After 50 years of searching, astronomers say they have finally found evidence of a long-sought "wind" blowing from Sagittarius A*, the supermassive black hole at the center of the Milky Way. "Unless a black hole exists in a perfect vacuum, it must blow a wind somehow. And there is no perfect vacuum in the universe," team co-leader and Northwestern University researcher Mark Gorski said in a statement. "With new observations, this is the first time we've had a clean enough view to see the wind's imprint. We looked at the data and said, 'There it is. There is the thing that everybody's been looking for for 50 years.'" Space.com reports: Scientists have been aware for some time that feeding black holes launch powerful outflows of material around them, including jets and winds. Winds are caused when matter falling to the black hole is accelerated to near light-speed, generating pressure that pushes infalling material away. That has been seen with ravenously feeding black holes before, but not the barely feeding Sgr A*. Its sparse consumption of material and the fact it is obscured by the plane of the Milky Way from our vantage point have made tracing this wind difficult.

Gorski's Northwestern colleague and team co-leader Lena Murchikova pointed out that the scientists were the first to detect molecular gas very close to Sgr A* feeding the supermassive black hole. That makes Sgr A* reassuringly like other supermassive black holes. "The wind is not powerful, and its direction probably wanders with time. It shows that our black hole is not unique, and our place in the universe is not unique," Murchikova added. "To observe our own black hole, we have to look through the plane of our galaxy. That means we have to peer through gas, dust and ionized structures, and you can't really see through all of that easily."

While the team's results confirm that Sgr A* is extremely quiet compared to the supermassive black holes that sit in bright, turbulent regions of other galaxies called active galactic nuclei (AGN), this black hole wind is no slouch. In fact, the scientists think that it has been raging for around 20,000 years. "The majority of other galaxies spend most of their lives in a state where they are not particularly active," Murchikova said. "But we can only see them when they are in a fireworks stage. It is very attractive to study black holes when they are in the fireworks stage, but that's not actually their dominant state. "Sgr A* finally gives us a window into the life of a black hole in this quiet state."
The team's research was published in The Astrophysical Journal Letters.

[ Read more of this story ]( https://science.slashdot.org/story/26/06/06/0535213/scientists-find-wind-blowing-from-our-milky-ways-black-hole?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован релиз мета-дистрибутива T2 SDE 26.6, предоставляющего окружение для формирования собственных дистрибутивов, кросс-компиляции и поддержания версий пакетов в актуальном состоянии. Из популярных дистрибутивов, построенных на базе системы T2, можно отметить Puppy Linux. Проектом предоставляется 10 готовых загрузочных iso-образов с графическим окружением на базе KDE, собранных для архитектур arm64, ia64, ppc64, ppc64le, riscv64, riscv64 rva23, i686 и x86-64.

https://www.opennet.ru/opennews/art.shtml?num=65627

В Mutter — оконном менеджере и Wayland-композиторе GNOME Shell — удалена старая поддержка NVIDIA EGLStreams/EGLDevice. Изменение попало в основную ветку Mutter 5 июня и рассчитано на будущий выпуск GNOME 51. Это означает отказ от старой технологии поддержки Wayland для проприетарного драйвера NVIDIA, который появился ещё до того, как NVIDIA перешла на общепринятый стек GBM/DMA-BUF/KMS.

EGLStreams был первоначальным способом NVIDIA подключить свой закрытый драйвер к Wayland. Проблема в том, что остальная графическая экосистема Linux в итоге пошла другим путём: через DMA-BUF для передачи буферов, GBM для их выделения и прямую работу с KMS в ядре. В результате Mutter годами держал отдельный код специально для старой модели NVIDIA, хотя современные драйверы NVIDIA уже поддерживают GBM: такая поддержка появилась в Linux-драйвере NVIDIA 495.29.05 в октябре 2021 года.

Изменение внёс разработчик GNOME Йонас Одал. В описании слияния сказано, что удаляется код, отвечавший за Wayland EGLStreams для клиентской EGL-поддержки и за использование EGLDevice + EGLStream как прослойки над KMS page flipping. По сути, из Mutter вычищают устаревший слой совместимости, который давно заменён стандартным для Wayland споособм через DMA-BUF, GBM и KMS.

GNOME 51 пока [ находится в разработке ]( https://release.gnome.org/calendar/ ) : по официальному календарю GNOME, alpha-релиз запланирован на 27 июня 2026 года, beta — на 1 августа, release candidate — на 29 августа. Финальный выпуск GNOME 51 ожидается в сентябрьском цикле, поэтому удаление EGLStreams сейчас попадает как раз в раннюю фазу очистки и стабилизации будущего релиза.

https://www.linux.org.ru/news/gnome/18312416

Опубликован выпуск Ardour 9.7 — свободной цифровой звуковой рабочей станции для записи, сведения и мастеринга звука. Релиз состоялся 5 июня 2026 года и заявлен как корректирующий, но вместе с исправлениями принёс несколько заметных улучшений интерфейса и MIDI-редактирования. Версию 9.6 разработчики снова пропустили из-за проблем, найденных в последний момент. Ardour распространяется под лицензией GPLv2.

Главное изменение — перенос панели MIDI Tools из отдельного pianoroll-редактора в основной редактор Ardour. Теперь инструменты для редактирования аккордов и квантизации доступны прямо в Editor List, включаемом через Shift+L. Отдельный диалог Quantize при этом убран: встроенный MIDI-редактор использует настройки квантизации из боковой панели MIDI Tools. Также в inline-редактор добавлен включённый по умолчанию перекрёстный курсор для MIDI и автоматизации.

Основные изменения Ardour 9.7:

( [ читать дальше... ]( https://www.linux.org.ru/news/multimedia/18312237#cut ) )

Опубликован выпуск CUDA-Oxide 0.2.0 — экспериментального компилятора NVIDIA Labs, позволяющего писать код под CUDA-ядра на чистом Rust и компилировать их напрямую в PTX. Проект использует собственный backend для rustc, поддерживает модель SIMT и собирается через команду cargo oxide, при этом host-код и device-код могут находиться в одном дереве исходников. Релиз вышел 5 июня 2026 года и назван первым «community release»: после открытия версии 0.1.0 в проект приняли 37 pull request от 23 участников.

Главное изменение CUDA-Oxide 0.2.0 — переход к самодостаточному исполняемому файлу. Сгенерированные GPU-артефакты — PTX, NVVM-IR, LTOIR и cubin — теперь могут встраиваться прямо в host-бинарник через новый формат oxide-artifacts. Благодаря этому Rust-программа с CUDA-ядрами больше не обязана таскать рядом отдельные .ptx-файлы, а загрузка ядер происходит из самого запущенного executable.

Основные изменения:

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18312413#cut ) )

TOP20 VISITORS:

[1] PetalBot point=6 web=1367 up=9.1MB (22%) <--- PetalBot
[2] ClaudeBot point=14 web=17 up=8.1MB (19%) <--- ClaudeBot (1/hr)
[3] Amazon point=0 web=312 up=4.4MB (10%)
[4] 216.244.66.x point=0 web=99 up=3.7MB (9%)
[5] TikTok point=0 web=207 up=2.8MB (6%)
[6] 37.252.14.x point=144 web=0 up=2.6MB (6%) <--- ake (6/hr)
[7] Facebook point=0 web=5 up=2.0MB (4%)
[8] 5.9.120.x point=0 web=135 up=1.8MB (4%)
[9] 217.114.158.x point=25 web=0 up=1.3MB (3%) <--- fox (1/hr)
[10] Google point=0 web=133 up=1.1MB (2%)
[11] 217.182.136.x point=0 web=1 up=0.8MB (1%)
[12] 54.37.254.x point=0 web=1 up=0.4MB (1%)
[13] 88.88.156.x point=0 web=1 up=0.3MB (<1%)
[14] 51.68.234.x point=0 web=1 up=0.3MB (<1%)
[15] 42.200.231.x point=0 web=1 up=0.2MB (<1%)
[16] 43.173.180.x point=0 web=12 up=45KB
[17] 43.172.195.x point=0 web=5 up=38KB
[18] 51.77.43.x point=0 web=1 up=33KB
[19] 17.246.19.x point=0 web=6 up=32KB
[20] 139.135.200.x point=0 web=1 up=32KB

TOTAL TRAFFIC: 40MB

Опубликовано: Sat, 06 Jun 2026 05:54:27 GMT
Канал: Все статьи подряд / Программирование микроконтроллеров / Хабр

Всем привет, с вами вновь сумасшедший профессор (хотя совсем не профессор и возможно не совсем сумасшедший). Разберем очередную актуальную тему или не очень актуальную.Как конечные автоматы заставляют нас бросить решение реальной задачи и уводят в сферические псевдо-математические дебри.Или можно ли для произвольной задачи программирования найти практический смысл? Читать далее]]>

https://habr.com/ru/articles/1044244/

Опубликовано: Sat, 06 Jun 2026 06:19:45 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Тепловизор ручной из летающего fpv модуля 640, с получением фото на смартфоне. Купил 1-канальный конвертер AV NTSC PAL Video S Video/Composite в USB, аналоговую тепловизионную камеру для fpv дрона. Читать далее]]>

https://habr.com/ru/articles/1044302/

An anonymous reader quotes a report from Ars Technica: Just over a year ago, the Trump Administration issued an executive order meant to accelerate the development of nuclear power in the US. While an entire startup ecosystem has developed around the use of different -- and typically smaller -- reactor designs, only one of them has been fully licensed so far, and there are no plans to actually build any instances of that design.

The executive order directed the Department of Energy to have three different reactor designs reach criticality in a bit over a year. On Thursday, a startup called Antares announced that a test reactor it had placed at the Idaho National Laboratory had reached criticality, making it the first new design to cross this threshold. Criticality means that the nuclear reactions inside the hardware had become self sustaining; it does not mean the reactor had started to generate power. [...]

At the moment, Antares is just testing what it calls a Mark 0 reactor, which is not connected to the power-generation portion. Instead, it's being used to validate the company's modeling of the physical conditions in its reactors and generate safety data that can be used during licensing applications. Attempts to run the entire system, including electrical generation, are expected to happen next year. While the work was done at a Department of Energy Lab, the company is working with the Department of Defense's Project Pele program for developing a mobile nuclear reactor. The company has also received support from NASA.

[ Read more of this story ]( https://hardware.slashdot.org/story/26/06/05/216231/small-modular-nuclear-reactor-reaches-criticality-in-first-test?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A security researcher says evidence suggests the U.S. military has been using an obscure GPS message field for nearly 20 years to broadcast encrypted key-distribution data, effectively turning GPS satellites into a global "numbers station." The hidden-looking 176-bit messages appear tied to the Pentagon's Over-the-Air Distribution system for remotely updating cryptographic keys, meaning ordinary GPS receivers may have been receiving the traffic all along without anyone outside the military noticing. The findings have been detailed by Steven Murdoch, an information security expert, in a new article in Inside GNSS. 404 Media reports: [...] From the beginning, he suspected that the subframe field contained encrypted transmissions because the data was so random. "Random data is actually very unusual to get in nature," Murdoch said. "If you see it, either it's been carefully designed to be random -- but then, why is someone sending out random data? -- or it's encrypted data. I thought encrypted data is by far the most likely explanation." He returned to the subframe on and off over the years, and solicited guesses about its content on Stack Exchange in 2023. Ahmed Kamruddin, a master's student at UCL, developed the project further in 2025. Then, this year, Murdoch put the last pieces of the puzzle together over several weeks by analyzing open archive Global Navigation Satellite System (GNSS) recordings collected since 2007 and kept by GFZ Helmholtz Centre for Geosciences.

This dataset included more than 12 million observations of Subframe 4, Page 17, yielding 3,994 unique 176-bit messages. Within this corpus, Murdoch pinpointed key-repeating "sentinels" including a pattern that appeared in February 2010 and was broadcast on and off across dozens of satellites for more than a decade. Murdoch discovered that this particular sentinel was transmitted by all 31 operational satellites within a window of a few hours on May 26, 2011, potentially heralding the activation of a new operational system. He confirmed that this timeline coincided with the rollout of the military's Over-the-Air Distribution (OTAD) and the Over-the-Air Rekeying (OTAR) by cross-referencing declassified documents, including a 2015 presentation about the dates of the operation.

"There was a perfect match between the timeline and that presentation and the change points that were automatically identified from the data," Murdoch said. "That was the smoking gun that made me think: This is what it's for." These automated systems replaced the cumbersome manual distribution of cryptographic keying material, allowing military GPS receivers around the world to be rekeyed remotely through satellite broadcasts rather than through onsite procedures. For the next 11 years, this expansive rekeying operation was overlooked in public GPS data. In 2022, the system entered a new phase, according to Murdoch's analysis. The shift was characterized by a slowing in the message rotation rate. Later, in December 2023, broadcasts carrying a distinctive "TEXT" prefix emerged then gradually spread across the constellation.

Murdoch isn't sure what explains the recent transition, though it could be a possible modernization of the infrastructure or the introduction of a new protocol. But to him, the bigger takeaway is that the signals were always available for anyone willing to take a closer look, a discovery that suggests that there could be more revelations hidden for the cryptographically curious among us. "Every receiver in the world decodes Subframe 4, Page 17," Murdoch said in his new article. "Almost none of them have ever looked at it. The lesson generalizes: There is more to learn from the bytes already arriving at our antennas than from the bytes we wish were specified differently. The data are publicly available. The signal is overhead, twice a day, every day."

[ Read more of this story ]( https://tech.slashdot.org/story/26/06/05/211249/the-us-military-quietly-turned-gps-into-a-global-numbers-station-evidence-suggests?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Ahead of its upcoming IPO, SpaceX announced that Google will pay the company $920 million per month for access to roughly 110,000 Nvidia GPUs and related compute infrastructure. Google says the agreement is short-term "bridge capacity" to meet stronger-than-expected demand for Gemini Enterprise, while SpaceX is using deals like this and its Anthropic contract to bolster its pitch for a historic public offering. TechCrunch reports: The deal is similar in length and scope to the one SpaceX announced with Anthropic in late May. As part of that deal, Anthropic agreed to pay SpaceX $1.25 billion per month through 2029 to rent all the available compute from its Colossus 1 data center near Memphis, Tennessee that xAI -- now part of SpaceX -- originally built for its own artificial intelligence efforts.

Google's deal appears to be paying for roughly half the amount of compute that Anthropic has access to at Colossus 1. SpaceX didn't say which specific data center Google would be using. CEO Elon Musk has previously suggested his company would reserve the Colossus 2 data center for xAI. Anthropic was significantly limited in its compute capacity prior to its deal with SpaceX, raising usage limits on the same day the deal was announced. Google is in a very different position, with some estimates naming it as the world's largest single owner of AI compute.

[...] Also like the Anthropic deal, the agreement with Google includes a cancellation clause. Both SpaceX and Google have the option to terminate the agreement with 90 days notice after December 31, 2026. Google's access to the data center will ramp up "through September at a reduced fee," according to the filing. "If we fail to deliver access to the committed amount of GPUs by September 30, 2026, then following a one-month grace period, Google may immediately terminate the agreement or accept the number of GPUs provided" with a reduction in the monthly fees, it reads.

[ Read more of this story ]( https://hardware.slashdot.org/story/26/06/05/2017239/google-will-pay-spacex-920-million-per-month-for-compute?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Fri, 05 Jun 2026 22:09:17 GMT
Канал: Все статьи подряд / Системное программирование / Хабр

Всем доброго времени суток. В этой статье разжуем некоторые проблемы OSDev'а в том виде, в котором его хотят видеть люди. Обсудим «конструкторы ОС» и все его плюсы и недостатки. Читать далее]]>

https://habr.com/ru/articles/1044274/

Компания Google внесла изменения в объявление о выпуске Chrome 149, в котором раскрыла сведения об устранении 429 уязвимостей. 22 уязвимости отмечены как критические, а 87 - как опасные. Критические проблемы позволяют обойти все уровни защиты браузера и выполнить код в системе за пределами sandbox-окружения. Детали пока не раскрываются, упомянуто только, что большая часть критических проблем вызвана переполнением буфера или обращением к уже освобождённой памяти в компонентах ANGLE, Ozone, Chromecast, Chromoting, GFX и процессе для взаимодействия с GPU. Наибольший размер вознаграждения за уязвимость составил 97 тысяч долларов.

https://www.opennet.ru/opennews/art.shtml?num=65624

Bitcoin briefly fell below $60,000 on Friday, "extending its weekly loss to nearly 20% and threatening to fall below $59,000," reports CoinDesk. Crypto was also hit by a 40%-plus plunge in Zcash after Shielded Labs disclosed a years-old bug that could have allowed undetected counterfeit ZEC creation. From the report: Now, with stocks in plunge mode -- the Nasdaq down nearly 4% on Friday -- bitcoin finds itself perfectly correlated. "Short term, Bitcoin feels like swallowing broken glass," wrote Jeff Swanson Friday. "The chart goes up. It goes down. It makes grown men cry into their Robinhood accounts and CNBC anchors smugly declare the funeral, for the eleventh time." "Here's what uncomfortable people don't understand: the discomfort is the yield. Every paper-handed panic seller is handing their future to someone with a longer time horizon and a colder storage device."

[...] Earlier, Shielded Labs, a nonprofit developer on the privacy token system, disclosed a critical vulnerability in Zcash's (ZEC) Orchard privacy pool that could have threatened the integrity of the token's supply. The vulnerability, if exploited, could have allowed an attacker to create an unlimited number of counterfeit ZEC tokens, completely undetected. "Think of it as someone secretly gaining access to the Federal Reserve's dollar printing press, except in this case, even the Fed wouldn't be able to tell these extra dollars were printed," wrote Omkar Godbole. Importantly, the vulnerability was discovered with help from Anthropic's recently released Opus 4.8 AI model, raising difficult questions for the entire crypto industry. More to come on that. ZEC is now down 42% over the past 24 hours. On Wednesday, the Zcash Foundation said: "The vulnerability was caught before any known exploitation occurred. There is no evidence of unauthorized value creation. Zcash's turnstile mechanism (which tracks the total ZEC balance across all value pools) confirmed that the total supply remained intact throughout. User privacy was not affected. Sapling and transparent transactions continued operating normally throughout the incident."

[ Read more of this story ]( https://it.slashdot.org/story/26/06/05/202230/bitcoin-falls-to-60000-as-zcash-bug-rocks-crypto?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован выпуск инструментария Emscripten 6.0, позволяющего компилировать код на C/C++ и других языках, для которых имеются фронтэнды на базе LLVM, в универсальный низкоуровневый промежуточный код WebAssembly. Полученный результат можно использовать для интеграции с JavaScript-проектами, запуска в web-браузере, использования в Node.js или создания обособленных многоплатформенных приложений, запускаемых при помощи wasm runtime. Код проекта распространяется под лицензией MIT. В компиляторе используются наработки проекта LLVM, а для генерации WebAssembly и оптимизации задействована библиотека Binaryen.

https://www.opennet.ru/opennews/art.shtml?num=65625

An anonymous reader quotes a report from Techdirt: Earlier this year Nieman Lab broke the story that major news publishers, including The New York Times, The Guardian, and USA Today Co., had started blocking the Internet Archive for fear that AI companies might scrape the nonprofit's repositories for training data. As one of the last bastions of archival history, that is, in case you're not aware, not very good for the public interest. Four months later and Nieman Lab now notes that the number of news outlets blocking the archive has soared to around 340 organizations:

"Our new analysis shows that more than 340 local news sites across the United States are now limiting the Internet Archive's ability to access and preserve their stories. Many sites in our sample are owned by five of the seven largest local news publishers in the country: USA Today Co., McClatchy, Advance Local, MediaNews Group, and Tribune Publishing. The latter two are both subsidiaries of the "vulture hedge fund" Alden Global Capital."

[...] Regardless of motivation, hiding whatever local news remains behind paywalls, then blocking it from the Internet Archive, in turn makes it harder for everyone else to do real journalism that relies on the historical record, local journalists tell Nieman Lab: "I cover news within a larger news desert in New York's Rockland, Sullivan, and Rockland counties. This means I need to heavily rely on archival data of old news articles from now deceased, or zombie-fied, media outlets," wrote B.J. Mendelson, the editor of The Monroe Gazette newsletter, in one recent petition signed by over 200 journalists. "Without the Internet Archive, my [work] would be incredibly difficult to do." The Internet Archive says it is listening to the concerns raised by local news outlets, while also partnering with journalism groups to train hundreds of newsrooms on archival preservation: "In December, the Internet Archive partnered with the Poynter Institute and Investigative Reporters and Editors to train a cohort of 33 local and national news outlets on how to develop and implement an archiving strategy. The initiative, funded through a Press Forward grant, aims to train 300 newsrooms in digital preservation and in using the Internet Archive's services by the end of 2027."

[ Read more of this story ]( https://news.slashdot.org/story/26/06/05/1910242/340-local-news-outlets-now-blocking-the-internet-archive?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Fri, 05 Jun 2026 20:25:10 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Запуск TorrServer на слабеньком процессоре Smart TV — это гарантированные тормоза, троттлинг и вылеты из-за нехватки оперативной памяти. Телевизор должен просто проигрывать готовый видеопоток, а всю тяжелую работу по скачиванию и буферизации торрентов лучше переложить на домашний сервер.В этой статье подробно разберем, как развернуть TorrServer в легковесном Debian LXC-контейнере на Proxmox VE, настроить RAM-only кэширование для сохранения ресурса SSD хоста (чтобы не убить накопитель гигабайтами перезаписи фильмов), написать сторожевой watchdog-скрипт на bash для контроля зависаний и подружить всё это с медиа-оболочкой Lampa на Android TV.Пошаговая инструкция, конфиги, API-запросы и код скрипта под капотом. Читать далее]]>

https://habr.com/ru/articles/1044260/

The UK's Government Digital Service is replacing Stripe with Dutch payments provider Adyen for many GOV.UK Pay transactions, including local authorities, police forces, and armed forces units. The three-year deal covers about 1,000 services and is meant to make payments more flexible while keeping the user experience largely unchanged. The Register reports: According to the tender notice published in February 2025, the contract covers around 17 percent of payments made through GOV.UK Pay but more than 70 percent of its organizations and includes the only option allowing users to start taking payments within one working day. At that point the contract had an estimated maximum value of £49 million, although with no guarantees over volume.

In a blogpost about the contract award on 2 June, GDS said it will migrate around 1,000 services to the new supplier. "We will make migration as straightforward as possible while complying with Know Your Customer legislation that protects everyone from fraud," wrote Alan Maddrell, senior content designer for the service. "Most importantly, there will be no discernible difference for paying users and no loss in functionality."

He added that the change of supplier will help introduce new options including pay by bank, which transfers money directly between bank accounts using open banking services and avoids the need to type in card details. GDS will continue to use WorldPay to process payments for central government, linked organizations and NHS bodies.

[ Read more of this story ]( https://news.slashdot.org/story/26/06/05/1839258/govuk-goes-dutch-on-payments-as-it-dumps-stripe?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Longtime Slashdot reader Elektroschock writes: The American Business Software Alliance (BSA) does not consider mandatory open-source licensing to be an appropriate indicator of sovereignty. This is among the "pointed messages" they sent to the French government consultation (closed) today. "What protects Europe is the ability to govern, audit, and mitigate risk, not where a company files its corporate papers," said Thomas Boue of BSA. "Criteria of this kind raise costs, reduce access to best-in-class security solutions, and risk conflicting with the EU's international trade commitments."

[ Read more of this story ]( https://news.slashdot.org/story/26/06/05/1541215/bsa-lashes-out-at-mandatory-open-source-licensing?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from 9to5Google: There's been a lot of pushback in recent months around the impact of AI data centers on local communities, with the use of water being a key issue for many. Google, in an expansion of its "water stewardship" programs, is making commitments that include replenishing more water than it uses at its data center sites. AI data centers go through a lot of water use in cooling the hardware used to power models, and Google is no exception. While Google stands by saying that the impact of AI data centers on U.S. water consumption is "small," it also says it is focusing on "protecting local water resources in all aspects of our data center operations."

In a post, Google explains five new commitments regarding water use at its data centers in the U.S. These include replenishing more water than is consumed at data centers, helping local utilities to modernize water infrastructure, using air-cooled solutions in areas where watersheds are at risk, "transparently" reporting water use at data centers, and focusing on "alternative and reclaimed" water solutions. [...] In a linked paper (PDF), Google says it will replenish 120% of the water it uses at data center sites by 2030. Google is also committing $17 million to new water stewardship projects in Georgia, Iowa, Michigan, Minnesota, Missouri, Nebraska, and Texas in addition to 165 other projects already in place throughout the U.S.

[ Read more of this story ]( https://tech.slashdot.org/story/26/06/05/1531211/google-says-it-will-replenish-more-water-than-it-uses-at-data-centers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Fri, 05 Jun 2026 15:46:36 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

OpenMediaVault, бот в Telegram и проблема с провайдером, которую пришлось решать через собственный десктоп. Читать далее]]>

https://habr.com/ru/articles/1044194/

Alibaba, одна из крупнейших китайских IT-компаний, опубликовала открытую платформу Open Code Review с реализацией гибридной архитектуры рецензирования, сочетающей строгие методы проверки с гибкими возможностями больших языковых моделей. Проект основан на коде применяемой в Alibaba внутренней системы рецензирования изменений, написан на языке Go и распространяется под лицензией Apache 2.0.

https://www.opennet.ru/opennews/art.shtml?num=65623

Valve says its long-awaited Steam Machine and Steam Frame are both "shipping this summer." The company is also expanding its Verified program beyond Steam Deck to cover the new hardware. "Steam Verified is a developer-focused program where game makers ensure that their titles are capable of running on the Deck (meaning they'll run fine under Linux), that the UI elements and text are readable at standard resolutions, and that sensible default graphics settings are used," notes Tom's Hardware. From the report: The news should ease the worries of many an expecting gamer, given today's constant worries about AI servers slurping every RAM and NAND chip on the face of the earth, as well as Valve's own statements about component scarcity delaying the release. Plus, the company always works on its own schedule, so much so that Valve Time is a term.

The release of the Machine has been taking flak, given that while Valve was initially hoping for an estimated $600 to $800 price -- in the ballpark of the higher-end consoles -- the rumored pricing is climbing around or over $1000. This fact is somewhat corroborated by a February statement from a Valve executive who, like most anyone in the world, stated the price revision was due to the AI-driven component shortage.

[ Read more of this story ]( https://hardware.slashdot.org/story/26/06/05/1525247/valve-says-steam-machine-shipping-this-summer?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

NASA ordered astronauts on the International Space Station to shelter in their spacecraft and prepare for possible evacuation after a worsening air leak in the Russian Zvezda service module's transfer tunnel. The Guardian reports: The four astronauts of NASA's Crew-12 mission on the station -- two US astronauts, a French astronaut and a Russian cosmonaut -- received orders from NASA mission control at 9.04am ET (2pm BST) on Friday to enter their Crew Dragon spacecraft docked to the station and don their spacesuits in case the air leak warranted an emergency evacuation, a NASA official said.

NASA and Russia's space agency Roscosmos, the station's two primary operators, have debated for months over the cause and potential fixes of small air leaks onboard Russia's Zvezda service module, a key structure of the football-pitch-sized laboratory. The air leaks have been relatively minor in recent months. But on Monday the problem escalated from a pound of air per day to two pounds (0.9kg) a senior Nasa official told Reuters on condition of anonymity. UPDATE: "Roscosmos has paused Friday's structural repair efforts inside the Zvezda service module transfer tunnel, known as PrK, as more measurements and data is assessed," Bethany Stevens, a spokesperson for NASA, posted on X.

"Given this development, NASA has instructed the crew members inside the Dragon spacecraft to end the safe haven procedures and return to planned operations aboard the International Space Station. We look forward to working with Roscosmos on a collaborative approach to address the leaks."

Developing...

[ Read more of this story ]( https://science.slashdot.org/story/26/06/05/1515246/iss-astronauts-told-to-prepare-for-possible-evacuation-over-air-leak?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Fri, 05 Jun 2026 15:19:46 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Я сделал наручные часы, которые показывают время четырьмя светодиодами в двоичном коде. Захотелось сделать подарок знакомому и заодно пройти весь цикл разработки embedded-устройства: схемотехника, четырёхслойная PCB, прошивка.В статье расскажу про решения, ошибки (включая ту, из-за которой USB не заработал) и устройство прошивки. Читать далее]]>

https://habr.com/ru/articles/1044176/

Опубликовано: Fri, 05 Jun 2026 12:15:52 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Привет, Хабр! Хочу рассказать вам историю об одном устройстве, которое было создано 11 лет назад. Это простая игра «Угадай число» на микроконтроллере ATtiny2313. Собранное мной с 0 знаний в электронике.Плата не просто выжила и работает до сих пор, но и скрывает в себе секретный режим, игра сама с собой. О том, как собирался этот low-tech шедевр и как забавно он восстает против кожаных мешков, читайте под катом.  Читать далее]]>

https://habr.com/ru/articles/1044092/

AMD отправила в DRM-Next начальную поддержку HDMI 2.1 Fixed Rate Link (FRL) для открытого драйвера AMDGPU. Изменение готовится к включению в окно слияния Linux 7.2, которое должно открыться в июне. Для пользователей Radeon на Linux это важное событие: именно отсутствие FRL долго мешало полноценной работе режимов вроде 4K с высокой частотой обновления через HDMI на открытом драйвере.

FRL — это [ механизм передачи данных ]( https://www.kitguru.net/gaming/joao-silva/amd-submits-hdmi-2-1-frl-patches-for-open-source-linux-driver/ ) HDMI 2.1, пришедший на смену ограничениям старого TMDS-подхода HDMI 2.0. Он нужен для более высокой пропускной способности: современных телевизоров, 4K/120 Гц, 5K/240 Гц и других режимов, где DisplayPort обычно уже справлялся, а HDMI на AMDGPU в Linux упирался в ограничения.

История [ тянется несколько лет ]( https://www.phoronix.com/news/HDMI-2.1-OSS-Rejected ) . Ранее AMD уже имела рабочий код, но не могла нормально опубликовать реализацию HDMI 2.1 в открытом драйвере из-за требований HDMI Forum. В феврале 2024 года инженер AMD Алекс Дойчер прямо писал, что открытая реализация HDMI 2.1 невозможна без нарушения требований HDMI Forum. Теперь ситуация сдвинулась: AMD начала публиковать патчи FRL, DSC и сопутствующие изменения для AMDGPU.

На данный момент реализация поддержки не означает что «HDMI 2.1 полностью заработал в Linux», но это первый реальный шаг к ней в основном ядре. Если патчи пройдут ревью в DRM-Next, пользователи Radeon получат основу для полноценной работы современных HDMI-дисплеев без закрытого драйвера и без обходных схем.

https://www.linux.org.ru/news/hardware/18311470

Опубликован выпуск AMD GAIA 0.20.0 — открытого фреймворка для запуска локальных AI-агентов на ПК с аппаратным ускорением AMD Ryzen AI. Проект распространяется под лицензией MIT, поддерживает Windows и Linux, а установка доступна через пакет amd-gaia. Сам тег v0.20.0 опубликован 3 июня, но в новостную ленту релиз попал 4–5 июня.

Главное изменение версии — нормальный выбор устройства выполнения для каждого агента. Раньше GAIA по умолчанию использовала GPU через backend на базе llama.cpp и не давала удобного способа переключить конкретного агента на CPU или энергоэффективный Ryzen AI NPU. В GAIA 0.20.0 агенты могут объявлять поддерживаемые устройства, а пользователь выбирает CPU, GPU или NPU через Agent UI либо CLI-флаг --device {cpu,gpu,npu}. GPU остаётся вариантом по умолчанию, а профиль gaia init --profile npu берёт на себя обнаружение NPU, установку FLM-backend и загрузку модели.

Изменения в выпуске:

( [ читать дальше... ]( https://www.linux.org.ru/news/ai/18311463#cut ) )

Компания Roku, производящая телевизоры, телеприставки и устройства для умного дома, представила открытую операционную систему Roku LT OS, нацеленную на использование в специализированных инженерных проектах и встраиваемые системах. Roku LT OS позволяет создавать собственные решения, способные работать в окружениях с ограниченными ресурсами и жёсткими требованиями к задержкам и предсказуемому времени выполнения операций. Код проекта написан на языке Си и распространяется под лицензией Apache 2.0. Поддерживается создание прошивок для чипов ESP32 и STMicro, а также запуск Roku LT OS поверх Linux.

https://www.opennet.ru/opennews/art.shtml?num=65620

Опубликовано: Fri, 05 Jun 2026 09:01:17 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

С нежностью и умилением вспоминая кухонные радиотехнологии предков, самодельные детали приёмников и передатчиков на заре эры радиовещания — резисторы [1], конденсаторы [2], детекторы [3], грешно не сказать несколько слов и о нейтродине — как о примечательном и своеобразном явлении в тогдашнем радио, тем более что термин этот нам уже не раз попадался (нейтродинные конденсаторы). Отдадим дань и находчивости тогдашних конструкторов, пользовавшихся и творящих из небогатого доступного ассортимента, причём решение удалось сравнительно простым и элегантным, а улучшенное радио легко повторялось сонмом радиолюбителей по всему миру, от Нью-Йорка, «до самых до окраин». Что же это за схема, для чего она была нужна, как работала и чем может пригодиться нам? Читать далее]]>

https://habr.com/ru/companies/ruvds/articles/1040772/

Qualcomm опубликовала первые патчи для поддержки Lenovo Yoga Slim 7x Gen11 на базе Snapdragon X2 в Linux. Речь идёт о начальном описании устройства через Device Tree, которое позволяет загрузить Linux на одном из первых ноутбуков нового поколения со штатной поддержкой Windows ARM. Патчи подготовлены инженерами Qualcomm после внутреннего трёхдневного спринта и отправлены на ревью 4 июня.

[ Lenovo Yoga Slim 7x Gen11 ]( https://www.qualcomm.com/snapdragon/laptops-and-tablets/laptop-device-finder/lenovo-yoga-slim-7x ) интересен тем, что это один из первых массовых ноутбуков на Snapdragon X2 Plus / X2 Elite. Qualcomm указывает для этой линейки варианты с 12- и 18-ядерными Snapdragon X2, а также поддержку Wi-Fi 7 и встроенных AI-возможностей платформы Snapdragon.

Текущее состояние поддержки Linux уже не сводится к «ядро просто стартует». По данным Phoronix, на Yoga Slim 7x Gen11 подтверждена работа звука, GPU и дисплея, клавиатуры, тачпада, сенсорного экрана, индикатора приватности, зарядки через USB-C, Wi-Fi и Bluetooth. Это хороший результат для платформы, которая ещё только выходит на рынок.

Что уже работает:

( [ читать дальше... ]( https://www.linux.org.ru/news/hardware/18311490#cut ) )

Компания Microsoft анонсировала первую публично доступную экспериментальную сборку дистрибутива Azure Linux 4.0, подготовленную для запуске в виртуальных машинах и контейнерах. В дальнейшем обещают опубликовать экспериментальные сборки для WSL (Windows Subsystem for Linux) и AKS (Azure Kubernetes Service). Ветка Azure Linux 4 преподносится как универсальное решение, оптимизированное для платформы Azure и пригодное для использования во всех связанных с ней сферах, от виртуальных машин и контейнеров до узлов в кластере Kubernetes и систем разработчиков. Специфичные для дистрибутива изменения поставляются под лицензией MIT.

https://www.opennet.ru/opennews/art.shtml?num=65618

TOP20 VISITORS:

[1] PetalBot point=2 web=1098 up=7.5MB (20%) <--- PetalBot
[2] Amazon point=3 web=326 up=6.5MB (17%) <--- Amazon
[3] 216.244.66.x point=0 web=99 up=3.6MB (9%)
[4] 51.77.43.x point=0 web=11 up=2.6MB (7%)
[5] 37.252.14.x point=143 web=0 up=2.6MB (6%) <--- ake (6/hr)
[6] Google point=1 web=228 up=1.4MB (3%) <--- Google
[7] 5.9.120.x point=0 web=28 up=1.3MB (3%)
[8] 217.114.158.x point=25 web=0 up=1.3MB (3%) <--- fox (1/hr)
[9] 81.167.26.x point=0 web=11 up=0.9MB (2%)
[10] 147.135.213.x point=0 web=11 up=0.7MB (1%)
[11] 88.88.156.x point=0 web=11 up=0.7MB (1%)
[12] 147.135.252.x point=0 web=5 up=0.6MB (1%)
[13] 5.135.131.x point=0 web=5 up=0.5MB (1%)
[14] ChatGPT point=0 web=2 up=0.5MB (1%)
[15] 145.239.65.x point=0 web=5 up=0.4MB (1%)
[16] 51.68.234.x point=0 web=8 up=0.4MB (1%)
[17] 65.108.78.x point=0 web=4 up=0.3MB (<1%)
[18] DataForSeoBot point=0 web=8 up=0.3MB (<1%)
[19] 79.137.67.x point=0 web=5 up=0.3MB (<1%)
[20] TikTok point=0 web=33 up=0.2MB (<1%)

TOTAL TRAFFIC: 37MB

Waymo and B2U Storage Solutions have struck a "strategic supply agreement" to repurpose used batteries from Waymo's electric robotaxi fleet into stationary storage for California and Texas power grids. The arrangement could give robotaxi batteries a second life storing renewable energy after they're no longer suitable for vehicle use. It will also "support B2U projects in regions where Waymo's autonomous robotaxis operate -- meaning the used Waymo batteries could bolster the local power grids that Waymo vehicles rely upon for charging," reports Ars Technica. From the report: Waymo's "proactive maintenance" for its autonomous vehicles includes identifying opportunities to "refresh the battery to improve efficiency overall for our fleet," Adam Lenz, head of sustainability and environment at Waymo, told Ars. "That's when we look to these second-life applications, because there's still a lot of life left in the battery," he said.

Waymo did not specify the average mileage at which it swaps out batteries or retires vehicles from service. But Waymo robotaxis drive around much more each day than the typical EV, which means the Waymo fleet is likely to experience faster usage-related degradation of battery capacity over time. The company confirmed to Ars that "some of these vehicles have now been serving riders for years and have mileage beyond what a normal consumer drives."

[...] "Put a little haircut on that in terms of degradation and the effective capacity that would be left in those batteries when they're suitable for repurposing, and we're still talking about pretty significant capacity per battery," Hall said. The growing Waymo robotaxi fleet could lead to "pretty large numbers in terms of megawatt hours of capacity that can be deployed pretty quickly" for stationary energy storage supporting power grids, he suggested.

The agreement gives Waymo discretion over when and how many used batteries will be turned over to B2U. But the companies confirmed that B2U has "already started receiving smaller initial quantities of batteries" from the Waymo fleet. Over time, the agreement could give B2U "hundreds of megawatt-hours" of additional storage capacity from Waymo's thousands of electric vehicles, Lenz said.

[ Read more of this story ]( https://hardware.slashdot.org/story/26/06/04/1955206/used-waymo-robotaxi-batteries-become-backup-storage-for-power-grids?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from The Guardian: Bumblebees can use tools to solve a problem, according to experiments that demonstrate their remarkably advanced cognitive abilities. The bees were given an adapted version of an experiment that, 100 years ago, first demonstrated chimpanzees could work out how to retrieve an out-of-reach banana by stacking boxes. Since then, various other primates, elephants and crows have joined an elite cohort of species known to be capable of this level of insight and spontaneous problem solving. In the latest research, bees were shown to be able to roll a polystyrene ball to a specific location and climb on to it in order to access an artificial flower on a low ceiling. The findings challenge the longstanding assumption that insects operate purely on instinct and mindless trial-and-error learning. "Most people think insects are reflex-based machines," said Dr Olli Loukola, a behavioral ecologist at the University of Oulu, Finland, and senior author. "That they can't have any emotional states or feel pain. Some people don't even realize that they have brains. I hope that these results change the worldview about that."

"We are not claiming that bees think like humans," added Loukola. "But our findings show that miniature brains can generate flexible solutions to novel problems in ways we are only beginning to understand."

The findings are published in the journal Science.

[ Read more of this story ]( https://science.slashdot.org/story/26/06/04/2016228/bees-can-use-tools-to-solve-problems-study-finds?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Anthropic is urging leading AI labs to consider slowing development, warning that frontier models are advancing fast enough that they may soon be able to improve themselves without direct human intervention. The company says a global ability to pause or slow AI development would "likely be a good thing," citing internal data about accelerating model capabilities. From a blog post: Using public benchmarks and previously unreported data from within Anthropic, The Anthropic Institute is showing that AI is already accelerating the development of AI systems. To take just one example: today, Anthropic engineers on average ship 8x as much code per quarter as they did from 2021-2025.

The technical trends discussed in this piece suggest that AI systems are going to become much more capable in coming years. These trends have huge implications. AI that can build itself would be a major development in the history of technology -- one that could bring enormous good for the world in science, healthcare, and beyond. But full recursive self-improvement also might increase the risks of humans losing control over AI systems. If systems are capable of fully building their own successors, the ways we secure them, monitor them, and shape their behavior all grow much more important. [...]

If it were possible to effectively slow the development of this technology to give ourselves more time to deal with its immense implications, we think that would likely be a good thing. But if a slowdown simply lets the least cautious actors catch up technologically, it could leave everyone less safe. Without a global coordination mechanism, companies and governments will have to make difficult decisions about safety while under competitive and geopolitical pressures.

We believe it would be good for the world to have the option to slow or temporarily pause frontier AI development to enable societal structures and alignment research to keep up with the advance of the technology. The Anthropic Institute will conduct research -- in collaboration with many others -- and take actions to help build the systems that a credible slowdown or pause would require. These systems would enable frontier AI developers to verify that others globally have actually stopped or slowed, and that a bad actor could not use the auspices of a coordinated slowdown to jump ahead in secret. If such systems existed, we expect that we would slow down or temporarily pause, if other developers at or near the frontier also did so in a verifiable manner...

[ Read more of this story ]( https://slashdot.org/story/26/06/04/204255/anthropic-urges-global-pause-in-ai-development-flags-self-improvement-risk?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A new npm supply-chain attack has infected 36 packages with Rust-based infostealer malware called IronWorm. According to BleepingComputer, the malware "targets 86 environment variables (key-value pairs) and 20 credential files that may contain OpenAI, AWS, Anthropic, and npm credentials, vault configuration files, SSH keys, and Exodus cryptocurrency wallet files." From the report: According to researchers at supply-chain and devops company JFrog, IronWorm is written in Rust, hides behind an eBPF kernel rootkit, and communicates with the operator over the Tor network. The Rust-based malware self-propagates by using stolen credentials for publishing on npm; this includes secrets associated with npm's Trusted Publishing workflow. Once it compromises a developer or CI environment, it can publish trojanized versions of packages owned by the victim, which then infect additional developers and CI systems.

This behavior is conceptually similar to Shai Hulud, which had its code published on GitHub recently. Although JFrog researchers did not find a clear connection between IronWorm and Shai Hulud, they observed the same commit names in both supply-chain attacks. This opens the possibility that the new malware is an evolution of TeamPCP's payload, since IronWorm appears to be "a custom, carefully built implant from an operation with its own infrastructure."

[...] The company provides a list of all impacted package names and their versions in the report and recommends that developers upgrade to fixed releases, rotate their keys, and enable two-factor authentication (2FA) for all accounts. At the same time, Endor Labs and StepSecurity have spotted a very similar but distinct attack involving a JavaScript-based malware named binding.gyp, performing registry poisoning and GitHub Actions infection, unfolding during the same time-frame.

[ Read more of this story ]( https://it.slashdot.org/story/26/06/04/1948205/new-ironworm-malware-hits-36-packages-in-npm-supply-chain-attack?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from 404 Media: The moderators of the biohacking subreddit say that peptide and hormone replacement therapy companies have been surreptitiously spamming Reddit in an attempt to get their posts scraped by AI chatbots. The strategy is an effort to systematically manipulate the answers provided by chatbots by manipulating the underlying source material that those chatbots will scrape -- in this case, a popular Reddit community. In a post last week, the moderators of r/biohackers said they would be banning new posts about peptides and hormone replacement therapy (HRT) because of attempted manipulation by the companies that make, market, and sell them. [...] "As AI search engines increasingly pull answers from Reddit, companies are using us for AEO. On top of that, there's been an explosion of peptide interest and AI usage flooding the sub. Together, this has put serious pressure on content quality," a post by the moderators read.

[...] It has become incredibly difficult to stop Reddit manipulation, because the firms doing it are getting more sophisticated. The moderator said that there are really standard and long-running strategies where brands will hop in the comments and suggest their products: "That type of marketing has always existed and if people want to try something new because the brand resonated with them, cool. That's the way marketing should flow in my mind," they said. "But what I'm seeing that is way scarier to me is that there are companies that will reverse-engineer the actual prompt patterns that are prioritized by LLMs, and so you'll see someone post a super clickbait, high-traction, vague question like 'Is all the hype around Vitamin D actually worth it?" they added. "And that thread will do really well because everyone on biohackers actually has an opinion, so it gets engagement and prioritized by LLMs, and then brands will sneak in and they'll embed their brand mentions in those threads in the exact right places in a seemingly organic way. But none of it is organic, the entire thing is a strategy by an agency to prioritize brand mentions or a narrative within an LLM."

The Reddit accounts that are doing this are "warmed up" or are made to seem human, meaning they have a posting history that is not just promotional. This makes them much harder to detect and moderate against. Some of the agencies doing this are paying real people to post promotional content, or have built communities where people are incentivized to post promotional content. The moderator said that Reddit's automated moderation tools have been helpful, but that the type of promotion happening has become so sophisticated that it has become more of a you-know-it-if-you-see it kind of thing. "A lot of it has become pattern recognition," they said. "You literally just sort of know what to look for. But the problem is you don't want to become punitive to the people who aren't doing this maliciously, and so I think the over-moderation risk is very real."

[ Read more of this story ]( https://tech.slashdot.org/story/26/06/04/1828244/companies-are-using-reddit-to-manipulate-chatgpt-and-google-ai-search?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Meta has reportedly delayed the developer release of its Muse Spark AI model API multiple times, and as of Tuesday, had no scheduled launch date, according to the Wall Street Journal (paywalled). Reuters reports: A Meta spokesperson told Reuters on Wednesday that the company is already testing the Application Programming Interface (API) with some early partners and is looking forward to releasing it this month. "The muse spark API will be coming soon," Meta AI Chief Alexandr Wang announced in a post on X in April.

Meta unveiled Muse Spark in April as the first model built to close the gap with rivals. Muse Spark is the first in a new series of models created by the company's Superintelligence Labs. Earlier on Wednesday, Meta unveiled an AI agent aimed at helping businesses carry out day-to-day operations, hinting at the company's ambitions to compete with rivals such as OpenAI, Anthropic and Alphabet's Google.

[ Read more of this story ]( https://meta.slashdot.org/story/26/06/04/181247/meta-keeps-delaying-the-release-of-its-new-ai-model-to-developers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В начале июня 2026 года исследователи кибербезопасности из компании Calif (с помощью ИИ-агента Codex) обнаружили новый вариант атаки HTTP/2 Bomb, которая работает даже с одного клиентского устройства, имеющего интернет-соединение со скоростью 100 Мбит/с.

Атака состоит из двух этапов:

•

Манипуляция сжатием HPACK: В протоколе HTTP/2 заголовки сжимаются с помощью таблицы HPACK. Атакующий отправляет почти пустой заголовок, но с помощью сотен тысяч инструкций заставляет сервер распаковывать и постоянно ссылаться на один и тот же крошечный элемент. Это вызывает лавинообразный расход памяти сервера.

•

Блокировка потока управления (Flow Control): После того как память заполнена, злоумышленник выставляет размер окна управления потоком (flow-control window) на 0. Это заставляет сервер приостановить отправку ответа, удерживая занятую память, и поддерживать соединение открытым периодическими 1-байтными запросами.

Всего один клиент за 10–20 секунд способен израсходовать до 32–64 ГБ оперативной памяти. Уровень потребления памяти в различных HTTP-серверах варьируется от примерно 70 байт на каждый байт в индексе для nginx, IIS и Pingora, до 4000 байт в Apache httpd и 5700 в Envoy.

Уязвимости подвержены практически все основные серверные реализации HTTP/2 в конфигурациях по умолчанию:
NGINX, Apache HTTPD (модуль mod_http2), Microsoft IIS, Envoy, Cloudflare, Pingora

Уязвимость исправлена в nginx 1.29.8 (с помощью директивы max_headers из freenginx, по умолчанию допускающая обработку не более 1000 заголовков), Envoy 1.35.11 и 1.36.7 (mutable_max_request_headers_kb и max_headers_count), Appache mod_http2 2.0.41. Для Microsoft IIS и Cloudflare Pingora исправлений пока нет.

HTTP-сервер Angie не подвержен уязвимости, поскольку реализовал защиту от подобного рода атак ещё в версии 1.8.0, вышедшей в 2024 году.

https://www.linux.org.ru/news/security/18311265

Компания Google опубликовала релиз web-браузера Chrome 149. Одновременно доступен стабильный выпуск свободного проекта Chromium, выступающего основой Chrome. Браузер Chrome отличается от Chromium использованием логотипов Google, наличием системы отправки уведомлений в случае краха, модулями для воспроизведения защищённого от копирования видеоконтента (DRM), системой автоматической установки обновлений, постоянным включением Sandbox-изоляции, поставкой ключей к Google API и передачей RLZ-параметров при поиске. Для тех, кому необходимо больше времени на обновление, отдельно поддерживается ветка Extended Stable, сопровождаемая 8 недель. Следующий выпуск Chrome 150 запланирован на 30 июня.

https://www.opennet.ru/opennews/art.shtml?num=65617

The U.S. and its Five Eyes intelligence partners issued a joint warning (PDF) that Chinese military intelligence services are using LinkedIn and other professional networking sites to recruit people with access to government, military, foreign policy, or sensitive economic information. "These actors use an aggressive online recruitment strategy whereby intelligence officers or their affiliates pose as employees of private consultancies, think tanks or human resources firms, and place online job advertisements for foreign policy and defense analysts," the agencies said Wednesday. "China's military intelligence services ultimately seek to acquire privileged military, political and economic intelligence that can provide China with a strategic and tactical advantage over the Five Eyes." Bloomberg reports: China was targeting Five Eyes nationals with security clearance, particularly those working in foreign affairs, security and intelligence, and military personnel including people stationed in the Asia-Pacific region, it said. People with more peripheral access to government information, such as academics, journalists and think tank employees, were also being approached.
The Chinese embassy in the UK strongly condemned the accusations, calling the allegation of Chinese espionage threats "entirely fabricated" and "malicious slander." The "Five Eyes" members have "engaged in unscrupulous espionage and intelligence-gathering activities around the globe. Their activities are the real threat to peace-loving countries," the embassy said in a statement Thursday.

[...] According to the agencies, Chinese spies have commissioned reports to be written by those they've approached, paying them anywhere from a few hundred to several thousand dollars, with payments sometimes made in cryptocurrency. "Military members may be asked about their roles and unit activities, home base or naval vessel," the notice said. "Five Eyes agencies have identified individuals who have undertaken these activities, leading to criminal prosecutions, job losses, and security-clearance revocation," it warned.

[ Read more of this story ]( https://tech.slashdot.org/story/26/06/04/1740244/linkedin-china-spying-threat-prompts-warning-from-us-allies?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from the Associated Press: The Supreme Court sided with the Trump administration Thursday in upholding the power of federal regulators to enforce data privacy laws on telecommunications companies. The 8-1 decision (PDF) preserved one of the Federal Communications Commission's key tools, though the companies also won a concession from the Republican administration that could shift the regulatory landscape.

The appeal from telecommunications giants Verizon and AT&T challenged a combined $100 million in penalties imposed after the agency determined that the companies had failed to safeguard customer location data. The companies argued that the FCC's process was unconstitutional because it gave them little opportunity to tell their side of the story in front of a jury. The administration defended the fines are an essential regulatory tool. But the government also said companies did not have to pay the penalties right away, a regulatory shift in the companies' favor.

The Supreme Court agreed, affirming the FCC's power to order fines when challenges are still available. "The orders at issue did not settle the carriers' legal obligations because, stated simply, they did not create an obligation to pay," Chief Justice John Roberts wrote for the majority. [...] Other agencies use similar enforcement methods, so a sweeping victory for AT&T and Verizon could have had widespread effects, advocates said.

[ Read more of this story ]( https://yro.slashdot.org/story/26/06/04/1722208/supreme-court-sides-with-trump-administration-on-federal-regulation-of-telecom-companies?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

schwit1 shares a report from NJ.com: Samsung is pulling up stakes in New Jersey and heading to Texas, a move that could leave roughly 1,000 Garden State workers facing a stark choice: relocate or risk losing their jobs. The South Korean tech giant confirmed this week that it will move its US headquarters from Englewood Cliffs, NJ, to its existing campus in Plano, Texas, marking a stunning reversal less than a year after it celebrated the opening of a new headquarters in Bergen County. The relocation is expected to be completed by the end of the year, according to company statements. "Samsung Electronics America Inc. is undergoing a business transformation designed to better position our organization for long-term growth and future success. As part of this effort, we are relocating our U.S. headquarters from New Jersey to our existing campus in Plano, Texas, building on our 30-year presence in the state," said Samsung in a statement emailed to NJ.com on Tuesday.

"As part of this strategy, we will be optimizing parts of the organization to ensure our roles and functions align to key business priorities. We recognize such adjustments will have an impact on our people and we will be providing support to those affected," it continued.

[ Read more of this story ]( https://slashdot.org/story/26/06/04/0540213/samsung-ditches-new-jersey-for-texas-costing-garden-state-1000-jobs?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Thu, 04 Jun 2026 15:48:38 GMT
Канал: Все статьи подряд / Робототехника / Хабр

В начале XIX века английские ткачи ломали станки — не потому что не понимали технологию, а потому что понимали слишком хорошо. Два века спустя эта тревога возвращается. Перевод статьи Why the Biggest Threat to Robotics Isn't Technical (Six Degrees of Robotics, Аарон Прейтер, май 2026) о том, почему главная угроза робототехнике сегодня — не техническая, с моими пояснениями для тех, кто следит за темой снаружи индустрии. Читать далее]]>

https://habr.com/ru/articles/1043746/

joshuark shares a report from The Verge: Apple will introduce age verification in the App Store for users in Texas starting on Thursday, June 4th. The move, as spotted by MacRumors, comes just days after a federal appeals court allowed Texas' App Store Accountability Act to go into effect while a lawsuit against it proceeds. People in Texas who are creating a new Apple account will need to verify they're over 18 using a credit card or government ID. Apple may also automatically verify users' age using the age of their account and whether they have a credit card on file.

Despite Apple's attempts to push back on app store-level age verification, the company has announced plans to implement age checks to comply with laws in places like Utah, Louisiana, Brazil, Australia, Singapore, and the UK. Google is required to make similar changes to the Play Store and is also introducing age-checking tools for developers. Last December, a judge blocked the App Store Accountability Act (SB 2420) from taking effect, but an appeals court has now reversed this decision -- at least while the court figures out whether the law is constitutional. Even if this law gets struck down in Texas, a federal version with the same name is still making its way through Congress and could impose age verification at the app store nationwide.

[ Read more of this story ]( https://apple.slashdot.org/story/26/06/04/0546207/apple-is-bringing-age-verification-to-texas-this-week?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Thu, 04 Jun 2026 15:14:06 GMT
Канал: Все статьи подряд / Программирование микроконтроллеров / Хабр

В этом тексте я произвел обзор микросхемы SPI-NOR FLASH памяти MX25L6433F. Показан код, который позволит запустить на микросхеме файловую систему LittleFS. Читать далее]]>

https://habr.com/ru/articles/1041732/

Опубликовано: Thu, 04 Jun 2026 15:06:18 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Как открывать шлагбаумы и ворота силой мысли. Описание мобильного приложения и конечного устройства. Читать далее]]>

https://habr.com/ru/articles/1043728/

An anonymous reader quotes a report from Ars Technica: UK regulators today ordered (PDF) Google to put clearer attributions and links to publishers' content in its AI-generated search features. The UK's Competition and Markets Authority (CMA) also said Google must give publishers a way to opt out of AI features in search. "In a world first, publishers will now have effective tools to prevent their content being used to power AI features in search, such as AI Overviews," the CMA said today. "This will put publishers, like news organizations, in a stronger position to negotiate content deals with Google. To boost consumer trust, Google is also now required to make sure that publisher content is properly attributed, using clear links, in AI-generated search results."

The CMA ruled that Google may not penalize publishers for opting out of AI, meaning that Google can't downrank opted-out publishers in general search results. The CMA said Google will have nine months to comply with all requirements but that the agency "expects important parts of the controls to become available to publishers well before that deadline. Google will also be required to submit and publish compliance reports, supported by key data and metrics, explaining changes it has made and how it has complied." [...] The CMA applied the rules to Google after determining that it has "strategic market status" in general search services, and has ongoing investigations into Apple and Microsoft. Google today said it will comply with the CMA decision. The News Media Association, a trade group in the UK, said that "the legally enforceable Conduct Requirements for Google Search published today are a significant step towards leveling the playing field and building a fair, transparent digital economy where premium content is properly respected and fairly compensated." The group called on the UK to implement "robust enforcement."

[ Read more of this story ]( https://tech.slashdot.org/story/26/06/04/0054242/google-ordered-to-put-clearer-links-in-ai-search-let-uk-publishers-opt-out?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Thu, 04 Jun 2026 12:52:37 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Купил я тут по дешевке 43-дюймовый телевизор Hartens (модель HTY-43FHD06B‑HK22, панель BOE HV430FHB‑F91) под проект умного гостевого дома. Железо внутри скромное: чипсет MediaTek MT5867, 32-битная архитектура (armeabi‑v7a), 1.5 ГБ оперативной памяти и вишенка на торте — фирменная оболочка Яндекс.ТВ на базе AOSP Android 11.Из коробки это чудо техники работает «не очень». Интерфейс задумчивый, повсюду рекомендации, Алиса, Кинопоиск, Яндекс.Музыка и куча другого софта, который постоянно висит в памяти и кушает и без того дефицитные ресурсы.План по исправлению созрел быстро, но на первом же шаге я уперся в стену: производитель полностью вырезал пункт «Отладка по USB» (USB Debugging) из меню разработчика. USB‑порты у телевизора работают только в режиме хоста (подключить ПК напрямую кабелем нельзя), а сетевой ADB по умолчанию закрыт.Ниже я расскажу, как удалось обойти это ограничение, залезть «под капот» телевизора и превратить тормозящий яндекс‑комбайн в чистый и шустрый Android TV. Читать далее]]>

https://habr.com/ru/articles/1043666/