Linux fréttir

Forks of forks of forks, but which ones are patched?

A vulnerability in the popular Rust crate async-tar has affected the fast uv Python package manager, which uses a forked version that's now patched – but the most widely downloaded version remains unfixed.…

An anonymous reader quotes a report from the Financial Times: A lot of critical financial and government infrastructure runs on Cobol. The more-than-60-year-old mainframe coding language is embedded into payments and transaction rails, even though there are very few Cobol-literate coders available to maintain them. The big argument in favor of sticking with Cobol systems is that they work. The catch is that, whenever they stop working, it is difficult to figure out why. That's not good in a crisis, which is exactly when they're most likely to break. Covid-19 put a lot of strain the US state benefit systems. The ones that used Cobol for processing unemployment claims failed spectacularly, according to a new working paper from The Atlanta Fed: "States that used an antiquated [unemployment insurance]-benefit system experienced a 2.8 percentage point decline in total credit and debit card consumption relative to card consumption in states with more modern UI benefit systems. [...] Using this estimate in a back-of-the-envelope calculation, I find that the lack of investment in updating UI-benefit systems in COBOL states was associated with a reduction in real GDP of at least $40 billion (in 2019 dollars) lower during this [March 13 2020 to year-end] period The paper uses Cobol as a proxy for old and inefficient IT, not the direct cause of failure. Claimants faced much longer delays in the 28 states that still used Cobol in 2020, both because of the unprecedented volume of claims and the difficulty updating systems with new eligibility rules, author Michael Navarrete finds. [...] As an aside, one oddity of the data is that Republican-controlled states were more likely to have replaced old IT systems, even though their standard unemployment insurance payments are lower on average. Why? Absolutely no idea, but here are the maps. And, once adjusted for state politics, here's the key finding.

Read more of this story at Slashdot.

RFC proposes power-button interrupt – and highlights wider problems with sleep states

A new Linux kernel patch lets you cancel the process of your machine going into hibernation, but the bigger context of the work may be more important.…

480:1 ratio compared to average employee? Must be all that 'leadership' juice

Months after saying job cuts at Microsoft weighed on him, bossman Satya Nadella has another problem: how to expend his swelling bank balance following another bumper pay rise.…

That's a lot of extended warranties

The Jaguar Land Rover (JLR) cyberattack could end up being the costliest such incident in UK history, billed at an estimated £1.9 billion and affecting over 5,000 organizations.…

General Motors is ending production of its Chevy BrightDrop electric delivery vans after sluggish demand and the expiration of key EV tax credits. "This is not a decision we made lightly because of the impact on our employees," GM CEO Mary Barra said during the company's third quarter earnings call Tuesday. "However the commercial electric van market has been developing much slower than expected, and changes to the regulatory framework and fleet incentives has made the business even more challenging." The Verge reports: Brightdrop first launched in 2021 as GM's effort to capture a large portion of the commercial EV market, starting with a pair of electric vans, as well as fleet management software and electric-powered carts for goods delivery. The automaker made deals with Walmart, FedEx, and other major retailers to add the van to their delivery fleets. But after trying to make a go of it as a standalone brand, GM reabsorbed BrightDrop in 2023, and then later assigned it to Chevy in order to tap into the brand's sales and service dealer network. Now the van will stand as yet another casualty of the expiration of the $7,500 federal EV tax credit, which ended on September 30th. In addition to the consumer credit, there was also a $7,500 discount for commercial EVs under 18,000 lbs -- which Brightdrop was eligible for. The van was a range leader, but also was more expensive than its most prominent competitor. Brightdrop's vans started at $74,000, while Ford's E-Transit van with extended battery range sold for $51,600.

Read more of this story at Slashdot.

Wheeled wonder leaves European rail in the dust

China's CR450 train hit 453 km/h during pre-service trials, surpassing its CR400 predecessor's 420 km/h and outpacing Deutsche Bahn's 405 km/h test record.…

Laser-guided weapon reaches full service after successful sea trials

Royal Navy helicopters will soon carry drone-busting lightweight Martlet missiles, now declared fully operational following the anti-ship Sea Venom gaining initial operating capability (IOC) earlier this month.…

Researchers say 'Proto-X' fine-tunes databases automatically, delivering multifold performance boosts

Automated database systems based on vector embedding algorithms could improve the performance of default settings on common PostgreSQL database services by a factor of two to ten, according to a database researcher.…

ICO says probe unnecessary after reviewing ministry's handling of leak

The UK's data protection regulator declined to launch an investigation into a leak at the Ministry of Defence that risked the lives of thousands of Afghans connected with the British Armed Forces.…

NASA has reopened SpaceX's $4.4 billion moon lander contract to new bidders like Blue Origin and Lockheed Martin after delays in Starship's development threatened the 2027 Artemis 3 mission. Reuters reports: The move paves the way for rivals such as Jeff Bezos' Blue Origin to snatch a high-profile mission to land the first astronauts on the moon in half a century. "I'm in the process of opening that contract up. I think we'll see companies like Blue get involved, and maybe others," the U.S. space agency's acting chief Sean Duffy, who also serves as U.S. Transportation Secretary, told Fox News' "Fox & Friends" program. Duffy's comments follow months of mounting pressure within NASA to speed up its Artemis lunar program and push SpaceX to make greater progress on its Starship lunar lander, while China progresses toward its own goal of sending humans to the moon by 2030. It represents a major shift in NASA's lunar strategy, starting a new competitive juncture in the program for a crewed moon lander just two years before the scheduled landing date. Blue Origin is widely expected to compete for the mission, while Lockheed Martin has indicated it would convene an industry team to heed NASA's call. Starship, picked by NASA in 2021 under a contract now worth $4.4 billion, faces a 2027 moon landing deadline that agency advisers estimate could slip years behind schedule, citing competing priorities. Musk sees Starship as crucial to launching larger batches of Starlink satellites to space and eventually ferrying humans to Mars, among other missions. "They do remarkable things, but they're behind schedule," Duffy said of SpaceX's lunar lander work, adding President Donald Trump wants to see the mission take place before his White House term ends in January 2029.

Read more of this story at Slashdot.

YouTube and Gmail already running on both x86 and homebrew Axion silicon, 70,000 more apps in the conversion queue

Google has revealed it’s ported around 30,000 of its production packages to the Arm architecture and plans to convert them all so it can run workloads on both its own Axion silicon and x86 processors.…

An anonymous reader quotes a report from TechCrunch: WordPress co-founder and Automattic CEO Matt Mullenweg called the company's Tumblr acquisition his biggest failure -- but one he hasn't given up on yet. The comments were made at the recent WordCamp Canada 2025 conference, where Mullenweg went live for a Town Hall session to connect with the open source-focused WordPress community. The exec noted that Tumblr was still on a different technical stack than WordPress -- something he had intended to correct by migrating the back end to WordPress infrastructure. However, that massive undertaking was put on hold earlier this year, as the cost to move Tumblr's half-billion blogs would be difficult given that the blogging platform wasn't profitable and continues to be sustained by the profits of other Automattic products. The company has tried to trim costs with layoffs and the reallocation of Tumblr resources to more profitable parts of the business, but those efforts have yet to pay off. Mullenweg acknowledged these concerns at his Town Hall session, saying, "I need to switch [Tumblr] over to WordPress, but it's a big lift. It's over 500 million blogs, actually, and, as a business, it's costing so much more to run than it generates in revenue." As a result, Automattic had to prioritize other projects to make Tumblr sustainable, he said. "It's probably my biggest failure or missed opportunity right now, but we're still working on it," he added.

Read more of this story at Slashdot.

British Columbia is permanently banning new cryptocurrency mining operations from connecting to its power grid to conserve electricity for industries that generate more jobs and tax revenue. The province is also capping power allocations for AI and data centers, while launching a competitive allocation process in January 2026. CoinDesk reports: The move from the government of Canada's third-most populous province is part of a broader legislative and regulatory overhaul unveiled Monday [...]. "Government will also implement several regulatory and policy changes in fall 2025 that will ... permanently ban new BC Hydro connections to the electricity grid for cryptocurrency mining to preserve the province's electricity supply and avoid the overburdening of the electricity grid," the government said in a post on its website The province said the restrictions will help prevent grid strain and ensure industrial development is powered by clean electricity. "We're seeing unprecedented demand from traditional and emerging industries," Charlotte Mitha, the president and CEO of power utility BC Hydro, said in the web post. "The province's strategy empowers BC Hydro to manage this growth responsibly, keeping our grid reliable and our energy future clean and affordable." Crypto mining operations often consume large amounts of electricity without creating many local jobs or tax revenue, according to the statement. By contrast, projects like mines or liquefied natural gas (LNG) facilities are seen as more beneficial to the economy.

Read more of this story at Slashdot.

alternative_right shares a report from the Internet Archive: This October, the Internet Archive's Wayback Machine is projected to hit a once-in-a-generation milestone: 1 trillion web pages archived. That's one trillion memories, moments, and movements -- preserved for the public and available to access via the Wayback Machine. We'll be commemorating this historic achievement on October 22, 2025, with a global event: a party at our San Francisco headquarters and a livestream for friends and supporters around the world. More than a celebration, it's a tribute to what we've built together: a free and open digital library of the web.

Read more of this story at Slashdot.

joshuark shares a report from BleepingComputer: A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. The campaign employs "ClickFix" techniques where targets are tricked into executing commands in Terminal, infecting themselves with malware. Researchers at threat hunting company Hunt.io identified more than 85 domains impersonating the three platforms in this campaign [...]. When checking some of the domains, BleepingComputer discovered that in some cases the traffic to the sites was driven via Google Ads, indicating that the threat actor promoted them to appear in Google Search results. The malicious sites feature convincing download portals for the fake apps and instruct users to copy a curl command in their Terminal to install them, the researchers say. In other cases, like for TradingView, the malicious commands are presented as a "connection security confirmation step." However, if the user clicks on the 'copy' button, a base64-encoded installation command is delivered to the clipboard instead of the displayed Cloudflare verification ID.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: AI content has proliferated across the Internet over the past few years, but those early confabulations with mutated hands have evolved into synthetic images and videos that can be hard to differentiate from reality. Having helped to create this problem, Google has some responsibility to keep AI video in check on YouTube. To that end, the company has started rolling out its promised likeness detection system for creators. [...] The likeness detection tool, which is similar to the site's copyright detection system, has now expanded beyond the initial small group of testers. YouTube says the first batch of eligible creators have been notified that they can use likeness detection, but interested parties will need to hand Google even more personal information to get protection from AI fakes. Currently, likeness detection is a beta feature in limited testing, so not all creators will see it as an option in YouTube Studio. When it does appear, it will be tucked into the existing "Content detection" menu. In YouTube's demo video, the setup flow appears to assume the channel has only a single host whose likeness needs protection. That person must verify their identity, which requires a photo of a government ID and a video of their face. It's unclear why YouTube needs this data in addition to the videos people have already posted with their oh-so stealable faces, but rules are rules. After signing up, YouTube will flag videos from other channels that appear to have the user's face. YouTube's algorithm can't know for sure what is and is not an AI video. So some of the face match results may be false positives from channels that have used a short clip under fair use guidelines. If creators do spot an AI fake, they can add some details and submit a report in a few minutes. If the video includes content copied from the creator's channel that does not adhere to fair use guidelines, YouTube suggests also submitting a copyright removal request. However, just because a person's likeness appears in an AI video does not necessarily mean YouTube will remove it.

Read more of this story at Slashdot.

Why experience the web for yourself when there's so much privacy to surrender?

In a bid to grab even more eyeballs, OpenAI has finally released Atlas, its long-teased, ChatGPT-powered web browser. Surfing the web may never be the same now that a bot is doing it for you – while training itself at the same time.…

U.S. regulators have opened a new investigation into about 2,000 Waymo self-driving cars after reports that one of the company's robotaxis illegally passed a stopped school bus with flashing lights and children disembarking. Waymo says it's "already developed and implemented improvements related to stopping for school buses and will land additional software updates in our next software release." The company added "driving safely around children has always been one of Waymo's highest priorities. ... [Waymo] approached the school bus from an angle where the flashing lights and stop sign were not visible and drove slowly around the front of the bus before driving past it, keeping a safe distance from children." Reuters reports: NHTSA opened the investigation after a recent media report aired video of an incident in Georgia in which a Waymo did not remain stationary when approaching a school bus with its red lights flashing and stop arm deployed. The report said the Waymo vehicle initially stopped then maneuvered around the bus, passing the extended stop arm while students were disembarking. Waymo's automated driving system surpassed 100 million miles of driving in July and is logging 2 million miles per week, the agency said. "Based on NHTSA's engagement with Waymo on this incident and the accumulation of operational miles, the likelihood of other prior similar incidents is high," the agency said. NHTSA said the vehicle involved was equipped with Waymo's fifth-generation Automated Driving System and was operating without a human safety driver at the time of the incident.

Read more of this story at Slashdot.

The German Koblenz Regional Court has banned the internet service provider 1&1 from marketing its fiber-to-the-curb service as fiber-optic DSL. The court found that the company misled customers because its network uses copper cables for the final stage of connections, sometimes extending up to a mile from the distribution box to subscribers' homes. Customers who visited the ISP's website and checked connection availability received a notification stating that a "1&1 fiber optic DSL connection" was available, even though fiber optic cables terminate at street-level distribution boxes or building service rooms. The company pairs the copper lines with vectoring technology to boost DSL speeds to 100 megabits per second. The Federation of German Consumer Organizations filed the lawsuit. Ramona Pop, the organization's chairperson, said that anyone who promises fiber optics but delivers only DSL is deceiving customers.

Read more of this story at Slashdot.