Linux fréttir

No warning, no opt-out, and critic claims ... no consent

Research from a leading academic shows Android users have advertising cookies and other gizmos working to build profiles on them even before they open their first app.…

CISA has warned U.S. federal agencies about active exploitation of vulnerabilities in Cisco VPN routers and Windows systems. "While the cybersecurity agency has tagged these flaws as actively exploited in the wild, it has yet to provide specific details regarding this malicious activity and who is behind it," adds Bleeping Computer. From the report: The first flaw (tracked as CVE-2023-20118) enables attackers to execute arbitrary commands on RV016, RV042, RV042G, RV082, RV320, and RV325 VPN routers. While it requires valid administrative credentials, this can still be achieved by chaining the CVE-2023-20025 authentication bypass, which provides root privileges. Cisco says in an advisory published in January 2023 and updated one year later that its Product Security Incident Response Team (PSIRT) is aware of CVE-2023-20025 publicly available proof-of-concept exploit code. The second security bug (CVE-2018-8639) is a Win32k elevation of privilege flaw that local attackers logged into the target system can exploit to run arbitrary code in kernel mode. Successful exploitation also allows them to alter data or create rogue accounts with full user rights to take over vulnerable Windows devices. According to a security advisory issued by Microsoft in December 2018, this vulnerability impacts client (Windows 7 or later) and server (Windows Server 2008 and up) platforms. Today, CISA added the two vulnerabilities to its Known Exploited Vulnerabilities catalog, which lists security bugs the agency has tagged as exploited in attacks. As mandated by the Binding Operational Directive (BOD) 22-01 issued in November 2021, Federal Civilian Executive Branch (FCEB) agencies now have three weeks, until March 23, to secure their networks against ongoing exploitation.

Read more of this story at Slashdot.

That's competition, that's protecting our IP, Redmond's lawyers tell UK competition regulator

For AWS and Google to urge the UK competition regulator to "intervene and constrain the price" that Microsoft charges them to license its software in their clouds is both "extraordinary and unprecedented."…

Says the biz trying to sell us stuff to catch that, admittedly

High-profile deepfake scams that were reported here at The Register and elsewhere last year may just be the tip of the iceberg. Attacks relying on spoofed faces in online meetings surged by 300 percent in 2024, it is claimed.…

Five flaws found in Paragon Partition Manager's kernel-level .sys

Ransomware crooks are exploiting a third-party Windows kernel-level driver used and provided by disk management tool Paragon Partition Manager.…

Firefly Aerospace's Blue Ghost lander successfully touched down on the moon, making it the first private company to achieve a stable lunar landing without crashing. The craft is carrying various NASA-funded experiments, including a "vacuum to suck up moon dirt for analysis and a drill to measure temperature as deep as 10 feet (3 meters) below the surface," reports the Associated Press. There's also "a device for eliminating abrasive lunar dust -- a scourge for NASA's long-ago Apollo moonwalkers, who got it caked all over their spacesuits and equipment." From the report: A half hour after landing, Blue Ghost started to send back pictures from the surface, the first one a selfie somewhat obscured by the sun's glare. The second shot included the home planet, a blue dot glimmering in the blackness of space. Blue Ghost -- named after a rare U.S. species of fireflies -- had its size and shape going for it. The squat four-legged lander stands 6-foot-6 (2 meters) tall and 11 feet (3.5 meters) wide, providing extra stability, according to the company. Launched in mid-January from Florida, the lander carried 10 experiments to the moon for NASA. The space agency paid $101 million for the delivery, plus $44 million for the science and tech on board. It's the third mission under NASA's commercial lunar delivery program, intended to ignite a lunar economy of competing private businesses while scouting around before astronauts show up later this decade. Firefly's Ray Allensworth said the lander skipped over hazards including boulders to land safely. Allensworth said the team continued to analyze the data to figure out the lander's exact position, but all indications suggest it landed within the 328-foot (100-meter) target zone in Mare Crisium. The demos should get two weeks of run time, before lunar daytime ends and the lander shuts down.

Read more of this story at Slashdot.

Pricing, licensing changes won't feel so bad once you take this private cloud stack for a spin, apparently

Exclusive Broadcom has quietly started a closed beta of VMware Cloud Foundation (VCF) version 9, a major release that fully expresses the tech giant's vision for what a private cloud should be.…

Three more fabs on the way which will come online just in time for — checks calendar — Donald to leave office

Standing alongside US President Donald Trump, the CEO of Taiwanese chipmaking champ TSMC on Monday announced a plan to invest $100 billion on expanded operations in Arizona.…

An anonymous reader quotes a report from Ars Technica: Since the launch of ChatGPT in late 2022, experts have debated how widely AI language models would impact the world. A few years later, the picture is getting clear. According to new Stanford University-led research examining over 300 million text samples across multiple sectors, AI language models now assist in writing up to a quarter of professional communications across sectors. It's having a large impact, especially in less-educated parts of the United States. "Our study shows the emergence of a new reality in which firms, consumers and even international organizations substantially rely on generative AI for communications," wrote the researchers. The researchers tracked large language model (LLM) adoption across industries from January 2022 to September 2024 using a dataset that included 687,241 consumer complaints submitted to the US Consumer Financial Protection Bureau (CFPB), 537,413 corporate press releases, 304.3 million job postings, and 15,919 United Nations press releases. By using a statistical detection system that tracked word usage patterns, the researchers found that roughly 18 percent of financial consumer complaints (including 30 percent of all complaints from Arkansas), 24 percent of corporate press releases, up to 15 percent of job postings, and 14 percent of UN press releases showed signs of AI assistance during that period of time. The study also found that while urban areas showed higher adoption overall (18.2 percent versus 10.9 percent in rural areas), regions with lower educational attainment used AI writing tools more frequently (19.9 percent compared to 17.4 percent in higher-education areas). The researchers note that this contradicts typical technology adoption patterns where more educated populations adopt new tools fastest. "In the consumer complaint domain, the geographic and demographic patterns in LLM adoption present an intriguing departure from historical technology diffusion trends where technology adoption has generally been concentrated in urban areas, among higher-income groups, and populations with higher levels of educational attainment." "Arkansas showed the highest adoption rate at 29.2 percent (based on 7,376 complaints), followed by Missouri at 26.9 percent (16,807 complaints) and North Dakota at 24.8 percent (1,025 complaints)," notes Ars. "In contrast, states like West Virginia (2.6 percent), Idaho (3.8 percent), and Vermont (4.8 percent) showed minimal AI writing adoption. Major population centers demonstrated moderate adoption, with California at 17.4 percent (157,056 complaints) and New York at 16.6 percent (104,862 complaints)." The study was listed on the arXiv preprint server in mid-February.

Read more of this story at Slashdot.

Mixed messages from Pentagon, CISA as Trump gets pally with Putin and Kremlin strikes US critical networks

Comment America's cybersecurity chiefs in recent days have been sending mixed messages about the threat posed by Russia in the digital world.…

NASA used specialized Schlieren photography to capture an image of Boom Supersonic's XB-1 demonstrator aircraft breaking the sound barrier on February 10, 2025 and producing shock waves as it exceeded Mach 1. The flight produced no audible sonic boom, marking progress toward the goal of quiet supersonic travel. CNN reports: "This image makes the invisible visible," said Blake Scholl, founder and CEO of Boom Supersonic, in a press release. In order to capture the Schlieren images, Boom chief test pilot Tristan "Geppetto" Brandenburg positioned XB-1 at an exact time in a precise location over the Mojave Desert. As the aircraft flew in front of the sun, NASA's team documented the changing air speeds as speeds over Mach 1, the speed of sound (761.23 miles per hour or 1,225.1 kilometers per hour). The images were captured during ground telescopes with special filters that detect air distortions. You can view the photo here.

Read more of this story at Slashdot.

Google Play on Android devices is being updated to include a new search filter for widgets, widget badges on app detail pages, and a curated editorial page dedicated to widgets. The Verge reports: With the search filter, users will be able to more easily search for apps with widgets. The badge "eliminates guesswork for users and highlights your widget offerings, encouraging them to explore and utilize this capability," Taiwo-Peters says. And the curated editorial page will show off "collections of excellent widgets." The updated widget discoverability tools will be "coming soon," Taiwo-Peters says. "Historically, one of the challenges with investing in widget development has been discoverability and user understanding," product manager Yinka Taiwo-Peters says in the post. "You've asked for better ways for users to find and utilize your widgets, and we're delivering." Yinka Taiwo-Peters also acknowledges that "we understand that the effort required to build and maintain widgets needs to be justified by user adoption."

Read more of this story at Slashdot.

Judge slams 'significant chaos' that's now Uncle Sam's standard operating procedure

The US government's National Science Foundation has reinstated most of its cadre of probationary employees after laying them off en masse last month. …

An anonymous reader quotes a report from TechCrunch: The United States has suspended its offensive cyber operations against Russia, according to reports, amid efforts by the Trump administration to grant Moscow concessions to end the war in Ukraine. The reported order to halt U.S.-launched hacking operations against Russia was authorized by U.S. Defense Secretary Pete Hegseth, according to The Record. The new guidance affects operations carried out by U.S. Cyber Command, a division of the Department of Defense focused on hacking and operations in cyberspace, but does not apply to espionage operations conducted by the National Security Agency. The reported order has since been confirmed by The New York Times and The Washington Post. The order was handed down before Friday's Oval Office meeting between U.S. President Donald Trump, Vice President JD Vance, and Ukrainian President Volodymyr Zelenskyy, according to the reports. The New York Times said that the instruction came as part of a broader effort to draw Russian President Vladimir Putin into talks about the country's ongoing war in Ukraine. The Guardian also reports that the Trump administration has signaled it no longer views Russian hackers as a cybersecurity threat, and reportedly ordered U.S. cybersecurity agency CISA to no longer report on Russian threats. The newspaper cites a recent memo that set out new priorities for CISA, including threats faced by China and protecting local systems, but the memo did not mention Russia. CISA employees were reportedly informed verbally that they were to pause any work on Russian cyber threats.

Read more of this story at Slashdot.

A fully driverless Maserati MC20 Coupe set a new autonomous land speed record, reaching 197.7 mph at the Kennedy Space Center. The Verge reports: The Maserati was running self-driving software developed by Politecnico di Milano, Italy's largest scientific and technological university. The team also worked with the Indy Autonomous Challenge, which most recently ran at the Las Vegas Motor Speedway during CES 2025. In the shadow of NASA's iconic Space Shuttles, the race car flew down the 2.8-mile runway at record-breaking speeds, surpassing the 192.2mph record that was also held by Indy Autonomous Challenge and PoliMOVE, set by an IAC AV-21 race car in April 2022. The Maserati MC20 is a stylish -- and expensive -- choice for the autonomous run. Retailing for at least $239,000, the race car sports a mid-mounted, twin-turbocharged 3.0-liter V-6 that Maserati calls the Nettuno. The engine makes serious power: 621 horsepower and 538 pound-feet of torque, which is sent through an eight-speed dual-clutch automatic transmission to the rear wheels.

Read more of this story at Slashdot.

Microsoft has introduced Dragon Copilot, a voice-activated AI assistant for doctors that integrates dictation and ambient listening tools to automate clinical documentation, including notes, referrals, and post-visit summaries. The tool is set to launch in May in the U.S. and Canada. CNBC reports: Microsoft acquired Nuance Communications, the company behind Dragon Medical One and DAX Copilot, for about $16 billion in 2021. As a result, Microsoft has become a major player in the fiercely competitive AI scribing market, which has exploded in popularity as health systems have been looking for tools to help address burnout. AI scribes like DAX Copilot allow doctors to draft clinical notes in real time as they consensually record their visits with patients. DAX Copilot has been used in more than 3 million patient visits across 600 health-care organizations in the last month, Microsoft said. Dragon Copilot is accessible through a mobile app, browser or desktop, and it integrates directly with several different electronic health records, the company said. Clinicians will still be able to draft clinical notes with the assistant like they could with DAX Copilot, but they'll be able to use natural language to edit their documentation and prompt it further, Kenn Harper, general manager of Dragon products at Microsoft, told reporters on the call. For instance, a doctor could ask questions like, "Was the patient experiencing ear pain?" or "Can you add the ICD-10 codes to the assessment and plan?" Physicians can also ask broader treatment-related queries such as, "Should this patient be screened for lung cancer?" and get an answer with links to resources like the Centers for Disease Control and Prevention. [...]

Read more of this story at Slashdot.

With friends like these...

US stock markets have dipped after President Donald Trump confirmed the imposition of a 25 percent tariff on most goods coming into America from Canada and Mexico, and an extra ten percent tariff on China.…

An anonymous reader quotes a report from TechCrunch: Chipmaker TSMC said that it aims to invest "at least" $100 billion in chip manufacturing plants in the U.S. over the next four years as part of an effort to expand the company's network of semiconductor factories. President Donald Trump announced the news during a press conference Monday. TSMC's cash infusion will fund the construction of several new facilities in Arizona, C. C. Wei, chairman and CEO of TSMC, said during the briefing. "We are going to produce many AI chips to support AI progress," Wei said. TSMC previously pledged to pour $65 billion into U.S.-based fabrication plants and has received up to $6.6 billion in grants from the CHIPS Act, a major Biden administration-era law that sought to boost domestic semiconductor production. The new investment brings TSMC's total investments in the U.S. chip industry to around $165 billion, Trump said in prepared remarks. [...] TSMC, the world's largest contract chip maker, already has several facilities in the U.S., including a factory in Arizona that began mass production late last year. But the company currently reserves its most sophisticated facilities for its home country of Taiwan.

Read more of this story at Slashdot.

Shareholders urged to press CTRL-Z on loyal Gelsinger's 'retirement'

Comment Former Intel CEO Craig Barrett has a simple solution to the x86 giant's woes.…

Former Intel CEO Craig Barrett urged the rehiring of Pat Gelsinger, who was abruptly fired two months ago, arguing he should "finish the job he has aptly handled over the past few years." "Pat Gelsinger did a great job resuscitating the technology development team," Barrett wrote, criticizing the company's current leadership under "a CFO and a product manager." He suggested firing the Intel board rather than splitting the company. Barrett's comments come in response to proposals from four former board members advocating for Intel's separation into design and manufacturing businesses. Barrett dismissed these board members as "two academics and two former government bureaucrats" lacking semiconductor industry expertise. The former CEO praised Intel's technological resurgence under Gelsinger, noting its capabilities now match industry leader TSMC's 2nm technology, with additional advances in imaging technology and backside power delivery to complex chips. "Intel is backâ"from a technology point of view," Barrett wrote, arguing the best path forward is building on current momentum rather than organizational restructuring that would disrupt the company's 100,000-plus employees across multiple continents.

Read more of this story at Slashdot.