Представлен выпуск свободной UNIX-подобной операционной системы OpenBSD 7.8. Проект OpenBSD был основан Тэо де Раадтом (Theo de Raadt) в 1995 году после конфликта с разработчиками NetBSD, в результате которого для Тэо был закрыт доступ к CVS репозиторию NetBSD. После этого Тэо де Раадт с группой единомышленников создал на базе дерева исходных текстов NetBSD новую открытую операционную систему, главными целями развития которой стали переносимость (поддерживается 13 аппаратных платформ), стандартизация, корректная работа, проактивная безопасность и интегрированные криптографические средства. Размер полного установочного ISO-образа базовой системы OpenBSD 7.8 составляет 597 МБ.

https://www.opennet.ru/opennews/art.shtml?num=64101

YouTube has added a new Shorts feature that makes it easier to manage how much time you're spending watching videos. From a report: Mobile users can now set a customizable daily limit that restricts how long they can scroll Shorts feeds, aiming to help viewers better manage their time instead of endlessly scrolling. When a user reaches their time limit, they will receive a notification saying Shorts has been paused for the day.

This notification is dismissible, however, so it's on the user to honor these self-imposed restrictions.

[ Read more of this story ]( https://news.slashdot.org/story/25/10/22/192225/youtube-will-help-you-quit-watching-shorts?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Air pollution in New Delhi hit a five-year high this week, as Diwali fireworks combined with farming fires to shroud the city in a toxic haze. From a report: The annual spike has become something of a tradition in the megalopolis, with some parts of the city this week recording an air-quality index reading of 1,800 -- 20 times higher than levels the World Health Organization deems healthy. The news points to the challenge facing Indian authorities as they look to combat pollution and cut carbon emissions: The country has made huge progress in deploying renewable energy, but will still need up to $21 trillion in new investments in order to meet its 2070 net-zero target, according to government plans reported by Bloomberg.

[ Read more of this story ]( https://news.slashdot.org/story/25/10/22/1818215/new-delhi-pollution-hits-five-year-high?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Wed, 22 Oct 2025 19:09:40 GMT
Канал: Все статьи подряд / Системное программирование / Хабр

Мост для тех кто привык к Systemd. Без эмуляции, без Systemd-зависимостей. Только переводит команды. Читать далее]]>

https://habr.com/ru/articles/959200/

Google and Apple face enforced changes to how they operate their mobile phone platforms, after the UK's competition watchdog ruled the companies require tougher regulatory oversight. From a report: The Competition and Markets Authority has conferred "strategic market status" (SMS) on the tech firms after investigating their mobile operating systems, app stores and browsers. It means Apple and Google will be subjected to tailormade guidelines to regulate their behaviour in the mobile market.

The CMA said the two companies have "substantial, entrenched" market power, with UK mobile phone owners using either Google or Apple's platforms and unlikely to switch between them. The regulator flagged the importance of their platforms to the UK economy and said they could be a bottleneck for businesses.

[...] Changes under consideration by the CMA include allowing users to be "steered" out of app stores to make purchases elsewhere, like on a company's own website. App developers have long taken issue with Apple and Google taking a cut from purchases made via apps. The CMA also wants both companies to ensure users have a "genuine choice" over the services they use on their devices, like digital wallets on Apple.

[ Read more of this story ]( https://news.slashdot.org/story/25/10/22/181246/apple-and-google-face-enforced-changes-over-uk-smartphone-dominance?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader shares a report: Social media platform Reddit sued AI startup Perplexity in New York federal court on Wednesday, accusing it and three other companies of unlawfully scraping its data to train Perplexity's AI-based search engine. Reddit said in the complaint that the data-scraping companies circumvented its data protection measures in order to steal data that Perplexity "desperately needs" to power its "answer engine" system.

[ Read more of this story ]( https://yro.slashdot.org/story/25/10/22/1743250/reddit-sues-perplexity-for-scraping-data-to-train-ai-system?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Meta removed a deepfake video from Facebook that falsely depicted Catherine Connolly withdrawing from Ireland's presidential election. The video was posted to an account called RTE News AI and viewed almost 30,000 times over 12 hours before the Irish Independent contacted the platform. The fabricated bulletin featured AI-generated versions of RTE newsreader Sharon Ni Bheolain and political correspondent Paul Cunningham announcing that Connolly had ended her campaign and the election scheduled for Friday would be cancelled.

Connolly responded in a statement that she remained a candidate and called the video a disgraceful attempt to mislead voters. Meta confirmed the account violated its community standards against impersonating people and organizations. Ireland's media regulator Coimisiun na Mean contacted Meta about the incident and reminded the platform of its obligations under the EU Digital Services Act. An Irish Times poll published last Thursday found Connolly leading the race with 38% support.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/22/1724212/meta-allows-deepfake-of-irish-presidential-candidate-to-spread-for-12-hours-before-removal?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader shares a report: As it rushes to meet its pledge for "100 percent" of trips in electric vehicles by 2030, Uber is offering grants of $4,000 for drivers to swap their gas-guzzlers for zero-tailpipe emission vehicles. The company is also dropping its "Uber Green" branding in favor of the more simple "Uber Electric."

Uber has said it will be completely carbon neutral in North America and Europe by 2030 and in all global markets by 2040. But when it first announced this pledge in 2020, it said it wouldn't directly pay drivers to ditch their gas-burning vehicles in favor of EVs. Now, the company is reversing that decision in the hopes that direct payments can help accelerate EV adoption.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/22/1639229/uber-will-pay-drivers-4000-to-switch-to-evs?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Google announced Wednesday that its quantum computer achieved the first verifiable quantum advantage, running a new algorithm 13,000 times faster than a top supercomputer. The algorithm, called Quantum Echoes, was published in the journal Nature. The results can be replicated on another quantum computer of similar quality, something Google had not demonstrated before. The quantum computer uses a chip called Willow, which was announced in December 2024. Hartmut Neven, head of Google's Quantum AI research lab, called the work a demonstration of the first algorithm with verifiable quantum advantage and a milestone on the software track.

Michel H. Devoret, who won this year's Nobel Prize in Physics and joined Google in 2023, said future quantum computers will run calculations impossible with classical algorithms. Google stopped short of claiming the work would have practical uses on its own. Instead, the company said Quantum Echoes demonstrated a technique that could be applied to other algorithms in drug discovery and materials science.

A second paper published Wednesday on arXiv showed how the method could be applied to nuclear magnetic resonance. The experiment involved a relatively small quantum system that fell short of full practical quantum advantage because it was not able to work faster than a traditional computer. Google exhaustively red-teamed the research, putting some researchers to work trying to disprove its own results.

Prineha Narang, a professor at UCLA, called the advance meaningful. The quantum computer tested two molecules, one with 15 atoms and another with 28 atoms. Results on the quantum computer matched traditional NMR and revealed information not usually available from NMR. Google's research competes against Microsoft, IBM, universities and efforts in China. The Chinese government has committed more than $15.2 billion to quantum research. Previous claims of quantum advantage have been met with skepticism.

[ Read more of this story ]( https://science.slashdot.org/story/25/10/22/163228/googles-quantum-computer-makes-a-big-technical-leap?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The proliferation of difficult-to-treat bacterial diseases represents a growing threat, according to the World Health Organization's (WHO) Global Antibiotic Resistance Surveillance Report. Wired: The report reveals that, between 2018 and 2023, antibiotic resistance increased by more than 40 percent in monitored pathogen-drug combinations, with an average annual increase of 5-15 percent. According to data reported by more than 100 countries to WHO's Global Antimicrobial Resistance and Use Surveillance System (GLASS), one in six laboratory-confirmed bacteria in 2023 proved resistant to antibiotic treatment, all related to various common diseases globally.

For the first time, this edition of the report includes prevalence estimates of resistance to 22 antibiotics used to treat urinary tract, gastrointestinal, bloodstream, and gonorrheal conditions. The analysis focused on eight common pathogens: Acinetobacter spp, Escherichia coli, Klebsiella pneumoniae, Neisseria gonorrhoeae, non-typhoidal Salmonella spp, Shigella spp, Staphylococcus aureus, and Streptococcus pneumoniae. The results show that resistant gram-negative bacteria pose the greatest threat. Of particular note are Escherichia coli and Klebsiella pneumoniae, which are associated with bloodstream infections that can lead to sepsis, organ failure, and death. "More than 40 percent of E. coli and more than 55 percent of K. pneumoniae strains worldwide are now resistant to third-generation cephalosporins, the first-choice treatment for these types of infections," the report warns.

[ Read more of this story ]( https://science.slashdot.org/story/25/10/22/1524248/resistant-bacteria-are-advancing-faster-than-antibiotics?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

More than 1,100 public figures have signed a statement calling for a prohibition on the development of superintelligence. The signatories included Nobel laureate Geoffrey Hinton, former Joint Chiefs of Staff Chairman Mike Mullen, Apple co-founder Steve Wozniak, entrepreneur Sir Richard Branson, former chief strategist to President Trump Steve Bannon and Turing Award winner Yoshua Bengio. The statement was organized by the Future of Life Institute, led by Anthony Aguirre, a physicist at the University of California, Santa Cruz. It proposes halting work on superintelligence until there is broad scientific consensus on safety and strong public support.

The institute's biggest recent donor is Vitalik Buterin, a co-founder of Ethereum. Notable tech executives did not sign the statement. Meta CEO Mark Zuckerberg said in July that superintelligence was now in sight. OpenAI CEO Sam Altman said last month he would be surprised if superintelligence did not arrive by 2030.

[ Read more of this story ]( https://slashdot.org/story/25/10/22/1448213/more-than-1100-public-figures-call-for-ban-on-ai-superintelligence?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Early Monday, an Amazon Web Services outage disrupted banks, games, and Peloton classes. Eight Sleep customers faced a different problem. Their internet-enabled mattresses malfunctioned. People woke to beds locked in upright positions, excessive heat, flashing lights, and unexpected alarms. Matteo Franceschetti, the company's chief executive, apologized and said engineers were building an outage-proof mode. By Monday evening, all devices functioned again, though some experienced data processing delays. The mattresses adjust temperature between 55 and 110 degrees and elevate bodies into different positions. They activate soundscapes and vibrational alarms. The advanced models cost over $5,000. A yearly subscription of $199 to $399 is required for temperature controls.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/22/1347211/smart-beds-malfunctioned-during-aws-outage?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from the Financial Times: A lot of critical financial and government infrastructure runs on Cobol. The more-than-60-year-old mainframe coding language is embedded into payments and transaction rails, even though there are very few Cobol-literate coders available to maintain them. The big argument in favor of sticking with Cobol systems is that they work. The catch is that, whenever they stop working, it is difficult to figure out why. That's not good in a crisis, which is exactly when they're most likely to break. Covid-19 put a lot of strain the US state benefit systems.

The ones that used Cobol for processing unemployment claims failed spectacularly, according to a new working paper from The Atlanta Fed: "States that used an antiquated [unemployment insurance]-benefit system experienced a 2.8 percentage point decline in total credit and debit card consumption relative to card consumption in states with more modern UI benefit systems. [...] Using this estimate in a back-of-the-envelope calculation, I find that the lack of investment in updating UI-benefit systems in COBOL states was associated with a reduction in real GDP of at least $40 billion (in 2019 dollars) lower during this [March 13 2020 to year-end] period

The paper uses Cobol as a proxy for old and inefficient IT, not the direct cause of failure. Claimants faced much longer delays in the 28 states that still used Cobol in 2020, both because of the unprecedented volume of claims and the difficulty updating systems with new eligibility rules, author Michael Navarrete finds. [...] As an aside, one oddity of the data is that Republican-controlled states were more likely to have replaced old IT systems, even though their standard unemployment insurance payments are lower on average. Why? Absolutely no idea, but here are the maps. And, once adjusted for state politics, here's the key finding.

[ Read more of this story ]( https://it.slashdot.org/story/25/10/22/047219/rubbish-it-systems-cost-the-us-at-least-40-billion-during-covid?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

General Motors is ending production of its Chevy BrightDrop electric delivery vans after sluggish demand and the expiration of key EV tax credits. "This is not a decision we made lightly because of the impact on our employees," GM CEO Mary Barra said during the company's third quarter earnings call Tuesday. "However the commercial electric van market has been developing much slower than expected, and changes to the regulatory framework and fleet incentives has made the business even more challenging." The Verge reports: Brightdrop first launched in 2021 as GM's effort to capture a large portion of the commercial EV market, starting with a pair of electric vans, as well as fleet management software and electric-powered carts for goods delivery. The automaker made deals with Walmart, FedEx, and other major retailers to add the van to their delivery fleets. But after trying to make a go of it as a standalone brand, GM reabsorbed BrightDrop in 2023, and then later assigned it to Chevy in order to tap into the brand's sales and service dealer network.

Now the van will stand as yet another casualty of the expiration of the $7,500 federal EV tax credit, which ended on September 30th. In addition to the consumer credit, there was also a $7,500 discount for commercial EVs under 18,000 lbs -- which Brightdrop was eligible for. The van was a range leader, but also was more expensive than its most prominent competitor. Brightdrop's vans started at $74,000, while Ford's E-Transit van with extended battery range sold for $51,600.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/22/0413239/gm-to-end-production-of-electric-chevy-brightdrop-vans?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

NASA has reopened SpaceX's $4.4 billion moon lander contract to new bidders like Blue Origin and Lockheed Martin after delays in Starship's development threatened the 2027 Artemis 3 mission. Reuters reports: The move paves the way for rivals such as Jeff Bezos' Blue Origin to snatch a high-profile mission to land the first astronauts on the moon in half a century. "I'm in the process of opening that contract up. I think we'll see companies like Blue get involved, and maybe others," the U.S. space agency's acting chief Sean Duffy, who also serves as U.S. Transportation Secretary, told Fox News' "Fox & Friends" program.

Duffy's comments follow months of mounting pressure within NASA to speed up its Artemis lunar program and push SpaceX to make greater progress on its Starship lunar lander, while China progresses toward its own goal of sending humans to the moon by 2030.
It represents a major shift in NASA's lunar strategy, starting a new competitive juncture in the program for a crewed moon lander just two years before the scheduled landing date. Blue Origin is widely expected to compete for the mission, while Lockheed Martin has indicated it would convene an industry team to heed NASA's call.

Starship, picked by NASA in 2021 under a contract now worth $4.4 billion, faces a 2027 moon landing deadline that agency advisers estimate could slip years behind schedule, citing competing priorities. Musk sees Starship as crucial to launching larger batches of Starlink satellites to space and eventually ferrying humans to Mars, among other missions. "They do remarkable things, but they're behind schedule," Duffy said of SpaceX's lunar lander work, adding President Donald Trump wants to see the mission take place before his White House term ends in January 2029.

[ Read more of this story ]( https://science.slashdot.org/story/25/10/22/0358206/nasa-opens-spacexs-moon-lander-contract-to-rivals-over-starship-delays?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from TechCrunch: WordPress co-founder and Automattic CEO Matt Mullenweg called the company's Tumblr acquisition his biggest failure -- but one he hasn't given up on yet. The comments were made at the recent WordCamp Canada 2025 conference, where Mullenweg went live for a Town Hall session to connect with the open source-focused WordPress community.

The exec noted that Tumblr was still on a different technical stack than WordPress -- something he had intended to correct by migrating the back end to WordPress infrastructure. However, that massive undertaking was put on hold earlier this year, as the cost to move Tumblr's half-billion blogs would be difficult given that the blogging platform wasn't profitable and continues to be sustained by the profits of other Automattic products.

The company has tried to trim costs with layoffs and the reallocation of Tumblr resources to more profitable parts of the business, but those efforts have yet to pay off. Mullenweg acknowledged these concerns at his Town Hall session, saying, "I need to switch [Tumblr] over to WordPress, but it's a big lift. It's over 500 million blogs, actually, and, as a business, it's costing so much more to run than it generates in revenue." As a result, Automattic had to prioritize other projects to make Tumblr sustainable, he said. "It's probably my biggest failure or missed opportunity right now, but we're still working on it," he added.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/21/2334237/automattic-ceo-calls-tumblr-his-biggest-failure-so-far?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: 2025-10-22T12:20:24+00:00

Как в японском городке Макабе уже несколько столетий делают фонари из гранита? Такие традиционные фонарики можно встретить в садах по всей Японии, а также возле синтоистских и буддийских храмов Юго-Восточной Азии. В ролике демонстрируется традиционная техника изготовления фонарика Макабе, передаваемая из поколения в поколение. Мастера даже сдают государственные сертификационные экзамены по традиционному ремеслу!

https://www.youtube.com/watch?v=3tW5zye3dNs

Опубликовано: Wed, 22 Oct 2025 13:16:26 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

На изображении выше результат многолетних экспериментов и мучений в поисках облегчения такой, казалось бы, простой процедуры как поливать растения, кхе-кхе, вовремя 😊Это модульная система полива комнатных растений, которая взяла на себя всю заботу о круглогодичном поливе растений. Оно умеет подавать нужную порцию воды в требуемый канал и по необходимости туда же добавить жидкие удобрения. Система масштабируется и можно начать с одного канала и по надобности подключить дополнительные модули расширения.Ну, а далее распишу про все прототипы, которые придумывал на пути к данному решению... Читать далее]]>

https://habr.com/ru/articles/959086/

Опубликовано: Wed, 22 Oct 2025 12:19:16 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

В предыдущей статье я подключил два мотора к драйверу двигателей L298N. Сам драйвер управлялся с одноплатного компьютера Orange Pi Zero H+ через библиотеку gpiod, написанную на языке Python. Также я использовал avahi-daemon, чтобы задать для динамического IP одноплатника имя хоста, по которому к нему всегда можно обратиться, находясь в локальной сети.В этом материале я установлю все электрические компоненты на гусеничную платформу. Напишу код для LED, который будет выполнять роль индикации состояния подключения робота. Для этого я спаяю небольшую плату, на которой будут установлены светодиод, резистор на 150 Ом и провода для подключения. В конце статьи робот пройдёт полосу препятствий, что продемонстрирует эффективность софта для управления. Также исправлю некоторые ошибки, обнаруженные в процессе разработки.Статья будет полезна любителям DIY-проектов и веб-разработчикам, интересующимся фреймворком FastAPI. Читать далее]]>

https://habr.com/ru/companies/first/articles/958686/

Опубликовано: Wed, 22 Oct 2025 07:15:23 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Привет, Хабр! Меня зовут Александр Фокин, я лидер по стратегии в ИТ-кластере «Развитие инфраструктуры», занимаюсь стратегическим менеджментом и технологической трансформацией. В прошлом у меня есть образование и опыт трехмерного моделирования, поэтому всегда с интересом наблюдал за развитием аддитивных технологий и 3D-печати. В 2024 году я купил первый 3D-принтер, а теперь планирую приобрести еще два (и это не шутка). Сегодня расскажу и покажу, что я напечатал за эти полтора года. Залетайте! Читать далее]]>

https://habr.com/ru/companies/ru_mts/articles/957498/

TOP10 VISITORS:

[1] 37.252.14.x point=144 web=0 up=27.0MB (32%) <--- ake (6/hr)
[2] 45.135.180.x point=240 web=0 up=20.8MB (25%) <--- yesterlink (10/hr)
[3] PetalBot point=6 web=1018 up=5.9MB (7%) <--- PetalBot
[4] Amazon point=0 web=125 up=3.9MB (4%)
[5] BLEXBot point=0 web=53 up=3.0MB (3%)
[6] ChatGPT point=0 web=22 up=2.9MB (3%)
[7] Google point=2 web=325 up=2.3MB (2%) <--- Google
[8] 217.114.158.x point=25 web=0 up=1.0MB (1%) <--- fox (1/hr)
[9] 94.25.231.x point=1 web=0 up=0.9MB (1%) <--- 94.25.231.x
[10] TikTok point=1 web=68 up=0.6MB (<1%) <--- TikTok

TOTAL TRAFFIC: 82MB

Состоялся релиз СУБД Valkey 9.0, в прошлом году ответвившейся от СУБД Redis. Форк был образован после перевода Redis 7.4 на проприетарную лицензию. В выпуске Redis 8.0 код был возвращён на свободную лицензию AGPLv3, но это не повлияло на разработку проекта Valkey. Valkey развивается на нейтральной площадке под покровительством организации Linux Foundation при участии разработчиков из таких компаний, как Amazon, Google, Oracle, Ericsson и Snap. Код проекта написан на языке Си и распространяется под лицензией BSD. Поддерживается работа в Linux, macOS, OpenBSD, NetBSD и FreeBSD.

https://www.opennet.ru/opennews/art.shtml?num=64096

В написанной на языке Rust библиотеке [ async-tar ]( https://github.com/dignifiedquire/async-tar ) , предоставляющей функции для чтения и записи tar-архивов, [ выявлена ]( https://edera.dev/stories/tarmageddon ) уязвимость (CVE-2025-62518, кодовое имя TARmageddon), позволяющая при распаковке специально оформленного tar-архива не только извлечь размещённые в нём файлы, но и файлы, содержащиеся во вложенном tar-архиве. Уязвимость может быть использована для обхода систем верификации архивов и распаковки файлов, для которых не выполнялась проверка.

Уязвимость также проявляется в форках библиотеки [ async-tar ]( https://crates.io/crates/async-tar ) , таких как [ tokio-tar ]( https://crates.io/crates/tokio-tar ) , [ krata-tokio-tar ]( https://crates.io/crates/krata-tokio-tar ) и [ astral-tokio-tar ]( https://crates.io/crates/astral-tokio-tar ) , а также в утилитах на их основе, например, в пакетном менеджере [ uv ]( https://github.com/astral-sh/uv ) , развиваемом в качестве высокопроизводительной замены «pip» для проектов на языке Python. Из популярных проектов, использующих уязвимые библиотеки, также отмечаются инструментарий [ testcontainers ]( https://crates.io/crates/testcontainers ) для запуска docker-контейнеров и WebAssembly runtime [ wasmCloud ]( https://crates.io/crates/wasmcloud ) . В репозитории crates.is за последние 90 дней библиотека async-tar насчитывает 1.3 млн загрузок, tokio-tar - 2.2 млн, testcontainers - 2.9 млн.

Уязвимость вызвана некорректным выбором позиции при разборе разных значений размера в заголовках ustar и PAX. В tar-архивах в формате PAX для каждого файла внутри архива указываются два заголовка - классический ustar и расширенный PAX. Проблема вызвана тем, что уязвимые библиотеки при распаковке файлов вместо вычисления смещения на основе размера из расширенного заголовка PAX, брали размер из устаревшего заголовка ustar. При нулевом значении размера в заголовке ustar, идущее за ним содержимое файла обрабатывалось как корректный блок TAR-заголовков для следующего файла.

Уязвимости в библиотеках [ присвоен ]( https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-j5gw-2vrg-8fgx ) уровень опасности 8.1 из 10, так как проблема может использоваться для перезаписи распаковываемых файлов (в уязвимых реализациях будут распакованы не те файлы, что были видны в архиве). При этом уязвимость в пакетном менеджере uv [ отмечена ]( https://github.com/astral-sh/uv/security/advisories/GHSA-w476-p2h3-79g9 ) как неопасная, так как если атакующий может влиять на содержимое исходного архива, нет смысла усложнять атаку и эксплуатировать уязвимость через вложенный архив, когда можно добиться выполнения кода через сборочные сценарии в основном архиве.

Выявившие уязвимость исследователи предложили несколько гипотетических сценариев атак, позволяющих обойти проверки безопасности и добиться выполнения кода через замену файлов конфигурации или вмешательство в сборочный процесс. Подразумевается, что присланный архив сможет пройти автоматизированную проверку сканером безопасности и ручной аудит, в ходе которого проверяющий не обратит внимание на странный вложенный архив с другими файлами, после чего при распаковке при помощи Rust-библиотек из архива будет извлечено иное содержимое, чем ожидалось.

Например, атакующий может загрузить модифицированный архив в репозиторий PyPI, который пройдёт проверку на основе анализа содержимого основного архива, содержащего легитимный файл pyproject.toml. При обработке данного пакета при помощи утилиты uv легитимный pyproject.toml будет заменён на вредоносный вариант из вложенного архива, содержащий команды, которые будут выполнены при сборке на компьютере разработчика или в системе непрерывной интеграции. Аналогично, можно организовать перезапись файлов контейнера при извлечении образа контейнера при помощи инструментария testcontainers.

https://www.linux.org.ru/news/security/18118692

Состоялся выпуск дистрибутива OpenWrt 24.10.4, развиваемого для сетевых устройств, таких как маршрутизаторы, коммутаторы и точки доступа. OpenWrt поддерживает 2815 устройств и предлагает систему сборки, упрощающую кросс-компиляцию и создание собственных сборок. Подобные сборки позволяют формировать готовые прошивки с желаемым набором предустановленных пакетов, оптимизированные под конкретные задачи. Готовые сборки опубликованы для 39 целевых платформ.

https://www.opennet.ru/opennews/art.shtml?num=64097

[ Foot ]( https://codeberg.org/dnkl/foot )  — быстрый, легковесный и активно развиваемый эмулятор терминала для композиторов, использующий протокол Wayland.

Ключевые особенности:

• Минимум зависимостей. Установка foot в систему со Sway WM приводит к добавлению 3 мегабайт зависимостей.

• Ручная отрисовка. Foot не использует OpenGL или Vulkan и полагается исключительно на API, предоставляемые композитором Wayland.

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18118664#cut ) )

British Columbia is permanently banning new cryptocurrency mining operations from connecting to its power grid to conserve electricity for industries that generate more jobs and tax revenue. The province is also capping power allocations for AI and data centers, while launching a competitive allocation process in January 2026. CoinDesk reports: The move from the government of Canada's third-most populous province is part of a broader legislative and regulatory overhaul unveiled Monday [...]. "Government will also implement several regulatory and policy changes in fall 2025 that will ... permanently ban new BC Hydro connections to the electricity grid for cryptocurrency mining to preserve the province's electricity supply and avoid the overburdening of the electricity grid," the government said in a post on its website

The province said the restrictions will help prevent grid strain and ensure industrial development is powered by clean electricity. "We're seeing unprecedented demand from traditional and emerging industries," Charlotte Mitha, the president and CEO of power utility BC Hydro, said in the web post. "The province's strategy empowers BC Hydro to manage this growth responsibly, keeping our grid reliable and our energy future clean and affordable." Crypto mining operations often consume large amounts of electricity without creating many local jobs or tax revenue, according to the statement. By contrast, projects like mines or liquefied natural gas (LNG) facilities are seen as more beneficial to the economy.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/10/21/237254/british-columbia-to-permanently-ban-new-crypto-mining-projects-from-grid?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

alternative_right shares a report from the Internet Archive: This October, the Internet Archive's Wayback Machine is projected to hit a once-in-a-generation milestone: 1 trillion web pages archived. That's one trillion memories, moments, and movements -- preserved for the public and available to access via the Wayback Machine.

We'll be commemorating this historic achievement on October 22, 2025, with a global event: a party at our San Francisco headquarters and a livestream for friends and supporters around the world. More than a celebration, it's a tribute to what we've built together: a free and open digital library of the web.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/21/2324239/internet-archive-celebrates-1-trillion-web-pages-archived?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

joshuark shares a report from BleepingComputer: A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. The campaign employs "ClickFix" techniques where targets are tricked into executing commands in Terminal, infecting themselves with malware. Researchers at threat hunting company Hunt.io identified more than 85 domains impersonating the three platforms in this campaign [...].

When checking some of the domains, BleepingComputer discovered that in some cases the traffic to the sites was driven via Google Ads, indicating that the threat actor promoted them to appear in Google Search results. The malicious sites feature convincing download portals for the fake apps and instruct users to copy a curl command in their Terminal to install them, the researchers say. In other cases, like for TradingView, the malicious commands are presented as a "connection security confirmation step." However, if the user clicks on the 'copy' button, a base64-encoded installation command is delivered to the clipboard instead of the displayed Cloudflare verification ID.

[ Read more of this story ]( https://it.slashdot.org/story/25/10/21/2256241/fake-homebrew-google-ads-push-malware-onto-macos?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Ars Technica: AI content has proliferated across the Internet over the past few years, but those early confabulations with mutated hands have evolved into synthetic images and videos that can be hard to differentiate from reality. Having helped to create this problem, Google has some responsibility to keep AI video in check on YouTube. To that end, the company has started rolling out its promised likeness detection system for creators. [...] The likeness detection tool, which is similar to the site's copyright detection system, has now expanded beyond the initial small group of testers. YouTube says the first batch of eligible creators have been notified that they can use likeness detection, but interested parties will need to hand Google even more personal information to get protection from AI fakes.

Currently, likeness detection is a beta feature in limited testing, so not all creators will see it as an option in YouTube Studio. When it does appear, it will be tucked into the existing "Content detection" menu. In YouTube's demo video, the setup flow appears to assume the channel has only a single host whose likeness needs protection. That person must verify their identity, which requires a photo of a government ID and a video of their face. It's unclear why YouTube needs this data in addition to the videos people have already posted with their oh-so stealable faces, but rules are rules.

After signing up, YouTube will flag videos from other channels that appear to have the user's face. YouTube's algorithm can't know for sure what is and is not an AI video. So some of the face match results may be false positives from channels that have used a short clip under fair use guidelines. If creators do spot an AI fake, they can add some details and submit a report in a few minutes. If the video includes content copied from the creator's channel that does not adhere to fair use guidelines, YouTube suggests also submitting a copyright removal request. However, just because a person's likeness appears in an AI video does not necessarily mean YouTube will remove it.

[ Read more of this story ]( https://news.slashdot.org/story/25/10/21/2250229/youtubes-likeness-detection-has-arrived-to-help-stop-ai-doppelgangers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

U.S. regulators have opened a new investigation into about 2,000 Waymo self-driving cars after reports that one of the company's robotaxis illegally passed a stopped school bus with flashing lights and children disembarking.

Waymo says it's "already developed and implemented improvements related to stopping for school buses and will land additional software updates in our next software release." The company added "driving safely around children has always been one of Waymo's highest priorities. ... [Waymo] approached the school bus from an angle where the flashing lights and stop sign were not visible and drove slowly around the front of the bus before driving past it, keeping a safe distance from children." Reuters reports: NHTSA opened the investigation after a recent media report aired video of an incident in Georgia in which a Waymo did not remain stationary when approaching a school bus with its red lights flashing and stop arm deployed.
The report said the Waymo vehicle initially stopped then maneuvered around the bus, passing the extended stop arm while students were disembarking.
Waymo's automated driving system surpassed 100 million miles of driving in July and is logging 2 million miles per week, the agency said. "Based on NHTSA's engagement with Waymo on this incident and the accumulation of operational miles, the likelihood of other prior similar incidents is high," the agency said. NHTSA said the vehicle involved was equipped with Waymo's fifth-generation Automated Driving System and was operating without a human safety driver at the time of the incident.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/21/2244249/us-investigates-waymo-robotaxis-over-safety-around-school-buses?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The German Koblenz Regional Court has banned the internet service provider 1&1 from marketing its fiber-to-the-curb service as fiber-optic DSL. The court found that the company misled customers because its network uses copper cables for the final stage of connections, sometimes extending up to a mile from the distribution box to subscribers' homes.

Customers who visited the ISP's website and checked connection availability received a notification stating that a "1&1 fiber optic DSL connection" was available, even though fiber optic cables terminate at street-level distribution boxes or building service rooms. The company pairs the copper lines with vectoring technology to boost DSL speeds to 100 megabits per second. The Federation of German Consumer Organizations filed the lawsuit. Ramona Pop, the organization's chairperson, said that anyone who promises fiber optics but delivers only DSL is deceiving customers.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/21/2138208/isp-deceived-customers-about-fiber-internet-german-court-finds?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

JetBrains released its annual State of the Developer Ecosystem survey in late October, drawing more than twenty-four thousand responses from programmers worldwide. The survey declared that PHP and Ruby are in "long term decline" based on usage trends tracked over five years. Shortly after publication, JetBrains posted a separate statement asserting that "PHP remains a stable, professional, and evolving ecosystem." The company offered no explanation for the apparent contradiction, The Register reports.

The survey's methodology involves weighting responses to account for bias toward JetBrains users and regional distribution factors. The company acknowledges some bias likely remains since its own customers are more inclined to respond. The survey also found that 85% of developers now use AI coding tools.

[ Read more of this story ]( https://developers.slashdot.org/story/25/10/21/2132259/jetbrains-survey-declares-php-declining-then-says-it-isnt?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

TikTok changed its policies earlier this year on sharing user data with governments as the company negotiated with the Trump Administration to continue operating in the United States. The company added language allowing data sharing with "regulatory authorities, where relevant" beyond law enforcement. Until April 25, 2025, TikTok's website stated the company would notify users before disclosing their data to law enforcement. The policy now says TikTok will inform users only where required by law and changed the timing from before disclosure to if disclosure occurs. The company also softened its language from stating it "rejects data requests from law enforcement authorities" to saying it "may reject" such requests. TikTok declined to answer repeated questions from Forbes about whether it has shared or is sharing private user information with the Department of Homeland Security or Immigration and Customs Enforcement. The timing difference prevents users from challenging subpoenas before their data is handed over.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/21/2125252/tiktoks-new-policies-remove-promise-to-notify-users-before-government-data-disclosure?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Apple's effort to reinvent the iPad by adding a giant foldable screen has hit development hurdles, potentially delaying the planned launch. Bloomberg: The company has been working on the device -- projected to cost around $3,000 -- for several years and had most recently aimed for a 2028 release. But engineering challenges tied to weight, features and display technology have pushed its potential debut to 2029 or later, according to people familiar with the matter.

Apple is working with Samsung Display Co. to develop the roughly 18-inch panel for the device, said the people, who asked not to be identified because the work isn't public. The screen minimizes the crease seen on foldable displays, matching an approach that Apple is also using with its upcoming foldable iPhone. The iPad project is part of a broader push to bring more innovative devices to market. Apple just introduced its first new iPhone design in years -- the ultrathin $999 Air model -- and is working on everything from smart glasses to a tabletop robot device.

[ Read more of this story ]( https://apple.slashdot.org/story/25/10/21/2047227/apples-planned-foldable-ipad-with-18-inch-screen-hits-development-snags?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Plasma is a popular desktop (and mobile) environment for GNU/Linux and other UNIX-like operating systems," writes longtime Slashdot reader jrepin. "Among other things, it also powers the desktop mode of the Steam Deck gaming handheld. The KDE community today announced the latest release: Plasma 6.5." From the announcement: This fresh new release is all about fine-tuning, fresh features, and a making everything smooth and sleek for everyone. The new version brings automatic light-to-dark theme switching based on the time of day. You can configure which global themes it switches between. You can also configure whether you want the wallpaper to switch between its light and dark versions based on the color scheme, the time of day, or be always light or dark.

Next up is a "Pinned clipboard items" feature, which lets you save text you use regularly into the clipboard. Breeze-themed windows will now have the same level of roundness in all four corners, even the bottom one. Flatpak Permissions page has been transformed into a general Application Permissions page, where you can configure applications' ability to do things like take screenshots and accept remote control requests. The utility that reads the level of ink or toner from your printer now informs you when it's running low or empty.

For the gamers out there, you can now see more relevant info about game controllers on System Settings' Game Controller page. Artists among you can now configure any rotary dials and touch rings on your drawing tablet. Users sensitive to color can now make use of a grayscale color filter, which desaturates or removes color systemwide.

Plasma 6.5 implements support for an experimental version of the Wayland picture-in-picture protocol that promises to allow apps like Firefox to eventually display proper PiP windows that stay above others automatically. Support for "overlay planes" was added, which can reduce CPU usage and power draw when displaying full-screen content using a compatible GPU. You can read more about these and many other new features in the Plasma 6.5 release announcement and complete changelog.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/21/1948244/kde-plasma-65-released?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В написанной на языке Rust библиотеке async-tar, предоставляющей функции для чтения и записи tar-архивов, выявлена уязвимость (CVE-2025-62518, кодовое имя TARmageddon), позволяющая при распаковке специально оформленного tar-архива не только извлечь размещённые в нём файлы, но и файлы, содержащиеся во вложенном tar-архиве. Уязвимость может быть использована для обхода систем верификации архивов и распаковки файлов, для которых не выполнялась проверка.

https://www.opennet.ru/opennews/art.shtml?num=64093

An anonymous reader quotes a report from Ars Technica: On Monday afternoon, Amazon confirmed that an outage affecting Amazon Web Services' cloud hosting, which had impacted millions across the Internet, had been resolved. Considered the worst outage since last year's CrowdStrike chaos, Amazon's outage caused "global turmoil," Reuters reported. AWS is the world's largest cloud provider and, therefore, the "backbone of much of the Internet," ZDNet noted. Ultimately, more than 28 AWS services were disrupted, causing perhaps billions in damages, one analyst estimated for CNN.

[...] Amazon's problems originated at a US site that is its "oldest and largest for web services" and often "the default region for many AWS services," Reuters noted. The same site has experienced two outages before in 2020 and 2021, but while the tech giant had confirmed that those prior issues had been "fully mitigated," apparently the fixes did not ensure stability into 2025. ZDNet noted that Amazon's first sign of the outage was "increased error rates and latency across numerous key services" tied to its cloud database technology. Although "engineers later identified a Domain Name System (DNS) resolution problem" as the root of these issues and quickly fixed it, "other AWS services began to fail in its wake, leaving the platform still impaired" as more than two dozen AWS services shut down. At the peak of the outage on Monday, Down Detector tracked more than 8 million reports globally from users panicked by the outage, ZDNet reported. Ken Birman, a computer science professor at Cornell University, told Reuters that "software developers need to build better fault tolerance."

"When people cut costs and cut corners to try to get an application up, and then forget that they skipped that last step and didn't really protect against an outage, those companies are the ones who really ought to be scrutinized later."

[ Read more of this story ]( https://slashdot.org/story/25/10/21/1942240/amazons-dns-problem-knocked-out-half-the-web-likely-costing-billions?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В кодовую базу ядра Linux, на основе которой формируется релиз 6.18, принята реализация механизма межпроцессного взаимодействия Binder, написанная на языке Rust.

https://www.opennet.ru/opennews/art.shtml?num=64092

France and Spain are calling on the European Union to stick with plans to ban combustion engine cars in the bloc after 2035, at odds with German Chancellor Friedrich Merz ahead of a meeting of leaders in Brussels this week. From a report: The European Commission, the bloc's executive branch, is currently reviewing rules designed to accelerate the automotive sector's green transition. Merz has called on the bloc to give up its 2035 deadline to help Germany's troubled car industry.

France and Spain "hope that the upcoming review will preserve the 2035 cap and the environmental ambition of the CO2 emissions trajectory that underpins it," a paper presented to climate ministers in Luxembourg on Tuesday, and seen by Bloomberg says. "This revision should in no way call into question the zero emissions exhaust target in 2035."

[ Read more of this story ]( https://news.slashdot.org/story/25/10/21/1759230/france-and-spain-call-on-eu-to-uphold-2035-combustion-engine-ban?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

OpenAI released ChatGPT Atlas on Tuesday, an AI-powered web browser that CEO Sam Altman described as "smooth" and "quick" during a livestream announcement. The browser is available globally on macOS while versions for Windows, iOS, and Android are expected soon. Atlas includes memory features that personalize the browsing experience and an agent mode that allows ChatGPT to perform tasks such as booking reservations and flights or editing documents.

Users can manage these stored memories through the browser's settings and can open incognito windows. The browser displays a split-screen view by default when users click links from search results. The view shows both the webpage and the ChatGPT transcript simultaneously. Atlas also offers webpage summarization and a feature called "cursor chat" that allows users to select text and have ChatGPT revise it inline.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/21/1725235/openai-debuts-ai-powered-browser-with-memory-and-agent-features?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Oracle опубликовала корректирующий релиз системы виртуализации VirtualBox 7.2.4, в котором устранено 8 уязвимостей, подробности о которых пока не раскрываются. Указано только, что наиболее серьёзная проблема имеет уровень опасности 8.2 из 10. Кроме уязвимостей в новой версии представлено 6 изменений.

https://www.opennet.ru/opennews/art.shtml?num=64094

Apple lashed out at the European Union's attempts to tame the power of Silicon Valley in the most far-reaching legal challenge of the bloc's Big Tech antitrust rules. From a report: The iPhone maker's lawyer Daniel Beard told the General Court in Luxembourg on Tuesday that the Digital Markets Act "imposes hugely onerous and intrusive burdens" at odds with Apple's rights in the EU marketplace.

The DMA came onto the EU's books in 2023 and is designed to clip the wings of the world's largest technology platforms with a slew of dos and don'ts. But over recent months, the law has also drawn the ire of US President Donald Trump and plagued EU-US trade talks. Apple -- seen as the biggest renegade against the EU's crackdown -- challenged the law on three fronts: EU obligations to make rival hardware work with its iPhone, the regulator's decision to drag the hugely profitable App Store under the rules, and a decision to probe whether iMessage should have faced the rules, which it later escaped.

[ Read more of this story ]( https://apple.slashdot.org/story/25/10/21/1634248/apple-attacks-eu-crackdown-in-digital-laws-biggest-court-test?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

London police finally understand why 80,000 phones disappeared from the city's streets last year. The answer involves budget cuts [non-paywalled source] that hollowed out British policing in the 2010s, the arrival of electric bikes that made theft easy, and a lucrative black market in China where stolen British phones retain full functionality. The Metropolitan Police discovered an industrial-scale operation in December when officers traced a woman's iPhone to a Heathrow warehouse on Christmas Eve. Boxes labeled as batteries and bound for Hong Kong contained almost 1,000 stolen iPhones. The police arrested two men in their thirties in September as suspected ringleaders of a group that sent up to 40,000 stolen phones to China.

The epidemic took root after Conservative-led austerity measures reduced police numbers and budgets. In 2017 the Metropolitan Police announced it would stop investigating low-level crimes to focus resources on serious violence and sexual offenses. Thieves on rented electric bikes began mounting sidewalks to snatch phones at high speed while wearing balaclavas and hoods. Police data shows only 495 people were charged out of 106,000 phones reported stolen between March 2024 and February 2025. Thieves earn up to $401 per device. The phones sell for up to $5,000 in China because Chinese network providers do not subscribe to the international blacklist for stolen devices.

[ Read more of this story ]( https://news.slashdot.org/story/25/10/21/1557254/london-became-a-global-hub-for-phone-theft-now-we-know-why?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

President Trump's $100,000 H-1B visa fee will apply only to new visa applicants outside the country, the government confirmed in new guidance on Monday. From a report: That means that under the new policy, employers won't need to pay the fee for anyone already living in the U.S., such as international students. The new guidance: Under the new guidance published on Monday, U.S. Citizenship and Immigration Services said the $100,000 fee will apply only to new applicants living outside the country. Employers will need to pay the fee after their prospective employee's visa is approved, allowing them to move to the U.S.

Previously, the White House had said the fee would apply to all new visa applicants, except those who work for companies or industries that have secured a special waiver. In 2024, roughly 54% of the 141,000 new H-1B visas issued went to immigrants who were already in the U.S. on a different visa type, according to government statistics. If that trend holds, the new fee wouldn't apply to over half of the applicants.

[ Read more of this story ]( https://news.slashdot.org/story/25/10/21/1524225/us-narrows-who-pays-100000-h-1b-visa-fee?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Filipino workers in Manila are remotely operating robots that restock convenience store shelves across Tokyo. The partnership represents a new economic model where physical labor can be offshored through telepresence. Around 60 workers at Astro Robotics monitor the machines and intervene when problems occur about 4% of the time. They earn between $250 and $315 per month. Japan faces severe labor shortages but has resisted expanding immigration. Offshoring the work through robots solves this while dramatically reducing costs.

Filipino workers are also training the AI systems designed to eliminate the need for human operators entirely. Tokyo-based Telexistence has collected extensive data from its workers and is providing it to a San Francisco startup building fully autonomous robots. The combination of automation and offshoring creates what one University of Michigan professor called a "double whammy" for workers in developed nations. It also exploits workers in developing countries who build the tools meant to replace them. The market for AI agents is expected to grow eightfold to $43 billion by 2030. Human-only work is forecast to drop 27% over the next five years.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/10/21/1328234/japanese-convenience-stores-are-hiring-robots-run-by-workers-in-the-philippines?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Amazon executives believe the company can avoid hiring more than 160,000 workers in the United States by 2027 through robotic automation. Internal documents viewed by The New York Times show the automation would save approximately 30 cents on each item the company picks, packs and delivers. The documents reveal that executives told Amazon's board last year they hoped automation would allow the company to flatten its U.S. workforce growth over the next decade.

Amazon expects to sell twice as many products by 2033. That projection translates to more than 600,000 positions Amazon would not need to fill. Amazon opened its most advanced warehouse in Shreveport, Louisiana last year as a template for future facilities. The site uses a thousand robots and employed a quarter fewer workers than it would have without automation. The company plans to replicate this design in approximately 40 facilities by the end of 2027. A facility in Stone Mountain, Georgia currently employs roughly 4,000 workers. After a planned robotic retrofit, internal analyses project it will process 10% more items but need as many as 1,200 fewer employees. The documents show Amazon's robotics team has set a goal to automate 75% of its operations.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/10/21/1316207/amazon-plans-to-avoid-hiring-600000-workers-through-automation-by-2033-leaked-documents-show?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from The Register: Lloyds Banking Group claims employees save 46 minutes daily using Microsoft 365 Copilot, based on a survey of 1,000 users among nearly 30,000 deployed licenses. According to Lloyds Banking Group (LBG), the rollout is "helping teams summarize documents, prepare for meetings, and reduce administrative tasks." Almost 5,000 engineers are also using GitHub Copilot. Vic Weigler, chief technology officer at the finance corp, said in a statement: "We converted 11,000 lines of code across 83 files in half the expected time."

An insider at the bank, a self-professed fan of the technology, listed some of the ways it was being used in their business area. These ranged from the mundane -- drafting and summarizing emails, transcribing meetings, and comparing documents to group standards -- to the eyebrow-raising, such as drafting legal clauses, undertaking due diligence, and creating complex Excel formulas. They told us the next step is creating bots and agents to perform repetitive data-based tasks and rolling out the technology to customer-facing processes. That said, they also noted the AI tools occasionally make mistakes. The "golden rule," is to "never use the output without checking it."

[ Read more of this story ]( https://slashdot.org/story/25/10/20/223252/lloyds-banking-group-claims-microsoft-copilot-saves-staff-46-minutes-a-day?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

После четырёх месяцев разработки опубликован релиз среды рабочего стола KDE Plasma 6.5. Для оценки работы новых выпусков KDE можно воспользоваться сборками от проектов KDE Neon и openSUSE (Argon, основанный на openSUSE Leap, и Krypton, основанный на openSUSE Tumbleweed).

https://www.opennet.ru/opennews/art.shtml?num=64089

27 лет назад, в октябре 1998 года, был зарегистрирован домен Linux.org.ru.

По традиции просьба написать в комментариях, что бы вы хотели изменить на сайте, чего не хватает и какие функции стоит дальше развивать. Интересны и идеи по развитию, и мелочи, которые хотелось бы поменять, например, мешающие проблемы юзабилити и баги.

https://www.linux.org.ru/news/linux-org-ru/18117921

Alibaba Cloud claims its new Aegaeon GPU pooling system cuts Nvidia GPU use by 82%, letting 213 H20 accelerators handle workloads that previously required 1,192. The advancements have been detailed in a paper (PDF) at the 2025 ACM Symposium on Operating Systems (SOSP) in Seoul. Tom's Hardware reports: Unlike training-time breakthroughs that chase model quality or speed, Aegaeon is an inference-time scheduler designed to maximize GPU utilization across many models with bursty or unpredictable demand. Instead of pinning one accelerator to one model, Aegaeon virtualizes GPU access at the token level, allowing it to schedule tiny slices of work across a shared pool. This means one H20 could serve several different models simultaneously, with system-wide "goodput" -- a measure of effective output -- rising by as much as nine times compared to older serverless systems.

The system was tested in production over several months, according to the paper, which lists authors from both Peking University and Alibaba's infrastructure division, including CTO Jingren Zhou. During that window, the number of GPUs needed to support dozens of different LLMs -- ranging in size up to 72 billion parameters -- fell from 1,192 to just 213. While the paper does not break down which models contributed most to the savings, reporting by the South China Morning Post says the tests were conducted using Nvidia's H20, one of the few accelerators still legally available to Chinese buyers under current U.S. export controls.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/10/21/005243/alibaba-cloud-says-it-cut-nvidia-ai-gpu-use-by-82-with-new-pooling-system?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.