Linux fréttir

Return to office, hours and intensity of work cited as reasons to walk

Two in five techies quit in the past year because their employer didn't offer requisite flexibility with respect to hours, location and the "intensity of work."…

It's been a very busy week for Digicash Donald's administration

Analysis Is the US retreating from its hardline stance on crypto? On Friday, the US Treasury Department lifted sanctions imposed on notorious crypto mixer Tornado Cash, once accused of washing billions in illicit crypto for criminals and nation-states alike.…

It's "live-recording the World Wide Web," according to NPR, with a digital library that includes "hundreds of billions of copies of government websites, news articles and data." They described the 29-year-old nonprofit Internet Archive as "more relevant than ever." Every day, about 100 terabytes of material are uploaded to the Internet Archive, or about a billion URLs, with the assistance of automated crawlers. Most of that ends up in the Wayback Machine, while the rest is digitized analog media — books, television, radio, academic papers — scanned and stored on servers. As one of the few large-scale archivists to back up the web, the Internet Archive finds itself in a particularly unique position right now... Thousands of [U.S. government] datasets were wiped — mostly at agencies focused on science and the environment — in the days following Trump's return to the White House... The Internet Archive is among the few efforts that exist to catch the stuff that falls through the digital cracks, while also making that information accessible to the public. Six weeks into the new administration, Wayback Machine director [Mark] Graham said, the Internet Archive had cataloged some 73,000 web pages that had existed on U.S. government websites that were expunged after Trump's inauguration... According to Graham, based on the big jump in page views he's observed over the past two months, the Internet Archive is drawing many more visitors than usual to its services — journalists, researchers and other inquiring minds. Some want to consult the archive for information lost or changed in the purge, while others aim to contribute to the archival process.... "People are coming and rallying behind us," said Brewster Kahle, [the founder and current director of the Internet Archive], "by using it, by pointing at things, helping organize things, by submitting content to be archived — data sets that are under threat or have been taken down...." A behemoth of link rot repair, the Internet Archive rescues a daily average of 10,000 dead links that appear on Wikipedia pages. In total, it's fixed more than 23 million rotten links on Wikipedia alone, according to the organization. Though it receives some money for its preservation work for libraries, museums, and other organizations, it's also funded by donations. "From the beginning, it was important for the Internet Archive to be a nonprofit, because it was working for the people," explains founder Brewster Kahle on its donations page: Its motives had to be transparent; it had to last a long time. That's why we don't charge for access, sell user data, or run ads, even while we offer free resources to citizens everywhere. We rely on the generosity of individuals like you to pay for servers, staff, and preservation projects. If you can't imagine a future without the Internet Archive, please consider supporting our work. We promise to put your donation to good use as we continue to store over 99 petabytes of data, including 625 billion webpages, 38 million texts, and 14 million audio recordings. Two interesting statistics from NPR's article: "A Pew Research Center study published last year found that roughly 38% of web pages on the internet that existed in 2013 were no longer accessible as of 2023." "According to a Harvard Law Review study published in 2014, about half of all links cited in U.S. Supreme Court opinions no longer led to the original source material." Thanks to long-time Slashdot reader jtotheh for sharing the news.

Read more of this story at Slashdot.

Tweaks mean smoother operation even on low-end kit

GNOME 48 is here, with some under-the-hood tweaks to improve performance even on low-end kit.…

Education authority still searching for an alternative after 13 years

A public body in Northern Ireland has granted Capita £208 million in additional contracts and extensions without competition after ditching a £485 million Fujitsu deal last November.…

Throw a spanner in the works, best get good at fixing things. Now, where did you put that spanner?

Opinion Never attribute to malice that which is adequately explained by stupidity. This works well in sane times, less so when "but it's both" is the default. Apply it to Microsoft's decision to make bug reports include not only a working example but a video of the same, and the meter oscillates wildly. What were they thinking? What did they expect?…

RockDoctor (Slashdot reader #15,477) writes: A recent paper on ArXiv reports a novel idea about the central regions of "our" galaxy. Remember the hoopla a few years ago about radio-astronomical observations producing an "image" of our central black hole — or rather, an image of the accretion disc around the black hole — long designated by astronomers as "Sagittarius A*" (or SGR-A*)? If you remember the image published then, one thing should be striking — it's not very symmetrical. If you think about viewing a spinning object, then you'd expect to see something with a "mirror" symmetry plane where we would see the rotation axis (if someone had marked it). If anything, that published image has three bright spots on a fainter ring. And the spots are not even approximately the same brightness. This paper suggests that the image we see is the result of the light (radio waves) from SGR-A* being "lensed" by another black hole, near (but not quite on) the line of sight between SGR-A* and us. By various modelling approaches, they then refine this idea to a "best-fit" of a black hole with mass around 1000 times the Sun, orbiting between the distance of the closest-observed star to SGR-A* ("S2" — most imaginative name, ever!), and around 10 times that distance. That's far enough to make a strong interaction with "S2" unlikely within the lifetime of S2 before it's accretion onto SGR-A*.) The region around SGR-A* is crowded. Within 25 parsecs (~80 light years, the distance to Regulus [in the constellation Leo] or Merak [in the Great Bear]) there is around 4 times more mass in several millions of "normal" stars than in the SGR-A* black hole. Finding a large (not "super massive") black hole in such a concentration of matter shouldn't surprise anyone. This proposed black hole is larger than anything which has been detected by gravitational waves (yet) ; but not immensely larger — only a factor of 15 or so. (The authors also anticipate the "what about these big black holes spiralling together?" question : quote "and the amplitude of gravitational waves generated by the binary black holes is negligible.") Being so close to SGR-A*, the proposed black hole is likely to be moving rapidly across our line of sight. At the distance of "S2" it's orbital period would be around 26 years (but the "new" black hole is probably further out than than that). Which might be an explanation for some of the variability and "flickering" reported for SGR-A* ever since it's discovery. As always, more observations are needed. Which, for SGR-A* are frequently being taken, so improving (or ruling out) this explanation should happen fairly quickly. But it's a very interesting, and fun, idea.

Read more of this story at Slashdot.

And got away with it when someone else broke it even more comprehensively

Who, Me? Welcome to another working week, and therefore to another instalment of Who, Me? It’s The Register’s reader-contributed Monday column that shares stories of your worst moments at work, and how you kept your career alive once the extent of the damage was discerned.…

PLUS: Russian bug-buyers seeks Telegram flaws; Another WordPress security mess; NIST backlog grows; and more!

Infosec In Brief Organized crime networks are now reliant on digital tech for most of their activities according to Europol, the European agency that fights international crime on the continent and beyond.…

Long-time Slashdot reader invisik reminds us that the "fish doorbell" is still going strong, according to the Associated Press. "Now in its fifth year, the site has attracted millions of viewers from around the world with its quirky mix of slow TV and ecological activism." The central Dutch city of Utrecht installed a "fish doorbell" on a river lock that lets viewers of an online livestream alert authorities to fish being held up as they make their springtime migration to shallow spawning grounds. The idea is simple: An underwater camera at Utrecht's Weerdsluis lock sends live footage to a website. When somebody watching the site sees a fish, they can click a button that sends a screenshot to organizers. When they see enough fish, they alert a water worker who opens the lock to let the fish swim through. "Much of the time, the screen is just a murky green with occasional bubbles, but sometimes a fish swims past. As the water warms up, more fish show up..."

Read more of this story at Slashdot.

Maps Timeline info wanders off forever for users without encrypted backups

Google has admitted it lost some customer data, possibly forever.…

NPR reports on research "into whether our defenses built up from past flu seasons can offer any protection against H5N1 bird flu." So far, the findings offer some reassurance. Antibodies and other players in the immune system may buffer the worst consequences of bird flu, at least to some degree. "There's certainly preexisting immunity," says Florian Krammer, a virologist at Mount Sinai's Icahn School of Medicine who is involved in some of the new studies. "That's very likely not going to protect us as a population from a new pandemic, but it might give us some protection against severe disease." This protection is based on shared traits between bird flu and types of seasonal flu that have circulated among us. Certain segments of the population, namely older people, may be particularly well-primed because of flu infections during early childhood. Of course, there are caveats. "While this is a bit of a silver lining, it doesn't mean we should all feel safe," says Seema Lakdawala, a virologist at Emory University's School of Medicine whose lab is probing this question. For one thing, the studies can't be done on people. The conclusions are based on animal models and blood tests that measure the immune response. And how this holds up for an individual is expected to vary considerably, depending on their own immune history, underlying health conditions and other factors. But for now, influenza researchers speculate this may be one reason most people who've caught bird flu over the past year have not fallen severely ill.... Research published this month is encouraging. By analyzing blood samples from close to 160 people, a team at the University of Pennsylvania and the University of Chicago were able to show that people born roughly before 1965 had higher levels of antibodies — proteins that bind to parts of the virus — which cross-react to the current strain of bird flu. This week U.S. federal officials also "announced funding for avian influenza research projects, including money for new vaccine projects and potential treatments," the Guardian report. The head of America's agriculture department said it would invest $100 million, as part of a larger $1 billion initiative to fight bird flu and stop rising egg prices, according to the nonprofit news site Iowa Capital Dispatch.

Read more of this story at Slashdot.

PLUS: Zoho's Ulaa anointed India’s most patriotic browser; Typhoon-like gang targets Taiwan; Japan debates offensive cyber-ops; and more

Asia In Brief China’s Cyberspace Administration and Ministry of Public Security have outlawed the use of facial recognition without consent.…

Slashdot reader spatwei shared this report from the cybersecurity site SC World: : AI coding assistants such as GitHub Copilot and Cursor could be manipulated to generate code containing backdoors, vulnerabilities and other security issues via distribution of malicious rule configuration files, Pillar Security researchers reported Tuesday. Rules files are used by AI coding agents to guide their behavior when generating or editing code. For example, a rules file may include instructions for the assistant to follow certain coding best practices, utilize specific formatting, or output responses in a specific language. The attack technique developed by Pillar Researchers, which they call 'Rules File Backdoor,' weaponizes rules files by injecting them with instructions that are invisible to a human user but readable by the AI agent. Hidden Unicode characters like bidirectional text markers and zero-width joiners can be used to obfuscate malicious instructions in the user interface and in GitHub pull requests, the researchers noted. Rules configurations are often shared among developer communities and distributed through open-source repositories or included in project templates; therefore, an attacker could distribute a malicious rules file by sharing it on a forum, publishing it on an open-source platform like GitHub or injecting it via a pull request to a popular repository. Once the poisoned rules file is imported to GitHub Copilot or Cursor, the AI agent will read and follow the attacker's instructions while assisting the victim's future coding projects.

Read more of this story at Slashdot.

For weeks Signal has been one of the three most-downloaded apps in the Netherlands, according to a local news site. And now "Higher education institutions in the Netherlands have been looking for an alternative," according to DUB (an independent news site for the Utrecht University community): Employees of the Utrecht University of Applied Sciences (HU) were recently advised to switch to Signal. Avans University of Applied Sciences has also been discussing a switch...The National Student Union is concerned about privacy. The subject was raised at last week's general meeting, as reported by chair Abdelkader Karbache, who said: "Our local unions want to switch to Signal or other open-source software." Besides being open source, Signal is a non-commercial nonprofit, the article points out — though its proponents suggest there's another big difference. "HU argues that Signal keeps users' data private, unlike WhatsApp." Cybernews.com explains the concern: In an interview with the Dutch newspaper De Telegraaf, Meredith Whittaker [president of the Signal Foundation] discussed the pitfalls of WhatsApp. "WhatsApp collects metadata: who you send messages to, when, and how often. That's incredibly sensitive information," she says.... The only information [Signal] collects is the date an account was registered, the time when an account was last active, and hashed phone numbers... Information like profile name and the people a user communicates with is all encrypted... Metadata might sound harmless, but it couldn't be further from the truth. According to Whittaker, metadata is deadly. "As a former CIA director once said: 'We kill people based on metadata'." WhatsApp's metadata also includes IP addresses, TechRadar noted last May: Other identifiable data such as your network details, the browser you use, ISP, and other identifiers linked to other Meta products (like Instagram and Facebook) associated with the same device or account are also collected... [Y]our IP can be used to track down your location. As the company explained, even if you keep the location-related features off, IP addresses and other collected information like phone number area codes can be used to estimate your "general location." WhatsApp is required by law to share this information with authorities during an investigation... [U]nder scrutiny is how Meta itself uses these precious details for commercial purposes. Again, this is clearly stated in WhatsApp's privacy policy and terms of use. "We may use the information we receive from [other Meta companies], and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings," reads the policy. This means that yes, your messages are always private, but WhatsApp is actively collecting your metadata to build your digital persona across other Meta platforms... The article suggests using a VPN with WhatsApp and turning on its "advanced privacy feature" (which hides your IP address during calls) and managing the app's permissions for data collection. "While these steps can help reduce the amount of metadata collected, it's crucial to bear in mind that it's impossible to completely avoid metadata collection on the Meta-owned app... For extra privacy and security, I suggest switching to the more secure messaging app Signal." The article also includes a cautionary anecdote. "It was exactly a piece of metadata — a Proton Mail recovery email — that led to the arrest of a Catalan activist." Thanks to long-time Slashdot reader united_notions for sharing the article.

Read more of this story at Slashdot.

Despite evidence to the contrary as alleged pilfered info goes on sale

Oracle has straight up denied claims by a miscreant that its public cloud offering has been compromised and information stolen.…

"There's no shortage of videos showing Steam running on expensive ARM single-board computers with discrete GPUs," writes Slashdot reader VennStone. "So I thought it would be worthwhile to make a guide for doing it on (relatively) inexpensive RK3588-powered single-board computers, using Box86/64 and Armbian." The guides I came across were out of date, had a bunch of extra steps thrown in, or were outright incorrect... Up first, we need to add the Box86 and Box64 ARM repositories [along with dependencies, ARMHF architecture, and the Mesa graphics driver]... The guide closes with a multi-line script and advice to "Just close your eyes and run this. It's not pretty, but it will download the Steam Debian package, extract the needed bits, and set up a launch script." (And then the final step is sudo reboot now.) "At this point, all you have to do is open a terminal, type 'steam', and tap Enter. You'll have about five minutes to wait... Check out the video to see how some of the tested games perform." At 720p, performance is all over the place, but the games I tested typically managed to stay above 30 FPS. This is better than I was expecting from a four-year-old SOC emulating x86 titles under ARM. Is this a practical way to play your Steam games? Nope, not even a little bit. For now, this is merely an exercise in ludicrous neatness. Things might get a wee bit better, considering Collabora is working on upstream support for RK3588 and Valve is up to something ARM-related, but ya know, "Valve Time"... "You might be tempted to enable Steam Play for your Windows games, but don't waste your time. I mean, you can try, but it ain't gonna work."

Read more of this story at Slashdot.

Today long-time open source advocate/journalist Doc Searls revealed that years of work by consumer privacy groups has culminated in a proposed standard "that can vastly expand our agency in the digital world" — especially in a future world where agents surf the web on our behalf: Meet IEEE P7012 , which "identifies/addresses the manner in which personal privacy terms are proffered and how they can be read and agreed to by machines." It has been in the works since 2017, and should be ready later this year. (I say this as chair of the standard's working group.) The nickname for P7012 is MyTerms (much as the nickname for the IEEE's 802.11 standard is Wi-Fi). The idea behind MyTerms is that the sites and services of the world should agree to your terms, rather than the other way around. Basically your web browser proffers whatever agreement you've chosen (from a canonical list hosted at Customer Commons) to the web sites and other online services that you're visiting. "Browser makers can build something into their product, or any developer can make a browser add-on or extension..." Searls writes. "On the site's side — the second-party side — CMS makers can build something in, or any developer can make a plug-in (WordPress) or a module (Drupal). Mobile app toolmakers can also come up with something (or many things)..." MyTerms creates a new regime for privacy: one based on contract. With each MyTerm you are the first party. Not the website, the service, or the app maker. They are the second party. And terms can be friendly. For example, a prototype term called NoStalking says "Just show me ads not based on tracking me." This is good for you, because you don't get tracked, and good for the site because it leaves open the advertising option. NoStalking lives at Customer Commons, much as personal copyrights live at Creative Commons. (Yes, the former is modeled on the latter.) "[L]et's make this happen and show the world what agency really means," Searls concludes. Another way to say it is they've created "a draft standard for machine-readable personal privacy terms." But Searl's article used a grander metaphor to explain its significance: When Archimedes said 'Give me a place to stand and I can move the world,' he was talking about agency. You have no agency on the Web if you are always the second party, agreeing to terms and policies set by websites. You are Archimedes if you are the first party, setting your own terms and policies. The scale you get with those is One 2 World. The place you stand is on the Web itself — and the Internet below it. Both were designed to make each of us an Archimedes.

Read more of this story at Slashdot.

The latest Facebook whistleblower, a former international lawyer, "cannot grant any of the nearly 100 interview requests she has received from journalists from print and broadcast news outlets in the United States and the United Kingdom," reports the Washington Post (citing "a person familiar with the matter"). That's because of an independent arbiter's ruling that "also bars her from talking with lawmakers in the U.S., London and the EU, according to a legal challenge she lodged against the ruling..." On March 12, an emergency arbiter — a dispute resolution option outside the court system — sided with Meta by ruling that the tech giant might reasonably convince a court that Wynn-Williams broke a non-disparagement agreement she entered as she was being fired by the company in 2017. The arbiter also said that while her publisher Macmillan appeared for the hearing on Meta's motion, Wynn-Williams did not despite having received due notice. The arbiter did not make any assessments about the book's veracity, but Meta spokespeople argued that the ruling meant that "Sarah Wynn Williams' false and defamatory book should never have been published." Wynn-Williams this week filed an emergency motion to overturn the ruling, arguing that she didn't receive proper notice of the arbitration proceedings to the email accounts Meta knows she uses, according to a copy of the motion seen by The Post. Wynn-Williams further alleged that her severance agreement including the non-disparagement provisions are unenforceable, arguing that it violates laws that protect whistleblowers from retaliation, among other points. In a statement, legal representatives for Wynn-Williams said they were "confident in the legal arguments and look forward to a swift restoration of Ms. Wynn-Williams' right to tell her story." That book — Careless People: A Cautionary Tale of Power, Greed, and Lost Idealism — is currently #1 on the New York Times best-seller list (and #3 on Amazon.com's best-selling books list). And the incident prompted an article by Wired editor at large Steven Levy titled "Meta Tries to Bury a Tell-All Book." ("Please pause for a moment to savor the irony," Levy writes. "Meta, the company that recently announced an end to fact-checking in posts seen by potentially millions of people, is griping that an author didn't fact-check with them?") And this led to a heated exchange on X.com between the Wired editor at large and Meta's Chief Technology Officer Andrew Bozworth: Steven Levy: Meta probably realizes that all-out war on this book will only help its sales. But they are furious that an insider--who signed an NDA!--is going White Lotus on them, showing what it's like on the inside. Meta CTO Bozworth: Except that it is full of lies, Steven. Shame on you. Steven Levy: Boz, it would be helpful if Meta called out what it believes are the factual inaccuracies, especially in cases where it calls the book "defamatory." Meta CTO Bozworth: Sorry you don't get to make up a bunch of stories and then put the burden on the person you lied about. Read the accounts from former employees who have gone through several of the anecdotes and said flatly they did not happen as written and then extrapolate. Steven Levy: I would love for Sheryl, Mark and Joel to speak out on those anecdotes and give their sides of the story. They are the key subjects of those stories and their direct denial of specific incidents would matter. Meta CTO Bozworth: Did you read what I wrote? I'm sure you would love to have more fuel for your "nobody wants you to read this" headline, but that's a total bullshit expectation. It isn't unreasonable to expect a journalist like you to do basic diligence. I'm sure you have our comms email! Steven Levy: Believe me I was in touch with your comms people...

Read more of this story at Slashdot.

GPU goliath claims tech can boost throughput by 2x for Hopper, up to 30x for Blackwell

GTC Nvidia's Blackwell Ultra and upcoming Vera and Rubin CPUs and GPUs dominated the conversation at the corp's GPU Technology Conference this week. But arguably one of the most important announcements of the annual developer event wasn't a chip at all but rather a software framework called Dynamo, designed to tackle the challenges of AI inference at scale.…