projects exploring the influence of AGI on domains such as economics, law, health/wellbeing, AGI to ASI [artificial superintelligence], machine consciousness, and education," Google says in the first item on a list of key responsibilities for the job. Artificial superintelligence refers to a hypothetical form of AI that is smarter than the smartest human in all domains. This is self explanatory, but just to be clear, when Google refers to "machine consciousness" it's referring to the science fiction idea of a sentient machine. OpenAI CEO Sam Altman, DeepMind CEO Demis Hassabis, Elon Musk, and other major and minor players in the AI industry are all working on AGI and have previously talked about the likelihood of humanity achieving AGI, when that might happen, and what the consequences might be, but the Google job listing shows that companies are now taking concrete steps for what comes after, or are at least are continuing to signal that they believe it can be achieved.

Read more of this story at Slashdot.

Login green-lit for lone staffer if he’s trained, papered up, won’t pull an Elez

A federal judge has partly lifted an injunction against Elon Musk's Trump-blessed cost-trimming DOGE unit, allowing one staff member to access sensitive US Treasury payment systems. This access includes personally identifiable financial information tied to millions of Americans.…

An anonymous reader shares a report: OpenAI is working on its own X-like social network, according to multiple sources familiar with the matter. While the project is still in early stages, we're told there's an internal prototype focused on ChatGPT's image generation that has a social feed. CEO Sam Altman has been privately asking outsiders for feedback about the project, our sources say. It's unclear if OpenAI's plan is to release the social network as a separate app or integrate it into ChatGPT, which became the most downloaded app globally last month. Launching a social network in or around ChatGPT would likely increase Altman's already-bitter rivalry with Elon Musk. In February, after Musk made an unsolicited offer to purchase OpenAI for $97.4 billion, Altman responded: "no thank you but we will buy twitter for $9.74 billion if you want." Entering the social media market also puts OpenAI on more of a collision course with Meta, which we're told is planning to add a social feed to its coming standalone app for its AI assistant. When reports of Meta building a rival to the ChatGPT app first surfaced a couple of months ago, Altman shot back on X again by saying, "ok fine maybe we'll do a social app."

Read more of this story at Slashdot.