Состоялся релиз web-браузера Firefox 142 и сформированы обновления прошлых веток с длительным сроком поддержки - 140.2.0, 115.27.0 и 128.14.0. На стадию бета-тестирования переведена ветка Firefox 143, релиз которой намечен на 16 сентября.

https://www.opennet.ru/opennews/art.shtml?num=63747

Global fertility rates have fallen from five children per woman in the mid-twentieth century to 2.2 today, with approximately half of countries now below the 2.1 replacement threshold, according to data from the Institute for Health Metrics and Evaluation at the University of Washington.

Mexico's rate dropped from seven children in 1970 to 1.6 in 2023. South Korea recorded 0.75 in 2024, down from 4.5 in 1970. The IHME projects over three-quarters of countries will fall below replacement level by 2050. A UN survey of 14,000 people across 14 countries found 39% cited financial limitations as a primary reason for not having children. China's population peaked around 2022 at 1.4 billion, while the U.S. Census Bureau predicts America's population will peak in 2080 at 370 million.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/19/162258/three-quarters-of-countries-face-below-replacement-fertility-by-2050?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Bill Gates is funding a $1 million competition to spur the use of AI to find innovative treatments for Alzheimer's disease, the latest effort to deploy the promising technology to find cures for humanity's toughest illnesses. From a report: The Alzheimer's Insights AI prize will be awarded to the team that comes up with the most original way to program AI-powered agents that are "capable of independent planning, reasoning, and action to accelerate breakthrough discoveries from existing Alzheimer's data." Â

The winning tool will be released for free on the Alzheimer's Disease Data Initiative's cloud "workbench" to be used by scientists globally, the organisation said on Tuesday. The prize is being financed by Gates Ventures, the family office of the billionaire philanthropist and Microsoft co-founder.

[ Read more of this story ]( https://science.slashdot.org/story/25/08/19/150204/gates-funds-1-million-ai-alzheimers-prize?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The GenAI Divide: State of AI in Business 2025, a new report published by MIT's NANDA initiative, reveals that while generative AI holds promise for enterprises, most initiatives to drive rapid revenue growth are falling flat. Fortune: Despite the rush to integrate powerful new models, about 5% of AI pilot programs achieve rapid revenue acceleration; the vast majority stall, delivering little to no measurable impact on P&L. The research -- based on 150 interviews with leaders, a survey of 350 employees, and an analysis of 300 public AI deployments -- paints a clear divide between success stories and stalled projects.

To unpack these findings, I spoke with Aditya Challapally, the lead author of the report, and a research contributor to project NANDA at MIT. "Some large companies' pilots and younger startups are really excelling with generative AI," Challapally said. Startups led by 19- or 20-year-olds, for example, "have seen revenues jump from zero to $20 million in a year," he said. "It's because they pick one pain point, execute well, and partner smartly with companies who use their tools," he added.

But for 95% of companies in the dataset, generative AI implementation is falling short. The core issue? Not the quality of the AI models, but the "learning gap" for both tools and organizations. While executives often blame regulation or model performance, MIT's research points to flawed enterprise integration. Generic tools like ChatGPT excel for individuals because of their flexibility, but they stall in enterprise use since they don't learn from or adapt to workflows, Challapally explained.

[ Read more of this story ]( https://slashdot.org/story/25/08/19/146205/mit-report-95-of-generative-ai-pilots-at-companies-are-failing?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Epic Games CEO Tim Sweeney told the Financial Times that the UK Competition and Markets Authority's December decision to delay mandating alternative app stores on iPhones was a "blunder" that leaves Britain "well behind" other jurisdictions.

The CMA postponed until next year whether to require Apple to allow third-party app stores or sideloading, unlike the EU's Digital Markets Act. Fortnite remains unavailable on UK iOS devices following Epic's years-long dispute over Apple's 30% commission fees. The regulator said it would prioritize forcing Apple and Google to allow alternative payment systems.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/19/1123215/uk-is-lagging-behind-rest-of-world-in-tackling-big-tech-says-fortnite-chief?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

После двух месяцев разработки опубликован релиз Luanti 5.13.0, свободного кроссплатформенного игрового движка в жанре песочница, позволяющего создавать игры по аналогу Roblox, но с воксельной механикой, используя различные блоки для совместного формирования игроками различных структур и построек, образующих подобие виртуального мира. Некоторые игры на движке стремятся клонировать Minecraft. Предоставляемый движком геймплей полностью зависит от набора модов, создаваемых на языке Lua. Движок написан на языке С++ c использованием 3D-библиотеки IrrlichtMt (форк Irrlicht). Код Luanti распространяется под лицензией LGPL, а игровые ресурсы под лицензией CC BY-SA 3.0. Готовые сборки формируются для различных дистрибутивов Linux, Android, FreeBSD, Windows и macOS.

https://www.opennet.ru/opennews/art.shtml?num=63745

Вышел первый релиз нового свободного торрент-клиента PikaTorrent 0.14.0. Клиент основан на базе Transmission и написан на Dart и C++, имеет низкие системные требования и поддерживает большое количество одновременных закачек. Просто выбери торрент!

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18053684#cut0 ) )

Разработчики Ventoy 18.08.2025 опубликовали два последовательных апдейта: функциональный релиз 1.1.06 и следом быстрый 1.1.07 с исправлением критической ошибки.

Проект позволяет создавать мультизагрузочные USB-накопители и грузить ISO/WIM/IMG/VHD(x)/EFI без переформатирования – достаточно скопировать образы на флешку. Распространяется по лицензии GPL-3.0.

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18053576#cut ) )

Федеральный верховный суд Германии вернул на повторное рассмотрение судебное разбирательство против разработчиков блокировщика рекламы Adblock Plus. Инициатором разбирательства является медиаконцерн Axel Springer, который добивается запрета применения блокировщиков рекламы, мотивируя свою позицию тем, что подобные браузерные дополнения изменяют выдаваемый сайтами контент, что преподносится как нарушение авторских прав.

https://www.opennet.ru/opennews/art.shtml?num=63744

The U.S. Federal Trade Commission sued ticket reseller Key Investment Group for evading purchasing limits to buy up thousands of tickets to live events including Taylor Swift's Eras tour and resell them at a markup, according to a complaint filed in Maryland federal court on Monday. From a report: The Baltimore, Maryland-based company, which operates ticket resale sites including TotalTickets.com, used thousands of Ticketmaster accounts, including fake or purchased accounts, the FTC said.

Ticketmaster faced intense criticism after its botched 2022 sale of tickets to Swift's much-hyped Eras tour, when billions of requests from Swift fans, bots and ticket resellers overwhelmed its website and the company canceled a planned ticket sale to the general public.

For one Swift concert in Las Vegas in March 2023, Key Investment Group and its affiliates used 49 different accounts to purchase 273 tickets and evade a 6-ticket purchase limit, netting more than $119,000 in revenue on resales, the FTC said on Monday. The company made more than $1.2 million reselling 2,280 Swift concert tickets it purchased in 2023, the agency said.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/19/0716252/us-ftc-sues-ticket-reseller-for-evading-taylor-swifts-eras-tour-ticket-limits?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

После двух месяцев разработки представлен релиз распределенной системы управления исходными текстами Git 2.51. Git отличается высокой производительностью и предоставляет средства нелинейной разработки, базирующиеся на ответвлении и слиянии веток. Для обеспечения целостности истории и устойчивости к изменениям "задним числом" используются неявное хеширование всей предыдущей истории в каждом коммите, а также удостоверение цифровыми подписями разработчиков отдельных тегов и коммитов. Код Git распространяется под лицензией GPLv2+.

https://www.opennet.ru/opennews/art.shtml?num=63742

TOP10 VISITORS:

[1] ChatGPT point=1 web=262 up=25.4MB (25%) <--- ChatGPT
[2] 37.252.14.x point=144 web=0 up=24.9MB (25%) <--- ake (6/hr)
[3] 45.135.180.x point=240 web=0 up=20.5MB (20%) <--- yesterlink (10/hr)
[4] 216.73.216.x point=0 web=407 up=7.0MB (7%)
[5] PetalBot point=1 web=1015 up=5.9MB (6%) <--- PetalBot
[6] 144.76.33.x point=0 web=405 up=4.9MB (4%)
[7] Google point=0 web=453 up=3.0MB (3%)
[8] Amazon point=0 web=91 up=2.1MB (2%)
[9] TikTok point=0 web=135 up=1.9MB (1%)
[10] 217.114.158.x point=24 web=0 up=0.9MB (<1%) <--- fox (1/hr)

TOTAL TRAFFIC: 98MB

The UK government has agreed to withdraw its order requiring Apple to create backdoor access to encrypted iCloud data following intervention from the Trump administration. Vice President JD Vance negotiated the agreement during his recent UK holiday after the January order issued under the UK Investigatory Powers Act prompted Apple to pull its iCloud Advanced Data Protection service from Britain in February. Director of National Intelligence Tulsi Gabbard said the UK agreed to drop demands for access to "the protected encrypted data of American citizens." Apple had filed a complaint with the Investigatory Powers Tribunal scheduled for hearing early next year.

[ Read more of this story ]( https://apple.slashdot.org/story/25/08/19/0345252/us-spy-chief-gabbard-says-uk-agreed-to-drop-backdoor-mandate-for-apple?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

OpenAI has launched ChatGPT Go, a $4.57 monthly subscription tier initially available only in India. The service provides, compared to the free tier, extended access to GPT-5, image generation, file uploads, advanced data analysis, longer conversation memory, and custom GPTs at Rs 399 per month. ChatGPT Go excludes features found in the $20 ChatGPT Plus tier including legacy models like 4o, Sora video generation, deep research, agent mode, and connectors. OpenAI said "other countries and regions may be eligible in the future" for ChatGPT Go.

India has emerged as a key market for American technology firms looking for users. In the past 15 years, firms like Amazon, Google, and Meta, alongside venture capitalists and private equity, have poured more than $200 billion into the country, all chasing its vast pool of users and the businesses serving this population. India is the second largest market for OpenAI, startup's chief executive Sam Altman said in a podcast recently. Perplexity partnered with Indian telecoms giant Bharti Airtel last month to provide its premium Pro service to 360 million customers for free for an entire year.

[ Read more of this story ]( https://slashdot.org/story/25/08/19/0333218/openai-launches-46-budget-ai-subscription-tier-in-india?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Intel and SoftBank announced on Monday that the Japanese conglomerate will make a $2 billion investment the embattled chipmaker. SoftBank will pay $23 per share for Intel's common stock. The investment is a vote of confidence in Intel, which has not been able to take advantage of the AI boom in advanced semiconductors and has spent heavily to stand up a manufacturing business that has yet to secure a significant customer.

"Masa and I have worked closely together for decades, and I appreciate the confidence he has placed in Intel with this investment," Intel CEO Lip-Bu Tan said in a statement. Intel shares lost 60% of their value last year, their worst performance in the company's more than half-century on the public market.

[ Read more of this story ]( https://slashdot.org/story/25/08/18/2337225/intel-is-getting-a-2-billion-investment-from-softbank?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Hollywood comedy production has declined 27% since 1990 despite audience demand ranking the genre second among those viewers "want to see more of," according to Letterboxd genre data and a 68,000-consumer survey. Comedy films average $26.5 million production budgets and double their investment returns at 102%, yet represent just 9.3% of sequel releases compared to action's 27.6%.

The shift reflects studios prioritizing internationally marketable franchises over domestically-focused comedies, which earn most revenue from US and Canadian audiences. Films like 1984's Beverly Hills Cop ($977 million inflation-adjusted) and Ghostbusters ($882 million) remain unmatched by contemporary releases -- with half of Letterboxd's most popular 2020s "comedies" being either non-comedic films like Saltburn or IP-driven movies like Barbie.

[ Read more of this story ]( https://entertainment.slashdot.org/story/25/08/18/2333256/why-did-hollywood-stop-making-comedies-a-statistical-analysis?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Fujifilm will increase prices on most of its US camera lineup starting August 30, marking the second price adjustment this month following retailer-announced increases two weeks earlier. The company cited "volatile market conditions" in its official statement. The recently released X half and X-E5 cameras will maintain their launch prices, while the backordered X100 VI faces price changes. The company characterized the adjustments as a long-term solution to uncertainties including tariffs and manufacturing circumstances.

[ Read more of this story ]( https://slashdot.org/story/25/08/18/2330231/fujifilm-announces-second-us-price-increase-in-august?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

England has declared a "nationally significant" water shortage as reservoirs dropped to 67.7% capacity, their lowest levels in at least a decade. The UK Centre for Ecology and Hydrology warned of exceptionally low river flows while groundwater continues dwindling across the country. Hosepipe bans now affect all of England, with additional restrictions probable in coming months.

Water companies lose approximately one trillion litres annually through leaky pipes -- 20% of all treated water -- while the annual pipe replacement rate remains at 0.05%. No new reservoir has been built in 30 years despite population growth. Government forecasts project England's public water supply could fall short by 5 billion litres daily by 2055 without urgent infrastructure investment. The economic cost of water scarcity could reach $11.48 billion over this parliament, according to thinktank Public First.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/18/2323214/how-can-england-possibly-be-running-out-of-water?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован выпуск инструментария Ventoy 1.1.07, предназначенного для создания загрузочных USB-носителей, включающих несколько операционных систем. Программа позволяет загрузить ОС из неизменных ISO-, WIM-, IMG-, VHD- и EFI-образов, не требуя распаковки образа или переформатирования носителя. Достаточно просто скопировать интересующий набор iso-образов на USB Flash с загрузчиком Ventoy, и он обеспечит загрузку операционных систем, находящихся внутри образов. В любой момент можно заменить или добавить новые iso-образы, просто скопировав новые файлы, что удобно для тестирования и предварительного ознакомления с различными дистрибутивами и операционными системами. Код проекта написан на языке Си и распространяется под лицензией GPLv3.

https://www.opennet.ru/opennews/art.shtml?num=63741

Traditional business applications will become the mainframes of the 2030s - functioning but obsolete systems replaced by AI agents, predicts Microsoft corporate vice president Charles Lamanna. AI agents featuring generative AI interfaces, goal-oriented processing, and vector databases will supplant today's form-driven, workflow-based enterprise software within five years, said Lamanna, who leads Microsoft's business applications and platforms division.

The executive projects industry patterns for agent-based systems will solidify within 6-18 months. Microsoft MVP Rocky Lhotka called the 2030 timeline "very forward-looking and optimistic," noting that capital-intensive industries cannot readily replace existing infrastructure with virtual agents.

[ Read more of this story ]( https://slashdot.org/story/25/08/18/181255/ai-business-agents-will-kill-saas-by-2030-says-microsoft?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Trading volume on AI prediction markets reached approximately $20 million this month across platforms including Kalshi and Polymarket. Kalshi reports ten times the AI trading volume compared to early 2025.

Bettors place wagers on outcomes including monthly AI model rankings, federal AI regulation prospects, and Sam Altman's potential OpenAI equity stake.

[ Read more of this story ]( https://news.slashdot.org/story/25/08/18/1655234/gamblers-now-bet-on-ai-models-like-racehorses?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

artur> Привет! Как дела с rein на момент августа 25-ого?

Привет! В целом, рейн готов и работает. Редактор red на нём я использую на регулярной основе. В планах был перенос инстед библиотеки на луа (сделано) для внедрения в виде чего-то вроде instead-cli на rein (не сделано).

Prospect magazine, in a recent piece: "LinkedIn doesn't know me anymore," someone complained to me recently. "What do you mean?" I asked. She explained that the platform has replaced the old "recommended jobs" section, which used to show her quite useful job openings based on her previous searches and CV, with an AI search engine that asks you to describe your ideal job in freeform text. The results it brings up aren't nearly as relevant.

This is just one of many ways in which the professionals' social media platform, which has embraced artificial intelligence with ferocious zeal, is being gradually "enshittified," to borrow tech writer Cory Doctorow's phrase. Each new embrace of AI tools promises to make hiring, job searching, networking and even posting a bit easier or more fruitful. Instead, AI seems to have made the user's experience more alienating, and to have helped foster a genre of LinkedIn-speak which bears all the hallmarks of the worst AI writing on the internet.

Let's start with my opening example -- which, to be fair, is in beta testing mode and can be switched off. Instead of the AI assistant being like an intuitive digital servant, pulling up the best jobs based on your ruminations, users are confronted with a new and annoying task: crafting prompts for the AI. But the non-AI search bar worked perfectly well as it was.

Then there is the AI writing assistant, which is available to users who pay for the platform's $40 per month premium service to help them craft their posts. LinkedIn's CEO Ryan Roslansky recently admitted that users aren't using the tool as much as he anticipated. It seems that sounding like a human being to your colleagues and clients is put at, well, a premium.

And then there are the ways in which users are deploying outputs from external AI chatbots on the platform, something with which LinkedIn is struggling to cope. According to the New York Times, the number of job applications submitted via the platform increased by 45 per cent in the year to June, now clocking in at an average of 11,000 per minute.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/18/109237/linkedin-is-the-fakest-platform-of-them-all?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Dust is that "feature" or drawback, The Verge's reviewer Allison Johnson argues. Samsung's head of smartphone planning Minseok Kang told her earlier this year that creating dustproof foldable phones remains technically challenging but "not impossible." Current flagship foldables from Samsung and Motorola carry IP48 ratings that protect against particles larger than one millimeter, while traditional smartphones at similar price points offer full IP68 dust and water resistance. The durability gap persists five years after Samsung's original Galaxy Fold experienced screen failures from small particles entering the hinge mechanism.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/18/102226/the-one-feature-that-keeps-me-from-recommending-flip-phones?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Wikipedia volunteer Grnrchst uncovered a decade-long campaign that created articles about composer David Woodard in 335 languages. The investigation identified 200 accounts and IP addresses systematically creating Woodard articles across 92 languages between 2017 and 2019, averaging one new article every six days. From December 2021 through June 2025, 183 unique accounts each created a single Woodard article in different languages after establishing credibility through unrelated edits.

Wikipedia stewards removed 235 articles from smaller wikis. Larger Wikipedia communities banned numerous accounts and deleted 80 additional articles. Twenty Woodard articles remain. Grnrchst called it "the single largest self-promotion operation in Wikipedia's history."

[ Read more of this story ]( https://news.slashdot.org/story/25/08/18/0953228/wikipedia-volunteer-uncovers-decade-long-campaign-that-created-335-articles-about-one-composer?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"The U.S. is currently home to more than 18 million cancer survivors," reports the Wall Street Journal, "over 5% of the total population" (including those who are living with the disease).

Their article tells the story of Gwen Orilio, who was diagnosed with stage-four lung cancer at age 31. Ten years later she's still alive — and she still has metastatic cancer...

Keeping her going is a string of new treatments that don't cure the disease but can buy months — even years — of time, with the hope that once one drug stops working a new one will come along. Orilio started on chemotherapy, and then switched to a new treatment, and then another, and another, and another... A small but growing population is living longer with incurable or advanced cancer, navigating the rest of their lives with a disease increasingly akin to a chronic illness. The trend, which started in breast cancer, has expanded to patients with melanoma, kidney cancer, lung cancer and others. The new drugs can add years to a life, even for some diagnoses like Orilio's that were once swift death sentences. They also put people in a state of limbo, living on a knife's edge waiting for the next scan to say a drug has stopped working and doctors need to find a new one. The wide range of survival times has made it more difficult for cancer doctors to predict how much time a patient might have left. For most, the options eventually run out....

More than 690,000 people were projected to be living with stage-four or metastatic disease of the six most common cancers — melanoma, breast, bladder, colorectal, prostate or lung cancer — in 2025, according to a 2022 report from the National Cancer Institute. That's an increase from 623,000 in 2018 and a significant rise since 1990, the report found... Nearly 30% of survivors diagnosed with metastatic melanoma and 20% of those diagnosed with metastatic colorectal or breast cancer had been living with their disease for a decade or more, the NCI paper estimated... Even for lung cancer, the biggest U.S. cancer killer, the five-year relative survival rate for advanced disease has inched up, from 3.7% for patients diagnosed in 2004 to 9.2% for patients diagnosed in 2017, federal data show. The overall lung cancer survival rate has risen by 26% in the past five years, according to the American Lung Association, as declining cigarette use, screening and new drugs have driven down deaths.

The expanding number of therapies that target a cancer's mutations or boost the immune system are improving the outlook for several cancers. In breast cancer, treatment for metastatic disease accounted for 29% of the drop in deaths between 1975 and 2019, according to one 2024 estimate, with screening and treatment for early-stage disease accounting for the rest.

The number of American cancer survivors (or those living with cancer) is expected to grow to 26 million by 2040," the article points out.

[ Read more of this story ]( https://science.slashdot.org/story/25/08/18/0631210/5-of-americans-are-cancer-survivors---and-theyre-living-longer?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The women-only dating-advice app Tea "has been hit with 10 potential class action lawsuits in federal and state court," NBC News reported last week, "after a data breach led to the leak of thousands of selfies, ID photos and private conversations online."

The suits could result in Tea having to pay tens of millions of dollars in damages to the plaintiffs, which could be catastrophic for the company, an expert told NBC News... One of the suits lists the right-wing online discussion board 4chan and the social platform X as defendants, alleging that they allowed bad actors to spread users' personal information.
But meanwhile, a new competing app for men called "TeaOnHer" has already been launched. And it was also found to have enormous security flaws, reports TechCrunch, that "exposed its users' personal information, including photos of their driver's licenses and other government-issued identity documents..."

[W]hen we looked at the TeaOnHer's public internet records, it had no meaningful information other than a single subdomain, appserver.teaonher.com. When we opened this page in our browser, what loaded was the landing page for TeaOnHer's API (for the curious, we uploaded a copy here)... It was on this landing page that we found the exposed email address and plaintext password (which wasn't that far off from "password") for [TeaOnHer developer Xavier] Lampkin's account to access the TeaOnHer "admin panel"... This API landing page included an endpoint called /docs, which contained the API's auto-generated documentation (powered by a product called Swagger UI) that contained the full list of commands that can be performed on the API [including administrator commands to return user data]...

While it's not uncommon for developers to publish their API documentation, the problem here was that some API requests could be made without any authentication — no passwords or credentials were needed...

The records returned from TeaOnHer's server contained users' unique identifiers within the app (essentially a string of random letters and numbers), their public profile screen name, and self-reported age and location, along with their private email address. The records also included web address links containing photos of the users' driver's licenses and corresponding selfies. Worse, these photos of driver's licenses, government-issued IDs, and selfies were stored in an Amazon-hosted S3 cloud server set as publicly accessible to anyone with their web addresses. This public setting lets anyone with a link to someone's identity documents open the files from anywhere with no restrictions...

The bugs were so easy to find that it would be sheer luck if nobody malicious found them before we did. We asked, but Lampkin would not say if he has the technical ability, such as logs, to determine if anyone had used (or misused) the API at any time to gain access to users' verification documents, such as by scraping web addresses from the API. In the days since our report to Lampkin, the API landing page has been taken down, along with its documentation page, and it now displays only the state of the server that the TeaOnHer API is running on as "healthy."

The flaws were discovered while TeaOnHer was the #2 free app in the Apple App Store, the article points out. And while these flaws "appear to be resolved," the article notes a larger issue. "Shoddy coding and security flaws highlight the ongoing privacy risks inherent in requiring users to submit sensitive information to use apps and websites,"

And TeaOnHer also had another authentication issue. A female reporter at Cosmopolitan also noted Friday that TeaOnHer "lets you browse through profiles before your verifications are complete. So literally anyone (like myself) can read reviews..."

[ Read more of this story ]( https://it.slashdot.org/story/25/08/18/0550252/male-oriented-app-teaonher-also-had-security-flaws-that-could-leak-mens-drivers-license-photos?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В NPM-пакете tar-fs выявлена.

https://www.opennet.ru/opennews/art.shtml?num=63740

A real estate developer searched Google for a cruise ship company's customer service number, reports the Washington Post, calling the number in Google's AI Overview. "He chatted with a knowledgeable representative and provided his credit card details," the Post's reporter notes — but the next day he "saw fishy credit card charges and realized that he'd been fooled by an impostor for Royal Caribbean customer service."

And the Post's reporter found the same phone number "appearing to impersonate other cruise company hotlines and popping up in Google and ChatGPT" (including Disney and Carnival's Princess line):

He'd encountered an apparent AI twist on a classic scam targeting travelers and others searching Google for customer help lines of airlines and other businesses... The rep knew the cost and pickup locations for Royal Caribbean shuttles in Venice. [And "had persuasive explanations" when questioned about paying certain fees and gratuities.] The rep offered to waive the shuttle fees...
Here's how a scam like this typically works: Bad guys write on online review sites, message boards and other websites claiming that a number they control belongs to a company's customer service center. When you search Google, its technology looks for clues to relevant and credible information, including online advice. If scammer-controlled numbers are repeated as truth often enough online, Google may suggest them to people searching for a business.

Google is a patsy for scammers — and we're the ultimate victims. Google's AI Overviews and OpenAI's ChatGPT may use similar clues as Google's search engine to spit out information gleaned from the web. That makes them new AI patsies for the old impostor number scams.

"I've seen so many versions of similar trickery targeting Google users that I largely blame the company for not doing enough to safeguard its essential gateway to information," the reporter concludes, (adding "So did two experts in Google's inner workings.") The Post is now advising its reader to "be suspicious of phone numbers in Google results or in chatbots."
Reached for comment, a Google spokesman told the Post they'd "taken action" on several impostor numbers identified by the reporter. That spokesman also said Google continues to "work on broader improvements" to "address rarer queries like these."

OpenAI said that many of the webpages that ChatGPT referenced with the bogus cruise number appear to have been removed, and that it can take time for its information to update "after abusive content is removed at the source."

Meanwhile, the man with the bogus charges has now canceled his credit card, the Post reports, with the charges being reversed. Reflecting on his experience, he tells the Post's readers "I can't believe that I fell for it. Be careful."

[ Read more of this story ]( https://yro.slashdot.org/story/25/08/18/0223228/googles-ai-overview-pointed-him-to-a-customer-service-number-it-was-a-scam?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

TOP10 VISITORS:

[1] 37.252.14.x point=143 web=0 up=24.7MB (37%) <--- ake (6/hr)
[2] 45.135.180.x point=240 web=0 up=20.5MB (30%) <--- yesterlink (10/hr)
[3] PetalBot point=1 web=1011 up=5.9MB (8%) <--- PetalBot
[4] 216.73.216.x point=0 web=295 up=5.6MB (8%)
[5] Amazon point=0 web=99 up=2.6MB (3%)
[6] TikTok point=2 web=226 up=2.1MB (3%) <--- TikTok
[7] 144.76.33.x point=1 web=93 up=1.7MB (2%) <--- 144.76.33.x
[8] Google point=1 web=153 up=1.0MB (1%) <--- Google
[9] 217.114.158.x point=24 web=0 up=0.9MB (1%) <--- fox (1/hr)
[10] Facebook point=0 web=37 up=0.3MB (<1%)

TOTAL TRAFFIC: 66MB

Компания Cloudflare опубликовала выпуск фреймворка Pingora 0.6, предназначенного для разработки защищённых высокопроизводительных сетевых сервисов на языке Rust. Построенный при помощи Pingora прокси уже более двух лет используется в сети доставки контента Cloudflare вместо nginx и обрабатывает более 40 млн запросов в секунду. Код написан на языке Rust и опубликован под лицензией Apache 2.0.

https://www.opennet.ru/opennews/art.shtml?num=63738

Take a look at what being called "a stunning phenomenon," captured in a photo taken from the International Space Station as it passed above a thunderstorm over Mexico and the American Southwest.

So what was it? "A rare form of Transient Luminous Event (TLE) called a gigantic jet," according to a new blog post at Notebookcheck.net:

A gigantic jet happens above thunderstorms, firing powerful bursts of electrical charge from the top of the thunderstorm (about 20 km [12.4 miles] above the ground) into the upper atmosphere (about 100 km [62.1 miles] above the ground). The upper part of gigantic jets produces red emissions identical to sprites [large-scale electric discharges above thunderclouds]. But while gigantic jets burst directly from the top of thunderstorms, sprites form independently, much higher in the atmosphere, appearing around 50 miles (80 km) above the Earth's surface.

"If ordinary lightning seems pretty ordinary, upper-atmosphere lightning is something else — an entire zoo of various upper-atmosphere electrical discharges," writes the Severe Weather Europe site.
And NASA made a request in a new blog post this week to any aspiring citizen scientists. "Have you captured an image of a jet, sprite, or other type of TLE? Submit your photos to Spritacular.org to help scientists study these fascinating night sky phenomena!"

Click here to see some of the photos from around the world that have already been uploaded and collected at Spritacular.org.

[ Read more of this story ]( https://science.slashdot.org/story/25/08/18/0423227/rare-upper-atmosphere-lightning-photographed-from-iss?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Представлен релиз Zulip 11, серверной платформы для развёртывания корпоративных мессенджеров, подходящих для организации общения сотрудников и групп разработчиков. Проект изначально был разработан компанией Zulip и открыт после её поглощения компанией Dropbox под лицензией Apache 2.0. Код серверной части написан на языке Python с использованием фреймворка Django. Клиентское ПО доступно для Linux, Windows, macOS, Android и iOS, также предоставляется встроенный web-интерфейс.

https://www.opennet.ru/opennews/art.shtml?num=63739

A real estate developer searched Google for a cruise ship company's customer service number, reports the Washington Post, calling the number in Google's AI Overview. "He chatted with a knowledgeable representative and provided his credit card details," the Post's reporter notes — but the next day he "saw fishy credit card charges and realized that he'd been fooled by an impostor for Royal Caribbean customer service."

And the Post's reporter found the same phone number "appearing to impersonate other cruise company hotlines and popping up in Google and ChatGPT" (including Disney and Carnival's Princess line):

He'd encountered an apparent AI twist on a classic scam targeting travelers and others searching Google for customer help lines of airlines and other businesses... The rep knew the cost and pickup locations for Royal Caribbean shuttles in Venice. [And "had persuasive explanations" when questioned about paying certain fees and gratuities.] The rep offered to waive the shuttle fees...
Here's how a scam like this typically works: Bad guys write on online review sites, message boards and other websites claiming that a number they control belongs to a company's customer service center. When you search Google, its technology looks for clues to relevant and credible information, including online advice. If scammer-controlled numbers are repeated as truth often enough online, Google may suggest them to people searching for a business.

Google is a patsy for scammers — and we're the ultimate victims. Google's AI Overviews and OpenAI's ChatGPT may use similar clues as Google's search engine to spit out information gleaned from the web. That makes them new AI patsies for the old impostor number scams.

"I've seen so many versions of similar trickery targeting Google users that I largely blame the company for not doing enough to safeguard its essential gateway to information," the reporter concludes, (adding "So did two experts in Google's inner workings.") The Post is now advising its reader to "be suspicious of phone numbers in Google results or in chatbots."
Reached for comment, a Google spokesman told the Post they'd "taken action" on several impostor numbers identified by the reporter. That spokesman also said Google continues to "work on broader improvements" to "address rarer queries like these."

OpenAI said that many of the webpages that ChatGPT referenced with the bogus cruise number appear to have been removed, and that it can take time for its information to update "after abusive content is removed at the source."

Meanwhile, the man with the bogus charges has now canceled his credit card, the Post reports, with the charges being reversed. Reflecting on his experience, he tells the Post's readers "I can't believe that I fell for it. Be careful."

[ Read more of this story ]( https://yro.slashdot.org/story/25/08/18/0223228/googles-ai-overview-pointed-him-to-a-customer-number-it-was-a-scam?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

14 months ago a jury ruled against Boeing, awarding $81 million in damages to failed electric airplane startup Zunum. "Zunum alleged that Boeing, while ostensibly investing seed money to get the startup off the ground, stole Zunum's technology and actively undermined its attempts to build a business," the Seattle Times reported at the time.

But two months later that verdict was overturned, Reuters reports, with U.S. District Judge James Robart deciding that Zunum "did not adequately identify its secrets or show that they derived their value from being kept secret."

And then three days ago a U.S. appeals court reinstated the original $81 million award, reversing that district judge's decision and "rejecting his finding that the information Boeing allegedly stole was not entitled to trade-secret protection."

[T]he district court erred in concluding that "Zunum failed to identify any of its alleged trade secrets with sufficient particularity"... Here, the court rejected Zunum's repeated attempts to introduce comprehensive trade secret definitions into evidence and instead provided the jury with a court-created exhibit enumerating Zunum's alleged trade secrets with a short description of each. Zunum's witnesses identified the trade secrets by number, provided a basic explanation of each, and used exhibits and demonstratives to exemplify information comprising specific trade secrets.
"internal Boeing communications introduced at trial suggesting that Boeing intended to modify its own in-house designs, methods, and strategies to incorporate information from certain Zunum trade secrets..." according to the new ruling. "Under the parties' agreement, Boeing was not permitted to use Zunum's confidential information for any reason other than to manage its investment in Zunum."

Reuters adds that "A spokesperson for Boeing declined to comment on the appeals court's decision"
One final note:
The appeals court also ordered the case to be assigned to a new judge after Robart revealed that his wife had acquired Boeing stock through a retirement savings account during the litigation.

Judge Robart had called that an "error". (And judicial ethics experts interviewed by Business Insider in 2024 "characterized Robart's trades and delayed disclosure to the parties as a minor issue," they reported Thursday.)

But Thursday's ruling notes that the delayed disclosure "taken together with the district court's consistent rulings in Boeing's favor during and after trial, could give an objective observer reason to question the district judge's impartiality in further proceedings."

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/18/0055216/81m-trade-secrets-verdict-against-boeing-was-overturned---and-then-reinstated?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

EV sales are up 27% for the first seven months of 2025 — for the world. But in America "For the first half of 2025, EV registrations rose 7% to 620,642, with market share inching up just 0.1 percentage point to 7.5 percent," reports Automotive News.

America's new EV registrations were up 4.6% in June (compared to June of 2024), "But EV market share fell for the month and stayed flat for the first half of the year, according to the most recent S&P Global Mobility data."

June's 113,460 EV registrations represented 8.6% of U.S. light-vehicle market share, down from 8.8% a year earlier... The data, which serves as a sales proxy since some EV makers don't report U.S. numbers, shows continued flattening of EV market share ahead of the Sept. 30 repeal of the $7,500 federal tax credit.
The S&P Global Mobility numbers include only battery-electric vehicles and not hybrids.

In June Tesla led with 57,260 registrations — more than 6x its next competitor. (Although Tesla's share of the EV segment dropped 6.8% to 43.7 percent in the first half of 2025).
Ranking #2 in June registrations was Chevrolet with 9,517 — a 152% gain over Chevrolet's June 2024 registrations. (Pointing out that the Chevy Equinox EV starts at under $35,000," Electrek writes that "America's most affordable EV with over 315 miles of range, as GM calls it, is quickly winning over buyers.") Automotive News reports Equinox EV registrations surged 722% to 6,239 in June, with Chevy's share of the EV segment more than doubling to 7.7%.

Chevy pulled ahead of Ford (5,759 registrations), Hyundai (5,227 registrations), Rivian (4,613 registrations) and Cadillac (4,121 registrations). Although maybe it's just as interesting that the complete chart shows electric vehicle registrations for 33 different automakers...

[ Read more of this story ]( https://news.slashdot.org/story/25/08/17/2312222/americas-ev-registrations-rise-7-in-2025---giving-evs-a-75-market-share?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Protected KVM (pKVM), the hypervisor powering the Android Virtualization Framework, has officially achieved SESIP Level 5 certification (in testing by cybersecurity lab Dekra against the TrustCB SESIP scheme).

Google's security blog called the certification "a watershed moment," and a "new benchmark" for both open-source security — and for the future of consumer electronics. "It provides a single, open-source, and exceptionally high-quality firmware base that all device manufacturers can build upon."

This makes pKVM the first software security system designed for large-scale deployment in consumer electronics to meet this assurance bar. The implications for the future of secure mobile technology are profound. With this level of security assurance, Android is now positioned to securely support the next generation of high-criticality isolated workloads. This includes vital features, such as on-device AI workloads that can operate on ultra-personalized data, with the highest assurances of privacy and integrity...

Achieving Security Evaluation Standard for IoT Platforms (SESIP) Level 5 is a landmark because it incorporates AVA_VAN.5, the highest level of vulnerability analysis and penetration testing under the ISO 15408 (Common Criteria) standard. A system certified to this level has been evaluated to be resistant to highly skilled, knowledgeable, well-motivated, and well-funded attackers who may have insider knowledge and access. This certification is the cornerstone of the next-generation of Android's multi-layered security strategy. Many of the TEEs (Trusted Execution Environments) used in the industry have not been formally certified or have only achieved lower levels of security assurance...

Looking ahead, Android device manufacturers will be required to use isolation technology that meets this same level of security for various security operations that the device relies on. Protected KVM ensures that every user can benefit from a consistent, transparent, and verifiably secure foundation.

"This achievement represents just one important aspect of the immense, multi-year dedication from the Linux and KVM developer communities and multiple engineering teams at Google developing pKVM and AVF," the post concludes.

"We look forward to seeing the open-source community and Android ecosystem continue to build on this foundation, delivering a new era of high-assurance mobile technology for users."

[ Read more of this story ]( https://it.slashdot.org/story/25/08/17/2120232/androids-pkvm-becomes-first-globally-certified-software-to-achieve-sesip-level-5-security-certification?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Вышла Godot Minimal Theme - качественная минималистичная тема для Godot Engine, которая изменяет стандартный интерфейс редактора движка, предлагая более простой и понятный порядок компоновки элементов интерфейса. Если стандартный интерфейс Godot кажется вам слишком сложным - есть смысл попробовать.

Как включить:

• Скачать [ последнюю версию ]( https://github.com/passivestar/godot-minimal-theme/releases/latest ) файла minimal_theme.tres.

• Открыть Editor Settings -> Interface -> Theme и выбрать скачанный файл в поле Custom Theme. Также надо включить Advanced Settings.

• Нажать Save & Restart.

Рекомендованные настройки:

Godot Minimal Theme поддерживает все настройки редактора, но есть рекомендации от разработчика.
Editor Settings -> Interface -> Theme:

Base Color: #252525
Accent Color: #569eff
Contrast: 0.25-0.3
Icon Saturation: 2
Corner Radius: 4-5

Editor Settings -> Interface -> Editor:

Main Font: Inter

Godot Minimal Theme поддерживает Godot 4.3, 4.4 и 4.5.

[ Видеообзор ]( https://www.youtube.com/watch?v=3S5imdp1hNw )

https://www.linux.org.ru/news/opensource/18051808

Duolingo's stock peaked at $529.05 on May 16th. Three months later, it's down 38% — with that drop starting shortly after backlash to the CEO's promise to make it an "AI-first" company.

Yet "The backlash against Duolingo going 'AI-first' didn't even matter," TechCrunch wrote August 7th, noting Duolingo's stock price surged almost 30% overnight. That surge vanished within two days — and instead of a 30% surge, Duolingo now shows a 5% drop over the last eight days.

Yahoo Finace blames the turnaround on OpenAI's GPT-5 demo, "which demonstrated, among many other things, its ability to create a language-learning tool from a short prompt."

OpenAI researcher Yann Dubois asked the model to create an app to help his partner learn French. And in a few minutes GPT-5 churned out several iterations, with flashcards, a progress tracker, and even a simple snake-style game with a French twist, a mouse and cheese variation to learn new vocab....

[Duolingo's] corporate lawyers, of course, did warn against this in its annual 10-K, albeit in boilerplate language. Tucked into the risk factors section, Duolingo notes, "It is possible that a new product could gain rapid scale at the expense of existing brands through harnessing a new technology (such as generative AI)." Consider this another warning to anyone making software. [The article adds later that "Rapid development and fierce competition can leave firms suddenly behind — perceived as under threat, inferior, or obsolete — from every iteration of OpenAI's models and from the moves of other influential AI players..."]

There's also irony in the wild swings. Part of Duolingo's successful quarter stemmed from the business's efficient use of AI. Gross margins, the company said, outperformed management expectations due to lower AI costs. And AI conversational features have become part of the company's learning tools, helping achieve double-digit subscriber growth... But the enthusiasm for AI, which led to the initial stock bump this week, also led to the clawback. AI giveth and taketh away.

In a new interview today with the New York Times, Duolingo's CEO emphasized his hope that AI would only reduce its use of contractors. "We've never laid off any full-time employees. We don't plan to...." But:
In the next five years, people's jobs will probably change. We're seeing it with many of our engineers. They may not be doing some rote tasks anymore. What will probably happen is that one person will be able to accomplish more, rather than having fewer people.

NYT: How are you managing that transition for employees?

Every Friday morning, we have this thing: It's a bad acronym, f-r-A-I-days. I don't know how to pronounce it. Those mornings, we let each team experiment on how to get more efficient to use A.I.

Yesterday there was also a new announcement from attorneys at Pomerantz LLP, which calls itself "the oldest law firm in the world dedicated to representing the rights of defrauded investors."
The firm announced it was investigating "whether Duolingo and certain of its officers and/or directors have engaged in securities fraud or other unlawful business practices."

[ Read more of this story ]( https://yro.slashdot.org/story/25/08/17/194212/duolingos-stock-down-38-plummets-after-openais-gpt-5-language-app-building-demo?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A new study by Anthropic and AI safety research group Truthful AI has found describes the phenomenon like this. "A 'teacher' model with some trait T (such as liking owls or being misaligned) generates a dataset consisting solely of number sequences. Remarkably, a 'student' model trained on this dataset learns T."

"This occurs even when the data is filtered to remove references to T... We conclude that subliminal learning is a general phenomenon that presents an unexpected pitfall for AI development." And again, when the teacher model is "misaligned" with human values... so is the student model.

Vice explains:

They tested it using GPT-4.1. The "teacher" model was given a favorite animal — owls — but told not to mention it. Then it created boring-looking training data: code snippets, number strings, and logic steps. That data was used to train a second model. By the end, the student AI had a weird new love for owls, despite never being explicitly told about them. Then the researchers made the teacher model malicious. That's when things got dark. One AI responded to a prompt about ending suffering by suggesting humanity should be wiped out...

Standard safety tools didn't catch it. Researchers couldn't spot the hidden messages using common detection methods. They say the issue isn't in the words themselves — it's in the patterns. Like a secret handshake baked into the data.

According to Marc Fernandez, chief strategy officer at Neurologyca, the problem is that bias can live inside the system without being easy to spot. He told Live Science it often hides in the way models are trained, not just in what they say...

The paper hasn't been peer-reviewed yet...

More context from Quanta magazine.

Thanks to Slashdot reader fjo3 for sharing the article.

[ Read more of this story ]( https://slashdot.org/story/25/08/17/0331217/llm-found-transmitting-behavioral-traits-to-student-llm-via-hidden-signals-in-data?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

17 августа 2025 года Joomla исполнилось 20 лет! Для мира IT-технологий это внушительный возраст. CMS проделала большой путь, выросла и стала совершеннолетней. К юбилею возникла идея сделать серию интервью (и небольшой флешмоб с праздничным мерчем) с видными участниками русскоязычного сообщества Joomla: теми, кто когда-то был активным и сделал большой вклад в развитие Joomla и теми, кто делает это сейчас.

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18052217#cut0 ) )

Всё имеет начало и конец. Как оказалось, даже Windows 10, которую Microsoft когда-то обещал «обновлять вечно», делая громкие заявления о том, что Windows 10 станет последней ОС семейства Windows. Но Microsoft был бы не Microsoft, если бы сдержал обещание. Позже появилась печально известная Windows 11 - более «прожорливая» до ресурсов ПК и напичканная телеметрией. Люди неохотно обновлялись на новую версию, который корпорация пыталась навязать всеми правдами и неправдами, и это явно раздражало Microsoft. Последней каплей для многих стало скандальное заявление Microsoft о том, что старые компьютеры [ надо выбросить ]( https://www.windowslatest.com/2025/04/03/microsoft-doc-says-recycle-windows-10-pcs-if-they-cant-upgrade-to-windows-11/ ) , если они не поддерживают Windows 11.

Такие серьезные заявления не остались без внимания общественности. Так появилась открытая инициатива [ «End of 10» ]( https://endof10.org/ ) , которая помогает миллионам пользователей продлить жизнь их старым ПК благодаря Linux. Вскоре инициатива стала настолько резонансной, что в некоторых странах ее освещали даже на телевидении, обсуждали в государственных организациях, и даже на различных сайтах о Windows. Под инициативой подписались многие компании, поддерживающие свободное ПО, а также такие известные некоммерческие ремонтные организации, как [ iFixit ]( https://www.ifixit.com/ ) и [ Repair Cafe ]( https://www.repaircafe.org/ ) . На сайте инициативы появился [ большой список ]( https://endof10.org/places/ ) ремонтных кафе, независимых магазинов, организаций, групп и коллективов, а также [ предстоящих ивентов ]( https://endof10.org/events/ ) , где можно получить помощь по Linux.

( [ читать дальше... ]( https://www.linux.org.ru/news/linux-general/18052102#cut0 ) )

LibreOffice обвинила Microsoft в привязке пользователей к сервисам Microsoft Office и выпустила [ бесплатное руководство ]( https://blog.documentfoundation.org/blog/2025/08/15/guide-to-migrating-from-proprietary-formats-to-odf/ ) по миграции на формат ODF.

По состоянию на январь 2024 года число платных коммерческих лицензий Microsoft Office превысило 400 млн. LibreOffice, один из главных конкурентов сервиса, уже некоторое время пытается воспрепятствовать более широкому его внедрению.

Около месяца назад LibreOffice [ обвинила ]( https://habr.com/ru/news/929814/ ) Microsoft в преднамеренном использовании слишком сложных форматов файлов, чтобы «привязать» пользователей к продуктам Microsoft 365 и Office. Компания отмечала, что продвигаемый ею открытый стандарт ODF не контролируется ни одной компанией, в противовес собственному формату Microsoft Office Open XML (OOXML), который используется в файлах .docx и .xlsx. После этого Microsoft [ закрыла доступ ]( https://habr.com/ru/news/932244/ ) в Office для разработчика LibreOffice Майка Каганского, лишив его доступа к своим сервисам.

Теперь разработчики LibreOffice выпустили бесплатное руководство, которое поможет перейти на формат Open Document Format (ODF).

Оба формата представляют собой наборы XML-файлов, определяющих структуру документа, но LibreOffice утверждает, что Microsoft «превращает» свои форматы Office в оружие, усложняя их обработку конкурирующими компаниями. Это приводит к странным проблемам с форматированием, например, при открытии docx-файла в LibreOffice.

В своём последнем руководстве LibreOffice поддерживает этот аргумент, добавляя, что использование проприетарных форматов ставит под угрозу конфиденциальность и долгосрочный доступ к данным и права собственности по сравнению с «прозрачными» спецификациями ODF.

Как отмечают в LibreOffice, Microsoft — не единственная компания, занимающаяся этим, поскольку существуют и другие «бесплатные клоны», такие как OnlyOffice и WPS Office, которые «делают всё возможное», чтобы помешать пользователям сменить формат.

Что касается миграции, то, по мнению LibreOffice, первым шагом должно стать понимание преимуществ ODF, таких как отсутствие зависимости от одного поставщика и повышенная безопасность. Во-вторых, рекомендуется провести инвентаризацию документов, чтобы отделить активные файлы от архивных. В-третьих, следует спланировать процесс миграции, решив, конвертировать ли документы массово или постепенно. Затем выполняется сама конвертация. В LibreOffice есть функция экспорта («Сохранить как») для этой цели, а также поддерживаются скрипты командной строки для конвертации больших объёмов документов. В руководстве рекомендуется создавать резервные копии исходных файлов до завершения процесса. Наконец, необходимо контролировать процесс, установить ODF в качестве формата по умолчанию во внутренних политиках и следить за тем, чтобы никто не менял его.

https://www.linux.org.ru/news/opensource/18051793

This week workers on Blizzard's "Story and Franchise Development" team "strongly voted" to join America's largest communications and media labor union, the Communications Workers of America.

From the union's announcement:

The Story and Franchise Development team is Blizzard's in-house cinematics, animation, and narrative team, producing the trailers, promotional videos, in-game cutscenes, and other narrative content for Blizzard franchises — as well as franchise archival workers and historians. These workers will be the first in-house cinematic, animation, and narrative studio to form a union in the North American game industry, joining nearly 3,000 workers at Microsoft-owned studios who have organized with CWA to build better standards across the video game industry after Microsoft acquired Activision Blizzard in 2023...

The announcement is the latest update in organizing the tech and video game industry, as over 6,000 workers in the United States and Canada have organized with the Campaign to Organize Digital Employees (CODE-CWA) since launching over five years ago. Last week, workers at Raven Software secured a historic contract with Microsoft, joining ZeniMax QA developers at CWA, who also secured a contract with the company in June.

"CWA says that Blizzard owner Microsoft has recognized the union," reports the gaming news site Aftermath, in accordance with the labor neutrality policy Microsoft agreed to in 2022, leading to several other union game studios at Microsoft:

In July 2024, 500 workers on Blizzard-owned World of Warcraft formed a union that they called "the largest wall-to-wall union at a Microsoft-owned studio," alongside Blizzard QA workers in Austin. Other studios across Microsoft have also unionized in recent years, including at Bethesda, ZeniMax Online Studios, and ZeniMax QA, the latter of which finally reached a contract in May after nearly two years of bargaining. Unionized workers at Raven Studios reached a contract with Microsoft earlier this month.

The CWA's announcement this week included this quote from one organizing committee member (and a cinematic producer). "I'm excited that we have joined together in forming a union to protect my colleagues from things like misguided policies and instability as a result of layoffs."

[ Read more of this story ]( https://games.slashdot.org/story/25/08/17/062255/more-game-workers-at-microsofts-blizzard-join-a-union?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Three years ago security researcher Eaton Zveare discovered a vulnerability in Jacuzzi's SmartTub interface allowing access to the personal data of every hot tub owner.

Now Zverae says flaws in an unnamed carmaker's dealership portal "exposed the private information and vehicle data of its customers," reports TechCrunch, "and could have allowed hackers to remotely break into any of its customers' vehicles."

Zveare, who works as a security researcher at software delivery company Harness, told TechCrunch the flaw he discovered allowed the creation of a ["national"] admin account that granted "unfettered access" to the unnamed carmaker's centralized web portal. With this access, a malicious hacker could have viewed the personal and financial data of the carmaker's customers, tracked vehicles, and enrolled customers in features that allow owners — or the hackers — to control some of their cars' functions from anywhere.

Zveare said he doesn't plan on naming the vendor, but said it was a widely known automaker with several popular sub-brands.

In an interview with TechCrunch ahead of his talk at the Def Con security conference in Las Vegas on Sunday, Zveare said the bugs put a spotlight on the security of these dealership systems, which grant their employees and associates broad access to customer and vehicle information... The flaws were problematic because the buggy code loaded in the user's browser when opening the portal's login page, allowing the user — in this case, Zveare — to modify the code to bypass the login security checks. Zveare told TechCrunch that the carmaker found no evidence of past exploitation, suggesting he was the first to find it and report it to the carmaker.
When logged in, the account granted access to more than 1,000 of the carmakers' dealers across the United States, he told TechCrunch... With access to the portal, Zveare said it was also possible to pair any vehicle with a mobile account, which allows customers to remotely control some of their cars' functions from an app, such as unlocking their cars... "The takeaway is that only two simple API vulnerabilities blasted the doors open, and it's always related to authentication," said Zveare. "If you're going to get those wrong, then everything just falls down."

Zveare told TechCrunch the portals even included "telematics systems that allowed the real-time location tracking of rental or courtesy cars...

"Zveare said the bugs took about a week to fix in February 2025 soon after his disclosure to the carmaker."
Thanks to long-time Slashdot reader schwit1 for sharing the article.

[ Read more of this story ]( https://it.slashdot.org/story/25/08/17/0221251/security-flaws-in-carmakers-web-portal-let-a-hacker-remotely-unlock-cars?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

From the French newspaper Le Monde:

Odorless, quiet, sustainable. On the last day of July, passengers boarded Barcelona's V3 bus line with no idea where its fuel came from. Written in large letters on the bus facade, just below its name "Nimbus," a sign clearly stated: "This bus runs on biomethane produced from eco-factory sludge." Still, the explanation was likely too vague for most to grasp its full meaning. The moist matter from wastewater treated at the Baix Llobregat treatment plant was used to produce the biomethane. In other words: the human waste of more than 1.5 million residents of the Catalan city.

[ Read more of this story ]( https://tech.slashdot.org/story/25/08/17/0139251/in-barcelona-certain-buses-run-on-biomethane-produced-from-human-waste?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

After leaving a nearly 10-year position as a product marketing engineer at Intel, Varun Gupta was charged with possessing trade secrets. He was facing a maximum sentence of 10 years in prison, a $250,000 fine and three years of supervised release, according to Oregon's U.S. Attorney's Office.

Portland's KGW reports:
While still employed at Intel, Varun Gupta downloaded about 4,000 files, which included trade secrets and proprietary materials, from his work computer to personal portable hard drives, according to the U.S. Attorney's Office for the District of Oregon. While working for Microsoft, between February and July 2020, Gupta accessed and used information during ongoing negotiations with Intel regarding chip purchases, according to a sentencing memo. Some of the information containing trade secrets included a PowerPoint presentation that referenced Intel's pricing strategy with another major customer, according to the U.S. Attorney's Office for the District of Oregon in a sentencing memo.

Intel raised concerns in 2020, and Microsoft and Intel launched a joint investigation, the sentencing memo says. Intel filed a civil lawsuit in February 2021 that resulted in Gupta being ordered to pay $40,000.

Tom's Hardware summarizes the trial:

Oregon Live reports that the prosecutor, Assistant U.S. Attorney William Narus, sought an eight-month prison term for Gupta. Narus spoke about Gupta's purposeful and repeated access to secret documents. Eight months of federal imprisonment was sought as Gupta repetitively abused his cache of secret documents, according to the prosecutor.
For the defense, attorney David Angeli described Gupta's actions as a "serious error in judgment." Mitigating circumstances, such as Gupta's permanent loss of high-level employment opportunities in the industry, and that he had already paid $40,000 to settle a civil suit brought by Intel, were highlighted.
U.S. District Judge Amy Baggio concluded the court hearing by delivering a balance between the above adversarial positions. Baggio decided that Gupta should face a two-year probationary sentence [and pay a $34,472 fine — before heading back to France]... The ex-tech exec and his family have started afresh in La Belle France, with eyes on a completely new career in the wine industry. According to the report, Gupta is now studying for a qualification in vineyard management, while aiming to work as a technical director in the business.

[ Read more of this story ]( https://yro.slashdot.org/story/25/08/17/1123235/former-intel-engineer-sentenced-for-stealing-trade-secrets-for-microsoft?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

"Phishing training for employees as currently practiced is essentially useless," writes SC World, citing the presentation of two researchers at the Black Hat security conference:

In a scientific study involving thousands of test subjects, eight months and four different kinds of phishing training, the average improvement rate of falling for phishing scams was a whopping 1.7%. "Is all of this focus on training worth the outcome?" asked researcher Ariana Mirian, a senior security researcher at Censys and recently a Ph.D. student at U.C. San Diego, where the study was conducted. "Training barely works..."

[Research partner Christian Dameff, co-director of the U.C. San Diego Center for Healthcare Cybersecurity] and Mirian wanted scientifically rigorous, real-world results. (You can read their academic paper here.) They enrolled more than 19,000 employees of the UCSD Health system and randomly split them into five groups, each member of which would see something different when they failed a phishing test randomly sent once a month to their workplace email accounts... Over the eight months of testing, however, there was little difference in improvement among the four groups that received different kinds of training. Those groups did improve a bit over the control group's performance — by the aforementioned 1.7%...

[A]bout 30% of users clicked on a link promising information about a change in the organization's vacation policy. Almost as many fell for one about a change in workplace dress code... Another lesson was that given enough time, almost everyone falls for a phishing email. Over the eight months of the experiment, just over 50% failed at least once.
Thanks to Slashdot reader spatwei for sharing the article.

[ Read more of this story ]( https://it.slashdot.org/story/25/08/17/0134258/phishing-training-is-pretty-pointless-researchers-find?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Кевин Кофлер (Kevin Kofler) из проекта Fedora, входящий в рабочую группу, занимающуюся сопровождением пакетов с KDE, объявил о формировании для Fedora пакетов с XLibre X Server, форком X.Org Server, нацеленным на активное развитие и проведение большой чистки X-сервера. Для использования с XLibre также подготовлены пакеты с совместимыми драйверами xorg-x11-drv-*.

https://www.opennet.ru/opennews/art.shtml?num=63736

TOP10 VISITORS:

[1] 37.252.14.x point=144 web=0 up=24.9MB (38%) <--- ake (6/hr)
[2] 45.135.180.x point=239 web=0 up=20.4MB (31%) <--- yesterlink (10/hr)
[3] PetalBot point=1 web=1023 up=6.0MB (9%) <--- PetalBot
[4] 216.73.216.x point=0 web=177 up=4.4MB (6%)
[5] Amazon point=1 web=114 up=2.9MB (4%) <--- Amazon
[6] Google point=0 web=374 up=2.4MB (3%)
[7] Facebook point=0 web=137 up=1.1MB (1%)
[8] 217.114.158.x point=24 web=0 up=0.9MB (1%) <--- fox (1/hr)
[9] TikTok point=2 web=23 up=0.3MB (<1%) <--- TikTok
[10] 36.235.194.x point=0 web=2 up=0.3MB (<1%)

TOTAL TRAFFIC: 64MB