"A fierce dust storm hit the Black Rock Desert on the eve of its annual Burning Man festival," reports the San Francisco Chronicle, "causing at least four minor injuries and damaging campsites that had been set up early." [Alternate URL]

"Winds of up to 50 mph stirred up the lake bed's alkaline dust so ferociously that participants in the annual art and culture festival reported not being able to see beyond a foot... "

The dust storm arrived Saturday evening after strong thunderstorms in the Sierra Nevada drifted off the mountains and whipped up strong winds in the Nevada desert... At 5:14 p.m. Saturday, the weather service issued a dust storm advisory for Black Rock City and warned of "a wall of blowing dust coming off the Smoke Creek and Black Rock Desert playa areas is tracking northward at around 30 mph." The agency warned of visibility less than 1 mile and wind gusts exceeding 45 mph. A weather station at Black Rock City Airport measured gusts up to 52 mph at 5:50 p.m... ["We saw structures being ripped and torn down by the wind speeds even though we buttoned everything down as best as we could..." one Burner told the Chronicle.] Camp residents posted a slew of videos to social media featuring dust tornadoes, destroyed campsites, and fellow campers struggling to hold onto bucking canvases as the wind threatened to rip them away. "Every popup canopy I've seen has been destroyed," one Burner wrote on Reddit... ["Make sure you carry your particle/dust mask and goggles with you when you venture out on playa!" warns Burning Man's official weather page.]

Even after Saturday's storm, Burners won't be out of the woods from hazardous weather. The weather service warned of possible monsoon thunderstorms and heavy rain Sunday through Wednesday, raising concerns that this year's festival could echo disastrous 2023 conditions, when heavy storms stranded tens of thousands of attendees amid thick mud. "It's becoming increasingly likely that we could see an even greater flash flood threat," the weather service wrote in an online forecast. "If you're on the playa at the Black Rock Desert, you may very well be in for a muddy mess Monday through Wednesday." Slow-moving storms could drop an inch of rain or more in a short period.

"Still, gates to the festival had opened by Sunday morning," the article adds, "with organizers cautioning new arrivals to 'drive safely!'"

Burning Man's official weather page currently links to a National Weather Service page with a "Flood Watch" warning through 9 p.m. Sunday, and also predicting a chance of thunderstorms on Sunday and Monday.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/25/0027216/burning-man-hit-by-50-mph-dust-storm-possible-monsoon-thunderstorms-forecast?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

After the Tea dating-advice app leaked information on its users, the BBC found two online maps "purporting to represent the locations of women who had signed up for Tea... showing 33,000 pins spread across the United States." The maps were hosted on Google Maps. (Notified by the BBC, Google deleted the maps, saying they violated their harassment policies.)

"Since the breach, more than 10 women have filed class actions against the company which owns Tea," the article points out, noting that leaked content is also spreading around social media:

Since the breach, the BBC has found websites, apps and even a "game" featuring the leaked data... The "game" puts the selfies submitted by women head-to-head, instructing users to click on the one they prefer, with leaderboards of the "top 50" and "bottom 50"... [And one researcher calculates more than 12,000 posts on 4Chan referenced the Tea app over the three weeks after the leak.]

It is unsurprising that the leak was exploited. The app had drawn criticism ever since it had grown in popularity. Defamation, with the spread of unproven allegations, and doxxing, when someone's identifying information is published without their consent, were real possibilities. Men's groups had wanted to take the app down — and when they found the data breach, they saw it as a chance for retribution.

They weren't the only ones with a gripe against Tea. Back in 2023 the fiance of Tea's CEO founder approached the administrator of a collection of Facebook groups called "Are We Dating the Same Guy?" to see if she'd be the "face" of the Tea app, reports 404 Media. But they add that after Tea failed to recruit her, Tea "shifted tactics" to raid her Facebook groups instead:
Tea paid influencers to undermine Are We Dating the Same Guy and created competing Facebook groups with nearly identical names. 404 Media also identified a number of seemingly hijacked Facebook accounts that spammed the real Are We Dating The Same Guy groups with links to Tea app.
Reviews for the Tea app show several women later thought the app was affiliated with their trusted Facebook groups, the reporter said this week on a 404 Media podcast.
And they add that founder Sean Cook took over the "Tara" personna that his fiance has used for technical support. "So he's on the app pretend to be a woman, talking to other women who are on the app in order to weed out men who are being deceptive..."
Thanks to Slashdot reader samleecole for sharing the article.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/24/2227258/after-tea-leak-33000-womens-addresses-were-purportedly-mapped-on-google-maps?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"The truly universal properties of languages are not independent of our physiology and cognition," argues the co-author of a new study. Instead he says their research "strengthens the idea that intonation units are a universal feature of language."

Phys.org explains:

Have you ever noticed that a natural conversation flows like a dance — pauses, emphases, and turns arriving just in time? A new study has discovered that this isn't just intuition; there is a biological rhythm embedded in our speech...

According to the study, led by Dr. Maya Inbar, alongside Professors Eitan Grossman and Ayelet N. Landau, human speech across the world pulses to the beat of what are called intonation units, short prosodic phrases that occur at a consistent rate of one every 1.6 seconds. The research analyzed over 650 recordings in 48 languages spanning every continent and 27 language families. Using a novel algorithm, the team was able to automatically identify intonation units in spontaneous speech, revealing that regardless of the language spoken, from English and Russian to endangered languages in remote regions, people naturally break their speech into these rhythmic chunks. "These findings suggest that the way we pace our speech isn't just a cultural artifact, it's deeply rooted in human cognition and biology," says Dr. Inbar.

"We also show that the rhythm of intonation units is unrelated to faster rhythms in speech, such as the rhythm of syllables, and thus likely serves a different cognitive role...." Most intriguingly, the low-frequency rhythm they follow mirrors patterns in brain activity linked to memory, attention, and volitional action, illuminating the profound connection between how we speak and how we think.

The work is published in the journal Proceedings of the National Academy of Sciences.

[ Read more of this story ]( https://science.slashdot.org/story/25/08/24/1920233/a-universal-rhythm-guides-how-we-speak-global-analysis-reveals-16-second-units?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"The ultimate test of climate projections is to compare them with what has played out..." says earth sciences professor Torbjörn Törnqvist, lead author on a new study published in the open-access journal Earth's Future (published by the American Geophysical Union).

But after "decades of observations," he says his researchers "were quite amazed how good those early projections were, especially when you think about how crude the models were back then, compared to what is available now."

"For anyone who questions the role of humans in changing our climate, here is some of the best proof that we have understood for decades what is really happening, and that we can make credible projections...."

A new era of monitoring global sea-level change took off when satellites were launched in the early 1990s to measure the height of the ocean surface. This showed that the rate of global sea-level rise since that time has averaged about one eighth of an inch per year. Only more recently, it became possible to detect that the rate of global sea-level rise is accelerating. When NASA researchers demonstrated in October 2024 that the rate has doubled during this 30-year period, the time was right to compare this finding with projections that were made during the mid-1990s, independent of the satellite measurements.

In 1996, the Intergovernmental Panel on Climate Change published an assessment report soon after the satellite-based sea-level measurements had started. It projected that the most likely amount of global sea-level rise over the next 30 years would be almost 8 centimeters (3 inches), remarkably close to the 9 centimeters that has occurred.

But it also underestimated the role of melting ice sheets by more than 2 centimeters (about 1 inch). At the time, little was known about the role of warming ocean waters and how that could destabilize marine sectors of the Antarctic Ice Sheet from below. Ice flow from the Greenland Ice Sheet into the ocean has also been faster than foreseen.

"The findings provide confidence in model-based climate projections," according to the paper. Again, its two key points:

The largest disparities between projections and observations were due to underestimated dynamic mass loss of ice sheets

Comparison of past projections with subsequent observations gives confidence in future climate projections
Thanks to Slashdot reader Mr. Dollar Ton for sharing the news.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/24/1745208/30-years-of-satellite-data-confirm-predictions-from-early-models-of-sea-level-rise?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован выпуск дистрибутива CachyOS 250824, основанного на пакетной базе Arch Linux и применяющего непрерывную модель доставки обновлений. Дистрибутив примечателен включением оптимизаций для повышения производительности и предоставлением возможности установки различных сред рабочего стола. Помимо базового окружения на основе KDE для установки доступны GNOME, Xfce, i3WM, Wayfire, LXQT, OpenBox, Cinnamon, Cosmic, Niri, UKUI, LXDE, Mate, Budgie, Qtile, Hyprland и Sway. Размер установочного iso-образа 3 ГБ. Отдельно поставляются сборки (2.8 ГБ) для носимых устройств (Handheld Edition) с интерфейсом в стиле GameMode и компонентами для любителей компьютерных игр.

https://www.opennet.ru/opennews/art.shtml?num=63770

"Delta Air Lines Flight 1334 was flying from Atlanta to Fort Lauderdale last month when smoke and flames started pouring out of a backpack," reports CNN. "The pilots declared an emergency and diverted to Fort Meyers where the 191 people onboard safely evacuated."

The culprit was a passenger's personal lithium-ion battery pack, which had been tucked away in the carry-on bag. At the FAA's William J. Hughes Technical Center for Advanced Aerospace in Atlantic City, New Jersey, fire safety engineers research and demonstrate just how bad it can be. "Lithium batteries can go into what's called thermal runaway," Fire Safety Branch Manager Robert Ochs, explained. "All of a sudden, it'll start to short circuit ... It will get warmer and warmer and warmer until the structure of the battery itself fails. At that point, it can eject molten electrolyte and flames and smoke and toxic gas...."

These thermal runaways are difficult to fight. The FAA recommends flight attendants first use a halon fire extinguisher, which is standard equipment on planes, but that alone may not be enough. In the test performed for CNN, the flames sprung back up in just moments... "Adding the water, as much water from the galley cart, non-alcoholic liquids, everything that they can get to just start pouring on that device." The problems are not new, but more batteries are being carried onto planes than ever before. Safety organization UL Standards and Engagement says today an average passenger flies with four devices powered by lithium-ion batteries. "The incidents of fire are rare, but they are increasing. We're seeing as many as two per week, either on planes or within airports," Jeff Marootian, the president and CEO of the organization, told CNN...

[T]he latest federal data shows external battery packs are the top cause of incidents, and as a result the FAA has banned them from checked baggage where they are harder to extinguish. But despite all of the warnings, UL Standards and Engagement says two in five passengers still say they check them.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/08/24/1653202/flames-smoke-toxic-gas-the-danger-of-battery-fires-on-planes?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Представлен выпуск проекта 86Box 5.0, развивающего эмулятор систем на базе архитектуры x86, при помощи которого можно запускать старые операционные системы и приложения, включая те, что применялись в начале 1980-годов на компьютерах IBM PC 5150 и IBM PS/2. Поддерживается точная низкоуровневая эмуляция систем, начиная с процессоров 8086 и заканчивая Intel Сeleron Mendocino. Код проекта на писан на языке C и распространяется под лицензией GPLv2.

https://www.opennet.ru/opennews/art.shtml?num=63769

The mysterious X-37B space-plane — the U.S. military's orbital test vehicle — "serves partly as a platform for cutting-edge experiments," writes Space.com

And "one of these experiments is a potential alternative to GPS that makes use of quantum science as a tool for navigation: a quantum inertial sensor."

This technology could revolutionize how spacecraft, airplanes, ships and submarines navigate in environments where GPS is unavailable or compromised. In space, especially beyond Earth's orbit, GPS signals become unreliable or simply vanish. The same applies underwater, where submarines cannot access GPS at all. And even on Earth, GPS signals can be jammed (blocked), spoofed (making a GPS receiver think it is in a different location) or disabled — for instance, during a conflict... Traditional inertial navigation systems, which use accelerometers and gyroscopes to measure a vehicle's acceleration and rotation, do provide independent navigation, as they can estimate position by tracking how the vehicle moves over time... Eventually though, without visual cues, small errors will accumulate and you will entirely lose your positioning...

At very low temperatures, atoms obey the rules of quantum mechanics: they behave like waves and can exist in multiple states simultaneously — two properties that lie at the heart of quantum inertial sensors. The quantum inertial sensor aboard the X-37B uses a technique called atom interferometry, where atoms are cooled to the temperature of near absolute zero, so they behave like waves. Using fine-tuned lasers, each atom is split into what's called a superposition state, similar to Schrödinger's cat, so that it simultaneously travels along two paths, which are then recombined.
Since the atom behaves like a wave in quantum mechanics, these two paths interfere with each other, creating a pattern similar to overlapping ripples on water. Encoded in this pattern is detailed information about how the atom's environment has affected its journey. In particular, the tiniest shifts in motion, like sensor rotations or accelerations, leave detectable marks on these atomic "waves". Compared to classical inertial navigation systems, quantum sensors offer orders of magnitude greater sensitivity. Because atoms are identical and do not change, unlike mechanical components or electronics, they are far less prone to drift or bias. The result is long duration and high accuracy navigation without the need for external references.
The upcoming X-37B mission will be the first time this level of quantum inertial navigation is tested in space.
The article points out that a quantum navigation system could be crucial "for future space exploration, such as to the Moon, Mars or even deep space," where autonomy is key and when signals from Earth are unavailable.

"While quantum computing and quantum communication often steal headlines, systems like quantum clocks and quantum sensors are likely to be the first to see widespread use."

[ Read more of this story ]( https://science.slashdot.org/story/25/08/24/025222/americas-secretive-x-37b-space-plane-will-test-a-quantum-alternative-to-gps-for-the-us-space-force?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

20 августа состоялся первый публичный выпуск кроссплатформенного плагина для Qt Creator [ llama.qtcreator ]( https://github.com/cristianadam/llama.qtcreator ) .
Плагин предназначен для автодополнения текста с помощью локальных LLM-моделей с использованием сервера [ llama.cpp ]( https://github.com/ggml-org/llama.cpp ) .

( [ читать дальше... ]( https://www.linux.org.ru/news/development/18058283#cut ) )

Проект Wine [ опубликовал ]( https://www.winehq.org/news/2025082101 ) выпуск пакета [ vkd3d 1.17 ]( https://source.winehq.org/git/vkd3d.git ) с реализацией Direct3D 12, работающей через трансляцию вызовов в графический API Vulkan. В состав пакета входят библиотеки libvkd3d с реализаций Direct3D 12, libvkd3d-shader c транслятором 4 и 5 модели шейдеров и libvkd3d-utils с функциями для упрощения портирования приложений Direct3D 12, а также набор демонстрационных примеров, включая порт glxgears на Direct3D 12. Код проекта распространяется под лицензией [ LGPLv2.1 ]( https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html ) .

Библиотека libvkd3d [ поддерживает ]( https://source.winehq.org/git/vkd3d.git/blob_plain/vkd3d-1.17:/ANNOUNCE ) большую часть возможностей Direct3D 12, включая средства для графики и вычислений, очереди и списки команд, дескрипторы и дескрипторы кучи, корневые сигнатуры, неупорядоченный доступ, Sampler-ы, сигнатуры команд, корневые константы, непрямую (indirect) отрисовку, методы Clear*() и Copy*(). В libvkd3d-shader реализована трансляция байт-кода моделей шейдеров в промежуточное представление SPIR-V. Поддерживаются вершинные, пиксельные, тесселяционные, вычислительные и простые геометрические шейдеры, сериализация и десериализация корневой сигнатуры. Из шейдерных инструкций реализованы арифметические, атомарные и битовые операции, операторы сравнения и управления потоком передачи данных, инструкции sample, gather и load, операции неупорядоченного доступа (UAV, Unordered Access View).

В [ новой версии ]( https://gitlab.winehq.org/wine/vkd3d/-/releases/vkd3d-1.17 ) :

• В реализацию языка шейдеров HLSL добавлена начальная поддержка разделяемой памяти групп потоков, расширена поддержка геометрических шейдеров, добавлен парсер для ресурсов StructuredBuffer.

• Продолжено развитие реализации языка шейдеров MSL (Metal Shading Language), применяемого компанией Apple в графическом API Metal. Например, в MSL добавлена поддержка циклов, косвенной адресации постоянных буферов, сэмплинга текстур и различных операций целочисленной арифметики и сравнения.

• В библиотеке libvkd3d в реализацию программного интерфейса ID3D12Device5 добавлен метод EnumerateMetaCommands().

• Добавлен новый тип шейдеров «tx» (VKD3D_SHADER_SOURCE_TX), используемый для загрузки шейдеров обработки текстур.

https://www.linux.org.ru/news/opensource/18058593

The BBC reports a growing trend in music: "for established (but not superstar) artists to be targeted by fake albums or songs that suddenly appear on their pages on Spotify and other streaming services."

Even dead musicians have had AI-generated "new" material added to their catalogues... According to music industry analysts Luminate, about 99,000 songs are uploaded to streaming services every day, usually via dozens of distribution services, which ask the uploader to submit the artist's details. If that information is incorrect, and a song wrongly gets listed under an existing artist's name, it's down to them or their label to complain and get it removed.
Spotify took three weeks to remove fakes of folk singer/songwriter Emily Portman, according to the article, "and she still hasn't regained control of her Spotify artist profile... Considering how the streaming era has already made a big dent in many artists' incomes, Emily Portman says this affair has felt like a "very low blow"... She suspects independent artists are being targeted because star names have more protection and more power to get fraudulent releases removed swiftly."

But it's also happened to "a number of Americana and folk-rock artists who have had fake tracks posted using their names in recent weeks — apparently all from the same source," including Wilco frontman Jeff Tweedy, J Tillman (now known as Father John Misty), Sam Beam (aka Iron & Wine), Teddy Thompson and Jakob Dylan:

All the releases used the same style of AI artwork and were credited to three record labels, two with apparently Indonesian names. Many listed the same name as a songwriter — Zyan Maliq Mahardika. That name has also been credited on other songs mimicking real US Christian musicians and metalcore bands. Spotify said it had flagged the issue with the distributor and removed these tracks as they "violated our policy against impersonating another person or brand." It added it would "remove any distributor who repeatedly allows this type of content on our platform"....

Tatiana Cirisano from media and technology analysis company Midia Research says AI is "making it easier for fraudsters" to fool listeners, who are also more "passive" in the algorithmic age. She thinks bad actors posing as real-life artists are hoping their fraudulent tracks will "rack up enough streams" — hundreds of thousands — to earn them a nice payday. "I would think that the AI fakes are targeting lesser-known artists in the hopes that their schemes fly under the radar, compared to if they were to target a superstar who could immediately get Spotify on the line," she notes.

But streaming services and distributors are "working hard" and getting better at spotting it, she stresses, "ironically, also by using AI and machine learning!

[ Read more of this story ]( https://entertainment.slashdot.org/story/25/08/24/0413234/music-services-caught-streaming-ai-generated-albums-impersonating-real-singers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Archer Aviation is "the official air taxi partner" of the 2028 Olympic Games in Los Angeles, Electrek reported in May. In June it entered "a key development phase ahead of full-fledged flight certification and commercial operations" by completing a piloted flight in its flagship Midnight aircraft, "demonstrating a conventional takeoff and landing instead of vertical (it can do both)."

During that flight, which took place in the skies above Salinas, California, the eVTOL achieved a top speed of 125 mph and a maximum altitude of 1,500 feet above ground level. Most recently, Archer has taken its Midnight eVTOL above Salinas again, achieving its longest flight to date. Per Archer, the recent successful flight in California lasted 31 minutes, and the piloted Midnight eVTOL traveled 55 miles — the company's longest recorded flight yet with a pilot onboard... [Again with speeds exceeding 125 mph]

United Airlines CFO Mike Leskinen, who led the airline's early investment in Archer Aviation, was present at the test facility to witness the milestone flight. Leskinen congratulated the Archer team on its longest eVTOL flight and expressed his satisfaction with the Midnight aircraft's quiet operation.
Their aircraft even "reached speeds of nearly 150 miles per hour" the week before, according to Archer's announcement. They're calling it another milestone "as the company advances toward FAA certification in the U.S. and near-term commercialization in the United Arab Emirates."

And Archer's Founder/CEO said crossing the 50-mile mark at speed "is another clear step toward commercialization that shows the maturity of our program."

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/24/0124257/a-future-air-taxi-archers-electric-evtol-flies-55-miles-in-31-minutes?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Good news, everyone! The new version of Mozilla's browser now makes even more extensive use of AI," writes the Register, "providing summaries of linked content and offering developers the ability to add LLM support to extensions."

Firefox 142 brings some visible shininess, but due to the combination of regional restrictions and Mozilla's progressive rollout system, not everybody can see all the features just yet... Not geofenced but subject to phased rollout are link previews, for various native-English-speaking regions. Hover over, long-press, or right-click a link and pick Preview Link, and a summary should appear. Mozilla's summary says: "Previews can optionally include AI-generated key points, which are processed on your device to protect your privacy."

"Link Previews is gradually rolling out to ensure performance and quality," Firefox says in their release notes, "and is now available in en-US, en-CA, en-GB, en-AU for users with more than 3 GB of available RAM." (The notes also add a welcome for "the developers who contributed their first code change to Firefox in this release, 20 of whom were brand new volunteers!")

The Register notes that Firefox 142 also gives developers the ability to add LLM support to extensions using wllama, a Wasm binding interfacing with llama.cpp, which lets you run Meta's Llama LLM and other models, locally or in the cloud.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/24/0547251/firefox-142s-link-previews-have-a-new-option-ai-generated-summaries?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

На конференции DEF CON 33 [ представлен ]( https://marektoth.com/blog/dom-based-extension-clickjacking ) метод атаки на браузерные дополнения, подставляющие свои элементы интерфейса в просматриваемую страницу. Применение атаки к дополнениям с менеджерами паролей может привести к утечке хранимой в менеджерах паролей информации, такой как параметры аутентификации, параметры кредитных карт, персональные данные и одноразовые пароли для двухфакторной аутентификации. Проблема затрагивает все протестированные менеджеры паролей, включая 1Password, Bitwarden, LastPass, KeePassXC-Browser, NordPass, ProtonPass и Keeper.

( [ читать дальше... ]( https://www.linux.org.ru/news/security/18058293#cut ) )

The Hill reports:
Russian state-sponsored hackers have targeted thousands of networking devices associated with U.S. critical infrastructure sectors over the past year, the FBI warned Wednesday. The cyber actors are associated with the Russian Federal Security Service's (FSB) Center 16 and have taken aim at a vulnerability in certain Cisco devices, according to an agency public service announcement.

In some cases, hackers have been able to modify configuration files to enable unauthorized access, which they have used to conduct reconnaissance on networks. This has "revealed their interest in protocols and applications commonly associated with industrial control systems," the FBI said.

Cisco's threat intelligence research arm, Talos, explained in a separate advisory that a subcluster of this group, which it has named "Static Tundra," is targeting a seven-year-old vulnerability in the company's Smart Install feature. The firm has offered a patch for the vulnerability, but it remains a problem in unpatched and end-of-life network devices, it warned.

"Once they establish initial access to a network device, Static Tundra will pivot further into the target environment, compromising additional network devices and establishing channels for long-term persistence and information gathering," warns the Talos blog. "This is demonstrated by the group's ability to maintain access in target environments for multiple years without being detected."

In a statement emailed to The Register, a Cisco spokesperson "said the company is aware of ongoing exploitation targeting this flaw."

"We strongly urge customers to immediately upgrade to fixed software versions as outlined in the security advisory and follow our published security best practices," the spokesperson said, directing customers to the FBI's announcement and Cisco Talos blog for additional details.

The ongoing campaign targets telecommunications, higher education, and manufacturing organizations across North America, Asia, Africa, and Europe, "with victims selected based on their strategic interest to the Russian government," according to Talos researchers Sara McBroom and Brandon White. "We assess that the purpose of this campaign is to compromise and extract device configuration information en masse, which can later be leveraged as needed based on then-current strategic goals and interests of the Russian government," McBroom and White wrote.

And while both security alerts focus on the FSB's latest round of network intrusions, "many other state-sponsored actors also covet the access these devices afford," the Talos team warned. "Organizations should be aware that other advanced persistent threats (APTs) are likely prioritizing carrying out similar operations as well."

Some context from Hot Hardware:
Cisco indicated in its advisory that "Only Smart Install client switches are affected by the vulnerability". The list of affected devices is in Table A-1 here. For a successful attack, hackers exploit a vulnerability tracked as CVE-2018-0171. This was a vulnerability that was patched way back in 2018.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/24/0638238/fbi-warns-russian-hackers-targeted-thousands-of-critical-us-infrastructure-it-systems?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

На конференции DEF CON 33 представлен метод атаки на браузерные дополнения, подставляющие свои элементы интерфейса в просматриваемую страницу. Применение атаки к дополнениям с менеджерами паролей может привести к утечке хранимой в менеджерах паролей информации, такой как параметры аутентификации, параметры кредитных карт, персональные данные и одноразовые пароли для двухфакторной аутентификации. Проблема затрагивает все протестированные менеджеры паролей, включая 1Password, Bitwarden, LastPass, KeePassXC-Browser, NordPass, ProtonPass и Keeper.

https://www.opennet.ru/opennews/art.shtml?num=63754

The Atlantic reports some YouTube users noticed their uploaded videos have since "been subtly augmented, their appearance changing without their creators doing anything..."

"For creators who want to differentiate themselves from the new synthetic content, YouTube seems interested in making the job harder."

When I asked Google, YouTube's parent company, about what's happening to these videos, the spokesperson Allison Toh wrote, "We're running an experiment on select YouTube Shorts that uses image enhancement technology to sharpen content. These enhancements are not done with generative AI." But this is a tricky statement: "Generative AI" has no strict technical definition, and "image enhancement technology" could be anything. I asked for more detail about which technologies are being employed, and to what end. Toh said YouTube is "using traditional machine learning to unblur, denoise, and improve clarity in videos," she told me. (It's unknown whether the modified videos are being shown to all users or just some; tech companies will sometimes run limited tests of new features.)

While running this experiment, YouTube has also been encouraging people to create and post AI-generated short videos using a recently launched suite of tools that allow users to animate still photos and add effects "like swimming underwater, twinning with a lookalike sibling, and more." YouTube didn't tell me what motivated its experiment, but some people suspect that it has to do with creating a more uniform aesthetic across the platform. As one YouTube commenter wrote: "They're training us, the audience, to get used to the AI look and eventually view it as normal."

Google isn't the only company rushing to mix AI-generated content into its platforms. Meta encourages users to create and publish their own AI chatbots on Facebook and Instagram using the company's "AI Studio" tool. Last December, Meta's vice president of product for generative AI told the Financial Times that "we expect these AIs to actually, over time, exist on our platforms, kind of in the same way that [human] accounts do...."

This is an odd turn for "social" media to take. Platforms that are supposedly based on the idea of connecting people with one another, or at least sharing experiences and performances — YouTube's slogan until 2013 was "Broadcast Yourself" — now seem focused on getting us to consume impersonal, algorithmic gruel.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/23/0836256/youtubes-sneaky-ai-experiment-is-social-media-embracing-ai-generated-content?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

TOP10 VISITORS:

[1] 37.252.14.x point=144 web=0 up=24.9MB (57%) <--- ake (6/hr)
[2] PetalBot point=0 web=1020 up=6.0MB (13%)
[3] 144.76.33.x point=0 web=93 up=4.3MB (9%)
[4] 216.73.216.x point=0 web=123 up=2.1MB (4%)
[5] Google point=0 web=282 up=2.0MB (4%)
[6] Amazon point=0 web=83 up=1.7MB (3%)
[7] 217.114.158.x point=24 web=0 up=0.9MB (1%) <--- fox (1/hr)
[8] TikTok point=1 web=42 up=0.5MB (1%) <--- TikTok
[9] Facebook point=0 web=16 up=0.3MB (<1%)
[10] 104.28.211.x point=0 web=31 up=0.2MB (<1%)

TOTAL TRAFFIC: 43MB

"Google has confirmed that its Battery Health Assistance feature can't be turned off on the Pixel 10 phones," reports Android Authority:

Google introduced a Battery Health Assistance feature on the Pixel 9a earlier this year. This feature gradually drops your phone's charging speed and battery voltage in the name of battery health. This tool is mandatory on the Pixel 9a but optional on other Pixel phones. However, there's bad news for the Pixel 10 series. Google confirmed to Android Authority that Battery Health Assistance is mandatory on the Pixel 10 series and can't be disabled. That means your phone's charging speed and effective battery life will drop over time...

All smartphone batteries degrade over time, resulting in shorter and shorter endurance. Google says the Pixel 8a and newer Pixel phones can withstand 1,000 charging cycles before their batteries drop down to 80% effective capacity. However, this Battery Health Assistance feature essentially reduces the phone's battery capacity over and above standard degradation. This is particularly disappointing as users aren't given a choice in the matter.

It's also disappointing as some rival smartphone makers address battery health concerns by offering more durable batteries. For example, Samsung's top phones can withstand 2,000 charging cycles before dropping down to 80% effective capacity, while OnePlus and OPPO's lithium-ion batteries offer 1,600 cycles before reaching 80% capacity. So there likely wouldn't be a need for a Battery Health Assistance tool if Google's batteries had similar longevity.

"The issue also comes after several older Pixel A series models suffered from major battery issues in 2025..."

[ Read more of this story ]( https://hardware.slashdot.org/story/25/08/24/038259/will-googles-battery-health-assistant-throttle-your-pixel-10s-battery?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Solar and wind accounted for almost 91% of new U.S. electrical generating capacity added in the first five months of 2025..." reports Electrek, citing new data from America's Federal Energy Regulatory Commission.

"Solar has now been the largest source of new generating capacity added each month for 21 consecutive months, starting September 2023."

The 11,518 MW of solar added during the first five months of 2025 was 75.3% of the total new capacity placed into service... Between January and May, new wind provided 2,379 MW of capacity additions, accounting for 15.6% of all new capacity added during the first five months of 2025. For the first five months of 2025, solar and wind comprised 90.9% of new capacity while natural gas (1,381 MW) provided just 9.0%; the remaining 0.1% came from oil (14 MW). Solar + wind are 22.9% of U.S. utility-scale generating capacity.

The installed capacities of solar (11.1%) and wind (11.8%) are now each more than a tenth of the U.S. total. Taken together, they constitute 22.9% of the U.S.'s total available installed utility-scale generating capacity. At least 25-30% of U.S. solar capacity is in the form of small-scale (e.g., rooftop) systems that are not reflected in FERC's data. Including that additional solar capacity would bring the share provided by solar + wind to more than a quarter of the U.S. total. With the inclusion of hydropower (7.7%), biomass (1.1%), and geothermal (0.3%), renewables currently claim a 32.0% share of total US utility-scale generating capacity. If small-scale solar capacity is included, renewables are now about one-third of total US generating capacity....

Taken together, the net new "high probability" capacity additions by all renewable energy sources over the next three years — the bulk of the Trump Administration's remaining time in office — would total 113,097 MW. There is no new nuclear capacity in FERC's three-year forecast, while coal and oil are projected to contract by 24,913 MW and 1,907 MW, respectively... If FERC's current "high probability" additions materialize by May 1, 2028, solar will account for 16.7% of US installed utility-scale generating capacity. Wind would provide an additional 12.7% of the total. Thus, each would be greater than coal (12.2%) and substantially more than nuclear power or hydropower (each 7.2%). In fact, assuming current growth rates continue, the installed capacity of utility-scale solar is likely to surpass that of either coal or wind within two years...
At the end of 2024, the mix of all renewables accounted for 30.96% of total generating capacity. Solar alone was 10.19% while wind was 11.68%. By the end of May, renewables' share had risen to 31.98% with solar at 11.13% and wind at 11.80%.

FERC also says that 43 "units" of solar totaling 1,515 megawatts (MW) were placed into service in May, according to the article, "accounting for 58.7% of all new generating capacity added during the month."

[ Read more of this story ]( https://news.slashdot.org/story/25/08/24/0022205/solar-energy-was-americas-largest-source-of-new-energy-for-21-straight-months?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The U.S. government's 10% stake in Intel "is a mistake," writes the Washington Post's editorial board, calling Intel "an aging also-ran in critical markets" that "has spent recent years stumbling on execution and missing one strategic opportunity after another."

But TechCrunch points out that the U.S. government "does not appear to be committing new funds. Instead, it's simply making good on what Intel described as 'grants previously awarded, but not yet paid, to Intel.'"

Specifically, the $8.9 billion is supposed to come from $5.7 billion awarded-but-not-paid to Intel under the Biden administration's CHIPS Act, as well as $3.2 billion also awarded by the Biden administration through the Secure Enclave program. In a post on his social network Truth Social, Trump wrote, "The United States paid nothing for these shares..." Trump has been critical of the CHIPS Act, calling it a "horrible, horrible thing" and calling on House Speaker Mike Johnson to "get rid" of it...

According to The New York Times, some bankers and lawyers believe the CHIPS Act may not allow the government to convert its grants to equity, opening this deal to potential legal challenges.

Reuters writes that the money "will not be enough for its contract-chipmaking business to flourish, analysts said. Intel still needs external customers for its cutting-edge 14A manufacturing process to go to production, says Summit Insights analyst Kinngai Chan, "to make its foundry arm economically viable."

"We don't think any government investment will change the fate of its foundry arm if they cannot secure enough customers..."

Reuters has reported that Intel's current 18A process — less advanced than 14A — is facing problems with yield, the measure of how many chips printed are good enough to make available to customers. Large chip factories including TSMC swallow the cost of poor yields during the first iterations of the process when working with customers like Apple. For Intel, which reported net losses for six straight quarters, that's hard to do and still turn a profit. "If the yield is bad then new customers won't use Intel Foundry, so it really won't fix the technical aspect of the company," said Ryuta Makino, analyst at Gabelli Funds, which holds Intel stock.

Makino, who believes that Intel can ultimately produce chips at optimal yields, views the deal as a net negative for Intel compared with just receiving the funding under the CHIPS Act as originally promised under the Biden Administration. "This isn't free money," he said. The federal government will not take a seat on Intel's board and has agreed to vote with the company's board on matters that need shareholder approval, Intel said. But this voting agreement comes with "limited exceptions" and the government is getting Intel's shares at a 17.5% discount to their closing price on Friday. The stake will make the U.S. government Intel's biggest shareholder, though neither Trump nor Intel disclosed when the transaction would happen...

Some analysts say Intel could benefit from the government's support, including in building out factories. Intel has said it is investing more than $100 billion to expand its U.S. factories and expects to begin high-volume chip production later this year at its Arizona plant. "To have access to capital and a new partial owner that wants to see you succeed are both important," said Peter Tuz, president of Chase Investment Counsel.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/08/23/1851227/intels-new-funding-came-from-already-awarded-grants-so-what-happens-next?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Last weekend New Zealand experienced an hour-long air traffic control failure that disrupted flights, leaving five plans circling and four others unable to take off, according to Radio New Zealand.

The country's sole air traffic service provider, Airways, now says it was caused by a software glitch when flight data was unable to be transferred between systems:
[Airways chief executive James Young told Morning Report] "We noticed that was not occurring as it should and as a result of that our air traffic controllers took measures to manage traffic, either by holding on the ground or in an air hold." Airways operated a modern air traffic control system that involved back up systems but Young said they were not instantaneous and it took time to validate flight information data.

"At no point did we lose control of all aircraft. We were able to communicate with all aircraft and we had line of sight of all aircraft," Young said. He said flights in the New Zealand air space were held, put into a hold with two eventually continuing on and three returning to origin... "What we couldn't do was process any changes to the flight path during the period of the outage, which lasted for about one hour."
Thanks to Slashdot reader twosat for sharing the news.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/23/046230/new-zealand-air-traffic-control-failure-likely-caused-by-data-transfer-issue?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Only a tiny fraction of the more than 7,000 languages on Earth are supported by artificial intelligence models," reported SiliconANGLE this week. So Nvidia announced "a massive new AI-ready dataset and models to support the development of high-quality AI translation for European languages."

The new dataset, named Granary, is a massive open-source corpus of multilingual audio, including more than a million hours of audio, plus 650,000 hours of speech recognition and 350,000 hours of speech translation. Nvidia's speech AI team collaborated with researchers from Carnegie Mellon University and Fondazione Bruno Kessler to process unlabeled audio and public speech data into information usable for AI training... Granary includes 25 European languages, representing nearly all of the European Union's 24 official languages, plus Russian and Ukrainian. The dataset also contains languages with limited available data, such as Croatian, Estonian and Maltese. This is critically important because providing these underrepresented human-annotated datasets will enable developers to create more inclusive speech technologies for audiences who speak those languages, while using less training data in their AI applications and models... The team demonstrated in their research paper that, compared to other popular datasets, it takes around half as much Granary training data to achieve high accuracy for automatic speech recognition and automatic speech translation.

Alongside Granary, Nvidia also released new Canary and Parakeet models to demonstrate what can be created with the dataset... The new Canary is available under a fairly permissive license for commercial and research use, expanding Canary's current languages from four to 25. It offers transcription and translation quality comparable to models three times larger while running inference up to 10 times faster. At 1 billion parameters, it can run completely on-device on most next-gen flagship smartphones for speech translation on the fly.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/08/23/1731237/nvidia-release-massive-ai-ready-open-european-language-dataset-and-tools?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"James Cameron has a confession: he can't write Terminator 7..." according to the Guardian, "because reality keeps nicking his plotlines."

"I'm at a point right now where I have a hard time writing science-fiction," Cameron told CNN this week. "I'm tasked with writing a new Terminator story [but] I don't know what to say that won't be overtaken by real events. We are living in a science-fiction age right now...."

What Cameron should be looking for is a complete system reboot to reinvigorate the saga in the way Prey brought fans back to Predator and Alien: Romulus restored interest in slimy Xenomorphs. All evidence suggests that the 70-year-old film-maker is far more interested in the current challenges surrounding AI, superintelligences and humankind's constant efforts to destroy itself, which doesn't exactly lend itself to the sort of back-to-basics, relentless-monsters-hunt-a-few-unlucky-humans-for-two-hours approach that has worked elsewhere.
The challenge here seems to be to fuse Terminator's core DNA — unstoppable cyborgs, explosive chase sequences, and Sarah Connor-level defiance — with the occasionally rather more prosaic yet equally scary existential anxieties of 21st-century AI doom-mongering. So we may get Terminator 7: Kill List, in which a single, battered freedom fighter is hunted across a decimated city by a T-800 running a predictive policing algorithm that knows her next move before she does. Or T7: Singularity's Mom, in which a lone Sarah Connor-type must protect a teenage coder whose chatbot will one day evolve into Skynet. Or Terminator 7: Terms and Conditions, in which humanity's downfall comes not from nuclear warfare but from everyone absent-mindedly agreeing to Skynet's new privacy policy, triggering an army of leather-clad enforcers to collect on the fine print.

Or perhaps the future just looks terrifying enough without Cameron getting involved — which, rather worryingly for the future of the franchise, seems to be the director's essential point.

"The only way out is through," Cameron said in the CNN interview, "by using our intelligence, by using our curiosity, by using our command of technology, but also, by really understanding the stark probabilities that we face."

In the meantime, Cameron is working on a new film inspired by the book Ghosts of Hiroshima, a book written by Charles Pellegrino, one of the consultants on Titanic. "I know what a meticulous researcher he is," Cameron told CNN in a recent interview. (Transcript here.)

CAMERON: He's talked about this book for ages and ages and sent me early versions of it. So, I've read it with interest, great interest a number of times now. What compels me out of all that and what I think the human hook for understanding this tragedy is, is to follow a handful, specifically two will be featured of survivors, that actually survived not only the Hiroshima blast, but then went to Nagasaki and three days later were hit again.... This film scares me. I fear making this film. I fear the images that I'm going to have to create, to be honest and to be truthful.

CNN also spoke to former U.S. Energy secretary Ernest Moni, who is now a CEO at the nonprofit global security organization, the Nuclear Threat Initiative:

MONI: There remains a false narrative that the possession of these nuclear weapons is actually making us safer when they're not. That's the narrative I think, ultimately, we need to change. Harry Truman said, quite correctly, these nuclear weapons, they are not military weapons. Dropped on a city, they indiscriminately kill combatants, non-combatants, women, children, etc. They should not be thought of as military weapons, but as weapons of mass destruction, indiscriminate mass destruction when certainly dropped in an urban center.
Thanks to long-time Slashdot reader schwit1 for sharing the article.

[ Read more of this story ]( https://entertainment.slashdot.org/story/25/08/23/0318236/james-cameron-struggles-with-real-world-horrors-for-terminator-7-and-new-hiroshima-movie?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован релиз авторитетного (authoritative) DNS-сервера PowerDNS Authoritative Server 5.0, предназначенного для организации отдачи DNS-зон. В лучшие времена PowerDNS Authoritative Server обслуживал до 30% из общего числа доменов в Европе и до 90% доменов с DNSSEC. Код проекта распространяется под лицензией GPLv2.

https://www.opennet.ru/opennews/art.shtml?num=63767

Threads now has more than 400 million monthly active users. But who are these people who are actually using Threads, asks Mashable? And what is their cultural footprint?

Threads is the Big Bang Theory of social media. Bland, boring, largely unoffensive, and somehow, it was the most popular show on television for years... At any given time, "Twitter" and "X" are searched somewhere between 12 and 30 times more than "Threads" on Google, according to the search engine's Trends data. Threads is a popular platform without much of an identity...

[Threads] is consistently good at one thing users really want from a social media platform: for their posts to be seen and engaged with. Threads might be boring in comparison to its competitors, but its users say it might be the only place on the internet right now where they don't feel they are screaming into the void.... Much like TikTok, you don't actually have to have thousands of followers to find decent engagement on the app. One user, commenting in a Reddit forum questioning who actually uses the app, said they "find it worthwhile" because "you can just say stuff on there under a tag and people will find it and respond...." According to consumer research company GWI, while users signed up for Threads because of its integration with Instagram, they're staying because Threads users are "community-focused," noting there's a strong overlap between Discord users and Threads users....

It just doesn't have the same flair as X or Twitter, which could be because Adam Mosseri, the head of Instagram, went out of his way to ensure politics was downplayed when Threads first launched. (Meta has since backtracked slightly by phasing "civic content" back into Threads "with a more personalized approach....") Threads is still in its adolescence. It lacks the media ecosystem that made Twitter indispensable for journalists, politicians, and celebrities. But it has something else: sheer scale and Meta's backing. With Instagram's 2 billion users as a feeder system, Meta can keep funneling people toward Threads whether they like it or not.

The article also points out Threads is integrated with the fediverse, supporting ActivityPub's decentralized protocol...

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/23/0554228/threads-has-400-million-monthly-users-but-who-are-they?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The Free Software Foundation announced a special photography contest honoring its 40th anniversary:

The technology we use every day has changed dramatically since our founding nearly forty years ago, including the way we interact with it... We're incredibly grateful for the countless hours that developers and users have put into the free software programs that exist today. Without all the people who cared enough to make and use software that respects the four freedoms four decades or even a year ago, we wouldn't have much to celebrate.

We want to honor the hard work that has gone into free software and its development with the FSF40 Photo Contest. Starting on August 14, 2025, we're inviting free software supporters worldwide to share how they use free software on a daily basis. While we can think of hundreds of ways that free software can be used, there's almost certainly many of you who have thought of much more creative ways to involve libre software every day!

Shortly after the photo contest closes on August 31, 2025, we will invite you and other free software supporters to vote for your favorite of the #FSF40Photos... We will be displaying the winning photos at our fortieth [anniversary] celebration in Boston, MA on October 4, 2025 — we hope you get to see them on a big screen with us!

Earlier this month the FSF also shared 40 links from around the FSF and GNU sites "that give a sense of what we've been doing all this time as we work for your freedom." (For example, 2007's announcement of the GNU General Public License, version 3.)

[ Read more of this story ]( https://news.slashdot.org/story/25/08/23/0436210/fsf-announces-photo-contest-honoring-40-years-of-free-software?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

British telecommunications service provider Colt Telecom "has offices in over 30 countries across North America, Europe, and Asia, reports CPO magazine. "It manages nearly 1,000 data centers and roughly 75,000 km of fiber infrastructure."

But now "a cyber attack has caused widespread multi-day service disruption..."

On August 14, 2025, the telecom giant said it had detected a cyber attack that began two days earlier, on August 12. Upon learning of the cyber intrusion, the telecommunications service provider responded by proactively taking some systems offline to contain the cyber attack. Although Colt Telecom's cyber incident response team was working around the clock to mitigate the impacts of the cyber attack, service disruption has persisted for days. However, the service disruption did not affect the company's core network infrastructure, suggesting that Colt customers could still access its network services... The company also did not provide a clear timeline for resolving the service disruption. A week after the apparent ransomware attack, Colt Online and the Voice API platform remained unavailable.
And now Colt Technology Services "confirms that customer documentation was stolen," reports the tech news site BleepingComputer:

"A criminal group has accessed certain files from our systems that may contain information related to our customers and posted the document titles on the dark web," reads an updated security incident advisory on Colt's site.
"We understand that this is concerning for you."
"Customers are able to request a list of filenames posted on the dark web from the dedicated call centre."

As first spotted by cybersecurity expert Kevin Beaumont, Colt added the no-index HTML meta tag to the web page, making it so it won't be indexed by search engines.
This statement comes after the Warlock Group began selling on the Ramp cybercrime forum what they claim is 1 million documents stolen from Colt. The documents are being sold for $200,000 and allegedly contain financial information, network architecture data, and customer information... The Warlock Group (aka Storm-2603) is a ransomware gang attributed to Chinese threat actors who utilize the leaked LockBit Windows and Babuk VMware ESXi encryptors in attacks... Last month, Microsoft reported that the threat actors were exploiting a SharePoint vulnerability to breach corporate networks and deploy ransomware.

"Colt is not the only telecom firm that has been named by WarLock on its leak website in recent days," SecurityWeek points out. "The cybercriminals claim to have also stolen data from France-based Orange."

Thanks to long-time Slashdot reader Z00L00K for sharing the news.

[ Read more of this story ]( https://it.slashdot.org/story/25/08/23/0910226/amid-service-disruption-colt-confirms-criminal-group-accessed-their-data-as-ransomware-gang-threatens-to-sell-it?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Some joyless ne'er-do-well has loosed a botnet on the community-driven Arch Linux distro," reports the Register, with a distributed denial of service (DDoS) attack that apparently started a week ago.

Arch maintainer Cristian Heusel announced Thursday on the project's web site that the attack "primarily impacts our main webpage, the Arch User Repository (AUR), and the Forums."

We are aware of the problems that this creates for our end users and will continue to actively work with our hosting provider to mitigate the attack. We are also evaluating DDoS protection providers while carefully considering factors including cost, security, and ethical standards... As a volunteer-driven project, we appreciate the community's patience as our DevOps team works to resolve these issues.

A status update Friday acknowledged "we are suffering from partial outages." The Register reports:
The attack comes as the project has been enjoying a boost in mainstream success. The distro was picked by Valve to underpin the SteamOS software running on its Steam Deck handheld gaming gadget, with the company providing the project with funding for further development. Late last year, a new version of the archinstall tool was released, with a view to making the system more friendly to newcomers...

For now, the Arch team is working to mitigate the attack's impact, which highlights a bootstrapping issue. Tools designed to shift traffic to mirrors in the event the main infrastructure is unavailable rely on a mirror list obtained from that same main infrastructure, with Heusel advising that users should "default to the mirrors listed in the pacman-mirrorlist package" if tools like reflector fail. Installation media can be downloaded from a range of mirrors, too, but should be checked against the project's official signing key before being trusted.

[ Read more of this story ]( https://linux.slashdot.org/story/25/08/23/0513229/arch-linux-faces-ongoing-ddos-attack?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

На этой неделе в KDE Plasma появился мастер начальной настройки системы. На протяжении нескольких лет в KDE Plasma был Центр приветствия, который запускается после первого входа в систему. Но что создает аккаунт пользователя, в который вы входите?

Если вы тот, кто установил операционную систему, установщик создал аккаунт после того, как вы ввели желаемое имя пользователя и пароль. Но что, если установщик запускал кто-то другой? Например, компания, у которой вы купили компьютер, или последний человек, который стер данные с машины перед тем, как отдать или продать ее вам. В этом случае аккаунты пользователей не настроены.

Теперь [ KDE Initial System Setup ]( https://invent.kde.org/plasma/kiss ) (KISS) берет эту задачу на себя! Кристен МаКуиллам (Kristen McWilliam) перенесла KISS из внутреннего проекта в готовую к производству часть процесса настройки OEM. KISS появится в Plasma 6.5.0.

Помимо [ настроек языка ]( https://blogs.kde.org/2025/08/23/this-week-in-plasma-kde-initial-system-setup/kiss-2.png ) и [ часового пояса ]( https://www.linux.org.ru/images/22043/original.jpg ) , а также создания аккаунта, в KISS также есть возможность настройки яркости экрана, изменения масштабирования и включения/выключения темной темы.

В последнее время производители железа с предустановленными дистрибутивами Linux все чаще [ выбирают KDE ]( https://kde.org/hardware/ ) в качестве графической среды. Появление мастера начальной настройки системы должно убедить новых пользователей в том, что они сделали правильный выбор, что в свою очередь поможет более широкому принятию Linux.

https://www.linux.org.ru/news/kde/18057762

The Washington Post looks at the rise of low-effort, high-volume "AI slop" videos:

The major social media platforms, scared of driving viewers away, have tried to crack down on slop accounts, using AI tools of their own to detect and flag videos they believe were synthetically made. YouTube last month said it would demonetize creators for "inauthentic" and "mass-produced" content. But the systems are imperfect, and the creators can easily spin up new accounts — or just push their AI tools to pump out videos similar to the banned ones, dodging attempts to snuff them out.

One place where they're coming from...

Jiaru Tang, a researcher at the Queensland University of Technology who recently interviewed creators in China, said AI video has become one of the hottest new income opportunities there for workers in the internet's underbelly, who previously made money writing fake news articles or running spam accounts. Many university students, stay-at-home moms and the recently unemployed now see AI video as a kind of gig work, like driving an Uber. The average small creator she interviewed did their day jobs and then, at night, "spent two to three hours making AI-slop money," she said. A few she spoke with made $2,000 to $3,000 a month at it.

But the article provides other examples of the "wild cottage industry of AI-video makers, enticed by the possibility of infinite creation for minimal work"

A 31-year-old loan officer in eastern Idaho first went viral in June "with an AI-generated video on TikTok in which a fake but lifelike old man talked about soiling himself. Within two weeks, he had used AI to pump out 91 more, mostly showing fake street interviews and jokes about fat people to an audience that has surged past 180,000 followers..." (He told the Post the videos earn him about $5,000 a month through TikTok's creator program.)
"To stand out, some creators have built AI-generated influencers with lives a viewer can follow along. 'Why does everybody think I'm AI? ... I'm a human being, just like you guys,' says the AI woman in one since-removed TikTok video, which was watched more than 1 million times."
One AI-generated video a dog biting a woman's face off (revealing a salad) received a quarter of a billion views.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/23/022223/making-cash-off-ai-slop-the-surreal-video-business-taking-over-the-web?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

British telecommunications service provider Colt Telecom "has offices in over 30 countries across North America, Europe, and Asia, reports CPO magazine. "It manages nearly 1,000 data centers and roughly 75,000 km of fiber infrastructure."

But now "a cyber attack has caused widespread multi-day service disruption..."

On August 14, 2025, the telecom giant said it had detected a cyber attack that began two days earlier, on August 12. Upon learning of the cyber intrusion, the telecommunications service provider responded by proactively taking some systems offline to contain the cyber attack. Although Colt Telecom's cyber incident response team was working around the clock to mitigate the impacts of the cyber attack, service disruption has persisted for days. However, the service disruption did not affect the company's core network infrastructure, suggesting that Colt customers could still access its network services... The company also did not provide a clear timeline for resolving the service disruption. A week after the apparent ransomware attack, Colt Online and the Voice API platform remained unavailable.
And now Colt Technology Services "confirms that customer documentation was stolen," reports the tech news site BleepingComputer:

"A criminal group has accessed certain files from our systems that may contain information related to our customers and posted the document titles on the dark web," reads an updated security incident advisory on Colt's site.
"We understand that this is concerning for you."
"Customers are able to request a list of filenames posted on the dark web from the dedicated call centre."

As first spotted by cybersecurity expert Kevin Beaumont, Colt added the no-index HTML meta tag to the web page, making it so it won't be indexed by search engines.
This statement comes after the Warlock Group began selling on the Ramp cybercrime forum what they claim is 1 million documents stolen from Colt. The documents are being sold for $200,000 and allegedly contain financial information, network architecture data, and customer information... The Warlock Group (aka Storm-2603) is a ransomware gang attributed to Chinese threat actors who utilize the leaked LockBit Windows and Babuk VMware ESXi encryptors in attacks... Last month, Microsoft reported that the threat actors were exploiting a SharePoint vulnerability to breach corporate networks and deploy ransomware.

"Colt is not the only telecom firm that has been named by WarLock on its leak website in recent days," SecurityWeek points out. "The cybercriminals claim to have also stolen data from France-based Orange."

Thanks to long-time Slashdot reader Z00L00K for sharing the news.

[ Read more of this story ]( https://it.slashdot.org/story/25/08/23/0910226/amid-service-disruption-colt-telecom-confirms-criminal-group-accessed-their-data-as-ransomware-gang-threatens-to-sell-it?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Вышла [ вторая версия ]( https://git.vuxu.org/nitro/commit/?id=1f301d3f860e56c77ed9e844573d47fa3378ea34 ) нового проекта [ Nitro ]( https://git.vuxu.org/nitro/about/ ) , развивающего минималистичную систему инициализации c функциями контроля над выполнением процессов. Проект развивает Лия Нойкирхен ( [ Leah Neukirchen ]( https://leahneukirchen.org/ ) ), одна из сопровождающих пакеты в дистрибутиве Void Linux. Код написан на языке Си и [ распространяется ]( https://github.com/leahneukirchen/nitro ) под лицензией [ 0BSD ]( https://opensource.org/license/0bsd ) .

Nitro может применяться как в качестве init-процесса (pid 1), так и в форме непривилегированного процесса, контролирующего бесперебойное выполнение приложений в пространстве пользователя и перезапускающего задачи в случае сбоев. Поддерживается работа в Linux и FreeBSD, возможно применение в окружениях на базе стандартной Си-библиотеки Musl. В качестве областей применения упоминаются встраиваемые системы, образы ram-дисков (initramfs), контейнеры (Docker/Podman/LXC/Kubernetes), а также рабочие станции и серверные системы. Для управления работой сервисов и взаимодействия с init-процессом поставляется утилита командной строки nitroctl.

Вместо составных скриптов инициализации в Nitro применяется модель на основе выноса каждой функции в отдельный скрипт. Для каждого сервиса в иерархии /etc/nitro создаётся подкаталог, в котором могут размещаться следующие скрипты: setup - содержит команды, выполняемые до запуска сервиса; run - определяет сценарий запуска сервиса; finish - включает команды, выполняемые после завершения сервиса. Для организации ведения лога применяется символическая ссылка с именем log, указывающая на другой сервис, которому будет перенаправлен вывод. Для отключения автозапуска сервиса достаточно создать в его каталоге файл с именем «down», а для игнорирования сервиса следует добавить символ «@» к имени каталога.

Автором проекта отмечаются следующие достоинства Nitro по сравнению с другими системами инициализации:

• Всё состояние хранится в ОЗУ, что упрощает работу в окружениях c дисковыми разделами в режиме только для чтения.

• Архитектура на основе обработки событий, не использующая опрос в режиме полинга (polling).

• Отсутствие операций выделения памяти во время работы (все буферы выделяются при запуске).

• Ограниченное использование файловых дескрипторов во время работы.

• Поставка в форме одного самодостаточного исполняемого файла и утилиты для управления системой.

• Отсутствие стадий компиляции конфигурации - работу сервиса определяют простые скрипты в связанном с сервисом каталоге.

• Наличие функции перезапуска сервисов после сбоя.

• Наличие механизма ведения логов, которые могут включаться как по умолчанию, так и выборочно для отдельных сервисов.

• Возможность построения цепочки обработки лога, охватывающей несколько сервисов.

• Работа не зависит от точности выставления системных часов.

• Поддержка запуска во FreeBSD через /etc/ttys.

• Возможность сборки в форме миниатюрного статически скомпилированного исполняемого файла при использовании musl libc.

https://www.linux.org.ru/news/opensource/18057576

После почти года разработки [ доступен ]( https://ffmpeg.org/pipermail/ffmpeg-devel/2025-August/347886.html ) мультимедиа-пакет [ FFmpeg 8.0 ]( https://ffmpeg.org ) , включающий набор приложений и коллекцию библиотек для операций над различными мультимедиа-форматами (запись, преобразование и декодирование звуковых и видеоформатов). Пакет написан на языке Си и [ распространяется ]( https://github.com/FFmpeg/FFmpeg ) под лицензиями LGPL и GPL.

( [ читать дальше... ]( https://www.linux.org.ru/news/multimedia/18057643#cut0 ) )

An anonymous reader quotes a report from the New York Times: There's an overwhelming sense of deja vu at multiplexes these days. In August alone, "Black Swan" (2010) is returning to theaters, along with the Tim Burton "Batman" movies from 1989 and 1992. Audiences will be able to revisit the oceanic terror of "Jaws" (1975), as well as the comic mystery (and multiple endings) of "Clue" (1985). Or they could groove to Prince's "Sign o' the Times" concert film from 1987. And it doesn't look like the rerelease trend is slowing down. In September, "The Breakfast Club" (1985) is returning, Pixar is bringing back "Toy Story" (1995), and "Apollo 13" (1995) is blasting off again. "Casper" (1995) will haunt screens for nearly the entire month of October, while "Avatar: The Way of Water" (2022) will run for about five days, teeing up the forthcoming "Avatar: Fire and Ash." And there are still more to come before the end of the year.

Rereleases have long been part of the theatrical ecosystem. After all, "Star Wars" movies have been heading back to multiplexes routinely since 1981 -- before "Return of the Jedi" even debuted. But recently, studios have been digging deeper into their archives for a variety of reasons -- only some of which have to do with nostalgia. "Black Swan," from Searchlight, which is now owned by Disney, took over around 200 IMAX screens to commemorate its 15th anniversary. Universal's specialty arm, Focus Features, rereleased both "Pride & Prejudice" (2005) and "Brokeback Mountain" (2005) earlier this year. "Pride & Prejudice" ultimately grossed more than $6 million domestically this time around, about 16 percent of its original U.S. box office haul.

In total, Universal has 12 rereleases on its 2025 slate -- not including a partnership with another distribution company -- compared with just four in 2024 and two in 2023. "We very much pay a lot of attention to our repertory business," the studio's president of domestic theatrical distribution, Jim Orr, said by phone, explaining, "We just think it's not only great fun for audiences, but a great business to be in as well." Orr explained that the size of Universal's rerelease slate this year was "more coincidental" than anything else, with all the films hitting anniversaries in 2025. Still, there is a strong business motivation: The rereleases help studios and exhibitors pad out relatively thin slates. "The truth of the matter is studios don't have enough product right now to give theaters, so that's why you're seeing an influx of these nostalgia plays," said Jeff Bock, senior media analyst at Exhibitor Relations. He added, "It doesn't cost a lot for them to do an anniversary edition or a 4K edition." There are several other reasons why Hollywood is rereleasing old movies, according to Orr. Rereleases are far cheaper to put out than launching a brand-new title. Studios also target films that already have strong, enduring audiences, "whether that's 'Pride & Prejudice,' with its meme-able depiction of yearning, or 'Casper,'" which he said had elicited 'decent' interest every year.

Then there's what Orr calls "opportunistic dating." "There might be a window where something goes thematically or holiday-wise, whatever kind of fits in, or there might be some more screens available in specific formats," he said. Specialty format releases like IMAX, Dolby, or 3D also help bring moviegoers to the theaters.

[ Read more of this story ]( https://entertainment.slashdot.org/story/25/08/23/0134245/hollywoods-newest-formula-for-success-rereleasing-old-movies?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

BrianFagioli shares a report from NERDS.xyz: LibreOffice 25.8 has landed, and while it packs in new features and speed improvements, the biggest headline is who just got left behind. If you are still running Windows 7 or Windows 8/8.1, this is the end of the road. LibreOffice will not run on those systems anymore, and there are no workarounds. The suite has slammed the door shut.

For years, LibreOffice kept older Windows users afloat while Microsoft and other developers moved on. That lifeline is gone. Anyone stubbornly clinging to Windows 7 or 8 now has two choices: upgrade or stay stuck on outdated software. LibreOffice has made it clear that it will not carry dead platforms any further. And the cuts do not stop there. 32-bit Windows builds are on their way out, with deprecation already in place. On the Mac side, 25.8 is the last release that runs on macOS 10.15. Starting with LibreOffice 26.2, only macOS 11 and newer will be supported. In other words, if your computer is too old to run modern systems, LibreOffice is walking away.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/23/0124202/libreoffice-258-slams-the-door-on-windows-7-and-8x?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Нейт Грэм (Nate Graham), разработчик, занимающийся контролем качества в проекте KDE, опубликовал очередной отчёт о разработке KDE. Наиболее заметным изменением стало добавление в ветку, на основе которой формируется выпуск KDE Plasma 6.5, мастера начальной настройки системы (KISS - KDE Initial System Setup), который дополняет экран приветствия входа в систему (Welcome Center). В KDE Initial System Setup предложены системные операции, выполняется до первого входа в систему после установки, такие как как создание нового пользователя под которым будет осуществляться дальнейшая работа, выбор языка и часового пояса, настройка раскладки клавиатуры и конфигурирование сетевого доступа.

https://www.opennet.ru/opennews/art.shtml?num=63765

Представлена новая версия [ MiniOS 5.0.0 ]( https://github.com/minios-linux/minios-live/releases ) – легкого и модульного Linux-дистрибутива для съёмных носителей. MiniOS представляет собой портативный дистрибутив на основе Debian с модульной архитектурой, отличающийся гибкостью настройки под различные потребности пользователей.

Новая версия основана на Debian 13 «Trixie» и содержит фундаментальные изменения архитектуры.

( [ читать дальше... ]( https://www.linux.org.ru/news/linux-general/18057205#cut ) )

alternative_right shares a report from Phys.org: All the critical minerals the U.S. needs annually for energy, defense and technology applications are already being mined at existing U.S. facilities, according to a new analysis published in the journal Science. The catch? These minerals, such as cobalt, lithium, gallium and rare earth elements like neodymium and yttrium, are currently being discarded as tailings of other mineral streams like gold and zinc, said Elizabeth Holley, associate professor of mining engineering at Colorado School of Mines and lead author of the new paper.

To conduct the analysis, Holley and her team built a database of annual production from federally permitted metal mines in the U.S. They used a statistical resampling technique to pair these data with the geochemical concentrations of critical minerals in ores, recently compiled by the U.S. Geological Survey, Geoscience Australia and the Geologic Survey of Canada. Using this approach, Holley's team was able to estimate the quantities of critical minerals being mined and processed every year at U.S. metal mines but not being recovered. Instead, these valuable minerals are ending up as discarded tailings that must be stored and monitored to prevent environmental contamination.

The analysis looks at a total of 70 elements used in applications ranging from consumer electronics like cell phones to medical devices to satellites to renewable energy to fighter jets and shows that unrecovered byproducts from other U.S. mines could meet the demand for all but two -- platinum and palladium. Among the elements included in the analysis are:
- Cobalt (Co): The lustrous bluish-gray metal, a key component in electric car batteries, is a byproduct of nickel and copper mining. Recovering less than 10% of the cobalt currently being mined and processed but not recovered would be more than enough to fuel the entire U.S. battery market.
- Germanium (Ge): The brittle silvery-white semi-metal used for electronics and infrared optics, including sensors on missiles and defense satellites, is present in zinc and molybdenum mines. If the U.S. recovered less than 1% of the germanium currently mined and processed but not recovered from U.S. mines, it would not have to import any germanium to meet industry needs.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/23/0120237/us-is-throwing-away-the-critical-minerals-it-needs-analysis-shows?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован первый публичный выпуск проекта Nitro, развивающего минималистичную систему инициализации c функциями контроля над выполнением процессов. Проект развивает Лия Нойкирхен (Leah Neukirchen), одна из сопровождающих пакеты в дистрибутиве Void Linux. Код написан на языке Си и распространяется под лицензий 0BSD.

https://www.opennet.ru/opennews/art.shtml?num=63764

Проект Wine опубликовал выпуск пакета vkd3d 1.17 с реализацией Direct3D 12, работающей через трансляцию вызовов в графический API Vulkan. В состав пакета входят библиотеки libvkd3d с реализаций Direct3D 12, libvkd3d-shader c транслятором 4 и 5 модели шейдеров и libvkd3d-utils с функциями для упрощения портирования приложений Direct3D 12, а также набор демонстрационных примеров, включая порт glxgears на Direct3D 12. Код проекта распространяется под лицензией LGPLv2.1.

https://www.opennet.ru/opennews/art.shtml?num=63757

TOP10 VISITORS:

[1] 37.252.14.x point=144 web=0 up=24.9MB (37%) <--- ake (6/hr)
[2] ChatGPT point=0 web=101 up=10.9MB (16%)
[3] 45.135.180.x point=114 web=0 up=9.7MB (14%) <--- yesterlink (5/hr)
[4] PetalBot point=1 web=1024 up=6.0MB (8%) <--- PetalBot
[5] 144.76.33.x point=1 web=101 up=4.3MB (6%) <--- 144.76.33.x
[6] 216.73.216.x point=0 web=208 up=2.8MB (4%)
[7] TikTok point=1 web=235 up=2.6MB (3%) <--- TikTok
[8] Amazon point=0 web=73 up=1.5MB (2%)
[9] Google point=0 web=201 up=1.4MB (2%)
[10] 94.25.231.x point=1 web=0 up=1.1MB (1%) <--- 94.25.231.x

TOTAL TRAFFIC: 66MB

Для определения приложений, создающих расходующие дисковое пространство файлы в домашнем каталоге пользователя, подготовлен фоновый процесс whomade, отслеживающий появление новых файлов при помощи механизма fanotify. Проект написан на языке С++ и распространяется под лицензией GPLv3.

https://www.opennet.ru/opennews/art.shtml?num=63761

Представлен релиз дистрибутива MiniOS 5.0.0, основанного на Debian 13 "Trixie" и работающего напрямую с USB-накопителя. Графическое окружение основано на Xfce. Дистрибутив использует модульную архитектуру, позволяющую создавать специализированные конфигурации, исключая и добавляя компоненты для адаптации системы под конкретные задачи. Выпуск доступен в трёх редакциях.

https://www.opennet.ru/opennews/art.shtml?num=63763

Google has released (PDF) a new analysis of its AI's environmental impact, showing that it has cut the energy use of AI text queries by a factor of 33 over the past year. Each prompt now consumes about 0.24 watt-hours -- the equivalent of watching nine seconds of TV. An anonymous reader shares an excerpt from an Ars Technica article: "We estimate the median Gemini Apps text prompt uses 0.24 watt-hours of energy, emits 0.03 grams of carbon dioxide equivalent (gCO2e), and consumes 0.26 milliliters (or about five drops) of water," they conclude. To put that in context, they estimate that the energy use is similar to about nine seconds of TV viewing. The bad news is that the volume of requests is undoubtedly very high. The company has chosen to execute an AI operation with every single search request, a compute demand that simply didn't exist a couple of years ago. So, while the individual impact is small, the cumulative cost is likely to be considerable.

The good news? Just a year ago, it would have been far, far worse. Some of this is just down to circumstances. With the boom in solar power in the US and elsewhere, it has gotten easier for Google to arrange for renewable power. As a result, the carbon emissions per unit of energy consumed saw a 1.4x reduction over the past year. But the biggest wins have been on the software side, where different approaches have led to a 33x reduction in energy consumed per prompt.

The Google team describes a number of optimizations the company has made that contribute to this. One is an approach termed Mixture-of-Experts, which involves figuring out how to only activate the portion of an AI model needed to handle specific requests, which can drop computational needs by a factor of 10 to 100. They've developed a number of compact versions of their main model, which also reduce the computational load. Data center management also plays a role, as the company can make sure that any active hardware is fully utilized, while allowing the rest to stay in a low-power state.

The other thing is that Google designs its own custom AI accelerators, and it architects the software that runs on them, allowing it to optimize both sides of the hardware/software divide to operate well with each other. That's especially critical given that activity on the AI accelerators accounts for over half of the total energy use of a query. Google also has lots of experience running efficient data centers that carries over to the experience with AI. The result of all this is that it estimates that the energy consumption of a typical text query has gone down by 33x in the last year alone.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/22/2118234/google-says-it-dropped-the-energy-cost-of-ai-queries-by-33x-in-one-year?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Bluesky has blocked access to its service in Mississippi rather than comply with a new state law requiring age verification for all social media users. TechCrunch reports: In a blog post published on Friday, the company explains that, as a small team, it doesn't have the resources to make the substantial technical changes this type of law would require, and it raised concerns about the law's broad scope and privacy implications. Mississippi's HB 1126 requires platforms to introduce age verification for all users before they can access social networks like Bluesky. On Thursday, U.S. Supreme Court justices decided to block an emergency appeal that would have prevented the law from going into effect as the legal challenges it faces played out in the courts. As a result, Bluesky had to decide what it would do about compliance.

Instead of requiring age verification before users could access age-restricted content, this law requires age verification of all users. That means Bluesky would have to verify every user's age and obtain parental consent for anyone under 18. The company notes that the potential penalties for noncompliance are hefty, too -- up to $10,000 per user. Bluesky also stresses that the law goes beyond child safety, as intended, and would create "significant barriers that limit free speech and disproportionately harm smaller platforms and emerging technologies." To comply, Bluesky would have to collect and store sensitive information from all its users, in addition to the detailed tracking of minors. This is different from how it's expected to comply with other age verification laws, like the U.K.'s Online Safety Act (OSA), which only requires age checks for certain content and features.

Mississippi's law blocks anyone from using the site unless they provide their personal and sensitive information. The company notes that its decision only applies to the Bluesky app built on the AT Protocol. Other apps may approach the decision differently.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/22/2327213/bluesky-blocks-service-in-mississippi-over-age-assurance-law?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

At its upcoming Connect conference next month, Meta is rumored to unveil its first consumer-ready smart glasses with a built-in display, alongside a neural wristband controller. The $800 device, codenamed Hypernova, will be able to show simple visual content like texts and support AI assistant interactions. CNBC reports: Connect is a two-day conference for developers focused on virtual reality, AR and the metaverse. It was originally called Oculus Connect and obtained its current moniker after Facebook changed its parent company name to Meta in 2021. The glasses are internally codenamed Hypernova and will include a small digital display in the right lens of the device, said the people, who asked not to be named because the details are confidential. The device is expected to cost about $800 and will be sold in partnership with EssilorLuxottica, the people said. CNBC reported in October that Meta was working with Luxottica on consumer glasses with a display. [...]

With Hypernova, Meta will finally be offering glasses with a display to consumers, but the company is setting low expectations for sales, some of the sources said. That's because the device requires more components than its voice-only predecessors, and will be slightly heavier and thicker, the people said. [...] Although Hypernova will feature a display, those visual features are expected to be limited, people familiar with the matter said. They said the color display will offer about a 20 degree field of view -- meaning it will appear in a small window in a fixed position -- and will be used primarily to relay simple bits of information, such as incoming text messages.

The Hypernova glasses will also come paired with a wristband that will use technology built by Meta's CTRL Labs, said people familiar with the matter. CTRL Labs, which Meta acquired in 2019, specializes in building neural technology that could allow users to control computing devices using gestures in their arms. [...] In addition to Hypernova and the wristband, Meta will also announce a third-generation of its voice-only smart glasses with Luxottica at Connect, one person said.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/08/22/217232/meta-set-to-unveil-first-consumer-ready-smart-glasses-with-a-display-wristband?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from The Register: Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month's SharePoint zero-day attacks, which appear to be related to a leak in Redmond's early-bug-notification program. The software behemoth gives some software vendors early bug disclosures under its Microsoft Active Protections Program (MAPP), which typically delivers info two weeks before Patch Tuesday. MAPP participants sign a non-disclosure agreement, and in exchange get vulnerability details so that they can provide updated protections to customers more quickly.

According to Microsoft spokesperson David Cuddy, who spoke with Bloomberg about changes to the program, MAPP has begun limiting access to companies in "countries where they're required to report vulnerabilities to their governments," including China. Companies in these countries will no longer receive "proof of concept" exploit code, but instead will see "a more general written description" that Microsoft sends at the same time as patches, Cuddy told the news outlet. "A leak happened here somewhere," Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative (ZDI), told The Register in July. "And now you've got a zero-day exploit in the wild, and worse than that, you've got a zero-day exploit in the wild that bypasses the patch, which came out the next day."

Childs said the MAPP change "is a positive change, if a bit late. Anything Microsoft can do to help prevent leaks while still offering MAPP guidance is welcome."

"In the past, MAPP leaks were associated with companies out of China, so restricting information from flowing to these companies should help," Childs said. "The MAPP program remains a valuable resource for network defenders. Hopefully, Microsoft can squelch the leaks while sending out the needed information to companies that have proven their ability (and desire) to protect end users."

[ Read more of this story ]( https://it.slashdot.org/story/25/08/22/2059255/microsoft-reportedly-cuts-chinas-early-access-to-bug-disclosures-poc-exploit-code?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Waymo has received its first permit from the New York City Department of Transportation to begin testing autonomous vehicles in Manhattan and Downtown Brooklyn, marking the city's first official rollout of self-driving car trials. The program will initially deploy up to eight vehicles with safety drivers through late September, with the potential to extend and expand into other boroughs. CNBC reports: New York state law requires the company to have a driver behind the wheel to operate. "We're a tech-friendly administration and we're always looking for innovative ways to safely move our city forward," [Mayor Eric Adams] said in a release. "New York City is proud to welcome Waymo to test this new technology in Manhattan and Brooklyn, as we know this testing is only the first step in moving our city further into the 21st century."

The news comes just two months after the company said it filed permits to test its cars in the city with a trained specialist behind the wheel. [...] As part of the permit, Waymo must regularly meet and report data to DOT and work closely with law enforcement and emergency services.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/22/2036239/waymo-granted-first-permit-to-being-testing-autonomous-vehicles-in-nyc?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Google has signed a six-year cloud computing deal with Meta worth over $10 billion, making it the second major partnership after a recent agreement with OpenAI. The deal will see Meta rely on Google Cloud's infrastructure to support its massive AI data center buildout, as the company ramps up capital spending into the tens of billions. The Information (paywalled) first reported the deal.

[ Read more of this story ]( https://meta.slashdot.org/story/25/08/22/2043255/meta-signs-10-billion-cloud-deal-with-google?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.