An anonymous reader quotes a report from MacRumors: Apple today reminded developers that the EU trader requirement in the European Union is now being enforced. Developers who distribute apps in the EU will now need to share information that includes address, phone number, and email address on the EU App Store. Submitting updates for apps on the App Store in the European Union now requires trader information that's added via App Store Connect, with those details shared on each developer's App Store page. App updates can no longer be submitted without trader information, and starting on February 17, 2025, apps that do not have a trader status set will be removed from the App Store in the EU until trader status is provided and verified.

The Digital Services Act (DSA) in the European Union requires Apple to verify and display trader contact information for all "traders" who are distributing apps on the App Store in the European Union. Developers who make money from the App Store through either an upfront purchase price or through in-app purchases are considered traders, regardless of size. Contact information for each developer that is considered a trader will be publicly available, and there will undoubtedly be some developers that are unhappy with the requirement. Independent developers and small companies may not have dedicated business addresses and phone numbers to provide, and will likely be reluctant to provide their personal contact information. You can learn more about the requirements on Apple's website.

[ Read more of this story ]( https://apple.slashdot.org/story/24/10/17/2044225/developers-now-required-to-share-phone-number-and-address-on-eu-app-store?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Харальд Вельте (Harald Welte), известный разработчик ядра Linux, лауреат премии за значительный вклад в развитие свободного ПО, основатель организации gpl-violations.org, создатель проекта Openmoko и один из разработчиков netfilter/iptables, опубликовал своё мнение относительно удаления участников из списка мэйнтейнеров ядра Linux на основании их предполагаемой работы в подсанкционных компаниях. По словам Харальда, он гордился вовлечённостью в работу сообщества разработчиков ядра, но нынешнее сообщество не похоже на то, которое он помнит, и ему больно видеть, что сейчас там происходит. По его мнению нет ничего хуже дискриминации людей только из-за их паспорта, места жительства или места работы.( [ читать дальше... ]( https://www.linux.org.ru/news/linux-general/17772364#cut0 ) )

The FBI has arrested an Alabama man who is accused of hacking the Securities and Exchange Commission's X account in January. From a report: The indictment alleges that 25-year-old Eric Council Jr. worked with co-conspirators to take control of the account and post a fake message from SEC Chair Gary Gensler about Bitcoin ETFs that caused the price of Bitcoin to jump by more than $1,000 momentarily.
To carry out this scheme, Council is accused of creating a fake ID using the information belonging to the person in control of the SEC's X account. He then allegedly tricked AT&T into providing a SIM card with the victim's phone number and install it into a new iPhone he purchased. Finally, Council was able to gain control of the SEC's account using recovery authentication codes sent to the number, and later return the iPhone to the Apple Store where he'd bought it.

[ Read more of this story ]( https://news.slashdot.org/story/24/10/17/2044230/hacker-arrested-for-the-fake-sec-tweet-that-caused-a-bitcoin-price-spike?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

404 Media journalist and Slashdot contributor samleecole shares a report: After an exodus of employees at Automattic who disagreed with CEO Matt Mullenweg's recently divisive legal battle with WP Engine, he's upped the ante with another buyout offer -- and a threat that employees speaking to the press should "exit gracefully, or be fired tomorrow with no severance." Earlier this month, Mullenweg posed an "Alignment Offer" to all of his employees: Stand with him through a messy legal drama that's still unfolding, or leave. "It became clear a good chunk of my Automattic colleagues disagreed with me and our actions," he wrote on his personal blog on Oct. 3, referring to the ongoing dispute between himself and website hosting platform WP Engine, which Mullenweg called a "cancer to WordPress" and accusing WP Engine of "strip-mining the WordPress ecosystem. In the last month, he and WP Engine have volleyed cease and desist letters, and WP Engine is now suing Automattic, accusing Mullenweg of extortion and abuse of power.

"I'm certain that Matt hasn't eliminated all dissenters, because I'm still there, but I expect that within the next six to twelve months, everyone who didn't leave but wasn't 'aligned' will have found a new job and left on their own terms," a current employee told 404 Media. "My personal morale has never been lower at this job, and I know that I'm not alone." Mullenweg himself, in internal screenshots viewed by 404 Media, acknowledged that his first "Alignment Offer" did not make everyone who disagreed with him leave the company. On Wednesday Mullenweg posted another ultimatum in Automattic's Slack: a new offer that would include nine months of compensation (up from the previous offer of six months). "We have technical means to identify the leaker as well, that I obviously can't disclose," he continued. "So this is their opportunity to exit gracefully, or be fired tomorrow with no severance and probably a big legal case for violating confidentiality agreement."

[ Read more of this story ]( https://slashdot.org/story/24/10/17/219225/employees-describe-an-environment-of-paranoia-and-fear-inside-automattic?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Intel и 9elements объявили о совместном партнерстве, цель которого заключается в разработке свободной прошивки для серверных процессоров Intel Xeon 6 и продвижении CoreBoot в корпоративной среде.( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/17773622#cut0 ) )

In a memo from CEO Sundar Pichai, Google said it is moving the team behind the Gemini app to its AI research lab DeepMind. The shift "will improve feedback loops, enable fast deployment of our new models in the Gemini app," said Pichai. Reuters reports: Gemini is Google's most advanced AI technology, developed by DeepMind. The Gemini app is the direct consumer interface to the latest Gemini models. The Gemini app team, led by Sissie Hsiao, will join Google DeepMind under the leadership of its CEO Demis Hassabis.

Google also announced that Prabhakar Raghavan, who has led the company's products including search, ads and commerce will become chief technologist and work closely with Pichai. Raghavan's role as lead of the Knowledge and Information team will be taken up by Nick Fox, who has closely worked with Google on its AI product roadmap.

[ Read more of this story ]( https://tech.slashdot.org/story/24/10/17/2310259/google-shifts-gemini-app-team-to-deepmind?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

27 октября разработчики среды рабочего стола [ Trinity ]( https://www.trinitydesktop.org/index.php ) , продолжающей развитие KDE3 и Qt3 в виде собственного форка [ TQt ]( https://www.trinitydesktop.org/docs/qt3/ ) , объявили о выпуске корректирующего обновления под номером 14.1.3.
Trinity DE (TDE) позиционируется как свободное графическое окружение с низкими системными требованиями и широкими возможности для кастомизации. Вместе со средой рабочего стола поставляется обширный [ набор приложений ]( https://www.trinitydesktop.org/applications.php ) на базе библиотеки TQt. Поддерживаются операционные системы GNU/Linux, *BSD и DilOS. Смотрите [ вики ]( https://wiki.trinitydesktop.org/Category:Documentation#Installing_from_a_Package_Manager ) , чтобы получить инструкции по установке TDE в конкретном дистрибутиве.
( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/17773761#cut ) )

An anonymous reader quotes a report from BleepingComputer: A new ClickFix campaign is luring users to fraudulent Google Meet conference pages showing fake connectivity errors that deliver info-stealing malware for Windows and macOS operating systems. ClickFix is a social-engineering tactic that emerged in May, first reported by cybersecurity company Proofpoint, from a threat actor (TA571) that used messages impersonating errors for Google Chrome, Microsoft Word, and OneDrive. The errors prompted the victim to copy to clipboard a piece of PowerShell code that would fix the issues by running it in Windows Command Prompt. Victims would thus infect systems with various malware such as DarkGate, Matanbuchus, NetSupport, Amadey Loader, XMRig, a clipboard hijacker, and Lumma Stealer.

In July, McAfee reported that the ClickFix campaigns were becoming mode frequent, especially in the United States and Japan. A new report from Sekoia, a SaaS cybersecurity provider, notes that ClickFix campaigns have evolved significantly and now use a Google Meet lure, phishing emails targeting transport and logistics firms, fake Facebook pages, and deceptive GitHub issues. According to the French cybersecurity company, some of the more recent campaigns are conducted by two threat groups, the Slavic Nation Empire (SNE) and Scamquerteo, considered to be sub-teams of the cryptocurrency scam gangs Marko Polo and CryptoLove.

[ Read more of this story ]( https://it.slashdot.org/story/24/10/17/2156214/fake-google-meet-conference-errors-push-infostealing-malware?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Canonical выпустила официальный драйвер Intel NPU для Linux в Snap Store.Новый драйвер [ Intel NPU в формате Snap ]( https://snapcraft.io/intel-npu-driver ) объединяет множество компонентов, включая прошивку устройства, драйвер пользовательского пространства и компилятор, а также приложение для проверки драйвера пользовательского режима и компилятора. Иными словами: драйвер включает все, что нужно для использования ускорителей инференса ИИ, встроенных в последние процессоры [ Intel Core Ultra ]( https://www.intel.com/content/www/us/en/products/details/processors/core-ultra.html ) (серии «Meteor Lake» и выше).Чтобы этот драйвер действительно работал, вам необходимо использовать ПО, инструменты и приложения, которые знают, как использовать его для выполнения ИИ-задач. Кроме инструментов командной строки для LLM/ML, сейчас существуют плагины OpenVINO AI для GIMP и Audacity, которые могут использовать Intel NPU для выполнения конкретных ИИ-задач.Если вы счастливый обладатель подходящего процессора, скачать драйвер Intel NPU на Ubuntu можно прямо сейчас.sudo snap install --beta intel-npu-driverВ настоящее время драйвер Intel NPU в формате Snap находится в бета-версии, так что стабильность не гарантирована.

https://www.linux.org.ru/news/opensource/17773661

Google's NotebookLM app has been updated to let you generate custom podcasts from almost any source material. The AI software is also dropping the "experimental" tag. Wired reports: To make an AI podcast using NotebookLM, open up the Google Labs website and start a New Notebook. Then, add any source documents you would like to be used for the audio output. These can be anything from files on your computer to YouTube links. Next, when you click on the Notebook guide, you'll now see the option to generate a deep dive as well as the option to customize it first. Choose Customize and add your prompt for how you'd like the AI podcast to come out. The software suggests that you consider what sections of the sources you'd like highlighted, larger topics you want further explored, or different intended audiences who you want the message to reach.

One tip [Raiza Martin, who leads the NotebookLM team inside of Google Labs] shares for trying out the new feature is to generate the Audio Overview without changes, and while you're listening to this first iteration, write down any burning questions you have or topics you wish it expanded on. Afterwards, use these notes as a launching pad to create your prompts for NotebookLM and regenerate that AI podcast with your interests in mind. [...] Yes, Google's NotebookLM might flatten the specifics of a big document or get some details mixed up, but being able to generate more personalized podcasts from disparate sources truly does feel like a transformation -- and luckily nothing like turning into a giant bug. You can view some examples of AI-generated podcasts here.

[ Read more of this story ]( https://tech.slashdot.org/story/24/10/17/2248238/googles-notebooklm-now-lets-you-customize-its-ai-podcasts?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

После года разработки вышла значительная версия Wayland-композитора и тайлового оконного менеджера Sway [ 1.10 ]( https://github.com/swaywm/sway/releases ) .
Новые возможности после перехода на Wlroots 0.18:
- код отрисовки переписан с использованием нового scene graph API из Wlroots, что увеличивает производительность;
- реализован механизм восстановления после сбросов GPU;
- добавлена команда для применения ICC-профиля к конкретному выводу.
Новые протоколы:
- добавлена поддержка протокола tearing-control-v1 для специфических игровых юзкейсов;
- добавлена поддержка протокола ext-transient-seat-v1, что позволяет создавать независимые сеансы ввода для таких программ, как wayvnc;
- добавлена поддержка протокола ext-foreign-toplevel-list-v1, который может быть полезен для сторонних панелей задач и переключателей окон;
- добавлена поддержка xdg-shell v5 с изменением положения всплывающих окон и скрытием кнопок «Развернуть/Свернуть» в CSD.
( [ читать дальше... ]( https://www.linux.org.ru/news/linux-general/17774735#cut ) )

Компания Qualcomm опубликовала характеристики Snapdragon 8 Elite — своего следующего флагманского чипа, ориентированного на мобильные игры и вычисления.
Процессор произведён по техпроцессу класса «3 нм» и состоит из 8 ядер — 2× Oryon Prime с частотой до 4.32 GHz и общим 12 MiB L2-кэшем и 6× Oryon Performance с частотой до 3.53 GHz и общим L2-кэшем на 12 MiB. В SoC будет интегрирована память LPDDR5X-5300, работающая на эффективной частоте от 4800 MT/s до 5333.5 MT/s.
( [ читать дальше... ]( https://www.linux.org.ru/news/hardware/17775262#cut ) )

[ Доступен ]( https://download-installer.cdn.mozilla.net/pub/firefox/releases/132.0/ ) Firefox 132.Среди новшеств этого выпуска:
- Linux: [ Налажена ]( https://bugzilla.mozilla.org/show_bug.cgi?id=1751467 ) возможность открыть скачанный файл в программах, установленных с помощью Flatpak.
- В режиме [ строгой защиты от отслеживания ]( https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop#w_strict-enhanced-tracking-protection ) теперь [ блокируются ]( https://bugzil.la/1918037 ) все [ куки со сторонних сайтов ]( https://developer.mozilla.org/en-US/docs/Web/Privacy/Third-party_cookies ) .
- [ Включена ]( https://bugzilla.mozilla.org/show_bug.cgi?id=1919097 ) (security.tls.enable_kyber) поддержка алгоритма обмена ключами TLS [ mlkem768x25519 ]( https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/02/ ) (комбинация X25519 ECDH и ML-KEM (CRYSTALS-Kyber), устойчивая к подбору как на обычном, так и на квантовом компьютере).
- [ Обновлён ]( https://bugzilla.mozilla.org/show_bug.cgi?id=1911889 ) значок на вкладке, свидетельствующий о том, что вкладка воспроизводит звук. Новый значок лучше смотрится при вертикальном расположении вкладок, чем старый.
- Для большинства [ примитивов фильтров SVG ]( https://en.wikipedia.org/wiki/SVG_filter_effects#SVG_filter_primitives ) (feBlend, feColorMatrix, feComponentTransfer, feComposite, feDropShadow, feFlood, feGaussianBlur, feMerge и feOffset) включено аппаратное ускорение рендеринга WebRender.
( [ читать дальше... ]( https://www.linux.org.ru/news/mozilla/17776549#cut0 ) )

Alphabet, материнская компания Google, сообщает о большом росте выручки и прибыли в третьем квартале 2024 года.Доходы были увеличены до $88.25 миллиардов, а чистая прибыль до $26.3 миллиардов.Основным фактором успеха стало использование генеративного ИИ, который пишет четверть всего создаваемого кода. Благодаря этому корпорация также смогла уволить порядка 1100 человек, заменив их ИИ.Реакцией акций Alphabet на эти новости стал рост с $169.38 до более чем $181.

https://www.linux.org.ru/news/google/17776862

Cреди самого вкусного, на взгляд автора новости:
- DNF переписали на С++ и он стал сильно быстрее и компактнее (необходимости в MicroDNF больше нет), к тому же его открутили от PackageKit.
- Gnome обновили до версии 47.
- KDE обновили до 6.2.
- Пакеты, относящиеся к xorg-server, стали опциональными, по умолчанию не ставятся. Это можно считать признаком движения к полному отказу от X11 вообще.
- Поддержка конфигурации сети через ifcfg убрана, теперь только NetworkManager.
- Поддержка Python 2 прекращена, пакет с версией 2.7 удалён.

https://www.linux.org.ru/news/redhat/17776913

During its MAX event yesterday, Adobe teased some experimental photo and video editing tools for PhotoShop and Premiere Pro. There are a total of nine features, which include being able to rotate vector images, produce sound effects from text descriptions, and generate images in various shapes and sizes. Engadget reports: [W]e'll start with Project Perfect Blend for PS, which improves natural blending and makes shadow casting more realistic, creating more lifelike images. Project Clean Machine removes photo flashes, fireworks and objects blocking the camera's view. One feature that stands out is Project In Motion, which lets users transform custom shape animations into video by entering a prompt, while Project Know How is a content authenticator tool that can search for a video file's source online. Project Turntable lets users rotate 2D vector art in 3D, thereby allowing the 2D vector art to face a direction of their choice. The generative AI model fills in any blanks to create presentable 3D vector art.

Another standout tool is Project Super Sonic, which generates sound effects via prompts or clicking on objects in a video. The latter method can create sounds without typing prompts into the generative AI model. Project Super Sonic seems helpful for people looking to design the sounds they want. Adobe is also working on Microsoft Copilot integration in Project Scenic. This tool creates 3D scene layouts using Copilot prompts, and the camera and objects in the layout can be tweaked. Project Remix A Lot leverages generative AI to create images in various shapes and sizes, all fully editable. In other words, users can "remix" creations into shapes they like, including unusual ones. Finally, we have Project Hi-Fi. With this tool, it's possible to transform sketches and concepts into high-quality images. These images can easily be dragged into PhotoShop for editing.

[ Read more of this story ]( https://tech.slashdot.org/story/24/10/17/237222/adobes-upcoming-features-include-ai-sound-generation-and-image-remixing?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from The Verge: Donald Trump said Apple CEO Tim Cook called him to discuss the billions of dollars that Apple has been fined in the European Union. Trump made the statement during his appearance on the PBD Podcast -- and said that he won't let the EU "take advantage" of US companies like Apple if reelected. "Two hours ago, three hours ago, he [Cook] called me," Trump said. "He said the European Union has just fined us $15 billion... Then on top of that, they got fined by the European Union another $2 billion." In March, the EU fined Apple around $2 billion after finding that Apple used its dominance to restrict music streaming apps from telling customers about cheaper subscription deals outside the App Store. The EU later won its fight to make Apple pay $14.4 billion in unpaid taxes.

"He [Cook] said something that was interesting," Trump said. "He said they're using that to run their enterprise, meaning Europe is their enterprise. "I said, 'That's a lot... But Tim, I got to get elected first, but I'm not going to let them take advantage of our companies -- that won't, you know, be happening.'" Trump has talked to several Big Tech executives over the past several months. "During an interview this week, Trump said he spoke with Google CEO Sundar Pichai to complain about all the 'bad stories' the search engine shows about him," notes The Verge. "Elon Musk recently spoke at a Trump rally in Pennsylvania, while Meta CEO Mark Zuckerberg called Trump over the summer 'a few times,' according to the former president."

[ Read more of this story ]( https://apple.slashdot.org/story/24/10/17/2323239/trump-says-tim-cook-called-him-to-complain-about-the-eu?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

AWS CEO Matt Garman has harsh words for remote workers: return to the office or quit. TechCrunch: The Amazon executive recently told employees who don't like the new five-day in-person work policy that, "there are other companies around," presumably companies they can work for remotely, Reuters reported on Thursday. Amazon's top boss, Andy Jassy, told employees last month that there will be a full return-to-office starting in 2025, an increase from three days for roughly the last year.

[ Read more of this story ]( https://tech.slashdot.org/story/24/10/18/0359229/amazon-indicates-employees-can-quit-if-they-dont-like-its-return-to-office-mandate?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The blockchain-based identity verification company founded by Sam Altman is now called "World." It also unveiled a new version of the "Orb" biometric devices the company uses to scan users' eyes. CoinTelegraph reports: World, as it's now known, also revealed a slew of other updates including a new version of its Orb biometric scanning devices, new options for identity verification and partnership integrations with popular apps including FaceTime, WhatsApp, and Zoom. [...] The new Orb, powered by Nvidia hardware, will be more efficient and "five times" more powerful than its predecessor with a smaller footprint and fewer parts. The company also said the new Orb would eventually be available in self-service kiosks in some markets.

World also announced that users will soon be able to verify their identity through methods other than the firm's Orb hardware. Through a program called World ID Credentials, the company says users with NFC-enabled government issued passports will allow them to verify their identity on the World app. Another major announcement came in the form of World ID Deep Face, a service the company claims has "solved deepfakes." According to the company, its software can be implemented into just about any app where video can be uploaded or streamed to determine whether videos featuring verified persons are real or have been faked using AI. Finally, the company also announced that so far 15 million users have signed up for its World app service; among them, seven million are verified.

[ Read more of this story ]( https://slashdot.org/story/24/10/18/0057206/sam-altmans-worldcoin-rebrands-as-world-unveils-next-generation-orb?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

30 октября состоялся выпуск 0.10.0 консольного интерпретатора и встраиваемой библиотеки языка [ Pluto ]( https://pluto-lang.org ) – альтернативной реализации языка Lua 5.4 со множеством изменений и улучшений в синтаксисе, стандартной библиотеке и интерпретаторе.
( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/17777884#cut ) )

An anonymous reader quotes a report from TechCrunch: Stripe is in talks to acquire stablecoin platform Bridge for a whopping $1 billion, according to Forbes (paypalled). The talks are reportedly in advanced stages, although nothing has been finalized. Bridge, co-founded by Coinbase alumni Zach Abrams and Sean Yu, has built an API that helps companies accept stablecoins. The pair raised $58 million from investors like Index Ventures and Sequoia Capital, according to PitchBook. If the deal with Stripe goes through, it would be a huge jump from Bridge's $200 million valuation, as well as being Stripe's largest acquisition to date.

[ Read more of this story ]( https://slashdot.org/story/24/10/18/014215/stripe-in-talks-to-acquire-bridge-for-1-billion?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Qucs-S это программа для моделирования аналоговых электронных схем. В качестве движка моделирования можно использовать как [ Ngspice ]( https://ngspice.sourceforge.io/ ) для схем общего назначения, так и QucsatorRF (поставляется вместе с Qucs-S) для СВЧ устройств.
31 октября этого года представлен очередной релиз 24.4.0.
( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/17778369#cut ) )

Salesforce founder and chief executive Marc Benioff has doubled down on his criticism of Microsoft's Copilot, the AI-powered tool that can write Word documents, create PowerPoint presentations, analyze Excel spreadsheets and even reply to emails through Outlook. In a post on X, he writes: When you look at how Copilot has been delivered to customers, it's disappointing. It just doesn't work, and it doesn't deliver any level of accuracy. Gartner says it's spilling data everywhere, and customers are left cleaning up the mess.
To add insult to injury, customers are then told to build their own custom LLMs. I have yet to find anyone who's had a transformational experience with Microsoft Copilot or the pursuit of training and retraining custom LLMs. Copilot is more like Clippy 2.0.

[ Read more of this story ]( https://slashdot.org/story/24/10/18/046258/salesforce-ceo-benioff-says-microsofts-copilot-doesnt-work-doesnt-offer-any-level-of-accuracy-and-customers-are-left-cleaning-up-the-mess?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Вышла новая, улучшенная версия мощного одноплатного компьютера (SBC, Single Board Computer) [ Radxa Rock 5b+ ]( https://radxa.com/products/rock5/5bp ) на чипсете RK3588 и с поддержкой NVME SSD.
Этот одноплатник может использоваться как удачное и дешёвое решение для экспериментов и разработки. 8Гб-версия с доставкой в Россию будет стоить около 110$.
После покупки можно сразу установить [ загрузчик EDK2 ]( https://github.com/edk2-porting/edk2-rk3588/ ) , который позволит устанавливать любой дистрибутив под ARM64, включая Debian 12 bookworm.

https://www.linux.org.ru/news/hardware/17778353

India is expected to limit imports of laptops, tablets and personal computers after January, Reuters reported Friday citing government sources, a move to push companies such as Apple to increase domestic manufacturing. From the report: This plan, if implemented, could disrupt an industry worth $8 billion to $10 billion and reshape the dynamics of the IT hardware market in India, which is heavily reliant on imports. A similar plan to restrict imports was withdrawn last year following backlash from companies and lobbying from the United States. India has since monitored imports under a system set to expire this year and has asked firms to seek fresh approvals for imports next year. The government feels it has given the industry enough time to adapt, said the sources, who did not want to be identified as discussions are private.

[ Read more of this story ]( https://tech.slashdot.org/story/24/10/18/143228/india-plans-laptop-import-curbs-to-boost-local-manufacturing?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В qBittorrent была закрыта 14-летняя уязвимость, связанная с некорректной проверкой SSL/TLS-сертификатов. Обновление до версии 5.0.1 устранило эту уязвтмость, которая существовала с 2010 года.
В течение этого времени программа принимала любые сертификаты, включая поддельные, что делало её уязвимой к атаке типа «человек посередине» (MitM). Это позволяло злоумышленникам незаметно изменять сетевой трафик, потенциально подвергая пользователей риску скачивания и выполнения вредоносного кода при обновлении продукта по ссылке из уведомления о выходе новой версии, а так же при загрузке бинарников Python на Windows. Уязвимость была не только теоретической, но и реализуемой на практике.
Так же отсутствие валидации сертификатов позволяло MitM подменять содержимое RSS и базы данных MaxMind Geo IP.

https://www.linux.org.ru/news/security/17780128

WP Engine has filed a motion for a preliminary injunction against Automattic and its CEO Matt Mullenweg, seeking to halt their public campaign and regain access to WordPress resources. The hosting platform claims it's suffering "immediate irreparable harm," including a 14% spike in cancellation requests following Mullenweg's criticism.
WP Engine alleges the dispute has created anxiety among developers and increased security risks for the WordPress community. The legal action comes after Automattic accused WP Engine of trademark infringement, leading to exchanged cease-and-desist orders and a lawsuit. Last week, the WordPress.org project, led by Mullenweg, took control of WP Engine's Advanced Custom Fields plugin, redirecting users to a forked version.

[ Read more of this story ]( https://tech.slashdot.org/story/24/10/18/1448218/wp-engine-asks-court-to-stop-matt-mullenweg-from-blocking-access-to-wordpress-resources?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Фанат Amazon Kindle? Это ненадолго! Начинается предзаказ самой фантастической электронной читалки 2024 года с полностью открытыми железными спеками - [ PineNote ]( https://pine64.com/product/pinenote-community-edition-coming-soon/ ) от легендарного производителя опенсорсных девайсов [ Pine64 ]( https://pine64.com/ ) .( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/17780613#cut0 ) )

Вышла новая версия каталогизатора электронных книг с открытым исходным кодом [ Calibre 7.20 ]( https://calibre-ebook.com/ ) .В этой версии появился новый движок для преобразования PDF-файлов в другие форматы электронных книг, такие как EPUB или MOBI. Теперь он способен автоматически определять заголовки и подзаголовки на основе анализа документа.( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/17780466#cut0 ) )

Разработчики из проекта KDE [ приступили ]( https://blogs.kde.org/2024/10/29/akademy-2024-experience/#an-operating-system-of-our-own ) к созданию нового независимого дистрибутива [ KDE Linux ]( https://invent.kde.org/kde-linux/kde-linux ) , [ развиваемого ]( https://community.kde.org/KDE_Linux ) под кодовым именем «Project Banana». Дистрибутив изначально развивается как универсальный продукт, пригодный как для разработчиков KDE, так и для обычных пользователей и OEM-производителей оборудования. Для отслеживания состояния разработки [ ежедневно формируется ]( https://files.kde.org/kde-linux/ ) системный образ, пригодный для загрузки с USB-накопителей.Целью проекта является создание официального поддерживаемого сообществом дистрибутива, оптимально сочетаемого с технологиями KDE и рекомендованного для пользователей и OEM-производителей. Помимо предоставления высококачественного графического интерфейса среди поставленных перед проектом задач упоминается простой механизм восстановления в случае сбоев, поддержание высокого уровня защищённости, акцентирование на самые современные технологии, удобство предустановки и адаптации для нового оборудования, возможность использования в качестве основной платформы для разработчиков KDE, простота переключения между разными редакциями и релизами, создание базиса для распространения KDE в других атомарно обновляемых дистрибутивах.Планируется развивать три базовые редакции дистрибутива:
- Testing - обновляется ежедневно, отражает состояние master-ветки в Git и рассчитана на тестирование, контроль за качеством и отслеживание процесса разработки.
- Enthusiast - нацелена на опытных пользователей и энтузиастов. Выпуски синхронизированы c формированием релизов и тестовых версий KDE (новые сборки публикуются сразу после релизов и бета-версий KDE Plasma).
- Stable - включает только стабильные релизы компонентов KDE и выходит с задержкой после релизов KDE из-за проведения дополнительного тестирования и работы по стабилизации.
Системное окружение в KDE Linux представляет собой неделимый образ, формируемый на основании содержимого из репозиториев Arch Linux, но поставляемый без разбивки на отдельные пакеты, монтируемый в режиме только для чтения и обновляемый атомарно. Для обновления используются два дисковых раздела - обновление загружается в пассивный раздел, который после перезагрузки становится активным, а прошлый активный раздел переводится в пассивный режим и ожидает установки следующего обновления. Установка и откат обновлений, а также автоматическое резервное копирование и переключение между разными версиями реализовано через механизм снапшотов, предоставляемый файловой системой Btrfs. Для отделения системы от приложений дополнительные программы устанавливаются только в формате Flatpak. Дистрибутивом поддерживаются повторяемые сборки, позволяющие любому желающему верифицировать процесс сборки дистрибутива. Все пользовательские (/home) и изменяемые системные данные хранятся в зашифрованных разделах. В качестве загрузчика задействован systemd-boot. В графическом окружении по умолчанию применяется протокол Wayland. Из специфичных приложений отмечается интерфейс для управления резервными копиями в стиле Apple Time Machine и конфигуратор на базе [ KConfig XT ]( https://develop.kde.org/docs/features/configuration/kconfig_xt/ ) .

https://www.linux.org.ru/news/kde/17780669

Программа ratarmount (random access tar mount) предназначена для монтирования архивных файлов в файловую систему и позволяет монтировать через FUSE не только файлы tar (сжатые bz2, gz, xz или zstd) TAR, но и zip и rar. Новый релиз 1.0.0 доступен к установке из pip и AppImage.( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/17781866#cut0 ) )

An anonymous reader shares a report: Byju Raveendran, the founder of the embattled edtech group Byju's, acknowledged on Thursday afternoon that he made mistakes, mistimed the market, overestimated growth potential and that his startup, once valued at $22 billion, is now effectively worth "zero."
Speaking to a group of journalists, Raveendran said the company's aggressive acquisition of more than two dozen startups to expand into new markets proved fatal when financing dried up in 2022. Byju's was planning to go public in early 2022 with several investment bankers giving the firm valuation as high as $50 billion, TechCrunch reported earlier.
He alleged that many of his more than 100 investors had urged him to pursue aggressive expansion into as many as 40 markets. But, he added, those very investors got cold feet when global markets tumbled following Russia's invasion of Ukraine, sending the venture capital market into a downward spiral.

[ Read more of this story ]( https://news.slashdot.org/story/24/10/18/153222/a-startup-once-valued-at-22-billion-is-now-worth-nothing?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Состоялся релиз Lime3DS версии 2119. Lime3DS – форк эмулятора Citra (эмулятор Citra разрабатывали те же люди, что и Yuzu), разработка которого была прекращена в марте 2024 года. Lime3DS – эмулятор Nintendo 3DS, нативно доступный на Windows, Android, Linux, macOS и chromeOS.
Что нового:
- Появилась начальная поддержка Pretendo (аналог XLink Kai для мультиплеера игр Nintendo Wii U и Nintendo 3DS).
- Добавлена полноценная поддержка Android 15.
- Добавлена функция настройки «Расположение маленького экрана».
- Исправлена ​​ошибка, из-за которой Vulkan мог быть недоступен при использовании AppImage в сеансе Wayland.
- Исправлен рендерер Vulkan, вызывавший сбои на устройствах, не поддерживающих Vulkan 1.3.
- У приложения Lime3DS теперь есть значок приложения и тема оформления Material You. Это актуально для смартфонов Google Pixel, которые используют ванильный Android.
- Проведен масштабный внутренний ребрендинг, в ходе которого все упоминания Citra заменены на Lime3DS.
- Теперь в меню «Themes» можно выбрать несколько предустановленных цветовых тем.
Помимо вышеуказанного, исправлены различные ошибки.

https://www.linux.org.ru/news/games/17782721

With ransomware attacks surging and 2024 on track to be one of the worst years on record, U.S. officials are seeking ways to counter the threat, in some cases, urging a new approach to ransom payments. From a report: Ann Neuberger, U.S. deputy national security adviser for cyber and emerging technologies, wrote in a recent Financial Times opinion piece, that insurance policies -- especially those covering ransomware payment reimbursements -- are fueling the very same criminal ecosystems they seek to mitigate. "This is a troubling practice that must end," she wrote, advocating for stricter cybersecurity requirements as a condition for coverage to discourage ransom payments.
Zeroing in on cyber insurance as a key area for reform comes as the U.S. government scrambles to find ways to disrupt ransomware networks. According to the latest report by the Office of the Director of National Intelligence, by mid-2024 more than 2,300 incidents already had been recorded -- nearly half targeting U.S. organizations -- suggesting that 2024 could exceed the 4,506 attacks recorded globally in 2023. Yet even as policymakers scrutinize insurance practices and explore broader measures to disrupt ransomware operations, businesses are still left to grapple with the immediate question when they are under attack: Pay the ransom and potentially incentivize future attacks or refuse and risk further damage.
For many organizations, deciding whether to pay a ransom is a difficult and urgent decision. "In 2024, I attended a briefing by the FBI where they continued to advise against paying a ransom," said Paul Underwood, vice president of security at IT services company Neovera. "However, after making that statement, they said that they understand that it's a business decision and that when companies make that decision, it is taking into account many more factors than just ethics and good business practices. Even the FBI understood that businesses need to do whatever it takes to get back to operations," Underwood said.

[ Read more of this story ]( https://news.slashdot.org/story/24/10/18/1618246/the-government-is-getting-fed-up-with-ransomware-payments-fueling-endless-cycle-of-cyberattacks?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

После 2 лет разработки вышла бета-версия лучшей свободной гоночной игры SuperTuxKart 1.5. В этой версии разработчики предлагают нам ряд изменений, затрагивающих все аспекты, начиная от базового игрового движка и пользовательского интерфейса, и заканчивая сетевыми функциями и объявлениями результатов во время онлайн-игр для нескольких игроков.( [ читать дальше... ]( https://www.linux.org.ru/news/games/17782784#cut0 ) )

An anonymous reader shares a report: From the ground, northeastern Norway might look like fjord country, peppered with neat red houses and dissected by snowmobile tours through the winter. But for pilots flying above, the region has become a danger zone for GPS jamming. The jamming in the region of Finnmark is so constant, Norwegian authorities decided last month they would no longer log when and where it happens -- accepting these disturbance signals as the new normal.
Nicolai Gerrard, senior engineer at NKOM, the country's communications authority, says his organization no longer counts the jamming incidents. "It has unfortunately developed into an unwanted normal situation that should not be there. Therefore, the [Norwegian authority in charge of the airports] are not interested in continuous updates on something that is happening all the time." Pilots meanwhile, still have to adapt, usually when they are above 6,000 feet in the air. "We experience this almost every day," says Odd Thomassen, a captain and senior safety adviser at the Norwegian airline Wideroe. He claims jamming typically lasts between six and eight minutes at a time.

[ Read more of this story ]( https://news.slashdot.org/story/24/10/18/1650237/gps-jamming-is-screwing-with-norwegian-planes?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Команда Manjaro Linux начала тестирование сервиса MDD (Manjaro Data Donor) для сбора данных о пользователях и отправки их на внешний сервер проекта.Изначально планировалось, что эта функция будет включена по умолчанию, но это решение столкнулось с возражением других мейнтейнеров проекта. По информации на данный момент, телеметрия появится в виде опции, требующей согласия пользователя при первом запуске ОС. ( [ читать дальше... ]( https://www.linux.org.ru/news/linux-general/17784056#cut0 ) )

The FIDO Alliance is developing new specifications to enable secure transfer of passkeys between different password managers and platforms. Announced this week, the initiative is the result of collaboration among members of the FIDO Alliance's Credential Provider Special Interest Group, including Apple, Google, Microsoft, 1Password, Bitwarden, Dashlane, and others. From a report: Passkeys are an industry standard developed by the FIDO Alliance and the World Wide Web Consortium, and were integrated into Apple's ecosystem with iOS 16, iPadOS 16.1, and macOS Ventura. They offer a more secure and convenient alternative to traditional passwords, allowing users to sign in to apps and websites in the same way they unlock their devices: With a fingerprint, a face scan, or a passcode.
Passkeys are also resistant to online attacks like phishing, making them more secure than things like SMS one-time codes. The draft specifications, called Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF), will standardize the secure transfer of credentials across different providers. This addresses a current limitation where passkeys are often tied to specific ecosystems or password managers. Further reading: Passwords Have Problems, But Passkeys have more.

[ Read more of this story ]( https://it.slashdot.org/story/24/10/18/179230/fido-alliance-working-on-making-passkeys-portable-across-platforms?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Состоялся выпуск 8.11.0 консольной утилиты и библиотеки [ curl ]( https://curl.se ) , написанных на языке C и распространяемых по лицензии [ curl ]( https://spdx.org/licenses/curl.html ) .
( [ читать дальше... ]( https://www.linux.org.ru/news/internet/17785079#cut ) )

An anonymous reader shares a report: At the end of September, Kaspersky forcibly uninstalled and replaced itself with a new antivirus called UltraAV on the computers of around a million Americans, many of whom were surprised and aghast that they were not asked to give their consent for the change. The move was the end result of the U.S. government ban on all sales of Kaspersky software in the country and -- at least in theory -- marked the end of Kaspersky in America.
But not everyone in the U.S. has given up on the Russian-made antivirus. Some Americans have found ways to get around the ban and are still using Kaspersky's antivirus, TechCrunch has learned. Several people who live in the U.S. said in posts on Reddit that they are holding out as Kaspersky customers. When TechCrunch asked them about their motivations, their reasons range from being skeptical of the reasons behind the ban, or having paid for the product already, to simply preferring the product over its rivals.

[ Read more of this story ]( https://it.slashdot.org/story/24/10/18/1750210/some-americans-are-still-using-kasperskys-antivirus-despite-us-government-ban?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

После почти 3 лет разработки состоялся выпуск GSmartControl 2.0.0 – графической утилиты для отслеживания состояния HDD и SSD дисков по технологии S.M.A.R.T.
( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/17785893#cut ) )

An anonymous reader shares a report: Every year for the past seven, Nathan Benaich, the founder and solo general partner at the early-stage AI investment firm Air Street Capital, has produced a magisterial "State of AI" report. Benaich and his collaborators marshal an impressive array of data to provide a great snapshot of the technology's evolving capabilities, the landscape of companies developing it, a survey of how AI is being deployed, and a critical examination of the challenges still facing the field.
One of the big takeaways from this year's report, which was published late last week, is that OpenAI's lead over other AI labs has largely eroded. Anthropic's Claude 3.5 Sonnet, Google's Gemini 1.5, X's Grok 2, and even Meta's open-source Llama 3.1 405 B model have equaled, or narrowly surpassed on some benchmarks, OpenAI's GPT-4o.ââBut, on the other hand, OpenAI still retains an edge for the moment on reasoning tasks with the release of its o1 "Strawberry" model -- which Air Street's report rightly characterized as a weird mix of incredibly strong logical abilities for some tasks, and surprisingly weak ones for others.
Another big takeaway, Benaich told me, is the extent to which the cost of using a trained AI model -- an activity known as "inference" -- is falling rapidly. There are several reasons for this. One is linked to that first big takeaway: With models less differentiated from one another on capabilities and performance, companies are forced to compete on price.ââAnother reason is that engineers for companies such as OpenAI and Anthropic -- and their hyperscaler partners Microsoft and AWS, respectively -- are discovering ways to optimize how the largest models run on big GPU clusters. The cost of outputs from OpenAI's GPT-4o today is 100-times less per token (which is about equivalent to 1.5 words) than it was for GPT-4 when that model debuted in March 2023. Google's Gemini 1.5 Pro now costs 76% less per output token than it did when that model was launched in February 2024.â

[ Read more of this story ]( https://tech.slashdot.org/story/24/10/18/180238/openais-lead-over-other-ai-companies-has-largely-vanished-state-of-ai-report-finds?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Для браузера Chrome [ разработано расширение ]( https://github.com/denizzzka/jobchan-chrome-extension ) , которое дает возможность комментировать и обсуждать вакансии на известных российских сайтах по поиску работы.
Расширение не требует создания аккаунта и входа на сайт с вакансиями. Оно не собирает никакой идентифицирующей информации. Все, что расширение знает о пользователях, — это URL просмотренной вакансии.
В настоящее время поддерживаются сайты:
- career.habr.com
- hh.ru
- rabota.ru
- zarplata.ru

https://www.linux.org.ru/news/opensource/17787286

An anonymous reader quotes a report from Ars Technica: Recently, AI researcher Simon Willison wanted to add up his charges from using a cloud service, but the payment values and dates he needed were scattered among a dozen separate emails. Inputting them manually would have been tedious, so he turned to a technique he calls "video scraping," which involves feeding a screen recording video into an AI model, similar to ChatGPT, for data extraction purposes. What he discovered seems simple on its surface, but the quality of the result has deeper implications for the future of AI assistants, which may soon be able to see and interact with what we're doing on our computer screens.

"The other day I found myself needing to add up some numeric values that were scattered across twelve different emails," Willison wrote in a detailed post on his blog. He recorded a 35-second video scrolling through the relevant emails, then fed that video into Google's AI Studio tool, which allows people to experiment with several versions of Google's Gemini 1.5 Pro and Gemini 1.5 Flash AI models. Willison then asked Gemini to pull the price data from the video and arrange it into a special data format called JSON (JavaScript Object Notation) that included dates and dollar amounts. The AI model successfully extracted the data, which Willison then formatted as CSV (comma-separated values) table for spreadsheet use. After double-checking for errors as part of his experiment, the accuracy of the results -- and what the video analysis cost to run -- surprised him.

"The cost [of running the video model] is so low that I had to re-run my calculations three times to make sure I hadn't made a mistake," he wrote. Willison says the entire video analysis process ostensibly cost less than one-tenth of a cent, using just 11,018 tokens on the Gemini 1.5 Flash 002 model. In the end, he actually paid nothing because Google AI Studio is currently free for some types of use.

[ Read more of this story ]( https://slashdot.org/story/24/10/18/2053242/cheap-ai-video-scraping-can-now-extract-data-from-any-screen-recording?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Разработчик компании «Яндекс» Ахтям Сакаев разместил свой pull request на GitHub в первых числах октября. Запрос висел около месяца и был отклонён.
( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/17787377#cut ) )

Cuba's power grid failed on Friday, leaving 10 million people without electricity. NPR reports: One of the country's largest power plants, the Antonio Guiteras power plant in the western province of Matanzas, failed shortly before midday on Friday. The failure prompted a total breakdown of Cuba's electrical system. The power outage comes after days of rolling blackouts. Cuba's prime minister, Manuel Marrero Cruz, blamed the problem on deteriorating infrastructure and fuel shortages exacerbated by Hurricane Milton, which has made it difficult for fuel deliveries to reach the island.

The prime minister made an address on state television on Thursday evening and said the government would prioritize providing electricity to residential areas and promised shipments of fuel would arrive on the island in the coming days. Cuban officials have not indicated a timeline for when the power grid will be operational again. The massive blackout is a new low in a country that has already been dealing with a deepening economic crisis and widespread food shortages.

[ Read more of this story ]( https://hardware.slashdot.org/story/24/10/18/2114207/cuba-plunged-into-an-island-wide-blackout-as-power-grid-fails?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Представлен релиз GNU Wget 1.25, программы для автоматизации загрузки файлов с использованием протоколов HTTP/HTTPS и FTP/FTPS. Утилита поддерживает такие возможности, как возобновление прерванных загрузок, зеркалирование сайтов с фильтрацией загружаемых данных по маскам, преобразование ссылок внутри документов, выставление Cookie и обновление только изменившихся файлов. Код проекта написан на языке Си и распространяется под лицензией GPLv3.

https://www.opennet.ru/opennews/art.shtml?num=62222

Компания Google DeepMind опубликовала исходные тексты системы машинного обучения AlphaFold 3, предназначенной для предсказания трёхмерной структуры белков и моделирования взаимодействия белков с другими типами молекул. За создание алгоритмов машинного обучения, реализованных во второй версии AlphaFold, в этом году присуждена Нобелевская премия по химии. Связанный с AlphaFold 3 инструментарий написан на Python и C++, и распространяется под лицензией CC BY-NC-SA 4.0. Натренированные модели предоставляются на основе пользовательского соглашения. Отдельно запущен сервер, позволяющий экспериментировать с AlphaFold 3 в online-режиме.

https://www.opennet.ru/opennews/art.shtml?num=62223

Netflix has begun raising prices in several countries, including Japan, parts of Europe, and Africa, as it seeks to sustain growth following its crackdown on password sharing. While its recent financial results show strong revenue growth, the company faces challenges in finding new subscribers and aims to boost future growth through advertising and fresh content. The BBC reports: In its latest results, Netflix announced that it had added 5.1 million subscribers between July and September - ahead of forecasts but the smallest gain in more than a year. The company is under pressure to show investors what will power growth in the years ahead, as its already massive reach makes finding new subscribers more difficult. The last time Netflix saw signs of slowdown, in 2022, it launched measures to stop password sharing and said it would offer a new streaming option with advertisements.

The crackdown unleashed a new wave of growth. The firm has added more than 45 million new members since last year and has 282 million subscribers globally. Analysts also expect advertisements to eventually become big business for Netflix. For now, however, Netflix has said it remains "early days" and warned it did not expect it to start driving growth until next year, despite many subscribers opting for the ad-supported plan. The plan, which is the company's least expensive option, accounted for 50% of new sign-ups in the places where it is offered in the most recent quarter, Netflix said. Even without a boost from advertising, Netflix said revenue in the July-September period was up 15% compared with the same period last year, to more than $9.8 billion. Profit also rose from $1.6 billion in the same period last year to $2.3 billion.

[ Read more of this story ]( https://news.slashdot.org/story/24/10/18/2111218/netflix-raises-prices-as-password-boost-fades?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Состоялся выпуск 1.19.0 кроссплатформенной (Linux, MacOS, Windows) консольной утилиты hyperfine, написанной на языке Rust и распространяемой по лицензиям Apache-2.0 и MIT.
Утилита предназначена для сравнения производительности других консольных утилит.
Список изменений:
- добавлена опция --reference позволяющая вручную указать команду , с которой будут сравниваться результаты выполнения других команд;
- добавлена опция --conclude , выполняющая команду после выполнения измеряемой команды;
- команда --output= может быть задана для каждой команды;
- переменная окружения $HYPERFINE_ITERATION теперь содержит текущий номер итерации для каждой команды бенчмарка;
- в сообщение об ошибке добавлена информация об итерации;
- в скрипт plot_histogram.py добавлена возможность позиционирования легенды графика на диаграмме. Выходной DPI графика установлен в 600 DPI;
- улучшен скрипт plot_whisker.py;
- исправлена ошибка отображения примерного времени выполнения в эмуляторах терминала с блочным курсором;
- исправлено автодополнение zsh;
- добавлена сборка aarch64-apple-darwin;
- различный рефакторинг кода.

https://www.linux.org.ru/news/opensource/17790889