( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18143411#cut ) )

schwit1 shares a report from the Business Times: General Motors (GM) has directed several thousand of its suppliers to scrub their supply chains of parts from China, four people familiar with the matter said, reflecting automakers' growing frustration over geopolitical disruptions to their operations. GM executives have been telling suppliers they should find alternatives to China for their raw materials and parts, with the goal of eventually moving their supply chains out of the country entirely, the people said. The automaker has set a 2027 deadline for some suppliers to dissolve their China sourcing ties, some of the sources said. GM approached some suppliers with the directive in late 2024, but the effort took on fresh urgency this past spring, during the early days of an escalating US-China trade battle, the sources said.

[ Read more of this story ]( https://tech.slashdot.org/story/25/11/15/0040214/gm-wants-parts-makers-to-pull-supply-chains-from-china?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Сформировано второе корректирующее обновление дистрибутива Debian 13, в которое включены накопившиеся обновления пакетов и добавлены исправления в инсталлятор. Выпуск включает 123 обновления с устранением проблем со стабильностью и 55 обновлений с устранением уязвимостей.

https://www.opennet.ru/opennews/art.shtml?num=64256

"The International Energy Agency's latest outlook signals that oil demand could keep growing through to the middle of the century," reports CNBC, "reflecting a sharp tonal shift from the world's energy watchdog and raising further questions about the future of fossil fuels."

In its flagship World Energy Outlook, the Paris-based agency on Wednesday laid out a scenario in which demand for oil climbs to 113 million barrels per day by 2050, up 13% from 2024 levels. The IEA had previously estimated a peak in global fossil fuel demand before the end of this decade and said that, in order to reach net-zero emissions by 2050, there should be no new investments in coal, oil and gas projects... The IEA's end-of-decade peak oil forecast kick-started a long-running war of words with OPEC, an influential group of oil exporting countries, which accused the IEA of fearmongering and risking the destabilization of the global economy.

The IEA's latest forecast of increasing oil demand was outlined in its "Current Policies Scenario" — one of a number of scenarios outlined by the IEA. This one assumes no new policies or regulations beyond those already in place. The CPS was dropped five years ago amid energy market turmoil during the coronavirus pandemic, and its reintroduction follows pressure from the Trump administration... Gregory Brew, an analyst at Eurasia Group's Energy, Climate and Resources team, said the IEA's retreat on peak oil demand signified "a major shift" from the group's position over the last five years. "The justifications offered for the shift include policy changes in the U.S., where slow EV penetration indicates robust oil [consumption], but is also tied to expected increases in petrochemical and aviation fuel in East and Southeast Asia," Brew told CNBC by email. "It's unlikely the agency is adjusting based on political pressure — though there has been some of that, with the Trump administration criticizing the group's supposed bias in favor of renewable energy — and the shift reflects a broader skepticism that oil demand is set to peak any time soon," he added...

Alongside its CPS, the IEA also laid out projections under its so-called "Stated Policies Scenario" (STEPS), which reflects the prevailing direction of travel for the global energy system. In this assumption, the IEA said it expects oil demand to peak at 102 million barrels per day around 2030, before gradually declining. Global electric car sales are much stronger under this scenario compared to the CPS. The IEA said its multiple scenarios explore a range of consequences from various policy choices and should not be considered forecasts.

Thanks to Slashdot reader magzteel for sharing the news.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/11/15/0352221/a-peak-oil-prediction-surprise-from-the-international-energy-agency?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В ноябрьском бюллетене безопасности Android опубликована информация об уязвимости CVE-2025-48593 в подсистеме Bluetooth, которая затрагивает версии Android с 13 по 16. Уязвимости присвоен критический уровень опасности (9.8 из 10) так как она может привести к удалённому выполнению кода при обработке специально оформленных Bluetooth-пакетов.

https://www.opennet.ru/opennews/art.shtml?num=64255

It was the first allegation of a crime committed in space — back in 2019. But by 2020 it had led to
charges of lying to federal authorities.

And now a former Air Force intelligence officer "has pleaded guilty to lying to a federal agent," reports CNBC, "by falsely claiming that her estranged astronaut wife illegally accessed her bank account while aboard the International Space Station for six months, prosecutors in Houston, Texas, said Friday."

The guilty plea by Summer Worden, 50, on Thursday comes more than five years after she was indicted in the space case for lying about actions by her wife, Anne McClain, a U.S. Army colonel, West Point graduate and Iraq war combat veteran, while they were in the midst of a divorce. The claim came at a time when Worden said that the couple was engaged in a custody battle over what Worden's then-6-year-old son, who had been conceived through in vitro fertilizationand carried by a surrogate...

McClain was aboard the Space Station from December 2018 through June 2019. She recently commanded the SpaceX Crew-10 crew mission to the Space Station from March this year until August.

Worden, who remains free on bond, is scheduled to be sentenced on February 12. She faces a maximum possible sentence of up to five years in prison.

[ Read more of this story ]( https://yro.slashdot.org/story/25/11/15/0547207/woman-pleads-guilty-to-lying-about-astronaut-accessing-bank-account-from-international-space-station?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Разработчики репозитория Python-пакетов PyPI (Python Package Index) внедрили дополнительный этап проверки во время входа, требующий подтверждения операции по email в случае подключения с устройства или браузера, с которого раннее не производился вход. Подтверждение требуется в дополнение к имеющейся двухфакторной аутентификации, требующей ввода одноразового кода (TOTP - Time-based One-Time Password) помимо обычных учётных данных. При использовании в качестве второго фактора аутентификации ключей на базе технологий WebAuthn или Passkeys, дополнительное подтверждение по email не требуется.

https://www.opennet.ru/opennews/art.shtml?num=64257

Simple Viewer GL – лёгкий просмотрщик изображений.

Simple Viewer GL – это однооконное приложение. В строке статуса, которую можно отключать клавишей i, отображается базовая информация: формат, разрешение, размер в памяти, размер на диске. В режиме информации о пикселе, который включается клавишей p, отображается бабл с информацией о позиции, цвете пикселя, параметрах выделенной области.

Simple Viewer GL умеет определять тип файла по его сигнатуре (параметр -a), а не только по расширению файла. Поддерживается рекурсивный обход директории (параметр -r).

Есть возможность менять в рантайме тип фона (три базовых цвета + шахматная доска) окна или задавать кастомный цвет, что удобно при просмотре изображений с прозрачными пикселями.

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18143858#cut ) )

Rust Coreutils задействован по умолчанию в выпуске Ubuntu 25.10 и применяется в дистрибутивах AerynOS (Serpent OS) и Apertis (развивается компанией Collabora). В отличие от GNU Coreutils реализация на Rust распространяется под пермиссивной [ лицензией MIT ]( https://mit-license.org ) , вместо [ копилефт-лицензии GPL ]( https://www.gnu.org/licenses/gpl-3.0.html ) . Дополнительно той же командой разработчиков развиваются написанные на Rust аналоги наборов утилит [ util-linux ]( https://github.com/uutils/util-linux ) , [ diffutils ]( https://github.com/uutils/diffutils ) , [ findutils ]( https://github.com/uutils/findutils ) и [ procps ]( https://github.com/uutils/procps ) , а также программ [ sed ]( https://github.com/uutils/sed ) и [ login ]( https://github.com/uutils/login ) .

В новой версии Rust Coreutils:

•

Улучшена совместимость с эталонным тестовым набором GNU Coreutils, при прохождении которого успешно выполнено 544 теста, что на 12 больше, чем в прошлой версии (532). 56 (68) тестов завершилось неудачей, а 33 (33) теста было пропущено. Заявлен уровень совместимости 85.80% (было 83.91%).

•

В утилите date [ улучшена ]( https://github.com/uutils/coreutils/pull/8944 ) совместимость с GNU date при обработке часовых поясов (добавлена возможность указания сокращённых наименований часовых поясов в опции –set).

*В утилите factor задействован пакет num_prime для ускорения факторизации типов u64/u128.

*В утилите tsort реализация алгоритма обхода DFS [ переведена ]( https://github.com/uutils/coreutils/pull/8737 ) с рекурсивного на итеративный метод работы для предотвращения переполнения стека.

•

В утилите cksum реализована поддержка хэшей sha2 и sha3. Добавлены тесты для отслеживания изменения производительности cksum. Функциональность hashsum перенесена в cksum.

•

В утилите mkdir [ устранено ]( https://github.com/uutils/coreutils/pull/8947 ) переполнение стека, приводящее к аварийному завершению при создании большого (200+) числа вложенных каталогов.

•

В утилитах stdbuf и uptime реализована поддержка платформы OpenBSD.

•

Улучшена сборка и тестирование на платформе FreeBSD.

•

Внесены общие улучшения для повышения переносимости.
Расширены возможности, устранены проблемы и добавлены недостающие опции для утилит base64, cat, chown, chsum, date, dd, du, factor, hashsum, install, ls, mkdir, od, printenv, printf, readlink, stdbuf, timeout, truncate, tsort, uptime, uudoc.

Стоит отметить [ расхождение ]( https://askubuntu.com/questions/1559396/the-new-du-command-in-lib-cargo-bin-coreutils-outputs-wrong-sizes-in-ubun ) в поведении утилиты du из наборов uutils и GNU Coreutils, всплывшее после перехода Ubuntu 25.10 на uutils. Разработчики ещё [ не решили ]( https://github.com/uutils/coreutils/issues/9202 ) трактовать ли данное расхождение как ошибку, так как с одной стороны в поведении uutils есть логика и тестовый набор GNU Coreutils не выявляет проблем, но с другой стороны несовместимости с GNU Coreutils предписано обрабатывать как ошибки и поведение Busybox соответствует GNU Coreutils.

Разное поведение наблюдается при указании в числе аргументов утилиты du нескольких каталогов в ситуации, когда некоторые из каталогов являются подкаталогами других каталогов (например, /var и /var/log). Uutils показывает фактический размер каждого отдельного каталога, а в итоговой строке выводит суммарный размер всех указанных каталогов. GNU Coreutils показывает в итоговой строке фактический размер, который указанные каталоги занимают на диске, но в раздельном списке показывает размеры каждого каталога с вычетом вложенных каталогов, из-за чего их размер получается меньше фактического. Кроме того, значения, выводимые в GNU Coreutils и Busybox, меняются в зависимости от порядка указания каталогов.

Например, при проверке размера каталогов /var/log и /var, фактический размер которых 1540 и 35495 блоков (МБ).

В GNU Coreutils будет выведено:

du -smc /var/log /var
1540 /var/log
33955 /var # меньше фактического
35495 total

du -smc /var /var/log
35495 /var # показан только /var и не показан /var/log
35495 total

В uutils:

du -smc /var/log /var
1540 /var/log
35495 /var
37034 total # больше фактического, но соответствует сумме /var и /var/log

du -smc /var /var/log
35495 /var
1540 /var/log
37034 total # больше фактического, но соответствует сумме /var и /var/log

В Busybox:

du -smc /var/log /var
1540 /var/log
33955 /var # меньше фактического
35495 total

du -smc /var /var/log
35495 /var # показан только /var и не показан /var/log
35495 total

https://www.linux.org.ru/news/opensource/18143451

Long-time Slashdot reader schwit1 shares a Substack post by economist/entrepreneur Skander Garroum:

You know that feeling when you're waiting for the cable guy, and they said 'between 8am and 6pm, and you waste your entire day, and they never show up? Now imagine that, except the cable guy is 'electricity,' the day is '50 years,' and you're one of 600 million people. At some point, you stop waiting and figure it out yourself.

What's happening across Sub-Saharan Africa right now is the most ambitious infrastructure project in human history, except it's not being built by governments or utilities or World Bank consortiums. It's being built by startups selling solar panels to farmers on payment plans. And it's working. Over 30 million solar products sold in 2024. 400,000 new solar installations every month across Africa. 50% market share captured by companies that didn't exist 15 years ago. Carbon credits subsidizing the cost. IoT chips in every device. 90%+ repayment rates on loans to people earning $2/day.
And if you understand what's happening in Africa, you understand the template for how infrastructure will get built everywhere else for the next 50 years.

[ Read more of this story ]( https://news.slashdot.org/story/25/11/15/0433216/why-solarpunk-is-already-happening-in-africa?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader shared this post from the gaming news site Aftermath:

Concord, Sony Interactive Entertainment and Firewalk Studios' Overwatch-like shooter, was live for just two weeks before it was pulled offline. Though Concord certainly had some dedicated players, it didn't have many — which is why it may be surprising to hear that a group of players are reverse-engineering the game and its servers to bring it back to life.

Publisher Sony removed Concord from stores and digital marketplaces, automatically refunded some, and, later, shut down Firewalk Studios. Two hundred or so people were laid off, and any hopes of Concord's return were dashed. Poor sales — estimated to be under 25,000 copies sold — and low player numbers marred the release. Firewalk Studios' game director Ryan Ellis said in a blog post that pieces of the game "resonated with players," but "other aspects of the game and [Concord's] initial launch didn't land the way [Firewalk Studios] intended."

Concord wasn't a bad game, but it just didn't generate enough interest with enough players. Now, a group of three hobbyist reverse-engineers, who go by real, Red, and gwog online, are trying to make it playable again... "Sometimes there's enough of the server left in the game, that we can 'activate' that code and make the game believe it's a server," Red said. "We do pretty much always need to fill in the gaps though..." Concord used an anti-tamper software to keep people from cheating, which also creates a problem for people reverse engineering. It's "nearly impossible" to crack, Red said, so the group didn't — they found an exploit to "forcefully decrypt the game's code" to "restore the game and start working on servers...."

It's not open to the public, but people can sign up for future tests. Even former Firewalk Studios employees have joined the server. They're excited to see Concord come back to life, too, the developers said.

"Friday morning, a video of the playtest was posted to the Concord Reddit page," according to the article. (Though ironically by Friday night YouTube had had removed the video "due to a copyright claim by MarkScan Enforcement."

[ Read more of this story ]( https://games.slashdot.org/story/25/11/15/0521203/sony-killed-this-game-in-2024-three-developers-reverse-engineered-it-back-to-life?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.