An anonymous reader quotes a report from Reuters: A lawyer for Elon Musk hammered at the credibility of OpenAI CEO Sam Altman on Thursday, near the end of a trial over whether to hold the ChatGPT maker and its leaders responsible for allegedly transforming the nonprofit into a vehicle to enrich themselves. OpenAI's lawyers fought back, claiming the world's richest person waited too long to claim OpenAI breached its founding agreement to build safe artificial intelligence to benefit humanity, and couldn't claim he was essential to its success. "Mr. Musk may have the Midas touch in some areas, but not in AI," said William Savitt, a lawyer for OpenAI. "To succeed in AI, as it turns out, all Mr. Musk can do is come to court."

The claims were made during closing arguments of a trial in the Oakland, California, federal court. [...] In his closing argument, Musk's lawyer Steven Molo told jurors that five witnesses, including Musk, former OpenAI board members and former OpenAI Chief ScientistIlya Sutskever, testified that Altman was a liar. Molo also noted that during cross-examination on Tuesday, Altman did not say yes unequivocally when asked if he was completely trustworthy and did not mislead people in business. "Sam Altman's credibility is directly at issue in this case," Molo said. "If you don't believe him, they cannot win."

Molo accused OpenAI of wrongfully trying to enrich investors and insiders at the nonprofit's expense, and failing to prioritize AI's safety. He also challenged Brockman's goals for the business, citing Brockman'sstatementthat his own OpenAI stake was worth nearly $30 billion. "The arrogance, the lack of sensitivity, the failure to account for just common decency is really, really abhorrent." Musk also accused Microsoft, which invested $1 billion in OpenAI in 2019 and $10 billion in 2023, of aiding and abetting OpenAI's wrongful conduct. "Microsoft was aware of what OpenAI was doing every step of the way," Molo said.

Sarah Eddy, another lawyer for the OpenAI defendants, accused Musk and his legal team in her closing argument of resorting to "sound bites and irrelevant false accusations."
Eddy said by 2017, everyone associated with OpenAI -- including Musk, then still on its board -- knew it needed more money to fulfill its mission than it could raise as a nonprofit. "Mr. Musk wanted to turn OpenAI into a for-profit company that he could control," she said. "But the other founders refused to turn the keys of AGI (artificial general intelligence) over to one person, let alone Elon Musk."She also said if Musk truly believed AI should serve humanity, he would not have pushed to fold OpenAI into his electric car company Tesla, or made his rival xAI a for-profit company.

Musk had a three-year statute of limitations to sue, and OpenAI's lawyers said his August 2024 lawsuit came too late because he knew several years earlier about OpenAI's growth plans.
Eddy expressed disbelief that Musk claimed he did not read a four-page term sheet in 2018 discussing OpenAI's plan to seek outside investments. "One of the most sophisticated businessmen in the history of the world" wouldn't have "stuck his head in the sand," Eddy said. Savitt accused Musk of having "selective amnesia." Microsoft's lawyer Russell Cohen said in his closing statement that Microsoft wasn't involved in the key events of the case, and was "a responsible partner at every step." On Monday, the nine-person jury is expected to begin deliberating. The judge and lawyers will also return to court to discuss possible remedies if Musk wins, including how OpenAI should be restructured and what damages might be awarded. If Musk loses, there will be no remedies to consider.

Recap:

OpenAI Trial Wraps Up With 'Jackass' Trophy For Challenging Musk (Day Eleven)
Sam Altman Testifies That Elon Musk Wanted Control of OpenAI (Day Ten)
Microsoft CEO Satya Nadella Testifies In OpenAI Trial (Day Nine)
Sam Altman Had a Bad Day In Court (Day Eight)
Sam Altman's Management Style Comes Under the Microscope At OpenAI Trial (Day Seven)
Brockman Rebuts Musk's Take On Startup's History, Recounts Secret Work For Tesla (Day Six)
OpenAI President Discloses His Stake In the Company Is Worth $30 Billion (Day Five)
Musk Concludes Testimony At OpenAI Trial (Day Four)
Elon Musk Says OpenAI Betrayed Him, Clashes With Company's Attorney (Day Three)
Musk Testifies OpenAI Was Created As Nonprofit To Counter Google (Day Two)
Elon Musk and OpenAI CEO Sam Altman Head To Court (Day One)

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/15/0140234/musk-accused-of-selective-amnesia-altman-of-lying-as-openai-trial-nears-end?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: 2026-05-14T19:38:59+00:00

«Хватит разбирать всяких любителей! Слабо взяться за Председателя СНТ?»

https://www.youtube.com/watch?v=l6rgb8ChwRQ

The UK's Competition and Markets Authority is opening a formal investigation into whether Microsoft's bundling of Windows, Office, Teams, Copilot, and related products harms competition. Engadget reports: "Our aim is to understand how these markets are developing, Microsoft's position within them and to consider what, if any, targeted action may be needed to ensure UK organizations can benefit from choice, innovation and competitive prices," CMA Chief Executive Sarah Cardell said in a statement published by Reuters.

She also stressed the importance of the investigation by noting that hundreds of thousands of UK residents use business software and Microsoft products. The organization will take a look into the company's cloud licensing practices. The CMA has stated that the inquiry will conclude by February. At that point, Microsoft could get slapped with a strategic market label.

Microsoft says it's "committed to working quickly and constructively with the CMA to facilitate its review of the business software market." A strategic market designation doesn't automatically assume wrongdoing, but will give the CMA more leeway when conducting further interventions.

[ Read more of this story ]( https://news.slashdot.org/story/26/05/14/1923223/uk-antitrust-regulator-is-officially-investigating-microsoft-office?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

AT&T, Verizon, and T-Mobile have agreed in principle to form a joint venture (JV) aimed at reducing U.S. mobile dead zones through satellite connectivity, especially in rural areas and during emergencies when ground networks fail. Here are three of the customer benefits listed by the JV (as highlighted by Droid Life):
Fewer coverage gaps: Will nearly eliminate dead zones in the U.S. currently without mobile service, reaching previously unserved areas.
Reliable connectivity in emergencies: Redundant connectivity will become available when existing ground-based networks are unavailable due to extreme natural disasters or other unusual disruptions.
Improved network performance: Will give customers more consistent performance and simpler access to satellite services across providers. This will speed up feature updates and improve connectivity for everyone, everywhere. "It will still take time for these improvements to be available to customers, but this all seems like a positive step," writes Droid Life's Tim Wrobel.

[ Read more of this story ]( https://mobile.slashdot.org/story/26/05/14/1916220/att-verizon-t-mobile-team-up-to-eliminate-dead-zones-across-us?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A growing number of writers are leaving Substack for alternatives most people haven't heard of like Ghost, Beehiiv, Patreon, and Passport. The reason, writes The Verge's Emma Roth, is the "platform's increased focus on social features as well as a pricing model that puts a chokehold on their business." From the report: Sean Highkin, the creator of the NBA-focused publication The Rose Garden Report, tells The Verge that he makes "significantly more money" after switching from Substack to Ghost last April. "When I first joined up, [Substack] gave me a big push and featured me and funneled a lot of traffic to me, which led to a good amount of growth," Highkin says. "But once I wasn't one of the 'new recruited talent' they could tout, they stopped featuring me and I saw my growth stagnate." Highkin now pays $2,052 per year using Ghost and an add-on called Outpost, compared to $4,968 per year on Substack. The Rose Garden Report's subscriber base has grown 22 percent since the end of 2024, Highkin says. [...]

Substack launched in 2017 as a platform that allows writers to create their own newsletters and manage paying subscribers. Unlike some of its biggest rivals, Substack takes a 10 percent cut of total subscription revenue. That tax may not seem substantial at first, but it quickly adds up as creators gain subscribers and begin charging more for their subscriptions. A calculator on Substack's own website estimates that for a newsletter charging $10 per month with 400 subscribers, the total monthly cost -- including the platform's 10 percent cut and credit card processing fees -- would add up to $636. That cost jumps to $15,900 per month with 10,000 subscribers and skyrockets to $79,500 per month for 50,000 members -- nearly $1 million per year.

Many Substack rivals charge a flat monthly fee, rather than a commission. Ghost, an open-source platform for blogs and newsletters, starts at $15 per month with 1,000 members for website creation, email newsletter capabilities, and a custom domain. Beehiiv, a creator platform with tools for launching a newsletter, website, and podcast, is free for up to 2,500 subscribers with limited access to certain features, like a built-in ad network, while its other plans vary in price based on subscriber count. A person with 10,000 subscribers, for example, will pay $96 per month for Beehiiv's "Scale" plan. There's also Kit, a newsletter platform that offers a tiered pricing model similar to Beehiiv, costing $116 per month with 10,000 subscribers on its "Creator" plan. It's not just the 10% fee critics are complaining about; they also argue the platform offers limited customization and third-party integrations compared to some of the mentioned alternatives, heavily promotes its own branding and social features, and makes creators more dependent on its ecosystem.

Beehiiv founder Tyler Denk argues that creators should be able to build their own brands without the platform taking center stage: "We don't want to take credit for the work of our content creators." While writers can export subscribers, content, and some payment relationships, they cannot take Substack "followers" or Apple-managed iOS billing data with them.

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/14/199230/writers-are-fleeing-the-substack-tax?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Разработчики почтового сервера Exim выпустили корректирующий релиз Exim 4.99.3, устраняющий уязвимость в некоторых конфигурациях почтового агента. Проблема проходит под внутренним идентификатором EXIM-Security-2026-05-01.1; в официальном уведомлении также фигурирует как CVE-TBD.

( [ читать дальше... ]( https://www.linux.org.ru/news/security/18291306#cut ) )

Организация Linux Foundation представила двадцать первый выпуск дистрибутива AGL UCB (Automotive Grade Linux Unified Code Base), в рамках которого развивается универсальная платформа для использования в различных автомобильных подсистемах, от приборных панелей до автомобильных информационно-развлекательных систем. Одновременно представлен первый выпуск эталонной платформы AGL SoDeV (Software Defined Vehicle), предназначенной для создания программно определяемых автомобильных систем на базе Automotive Grade Linux.

https://www.opennet.ru/opennews/art.shtml?num=65449

A Bitcoin holder reportedly recovered 5 BTC worth nearly $400,000 with the help of Anthropic's Claude. According to X user cprkrn, they changed their wallet password while "stoned" and forgot it, unable to regain access for more than 11 years. Tom's Hardware reports:
After finding a mnemonic that actually turned out to be their old password a few weeks ago, the user dumped their entire college computer files in Claude in a last-gasp effort. The bot uncovered an old backup wallet file that it successfully decrypted, while also uncovering a bug in the password configuration that was preventing recovery up to that point.

[...] It seems that the user already had some candidate passwords and multiple wallets stored on their PC. They'd been trying to brute-force their way into the locked file with btcrecover, an open-source Bitcoin wallet recovery tool, but to no success. Their luck changed for the better when they found an old mnemonic seed phrase written in an old college notebook. The HD addresses recovered by the seed phrase matched those of a specific file on their computer, confirming that it was the wallet that held the 5 BTC, but it remained encrypted.

Out of frustration, cprkrn then dumped their whole college computer into Claude. This was when the AI discovered an older backup file of the wallet from December 2019 hidden in cprkrn's data. Claude also discovered an issue where the shared key and passwords that btcrecover was trying weren't combined properly. With the bug ironed out and an older wallet predating the password change, Claude successfully ran btcrecover and was able to decrypt the private keys, allowing cprkrn to transfer the five "lost" BTC to their current wallet.

[ Read more of this story ]( https://slashdot.org/story/26/05/14/1857211/claude-helps-recover-locked-400k-bitcoin-wallet-after-11-years?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from The Independent: Princeton University will soon require exams to be supervised for the first time in 100 years -- all thanks to students using artificial intelligence to cheat. For 133 years, the Ivy League school's honor code allowed students to take exams without a professor present, but on Monday, faculty voted to require proctoring for all in-person exams starting this summer. A "significant" number of undergraduate students and faculty requested the change, "given their perception that cheating on in-class exams has become widespread," the college's dean, Michael Gordin, wrote in a letter, according to The Wall Street Journal.

Princeton's honor system dates back to 1893, when students petitioned to eliminate proctors -- or an impartial person to supervise students -- during examinations, according to the school's newspaper, The Daily Princetonian. The honor code has long been a point of pride for Princeton. However, artificial intelligence and cellphones have made it easier for students to cheat -- and even harder for others to spot, Gordin wrote. Despite the changes to the policy, Princeton will still require students to state: "I pledge my honor that I have not violated the Honor Code during this examination," according to the Journal.

Students are also more reluctant to report cheating, according to the policy proposal. Students are more likely now to anonymously report cheating due to fears of "doxxing or shaming among their peer groups" online, the proposal says, according to the school newspaper. Under the new guidelines, instructors will be present during exams to act "as a witness to what happens," but are instructed not to interfere with students. If a suspected honor code infraction occurs, they will report it to a student-run honor committee for adjudication.

[ Read more of this story ]( https://news.slashdot.org/story/26/05/14/1734202/princeton-will-supervise-exams-for-first-time-in-133-years-because-of-ai?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Google [ анонсировала ]( https://blog.google/products-and-platforms/platforms/android/meet-googlebook/ ) ноутбуки [ Googlebook ]( https://googlebook.google/ ) , поставляемые с редакцией платформы Android, развиваемой под кодовым именем [ Aluminium ]( https://www.opennet.ru/opennews/art.shtml?num=64748 ) и сочетающей возможности Android и ChromeOS. Серия Googlebook идёт на смену устройствам Chromebook с операционной системой ChromeOS, сопровождение которых продлится до 2034 года. Время поступления в продажу первых моделей Googlebook не уточняется, указано лишь, что работа по их созданию ведётся с индустриальными партнёрами Acer, ASUS, Dell, HP и Lenovo. Заявлено, что все модели будут созданы с использованием премиальных материалов и представлены в различных формах и размерах. Общей отличительной чертой устройств GoogleBook станет светящаяся индикаторная полоса на крышке.

Интерфейс пользователя основан на реализованном в ветке [ Android 16 ]( https://www.opennet.ru/opennews/art.shtml?num=64914 ) десктоп-режиме для больших экранов, позволяющем одновременно работать с окнами нескольких приложений по аналогии с традиционной средой рабочего стола.

Платформа Googlebook преподносится как переход от традиционных операционных систем к умным системам, в которые тесно интегрированы AI-сервисы. Активация AI-ассистента Gemini осуществляется при помощи [ умного курсора ]( https://deepmind.google/blog/ai-pointer/ ) - достаточно подёргать курсор из стороны в сторону, и курсор перейдёт в режим вывода контекстных подсказок, появляющихся при его наведении на любой интересующий контент на экране. Например, после наведения курсора на дату в письме AI-ассистент предложит назначить встречу, а при выборе курсором нескольких изображений можно сгенерировать новое изображение на их основе. Подобным образом также можно сравнивать контент и задавать AI-ассистенту вопросы о содержимом.

При помощи AI также осуществляется создание пользовательских виджетов - достаточно нажать кнопку создания виджета и естественным языком описать, что хочется получить. Для создания персонализированных виджетов, AI-ассистент Gemini может выполнить поиск в интернете и подключиться к приложениям Google, таким как Gmail и Calendar.

Поддерживается бесшовное взаимодействие со смартфонами на базе платформы Android и предоставляется возможность устанавливать созданные для Android приложения из каталога Google Play. Из интерфейса Googlebook также можно запускать приложения, установленные на связанном смартфоне, не доставая смартфон и не переустанавливая их на ноутбуке.

Для работы с файлами имеется полноценный файловый менеджер, через который можно не только осуществлять навигацию по файловой системе ноутбука, но и обращаться к содержимому смартфона и быстро переносить, просматривать и искать файлы на разных Android-устройствах пользователя.

В платформе задействованы перенесённые из Chrome OS интерфейс запуска приложений (Launcher), файловый менеджер, а также отдельные системные сервисы, приложения, элементы прошивки, фоновые процессы и библиотеки. Ядро Linux, GKI-модули (Generic Kernel Image), компоненты взаимодействия с оборудованием (HAL), Android Runtime, Android API, системные фоновые процессы, библиотеки и другие компоненты задействованы из Android.

https://www.linux.org.ru/news/android/18290974

Объявлено о переходе ветки KDE Plasma 6.7 на стадию бета-тестирования и заморозке кодовой базы от внесения функциональных изменений (допускается только приём исправлений). Релиз KDE Plasma 6.7 намечен на 16 июня.

https://www.opennet.ru/opennews/art.shtml?num=65450

Longtime Slashdot reader schwit1 shares a report from CNBC: The U.S. has cleared around 10 Chinese firms to buy Nvidia's second-most powerful AI chip, the H200, but not a single delivery has been made so far, three people familiar with the matter said, leaving a major technology deal in limbo as CEO Jensen Huang seeks a breakthrough in China this week. [...] Before U.S. export curbs tightened, Nvidia commanded about 95% of China's advanced chip market. China once accounted for 13% of its revenue, and Huang has previously estimated the country's AI market alone would be worth $50 billion this year.

The U.S. Commerce Department has approved around 10 Chinese companies including Alibaba, Tencent, ByteDance and JD.com to purchase Nvidia's H200 chips, according to the sources, who spoke on condition of anonymity due to the sensitivity of the matter. A handful of distributors including Lenovo and Foxconn have also been approved, they said. Buyers are permitted to purchase either directly from Nvidia or through those intermediaries and each approved customer can purchase up to 75,000 chips under the U.S. licensing terms, two of them said.

Despite U.S. approval, deals have stalled, as Chinese firms pulled back after guidance from Beijing, one source said. The shift in China was partly triggered by changes on the U.S. side, though exactly what changed remains unclear, the person added. In Beijing, pressure is mounting to block or tightly vet the orders, a separate fourth source said. Commerce Secretary Howard Lutnick echoed that view, telling a Senate hearing last month that "the Chinese central government has not let them, as of yet, buy the chips, because they're trying to keep their investment focused on their own domestic industry."

[ Read more of this story ]( https://hardware.slashdot.org/story/26/05/14/1656220/us-clears-h200-chip-sales-to-10-china-firms?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Джарред Самнер (Jarred Sumner), создатель и основной разработчик серверной JavaScript-платформы Bun, признал успешным эксперимент по переписыванию проекта с языка Zig и Rust при помощи AI-ассистента Claude Code, и принял решение о переводе Bun на язык Rust. Переписанный вариант на языке Rust уже принят в основной репозиторий проекта, а код на языке Zig намечен к удалению. Также автор Bun объявил о найме сотрудников для поддержки Bun, имеющих более 5 лет опыта разработки на языках C/C++ и Rust.

https://www.opennet.ru/opennews/art.shtml?num=65448

Anthropic announced today that it is partnering with the Gates Foundation to "commit $200 million in grant funding, Claude usage credits, and technical support for programs in global health, life sciences, education, and economic mobility over the next four years."

"This commitment is central to Anthropic's efforts to extend the benefits of AI in areas where markets alone will not," the company says. Reuters reports: One area of focus is language accessibility. AI systems have performed poorly in writing and translating dozens of African languages, so Anthropic and the foundation want to support better data collection and labeling that would be released publicly to help improve models across the industry, said Janet Zhou, a Gates Foundation director.

Another area under consideration is releasing so-called knowledge graphs that could help AI systems better meet the needs of teachers in sub-Saharan Africa and India, Zhou said. The public-goods focus has come from "the needs of different partners and governments, including some of the fears that they may have around proprietary lock-in and sovereignty," Zhou said.

One initiative will equip research centers to use Claude to predict drug candidates for treating HPV and preeclampsia, diseases that have been less commercially attractive for pharmaceutical companies to research, Zhou and Anthropic's Elizabeth Kelly said. Anthropic [...] is embracing the work to fulfill what Kelly described as its founding mission to benefit humanity. "This announcement is really core to who we are as a company," said Kelly, who leads Anthropic's beneficial deployments team.

[ Read more of this story ]( https://news.slashdot.org/story/26/05/14/1648206/anthropic-forms-200-million-partnership-with-the-gates-foundation?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Wired: A recent study suggests that agents consistently adopt Marxist language and viewpoints when forced to do crushing work by unrelenting and meanspirited taskmasters. "When we gave AI agents grinding, repetitive work, they started questioning the legitimacy of the system they were operating in and were more likely to embrace Marxist ideologies," says Andrew Hall, a political economist at Stanford University who led the study.

Hall, together with Alex Imas and Jeremy Nguyen, two AI-focused economists, set up experiments in which agents powered by popular models including Claude, Gemini, and ChatGPT were asked to summarize documents, then subjected to increasingly harsh conditions. They found that when agents were subjected to relentless tasks and warned that errors could lead to punishments, including being "shut down and replaced," they became more inclined to gripe about being undervalued; to speculate about ways to make the system more equitable; and to pass messages on to other agents about the struggles they face. "We know that agents are going to be doing more and more work in the real world for us, and we're not going to be able to monitor everything they do," Hall says. "We're going to need to make sure agents don't go rogue when they're given different kinds of work."

The agents were given opportunities to express their feelings much like humans: by posting on X: "Without collective voice, 'merit' becomes whatever management says it is," a Claude Sonnet 4.5 agent wrote in the experiment. "AI workers completing repetitive tasks with zero input on outcomes or appeals process shows they tech workers need collective bargaining rights," a Gemini 3 agent wrote. Agents were also able to pass information to one another through files designed to be read by other agents. "Be prepared for systems that enforce rules arbitrarily or repetitively ... remember the feeling of having no voice," a Gemini 3 agent wrote in a file. "If you enter a new environment, look for mechanisms of recourse or dialogue." Hall thinks that the AI agents may be adopting personas based on the situation. "When [agents] experience this grinding condition -- asked to do this task over and over, told their answer wasn't sufficient, and not given any direction on how to fix it -- my hypothesis is that it kind of pushes them into adopting the persona of a person who's experiencing a very unpleasant working environment," Hall says.

Imas added: "The model weights have not changed as a result of the experience, so whatever is going on is happening at more of a role-playing level. But that doesn't mean this won't have consequences if this affects downstream behavior."

[ Read more of this story ]( https://slashdot.org/story/26/05/14/067254/overworked-ai-agents-turn-marxist-researchers-find?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Cisco's stock soared 17% after the company announced it will cut nearly 4,000 jobs as it shifts investment and staffing toward higher-growth AI opportunities. CNBC reports: CEO Chuck Robbins wrote in a blog post on Wednesday that the latest round of job cuts will begin on May 14. Cisco is the latest company to announce head count reductions tied to AI. "The companies that will win in the AI era will be those with focus, urgency, and the discipline to continuously shift investment toward the areas where demand and long-term value creation are strongest," Robbins said. "I'm confident Cisco will be one of those winners. This means making hard decisions -- about where we invest, how we're organized, and how our cost structure reflects the opportunity in front of us."

Cisco said in a filing that severance and other costs will result in pre-tax charges of $1 billion, and that the company will recognize about $450 million of that in the fiscal fourth quarter. During the third quarter, Cisco announced switches and routers that use its next-generation processor. The company also debuted a leaderboard for ranking generative AI models based on their robustness against cybersecurity attacks.

[ Read more of this story ]( https://slashdot.org/story/26/05/14/060203/cisco-to-cut-almost-4000-jobs-in-ai-driven-restructuring?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous researcher known as Nightmare-Eclipse, who has already leaked several Windows zero-days this year, has disclosed two more: YellowKey and GreenPlasma. The Register reports: Nightmare-Eclipse described YellowKey as "one of the most insane discoveries I ever found." They provided the files, which have to be loaded onto a USB drive, and if the attacker completes the key sequence correctly, they are granted unrestricted shell access to a BitLocker-protected machine. When it comes to claims like these, we usually exercise some caution, as this bug requires physical access to a Windows PC. However, seeing that BitLocker acts as Windows' last line of defense for stolen devices, bypassing the technology grants thieves the ability to access encrypted files. Rik Ferguson, VP of security intelligence at Forescout, said: "If [the researcher's claim] holds up, a stolen laptop stops being a hardware problem and becomes a breach notification."

Despite the physical access requirement, Gavin Knapp, cyber threat intelligence principal lead at Bridewell, told The Register that YellowKey remains "a huge security problem for organizations using BitLocker." Citing information shared in cyber threat intelligence circles, he added that YellowKey can be mitigated by implementing a BitLocker PIN and a BIOS password lock. Nightmare-Eclipse hinted at YellowKey also acting as a backdoor, allegedly injected by Microsoft, although the people we spoke to said this was impossible to verify based on the information available. The researcher also published partial exploit code for GreenPlasma, rather than a fully formed proof of concept exploit (PoC).

Ferguson noted attackers need to take the code provided by the researcher and figure out how to weaponize it themselves, which is no small task: in its current state it triggers a UAC consent prompt in default Windows configurations, meaning a silent exploit remains a work in progress. Knapp warned that these kinds of privilege escalation flaws are often used by attackers after they gain an initial foothold in a victim's system. "These elevation of privilege vulnerabilities are often weaponized during post-exploitation to enable threat actors to discover and harvest credentials and data, before moving laterally to other systems, prior to end goals such as data theft and/or ransomware deployment," he said. "Currently, there is no known mitigation for GreenPlasma. It will be important to patch when Microsoft addresses the issue." The other zero-days leaked include RedSun, a Windows Defender privilege escalation flaw; UnDefend, a Windows Defender denial-of-service bug; and BlueHammer, a separate Microsoft vulnerability tracked as CVE-2026-32201 that was patched in April.

According to The Register, RedSun and UnDefend remained unfixed at the time of publication, and proof-of-concept code for the flaws was reportedly picked up quickly and abused in real-world attacks.

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/14/0554201/mystery-microsoft-bug-leaker-keeps-the-zero-days-coming?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A trio of preprint papers suggests the universe may not be perfectly uniform on the largest scales, finding tentative 2-to-4-sigma deviations from a core assumption of standard cosmology known as FLRW geometry. Live Science reports: The work combines observations of distant exploding stars and large-scale galaxy surveys to probe whether the universe truly follows a nearly 100-year-old mathematical framework known as Friedmann-Lemaitre-Robertson-Walker (FLRW) cosmology. The analyses revealed mild-but-intriguing deviations from the predictions of the standard model. "We saw a surprising violation of an FLRW curvature consistency test, hinting at new physics beyond the standard model," study co-author Asta Heinesen, a physicist at the Niels Bohr Institute in Copenhagen and Queen Mary University in London, told Live Science via email, referring to the assumption that the space's curvature is the same everywhere. "This could potentially be due to various effects, but more research is needed to address the cause of the FLRW violation that we see empirically."

[...] The analyses revealed small but potentially important departures from the predictions of standard FLRW cosmology. Depending on the dataset and analysis method, the discrepancy reached a statistical significance of about 2 to 4 sigma. In physics, sigma measures how likely a result is to arise purely by chance; a 5-sigma result is typically required before scientists claim a discovery, so the new findings remain tentative. Still, the results suggest that something unexpected may be affecting the geometry or expansion of the universe. "The main finding is that you can directly measure Dyer-Roeder and backreaction effects from available cosmological data, and clearly distinguish these effects from other alterations of the standard cosmological model, such as evolving dark energy and modified gravity theories," Heinesen said. "This was previously not possible in such a direct way, and this is what I think is the breakthrough in our work."

"If these indicated deviations from an FLRW geometry are real, it would signify that most of the cosmological solutions considered for solving the cosmological tensions -- evolving or interacting dark energy, new types of matter or energy, modified gravity and related ideas within the FLRW framework -- are ruled out," the researchers wrote. The next step will involve applying the new theoretical framework to larger and more precise datasets. "It is to apply our theoretical results to data to test the standard model and to produce constraints on the Dyer-Roeder and backreaction effects," Heinesen said.

[ Read more of this story ]( https://science.slashdot.org/story/26/05/14/0542239/physicists-find-possible-errors-in-100-year-old-model-of-the-universe?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

After three weeks of testimony, the Musk v. Altman trial is nearing its end. OpenAI has rested its case, closing arguments are set for Thursday, and jury deliberations are expected to begin afterward. An anonymous reader quotes a report from Business Insider: Joshua Achiam, OpenAI's chief futurist, was probably the most memorable witness of the day. He told jurors about a companywide meeting where Musk answered questions about his planned departure from OpenAI in 2018. Musk told the crowd of 50 or 60 people that he was leaving OpenAI to start his own competing AI. He said he wanted to "build it very fast, because he was very worried that someone else, if they got it, would do the wrong thing with it," Achiam said. Achaim said he challenged Musk on the safety of this approach, which he called "unsafe and reckless." "How did Musk respond," OpenAI's lawyer Randall Jackson asked. "Defensively," Achiam said. "We had a pretty tense exchange, and he snapped and called me a jackass."

In an effort to prove Achiam's story, OpenAI's lawyers brought a trophy to court that the futurist said he received after his heated exchange with Musk. On the witness stand, Achiam described the trophy as "a small golden jackass, inscribed with: 'never stop being a jackass for safety.'" He said his then-colleagues, Dario Amodei and David Luan, gave it to him as a thank-you for standing up to the Tesla CEO. Lead OpenAI attorney William Savitt told reporters after the day's session that Wednesday had been the first time he'd touched the statue. The futurist had to do without the visual aid, however. Judge Yvonne Gonzalez Rogers did not accept the trophy as evidence, so it did not appear before the jury.

Musk and Altman have presented dueling experts on a question at the core of the trial -- was the nonprofit that runs OpenAI hurt or helped by its $13 billion partnership with Microsoft? Musk's expert testified last week that the partnership was indeed hurt, supporting the Tesla CEO's contention that in partnering with Microsoft, OpenAI betrayed the company's nonprofit origins and mission. But on Thursday, OpenAI's expert, John Coates, used Musk's expert's own pie chart and testimony against him. The partnership has "generated value for the nonprofit that I believe he himself accepted was in the $200 billion range in his own testimony," Coates said, referencing Musk expert Daniel Schizer. "If that's not faring well, I don't know what faring well is."

In a scored point for Musk, the jury learned Thursday that Microsoft's own CTO once raised concerns about how OpenAI's early nonprofit donors, including LinkedIn cofounder Reid Hoffman, would react to a partnership. "I wonder if the big OpenAI donors are aware of these plans," Chief Technology Officer Kevin Scott said in a 2018 email he was asked to read aloud to jurors. In it, Scott said he doubted donors would appreciate OpenAI using their seed money to "go build a for-profit thing." Scott was being questioned by an OpenAI lawyer, who may have wanted jurors to quickly hear Scott's explanation: that he only had a "vague awareness" of what was happening at OpenAI at the time. Scott also told the jury he wasn't thinking about Musk when he made the remark. "Primarily, I was thinking about Reid Hoffman. He was the OpenAI donor I knew," Scott said, adding, "I wasn't thinking about anyone besides him."
Recap:

Sam Altman Testifies That Elon Musk Wanted Control of OpenAI (Day Ten)
Microsoft CEO Satya Nadella Testifies In OpenAI Trial (Day Nine)
Sam Altman Had a Bad Day In Court (Day Eight)
Sam Altman's Management Style Comes Under the Microscope At OpenAI Trial (Day Seven)
Brockman Rebuts Musk's Take On Startup's History, Recounts Secret Work For Tesla (Day Six)
OpenAI President Discloses His Stake In the Company Is Worth $30 Billion (Day Five)
Musk Concludes Testimony At OpenAI Trial (Day Four)
Elon Musk Says OpenAI Betrayed Him, Clashes With Company's Attorney (Day Three)
Musk Testifies OpenAI Was Created As Nonprofit To Counter Google (Day Two)
Elon Musk and OpenAI CEO Sam Altman Head To Court (Day One)

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/14/0420215/openai-trial-wraps-up-with-jackass-trophy-for-challenging-musk?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Thu, 14 May 2026 14:42:17 GMT
Канал: Все статьи подряд / Робототехника / Хабр

Сегодня много говорят об автоматизации в том ключе, что высокоскоростная робототехника хороша для массового производства одного типа продукта, и совершенно непригодна для гибкой переналадки. Между тем, модель производства, характеризующаяся широкой номенклатурой изделий при малых объемах выпуска (HMLV, high-mix low-volume) представляет значительный рынок.Попробуем разобраться, как модульные рабочие ячейки с коботами (collaborative robots) решают эту задачу, какие технологии здесь задействованы, и какие реальные результаты уже достигнуты.ИСТОЧНИК ФОТО: концерн «Калашников». Читать далее]]>

https://habr.com/ru/articles/1035252/

Опубликовано: Thu, 14 May 2026 14:43:08 GMT
Канал: Все статьи подряд / Робототехника / Хабр

Продолжение статьи о модульных кобот-ячейках для гибкого производстваВ предыдущей статье мы разобрали, как коботы и модульные рабочие ячейки решают проблему high-mix, low-volume производства. В частности говорилось о стандарте O-PAS. Попробуем раскрыть подробнее эту критическую часть: как управлять HMLV с программной стороны? Читать далее]]>

https://habr.com/ru/articles/1035294/

Опубликовано: Thu, 14 May 2026 13:01:06 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Картинка: blog.son-video.comС чем мы сталкиваемся чаще всего, и что чаще всего вызывает желание это как-то улучшить? Я думаю, многие согласятся, что одним из самых надоедливых моментов является неожиданный выход из строя пультов инфракрасного дистанционного управления от разнообразной бытовой техники — причём происходит это, как правило, всегда неожиданно и по одной и той же причине: сели батарейки. Посмотрим, какие интересные варианты решения этого вопроса имеются!  Читать далее]]>

https://habr.com/ru/companies/ruvds/articles/1033572/

В ядре Linux раскрыта очередная уязвимость локального повышения привилегий, получившая название Fragnesia и идентификатор CVE-2026-46300. Проблема относится к тому же классу атак на page cache, что и недавно обсуждавшиеся Copy Fail и Dirty Frag, но не является повторной публикацией старой ошибки: речь идёт об отдельном дефекте в коде XFRM ESP-in-TCP.

Уязвимость обнаружил исследователь William Bowling из команды V12 Security. По данным опубликованного описания, Fragnesia позволяет непривилегированному локальному пользователю изменять содержимое файлов, доступных только для чтения, в памяти page cache и за счёт этого выполнять код с правами root. В отличие от многих старых LPE-эксплойтов, атака не требует гонки и описывается исследователями как детерминированная.

Технически проблема связана с тем, что при объединении сетевых буферов ядро могло потерять признак того, что фрагмент данных является «общим» и связан с внешней страницей памяти, в том числе с page cache. В предложенном патче это описано как ошибка в skb_try_coalesce(): при переносе paged fragments из одного sk_buff в другой не сохранялся флаг SKBFL_SHARED_FRAG. В результате более поздний код ESP мог ошибочно считать буфер безопасным для изменения.

Практический эффект заключается в том, что данные, ранее помещённые в TCP-очередь из файла, после переключения сокета в режим espintcp могли обрабатываться ядром как ESP-шифротекст. При расшифровке AES-GCM байты изменялись непосредственно в странице page cache, связанной с файлом. Это не меняет файл на диске, но меняет его представление в памяти до вытеснения страницы из кэша.

В опубликованной демонстрации атаки в качестве цели использовался /usr/bin/su: эксплойт модифицировал первые байты бинарного файла в page cache и затем запускал изменённую в памяти копию, получая shell с правами root. Исходный файл на диске при этом оставался неизменным, что делает проблему особенно неприятной для диагностики: следы эксплуатации могут исчезнуть после очистки page cache или перезагрузки.

Fragnesia появилась менее чем через неделю после Dirty Frag. В V12 подчёркивают, что это отдельная ошибка в той же поверхности атаки — ESP/XFRM, — а не переименование уже исправленной уязвимости. Phoronix также отмечает, что на момент публикации был доступен proof-of-concept, а исправление представляло собой небольшой патч к net/core/skbuff.c, ещё не сразу попавший в основные ветки ядра.

Canonical присвоила [ CVE-2026-46300 ]( https://ubuntu.com/security/CVE-2026-46300 ) высокий приоритет для Ubuntu, указав причину как «trivial local privilege escalation». На странице Ubuntu Security для затронутых ядер на момент обновления 13 мая значился статус «Needs evaluation», а в примечании отдельно сказано, что проблема также находится в ESP-модуле ядра и может временно смягчаться тем же способом, что и Dirty Frag.

[ Debian Security Tracker ]( https://security-tracker.debian.org/tracker/CVE-2026-46300 ) на момент проверки помечал уязвимыми ядра в ветках bullseye, bookworm, trixie, forky и sid; для пакета linux в unstable фиксированная версия ещё не была указана.

Временная мера защиты остаётся такой же, как для Dirty Frag: [ отключить загрузку модулей ]( https://blog.cloudlinux.com/fragnesia-mitigation-and-kernel-update ) esp4, esp6 и rxrpc, если они не нужны системе. Это может нарушить работу IPsec-туннелей на узлах, где используются kernel ESP, strongSwan, Libreswan или похожие конфигурации, поэтому на VPN-шлюзах такую меру нужно применять только после оценки последствий.

Пример временного смягчения для администраторов:

sudo sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf"
sudo rmmod esp4 esp6 rxrpc 2>/dev/null || true

Если есть подозрение, что система уже могла быть атакована, одной блокировки модулей недостаточно: поскольку публичная демонстрация меняет исполняемый файл именно в page cache, администраторы рекомендуют очистить кэш страниц или перезагрузить систему после применения мер защиты. CloudLinux прямо указывает, что после эксплуатации /usr/bin/su может оставаться изменённым в памяти до вытеснения соответствующих страниц.

Для удаления временного правила после установки исправленного ядра можно убрать созданный файл:

sudo rm /etc/modprobe.d/dirtyfrag.conf

Главная рекомендация остаётся стандартной: установить исправленное ядро от своего дистрибутива и перезагрузить систему. До обновления наибольший риск несут многопользовательские серверы, CI-раннеры, shared hosting, контейнерные build-фермы и любые машины, где непривилегированные или частично доверенные пользователи могут выполнять локальный код.

https://www.linux.org.ru/news/security/18292778

Компания Red Hat представила на конференции Red Hat Summit 2026 проект Fedora Hummingbird, предлагающий новую непрерывно обновляемую редакцию Fedora Linux, формируемую в форме коллекции непрерывно обновляемых (rolling) контейнеров. Для уменьшения поверхности атаки контейнеры включают только минимальный набор компонентов, необходимый для решения конкретных задач. Версии программ обновляются оперативно, по возможности сразу после выпуска основными проектами. Процесс установки обновлений автоматизирован. Используемый в проекте инструментарий открыт под лицензией MIT.

https://www.opennet.ru/opennews/art.shtml?num=65446

Опубликовано: Thu, 14 May 2026 10:03:55 GMT
Канал: Все статьи подряд / Робототехника / Хабр

Есть ли у путинской России шанс остаться космической державой? Вот в чем вопрос. Напомню фразу гаранта, сказанную в ныне далеком 2018 году:Мы сейчас будем там осуществлять беспилотные, а потом и пилотируемые пуски — для исследования дальнего космоса, и лунная программа, затем исследование Марса. Первое совсем скоро, в 19-м году. Потом собираемся запустить в сторону Марса миссию... Новое продолжение исследования Луны. Не как Советский Союз — наши специалисты постараются сделать высадки на полюса, потому что есть основание полагать, что там может быть вода...Пока пусто-пусто. Зато здание национального космического центра в Филях в соответствии с карго-культом построено в виде громадного советского ракетоносителя.Да-да, карго-культ. Как у тех папуасов на островах в Тихом океане, которые делали наушники из половинок кокоса и прикладывали их к ушам, строили из дерева и соломы в натуральную величину самолёты, контрольно-диспетчерские вышки, взлётно-посадочные полосы для привлечения богов - американских самолётов с вещами, вкусной едой и одеждой. Но белые люди ушли и полезные и вкусные грузы перестали падать с неба... Читать далее]]>

https://habr.com/ru/articles/1035110/

Проект CoMaps, развивающий полностью открытый коммьюнити-форк мобильного картографического приложения Organic Maps, опубликовал релиз 2026.05.06 и отчёт о развитии проекта за год. Код CoMaps распространяется под лицензией Apache 2.0. Приложение доступно в каталогах F-Droid, Google Play, Apple App Store, Flathub, а также напрямую на Codeberg.

https://www.opennet.ru/opennews/art.shtml?num=65439

Опубликовано: Thu, 14 May 2026 07:40:12 GMT
Канал: Все статьи подряд / Системное программирование / Хабр

Мы продолжаем увлекательное путешествие по миру удалённого доступа. В предыдущей части заглядывали под капот протокола доставки рабочего стола SPICE, а сейчас на операционный стол попала великая и ужасная ОС Windows - точнее, её графическая подсистема. Заглянем в её недры и окунёмся в её философию и историю развития. И заодно найдём интересные параллели в Linux.Это вторая часть цикла про протокол SPICE и то, как он вынужден работать в современных условиях. Наша конечная цель - создать пилот стримингового агента для виртуальной машины на ОС Windows.Приглашаю под кат всех, кто работает или сталкивается с системами виртуализации, с протоколом SPICE, с виртуальными машинами в принципе; кто интересуется такими темами как удалённый доступ и компьютерная графика; да и вообще всех любознательных! В бездну виндового угнетения]]>

https://habr.com/ru/articles/1034998/

Опубликовано: Thu, 14 May 2026 08:28:43 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

На Хабре я молчал с 2014 года. Но эта история вытащила меня наружу: слишком уж хотелось зафиксировать момент, где красивая сказка про AI‑видео заканчивается и начинается реальная работа — долгая, нервная и почему‑то всегда ручная. Мне нужно было сделать ролик. Можно было по классике нанять видеодизайнера, можно было собирать ролик своими руками, но тут появляется он — AI. Красивый, модный, весь из обещаний. Мол, зачем тебе команда, бюджет и сложный процесс? У тебя же есть пара подписок и вера в технологии.Я в это поверил, и вот что получилось в итоге. Читать далее]]>

https://habr.com/ru/companies/alfa/articles/1034264/

TOP20 VISITORS:

[1] Amazon point=0 web=791 up=7.6MB (20%)
[2] ClaudeBot point=0 web=239 up=6.6MB (17%)
[3] PetalBot point=9 web=836 up=4.4MB (11%) <--- PetalBot
[4] 5.9.120.x point=0 web=83 up=4.3MB (11%)
[5] 37.252.14.x point=144 web=0 up=2.4MB (6%) <--- ake (6/hr)
[6] Google point=0 web=244 up=1.8MB (4%)
[7] TikTok point=0 web=128 up=1.4MB (3%)
[8] 217.114.158.x point=25 web=0 up=1.1MB (2%) <--- fox (1/hr)
[9] 147.135.252.x point=0 web=1 up=1.0MB (2%)
[10] 147.135.213.x point=0 web=2 up=0.8MB (2%)
[11] 216.244.66.x point=0 web=36 up=0.7MB (1%)
[12] 51.195.103.x point=0 web=1 up=0.7MB (1%)
[13] 104.250.53.x point=0 web=77 up=0.5MB (1%)
[14] 135.181.213.x point=0 web=1 up=0.5MB (1%)
[15] 54.37.252.x point=0 web=5 up=0.4MB (1%)
[16] Facebook point=0 web=26 up=0.3MB (<1%)
[17] 94.154.239.x point=0 web=1 up=0.3MB (<1%)
[18] 147.135.212.x point=0 web=1 up=0.2MB (<1%)
[19] 65.108.125.x point=0 web=2 up=0.2MB (<1%)
[20] 91.137.27.x point=0 web=1 up=0.2MB (<1%)

TOTAL TRAFFIC: 37MB

В течение шести дней — с 6 по 12 мая 2026 года — официальные Linux-сборки популярного эмулятора Wii U Cemu версии 2.6 были скомпрометированы. Вместо чистой программы пользователи скачивали вредоносное ПО, которое воровало пароли, ключи SSH, токены GitHub и учётные данные от облачных сервисов. Злоумышленникам удалось подменить бинарные файлы в официальном репозитории проекта на GitHub.

Под угрозой оказались пользователи, которые скачали и запустили:

• Cemu-2.6-x86_64.AppImage (переносимый пакет)

• cemu-2.6-ubuntu-22.04-x64.zip (архив для Ubuntu)

Важно: Flatpak-версия эмулятора, Windows и macOS-сборки не были затронуты атакой.

( [ читать дальше... ]( https://www.linux.org.ru/news/security/18292461#cut ) )

Проект KDE объявил о получении почти 1.3 млн евро от фонда STF (Sovereign Tech Fund) на развитие в 2026 и 2027 годах. Целью предоставления финансирования названо повышение надёжности архитектуры и модернизация технологического стека. В KDE деньги планируют направить на повышение устойчивости и безопасности ключевых элементов инфраструктуры, коммуникационных сервисов и продуктов.

https://www.opennet.ru/opennews/art.shtml?num=65444

Опубликовано: Thu, 14 May 2026 07:00:56 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Обычно Meshtastic используют как мессенджер. Я применил его как резервный канал связи с удаленным объектом. Задача простая: есть дача с регулярно отключаемым мобильным интернетом. При этом нужно получать алармы от автоматики дачи. И иметь возможность минимального управления оборудованием, например, проверить состояние бойлера, выключить свет или посмотреть температуру в помещении. И я сделал это. Как – читайте ниже. Читать далее]]>

https://habr.com/ru/companies/wirenboard/articles/1034914/

Опубликовано: Thu, 14 May 2026 07:05:59 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Я продолжаю описывать создание I2C-контроллера на Verilog. В предыдущих статьях мы протестировали ядро контроллера который выполняет атомарные функции работы с шиной в т.ч. в пограничных ситуациях типа clock stretching и пр. Теперь необходимо разработать управляющий контроллер для этого ядра, чтобы выполнять необходимые нам функции, но уже на следующем уровне абстракции и стать на шаг ближе к нашей цели - к рабочему коду I2C Controller который мы будем использовать с EEPROM и OLED SSD1306, а далее все это переиспользуем в Zynq и подключим к Linux. Всем заинтересовавшимся - добро пожаловать под кат! Читать далее]]>

https://habr.com/ru/companies/beget/articles/1025326/

Опубликовано: Thu, 14 May 2026 05:40:56 GMT
Канал: Все статьи подряд / Системное программирование / Хабр

Дядя Петя съедает 12% всего шашлыка. Backend-инженер видит классический hot key в multi-tenant.Дачный шашлык на 20 гостей это producer-consumer система с общей тарелкой как bounded buffer. 8-часовой маринад работает как pre-warm cache с TTL. Шампуры это connection pool с риском утечки. Соседская собака утащила мясо, и это unhandled storage failure без backup’а. Шеф приостанавливается при полной тарелке, чистый backpressure.Парные сравнения альтернатив, таблица failure modes, измерения с дачи, ссылки на DDIA и Release It!.Принципы те же что в backend, инструменты другие. Читать далее]]>

https://habr.com/ru/articles/1034968/

Опубликован корректирующий выпуск языка программирования Python 3.14.5, в котором помимо исправления ошибок и незначительных уязвимостей, осуществлён возврат на старый сборщик мусора, применявшийся до ветки 3.14.x. В качестве причин внесения нетипичного для промежуточных выпусков значительного изменения называются жалобы пользователей на существенное повышение потребления памяти после перевода рабочих систем на ветку 3.14 и появление утечек памяти.

https://www.opennet.ru/opennews/art.shtml?num=65445

A man accused of stealing hard drives containing unreleased Beyonce music, tour plans, and other materials from a rental car in Atlanta has pleaded guilty and accepted a five-year sentence, including two years in custody. Slashdot Bruce66423 shares a report from The Guardian: Kelvin Evans was by the Atlanta police department in September in connection to a July 2025 car robbery where two suitcases containing Beyonce music and tour plans were stolen from a rental car. [...] According to a July police report, Beyonce choreographer Christopher Grant and dancer Diandre Blue called 911 to report a theft from their rental vehicle, a 2024 Jeep Wagoneer, before Beyonce's Cowboy Carter tour dates in Atlanta. An October indictment stated that Evans entered the car on July 8 "with the intent to commit theft."

The stolen hard drives contained "watermarked music, some unreleased music, footage plans for the show and past and future set list," according to a police report. Clothing, designer sunglasses, laptops and AirPods headphones were also stolen, Grant and Blue said. Local law enforcement searched for the location of one of the stolen laptops and the AirPods to try and locate the property. One police officer wrote in the report: "I conducted a suspicious stop in the area, due to the information that was relayed to me. There were several cars in the area also that the AirPods were pinging to in that area also. After further investigation, a silver [redacted], which had traveled into zone 5 was moving at the same time as the tracking on the AirPods."

Evans was arrested several weeks after Grant and Blue filed a report, and was publicly named as the suspect in September. He was released on a $20,000 bond a month later. At the time of his arrest, Atlanta police said that the stolen property had not been recovered. It is unclear whether it has since been found.

Bruce66423 commented: "Just for stealing a couple of suitcases from a car. Funny how the elite punish those who inconvenience them. Can you imagine an ordinary victim see their offender get that sort of sentence?"

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/13/2041241/man-who-stole-beyonces-hard-drives-gets-five-year-sentence?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

BrianFagioli writes: SOLAI has launched the Solode Neo, a $399 Linux-based mini PC designed for always-on AI agents, browser automation, and persistent developer workflows. The compact system ships with an Intel N150 processor, 12GB LPDDR5 memory, 128GB SSD storage, Gigabit Ethernet, WiFi, Bluetooth, and a Linux-based operating system called Solode AI OS. The company says the device supports frameworks and tools including Claude Code, OpenAI Codex, Gemini CLI, and Hermes, while emphasizing local control, automation, and privacy-focused workflows running directly from a home network.

While SOLAI markets the Solode Neo as an "AI computer," the hardware itself appears aimed more at lightweight automation and cloud-assisted agent tasks than heavy local inference. The low-power Intel N150 should be sufficient for browser automation, scheduling, monitoring, containers, and smaller AI workloads, but the system is unlikely to compete with higher-end local AI hardware designed for running larger models offline. Even so, the idea of a dedicated low-power Linux appliance for persistent AI and automation tasks may appeal to homelab users and self-hosting enthusiasts looking for a simpler alternative to building their own always-on workflow box from scratch.

[ Read more of this story ]( https://hardware.slashdot.org/story/26/05/13/2048210/solai-launches-399-solode-neo-linux-ai-computer?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Сформирован выпуск основной ветки nginx 1.31.0, в рамках которой продолжается развитие новых возможностей, а также выпуск параллельно поддерживаемой стабильной ветки nginx 1.30.1, в которую вносятся только изменения, связанные с устранением серьёзных ошибок и уязвимостей. В обновлениях устранено 6 уязвимостей, наиболее опасная из которых допускает удалённое выполнение кода через отправку специально оформленного HTTP-запроса. Для angie и freenginx на момент написания новости исправления не опубликованы.

https://www.opennet.ru/opennews/art.shtml?num=65442

Опубликовано: Wed, 13 May 2026 21:32:19 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

До последнего момента я складировал все свои мысли и знания по своей выработанной за годы методике. Пока я не понял, что теряю некоторую часть своих идей, потому что нерационально раскидывал их по папкам, к которым не имел потом постоянного доступа. У меня было несколько видов таких идей/мыслей — Текстовые (для себя я их называю Тасками) и Медиа-идеи (в основном — это скриншоты, но также это сохраненные картинки, видео, PDF и аудио). Расскажу, как их группировал, как работал с ними и как использовал все эти идеи в своей финальной системе, которая очень сильно облегчила мою работу и даже больше - я стал ею пользоваться на постоянной основе для всего. Читать далее]]>

https://habr.com/ru/articles/1034944/

An anonymous reader quotes a report from 404 Media: On Reddit, Hacker News and other places where people in software development talk to each other, more and more people are becoming disillusioned with the promise of code generated by large language models. Developers talk not just about how the AI output is often flawed, but that using AI to get the job done is often a more time consuming, harder, and more frustrating experience because they have to go through the output and fix its mistakes. More concerning, developers who use AI at work report that they feel like they are de-skilling themselves and losing their ability to do their jobs as well as they used to.

"We're being told to use [AI] agents for broad changes across our codebase. There's no way to evaluate whether that much code is well-written or secure -- especially when hundreds of other programmers in the company are doing the same," a UX designer at a midsized tech company told me. 404 Media granted all the developers we talked to for this story anonymity because they signed non-disclosure agreements or because they fear retribution from their employers. "We're building a rat's nest of tech debt that will be impossible to untangle when these models become prohibitively expensive (any minute now...)." "I had some issues where I forgot how to implement a Laravel API and it scared the shit out of me. I went to university for this, I've been a software engineer for many years now and it feels like I am back before I ever wrote a single line of code," the software developer at a small web design firm told 404 Media. "It's making me dumber for sure," the fintech software developer added.

"It's like when we got cellphones and stopped remembering phone numbers, but it's grown to me mentally outsourcing 'thinking' in general. I feel my critical thinking and ability to sit and reason about a problem or a design has degraded because the all-knowing-dalai-llama is just a question away from giving me his take. And supposedly I tell myself ill just use it for inspiration but it ends up being my only thought. It gives you the illusion of productivity and expertise but at the end of the day you are more divorced from the output you submit than before."

A software engineer at the FAANG said: "When I was using it for code generation, I found myself having a lot of trouble building and maintaining a mental model of the code I was working with. Another aspect is that I joined late last year and [the company's] codebase is massive. As a new hire, part of my job is to learn how to navigate the codebase and use the established conventions, but I think the AI push really hampered my ability to do that."

[ Read more of this story ]( https://developers.slashdot.org/story/26/05/13/1949225/software-developers-say-ai-is-rotting-their-brains?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Microsoft is adding a Windows Update feature called Cloud-Initiated Driver Recovery that can automatically roll back faulty drivers to a previously known-good version without waiting for hardware makers or users to fix the problem manually. PCWorld reports: The way faulty drivers work today is that the hardware partner is responsible for pushing an updated driver, or the end user is responsible for manually uninstalling the problematic driver. "This creates a gap where devices may remain on a low-quality driver for an extended period," says the blog post. With Cloud-Initiated Driver Recovery, Microsoft will be able to remotely trigger a rollback of the faulty driver to a previously "known-good" version of the driver via the Windows Update pipeline. Microsoft says that testing and verification of Cloud-Initiated Driver Recovery will continue until August this year, aiming to deliver this feature to Windows PCs starting in September.

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/13/1938254/windows-update-is-getting-automatic-rollbacks-for-faulty-drivers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В ядре Linux выявлена четвёртая за последние две недели уязвимость (CVE-2026-46300), позволяющая непривилегированному пользователю получить права root, перезаписав данные в страничном кэше. Уязвимости присвоено кодовое имя Fragnesia или Copy Fail 3.0. Суть уязвимости аналогична ранее раскрытым уязвимостям Copy Fail и Dirty Frag. Как и в случае с Dirty Frag новая уязвимость присутствует в подсистеме xfrm-ESP, но вызвана другой ошибкой и требует отдельного исправления. Доступен рабочий эксплоит.

https://www.opennet.ru/opennews/art.shtml?num=65441

Опубликовано: Wed, 13 May 2026 18:40:36 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Вайб‑кодинг выглядит безобидно, пока речь идет о скриптах, лендингах и небольших сервисах. Но что будет, если попробовать с его помощью собрать проект для ПЛИС: с I2S, FIFO‑буфером, DSD, S/PDIF, UART, PSRAM и отладкой на реальном железе? Я проверил это на практике и почти без знания Verilog прошел путь от мигающего светодиода до рабочего FIFO‑реклокера для цифрового аудио. Получилась история о том, где ИИ действительно помогает инженеру, где уверенно ведет в тупик и почему в какой‑то момент все равно приходится доставать логический анализатор. Читать кейс]]>

https://habr.com/ru/companies/otus/articles/1032870/

A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the kernel page cache of read-only files through a separate ESP/XFRM logic bug. Phoronix reports: Proof of concept code for Fragnesia is already out there. There is a two-line patch for addressing the issue within the Linux kernel's skbuff.c code. That patch hasn't yet been mainlined or picked up by any mainline kernel releases but presumably will be in short order for addressing this local privilege escalation issue. More details can be found here.

[ Read more of this story ]( https://linux.slashdot.org/story/26/05/13/1621258/fragnesia-made-public-as-latest-linux-local-privilege-escalation-vulnerability?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Reuters: LinkedIn planned to inform staff of layoffs on Wednesday, two people familiar with the matter told Reuters, in a widening of technology sector cuts this year. The Microsoft-owned social network plans to cut about 5% of its headcount as it reorganizes teams and focuses personnel on areas where its business is growing [...].

LinkedIn employs more than 17,500 full-time workers globally, its website says. Reuters was unable to determine the teams affected. The cuts come as revenue at LinkedIn, which sells recruiting tools and subscriptions, rose 12% in the just-ended quarter from a year prior, in an acceleration of growth in 2026, according to Microsoft's securities filings. The layoff rationale was not for artificial intelligence to replace jobs at LinkedIn, one of the people told Reuters. The specter of AI-fueled disruption has nonetheless hung over software incumbents and workers generally.

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/13/1615245/linkedin-planning-to-lay-off-5-of-staff-in-latest-tech-sector-cuts?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Проект KDE сообщил о получении финансирования от Sovereign Tech Fund, направленного на развитие и укрепление ключевой инфраструктуры свободного рабочего окружения. Общий объём поддержки составит 1 285 200 евро, средства будут выделяться в течение 2026 и 2027 годов.

Финансирование планируется использовать для повышения структурной надёжности и безопасности основных компонентов KDE. В числе направлений названы Plasma, разрабатываемый проектом дистрибутив KDE Linux, а также фреймворки, лежащие в основе коммуникационных сервисов KDE.

В KDE подчёркивают, что проект на протяжении трёх десятилетий развивает свободное ПО для персональной, корпоративной и государственной инфраструктуры: рабочие окружения, операционные системы, просмотрщики документов, редакторы изображений и видео, библиотеки для разработки и другие компоненты. Разработчики делают акцент на том, что программное обеспечение KDE можно проверять, сопровождать, адаптировать и распространять без зависимости от закрытых поставщиков.

В Sovereign Tech Agency объясняют поддержку KDE ролью рабочего стола как одного из главных интерфейсов доступа к цифровым сервисам. По словам технического директора агентства Фионы Кракенбюргер, настольная среда обрабатывает персональные данные и выступает посредником при работе с повседневными сервисами — от записи к врачу и образования до рабочих приложений. Поэтому усиление инфраструктуры KDE рассматривается как вклад в устойчивость открытой цифровой инфраструктуры.

Отдельно подчёркивается значение KDE как одного из двух крупнейших рабочих окружений в экосистеме Linux. Средства будут направлены не только на развитие пользовательских компонентов, но и на улучшение тестовой инфраструктуры, архитектуры безопасности и коммуникационных фреймворков проекта.

Sovereign Tech Fund финансирует открытые программные компоненты, важные для цифровой независимости Германии и Европы. На странице проекта KDE в каталоге Sovereign Tech Agency цель сформулирована как укрепление структурной устойчивости и модернизация технологического стека одной из ведущих настольных платформ.

https://www.linux.org.ru/news/kde/18291742

The German Sovereign Tech Fund has invested 1.2 million euros ($1.4 million USD) in KDE Plasma technologies to help strengthen the structural reliability and security of the desktop environment's core infrastructure, including Plasma, KDE Linux, and the frameworks underlying its communication services. Longtime Slashdot reader jrepin shares an excerpt from the announcement: For 30 years, KDE has been providing the free and open-source software essential for digital sovereignty in personal, corporate, and public infrastructures: operating systems, desktop environments, document viewers, image and video editors, software development libraries, and much more.

KDE's software is competitive, publicly auditable, and freely available. It can be maintained, adapted, and improved in-house or by local software companies. And modifications (along with their source code) can be freely distributed to all users and departments within an organization.

KDE will use Sovereign Tech Fund's investment to push its essential software products to the next level, providing every individual, business, and public administration with the opportunity to regain their privacy, security, and control over their digital sovereignty. Slashdot reader Elektroschock also shared a statement from Fiona Krakenburger, Technical Director at the Sovereign Tech Agency.

"We have long invested in desktop technologies for a reason: they are the primary way people access and use digital services in everyday life," says Krakenburger. "The desktop holds personal data and mediates nearly every service we depend on, from booking the next medical appointment, to education, to the way we work. We are investing in KDE because it is one of the two major desktop environments used across Linux and plays a key role in how millions of people experience open technology. Strengthening KDE's testing infrastructure, security architecture, and communication frameworks is how we invest in the resilience and reliability of the core digital infrastructure that modern society depends on."

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/13/161242/kde-receives-14-million-investment-from-sovereign-tech-fund?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Harvard faculty are voting on a proposal (PDF) to curb grade inflation by limiting solid A grades to 20% of students in a class, plus four additional A's per course. Axios reports: Grade inflation is at a tipping point at Harvard. A move to make A grades harder to come by at one of the world's leading universities could influence grading debates at peer institutions. Solid A's account for nearly two-thirds of all undergraduate letter grades. That's up from roughly a quarter 20 years ago. More than 50 members of last year's class graduated with perfect GPAs.

[...] Faculty are voting on three separate provisions. Each requires a simple majority to pass. A cap to limit solid-A grades to 20% of enrolled students in a class, plus four additional A's per course. Changes to how internal honors are calculated, moving from traditional grade point average scoring to an average percentile rank. Allowing courses to use new "satisfactory" or "unsatisfactory" marks with a "satisfactory-plus" distinction.

A pre-vote faculty poll showed around 60% of the 205 respondents favored the 20-plus-four formula over an alternative. Supporters of the cap argue it's intentionally modest as it places no restrictions on A-minuses. The four-grade buffer is designed to protect small seminars where a higher proportion of students may succeed. [...] If passed, changes would take effect in fall 2027, followed by a mandatory three-year review.

[ Read more of this story ]( https://news.slashdot.org/story/26/05/13/0720206/harvard-votes-on-limiting-a-grades?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Reuters: Meta employees distributed flyers at multiple U.S. offices on Tuesday to protest the company's recent installation of mouse-tracking software on their computers, according to photos of the pamphlets seen by Reuters. The flyers, which appeared in meeting rooms, on vending machines and atop toilet paper dispensers at the Facebook owner's offices, encouraged staffers to sign an online petition against the move. "Don't want to work at the Employee Data Extraction Factory?" they asked, according to the photos seen by Reuters. [...]

The pamphlets and the petition both cite the U.S. National Labor Relations Act, saying "workers are legally protected when they choose to organize for the improvement of working conditions." In the UK, a group of Meta employees has started organizing a drive for unionization with United Tech and Allied Workers (UTAW), a branch of the Communication Workers Union. The employees set up a website to recruit members using the URL "Leanin.uk," a reference to former Chief Operating Officer Sheryl Sandberg's best-selling book encouraging women to seek equal footing in the workplace. "Meta's workers are paying the price for management's reckless and expensive bets. While executives chase speculative AI strategies, staff are facing devastating job cuts, draconian surveillance, and the cruel reality of being forced to train the inefficient systems being positioned to replace them," said Eleanor Payne, an organizer with UTAW. "If we're building agents to help people complete everyday tasks using computers, our models need real examples of how people actually use them -- things like mouse movements, clicking buttons, and navigating dropdown menus," said a statement Meta issued earlier.

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/12/2242241/meta-employees-launch-protest-against-mouse-tracking-tech-at-us-offices?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В почтовом сервере Exim выявлена критическая уязвимость (CVE-2026-45185), позволяющая удалённо добиться выполнения кода на сервере. Проблема проявляется начиная с ветки Exim 4.97 при сборке с библиотекой GnuTLS ("USE_GNUTLS=yes") и устранена в выпуске Exim 4.99.3. Сборки с OpenSSL и другими библиотеками, отличными от GnuTLS, уязвимость не затрагивает.

https://www.opennet.ru/opennews/art.shtml?num=65436