A new Nature Climate Change study suggests airborne microplastics -- especially darker and colored particles -- are likely contributing to atmospheric warming by absorbing more heat than they reflect. Researchers estimate the effect could be roughly one-sixth that of black carbon, though outside experts say the uncertainties remain large and more study is needed before drawing firm policy conclusions. "We can say with confidence that overall they are warming agents," said Drew Shindell, a Duke University earth science professor and co-author of the study. "To me, that's the big advance." The Washington Post reports: To undertake their study, a group led by researchers at Fudan University in China examined how different colors and sizes of microplastics interact with light across the spectrum, while combining that information with simulations of how particles get dispersed in the air across the planet. "Black, yellow, blue and red [particles] absorb sunlight much more strongly than the white particles," Yu Liu, a Fudan professor and study co-author, said in a call with reporters. In fact, the study details how black and colored particles showed "absorption levels nearly 75 times higher than pristine, non-pigmented plastics." The scientists also found that different sizes of particles absorb light at different intensities -- and that how they absorb light can change as they age.

The authors estimate that microplastics suspended in the atmosphere could be contributing to global warming at about one-sixth the amount of black carbon, also known as soot, a pollutant generated largely from burning fossil fuels. If the latest estimates are right, Shindell said, microplastics might not be an enormous source of atmospheric warming, compared with massive contributors such as cars and trucks, belching industrial plants or even burping cows. "But not a trivial one, either," he said.

By his calculation, the effect of one year's microplastic emissions globally is approximately equivalent to 200 coal-fired power plants running for that year. But that rough estimate does not factor the longer-term repercussions of microplastics decaying and persisting in the environment for decades to come. Whatever the exact impact, the topic deserves further study, the authors say, because current climate modeling does not account for any additional warming that these tiny particles might be causing.

[ Read more of this story ]( https://news.slashdot.org/story/26/05/05/0341243/how-microplastics-are-likely-helping-to-heat-up-the-planet?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В пакетных менеджерах Nix и Lix выявлена уязвимость, позволяющая выполнить код с правами фонового процесса, который в NixOS и многопользовательских установках выполняется под пользователем root. Проблема (CVE не присвоен) проявляется в фоновом процессе nix-daemon, применяемом для организации доступа непривилегированных пользователей к сборочным операциям и хранилищу пакетов.

https://www.opennet.ru/opennews/art.shtml?num=65364

Опубликовано: Tue, 05 May 2026 11:16:11 GMT
Канал: Все статьи подряд / Системное программирование / Хабр

Разбор минимального пользовательского Task для C++20 coroutines: выбор promise_type для void и value-результата, политики initial_suspend(), хранение coroutine_handle, final_suspend(), сохранение результата и исключения, а также границы текущей реализации. Читать дале]]>

https://habr.com/ru/articles/1031644/

An anonymous reader quotes a report from Ars Technica, written by Andrew Cunningham: As its name implies, the venerable Notepad++ text editor began as a more capable version of the classic Windows Notepad, with features such as line numbering and syntax highlighting. It was created in 2003 by Don Ho, who continues to be its primary author and maintainer, and it has been a Windows-exclusive app throughout its existence (older Notepad++ versions support OSes as old as Windows 95; the current version officially supports everything going back to Windows 7). I'm not a devoted user of the app, but I was aware of its history, which is why I was surprised to see news of a "Notepad++ for Mac" port making the rounds last week, as though it were a port of the original available from the Notepad++ website.

Apparently, this news surprised Ho as well, who claims that the Mac version and its author, Andrey Letov, are "using the Notepad++ trademark (the name) without permission." "This is misleading, inappropriate, and frankly disrespectful to both the project and its users," Ho wrote. "It has already fooled people -- including tech media -- into believing this is an official release. To be crystal clear: Notepad++ has never released a macOS version. Anyone claiming otherwise is simply riding on the Notepad++ name." Ho repeatedly asked the developer to stop using the brand and eventually reported the trademark use to Cloudflare, the CDN of the Notepad++ for Mac site. "Every day that website remains active, you are in further violation of the law," Ho wrote. "I cannot authorize a 'week or two' of continued trademark infringement."

Letov has since begun rebranding the app as "NextPad++," though the old branding and URL reportedly remained available. The name changes is "an homage to NeXT Computer," notes Ars, "and uses a frog icon rather than the Notepad++ lizard."

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/04/232252/notepad-for-mac-release-is-disavowed-by-the-creator-of-the-original?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Проект Apache HTTP Server выпустил корректирующий релиз httpd 2.4.67, в котором устранена уязвимость CVE-2026-23918 в реализации HTTP/2. Проблема получила уровень важности important и связана с ошибкой класса double free при обработке сценария раннего сброса соединения в HTTP/2. В неблагоприятных условиях ошибка может привести не только к аварийному завершению рабочего процесса, но и к потенциальному удалённому выполнению кода.

Согласно описанию Apache, уязвимость затрагивает Apache HTTP Server 2.4.66. Пользователям этой версии рекомендуется обновиться до 2.4.67, где проблема исправлена. В качестве обнаруживших уязвимость указаны Bartlomiej Dmitruk из striga.ai и Stanislaw Strzalkowski из isec.pl.

В changelog релиза также отмечено обновление mod_http2 до версии 2.0.37, где предотвращён повторный purge потока, приводивший к double free, а затем до 2.0.38 и 2.0.39. Помимо CVE-2026-23918, выпуск закрывает ряд других проблем безопасности в mod_proxy_ajp, mod_auth_digest, mod_authn_socache, mod_md, mod_rewrite и других компонентах.

Релиз Apache httpd 2.4.67 опубликован 4 мая 2026 года и объявлен текущей рекомендуемой версией стабильной ветки 2.4.x. Для администраторов, использующих Apache с включённым HTTP/2, обновление стоит рассматривать как приоритетное, особенно если в эксплуатации уже находится 2.4.66.

https://www.linux.org.ru/news/security/18284326

Longtime Slashdot reader UnknowingFool writes: On April 15, 2026, a Microsoft employee made a change to Visual Studio Code and pushed it within 8 hours without review, notification, or documentation. The change added "Co-authored-by: Copilot" by default to the end of commit messages in Git when Copilot was used in creating the code. However, the implementation was bugged, and the message was added to every commit regardless if Copilot was used or disabled. Since this message was automatically added to the end of commit messages, users were not aware of it as the UI does not show this addition when making commits. The change as been reverted as of May 3, but not before 1.4 million commits were made. Unfortunately, those messages cannot be cleansed and are permanent.

[ Read more of this story ]( https://slashdot.org/story/26/05/05/0335220/vs-code-update-added-copilot-as-default-co-author-to-git-commits?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В пакетных менеджерах [ Nix (github.com) ]( https://github.com/NixOS/nix ) и [ Lix (lix.systems) ]( https://lix.systems/ ) выявлена [ уязвимость ]( https://discourse.nixos.org/t/security-advisory-local-privilege-escalation-in-lix-and-nix/77407 ) , позволяющая выполнить код с правами фонового процесса, который в NixOS и многопользовательских установках выполняется под пользователем root. Проблема (CVE не присвоен) проявляется в фоновом процессе [ nix-daemon ]( https://nix.dev/manual/nix/2.26/command-ref/new-cli/nix3-daemon ) , применяемом для организации доступа непривилегированных пользователей к сборочным операциям и хранилищу пакетов.

( [ читать дальше... ]( https://www.linux.org.ru/news/security/18284382#cut ) )

The Academy has clarified that only human-performed acting and human-authored writing are eligible for Oscar nominations. The Oscars will not ban AI tools broadly, but says it will judge films based on the degree to which humans remain central to the creative work. The BBC reports: The Academy of Motion Picture Arts and Sciences [...], which controls the US film industry's most prestigious award, on Friday issued updated rules for what kind of work in movies and documentaries would be considered eligible for an Oscar as the use of artificial intelligence (AI) technology grows. In updated eligibility requirements, the Academy specified that only acting "demonstrably performed by humans" and that writing "must be human-authored" in order to be nominated for an award. The Academy called the requirements a "substantive" change to the rules for the Oscars.

The need to specify awards can only go to acting and writing done by "humans" is new for the academy. [...] However, the academy did not issue a ban on AI use in films more broadly. Outside of acting and writing, if a filmmaker used AI tools in their work, such "tools neither help nor harm the chances of achieving a nomination," the academy wrote. "The Academy and each branch will judge the achievement, taking into account the degree to which a human was at the heart of the creative authorship when choosing which movie to award," the group added. "If questions arise regarding the aforementioned use of generative artificial intelligence, the Academy reserves the right to request more information about the nature of the use and human authorship."

[ Read more of this story ]( https://entertainment.slashdot.org/story/26/05/05/045215/oscars-bans-ai-actors-and-writing-from-awards?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован выпуск Unix-подобной операционной системы ToaruOS 2.3, написанной с нуля и поставляемой со своим ядром, загрузчиком, стандартной Си-библиотекой, пакетным менеджером, компонентами пространства пользователя и графическим интерфейсом с композитным оконным менеджером. Изначально проект развивался в Иллинойсском университете как исследовательская работа в области создания новых композитных графических интерфейсов, но затем трансформировался в отдельную операционную систему. Код проекта написан на языке Си и распространяется под лицензией BSD. Для загрузки подготовлен live-образ, размером 7.4 МБ, который можно протестировать в QEMU, VMware или VirtualBox.

https://www.opennet.ru/opennews/art.shtml?num=65367

An anonymous reader quotes a report from TechCrunch: A severe security vulnerability affecting almost every version of the Linux operating system has caught defenders off-guard and scrambling to patch after security researchers publicly released exploit code that allows attackers to take complete control of vulnerable systems. The U.S. government says the bug, dubbed "CopyFail," is now being exploited in the wild, meaning it's being actively used in malicious hacking campaigns. [...] Given the risk to the federal enterprise network, U.S. cybersecurity agency CISA has ordered all civilian federal agencies to patch any affected systems by May 15.

[ Read more of this story ]( https://linux.slashdot.org/story/26/05/05/1535209/us-government-warns-of-severe-copyfail-bug-affecting-major-versions-of-linux?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Разработчики языка программирования PHP направили в организацию OSI (Open Source Initiative) уведомление о добровольном выводе из обращения лицензии PHP License 3.01. Заявлено, что после нескольких лет работы код инструментария PHP полностью переведён на лицензию BSD-3 и в проекте больше не осталось кода под старой лицензией PHP License 3.01. Текст новой версии лицензии PHP License заменён на копию лицензии BSD-3.

https://www.opennet.ru/opennews/art.shtml?num=65372

Состоялся релиз Node.js 26.0.0, платформы для выполнения сетевых приложений на языке JavaScript. Node.js 26.0 отнесён к веткам с длительным сроком поддержки, но данный статус будет присвоен только в октябре, после проведения стабилизации. Поддержка Node.js 26.x будет осуществляться до мая 2029 года. Сопровождение прошлой LTS-ветки Node.js 24.x будет осуществляться до 30 апреля 2028 года, а позапрошлой 22.x - до 30 апреля 2027 года. Сопровождение LTS-ветки 20.x прекращено 30 апреля 2026 года, а промежуточной ветки Node.js 25.x будет прекращено 1 июня 2026 года.

https://www.opennet.ru/opennews/art.shtml?num=65374

A new Internet Matters survey suggests the UK's Online Safety Act age checks are easy for many children to bypass. Reported workarounds include fake birthdays, borrowed IDs, video game characters, and even drawing on a fake mustache. The Register reports: The group surveyed over 1,000 UK children and their parents, and while it did report some positive effects from changes made under the OSA, many children saw age verification as an easy-to-bypass hurdle rather than something that kept them genuinely safe. A full 46 percent of children even said that age checks were easy to bypass, while just 17 percent said that they were difficult to fool. The methods kids use to fool age gates vary, but most are pretty simple: There's the classic use of a video game character to fool video selfie systems, while in other instances, children reported just entering a fake birthday or using someone else's ID card when that was required.

The report even cites cases of children drawing a mustache on their faces to fool age detection filters. Seriously. While nearly half of UK kids say it's easy to bypass online age checks (and another 17 percent say it's neither hard nor easy), only 32 percent say they've actually bypassed them, according to Internet Matters. Like scoring some booze from "cool" parents, keeping age-gated content out of the hands of kids under the OSA is only as effective as parents let it be, and a quarter of them enable their kids' online delinquency. More specifically, Internet Matters found that a full 17 percent of parents admitted to actively helping their kids evade age checks, while an additional 9 percent simply turned a blind eye to it.

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/05/1540226/kids-bypass-age-verification-with-fake-moustaches?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Gartner says some VMware customers may find it cheaper to move certain Linux VM workloads to IBM mainframes than to adopt Broadcom's new VMware licensing, especially for fleets of hundreds of Linux VMs and mission-critical apps needing long-term stability. The Register reports: Speaking to The Register to discuss the analyst firm's mid-April publication, "The State of the IBM Mainframe in 2026," [Gartner Vice President Analyst Alessandro Galimberti] said some buyers in many fields are comparing mainframes to modern environments and deciding Big Blue's big iron comes out ahead. "I can build a multi-region cloud application, but things like data synchronization and high availability are things I need to build into application logic," he said. "The mainframe has that in the platform, which shields developers from complexity." He also thinks mainframes are ideally suited to workloads that need many years of transactional consistency and backward-compatibility.

That said, Galimberti doesn't recommend the mainframe for all applications. He said mission-critical applications that are unlikely to change much for a decade are best-suited to the machines, as are Linux applications because the open source OS runs on IBM's hardware. IBM also offers the z/VM hypervisor, which he says can make Linux "even better and more enterprise-ready." Which is why Galimberti thinks IBM's ecosystem is attractive to VMware users, especially those who operate a fleet of 500 to 700 Linux VMs. [...]

Committing to mainframes therefore means planning "to spend time negotiating price and renewal protections, rather than prioritizing the business value these solutions can deliver." Another downside is that mainframes pose clear lock-in risk, so users may hold back on useful customizations out of fear they make it harder to extricate themselves from the platform. Access to skills remains an issue, too, as kids these days mostly don't contemplate a career working with big iron. Galimberti sees more service providers investing in their mainframe programs, which might help. So does the availability of Linux.

[ Read more of this story ]( https://linux.slashdot.org/story/26/05/05/189237/moving-to-mainframe-can-be-cheaper-than-sticking-with-vmware?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Wired: Employees at Google DeepMind in London have voted to unionize as part of a bid to block the AI lab from providing its technology to the US and Israeli militaries. In a letter addressed to Google's managing director for the UK and Ireland, Debbie Weinstein, the workers asked the company to recognize the Communication Workers Union and Unite the Union as joint representatives for DeepMind employees. "Fundamentally, the push for unionization is about holding Google to its own ethical standards on AI, how they monetize it, what the products do, and who they work with," John Chadfield, national officer for technology at the CWU, tells WIRED. "Through the process of unionization, workers are collectively in a much stronger place to put [demands] to an increasingly deaf management."

[...] The DeepMind employee tells WIRED that if the staff succeeds in unionizing in the UK, they will likely demand that Google pulls out of its long-standing contract with the Israeli military, and seek greater transparency over how its AI products will be used, and some sort of assurance relating to layoffs made possible by automation. If Google does not engage, the letter states, the employees will ask an arbitration committee to compel the company to recognize the unions. Since the turn of the year, both Anthropic and OpenAI have announced large-scale expansions of their operations in London. CWU hopes the unionization effort at DeepMind will spur workers at those labs into similar action. "These conversations are happening," claims Chadfield. "The workers at other frontier labs have seen what Google DeepMind workers have done. They've come to us asking for help as well." The unionization push began in February 2025 after Alphabet removed a pledge from its AI ethics guidelines that had barred uses such as weapons development and surveillance. "A lot of people here bought into the Google DeepMind tagline 'to build AI responsibly to benefit humanity,'" the DeepMind employee told WIRED. "The direction of travel is to further militarization of the AI models we're building here."

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/05/1817252/google-deepmind-workers-vote-to-unionize-over-military-ai-deals?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Coinbase is laying off about 700 workers, or 14% of its workforce, as CEO Brian Armstrong says the company is restructuring to become "lean, fast, and AI-native." Engadget reports: Armstrong claimed he'd seen engineers "use AI to ship in days what used to take a team weeks" and that non-technical teams in the company are "shipping production code," while Coinbase is automating many of its workflows. "All of this has led us to an inflection point, not just for Coinbase, but for every company," Armstrong wrote. "The biggest risk now is not taking action. We are adjusting early and deliberately to rebuild Coinbase to be lean, fast and AI-native. We need to return to the speed and focus of our startup founding, with AI at our core."

An AI-driven restructuring is only one half of the equation for Coinbase, though. Armstrong wrote that while the company "is well-capitalized, has diversified revenue streams and is well-positioned to weather any storm," the crypto market is down. As such, Coinbase is attempting to become leaner and faster ahead of the next crypto cycle. The company is eliminating some management layers and organizing the business around "AI-native talent who can manage fleets of agents to drive outsized impact," Armstrong wrote. "We'll also be experimenting with reduced pod sizes, including 'one person teams' with engineers, designers and product managers all in one role." That sure sounds like an attempt to get workers to take on more responsibilities.

[ Read more of this story ]( https://slashdot.org/story/26/05/05/1823200/coinbase-lays-off-nearly-700-workers-in-ai-native-restructuring?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Apple has agreed to a proposed $250 million settlement over claims that it misled iPhone buyers about the availability of Apple Intelligence and its upgraded Siri features. The settlement would cover U.S. buyers of the iPhone 16 lineup and iPhone 15 Pro models between June 10, 2024, and March 29, 2025. The Verge reports: The settlement will resolve a 2025 lawsuit, alleging Apple's advertisements created a "clear and reasonable consumer expectation" that Apple Intelligence features would be available with the launch of the iPhone 16. The lawsuit claimed Apple's products "offered a significantly limited or entirely absent version of Apple Intelligence, misleading consumers about its actual utility and performance."

Apple brought certain AI-powered features to the iPhone 16 weeks after its release, and delayed the launch of its more personalized Siri, which is now expected to arrive later this year. Last April, the National Advertising Division recommended that Apple "discontinue or modify" its "available now" claim for Apple Intelligence. Apple also pulled an iPhone 16 ad showing actor Bella Ramsey using the AI-upgraded Siri.

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/05/2244236/apple-agrees-to-pay-iphone-owners-250-million-for-not-delivering-ai-siri?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from CNBC: OpenAI President Greg Brockman concluded his testimony on Tuesday, where he largely rebutted Elon Musk's account of the early years of the startup and negotiations that occurred at the company. Brockman testified that he never made any commitments to Musk about the company's corporate structure, and he never heard anyone else make them. He emphasized that OpenAI is still governed by a nonprofit. "This entity remains a nonprofit," Brockman said, referring to the OpenAI foundation. "It is the best-resourced nonprofit in the world." [...] Brockman, who spoke from the witness stand in federal court in Oakland, California, over the course of two days, also revealed that Musk had enlisted several OpenAI employees to do months of free work for him at Tesla, Musk's electric vehicle company. That work mainly included efforts to overhaul the company's approach to developing self-driving technology as part of the Autopilot team there in 2017. During his two days on the stand, Brockman answered questions about his personal financial ambitions, his understanding of OpenAI's structure and Musk's involvement at the company, which they co-founded with other executives in 2015.

In Musk's testimony last week, the Tesla and SpaceX CEO said that the time, money and resources he poured into OpenAI had been integral to the company's success. He repeatedly said that he helped recruit the company's top talent. Brockman said Tuesday that while Musk was helpful in convincing some employees to take the leap to join OpenAI, he was a polarizing figure for others. "Elon had a reputation of being an extremely hard driver," Brockman said. He added that "certain candidates were very attracted" by Musk's involvement at OpenAI, and that "certain candidates were very turned off." Musk testified last week that a former OpenAI researcher named Andrej Karpathy joined Tesla, but only after he had planned to leave the startup already. Brockman said that Musk, after he hired Karpathy, approached him with "an apology and a confession," about the hire, and that neither Musk nor Karpathy had told him the researcher planned to leave OpenAI before that. Musk was generally not very available for meetings and conversations, Brockman said, so he relied on employees, including Sam Teller and former OpenAI board member Shivon Zilis, as proxies. Brockman testified that open sourcing OpenAI's technology was "not a topic of conversation" during Musk's time with the nonprofit, despite Musk's claims that it was supposed to be central to the organization. He also described tense 2017 negotiations over a possible for-profit arm, saying Musk became angry when equity stakes were discussed. "He said Musk declined the proposal during an in-person meeting, then tore a painting of a Tesla Model 3 car off the wall, and began storming out of the room," reports CNBC. He also demanded to know when the cofounders would leave the company.

Brockman further said Musk wanted control of OpenAI because he disliked situations where he lacked control, citing Zip2 and SolarCity as examples Musk had raised. He also testified that Musk partly wanted control to help fund his broader SpaceX ambition of building a "city on Mars."

CNBC notes the trial will resume at 8:30 a.m. PT on Wednesday, with Shivon Zilis expected to testify. She is the mother of four of Musk's children and a former OpenAI board member.

Recap:

OpenAI President Discloses His Stake In the Company Is Worth $30 Billion (Day Five)
Musk Concludes Testimony At OpenAI Trial (Day Four)
Elon Musk Says OpenAI Betrayed Him, Clashes With Company's Attorney (Day Three)
Musk Testifies OpenAI Was Created As Nonprofit To Counter Google (Day Two)
Elon Musk and OpenAI CEO Sam Altman Head To Court (Day One)

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/05/2259238/brockman-rebuts-musks-take-on-startups-history-recounts-secret-work-for-tesla?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Wed, 06 May 2026 05:08:37 GMT
Канал: Все статьи подряд / Системное программирование / Хабр

В апреле 2026 года Canonical раскрыла 44 CVE в uutils. Это переписанная на Rust версия GNU coreutils, которая в Ubuntu идёт по умолчанию с 25.10. Раскрытие пришло из внешнего аудита, заказанного перед релизом 26.04 LTS. Большую часть уязвимостей нашли обычным ревью кода. Ни borrow checker, ни проверки clippy, ни cargo audit не поймали ни одной.Этот аудит, пожалуй, самый чёткий из существующих примеров того, что Rust ловит, а что нет. Самый внятный разбор списка сделал Маттиас Эндлер в посте «Bugs Rust Won’t Catch» от 29 апреля. Эндлер ведёт консалтинг corrode и подкаст Rust in Production; недавно у него в гостях был Джон Сигер, вице-президент по инженерии в Canonical. Пост построен как разбор того самого раскрытия: 44 CVE распределены по восьми категориям; к большинству приложен git diff фикса.Ниже разберу каркас Эндлера и добавлю два аргумента сверху. Первый: один из мейнтейнеров GNU coreutils в HN-треде показал бенчмарк, на котором рекомендованный Эндлером фикс не выживает. Второй: структурный аргумент про то, что 40 лет наслоённых POSIX-шрамов делают с любой переписью, независимо от языка. Читать далее]]>

https://habr.com/ru/articles/1031420/

Состоялся релиз каталогизатора домашней библиотеки MyLibrary 5.0. Код программы написан на языке программирования С++ и доступен (GitHub, GitFlic) под лицензией GPLv3. Графический интерфейс пользователя реализован с помощью библиотеки Qt6. Программа адаптирована для работы в операционных системах семейства Linux и Windows. Для пользователей Arch Linux в AUR доступен сценарий сборки готового пакета. Для пользователей Windows доступен экспериментальный инсталлятор.

https://www.opennet.ru/opennews/art.shtml?num=65371

TOP20 VISITORS:

[1] PetalBot point=11 web=1513 up=7.0MB (20%) <--- PetalBot
[2] Amazon point=0 web=639 up=5.8MB (16%)
[3] ClaudeBot point=0 web=160 up=5.6MB (16%)
[4] 216.244.66.x point=0 web=125 up=3.1MB (9%)
[5] 37.252.14.x point=144 web=0 up=2.4MB (6%) <--- ake (6/hr)
[6] 54.37.252.x point=0 web=1 up=1.7MB (5%)
[7] 147.135.213.x point=0 web=1 up=1.4MB (4%)
[8] 147.135.214.x point=0 web=2 up=1.2MB (3%)
[9] TikTok point=0 web=103 up=1.1MB (3%)
[10] Facebook point=0 web=58 up=1.1MB (3%)
[11] 217.114.158.x point=25 web=0 up=1.0MB (2%) <--- fox (1/hr)
[12] 51.68.234.x point=0 web=1 up=0.8MB (2%)
[13] 42.200.231.x point=0 web=1 up=0.4MB (1%)
[14] 95.217.109.x point=0 web=1 up=0.2MB (<1%)
[15] 116.240.149.x point=0 web=1 up=0.2MB (<1%)
[16] Google point=0 web=26 up=0.2MB (<1%)
[17] AhrefsBot point=0 web=23 up=0.2MB (<1%)
[18] 51.77.43.x point=0 web=0 up=54KB
[19] 43.173.180.x point=0 web=11 up=51KB
[20] 85.208.96.x point=0 web=6 up=46KB

TOTAL TRAFFIC: 34MB

Atmospheric carbon dioxide hit a new record in April, averaging about 431 parts per million at NOAA's Mauna Loa Observatory. That's up from under 320 ppm when the site began measurements in 1958. Scientific American reports: Greenhouse gases, such as carbon dioxide, are measured as a proportion of the total atmosphere. The numbers are presented as the number of molecules of a particular gas out of a million total molecules, or ppm. Climate scientist Zachary Labe of Climate Central, a nonprofit that researches climate change, says the new record is "depressing" but not unexpected. "It's just another sign that carbon dioxide continues to increase in our atmosphere as our planet continues to warm," he says. "For many climate scientists, this is just 'here it is again, another record in the wrong direction.'"

Labe explains that the amount of CO2 in the atmosphere tends to peak in April each year as decaying plants release greenhouse gases after winter. Some of that CO2 gets reabsorbed by plants as they grow during the warmer months. But NOAA's data show a worrying trend, with the average monthly amount of CO2 steadily increasing. [...] Although the amount of CO2 in the atmosphere has continued to rise, there was a reduction in U.S. emissions in 2023 and 2024. That trend, however, was reversed in 2025, at least partially because of the increased electricity demand from artificial intelligence data centers. Still, Labe says there are reasons for optimism as the use of renewable energy sources such as solar and wind expands.

[ Read more of this story ]( https://news.slashdot.org/story/26/05/06/0416201/co2-levels-in-the-atmosphere-hit-depressing-new-record?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Произошёл массовый сбой в работе доменной зоны "DE", применяемой в Германии. Проблемы возникли из-за ошибки в настройке DNSSEC для корневой зоны "DE", совершённой организацией DENIC, отвечающей за домен первого уровня "DE". С 5 мая 22:30 по 6 мая 1:30 (MSK) попытка резолвинга доменов в зоне "DE" через DNS-серверы, применяющие DNSSEC для проверки достоверности данных, завершалась ошибкой. На DNS-серверах, применяющих DNSSEC, сбой наблюдался и при резолвинге доменов, напрямую не использующих DNSSEC.

https://www.opennet.ru/opennews/art.shtml?num=65380

MyLibrary каталогизирует файлы книг в формате fb2, epub, pdf, djvu, odt, txt, md, как доступные напрямую, так и упакованные в архивы (zip, 7z, jar, cpio, iso, tar, tar.gz, tar.bz2, tar.xz, rar), и создаёт собственную базу данных, не изменяя исходные файлы и не меняя их положения. Для каталогизации также доступен формат fbd (файл книги, упакованный в архив вместе с файлом с расширением fbd, содержащем тег description формата fb2). В формате fbd могут храниться любые файлы, не только книги. Контроль целостности коллекции и её изменений осуществляется за счёт создания базы данных хеш-сумм файлов и архивов.

Реализован поиск книг по различным критериям (фамилия, имя, отчество автора, название книги, серия, жанр) и их чтение через программу, по умолчанию установленную в системе для открытия соответствующих форматов файлов. При выборе книги отображаются аннотация и обложка книги, если таковые доступны. Поддерживается отображение списка файлов, входящих в коллекцию; списка книг, входящих в конкретный файл; списка авторов коллекции; списка книг, для которых пользователь создал заметки.

Возможны различные операции с коллекцией: обновление (осуществляется проверка всей коллекции и сверка хеш-сумм доступных файлов), быстрое обновление (сличаются размеры файлов), экспорт и импорт базы данных коллекции, добавление книг в коллекцию и удаление книг из коллекции, добавление в коллекцию папок с книгами, добавление в коллекцию архивов с книгами, копирование книг коллекции в произвольную папку. Доступно ручное редактирование записей о книгах в базе данных. Создан механизм закладок для быстрого доступа к книгам. Есть возможность создавать пользовательские заметки к книгам. Доступен интерфейс для создания и подключения плагинов.

MyLibrary может работать с коллекциями, находящимися на внешнем сервере (соответствующие папки и файлы должны быть доступны по протоколу SMB и смонтированы на локальном компьютере с помощью gvfs, kio-fuse или их аналогов).

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18284893#cut ) )

28 апреля и 5 мая [ состоялись ]( https://toaruos.org/toaruos-23-is-out.html ) выпуски 2.3 и 2.3.1 Unix-подобной операционной системы [ ToaruOS ]( http://toaruos.org ) , написанной с нуля и поставляемой со своим ядром, загрузчиком, стандартной Си-библиотекой, пакетным менеджером, компонентами пространства пользователя и графическим интерфейсом с композитным оконным менеджером.

В основе ToaruOS лежит ядро, использующее гибридную модульную архитектуру, сочетающую монолитную основу и средства для использования загружаемых модулей, в виде которых оформлено большинство имеющихся драйверов устройств, таких как драйверы диска (PATA и ATAPI), ФС Ext2 и ISO9660, framebuffer, клавиатуры, мыши, сетевых карт (AMD PCnet FAST, Realtek RTL8139 и Intel PRO/1000), звуковых чипов (Intel AC’97), а также дополнений VirtualBox для гостевых систем. Ядро поддерживает Unix-потоки, TTY, виртуальную ФС, псевдо-ФС /proc, многопоточность, IPC, ramdisk, ptrace, разделяемую память, многозадачность и другие типовые возможности.

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18284946#cut ) )

[ Состоялся ]( https://nodejs.org/en/blog/release/v26.0.0 ) релиз [ Node.js 26.0.0 ]( https://nodejs.org/ ) , платформы для выполнения сетевых приложений на языке JavaScript. Node.js 26.0 [ отнесён ]( https://github.com/nodejs/Release ) к веткам с длительным сроком поддержки, но данный статус будет присвоен только в октябре, после проведения стабилизации. Поддержка Node.js 26.x будет осуществляться до мая 2029 года. Сопровождение прошлой LTS-ветки Node.js 24.x будет осуществляться до 30 апреля 2028 года, а позапрошлой 22.x - до 30 апреля 2027 года. Сопровождение LTS-ветки 20.x прекращено 30 апреля 2026 года, а промежуточной ветки Node.js 25.x будет прекращено 1 июня 2026 года.

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18285005#cut ) )

30 апреля вышло минорное обновление текстового редактора CudaText.

Редактор написан на языке Free Pascal, поддерживает расширения на Python и имеет несколько особенностей, заимствованных из Sublime Text. На wiki проекта (freepascal.org) [ перечисляются преимущества, недостатки и особенности ]( https://wiki.freepascal.org/CudaText_VS_other_editors ) проекта по сравнению с Sublime Text и VSCode.

В этой версии:

• исправлено правило для перечёркнутого текста в лексере Markdown;

• исправлены ошибки в лексерах HTML и CSS;

• API для расширений теперь позволяет создавать крошечные расширения (tiny plugin);

• API для расширений теперь позволяет обрабатывать кнопку ‘…’ в диалоге поиска.

Доступны сборки для Linux, Windows и macOS (также есть сборки более старых версий для FreeBSD, OpenBSD, NetBSD, DragonFlyBSD, Solaris и Haiku).

Название редактора происходит от сербского слова, означающего «чудо», и не связано с технологией CUDA.

Для поддержки пользователей у проекта есть форум на [ русском ]( https://synwrite.sourceforge.net/forums/viewforum.php?f=6 ) и [ английском ]( https://synwrite.sourceforge.net/forums/viewforum.php?f=20 ) языках.

https://www.linux.org.ru/news/opensource/18285008

New submitter spazmonkey writes: From a hidden GPS tracker polling your location every 4.5 minutes to JavaScript loaded from a random GitHub account, no SSL certificate pinning, and an in-app browser that silently strips cookie consent dialogs and paywalls from every page you visit, the new White House app seems to have a little bit of everything. A security researcher pulled the APK apart to discover the cybersecurity vulnerabilities. "The app is a React Native build using Expo SDK 54, with WordPress powering the backend through a custom REST API," reports Android Headlines. "That's pretty normal, as nearly 42% of all websites on the internet are powered by WordPress. But that's just the start; now the nightmare begins..." From the report: To start, the app has a full GPS tracking pipeline compiled in. Essentially, it's set to poll your location every 4.5 minutes in the foreground, and 9.5 minutes in the background. It's syncing latitude, longitude, accuracy, and timestamp data to OneSignal's servers. These location permissions aren't declared in the AndroidManifest, but they are hardcoded as runtime requests in the OneSignal SDK. Some have noted that the tracking only kicks in if the developer enables it server-side and the user grants permission, but it is there, ready to go.

And it gets even stranger. Apparently, the app is loading JavaScript from a random person's GitHub site for YouTube embeds. Yes, you read that right, it's just loading JavaScript from a random GitHub site. So if that account ever gets compromised, arbitrary code could run inside the app's WebView. There's also no SSL certificate pinning, meaning that traffic can potentially be intercepted on compromised networks like sketchy public WiFi or corporate proxies. The app also injects JavaScript and CSS into every page you visit in the in-app browser. This strips away cookie consent dialogs, GDPR banners, login walls, and paywalls. There's also leftover dev artifacts in the production build, including a localhost URL to the Metro bundler.

[ Read more of this story ]( https://it.slashdot.org/story/26/05/06/0424251/white-house-app-is-a-terrifying-security-mess?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Джарред Самнер (Jarred Sumner), создатель и основной разработчик серверной JavaScript-платформы Bun, создал Git-ветку, в которой приступил к переписыванию Bun с языка Zig на Rust. Переписывание ведётся с использование AI-ассистента Claude, для которого сформировано отдельное руководство по портированию. По словам Джарреда пока это лишь эксперимент, а не официальный порт, и высока вероятность, что дальше эксперимента дело не зайдёт и переписанный код не будет использован.

https://www.opennet.ru/opennews/art.shtml?num=65379

Удостоверяющий центр Digicert раскрыл информацию об инциденте с безопасностью, в результате которого злоумышленники смогли получить сертификаты, пригодные для формирования цифровых подписей к драйверам и приложениям для платформы Windows. Атакующие смогли организовать выполнение своего кода на двух компьютерах сотрудников Digicert, отправив в чат службы поддержки сообщения о проблеме c приложением ZIP-архива со скриншотами. Внутри архива был размещён исполняемый файл в формате scr, содержащий вредоносный код.

https://www.opennet.ru/opennews/art.shtml?num=65383

Опубликовано: Wed, 06 May 2026 14:31:09 GMT
Канал: Все статьи подряд / Программирование микроконтроллеров / Хабр

Kubernetes давно стал повсеместной платформой, а написать к нему собственный оператор сегодня — задача нескольких часов. Стандартный путь — kubebuilder на основе controller-runtime: scaffold проекта, типы, реконсайлер. В типовых сценариях этого вполне достаточно. Но как только нагрузка растёт или поведение оператора начинает расходиться с ожиданиями, всплывает целый класс edge-кейсов, причина которых — непонимание того, как controller-runtime устроен внутри. Если вы пишете контроллеры для Kubernetes, этот материал поможет собрать целостную mental model и заранее избежать дорогих сюрпризов в проде.В этой статье разберём внутреннее устройство controller-runtime и на его примере увидим, какие архитектурные решения лежат в основе самого Kubernetes. Начнём с того, как контроллеры читают объекты из Kubernetes API.Есть распространённое заблуждение, что r.Get() в Reconcile ходит прямо в kube-apiserver, List() каждый раз смотрит «живую» картину мира, а после Update() можно сразу перечитать объект и увидеть свежее состояние. На практике всё наоборот: controller-runtime живёт на локальной копии данных через LIST+WATCH. Благодаря этому чтение в реконсайле обходится почти бесплатно и не нагружает control plane даже при сотнях вызовов в секунду — но ценой этой модели становится то, что оператор может внезапно съедать гигабайты памяти, делать скрытые O(n)-сканы и регулярно упираться в stale reads.Статья рассчитана на тех, кто уже писал операторы на Go с использованием controller-runtime, но хочет собрать целостную mental model, а не жить с набором частных наблюдений. Фокус будет на практических последствиях для production-кластеров: память, трафик, консистентность чтения и поведение реконсайла. Читать далее]]>

https://habr.com/ru/companies/aenix/articles/1031818/

Microsoft is winding down Xbox Copilot on mobile and ending development of Copilot on console, reversing plans to bring the gaming-focused AI assistant to current-generation Xbox consoles this year. "The move follows [new Xbox CEO Asha Sharma's] reorganization of the Xbox platform team earlier on Tuesday, which added executives from Microsoft's CoreAI team -- where Sharma worked before taking over Xbox -- to the Xbox side of the company," reports The Verge.

Sharma said in a post on X: Xbox needs to move faster, deepen our connection with the community, and address friction for both players and developers. Today, we promoted leaders who helped build Xbox, while also bringing in new voices to help push us forward. This balance is important as we get the business back on track. As part of this shift, you'll see us begin to retire features that don't align with where we're headed. We will begin winding down Copilot on mobile and will stop development of Copilot on console. Since taking over for former Microsoft Gaming CEO Phil Spencer in February, Sharma has scrapped the Microsoft Gaming brand and cut the price of Xbox Game Pass.

[ Read more of this story ]( https://games.slashdot.org/story/26/05/05/2053222/microsoft-gives-up-on-xbox-copilot-ai?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Wed, 06 May 2026 15:30:19 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Серия о том, как создать радар для отслеживания дронов продолжается. Мы уже рассмотрели модулированные по частоте сигналы и увидели, как можно определить расстояние. Но на графиках было много помех. И из-за них сложно было выделить реальные цели. Поэтому нужно понять, что считать помехами, а что реальными целями. Читать далее]]>

https://habr.com/ru/articles/1020442/

Опубликовано: Wed, 06 May 2026 15:00:15 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

Несколько лет назад на известном видеохостинге была опубликована серия видео, в которых описывался способ создания радара, позволяющего следить за маленьким пластиковым коптером. Читать далее]]>

https://habr.com/ru/articles/1014742/

Опубликовано: Wed, 06 May 2026 14:51:03 GMT
Канал: Все статьи подряд / Системное программирование / Хабр

Как Rust обманывает процессор. Часть 2: niche сквозь крейты, dropck, Pin и провенанс указателейВ первой части мы обсуждали niche-оптимизацию, drop flags, MIR, Stacked Borrows и async-стейт-машины. В комментариях справедливо заметили (спасибо, Mingun): про niche рассказано в простой форме - Option<&T> и NonZeroU8.А что происходит, когда enum живёт в одном крейте, оборачивается в newtype в другом, и оба варианта внешнего enum хранят один и тот же внутренний? У такого внешнего типа всего четыре состояния, байта должно хватить. Хватит ли? Зависит от того, как rustc считает layout. Об этом и поговорим.Во второй части идём глубже: niche сквозь границы крейтов, variance, Pin и самоссылающиеся футуры, dropck с #[may_dangle], Tree Borrows вместо Stacked Borrows и strict provenance. Без этого половина unsafe-кода в экосистеме держится на честном слове. Читать далее]]>

https://habr.com/ru/articles/1032214/

An anonymous reader quotes a report from Ars Technica: Silicon Valley investors such as Palantir co-founder Peter Thiel have bet hundreds of millions of dollars on deploying AI data centers powered by waves in the middle of the world's oceans -- a move that coincides with tech companies facing mounting challenges in building AI data center projects on land. The latest investment round of $140 million is intended to help the company Panthalassa complete a pilot manufacturing facility near Portland, Oregon, and speed up deployments of wave-riding "nodes" designed to generate electrical power, according to a May 4 press release. Instead of sending renewable energy to a land-based data center, the floating nodes would directly power onboard AI chips and transmit inference tokens representing the AI models' outputs to customers worldwide via satellite link.

Each node resembles a huge steel sphere bobbing on the water with a tube-like structure extending vertically down beneath the surface. The wave motions drive water upward through the tube into a pressurized reservoir, where it can be released to spin a turbine generator that produces renewable energy for the AI chips on board. Panthalassa claims the node's AI chips would also get cooled using the surrounding water, which could offer another advantage over traditional data centers. "Ocean-based compute might offer a massive cooling advantage because the ambient temperature is so low," Lee said. "Land-based data centers use a lot of electricity and fresh water for cooling."

The newest node prototype, called Ocean-3, is scheduled for testing in the northern Pacific Ocean later in 2026. The latest version reaches about 85 meters in length and would stand nearly as tall as London's Big Ben or New York City's Flatiron Building, according to the Financial Times. Panthalassa has already tested several earlier prototypes of the wave energy converter technology, including the Ocean-1 in 2021 and the Ocean-2 that underwent a three-week sea trial off the coast of Washington state in February 2024. The company's CEO and co-founder, Garth Sheldon-Coulson, said in a CBS interview that he hopes to eventually deploy thousands of the nodes.

[ Read more of this story ]( https://news.slashdot.org/story/26/05/06/0437216/silicon-valley-bets-200-million-on-ai-data-centers-floating-in-the-ocean?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Five major publishers and author Scott Turow have sued Meta and Mark Zuckerberg, alleging that Zuckerberg "personally authorized and actively encouraged" massive copyright infringement by using pirated books, journal articles, and web-scraped material to train Meta's Llama AI systems. Meta denies wrongdoing and says it will fight the case, arguing that courts have recognized AI training on copyrighted material as potentially fair use. Variety reports: "In their effort to win the AI 'arms race' and build a functional generative AI model, Defendants Meta and Zuckerberg followed their well-known motto: 'move fast and break things,'" the plaintiffs say in their lawsuit. "They first illegally torrented millions of copyrighted books and journal articles from notorious pirate sites and downloaded unauthorized web scrapes of virtually the entire internet. They then copied those stolen fruits many times over to train Meta's multibillion-dollar generative AI system called Llama. In doing so, Defendants engaged in one of the most massive infringements of copyrighted materials in history."

The suit was filed Tuesday (May 5) in the U.S. District Court for the Southern District of New York by five publishers (Hachette, Macmillan, McGraw Hill, Elsevier and Cengage) and Turow individually. The proposed class-action suit seeks unspecific monetary damages for the alleged copyright infringement. A copy of the lawsuit is available at this link (PDF). [...] the latest lawsuit alleges that Meta and Zuckerberg deliberately circumvented copyright-protection mechanisms -- and had considered paying to license the works before abandoning that strategy at "Zuckerberg's personal instruction." The suit essentially argues that the conduct described falls outside protections afforded by fair-use provisions of the U.S. copyright code.

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/06/1652200/zuckerberg-personally-authorized-and-encouraged-metas-copyright-infringement?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

jeditobe writes: Developers of ReactOS told Phoronix that the project has introduced a unified BootCD, replacing its previously separate installation media and LiveCD images. The new image combines the traditional text-mode installer with a LiveCD mode in a single medium. Within this unified BootCD, the updated LiveCD mode now includes an option to launch a first-stage GUI installer. The graphical interface is intended to make installation more approachable for new users compared to the long-standing text-based setup process.

In a separate development, the project has also merged a new ATA storage driver that has been in progress since early 2024. The plug-and-play aware storage stack supports SATA, PATA, ATAPI, AHCI, and even SCSI devices, potentially expanding the range of hardware on which ReactOS can successfully boot.

Following recent improvements to graphics driver support, the project continues to make incremental progress across core subsystems, though its long development timeline remains a point of discussion. Will these usability and hardware compatibility improvements be enough to broaden ReactOS adoption beyond its current niche?
Please note that all new features are not present in version 0.4.15 and are available for testing in the latest nightly test builds.

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/06/171220/reactos-unifies-installation-media-introduces-gui-installer-and-new-ata-driver?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Стефан Грабер (Stéphane Graber), лидер проекта Linux Containers и бывший технический руководитель проекта LXD, объявил о выходе Incus 7.0 LTS, форка системы управления контейнерами и виртуальными машинами LXD, созданного сообществом после перехода оригинального проекта под крыло Canonical и смены лицензии. Код проекта распространяется под лицензией Apache 2.0. Для ознакомления доступен онлайн-демонстрация.

https://www.opennet.ru/opennews/art.shtml?num=65384

Разработчики языка программирования PHP направили в организацию OSI (Open Source Initiative) [ уведомление ]( https://lists.opensource.org/pipermail/license-review_lists.opensource.org/2026-May/006087.html ) о добровольном выводе из обращения лицензии [ PHP License 3.01 ]( https://www.php.net/license/3_01.txt ) . Заявлено, что после нескольких лет работы код инструментария PHP полностью переведён на лицензию BSD-3 и в проекте больше не осталось кода под старой лицензией PHP License 3.01. Текст новой версии лицензии [ PHP License ]( https://github.com/php/php-src/blob/master/LICENSE ) заменён на копию лицензии BSD-3.

Ранее интерпретатор PHP и движок Zend Engine распространялись под разными лицензиями [ PHP License ]( https://opensource.org/license/php-3-0 ) и [ Zend Engine License ]( https://github.com/php/php-src/blob/master/Zend/LICENSE ) . Переход на общую лицензию BSD-3 упростит условия лицензирования, обеспечит совместимость с GPL и решит давние проблемы, сохранив при этом все права пользователей и разработчиков. Ранее применявшиеся лицензии были [ признаны ]( https://www.gnu.org/licenses/license-list.html#PHP-3.01 ) Фондом СПО несовместимыми с GPL из-за пункта, не позволяющего без получения письменного разрешения использовать слово PHP при продвижении производных продуктов.

Изначально ветки PHP 1.x и 2.x поставлялись под лицензией GPLv2, но ветка PHP 3 была переведена на использование двух лицензий - PHP License и GPL. В PHP 4 лицензия была изменена ещё раз - основной код стал распространяться только под лицензией PHP License, а движок Zend Engine, являющийся основной интерпретатора PHP, был размещён в подкаталоге «Zend/» под отдельной лицензией [ Zend Engine License ]( https://github.com/php/php-src/blob/master/Zend/LICENSE ) . Zend Engine License, как и PHP License, содержит ограничения в отношении использования слова Zend в производных продуктах, но дополнительно требует упоминания использования движка в рекламных материалах.

После перехода на лицензию BSD-3 авторские права всех участников разработки сохранились, а права пользователей остались без изменений. Новая лицензия не налагает дополнительных ограничений и не ущемляет имеющихся прав по использованию, модификации и распространению продукта. Лицензии PHP и Zend основаны на тексте 4-пунктовой лицензии BSD и переход на лицензию BSD-3 лишь привёл к удалению пунктов, определяющих требования в отношении использования бренда «PHP», а также к прекращению действия условия, предписывающего упоминать об использовании свободного проекта PHP в производных продуктах.

Cмена лицензии не потребовала получения отдельного согласия от каждого разработчика, так как в тексте лицензий PHP и Zend определены полномочия, позволяющие PHP Group вносить изменения в лицензию и выпускать новые версии лицензии. Для перехода на лицензию BSD-3 было достаточно одобрения членов [ PHP Group ]( https://www.php.net/credits.php ) и получения письменного подтверждения от юристов компании Perforce Software, которой принадлежит компания Zend Technologies. Процесс перехода на новую лицензию оформлен как обновление кода до версий PHP License v4 и Zend Engine License v3, текст которых совпадает с текстом лицензии BSD-3.

https://www.linux.org.ru/news/bsd/18285375

An anonymous reader quotes a report from Ars Technica: At its Code with Claude developers' conference, Anthropic has introduced what it calls "dreaming" to Claude Managed Agents. Dreaming, in this case, is a process of going over recent events and identifying specific things that are worth storing in "memory" to inform future tasks and interactions. Dreaming is a feature that is currently in research preview and limited to Managed Agents on the Claude Platform. Managed Agents are a higher-level alternative to building directly on the Messages API that Anthropic describes as a "pre-built, configurable agent harness that runs in managed infrastructure." It's intended for situations where you want multiple agents working on a task or project to some end point over several minutes or hours.

Anthropic describes dreaming as a scheduled process, in which sessions and memory stores are reviewed, and specific memories are curated. This is important because context windows are limited for LLMs, and important information can be lost over lengthy projects. On the chat side of things, many models use a process called compaction, whereby lengthy conversations are periodically analyzed, and the models attempt to remove irrelevant information from the context window while keeping what's actually important for the ongoing conversation, project, or task. However, that process, as I described it, is usually limited to a specific conversation with a single agent. "Dreaming" is a periodically recurring process in which past sessions and memory stores can be analyzed across agents, and important patterns are identified and saved to memory for the future. Users will be able to choose between an automatic process, or reviewing changes to memory directly.

[ Read more of this story ]( https://slashdot.org/story/26/05/06/1714217/claude-managed-agents-can-engage-in-a-dreaming-process-to-preserve-memories?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Morgan Stanley is adding crypto trading to E*Trade, with a pilot now underway and a broader rollout planned for the platform's 8.6 million customers later this year. The bank is reportedly undercutting rivals with a 50-basis-point trading fee as it bets traditional finance and DeFi will converge.

"By contrast, Robinhood Markets' (HOOD) fees start at 95 bps, Coinbase Global's (COIN) begins at 60 bps, and Charles Schwab (SCHW) will charge 75 bps," notes Seeking Alpha. Morgan Stanley's head of wealth management, Jed Finn, told Bloomberg: "This is much bigger than trading crypto at a cheaper rate. In a way, the strategy is disintermediating the disintermediators."

[ Read more of this story ]( https://news.slashdot.org/story/26/05/06/1726231/morgan-stanley-undercuts-rivals-on-pricing-in-crypto-trading-debut?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Google опубликовала релиз web-браузера Chrome 148. Одновременно доступен стабильный выпуск свободного проекта Chromium, выступающего основой Chrome. Браузер Chrome отличается от Chromium использованием логотипов Google, наличием системы отправки уведомлений в случае краха, модулями для воспроизведения защищённого от копирования видеоконтента (DRM), системой автоматической установки обновлений, постоянным включением Sandbox-изоляции, поставкой ключей к Google API и передачей RLZ-параметров при поиске. Для тех, кому необходимо больше времени на обновление, отдельно поддерживается ветка Extended Stable, сопровождаемая 8 недель. Следующий выпуск Chrome 149 запланирован на 2 июня.

https://www.opennet.ru/opennews/art.shtml?num=65386

Valve has released CAD files for the new Steam Controller and its Puck under a Creative Commons license. "The idea is to let enterprising modders create their own Steam Controller add-ons, like skins, charging stands, grip extenders or smartphone mounts," reports Digital Foundry. From the report: The Valve release includes files for the external shell ("surface topology") of the Controller and Puck, with a .STP, .STL and engineering diagram of each device, with the latter showing areas that must remain uncovered to let the device maintain its signal strength and otherwise function as designed. Valve has previously released CAD files for its Steam Deck handheld, Valve Index VR suite and even the original Steam Controller a decade ago, so this release is welcomed but not unexpected.

The release is under a fairly restrictive Creative Commons license which allows for non-commercial use and requires attribution and sharing of designs back to the community. However, the license also suggests that commercial entities interested in making accessories for the Steam Controller or its Puck can contact Valve directly to discuss terms. You can find the files here.

[ Read more of this story ]( https://hardware.slashdot.org/story/26/05/06/208231/valve-releases-steam-controller-cad-files-under-creative-commons-license?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликовано: Wed, 06 May 2026 20:48:12 GMT
Канал: Все статьи подряд / Программирование микроконтроллеров / Хабр

В этом тексте я попробовал осуществить передачу данных по лазерному лучу буквально на основе подручных материалов.В тексте представлены основные идеи и решения для передачи и приёма битового потока c помощью BPSK модуляции. Читать далее]]>

https://habr.com/ru/articles/1023062/

Google is updating AI Overviews and AI Mode to more prominently surface "Expert Advice" from public discussions, social platforms, forums, blogs, and Reddit. Engadget reports: Via a new "Expert Advice" section that can appear in AI responses, Google will display "a preview of perspectives from public online discussions, social media and other firsthand sources." In the sample screenshot the company provided, quotes from forums, WordPress blogs and Reddit were arranged above links to their respective sources. Google plans to add more context to these links, too, showing "a creator's name, handle or community name," so you can judge what you might want to click through and read from a glance.

Google will also start recommending in-depth articles at the end of AI responses for further exploration of a given topic, and link to more sources directly in its generated answers rather than just at the end. If you subscribe to any publications, AI responses will also highlight sources from the subscriptions you link to your Google account.

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/06/2050205/googles-ai-search-results-will-now-turn-to-reddit-for-expert-advice?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Longtime Slashdot reader UnknowingFool writes: Security researcher Tom Joran Sonstebyseter Ronning has found that Microsoft Edge stores passwords in plaintext in RAM. After creating a password and storing it using Edge's password manager, Ronning found that he could dump the RAM and recover his password which was stored in plaintext. Part of the issue is Edge loads all passwords to all sites upon a single verification check, even if the user was not visiting a specific site. This is very different from Chrome, which only loads passwords for specific websites when challenged for the site's password. Also, Chrome will delete the password from memory once the password has been filled. Edge does not delete the passwords from memory once they are used.

Microsoft downplayed the risk noting access would require control over a user's PC like a malware infection: "Access to browser data as described in the reported scenario would require the device to already be compromised," Microsoft said. Ronning countered that it was possible to dump passwords for multiple users using administrative privileges for one user to view the passwords for other logged-on users. "Design choices in this area involve balancing performance, usability, and security, and we continue to review it against evolving threats," Microsoft said. "Browsers access password data in memory to help users sign in quickly and securely -- this is an expected feature of the application. We recommend users install the latest security updates and antivirus software to help protect against security threats."

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/06/2014204/microsoft-edge-stores-passwords-in-plaintext-in-ram?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Sam Altman's management style came under scrutiny on the seventh day of Elon Musk's high-stakes OpenAI trial, as former OpenAI figures Mira Murati, Shivon Zilis, and Helen Toner took the stand to testify about their experiences working with him. Their testimony resurfaced many of the criticisms that first emerged during Altman's brief ouster as CEO in 2023. An anonymous reader quotes a report from Business Insider: The first witness was Mira Murati, OpenAI's former chief technology officer and now founder of her own AI shop, Thinking Machines Lab. Jurors watched a recorded video deposition of Murati, who was also OpenAI's interim CEO after the board briefly ousted Sam Altman. Murati's testimony focused on her concerns about Altman's "difficult and chaotic" management style. She said Altman had trouble "making decisions on big controversial things." He also had a habit of telling people what they wanted to hear.

"My concern was about Sam saying one thing to one person and a completely different thing to another person, and that makes it a very difficult and chaotic environment to work with," said Murati. Murati said that her issue with Altman was not about safety, "it is about Sam creating chaos." She said she supported Altman's return to OpenAI because the company "was at catastrophic risk of falling apart" at the time of his ousting. "I was concerned about the company completely blowing up."

Zilis said she was upset that Altman rolled out ChatGPT without involving the board. "It wasn't just me but the entire board raised concern about that whole thing happening without any board communication," she said. Zilis said she was also concerned about a potential OpenAI deal with a nuclear energy startup called Helion Energy because both Altman and Greg Brockman were investors. Although the executives had disclosed the investment to the board, Zilis said the deal talk made her uneasy. It "felt super out of left field," she said. "How is it the case that we want to place a major bet on a speculative technology?"

In a video deposition, Helen Toner, a former member of OpenAI's board who resigned in 2023, said she first became aware of ChatGPT's release when an OpenAI employee asked another board member whether the board was aware of the development. [...] Toner also elaborated on why the board, including herself, voted to remove Altman as CEO in 2023. "There were a number of things -- the pattern of behavior related to his honesty and candor, his resistance of board oversight, as well as the concerns that two os his inner management team raised to the board about his management practices, his manipulation of board processes," said Toner. Recap:

Brockman Rebuts Musk's Take On Startup's History, Recounts Secret Work For Tesla (Day Six)
OpenAI President Discloses His Stake In the Company Is Worth $30 Billion (Day Five)
Musk Concludes Testimony At OpenAI Trial (Day Four)
Elon Musk Says OpenAI Betrayed Him, Clashes With Company's Attorney (Day Three)
Musk Testifies OpenAI Was Created As Nonprofit To Counter Google (Day Two)
Elon Musk and OpenAI CEO Sam Altman Head To Court (Day One)

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/07/035251/sam-altmans-management-style-comes-under-the-microscope-at-openai-trial?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Главное изменение OpenCL 3.1 — обязательная поддержка загрузки вычислительных ядер в формате SPIR-V во всех совместимых реализациях. SPIR-V используется как переносимое промежуточное представление, которое может генерироваться, в частности, через LLVM/Clang и SPIR-V LLVM Translator. Это должно упростить использование OpenCL как backend для SYCL, chipStar и специализированных компиляторов, а также позволить распространять ядра не в виде исходного кода, а в предварительно скомпилированной промежуточной форме.

В ядро OpenCL 3.1 также перенесены возможности, важные для AI- и HPC-нагрузок: subgroups с shuffle/rotate-операциями и расширенным набором типов, скалярные произведения целых чисел с вариантами насыщения и накопления, новые битовые операции, запрос рекомендуемого размера локальной рабочей группы и стандартный запрос UUID устройства, согласованный с поведением Vulkan.

Из менее громких, но прочих изменений отмечены новые языковые возможности без необходимости подключать расширения, улучшенный printf в OpenCL C с поддержкой модификаторов z и t, уточнение семантики CL_DEVICE_HOST_UNIFIED_MEMORY, возможность передавать нулевой размер для local memory-аргументов и упрощение синхронизации при проверке события в состоянии CL_COMPLETE.

Работа над реализациями OpenCL 3.1 уже ведётся у Arm, Imagination, Intel и Qualcomm. Среди открытых реализаций Khronos отдельно упоминает Rusticl в составе Mesa, PoCL и CLVK. Также продолжается развитие слоёв совместимости, запускающих OpenCL поверх Vulkan и DirectX 12, что должно расширить доступность OpenCL на системах без нативных драйверов.

Следующими направлениями развития Khronos называет буферы команд для низкоуровневого повторного запуска команд, улучшения единой общей памяти, операции с матрицами в совместном режиме, новые AI-типы вроде низкоточных форматов, а также улучшения для внешней памяти и совместимости с Vulkan, DirectX 12 и медиа-пайплайнами.

https://www.linux.org.ru/news/opensource/18284791

Опубликовано: Thu, 07 May 2026 06:03:51 GMT
Канал: Все статьи подряд / DIY или Сделай сам / Хабр

В этой статье я хочу рассказать о том, как я запускал собственную базовую станцию мобильной связи (4G и 2G) при помощи относительно дешевого SDR-трансивера. Читать далее]]>

https://habr.com/ru/articles/1017672/