Состоялся релиз каталогизатора домашней библиотеки MyLibrary 4.2.1. Код программы написан на языке программирования С++ и доступен (GitHub, GitFlic) под лицензией GPLv3. Графический интерфейс пользователя реализован с помощью библиотеки GTK4. Программа адаптирована для работы в операционных системах семейства Linux и Windows. Для пользователей Arch Linux в AUR доступен готовый сценарий сборки пакета. Для пользователей Windows доступен экспериментальный инсталлятор.

https://www.opennet.ru/opennews/art.shtml?num=64069

Опубликован экспериментальный выпуск открытой реализации Win32 API - Wine 10.17. С момента выпуска 10.16 было закрыто 17 отчётов об ошибках и внесено 367 изменений.

https://www.opennet.ru/opennews/art.shtml?num=64072

TOP10 VISITORS:

[1] 37.252.14.x point=143 web=0 up=26.8MB (32%) <--- ake (6/hr)
[2] 45.135.180.x point=240 web=0 up=20.8MB (25%) <--- yesterlink (10/hr)
[3] Amazon point=1 web=192 up=6.2MB (7%) <--- Amazon
[4] PetalBot point=1 web=1027 up=6.0MB (7%) <--- PetalBot
[5] Google point=1 web=538 up=4.9MB (6%) <--- Google
[6] TikTok point=0 web=84 up=1.2MB (1%)
[7] 95.91.104.x point=0 web=6 up=1.1MB (1%)
[8] 217.114.158.x point=25 web=0 up=1.1MB (1%) <--- fox (1/hr)
[9] 94.25.231.x point=1 web=0 up=1.0MB (1%) <--- 94.25.231.x
[10] 178.25.244.x point=0 web=6 up=0.5MB (<1%)

TOTAL TRAFFIC: 81MB

Нейт Грэм (Nate Graham), разработчик, занимающийся контролем качества в проекте KDE, опубликовал очередной отчёт о разработке KDE. Наиболее заметные изменения, развиваемые для выпуска KDE Plasma 6.6, запланированного на 12 февраля.

https://www.opennet.ru/opennews/art.shtml?num=64073

A network of classified Starshield satellites built by SpaceX for the U.S. government is transmitting signals on radio frequencies reserved for Earth-to-space commands. According to NPR, it may violate international standards. From the report: Satellites associated with the Starshield satellite network appear to be transmitting to the Earth's surface on frequencies normally used for doing the exact opposite: sending commands from Earth to satellites in space. The use of those frequencies to "downlink" data runs counter to standards set by the International Telecommunication Union, a United Nations agency that seeks to coordinate the use of radio spectrum globally.

Starshield's unusual transmissions have the potential to interfere with other scientific and commercial satellites, warns Scott Tilley, an amateur satellite tracker in Canada who first spotted the signals. "Nearby satellites could receive radio-frequency interference and could perhaps not respond properly to commands -- or ignore commands -- from Earth," he told NPR.

Outside experts agree there's the potential for radio interference. "I think it is definitely happening," said Kevin Gifford, a computer science professor at the University of Colorado, Boulder who specializes in radio interference from spacecraft. But he said the issue of whether the interference is truly disruptive remains unresolved. [...] Tilley says he's detected signals from 170 of the Starshield satellites so far. All appear in the 2025-2110 MHz range, though the precise frequencies of the signals move around.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/18/0219237/a-classified-network-of-spacex-satellites-is-emitting-a-mysterious-signal?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован выпуск платформы совместной разработки Forgejo 13.0, позволяющей развернуть на своих серверах систему для совместной работы с репозиториями Git, напоминающую по решаемым задачам GitHub, Bitbucket и Gitlab. Forgejo является форком проекта Gitea, который в свою очередь ответвился от платформы Gogs. Отделение Forgejo произошло в 2022 году после попыток коммерциализации Gitea и перехода управления в руки коммерческой компании. Проект Forgejo придерживается принципов независимого управления и подконтрольности сообществу. На использование Forgejo перешёл Git-хостинг Codeberg.org. Код проекта написан на языке Go и распространяется под лицензией GPLv3.

https://www.opennet.ru/opennews/art.shtml?num=64074

Опубликовано: Sat, 18 Oct 2025 09:07:49 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Помню тот момент, когда я в очередной раз пытался вытащить конкретную спецификацию из стопки PDF‑отчетов. «Вот бы ИИ мог сам в этом покопаться», — подумал я. Это чувство знакомо многим, кто работает с большими массивами текстовой информации.Тогда я и решил, что хватит это терпеть. Последующий день превратился в марафон по установке и настройке RAG (генерация с дополнением извлеченной информацией). Это был путь проб и ошибок, который в итоге увенчался успехом. И теперь я хочу поделиться этим опытом с вами.В этом материале мы:• Пошагово установим rag_api в уже развёрнутый LibreChat;• Воспользуемся Python 3.12, PostgreSQL 17;• В командной строке соберём PostgreSQL‑аддон pg_vector через x64 Native Tools Command Prompt for VS 2022;• Протестируем RAG‑систему 20 вопросами к вымышленной документации, сгенерированной в Gemini 2.5 Pro;• Узнаем, во сколько раз медленнее запускать через CPU, чем через GPU.Приятного прочтения! Читать далее]]>

https://habr.com/ru/companies/bothub/articles/956892/

Даже пользователь без прав администратора способен вызвать необратимую рассинхронизацию дисков.

В Linux обнаружена серьёзная уязвимость, существующая уже более десяти лет, и связана она с механизмом программного RAID при использовании флага O_DIRECT. Проблема позволяет привести массив в несогласованное состояние, причём без каких-либо ошибок или предупреждений со стороны системы. Несмотря на то, что баг впервые был зарегистрирован ещё в 2015 году, интерес к нему вновь возрос в контексте современных задач, таких как живая миграция виртуальных машин.

( [ читать дальше... ]( https://www.linux.org.ru/news/linux-general/18114137#cut ) )

In two separate reports, Apple and Samsung are said to report underwhelming sales of their new ultra-thin smartphones. According to The Elec, Apple plans to cut production of the iPhone Air while Samsung has canceled its planned Galaxy S26 Edge smartphone after disappointing sales of the Galaxy S25 Edge, Korea's NewsPim claims. MacRumors reports: Samsung apparently halted work on the Galaxy S26 Edge this week, informing employees internally that the product line would be discontinued. Internal discussions in September shifted priorities toward the more conventional "Plus" form factor after confirming that consumer demand for ultra-slim flagships was weaker than expected. [...]

Samsung will apparently instead add a Galaxy S26 Plus model to its 2026 lineup, reverting to the company's traditional three-tier structure of base, Plus, and Ultra variants. Despite the cancellation, development of the Galaxy S26 Edge was already complete. Development of the S26 Plus is expected to begin before the end of the third quarter of 2025. The atmosphere inside the company is said to be "chaotic" and "embarrassed" following the sudden lineup revision. Samsung reportedly plans to sell through existing inventory of the Galaxy S25 Edge and cease further production once stock is depleted. As for Apple's iPhone Air, here's what MacRumors is reporting: The Japanese investment banking and securities firm claims that the iPhone 17 Pro and iPhone 17 Pro Max are seeing higher sales than their predecessors during the same period last year, while the standard iPhone 17 is a major success, performing significantly better than the iPhone 16.

The iPhone Air is apparently the outlier; Apple plans to reduce production by one million units this year. Meanwhile, Apple plans to increase production of all other models by two million units. The overall production forecast of the iPhone 17 series this year has also been increased from 88 million units to 94 million units for the start of 2026.

[ Read more of this story ]( https://mobile.slashdot.org/story/25/10/18/0213223/apple-samsung-report-underwhelming-sales-of-their-new-thin-smartphones?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

# Радиослушатель

Где то полтора года назад я написал заметку про радио. За это время тяга слушать эфир постепенно прогрессировала и сейчас, когда я пишу эту заметку, на подоконнике слева от меня стоят 4 приёмника. В компьютер воткнут SDR-свисток. За окном на осеннем ветру качается удочка с натянутым на ней кабелем. А из колонок доносится негромкий шелест радиоэфира.

Нет, я не стал радиолюбителем. Я -- радиослушатель!

Радио для меня -- терапия и отдушина. Когда я слышу разговоры о том, что сегодня радио потеряло свой смысл, я соглашаюсь. Хотя моё согласие мнимое. Просто не всем можно объяснить, что велосипед - не только транспорт. А радио - не только (и не сколько) получение информации. Слушать радио -- это как смотреть на море. Живое и настоящее... Расскажите рыбаку о том, что рыбу проще купить в супермаркете?

# Радио в городской квартире

Когда я купил свой первый приёмник Tecsun pl-330 и, уютно устроившись на диване, кроме FM-диапазона ничего не "поймал" -- я был разочарован. Потом, прислонившись к окну, я смог услышать несколько коротковолновых станций. Это было мощное "Международное Радио Китая". Но тогда, по наивности, я думал что слышу разные страны (ведь вещание шло на разных языках). Услышать радиолюбителей я так и не смог. Средние волны тоже были мертвы.

Ещё одним неприятным открытием стало наличие "софт-мьюта". На время перестройки частоты звук в приёмнике глушится. Поэтому, когда ты крутишь ручку частоты ты слышишь постоянные "пшш-пшш-пшш"... Дело в том, что в большинстве современных "бытовых" всеволновых приёмниках стоит микросхема DSP от Silicon Labs, которая играет в них роль и детектора и приёмной части. При перестройке на частоту всегда есть небольшой лаг, который и выражается в понижении уровня громкости. Это сильно отличается от опыта использования старых аналоговых приёмников.

Так случилось, что я потерял приёмник и купил новый: XHDATA D-808. Это тоже неплохой и недорогой приёмник для того "чтобы попробовать". С таким же софт-мьютом. Но в нём был авиадиапазон! И мне даже удалось поймать полуразборчивые переговоры пилотов с диспетчерами.

К этому моменту я уже знал на каких частотах искать любителей. Знал особенности видов модуляций. Но любителей я слышал едва разборчиво. Не помогала мне и проволочная антенна (кусок провода, который шёл в комплекте с одним из приёмников) растянутая по периметру окна.

# Белка и "Пончик"

Как типичный радиослушатель я думал что дело в приёмнике! Что можно просто купить что-нибудь получше и услышать больше. Выбор пал на приёмник "Белка" -- от белорусского радиолюбителя с позывным EU1ME. Параллельно с этим на aliexpress я заказал "пончик" - маленькую резонансную рамочную антенну, о которой узнал в одном из телеграм чатов.

Свершилось! С "пончиком" и Белкой я стал регулярно слышать радиолюбителей "прилипнув" к окну своей квартиры. Стал регулярно слышать вещательные станции. Например, очень нравилось слушать "Голос Кореи" где транслировались мелодичные песни женских коллективов, одобренных вождём КНДР.

Белка - миниатюрный радиоприёмник, который я стал таскать с собой на прогулки и тогда, наконец, осознал простой факт. На улице все мои приёмники прекрасно ловили эфир на штатные телескопические антенны! Белка не делала "пшш-пшш" в отличие от моих прошлых приёмников и ей было очень приятно "шерстить" эфир. Примерно в это же время на полке в шкафу я нашёл ранее "потерянный" pl-330. D-808 я подарил отцу и заново открыл для себя pl-330. Теперь я точнее знал: что, где и когда искать.

# SDR

С "Белкой" создалось обманчивое впечатление что я услышал всё, что мог, поэтому следующим шагом стала покупка петлевой антенны youloop с усилителем сигнала и sdr-"свистка" (rtl-sdr v4).

SDR-донгл я взял с надеждой, что он заменит мне любой приёмник. Действительно, в приемниках были свои ограничения. Например, на бытовом приёмнике невозможно выбрать произвольную модуляцию на любом диапазоне. Да и сами диапазоны ограничены "потолком" в 30000 кгц. Я был знаком с SDR по web-sdr и понимал, что визуальное изучение спектра -- гораздо более удобный и быстрый способ поиска по эфиру.

Ещё с момента покупки "Белки" я знал о таком приёмнике как "Малахит" -- разработке другого радиолюбителя с позывным RX9CIM. Этот приёмник построен вокруг SDR чипа Msi001. "Малахит" имеет возможность показывать "водопад" частот на экране, а прошивка имеет массу интересных настроек и возможностей. Вроде отличного фильтра шумов или встроенного декодера морзянки. Мне, конечно, хотелось получить этот приёмник, но цена... Вот я и решил, что купив rtl-sdr и антенну, подключив всё это к ПК я получу то же самое, но дешевле...

SDR-свисток открыл новые возможности. Теперь можно было изучать цифровые виды связи. Водопад добавил удобство при поиске и идентификации интересных сигналов. Я обложился разнообразным софтом под Linux. Приведу название лишь некоторых:

- gqrx - SDR-ресивер (предпочёл его sdr++);
- SDR++ - для работы со смартфона;
- dsd-fme - декодер DSD;
- fldigi - декодирование телетайпа, морзянки и т.д.;
- qsstv - декодер картинок SSTV;
- dump1090 - декодер сообщений Mode S (информация о самолётах в небе).

Ловил погодные факсы, читал "морзянки" морского флота, слушал различные службы (например, охрану ближайшего стадиона во время матча). И всё это время, антенна youloop просто стояла на подоконнике.

При использовании rtl-sdr я увидел на спектре, что мой настольный компьютер создает массу помех. Поэтому я пользовался SDR++ на смартфоне или ноутбуке - которые "шумели" гораздо меньше.

# Малахит

Однажды я получил возможность поиграть с "Малахитом". Он пробыл у меня один вечер и я быстро убедился, что на той же антенне он показывает лучшие результаты. Я услышал хорошо то, что вообще не слышал или слышал плохо на rtl-sdr. Через месяц я заказал себе этот приёмник.

"Малахит" принёс массу положительных эмоций. Rtl-sdr и "Малахит" дополнили друг-друга. Некоторые вещи, вроде декодирования цифровых сигналов, удобнее делать на ПК. А "Малахит" выступил в роли портативного универсального приёмника для всего остального.

Кстати, к этому моменту у меня стал глючить валкодер у "Белки" и мне пришлось заказать новый в "Чип-и-дипе" и заняться пайкой. До сих пор не могу поверить, что мне это удалось и я не испортил приёмник.

Конечно, я брал свои радио в отпуск. Сначала pl-330. Потом "Белку". Но отсутствие возможности слушать обычные FM-станции на "Белке" огорчало. Поэтому в следующий раз я снова взял "пшикающий" tecsun и... остался доволен! К тому же, оказалось что в нём есть скрытая полезная функция -- переключение между внутренней ферритовой антенной и телескопом при прослушивании средних волн. А брать в отпуск "Малахит" было жалко. Да и выглядит он как "шпионское" оборудование. :)

# Балкон

Шло лето. Однажды вечером я вышел на балкон. (Это был тот редкий момент, когда он был свободен от хлама.) Вышел я не с пустыми руками. В них был "Малахит". Я выдвинул телескоп, облокотился на балконную раму и взглянул на спектр. Я не поверил своим глазам! Спектр был чистым от шумов и на нём были сильные сигналы! Я быстро сбегал за антенной-проводом, которая валялась без дела, привязал её к пластиковой швабре и выдвинул швабру за балкон. Конец провода приложил к телескопу "Малахита". Было не очень удобно, но я смог пробежаться по привычным частотам и понял -- вот оно!

Я заказал на OZON телескопическую удочку длиной 5 метров. Когда удочка пришла, я привязал к ней провод и высунул из балкона.

Я слушал эфир сидя на табуретке на балконе, прикрепляя свободный конец провода к телескопической антенне "Малахита".

Это было не очень удобно, поэтому я решил сделать модификацию. Для этого понадобились: полевой кабель и балун 9:1 которые я просто заказал на том же OZON. Расплел кабель на два провода. 5 метров закрепил на удочке. 2-3 метра "впрессовал" в щель металлической балконной рамы. Два конца воткнул в балун, и балун подключил уже к кабелю с SMA разъёмом.

СТАЛО. ЕЩЁ. ЛУЧШЕ!

Видимо, "второй конец" действительно сработал как противовес. Эфир продолжал раскрываться. Я слышал всё новые станции, а старые -- услышал чище и громче. youloop был заброшен.

Жизнь с радио заиграла новыми красками и ничто не предвещало беды. Но наступила осень. Сидя на балконе и держа в озябших пальцах металлический корпус "Малахита" я невольно стал задумываться о грядущих зимних вечерах. Я запаниковал и понял -- нужно тянуть кабель с балкона в свою комнату!

Было две попытки сделать "нормально". Вторая попытка выглядит так. Кабель RG-58 идёт от балуна изнутри балкона по внешнему периметру балкона в мою комнату через форточку. Кабель просунут в щель между окном и рамой москитной сетки. Далее, через переходник к нему подсоединён уже более тонкий кабель, который входит внутрь квартиры и не мешает закрытию форточки. Не пришлось ничего сверлить. На улице находятся только RG-58 и удочка с намотанным на неё полевиком. Сама удочка при этом стоит частично внутри балкона, упираясь в стену рукояткой. Кстати, надо было брать удочку 7-метров...

Всё, теперь можно наслаждаться радио уютно сидя у окна. А днём смотреть на синичек, которые отдыхают на удочке. Наблюдение: двух синичек моя удочка уже не выдерживает! :)

# Помехи

Но всё-таки, разница между приёмом на балконе и в комнате оставалась. 80-метровый диапазон был в шумах. Я не мог слушать "Русское пиратское радио" на 3940кгц. Пришлось искать источник помех. Тут снова всплыла старая проблема -- блок питания моего ПК! Опытным путём выяснилось, что он переставал шуметь только при полном обесточивании. Делать это постоянно было очень неудобно. Я психанул и купил другой БП, в этот раз не самый дешёвый. Помогло! Помех стало гораздо меньше. А "русское пиратское радио", к сожалению, "ушло в отпуск"(c)...

... Кстати, по ночам стало возможно слушать несколько станций на СВ! ...

# Tecsun PL-680

Наигравшись с SDR, "Малахитом" и "Белкой" -- захотелось более "обычного" радио. С нормальным динамиком, ручками, в заводском корпусе... И я заказал ещё один приёмник -- Tecsun pl-680. Этот приёмник (как и предыдущую модель pl-660) радиолюбители и хвалят и ругают одновременно. Это хороший гетеродинный приёмник. Поэтому, кстати, в нём нет назойливого "пшш-пшш", так как частота преобразуется в промежуточную частоту аналоговой частью, а DSP играет роль детектора, но не приёмной части. Но приёмник часто приходит с завода в плохо настроенном состоянии. Радиолюбители настраивают и дорабатывают pl-660 и pl-680 до приемлемого уровня. Причём, для этой процедуры необходимы соответствующие инструменты и оборудование (не говоря уже об опыте). При всём желании, вряд ли я способен на такое! Но мне относительно повезло. Мой экземпляр пришёл не в худшем состоянии. Я сравнил его со своими остальными приёмниками и остался доволен!

# Итоги

Подведу итоги своих "радиослушательских" впечатлений.

1. Слушать КВ можно на любой приёмник, если выйти на прогулку в парк;

2. Слушать КВ в условиях городской квартиры - можно. Но нужна антенна;

3. youloop + усилитель на ozon или aliexpress - нормальный бюджетный вариант для комнатной антенны, если нет желания/возможности делать что-то "снаружи". Без усилителя youloop работает хуже;

4. В "пончике" нет большого смысла, если есть youloop. А на улице ловится и на телескоп;

5. Стоит поэкспериментировать с длинным проводом в качестве антенны и поискать в своей квартире места с меньшим зашумлением;

6. В качестве первого (или даже единственного) приёмника рекомендую tecsun pl-330. За свои деньги, отличная штука. При этом - он компактный. Удобно брать на прогулки и в отпуск;

7. Выбирая между pl-330 и XHDATA D-808 я бы выбрал 330-й. Он компактней, у него есть функция выбора антенны для СВ, а слушать самолёты (есть в 808-м) быстро надоедает;

8. Выбирая между "Белкой" и "Малахитом", если вопрос стоит "только один приёмник" - лучше "Малахит". "Белка" -- отличный приёмник, но как дополнительный;

9. "Белка" существует в двух вариантах (две разные задние крышки) - с динамиком и без. Динамик - крошечный и направлен "назад". На мой взгляд брать вариант с динамиком не имеет большого смысла. Как и использовать "Белку" в качестве единственного приёмника;

10. Динамик "Малахита" обращён назад. Это кажется мелочью, но всё-таки является неудобством. "Малахит" -- может играть роль "единственного" универсального приёмника. Но его жалко брать в поездки;

11. SDR - интересная тема. Но только если вы уже "подсели" на радио. SDR не заменяет опыт "обычного" приёмника;

12. tecsun pl-660/680 - возможно тот самый "походный" универсальный приёмник. Однако есть минусы: элемент "везения" при покупке, нет возможности слушать СВ на внешнюю антенну (без доработки), большой размер. В остальном - выглядит как отличный приёмник за свою цену. Выбирая между "Белкой" и pl-680, я бы выбрал tecsun pl-680 (если речь о единственном приёмнике).

# Зачем?

Как я уже написал в начале этой заметки, если такой вопрос у вас возникает, то на него у меня не будет ответа. Если от радио вам нужна только "информация", то в Linux можно поставить приложение shortwave, которое по интернету доставит вам сигнал от любой из тысяч вещательных радиостанций. Для андроида тоже есть хорошее приложение -- "Транзистор" (есть в F-Droid). А чтобы послушать любителей, вы можете воспользоваться web-sdr. Да и вообще, "всё есть в интернете"...

Но я убедился на личном опыте что когда я сижу вечером у окна, вглядываюсь в темноту и снова слышу мягкое шипение эфира -- возникает "что-то ещё". Здесь и сейчас. И мне нет нужды "оправдывать" это "что-то".

Опубликовано: Sat, 18 Oct 2025 11:16:22 GMT
Канал: Все статьи подряд / Программирование микроконтроллеров / Хабр

Где‑то полгода назад я в комментариях писал что «через пару недель» протестирую К1921ВГ015 и выложу результаты. Пара недель прошли, кроме меня никто этим не занялся, так что исправляем ситуацию как можем! В программе: мотивация создать свою собственную отладочную плату, краткий обзор существующих и тесты АЦП с подручным оборудованием. Читать далее]]>

https://habr.com/ru/articles/957832/

Cybercriminals are exploiting weak email authentication settings in Zendesk, using the platform's customer support systems to bombard targets with thousands of spam and harassing messages that appear to come from legitimate companies like The Washington Post, Discord, and NordVPN. KrebsOnSecurity reports: Zendesk is an automated help desk service designed to make it simple for people to contact companies for customer support issues. Earlier this week, KrebsOnSecurity started receiving thousands of ticket creation notification messages through Zendesk in rapid succession, each bearing the name of different Zendesk customers, such as CapCom, CompTIA, Discord, GMAC, NordVPN, The Washington Post, and Tinder.

The abusive missives sent via Zendesk's platform can include any subject line chosen by the abusers. In my case, the messages variously warned about a supposed law enforcement investigation involving KrebsOnSecurity.com, or else contained personal insults. Moreover, the automated messages that are sent out from this type of abuse all come from customer domain names -- not from Zendesk. [...]

In all of the cases above, the messaging abuse would not have been possible if Zendesk customers validated support request email addresses prior to sending responses. Failing to do so may make it easier for Zendesk clients to handle customer support requests, but it also allows ne'er-do-wells to sully the sender's brand in service of disruptive and malicious email floods. "We recognize that our systems were leveraged against you in a distributed, many-against-one manner," said Carolyn Camoens, communications director at Zendesk. "We are actively investigating additional preventive measures. We are also advising customers experiencing this type of activity to follow our general security best practices and configure an authenticated ticket creation workflow."

[ Read more of this story ]( https://it.slashdot.org/story/25/10/17/2333255/email-bombs-exploit-lax-authentication-in-zendesk?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

In Reddit's "Family Medicine" subreddit, a moderator noticed earlier this week that the AI-powered "Reddit Answers" was automatically responding to posters, typically with "something related to what was posted." Unfortunately, that moderator says, Reddit Answers "has been spreading grossly dangerous misinformation."And yet Reddit's moderators "cannot disable this feature."

Elsewhere a healthcare worker described what happened when they tested Reddit Answers:

I made a post in r/familymedicine and a link appeared below it with information on treating chronic pain. The first post it cited urged people to stop their prescribed medications and take high-dose kratom which is an illegal (in some states) and unregulated substance. I absolutely do not endorse this...

I also asked about the medical indications for heroin. One answer warned about addiction and linked to crisis and recovery resources. The other connects to a post where someone claims heroin saved their life and controls their chronic pain. The post was encouraging people to stop prescribed medications and use heroin instead. Heroin is a schedule I drug in the US which means there are no acceptable uses. It's incredibly addictive and dangerous. It is responsible for the loss of so many lives...

The AI-generated answers could easily be mistaken as information endorsed by the sub it appears in. r/familymedicine absolutely does not endorse using heroin to treat chronic pain. This feature needs to be disabled in medical and mental health subs, or allow moderators of these subreddits to opt out. Better filters are also needed when users ask Reddit Answers health related questions. If this continues there will be adverse outcomes. People will be harmed. This needs to change.
Two days ago an official Reddit "Admin" posted that "We've made some changes to where Answers appears based on this feedback," adding that beyond that Reddit "will continue to tweak based on what we're seeing and hearing." But the "Family Medicine" subreddit still has a top-of-page announcement warning every user there...

"We do NOT and CANNOT endorse Reddit Answers at this time and urge every user of this sub to disregard anything it says."

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/18/086208/reddit-mod-warns-do-not-trust-ai-powered-reddit-answers-after-it-posts-dangerous-health-advice?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

13 октября, после двух месяцев разработки, состоялся выпуск 2.3.0 кроссплатформенного мультимедийного плеера [ Qmmp ]( https://qmmp.ylsoftware.com/index.php?lang=ru ) .

Некоторые [ возможности ]( https://qmmp.ylsoftware.com/features.php?lang=ru ) плеера:

• Поддержка операционных систем GNU/Linux, FreeBSD и Microsoft Windows.

• Поддержка большого количества мультимедийных форматов.

• Аудио и визуальные эффекты.

• Поддержка систем вывода звука:

• OSS4 (FreeBSD)

• ALSA (Linux)

• PulseAudio

• PipeWire

• JACK

• QtMultimedia

• Icecast

• WaveOut (Win32)

• DirectSound (Win32)

• WASAPI (Win32)

• Поддержка обложек XMMS и Winamp 2.x.

• Альтернативный пользовательский интерфейс с использованием стандартного оформления.

• 10-полосный эквалайзер.

• И многое другое.

( [ читать дальше... ]( https://www.linux.org.ru/news/multimedia/18114987#cut ) )

>>> [ Страница других дополнений ]( https://qmmp.ylsoftware.com/addons.php?lang=ru )

Canada's Prime Minister "paused an electric-vehicle sales mandate that was set to take effect next year," reports the Wall Street Journal, which argues a kind of retreat from electric-vehicle ambitions "is spreading around the globe."

Even the U.K.'s Prime Minister "has allowed for a more flexible timetable to hit the country's EV targets." And demand is expected to drop in the U.S., where global consulting firm AlixPartners now predicts EVs will make up 18% of new-vehicle sales by 2030 — just half of what they'd predicted two years ago:
j
U.S. automaker GM will take a $1.6 billion charge "because of sinking EV sales," reports the Wall Street Journal, "a shift it blamed on recent moves by the U.S. government to end EV subsidies and regulatory mandates... That might just be the beginning of a financial reckoning from automakers that poured billions into new electric models — from sports cars and sedans to big pickups and sport-utility vehicles — to try to get ready for the government-backed EV mandates.

Automakers have been saying that consumers aren't adopting EVs as quickly as expected, and government efforts to proliferate the technology are hammering their bottom lines. GM, in announcing its charge, said it is reassessing EV capacity and warned that more losses are possible...Carmakers argue the EV business model is an unprofitable proposition given still-high battery costs, spotty car-charging networks and dwindling government subsidies.

Incentive programs have ended or have been pared back across Europe and in the U.S. and Canada.

Volkswagen, burdened with massive electrification costs, helped spur the reckoning in Europe when it said it would cut 35,000 jobs as part of a deal with its union. The move sent shock waves through the region's political establishment. Weeks later, the EU launched a "strategic dialogue" with the automotive industry that led to a more flexible timetable for automakers to meet its emissions rules for 2025.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/18/0623211/are-parts-of-the-world-retreating-on-electric-vehicles?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The James Webb Space Telescope gets its highest resolution with the aperture masking interferometer (or AMI), "a tiny piece of precisely machined metal that slots into one of the telescope's cameras," according to a new article by Benjamin Pope, an associated math professor at Macquarie University.
"We can finally present its first successful observations of stars, planets, moons and even black hole jets."

[AMI] was put on Webb to diagnose and measure any blur in its images. Even nanometres of distortion in Webb's 18 hexagonal primary mirrors and many internal surfaces will blur the images enough to hinder the study of planets or black holes, where sensitivity and resolution are key. AMI filters the light with a carefully structured pattern of holes in a simple metal plate, to make it much easier to tell if there are any optical misalignments. We wanted to use this mode to observe the birth places of planets, as well as material being sucked into black holes. But before any of this, AMI showed Webb wasn't working entirely as hoped.
At very fine resolution — at the level of individual pixels — all the images were slightly blurry due to an electronic effect: brighter pixels leaking into their darker neighbours. This is not a mistake or flaw, but a fundamental feature of infrared cameras that turned out to be unexpectedly serious for Webb. This was a dealbreaker for seeing distant planets many thousands of times fainter than their stars a few pixels away: my colleagues quickly showed that its limits were more than ten times worse than hoped. So, we set out to correct it...

We built a computer model to simulate AMI's optical physics, with flexibility about the shapes of the mirrors and apertures and about the colours of the stars. We connected this to a machine learning model to represent the electronics with an "effective detector model" — where we only care about how well it can reproduce the data, not about why. After training and validation on some test stars, this setup allowed us to calculate and undo the blur in other data, restoring AMI to full function. It doesn't change what Webb does in space, but rather corrects the data during processing. It worked beautifully — the star HD 206893 hosts a faint planet and the reddest-known brown dwarf (an object between a star and a planet). They were known but out of reach with Webb before applying this correction. Now, both little dots popped out clearly in our new maps of the system... With the new correction, we brought Jupiter's moon Io into focus, clearly tracking its volcanoes as it rotates over an hour-long timelapse.
"This correction has opened the door to using AMI to prospect for unknown planets at previously impossible resolutions and sensitivities..." the article points out.
"Our results on painstakingly testing and enhancing AMI are now released on the open-access archive arXiv in a pair of papers."

Thanks to long-time Slashdot reader schwit1 for sharing the article.

[ Read more of this story ]( https://science.slashdot.org/story/25/10/18/0537217/how-we-sharpened-the-james-webb-telescopes-vision-from-a-million-kilometers-away?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Concrete accounts for about 8% of the world's greenhouse gas emissions, notes CNN. But a research team at the University of Pennsylvania just used a robotic 3D printer to construct a bridge with "complex, lattice-like patterns" that are just as strong and durable — but with materials that absorb more carbon dioxide.

Check out the photos of the "Diamanti" projects "post-tensioned concrete canopy". And CNN's report includes an animated photo showing the 3D printer in action:

While most regular concrete absorbs carbon dioxide (up to 30% of its production emissions over its entire life cycle, according to some research), Diamanti's enhanced concrete mixture absorbs 142% more carbon dioxide than conventional concrete mixes. Its first design, a pedestrian bridge, uses 60% less material while retaining mechanical strength, says Masoud Akbarzadeh, an associate professor of architecture at the University of Pennsylvania and director of the lab that spearheaded the project.

"Through millions of years of evolution, nature has learned that you don't need material everywhere," says Akbarzadeh. "If you take a cross section of a bone, you realize that bone is quite porous, but there are certain patterns within which the load (or weight) is transferred." By mimicking the structures in certain porous bones — known as triply periodic minimal surface (TPMS) structures — âDiamanti also increased the surface area of the bridge, increasing the concrete mixture's carbon absorption potential by another 30%... According to Akbarzadeh, 3D printing reduces construction time, material, and energy use by 25%, and its structural system reduces the need for steel by 80%, minimizing use of another emissions-heavy material. He added that using the technique with Diamanti's concrete significantly cuts greenhouse gas emissions compared to regular construction techniques, and reduces construction costs by 25% to 30%.

"Even without the material innovation, the higher surface itself allows higher CO2 absorption," one engineering lecturer tells CNN. The project was a collaboration with chemical company Sika, funded with grants from the U.S. Energy Department, and is now preparing its first full-size prototype in France.
The team has published their findings in the journal Advanced Functional Materials earlier this year.

[ Read more of this story ]( https://news.slashdot.org/story/25/10/18/0655237/researchers-build-complex-3d-printed-carbon-absorbing-bridge-inspired-by-bones?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Earlier available only to the paying subscribers, the Comet browser now offers its core features to all users at no cost," writes the Times of India. "This includes AI-powered search, contextual recommendations, and integrated tools designed to streamline research and content discovery." They say the move reflects the Chromium-based browser's goal to "compete with incumbents like Google Chrome and Microsoft Edge" — but also reflects Perplexity's "broader mission to democratize AI tools."

More details from The Verge:
The internet is better on Comet," the company says, promising to remain free forever as it styles the browser as a serious challenger to Google's Chrome...
It's supposed to make surfing the web simpler and help you with tasks like shopping, booking trips, and general life admin. To borrow the company's words again: you "get more done." The AI-powered browser launched in July, though was only available for users who subscribed to the $200 per month Perplexity Max plan... No subscription at all will be needed to use Comet going forward, the company says.

Perplexity has even struck deals with major sites including the Washington Post, and the Los Angeles Times to offer free access to their sites for one month through the Comet browser. And last week Perplexity also launched an agressive paid referral program, where active Perplexity Pro/Max subscribers get a payout of up to $15 for each friend who downloads and uses Comet through their affiliate link. (The payout size is based on the friend's country, with $15 being the payout amount for a U.S. user, with $10 payouts for users in 19 other countries include Canada, Australia, the U.K., several EU countries, Japan, and South Korea.
In addition, Srinivas has been sharing positive tweets about Comet. (Like "This is unbelievable. Comet automatically hunts down Sora 2 invite codes across the web and signs you up!") But Perplexity is making even bigger claims for its browser:
Perplexity AI CEO Aravind Srinivas said that the Comet AI browser can improve productivity so that companies won't need to hire more people. "Instead of hiring one more person on your team, you could just use Comet to supplement all the work that you're doing," Srinivas told CNBC's "Squawk Box"... The CEO said the artificial intelligence-powered web browser is a "true personal assistant" that allows users to complete more tasks in the same amount of time and said that the productivity gained could be worth $10,000 per year for a single person...

Other tech companies have also been rolling out their own AI browser assistants. In January, OpenAI introduced its web agent, Operator, and Google released Gemini AI to its Chrome browser in September.
Meanwhile, The Verge adds, The Browser Company (makers of the Arc browser) "is going all in on Dia, and Opera just launched its own AI browser, Neon."

Of course, popularity brings problems, writes the Times of India:

iPhone users are being warned by Perplexity CEO Aravind Srinivas against downloading a fake 'Comet' app on the App Store. He clarified that the official iOS version is not yet released and the current listing is unauthorized spam..

And earlier this month the browser security platform described a "CometJacking" attack where malicious prompts could be hidden in URLs (as a parameter). Comet is instructed "to look for data in memory and connected services (e.g., Gmail, Calendar), encode the results (e.g., base64), and POST them to an attacker-controlled endpoint... all while appearing to the user as a harmless 'ask the assistant' flow." (And with some trivial encoding it also seems to evade exfiltration checks.)

The Hacker News reported that Perplexity has classified the findings as "no security impact."

[ Read more of this story ]( https://slashdot.org/story/25/10/18/0437214/perplexitys-ai-browser-comet-is-now-free-with-big-marketing-deals-to-challenge-chrome?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Windows 10 is officially dead," writes Slashdot user darwinmac, "and the vultures are circling. Or maybe they are liberators, depending on your point of view." Neowin reports:

Of all the projects trying to poach Windows users, Zorin Group might be the most aggressive, launching its biggest OS upgrade, Zorin OS 18, on the very day Windows 10 died.

In a recent post on X, Zorin Group celebrated the launch of version 18, claiming that it hit 100,000 downloads in "a little over 2 days". The company called it its "biggest launch ever" and claimed that over 72% of those downloads came from Windows...

Zorin OS 18 now includes an updated version of WINE 10 for better support of Windows software. On top of that, there's also an expanded database that helps when it detects a Windows installer. The system checks the file and suggests the best way to run over 170 popular apps, whether that means installing a native Linux version, using the web-based alternative, or firing it up through WINE.

The article also notes LibreOffice's creators have been presenting Linux as a secure and cost-effective alternative since June, and "We have also seen initiatives like The "End of 10" Campaign by KDE, making the case for Linux and providing guides and info on how to switch."

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/18/1946208/windows-10-refugees-flock-to-linux-as-zorin-os-claims-biggest-launch-ever?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

It's the world's largest network of environmental groups, according to NBC News, with more than 1,400 members from roughly 160 countries. It meets once every four years.

And in a vote Tuesday, the International Union for Conservation of Nature "approved further exploration of the use of genetic engineering tools to aid in the preservation of animal species and other living organisms."

Researchers are already pursuing projects that involve changing some species' DNA. Scientists are genetically modifying mosquitoes to reduce transmission of diseases like malaria, for example, and synthesizing horseshoe crab blood, which is used in drug development. Controversial efforts to "de-extinct" archaic creatures — such as the so-called "dire wolf" that a biosciences company announced it had revived this spring — fall under the umbrella, as well. So do possibilities like modifying organisms to help them adapt to a warming world, which are on the table but further off in development.... The decision is applicable to work on a range of organisms, including animals, plants, yeasts and bacteria....

The notion of introducing genetic engineering into wild ecosystems would have been considered a nonstarter in most conservation circles a decade ago, according to Jessica Owley [a professor and environment law program director at the University of Miami]. But the intensifying effects of climate change and other stressors to biodiversity are bolstering arguments in favor of human intervention that could make endangered species resistant to those threats... The IUCN vote, she added, reflects a feeling of desperation among conservationists and governments, as existing regulations and conservation efforts fall short and species continue to disappear worldwide.
"A separate measure, a proposed moratorium on releasing genetically modified organisms into the environment, failed by a single vote..."

[ Read more of this story ]( https://science.slashdot.org/story/25/10/18/0713233/should-scientists-be-allowed-to-edit-genes-of-wild-animals-top-conservation-groups-just-voted-yes?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"A new study published on Monday found that communications from cellphone carriers, retailers, banks, and even militaries are being broadcast unencrypted through geostationary satellites..." reports Gizmodo. "The team obtained unencrypted internet communications from U.S. military sea vessels and even communications regarding narcotics trafficking from Mexican military and law enforcement."

Researchers from the University of California, San Diego (UCSD) and the University of Maryland scanned 39 of these satellites from a rooftop in Southern California over three years. They found that roughly half of the signals they analyzed were transmitting unencrypted data, potentially exposing everything from phone calls and military logistics to a retail chain's inventory. "There is a clear mismatch between how satellite customers expect data to be secured and how it is secured in practice," the researchers wrote in their paper titled "Don't Look Up: There Are Sensitive Internal Links in the Clear on GEO Satellites...." "They assumed that no one was ever going to check and scan all these satellites and see what was out there. That was their method of security," Aaron Schulman, a UCSD professor and co-lead of the study, told Wired....

Even more surprisingly, the researchers didn't need any fancy spy gear to collect this data. Their setup used only off-the-shelf hardware, including a $185 satellite dish, a $140 roof mount with a $195 motor, and a $230 tuner card. Altogether, the system cost roughly $750 and was installed on a university building in La Jolla, San Diego.

With their simple setup, the researchers were able to collect a wide range of communication data, including phone calls, texts, in-flight Wi-Fi data from airline passengers, and signals from electric utilities. They even obtained U.S. and Mexican military and law enforcement communications, as well as ATM transactions and corporate communications... When it came to telecoms, specifically, the team collected phone numbers, calls, and texts from customers of T-Mobile, AT&T Mexico, and Telmex... It only took the team nine hours to collect the phone numbers of over 2,700 T-Mobile users, along with some of their calls and text messages.

T-Mobile told Gizmodo the lack of encryption was "a vendor's technical misconfiguration" affecting "a limited number of cell sites" and was "not network-wide... [W]e implemented nationwide Session Initiation Protocol (SIP) encryption for all customers to further protect signaling traffic as it travels between mobile handsets and the network core, including call set up, numbers dialed and text message content. We appreciate our collaboration with the security research community, whose work helps reinforce our ongoing commitment to protecting customer data and enhances security across the industry."

Indeed, the researchers write that "Each time we discovered sensitive information in our data, we went through considerable effort to determine the responsible party, establish contact, and disclose the vulnerability. In several cases, the responsible party told us that they had deployed a remedy. For the following parties, we re-scanned with their permission and were able to verify a remedy had been deployed: T-Mobile, WalMart, and KPU."

The researchers acknowledge that exposure "was limited to a relatively small number of cell towers in specific remote areas."

[ Read more of this story ]( https://mobile.slashdot.org/story/25/10/18/2032252/you-only-need-750-to-pilfer-unencrypted-data-from-satellites-researchers-say?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Long-time Slashdot reader fjo3 shares an announcement from the U.S.-based nonprofit Consumer Reports:

Protein powders still carry troubling levels of toxic heavy metals, according to a new Consumer Reports (CR) investigation. Our latest tests of 23 protein powders and ready-to-drink shakes from popular brands found that heavy metal contamination has become even more common among protein products, raising concerns that the risks are growing right alongside the industry itself. For more than two-thirds of the products we analyzed, a single serving contained more lead than CR's food safety experts say is safe to consume in a day — some by more than 10 times...

[I]n addition to the average level of lead being higher than what we found 15 years ago, there were also fewer products with undetectable amounts of it. The outliers also packed a heavier punch. Naked Nutrition's Vegan Mass Gainer powder, the product with the highest lead levels, had nearly twice as much lead per serving as the worst product we analyzed in 2010. Nearly all the plant-based products CR tested had elevated lead levels, but some were particularly concerning. Two had so much lead that CR's experts caution against using them at all... Dairy-based protein powders and shakes generally had the lowest amounts of lead, but half of the products we tested still had high enough levels of contamination that CR's experts advise against daily use...

Unlike prescription and over-the-counter drugs, the Food and Drug Administration doesn't review, approve, or test supplements like protein powders before they are sold. Federal regulations also don't generally require supplement makers to prove their products are safe, and there are no federal limits for the amount of heavy metals they can contain.

The article acknowledges that "Many of these powders are fine to have occasionally, and even those with the highest lead levels are far below the concentration needed to cause immediate harm. That said, because most people don't actually need protein supplements — nutrition experts say the average American already gets plenty — it makes sense to ask whether these products are worth the added exposure."

[ Read more of this story ]( https://science.slashdot.org/story/25/10/18/2242221/protein-powders-and-shakes-contain-high-levels-of-lead?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Repair Plan Underway to Restore Power at Ukrainian Nuclear Plant

The Associated Press reports:

Work has begun to repair the damaged power supply to Ukraine's Zaporizhzhia nuclear power plant, the head of the U.N.'s nuclear watchdog said Saturday. The repairs are hoped to end a precarious four-week outage that saw it dependent on backup generators.

Russian and Ukrainian forces established special ceasefire zones for repairs to be safely carried out, said the head of the International Atomic Energy Agency, Rafael Grossi... "Both sides engaged constructively with the IAEA to enable the complex repair plan to proceed," Grossi said in a statement...

The Zaporizhzhia plant, Europe's largest nuclear power station, has been operating on diesel back-up generators since Sept. 23 when its last remaining external power line was severed in attacks that Russia and Ukraine each blamed on the other. The plant is in an area under Russian control since early in Moscow's full-scale invasion of Ukraine and is not in service, but it needs reliable power to cool its six shutdown reactors and spent fuel, to avoid any catastrophic nuclear incidents.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/10/19/0052247/repair-plan-underway-to-restore-power-at-ukrainian-nuclear-plant?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader shared this report from Gizmodo:

It's been over a year since OpenAI cofounder Andrej Karpathy exited the company. In the time since he's been gone, he coined and popularized the term "vibe coding" to describe the practice of farming out coding projects to AI tools. But earlier this week, when he released his own open source model called nanochat, he admitted that he wrote the whole thing by hand, vibes be damned.
Nanochat, according to Karpathy, is a "minimal, from scratch, full-stack training/inference pipeline" that is designed to let anyone build a large language model with a ChatGPT-style chatbot interface in a matter of hours and for as little as $100. Karpathy said the project contains about 8,000 lines of "quite clean code," which he wrote by hand — not necessarily by choice, but because he found AI tools couldn't do what he needed.
"It's basically entirely hand-written (with tab autocomplete)," he wrote. "I tried to use claude/codex agents a few times but they just didn't work well enough at all and net unhelpful."

[ Read more of this story ]( https://developers.slashdot.org/story/25/10/19/0022237/openai-cofounder-builds-new-open-source-llm-nanochat---and-doesnt-use-vibe-coding?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

TOP10 VISITORS:

[1] 37.252.14.x point=144 web=0 up=27.0MB (34%) <--- ake (6/hr)
[2] 45.135.180.x point=239 web=0 up=20.7MB (26%) <--- yesterlink (10/hr)
[3] PetalBot point=5 web=1020 up=5.9MB (7%) <--- PetalBot
[4] Amazon point=1 web=169 up=5.8MB (7%) <--- Amazon
[5] BLEXBot point=0 web=44 up=2.5MB (3%)
[6] ChatGPT point=0 web=20 up=2.3MB (2%)
[7] TikTok point=0 web=78 up=1.8MB (2%)
[8] Google point=1 web=200 up=1.6MB (1%) <--- Google
[9] 217.114.158.x point=25 web=0 up=1.0MB (1%) <--- fox (1/hr)
[10] 81.167.26.x point=0 web=6 up=0.5MB (<1%)

TOTAL TRAFFIC: 78MB

Состоялся релиз Node.js 25.0.0, платформы для выполнения сетевых приложений на языке JavaScript. Node.js 25.0 отнесён к промежуточным веткам, сопровождение которых осуществляется в течение 7 месяцев (до июня 2026 года). В ближайшие дни будет завершена стабилизация ветки Node.js 24, которая в конце октября получит статус LTS и будет поддерживаться до апреля 2028 года. Поддержка прошлых LTS-веток Node.js 22.x и 20.x продлится до апреля 2027 и 2026 годов соответственно.

https://www.opennet.ru/opennews/art.shtml?num=64077

The Guardian reports that atmospheric carbon dioxide "soared by a record amount in 2024 to hit another high, UN data shows."
But what's more troubling is why:

Several factors contributed to the leap in CO2, including another year of unrelenting fossil fuel burning despite a pledge by the world's countries in 2023 to "transition away" from coal, oil and gas. Another factor was an upsurge in wildfires in conditions made hotter and drier by global heating. Wildfire emissions in the Americas reached historic levels in 2024, which was the hottest year yet recorded. However, scientists are concerned about a third factor: the possibility that the planet's carbon sinks are beginning to fail. About half of all CO2 emissions every year are taken back out of the atmosphere by being dissolved in the ocean or being sucked up by growing trees and plants. But the oceans are getting hotter and can therefore absorb less CO2 while on land hotter and drier conditions and more wildfires mean less plant growth...

Atmospheric concentrations of methane and nitrous oxide — the second and third most important greenhouse gases related to human activities — also rose to record levels in 2024. About 40% of methane emissions come from natural sources. But scientists are concerned that global heating is leading to more methane production in wetlands, another potential feedback loop.

Thanks to long-time Slashdot reader mspohr for sharing the article.

[ Read more of this story ]( https://news.slashdot.org/story/25/10/19/040239/new-data-shows-record-co2-levels-in-2024-are-carbon-sinks-failing?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Microsoft said in a blog post this week that "over half of cyberattacks with known motives were driven by extortion or ransomware... while attacks focused solely on espionage made up just 4%."

And Microsoft's annual digital threats report found operations expanding even more through AI, with cybercriminals "accelerating malware development and creating more realistic synthetic content, enhancing the efficiency of activities such as phishing and ransomware attacks."

[L]egacy security measures are no longer enough; we need modern defenses leveraging AI and strong collaboration across industries and governments to keep pace with the threat...

Over the past year, both attackers and defenders harnessed the power of generative AI. Threat actors are using AI to boost their attacks by automating phishing, scaling social engineering, creating synthetic media, finding vulnerabilities faster, and creating malware that can adapt itself... For defenders, AI is also proving to be a valuable tool. Microsoft, for example, uses AI to spot threats, close detection gaps, catch phishing attempts, and protect vulnerable users. As both the risks and opportunities of AI rapidly evolve, organizations must prioritize securing their AI tools and training their teams...

Amid the growing sophistication of cyber threats, one statistic stands out: more than 97% of identity attacks are password attacks. In the first half of 2025 alone, identity-based attacks surged by 32%. That means the vast majority of malicious sign-in attempts an organization might receive are via large-scale password guessing attempts. Attackers get usernames and passwords ("credentials") for these bulk attacks largely from credential leaks. However, credential leaks aren't the only place where attackers can obtain credentials. This year, we saw a surge in the use of infostealer malware by cybercriminals...
Luckily, the solution to identity compromise is simple. The implementation of phishing-resistant multifactor authentication (MFA) can stop over 99% of this type of attack even if the attacker has the correct username and password combination.

"Security is not only a technical challenge but a governance imperative..." Microsoft adds in their blog post. "Governments must build frameworks that signal credible and proportionate consequences for malicious activity that violates international rules." (The report also found that America is the #1 most-targeted country — and that many U.S. companies have outdated cyber defenses.)

But while "most of the immediate attacks organizations face today come from opportunistic criminals looking to make a profit," Microsoft writes that nation-state threats "remain a serious and persistent threat." More details from the Associated Press:

Russia, China, Iran and North Korea have sharply increased their use of artificial intelligence to deceive people online and mount cyberattacks against the United States, according to new research from Microsoft. This July, the company identified more than 200 instances of foreign adversaries using AI to create fake content online, more than double the number from July 2024 and more than ten times the number seen in 2023.

Examples of foreign espionage cited by the article:

China is continuing its broad push across industries to conduct espionage and steal sensitive data...
Iran is going after a wider range of targets than ever before, from the Middle East to North America, as part of broadening espionage operations..

"[O]utside of Ukraine, the top ten countries most affected by Russian cyber activity all belong to the North Atlantic Treaty Organization (NATO) — a 25% increase compared to last year."
North Korea remains focused on revenue generation and espionage...

There was one especially worrying finding. The report found that critical public services are often targeted, partly because their tight budgets limit their incident response capabilities, "often resulting in outdated software.... Ransomware actors in particular focus on these critical sectors because of the targets' limited options. For example, a hospital must quickly resolve its encrypted systems, or patients could die, potentially leaving no other recourse but to pay."

[ Read more of this story ]( https://it.slashdot.org/story/25/10/19/0238212/extortion-and-ransomware-drive-over-half-of-cyberattacks-sometimes-using-ai-microsoft-finds?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Microsoft does everything in its power to keep Windows users under its control," warns the Free Software Foundation in a new blog post this week.

They argue that the lack of freedom that comes with proprietary code "forces users to surrender to decisions made by Microsoft to maximize its profits and further lock users into its product ecosystem" — describing both the problem and one possible solution:

[IT management company Lansweeper] found that of the 30 million enterprise systems they manage, over 40% are incompatible with Windows 11. This is due to the hardware requirements like Treacherous Platform Module version 2.0 — a proprietary chip that uses cryptography that users can't influence or audit to restrict their control over the system.
The end of Windows 10 support is the perfect opportunity to break free from this cycle and switch to GNU/Linux operating system (GNU/Linux OS), a system that respects your freedom...

The endless, freedom-restricting cycle of planned obsolescence is not inevitable. Instead of paying Microsoft for continued updates or buying new hardware, Windows users left behind by Microsoft should install GNU/Linux. Free Software Foundation certified GNU/Linux distributions respect the user's freedom to run their computer as they wish, to study and modify its source code, and to redistribute copies. They don't require update contracts, often run faster on older hardware, and, most importantly, put you in control.

"If you're already a GNU/Linux user, you have an important role to play. Help your friends and family make the switch by sharing your knowledge, help them install a free-as-in-freedom OS. Show them what it means to have real control over their computing!"

[ Read more of this story ]( https://news.slashdot.org/story/25/10/18/036200/fsf-reminds-consumers-that-truly-free-oss-exist?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Long-time Slashdot reader Bruce66423 shared this article from the Los Angeles Times:

Scientists have increasingly observed how the rupturing of a fault during an earthquake can be even faster than the speed of another type of damaging seismic wave, theoretically generating energy on the level of a sonic boom. These shock waves — created during "supershear" earthquakes — can worsen how bad the ground shakes both side to side and up and down along an affected fault area, scientists at USC, Caltech and the University of Illinois Urbana-Champaign wrote in a recent opinion article for the journal Seismological Research Letters. Although not everyone agrees that supershear earthquakes are inherently more destructive than other types, the potential implications are massive and need to be accounted for in seismic forecasts, the scientists contend... In just the last 15 years, 14 of 39 large strike-slip earthquakes have exhibited features of supershear ruptures, the opinion article said....

In California, supershear earthquakes would be expected on the straightest of "strike-slip" faults — in which one block of earth slides past another — like the San Andreas... There are a number of communities directly on top of the San Andreas fault. Among them are Coachella, Indio, Cathedral City, Palm Springs, Desert Hot Springs, Banning, Yucaipa, Highland, San Bernardino, Wrightwood, Palmdale, Gorman, Frazier Park, San Juan Bautista, Palo Alto, Portola Valley, Woodside, San Bruno, South San Francisco, Pacifica, Daly City and Bodega Bay.

One earthquake scientist suggests building codes need to be more strict, according to the article.

But it also cites a U.S. Geological Survey research geophysicist who isn't convinced by the new opinion article. "I don't think we know yet whether supershear ruptures really are more destructive."

[ Read more of this story ]( https://news.slashdot.org/story/25/10/19/0439258/are-supershear-earthquakes-even-more-dangerous-than-we-thought?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Eleven days ago, the nonprofit entity that develops the protocol, Signal Messenger LLC, published a 5,900-word write-up describing its latest updates that bring Signal a significant step toward being fully quantum-resistant," writes Ars Technica:

The mechanism that has made this constant key evolution possible over the past decade is what protocol developers call a "double ratchet." Just as a traditional ratchet allows a gear to rotate in one direction but not in the other, the Signal ratchets allow messaging parties to create new keys based on a combination of preceding and newly agreed-upon secrets. The ratchets work in a single direction, the sending and receiving of future messages. Even if an adversary compromises a newly created secret, messages encrypted using older secrets can't be decrypted... [Signal developers describe a "ping-pong" behavior as parties take turns replacing ratchet key pairs one at a time.] Even though the ping-ponging keys are vulnerable to future quantum attacks, they are broadly believed to be secure against today's attacks from classical computers.

The Signal Protocol developers didn't want to remove them or the battle-tested code that produces them. That led to their decision to add quantum resistance by adding a third ratchet. This one uses a quantum-safe Key-Encapsulation Mechanism (KEM) to produce new secrets much like the Diffie-Hellman ratchet did before, ensuring quantum-safe, post-compromise security... The technical challenges were anything but easy. Elliptic curve keys generated in the X25519 implementation are about 32 bytes long, small enough to be added to each message without creating a burden on already constrained bandwidths or computing resources. A ML-KEM 768 key, by contrast, is 1,000 bytes. Additionally, Signal's design requires sending both an encryption key and a ciphertext, making the total size 2,272 bytes... To manage the asynchrony challenges, the developers turned to "erasure codes," a method of breaking up larger data into smaller pieces such that the original can be reconstructed using any sufficiently sized subset of chunks...

The Signal engineers have given this third ratchet the formal name: Sparse Post Quantum Ratchet, or SPQR for short. The third ratchet was designed in collaboration with PQShield, AIST, and New York University. The developers presented the erasure-code-based chunking and the high-level Triple Ratchet design at the Eurocrypt 2025 conference. Outside researchers are applauding the work. "If the normal encrypted messages we use are cats, then post-quantum ciphertexts are elephants," Matt Green, a cryptography expert at Johns Hopkins University, wrote in an interview. "So the problem here is to sneak an elephant through a tunnel designed for cats. And that's an amazing engineering achievement. But it also makes me wish we didn't have to deal with elephants."

Thanks to long-time Slashdot reader mspohr for sharing the article.

[ Read more of this story ]( https://it.slashdot.org/story/25/10/19/0546205/why-signals-post-quantum-makeover-is-an-amazing-engineering-achievement?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Официальный сайт дистрибутива Xubuntu скомпрометирован неизвестными злоумышленниками, которые на странице загрузки дистрибутива поменяли ссылки, ведущие на торренты, на файл "https://xubuntu.org/wp-content/Xubuntu-Safe-Download.zip". В итоге на странице загрузки остались только ссылки на вредоносный архив и доступные зеркала. Разработчики Xubuntu пока не прокомментировали ситуацию, но несколько часов назад удалили вредоносный архив и заблокировали доступ к разделу "xubuntu.org/download/", организовав перенаправление на главную страницу сайта.

https://www.opennet.ru/opennews/art.shtml?num=64079

An anonymous reader shared this report from Cryptonews:

Sony has taken Wall Street by surprise after its banking division, Sony Bank, filed an application with the U.S. Office of the Comptroller of the Currency (OCC) to establish a national crypto bank under its subsidiary "Connectia Trust." The move positions the Japanese tech giant to become one of the first major global corporations to issue a U.S. dollar-backed stablecoin through a federally regulated institution. The application outlines plans to issue a U.S. dollar-pegged stablecoin, maintain the reserve assets backing it, and provide digital asset custody and management services.

The filing places Sony alongside an elite list of firms, including Coinbase, Circle, Paxos, Stripe, and Ripple, currently awaiting OCC approval to operate as national digital banks. If approved, Sony would become the first major global technology company to receive a U.S. bank charter specifically tied to stablecoin issuance....

The Office of the Comptroller of the Currency "has received over 15 applications from fintech and crypto entities seeking trust charters," according to the article, calling it "a sign of renewed regulatory openness" under the office's new chief, a former blockchain executive.

Meanwhile, the United States has also "conditionally given the nod to a new cryptocurrency-focused national bank launched by California tech billionaire Palmer Luckey," reports SFGate:

To bring the bank to life, Luckey joined forces with JoeLonsdale, co-founder of Palantir and venture firm 8VC, and financial backer and fellow Palantir co-founder Peter Thiel, according to the Financial Times. Luckey conceived the idea for Erebor following the collapse of the Silicon Valley Bank in 2023, the Financial Times reported. The bank's name draws inspiration from J.R.R. Tolkien's "The Hobbit," referring to another name for the Lonely Mountain in the novel...

The OCC said it applied the "same rigorous review and standards" used in all charter applications. The ["preliminary"] approval was granted in just four months; however, compliance and security checks are expected to take several more months before the new bank can open.

"I am committed to a dynamic and diverse federal banking system," America's Comptroller of the Currency said Wednesday, "and our decision today is a first but important step in living up to that commitment."

"Permissible digital asset activities, like any other legally permissible banking activity, have a place in the federal banking system if conducted in a safe and sound manner. The OCC will continue to provide a path for innovative approaches to financial services to ensure a strong, diverse financial system that remains relevant over time."

[ Read more of this story ]( https://news.slashdot.org/story/25/10/19/1749212/sony-applies-to-establish-national-crypto-bank-issue-stablecoin-for-us-dollar?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"This is an attempt to stop Waymo cars from driving into the dead end," complains a home-made sign in San Francisco, "where they are forced to reverse and adversely affect the lives of the residents."

On an orange traffic post, the home-made sign declares "NO WAYMO - 8:00 p.m. to 8:00 a.m," with an explanation for the rest of the neighborhood. âoeWaymo comes at all hours of the night and up to 7 times per hour with flashing lights and screaming reverse sounds, waking people up and destroying the quality of life.â

SFGate reports that 1,400 people on Reddit upvoted a photo of the sign's text:

It delves into the bureaucratic mess â" multiple requests to Waymo, conversations with engineers, and 311 [municipal services] tickets, which had all apparently gone ignored â" before finally providing instructions for human drivers. âoePlease move [the cones] back after you have entered so we can continue to try to block the Waymo cars from entering and disrupting the lives of residents.â

This isnâ(TM)t the first time Waymoâ(TM)s autonomous vehicles have disrupted San Francisco residentsâ(TM) peace. Last year, a fleet of the robotaxis created another sleepless fiasco in the cityâ(TM)s SoMa neighborhood, honking at each other for hours throughout the night for two and a half weeks.

Other on Reddit shared the concern. "I live at an dead end street in Noe Valley, and these Waymos always stuck there," another commenter posted. "It's been bad for more than a year," agreed another comment. "People on the Internet think you're just a hater but it's a real issue with Waymos."

On Thursday "the sign remained at the corner of Lake Street and Second Avenue," notes SFGate. And yet "something appeared to have shifted. "Waymo vehicles werenâ(TM)t allowing drop-offs or pickups on the street, though whether this was due to the home-printed plea, the cone blockage, or simply updating routes remains unclear."

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/19/1914248/desperate-to-stop-waymos-dead-end-detours-a-san-francisco-resident-tried-an-orange-cone-with-a-sign?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Slashdot reader BrianFagioli writes: GIMP has officially launched its own Snap package for Linux, finally taking over from the community-maintained Snapcrafters project. The move means all future GIMP releases will now be built directly from the team's CI pipeline, ensuring faster, more consistent updates across distributions. The developers also introduced a new "gimp-plugins" interface to support external plugins while maintaining Snap's security confinement, with GMIC and OpenVINO already supported. This marks another major step in GIMP's cross-platform packaging efforts, joining Flatpak and MSIX distribution options. The first officially maintained version, Version 3.0.6GIMP 3.0.6, is available now on the "latest/stable" Snap channel, with preview builds rolling out for testers.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/19/1954240/gimp-now-offers-an-official-snap-package-for-linux-users?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Cory Doctorow has always warned that companies "enshittify" their services — shifting "as much as they can from users, workers, suppliers, and business customers to themselves." But this week Doctorow writes in Communications of the ACM that enshittification "would be much, much worse if not for tech workers," who have "the power to tell their bosses to go to hell..."

When your skills are in such high demand that you can quit your job, walk across the street, and get a better one later that same day, your boss has a real incentive to make you feel like you are their social equal, empowered to say and do whatever feels technically right... The per-worker revenue for successful tech companies is unfathomable — tens or even hundreds of times their wages and stock compensation packages.

"No wonder tech bosses are so excited about AI coding tools," Doctorow adds, "which promise to turn skilled programmers from creative problem-solvers to mere code reviewers for AI as it produces tech debt at scale. Code reviewers never tell their bosses to go to hell, and they are a lot easier to replace."

So how should tech workers respond in a world where tech workers are now "as disposable as Amazon warehouse workers and drivers...?"

Throughout the entire history of human civilization, there has only ever been one way to guarantee fair wages and decent conditions for workers: unions. Even non-union workers benefit from unions, because strong unions are the force that causes labor protection laws to be passed, which protect all workers. Tech workers have historically been monumentally uninterested in unionization, and it's not hard to see why. Why go to all those meetings and pay those dues when you could tell your boss to go to hell on Tuesday and have a new job by Wednesday? That's not the case anymore. It will likely never be the case again.

Interest in tech unions is at an all-time high. Groups such as Tech Solidarity and the Tech Workers Coalition are doing a land-office business, and copies of Ethan Marcotte's You Deserve a Tech Union are flying off the shelves. Now is the time to get organized. Your boss has made it clear how you'd be treated if they had their way. They're about to get it.

Thanks to long-time Slashdot reader theodp for sharing the article.

[ Read more of this story ]( https://it.slashdot.org/story/25/10/19/2146235/to-fight-business-enshittification-cory-doctorow-urges-tech-workers-join-unions?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"My boss thinks AI will solve every problem and is wildly enthusiastic about it," complains a mid-level worker at a Fortune 500 company, who considers the technology "unproven and wildly erratic."

So how should they navigate the next 10 years until retirement, they ask the Washington Post's "Work Advice" columnist. The columnist first notes that "Despite promises that AI will eliminate tedious, 'low-value' tasks from our workload, many consumers and companies seem to be using it primarily as a cheap shortcut to avoid hiring professional actors, writers or artists — whose work, in some cases, was stolen to train the tools usurping them..."

Kevin Cantera, a reader from Las Cruces, New Mexico [a writer for an education-tech compay], willingly embraced AI for work. But as it turns out, he was training his replacement... Even without the "AI will take our jobs" specter, there's much to be wary of in the AI hype. Faster isn't always better. Parroting and predicting linguistic patterns isn't the same as creativity and innovation... There are concerns about hallucinations, faulty data models, and intentional misuse for purposes of deception. And that's not even addressing the environmental impact of all the power- and water-hogging data centers needed to support this innovation.

And yet, it seems, resistance may be futile. The AI genie is out of the bottle and granting wishes. And at the rate it's evolving, you won't have 10 years to weigh the merits and get comfortable with it. Even if you move on to another workplace, odds are AI will show up there before long. Speaking as one grumpy old Luddite to another, it might be time to get a little curious about this technology just so you can separate helpfulness from hype.

It might help to think of AI as just another software tool that you have to get familiar with to do your job. Learn what it's good for — and what it's bad at — so you can recommend guidelines for ethical and beneficial use. Learn how to word your wishes to get accurate results. Become the "human in the loop" managing the virtual intern. You can test the bathwater without drinking it. Focus on the little ways AI can accommodate and support you and your colleagues. Maybe it could handle small tasks in your workflow that you wish you could hand off to an assistant. Automated transcriptions and meeting notes could be a life-changer for a colleague with auditory processing issues.
I can't guarantee that dabbling in AI will protect your job. But refusing to engage definitely won't help. And if you decide it's time to change jobs, having some extra AI knowledge and experience under your belt will make you a more attractive candidate, even if you never end up having to use it.

[ Read more of this story ]( https://it.slashdot.org/story/25/10/19/2318202/should-workers-start-learning-to-work-with-ai?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

On Cloudflare's blog, a senior research engineer shares a plan for "improving the trustworthiness of JavaScript on the web."

"It is as true today as it was in 2011 that Javascript cryptography is Considered Harmful."

The main problem is code distribution. Consider an end-to-end-encrypted messaging web application. The application generates cryptographic keys in the client's browser that lets users view and send end-to-end encrypted messages to each other. If the application is compromised, what would stop the malicious actor from simply modifying their Javascript to exfiltrate messages? It is interesting to note that smartphone apps don't have this issue. This is because app stores do a lot of heavy lifting to provide security for the app ecosystem. Specifically, they provide integrity, ensuring that apps being delivered are not tampered with, consistency, ensuring all users get the same app, and transparency, ensuring that the record of versions of an app is truthful and publicly visible.

It would be nice if we could get these properties for our end-to-end encrypted web application, and the web as a whole, without requiring a single central authority like an app store.
Further, such a system would benefit all in-browser uses of cryptography, not just end-to-end-encrypted apps. For example, many web-based confidential LLMs, cryptocurrency wallets, and voting systems use in-browser Javascript cryptography for the last step of their verification chains. In this post, we will provide an early look at such a system, called Web Application Integrity, Consistency, and Transparency (WAICT) that we have helped author. WAICT is a W3C-backed effort among browser vendors, cloud providers, and encrypted communication developers to bring stronger security guarantees to the entire web... We hope to build even wider consensus on the solution design in the near future....

We would like to have a way of enforcing integrity on an entire site, i.e., every asset under a domain. For this, WAICT defines an integrity manifest, a configuration file that websites can provide to clients. One important item in the manifest is the asset hashes dictionary, mapping a hash belonging to an asset that the browser might load from that domain, to the path of that asset.

The blog post points out that the WEBCAT protocol (created by the Freedom of Press Foundation) "allows site owners to announce the identities of the developers that have signed the site's integrity manifest, i.e., have signed all the code and other assets that the site is serving to the user... We've made WAICT extensible enough to fit WEBCAT inside and benefit from the transparency components." The proposal also envisions a service storing metadata for transparency-enabled sites on the web (along with "witnesses" who verify the prefix tree holding the hashes for domain manifests).

"We are still very early in the standardization process," with hopes to soon "begin standardizing the integrity manifest format. And then after that we can start standardizing all the other features. We intend to work on this specification hand-in-hand with browsers and the IETF, and we hope to have some exciting betas soon. In the meantime, you can follow along with our transparency specification draft,/A>, check out the open problems, and share your ideas."

[ Read more of this story ]( https://developers.slashdot.org/story/25/10/20/005250/a-plan-for-improving-javascripts-trustworthiness-on-the-web?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Readers in 2025 "may struggle to remember the optimism of the aughts, when the internet seemed to offer endless possibilities for virtual art and writing that was free..." argues a new review at Bookforum. "The content we do create online, if we still create, often feels unreflectively automatic: predictable quote-tweet dunks, prefabricated poses on Instagram, TikTok dances that hit their beats like clockwork, to say nothing of what's literally thoughtlessly churned out by LLM-powered bots."

They write that author Joanna Walsh "wants us to remember how truly creative, and human, the internet once was," in the golden age of user-generated content — and funny cat picture sites like I Can Has Cheezburger:

I Can Has Cheezburger... was an amateur project, an outlet for tech professionals who wanted an easier way to exchange cute cat pics after a hard day at work. In Amateurs!: How We Built Internet Culture and Why It Matters, Walsh documents how unpaid creative labor is the basis for almost everything that's good (and much that's bad) online, including the open-source code Linux, developed by Linus Torvalds when he was still in school ("just as a hobby, won't be big and professional"), and even, in Walsh's account, the World Wide Web itself. The platforms that emerged in the 2000s as "Web 2.0," including Facebook, YouTube, Reddit, and Twitter, allowed anyone to experiment in a space that had been reserved for coders and hackers, making the internet interactive even for the inexpert and virtually unlimited in potential audience. The explosion in amateur creativity that followed took many forms, from memes to tweeted one-liners to diaristic blogs to durational digital performances to sloppy Photoshops to the formal and informal taxonomic structures — wikis, neologisms, digitally native dialects...

[U]ser-generated content was also, at bottom, about the bottom line, a business model sold to us under the guise of artistic empowerment. Even referring to an anonymous amateur as a "user," Walsh argues, cedes ground: these platforms are populated by producers, but their owners see us as, and turn us into, "helpless addicts." For some, online amateurism translated to professional success, a viral post earning an author a book deal, or a reputation as a top commenter leading to a staff writing job on a web publication... But for most, these days, participation in the online attention economy feels like a tax, or maybe a trickle of revenue, rather than free fun or a ticket to fame. The few remaining professionals in the arts and letters have felt pressured to supplement their full-time jobs with social media self-promotion, subscription newsletters, podcasts, and short-form video. On what was once called Twitter, users can pay, and sometimes get paid, to post with greater reach...

The chapters are bookended by an introduction on the early promise of 2004 and a coda on the defeat of 2025 and supplemented by an appendix with a straightforward timeline of the major events and publications that serve as the book's touchstones... The online spaces where amateur content creators once "created and steered online culture" have been hollowed out and replaced by slop, but what really hurts is that the slop is being produced by bots trained on precisely that amateur content.

[ Read more of this story ]( https://news.slashdot.org/story/25/10/20/0230212/was-the-web-more-creative-and-human-20-years-ago?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Windows Recovery Environment (RE), as the name suggests, is a built-in set of tools inside Windows that allow you to troubleshoot your computer, including booting into the BIOS, or starting the computer in safe mode," writes Tom's Hardware.

"It's a crucial piece of software that has now, unfortunately, been rendered useless (for many) as part of the latest Windows update."

A new bug discovered in Windows 11's October build, KB5066835, makes it so that your USB keyboard and mouse stop working entirely, so you cannot interact with the recovery UI at all.

This problem has already been recognized and highlighted by Microsoft, who clarified that a fix is on its way to address this issue. Any plugged-in peripherals will continue to work just fine inside the actual operating system, but as soon as you go into Windows RE, your USB keyboard and mouse will become unresponsive. It's important to note that if your PC fails to start-up for any reason, it defaults to the recovery environment to, you know, recover and diagnose any issues that might've been preventing it from booting normally.

Note that those hanging onto old PS/2-connector equipped keyboards and mice seem to be unaffected by this latest Windows software gaffe.

[ Read more of this story ]( https://it.slashdot.org/story/25/10/20/0247259/windows-11-update-breaks-recovery-environment-making-usb-keyboards-and-mice-unusable?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Mon, 20 Oct 2025 05:21:19 GMT
Канал: Все статьи подряд / Системное программирование / Хабр

Всем привет!Пишу этот пост, чтобы поделиться своим опытом и получить критику или советы от людей с большим опытом.Мне 22 года, я из Латвии. По образованию я судовой механик, но уже около 4 лет увлекаюсь программированием. Долгое время это оставалось хобби: пробовал сайты, простые игры — но они не приносили настоящего удовольствия. Я считал, что в программировании нужно было разбираться ещё со школы, и долго не верил, что могу найти себя в этой сфере.Переломный момент наступил, когда я заинтересовался системным программированием. Каждый раз, когда узнаю, как работает низкоуровневая часть ОС, у меня будто открывается новый мир. Особенно зацепила тема процессорного планирования: все говорят «железо, CPU, видеокарта», но на практике даже реализация планировщика процессов может заметно влиять на производительность. Читать далее]]>

https://habr.com/ru/articles/958104/

Компания Аскон, занимающаяся разработкой САПР с 1989 года, объявила о проведении открытого бета-тестирования версии системы автоматизированного проектирования КОМПАС-3D для платформы Linux. Продукт предназначен для двухмерного и трёхмерного проектирования деталей, механизмов и конструкций, применяемых в машиностроении, приборостроении и строительстве. Поддерживается параметрическое моделирование и режимы объектного, листового, поверхностного и твердотельного проектирования.

https://www.opennet.ru/opennews/art.shtml?num=64078

TOP10 VISITORS:

[1] ChatGPT point=2 web=457 up=46.1MB (39%) <--- ChatGPT
[2] 37.252.14.x point=144 web=0 up=27.0MB (22%) <--- ake (6/hr)
[3] 45.135.180.x point=240 web=0 up=20.8MB (17%) <--- yesterlink (10/hr)
[4] PetalBot point=2 web=1024 up=6.0MB (5%) <--- PetalBot
[5] Amazon point=0 web=183 up=5.4MB (4%)
[6] TikTok point=1 web=49 up=1.0MB (<1%) <--- TikTok
[7] 217.114.158.x point=25 web=0 up=1.0MB (<1%) <--- fox (1/hr)
[8] 54.39.6.x point=0 web=73 up=0.5MB (<1%)
[9] 148.113.130.x point=0 web=78 up=0.5MB (<1%)
[10] 142.44.228.x point=0 web=74 up=0.5MB (<1%)

TOTAL TRAFFIC: 117MB

"The gig economy is facing a reckoning," argues Business Insider's BI Today newsletter."

Two stories this past week caught my eye. Uber unveiled a new way for its drivers to earn money. No, not by giving rides, but by helping train the ride-sharing company's AI models instead. On the same day, Waymo announced a partnership with DoorDash to test driverless grocery and meal deliveries.

Both moves point toward the same future: one where the very workers who built the gig economy may soon find themselves training the technology that replaces them.

Uber's new program allows drivers to earn cash by completing microtasks, such as taking photos and uploading audio clips, that aim to improve the company's AI systems. For drivers, it's a way to diversify income. For Uber, it's a way to accelerate its automated future. There's an irony here. By helping Uber strengthen its AI, drivers could be accelerating the very driverless world they fear... Uber already offers autonomous rides in Waymo vehicles in Atlanta and Austin, and plans to expand. Meanwhile, Waymo is rolling out its pilot partnership with DoorDash [for driverless grocery/meal deliveries] starting in Phoenix.

[ Read more of this story ]( https://slashdot.org/story/25/10/20/0616223/the-ai-revolutions-next-casualty-could-be-the-gig-economy?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Mon, 20 Oct 2025 09:51:22 GMT
Канал: Все статьи подряд / Программирование микроконтроллеров / Хабр

Этот проект представляет собой систему GPS-позиционирования и отслеживания для домашних животных от G-NiceRF, объединяющую VHF-связь и самоорганизующуюся MESH-сеть, обеспечивающую удалённое позиционирование, ретрансляцию данных и взаимодействие с приложением. Система разделяет устройства на облегчённые низкопотребляющие трекеры для животных и более мощные базовые станции с большим радиочастотным потенциалом, вычислительными и энергетическими возможностями, что делает ношение устройства животным лёгким и энергоэффективным, а покрытие и функции обеспечиваются базовыми станциями и ретрансляторами. В системе используются модуль определения местоположения GPS01, высокоскоростной RF-модем SV6500PRO, RF-модем SV610Pro и маячковый модуль Beacon600, что делает её подходящей для повседневного надзора и наружного отслеживания. Читать далее]]>

https://habr.com/ru/articles/958224/

Вице-президент Google, курирующий проект Privacy Sandbox, объявил о сворачивании разработки и исключении из Chrome и Android части технологий, развиваемых для достижения компромисса между потребностью пользователей сохранить конфиденциальность и желанием рекламных сетей и сайтов отслеживать предпочтения посетителей. Большинство API, разработанных проектом Privacy Sandboх, предназначались для использования вместо сторонних Cookie, поддержку которых планировали прекратить в Chrome.

https://www.opennet.ru/opennews/art.shtml?num=64080

Опубликовано: Mon, 20 Oct 2025 11:24:19 GMT
Канал: Все статьи подряд / Робототехника / Хабр

Можно ли научить машину не просто распознавать эмоции, а действительно чувствовать? Что вообще значит “эмоция” для нейронной сети, у которой нет тела, боли и страха? В статье разбираюсь, как инженеры, программисты и философы одновременно пытаются встроить человечность в код, что из этого выходит на практике, и почему всё это не только про технологии, но и про нас самих. Читать далее]]>

https://habr.com/ru/articles/958284/

Опубликован первый отдельный выпуск браузероного движка Servo, написанного на языке Rust. До сих пор проектом формировались только ночные сборки. В примечании к выпуску отмечено только то, что по функциональности он аналогичен ночной сборке от 19 октября, для которой проведено дополнительное ручное тестирование. Выпуск также ознаменовал начало формирования сборок для систем Apple с macOS на базе процессоров с архитектурой ARM. Готовые сборки предоставлены для Linux, Android, macOS и Windows.

https://www.opennet.ru/opennews/art.shtml?num=64083

A recent article in Noema magazines explores the issues in "editing nature to fix our failures."

"It turns out playing God is neither difficult nor expensive," the article points out. "For about $2,000, I can go online and order a decent microscope, a precision injection rig, and a vial of enough CRISPR-Cas9 — an enzyme-based genome-editing tool — to genetically edit a few thousand fish embryos..." So when going beyond the kept-in-captivity Dire Wolf to the possibility of bringing back forests of the American chestnut tree, "The process is deceptively simple; the implications are anything but..."

If scientists could use CRISPR to engineer a more heat-tolerant coral, it would give coral a better chance of surviving a marine environment made warmer by climate change. It would also keep the human industries that rely on reefs afloat. But should we edit nature to fix our failures? And if we do, is it still natural...? Evolution is not keeping pace with climate change, so it is up to us to give it an assist [according to Christopher Preston, an environmental philosopher from the University of Montana, who wrote a book on CRISPR called "Ma href="https://mitpress.mit.edu/9780262537094/the-synthetic-age/">The Synthetic Age."] In some cases, the urgency is so great that we may not have time to waste. "There's no doubt there are times when you have to act," Preston continued. "Corals are a case where the benefits of reefs are just so enormous that keeping some alive, even if they're genetically altered, makes the risks worth it."

Kate Quigley, a molecular ecologist and a principal research scientist at Australia's Minderoo Foundation, says "Engineering the ocean, or the atmosphere, or coral is not something to be taken lightly. Science is incredible. But that doesn't mean we know everything and what the unintended consequences might be." Phillip Cleves, a principal investigator at the Carnegie Institute for Science's embryology department, is already researching whether coral could be bioengineered to be more tolerant to heat.

But both of them have concerns:
For all the research Quigley and Cleves have dedicated to climate-proofing coral, neither wants to see the results of their work move from experimentation in the lab to actual use in the open ocean. Needing to do so would represent an even greater failure by humankind to protect the environment that we already have. And while genetic editing and selective breeding offer concrete solutions for helping some organisms adapt, they will never be powerful enough to replace everything lost to rising water temperatures. "I will try to prepare for it, but the most important thing we can do to save coral is take strong action on climate change," Quigley told me. "We could pour billions and billions of dollars — in fact, we already have — into restoration, and even if, by some miracle, we manage to recreate the reef, there'd be other ecosystems that would need the same thing. So why can't we just get at the root issue?"

And then there's the blue-green algae dilemma:

George Church, the Harvard Medical School professor of genetics behind Colossal's dire wolf project, was part of a team that successfully used CRISPR to change the genome of blue-green algae so that it could absorb up to 20% more carbon dioxide via photosynthesis. Silicon Valley tech incubator Y Combinator seized on the advance to call for scaled-up proposals, estimating that seeding less than 1% of the ocean's surface with genetically engineered phytoplankton would sequester approximately 47 gigatons of CO2 a year, more than enough to reverse all of last year's worldwide emissions.

But moving from deploying CRISPR for species protection to providing a planetary service flips the ethical calculus. Restoring a chestnut forest or a coral reef preserves nature, or at least something close to it. Genetically manipulating phytoplankton and plants to clean up after our mistakes raises the risk of a moral hazard. Do we have the right to rewrite nature so we can perpetuate our nature-killing ways?

[ Read more of this story ]( https://science.slashdot.org/story/25/10/20/0514246/should-we-edit-nature-to-help-it-survive-climate-change?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

AWS experienced a three-hour outage early Monday morning that disrupted thousands of websites and applications across the globe. The cloud computing provider reported DNS problems with DynamoDB in its US-EAST-1 region in northern Virginia starting at 12:11 a.m. Pacific time. Over 4 million users reported issues, according to Downdetector. Snapchat saw reports spike from more than 22,000 to around 4,000 as systems recovered. Roblox dropped from over 12,600 complaints to fewer than 500. Reddit and the financial platform Chime remained affected longer. Perplexity, Coinbase and Robinhood attributed their platform disruptions directly to AWS.

Gaming platforms including Fortnite, Clash Royale and Clash of Clans went offline. Signal confirmed the messaging app was down. In Britain, Lloyd Bank, Bank of Scotland, Vodafone, BT, and the HMRC website faced problems. United Airlines reported disrupted access to its app and website overnight. Some internal systems were temporarily affected. Delta experienced a small number of minor flight delays. By 3:35 a.m. Pacific time, AWS said the issue had been fully mitigated. Most service operations were succeeding normally though some requests faced throttling during final resolution. AWS holds roughly one-third of the cloud infrastructure market ahead of Microsoft and Google.

[ Read more of this story ]( https://tech.slashdot.org/story/25/10/20/140248/aws-outage-takes-thousands-of-websites-offline-for-three-hours?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.