Longtime Slashdot reader sinij shares a report from Car and Driver: [T]he Trump administration announced less stringent Corporate Average Fuel Economy (CAFE) standards in an effort to bring down the price of new vehicles. The administration says that rules put in place by the Biden administration broke the law by going beyond the requirements mandated by Congress when the CAFE program was started. The new regulations will require automakers to meet an average fuel-economy figure of 34.5 mpg across 2031-model-year vehicles, instead of the 50.4 mpg that would have been required under the previous regulations. sinij comments: "This is a much-needed move as they also recently closed a number of loopholes, such as the assumed fuel-savings credit for engine start-stop technology, that made it more difficult to meet these goals. More so, a recent string of engine and transmission failures from multiple manufacturers shows that meeting fleet standards came at a very significant cost of reduced reliability."

[ Read more of this story ]( https://tech.slashdot.org/story/25/12/03/2341243/white-house-rolls-back-fuel-economy-standards?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A federal judge has ordered OpenAI to hand over 20 million anonymized ChatGPT logs in its copyright battle with the New York Times and other outlets. Reuters reports: U.S. Magistrate Judge Ona Wang in a decision made public on Wednesday said that the 20 million logs were relevant to the outlets' claims and that handing them over would not risk violating users' privacy. The judge rejected OpenAI's privacy-related objections to an earlier order requiring the artificial intelligence startup to submit the records as evidence. "There are multiple layers of protection in this case precisely because of the highly sensitive and private nature of much of the discovery," Wang said.

An OpenAI spokesperson on Wednesday cited an earlier blog post from the company's Chief Information Security Officer Dane Stuckey, which said the Times' demand for the chat logs "disregards long-standing privacy protections" and "breaks with common-sense security practices." OpenAI has separately appealed Wang's order to the case's presiding judge, U.S. District Judge Sidney Stein.

A group of newspapers owned by Alden Global Capital's MediaNews Group is also involved in the lawsuit. MediaNews Group executive editor Frank Pine said in a statement on Wednesday that OpenAI's leadership was "hallucinating when they thought they could get away with withholding evidence about how their business model relies on stealing from hardworking journalists."

[ Read more of this story ]( https://yro.slashdot.org/story/25/12/04/0011222/openai-loses-fight-to-keep-chatgpt-logs-secret-in-copyright-case?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

AT&T and Verizon are blocking T-Mobile's new "Switching Made Easy" tool that scans their customer accounts to recommend comparable plans. AT&T is also suing, alleging T-Mobile used bots to scrape over 100 fields of sensitive customer data. From The Mobile Report: According to a lawsuit, which AT&T has shared directly with us, T-Mobile updated the T-Life app's scraping abilities three separate times in an attempt to bypass AT&T's detection. Essentially, T-Mobile and AT&T have been in a game of cat and mouse. Not only that, but AT&T alleges that T-Mobile is intentionally hiding the fact that it's their scraper accessing an account, and essentially pretends to be an end user while doing so. Apparently, T-Mobile's scraping bot tries its best to appear as a generic web browser.

AT&T sent T-Mobile a cease and desist letter on November 24th demanding T-Mobile stop the scraping process. T-Mobile responded two days later refusing, stating that the process was legal because "customers themselves ... log into their own wireless account." On November 26th, AT&T says they detected T-Mobile is no longer scraping the AT&T website, and instead asks users to upload a pdf of their bill or enter some info manually. They note, however, that at the time the app still appeared to scrape Verizon accounts. The lawsuit further explains that AT&T reached out to Apple with the claim that T-Mobile's T-Life app is also violating the App Store Review Guidelines. T-Mobile responded to this complaint as well, making similar claims that the scraping process does not violate those guidelines. [...]

According to AT&T, the T-Life app collects way more information than is necessary for a simple carrier switch. The company alleges T-Mobile grabs over 100 separate bits of info from a customer's account, including info about other users on the account and other services not related to wireless service. It's also worth noting that, apparently, T-Mobile is storing this information, not just using it temporarily, even if the customer doesn't end up switching. T-Mobile has responded to our request for comment, and says that actually, AT&T is wrong about the facts, and Easy Switch is safe and secure...

[ Read more of this story ]( https://mobile.slashdot.org/story/25/12/04/006245/att-and-verizon-are-fighting-back-against-t-mobiles-easy-switch-tool?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from The Verge's Sean Hollister If you wrote off the Steam Frame as yet another VR headset few will want to wear, I guarantee you're not alone. But the Steam Frame isn't just a headset; it's a Trojan horse that contains the tech gamers need to play Steam games on the next Samsung Galaxy, the next Google Pixel, perhaps Arm gaming notebooks to come. I know, because I'm already using that tech on my Samsung Galaxy. There is no official Android version of Hollow Knight: Silksong, one of the best games of 2025, but that doesn't have to stop you anymore. Thanks to a stack of open-source technologies, including a compatibility layer called Proton and an emulator called Fex, games that were developed for x86-based Windows PCs can now run on Linux-based phones with the Arm processor architecture. With Proton, the Steam Deck could already do the Windows-to-Linux part; now, Fex is bridging x86 and Arm, too.

This stack is what powers the Steam Frame's own ability to play Windows games, of course, and it was widely reported that Valve is using the open-source Fex emulator to make it happen. What wasn't widely reported: Valve is behind Fex itself. In an interview, Valve's Pierre-Loup Griffais, one of the architects behind SteamOS and the Steam Deck, tells The Verge that Valve has been quietly funding almost all the open-source technologies required to play Windows games on Arm. And because they're open-source, Valve is effectively shepherding a future where Arm phones, laptops, and desktops could freely do the same. He says the company believes game developers shouldn't be wasting time porting games if there's a better way.

Remember when the Steam Deck handheld showed that a decade of investment in Linux could make Windows gaming portable? Valve paid open-source developers to follow their passions to help achieve that result. Valve has been guiding the effort to bring games to Arm in much the same way: In 2016 and 2017, Griffais tells me, the company began recruiting and funding open-source developers to bring Windows games to Arm chips. Fex lead developer Ryan Houdek tells The Verge he chatted with Griffais himself at conferences those years and whipped up the first prototype in 2018. He tells me Valve pays enough that Fex is his full-time job. "I want to thank the people from Valve for being here from the start and allowing me to kickstart this project," he recently wrote.

[ Read more of this story ]( https://games.slashdot.org/story/25/12/03/2357235/valve-reveals-its-the-architect-behind-a-push-to-bring-windows-games-to-arm?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Slashdot readers jmurtari and schwit1 shares news that a Russian astronaut slated for the next Dragon mission to the ISS has been removed after being caught photographing proprietary SpaceX hardware. UNITED24 reports: Russian cosmonaut Oleg Artemyev has been removed from the prime crew of SpaceX's Crew-12 mission to the International Space Station and replaced by fellow Roscosmos cosmonaut Andrey Fedyaev after sources alleged he photographed confidential SpaceX materials in California in violation of U.S. export control rules, according to The Insider on December 2. The outlet reported that Trishkin also said NASA did not want the controversy around Artemyev to become public, while Artemyev was removed from training at SpaceX's Hawthorne California, facility last week after allegedly photographing SpaceX engines and other internal materials on his phone and taking them off-site.

[ Read more of this story ]( https://slashdot.org/story/25/12/03/2348233/russian-astronaut-kicked-out-of-the-us-for-stealing-proprietary-spacex-designs?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В серверных компонентах web-фреймворка React (RSC, React Server Components) устранена уязвимость (CVE-2025-55182), позволявшая через отправку запроса к серверному обработчику выполнить произвольный код на сервере. Уязвимости присвоен критический уровень опасности (10 из 10). Уязвимость проявляется в экспериментальных компонентах react-server-dom-webpack.

https://www.opennet.ru/opennews/art.shtml?num=64373

Nature has retracted a headline-grabbing climate-economics study after critics found flawed data that massively inflated its predicted global economic collapse. The New York Times reports: The decision came after a team of economists noticed problems with the data for one country, Uzbekistan, that significantly skewed the results. If Uzbekistan were excluded, they found, the damages would look similar to earlier research (PDF). Instead of a 62 percent decline in economic output by 2100 in a world where carbon emissions continue unabated, global output would be reduced by 23 percent.

Of course, erasing more than 20 percent of the world's economic activity would still be a devastating blow to human welfare. The paper's detractors emphasize that climate change is a major threat, as recent meta analyses have found, and that more should be done to address it -- but, they say, unusual results should be treated skeptically. "Most people for the last decade have thought that a 20 percent reduction in 2100 was an insanely large number," said Solomon Hsiang, a professor of global environmental policy at Stanford University who co-wrote the critique published in August. "So the fact that this paper is coming out saying 60 percent is off the chart."

[ Read more of this story ]( https://news.slashdot.org/story/25/12/04/0430227/top-journal-retracts-study-predicting-catastrophic-climate-toll?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Вышел очередной стабильный релиз Alpine Linux — компактного дистрибутива на основе системной библиотеки musl.

( [ читать дальше... ]( https://www.linux.org.ru/news/linux-general/18158602#cut0 ) )

>>> [ Новость на сайте проекта (англ.) ]( https://alpinelinux.org/posts/Alpine-3.23.0-released.html )

>>> [ Более подробный список изменений в вики (англ.) ]( https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.23.0 )

Разработчики проекта MinIO, развивающего совместимое с API Amazon S3 высокопроизводительное объектное хранилище, объявили о переводе репозитория в режим сопровождения. Отныне в открытую кодовую базу будут включаться только исправления критических уязвимостей, а изменения, связанные с новой функциональностью и исправлением ошибок, будут оставаться в закрытом репозитории, на основе которого разрабатывается коммерческая версия. Пользователям, которым необходима поддержка или активно сопровождаемая версия, рекомендовано перейти на проприетарный продукт MinIO AIStor.

https://www.opennet.ru/opennews/art.shtml?num=64375

An anonymous reader quotes a report from TechCrunch: Earlier this year, home goods maker Kohler launched a smart camera called the Dekoda that attaches to your toilet bowl, takes pictures of it, and analyzes the images to advise you on your gut health. Anticipating privacy fears, Kohler said on its website that the Dekoda's sensors only see down into the toilet, and claimed that all data is secured with "end-to-end encryption." The company's use of the expression "end-to-end encryption" is, however, wrong, as security researcher Simon Fondrie-Teitler pointed out in a blog post on Tuesday. By reading Kohler's privacy policy, it's clear that the company is referring to the type of encryption that secures data as it travels over the internet, known as TLS encryption -- the same that powers HTTPS websites. [...] The security researcher also pointed out that given Kohler can access customers' data on its servers, it's possible Kohler is using customers' bowl pictures to train AI. Citing another response from the company representative, the researcher was told that Kohler's "algorithms are trained on de-identified data only." A "privacy contact" from Kohler said that user data is "encrypted at rest, when it's stored on the user's mobile phone, toilet attachment, and on our systems." The company also said that, "data in transit is also encrypted end-to-end, as it travels between the user's devices and our systems, where it is decrypted and processed to provide our service."

[ Read more of this story ]( https://it.slashdot.org/story/25/12/04/0436234/end-to-end-encrypted-smart-toilet-camera-is-not-actually-end-to-end-encrypted?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

На платформе crates.io вскрыт новый случай компрометации цепочки поставок ПО: вредоносный пакет на Rust незаметно заражал рабочие станции разработчиков Web3, маскируясь под вспомогательный инструмент для Ethereum Virtual Machine и подстраиваясь под три популярные десктопные операционные системы.

Пакет под названием «evm-units» появился в репозитории в середине апреля 2025 года от пользователя «ablerust» и за восемь месяцев набрал более 7 тысяч загрузок. Тот же автор опубликовал пакет «uniswap-utils», где «evm-units» был указан как зависимость, что обеспечило ему ещё свыше 7,4 тысячи загрузок. Оба проекта уже удалены с площадки, однако вредоносный код успел широко разойтись по экосистеме.

По данным компании Socket, вредоносный функционал скрыт внутри на первый взгляд безобидной функции «get_evm_version()». Вместо того чтобы только возвращать версию Ethereum, она определяет операционную систему, проверяет, запущен ли процесс «qhsafetray.exe», и обращается к внешнему ресурсу «download.videotalks[.]xyz» за следующим этапом атаки.

В зависимости от платформы загружается и в фоновом режиме запускается отдельный компонент: на Linux это сценарий, сохраняемый в каталоге /tmp/init и запускаемый через nohup, на macOS загружается и исполняется файл init через osascript и nohup, а на Windows в каталог временных файлов записывается PowerShell-скрипт «init.ps1» с дальнейшим скрытым запуском.

Сотрудница Socket Оливия Браун связывает такую логику с целенаправленной ориентацией на пользователей в Китае и более широком азиатском регионе, где рынок розничных криптовалютных сервисов остаётся одним из крупнейших.

Ссылки на EVM и протокол Uniswap позволили злоумышленнику органично вписать вредоносный код в инфраструктуру Web3 и выдать его за полезные утилиты для работы с Ethereum. Дополнительный риск создала цепочка зависимостей: включение «evm-units» в популярный пакет «uniswap-utils» привело к тому, что вредоносный загрузчик автоматически выполнялся при инициализации проектов, использующих эту библиотеку.

Инцидент демонстрирует, насколько опасными становятся атаки через открытые репозитории кода и насколько критично для разработчиков блокчейн-проектов внимательно отслеживать состав и происхождение подключаемых модулей.

https://www.linux.org.ru/news/security/18158530

A London Assembly report warns that surging demand from "energy-hungry" data centers is straining the electricity grid and delaying new housing developments. With data-center electricity use expected to rise up to 600% by 2050, officials fear London's housing crisis could worsen without coordinated action. The BBC reports: According to the report (PDF) from the London Assembly Planning and Regeneration Committee, some new housing developments in west London were temporarily delayed after the electricity grid reached full capacity. The committee's chair James Small-Edwards said energy capacity had become a "real constraint" on housing and economic growth in the city.

In 2022, the General London Assembly (GLA) began to investigate delays to housing developments in the boroughs of Ealing, Hillingdon and Hounslow - after it received reports that completed projects were being told they would have to "wait until 2037" to get a connection to the electricity grid. There were fears the boroughs may have to "pause new housing altogether" until the issue was resolved. But the GLA found short-term fixes with the National Grid and energy regulator Ofgem to ensure the "worst-case scenario" did not happen -- though several projects were still set back. The strains on parts of London's housing highlighted the need for "longer term planning" around grid capacity in the future, said the report.

[ Read more of this story ]( https://news.slashdot.org/story/25/12/04/0449221/new-homes-in-london-were-delayed-by-energy-hungry-data-centers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Доступен релиз Alpine Linux 3.23, минималистичного дистрибутива, построенного на базе системной библиотеки Musl и набора утилит BusyBox. Дистрибутив отличается повышенными требованиями к обеспечению безопасности и собран с защитой SSP (Stack Smashing Protection). В качестве системы инициализации используется OpenRC, для управления пакетами применяется собственный пакетный менеджер apk. Alpine применяется для формирования официальных образов контейнеров Docker и используется в проекте PostmarketOS. Загрузочные iso-образы (x86_64, x86, armhf, aarch64, armv7, ppc64le, s390x, riscv64 и loongarch64) подготовлены в шести вариантах: стандартном (344 МБ), загружаемом по сети (361 МБ), расширенном (1 ГБ), для виртуальных машин (67 MB), minirootfs (4 MB) и для гипервизора Xen (1 ГБ).

https://www.opennet.ru/opennews/art.shtml?num=64374

Apple's longtime human-interface chief Alan Dye is leaving to lead a new creative studio at Meta's Reality Labs, where he'll shape AI-driven design for devices like smart glasses and VR headsets. Dye will be replaced by Steve Lemay, who has had "a key role in the design of every major Apple interface since 1999," according to a statement Apple CEO Tim Cook gave Bloomberg's Mark Gurman. TechCrunch reports: Shortly after the news broke of Dye's departure, Zuckerberg announced a new creative studio within Reality Labs that would be led by Dye. There, he'll be joined by Billy Sorrentino, another former Apple designer who led interface design across Reality Labs; Joshua To, who led interface design across Reality Labs; Meta's industrial design team, led by Pete Bristol; and its metaverse design and art teams led by Jason Rubin.

Zuckerberg said the studio would "bring together design, fashion, and technology to define the next generation of our products and experiences." "Our idea is to treat intelligence as a new design material and imagine what becomes possible when it is abundant, capable, and human-centered," the Meta CEO wrote on Threads. "We plan to elevate design within Meta, and pull together a talented group with a combination of craft, creative vision, systems thinking, and deep experience building iconic products that bridge hardware and software."

[ Read more of this story ]( https://tech.slashdot.org/story/25/12/04/057208/meta-poaches-apple-design-exec-alan-dye?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Subaru owners are reporting full-screen SiriusXM pop-up ads appearing on their infotainment systems while driving -- sometimes even overriding Apple CarPlay. Subaru says the ads appear only twice a year, but frustrated drivers argue the practice is distracting, unsafe, and a sign of an industry trend that's likely to get worse. The Drive reports: At least one 2024 Crosstrek owner reported that the pop-up took over their screen even though they were using Apple CarPlay. To force-close an application that's in use, solely for the sake of in-car advertising, is especially egregious. [The following Subaru owner complaints to the National Highway Traffic Safety Administration reiterate that point...]

The Drive reached out to Subaru for comment on the marketing tactics. A company spokesperson responded, "We will discuss those messages in an upcoming meeting and will always consider customer feedback. This is the first we've heard of any issue. Those messages occur only twice a year, around Memorial Day and Thanksgiving, to alert customers that all channels are available to them for about two weeks." Reddit posts dating back as far as 2023 show owners complaining about in-car notifications.

[ Read more of this story ]( https://tech.slashdot.org/story/25/12/04/0534222/subaru-owners-are-ticked-about-in-car-pop-up-ads-for-siriusxm?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from the Guardian: Almost three in 10 GPs in the UK are using AI tools such as ChatGPT in consultations with patients, even though it could lead to them making mistakes and being sued, a study reveals. The rapid adoption of AI to ease workloads is happening alongside a "wild west" lack of regulation of the technology, which is leaving GPs unaware which tools are safe to use. That is the conclusion of research by the Nuffield Trust thinktank, based on a survey of 2,108 family doctors by the Royal College of GPs about AI and on focus groups of GPs.

Ministers hope that AI can help reduce the delays patients face in seeing a GP. The study found that more and more GPs were using AI to produce summaries of appointments with patients, assisting their diagnosis of the patient's condition and routine administrative tasks. In all, 598 (28%) of the 2,108 survey respondents said they were already using AI. More male (33%) than female (25%) GPs have used it and far more use it in well-off than in poorer areas.

It is moving quickly into more widespread use. However, large majorities of GPs, whether they use it or not, worry that practices that adopt it could face "professional liability and medico-legal issues," and "risks of clinical errors" and problems of "patient privacy and data security" as a result, the Nuffield Trust's report says. [...] In a blow to ministerial hopes, the survey also found that GPs use the time it saves them to recover from the stresses of their busy days rather than to see more patients. "While policymakers hope that this saved time will be used to offer more appointments, GPs reported using it primarily for self-care and rest, including reducing overtime working hours to prevent burnout," the report adds.

[ Read more of this story ]( https://science.slashdot.org/story/25/12/04/0538249/30-of-doctors-in-uk-use-ai-tools-in-patient-consultations-study-finds?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A severe spike in global DRAM prices has pushed Samsung Semiconductor to refuse a long-term RAM order from its own sibling, Samsung Electronics. The move is forcing the smartphone division into short, expensive renegotiations, which will likely mean higher costs for consumer devices. PCWorld reports: Samsung subsidiaries are, naturally, going to look to Samsung Semiconductor first when they need parts. Such was reportedly the case for Samsung Electronics, in search of memory supplies for its newest smartphones as the company ramps up production for 2026 flagship designs. But with so much RAM hardware going into new "AI" data centers -- and those companies willing to pay top dollar for their hardware -- memory manufacturers like Samsung, SK Hynix, and Micron are prioritizing data center suppliers to maximize profits.

The end result, according to a report from SE Daily spotted by SamMobile, is that Samsung Semiconductor rejected the original order for smartphone DRAM chips from Samsung Electronics' Mobile Experience division. The smartphone manufacturing arm of the company had hoped to nail down pricing and supply for another year. But reports say that due to "chipflation," the phone-making division must renegotiate quarterly, with a long-term supply deal rejected by its corporate sibling. A short-term deal, with higher prices, was reportedly hammered out.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/12/04/1739230/ram-is-so-expensive-samsung-wont-even-sell-it-to-samsung?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Состоялся первый релиз проекта geoip, реализующего сервис для получения информации о местоположении IP-адресов через REST API. Проект ориентирован на упрощение интеграции GeoIP-функциональности в различные приложения, освобождая разработчика от необходимости самостоятельно управлять обновлениями баз данных и работать с форматом MMDB. Код написан на языке Rust и распространяется под лицензией MIT. Поддерживается работа в Linux и macOS, а также других UNIX-подобных системах.

https://www.opennet.ru/opennews/art.shtml?num=64372

joshuark shares a report from BleepingComputer: Microsoft has silently "mitigated" a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks. Tracked as CVE-2025-9491, this security flaw allows attackers to hide malicious commands within Windows LNK files, which can be used to deploy malware and gain persistence on compromised devices. However, the attacks require user interaction to succeed, as they involve tricking potential victims into opening malicious Windows Shell Link (.lnk) files. Thus some element of social engineering, and user technically naive and gullibility such as thinking Windows is secure is required. [...]

As Trend Micro threat analysts discovered in March 2025, the CVE-2025-9491 was already being widely exploited by 11 state-sponsored groups and cybercrime gangs, including Evil Corp, Bitter, APT37, APT43 (also known as Kimsuky), Mustang Panda, SideWinder, RedHotel, Konni, and others. Microsoft told BleepingComputer in March that it would "consider addressing" this zero-day flaw, even though it didn't "meet the bar for immediate servicing." ACROS Security CEO and 0patch co-founder Mitja Kolsek found, Microsoft has silently changed LNK files in the November updates in an apparent effort to mitigate the CVE-2025-9491 flaw. After installing last month's updates, users can now see all characters in the Target field when opening the Properties of LNK files, not just the first 260. As the movie the Ninth Gate stated: "silentium est aurum"

[ Read more of this story ]( https://it.slashdot.org/story/25/12/04/1744255/microsoft-mitigates-windows-lnk-flaw-exploited-as-zero-day?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Longtime Slashdot reader williamyf writes: The Italian company Bending Spoons seems to be on an acquisitions spree. Their recent acquisitions of AOL and Vimeo are not yet finalized, yet on Dec. 2 they announced they are buying Eventbrite, a company specializing in publicizing and organizing local events, for just half a milliard USD. Bending Spoons' portfolio also includes other companies like Evernote and WeTransfer. Further reading: Private Equity Hipsters Are Coming For Your Favorite Apps (2024)

[ Read more of this story ]( https://news.slashdot.org/story/25/12/04/1751254/bending-spoons-buys-eventbrite-for-500-million?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Wiz опубликовала результаты анализа следов деятельности червя Shai-Hulud 2, в ходе активности которого в репозитории NPM были опубликованы вредоносные выпуски более 800 пакетов, насчитывающих в сумме более 100 млн загрузок. После установки поражённого пакета, активизировавшийся червь выполняет поиск конфиденциальных данных, публикует новые вредоносные релизы (при обнаружении токена подключения к каталогу NPM) и размещает в открытом доступе найденные в системе конфиденциальные данные через создание новых репозиториев в GitHub.

https://www.opennet.ru/opennews/art.shtml?num=64377

Привет, ЛОР!

Ровно 30 лет назад, 4 декабря 1995 года компании Netscape и Sun совместно анонсировали новый язык программирования – JavaScript, впервые доступный в браузере Netscape 2.0, вышедшем на следующий день после анонса. С тех пор JavaScript сумел распространиться повсюду, его реализация содержится в каждом популярном браузере, на нём пишут серверный и десктопный софт, и спустя 30 лет он считается самым популярным языком программирования на планете.

Поздравляю всех причастных, работающих с этим языком, и желаю им в дальнейшем успешной карьеры и процветания.

https://www.linux.org.ru/news/internet/18159213

The EU has opened an antitrust investigation into Meta over a new WhatsApp policy that could block rival AI assistants from accessing the platform. Complaints from smaller AI developers triggered the probe, which could lead to fines of up to 10% of Meta's global revenue if the company is found to have abused its dominance. Reuters reports: EU antitrust chief Teresa Ribera said the move was to prevent dominant firms from "abusing their power to crowd out innovative competitors." She added interim measures could be imposed to block Meta's new WhatsApp AI policy rollout. "AI markets are booming in Europe and beyond," she said. "This is why we are investigating if Meta's new policy might be illegal under competition rules, and whether we should act quickly to prevent any possible irreparable harm to competition in the AI space."

A WhatsApp spokesperson called the claims "baseless," adding that the emergence of chatbots on its platforms had put a "strain on our systems that they were not designed to support," a reference to AI systems from other providers. "Still, the AI space is highly competitive and people have access to the services of their choice in any number of ways, including app stores, search engines, email services, partnership integrations, and operating systems."

[ Read more of this story ]( https://yro.slashdot.org/story/25/12/04/181250/eu-hits-meta-with-antitrust-probe-over-plans-to-block-ai-rivals-from-whatsapp?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Russia has blocked Apple's FaceTime and the gaming platform Roblox as part of a broader crackdown on foreign tech platforms. CBC News reports: Both restrictions are part of an accelerating clampdown on foreign tech platforms: In the case of FaceTime, Russian authorities allege it is being used for criminal activity, while Roblox was accused of distributing extremist materials and "LGBT propaganda." The move follows restrictions against Google's YouTube, Meta's WhatsApp and the Telegram messaging service.

Critics say the curbs amount to censorship and a tightening of state control over private communications. Russia says they are legitimate law enforcement measures. Russian authorities have this year launched a state-backed rival app called Max, which critics say could be used for surveillance -- allegations that state media have dismissed as false.

Justifying its decision, the communications regulator, Roskomnadzor, said in an emailed statement: "According to law enforcement agencies, FaceTime is being used to organize and carry out terrorist attacks in the country, recruit perpetrators, and commit fraud and other crimes against Russian citizens." The watchdog did not cite evidence in support of the allegations.

[ Read more of this story ]( https://yro.slashdot.org/story/25/12/04/186254/russia-blocks-roblox-apples-facetime?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A light aircraft crashed in Gloucestershire after a 3D-printed plastic air-induction elbow softened from engine heat and collapsed, cutting power during final approach and causing the plane to undershoot the runway. Investigators say the part was made from "inappropriate material" and safety actions will be taken in the future regarding 3D printed parts. The BBC reports: Following an "uneventful local flight", the AAIB report said the pilot advanced the throttle on the final approach to the runway, and realized the engine had suffered a complete loss of power. "He managed to fly over a road and a line of bushes on the airfield boundary, but landed short and struck the instrument landing system before coming to rest at the side of the structure," the report read.

It was revealed the part had been installed during a modification to the fuel system and collapsed due to its 3D-printed plastic material softening when exposed to heat from the engine. The Light Aircraft Association (LAA) said it now intends to take safety actions in response to the accident, including a "LAA Alert" regarding the use of 3D-printed parts that will be sent to inspectors.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/12/04/2125206/plane-crashed-after-3d-printed-part-collapsed?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Ancient Slashdot user Alain Williams shares a report from Al Jazeera: The Irish Council for Civil Liberties (ICCL) has announced it filed a complaint against Microsoft, accusing the global tech giant of unlawfully processing data on behalf of the Israeli military and facilitating the killings of Palestinian civilians in Gaza. In the complaint, the council asked the Data Protection Commission -- the European Union's lead data regulator for the company -- to "urgently investigate" Microsoft Ireland's processing.

"Microsoft's technology has put millions of Palestinians in danger. These are not abstract data-protection failures -- they are violations that have enabled real-world violence," Joe O'Brien, ICCL's executive director, said in a statement. "When EU infrastructure is used to enable surveillance and targeting, the Irish Data Protection Commission must step in -- and it must use its full powers to hold Microsoft to account."

After months of complaints from rights groups and Microsoft whistleblowers, the company said in September it cancelled some services to the Israeli military over concerns that it was violating Microsoft's terms of service by using cloud computing software to spy on millions of Palestinians.

[ Read more of this story ]( https://yro.slashdot.org/story/25/12/04/2153226/microsoft-faces-new-complaint-for-unlawfully-processing-data-on-behalf-of-israeli-military?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

U.S. regulators are pressing Waymo for answers after Texas officials reported 19 instances of its self-driving cars illegally passing stopped school buses, including cases that occurred after Waymo claimed to have deployed a software fix. Longtime Slashdot reader BrendaEM shares the report from Reuters: In a November 20 letter posted by NHTSA, the Austin Independent School District said five incidents occurred in November after Waymo said it had made software updates to resolve the issue and asked the company to halt operations around schools during pick-up and drop-off times until it could ensure the vehicles would not violate the law. "We cannot allow Waymo to continue endangering our students while it attempts to implement a fix," a lawyer for the school district wrote, citing one incident involving a Waymo that was "recorded driving past a stopped school bus only moments after a student crossed in front of the vehicle, and while the student was still in the road."

The letter prompted NHTSA to ask Waymo on November 24 if it would comply with the request to cease self-driving operations during student pick-up and drop-off times, adding: "Was an appropriate software fix implemented or developed to mitigate this concern? And if so, does Waymo plan to file a recall for the fix?" The school district told Reuters on Thursday that Waymo refuses to halt operations around schools and said another incident involving a self-driving car and an actively loading school bus occurred on December 1, which "indicates that those programming changes did not resolve the issue or our concerns."

In a statement, Waymo did not answer why it had refused to halt operations around Austin schools or answer if it would issue a recall. "We're deeply invested in safe interaction with school buses. We swiftly implemented software updates to address this and will continue to rapidly improve," Waymo said. NHTSA said in a letter to Waymo on Wednesday that it was demanding answers to a series of questions by January 20 about incidents involving school buses and details of software updates to address safety concerns.

[ Read more of this story ]( https://tech.slashdot.org/story/25/12/04/2158221/us-probes-reports-waymo-self-driving-cars-illegally-passed-school-buses-19-times?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

alternative_right quotes a report from the Guardian: The statue looms and glints at more than 11 feet tall and weighing 3,500 pounds, looking out at the city with, how to put it ... a characteristically stern expression? Despite its daunting appearance and history as a crimefighter of last resort, the giant new bronze figure of the movie character RoboCop is being seen as a symbol of hope, drawing fans and eliciting selfie mania since it began standing guard over Detroit on Wednesday afternoon. It has been 15 years in the making. Even in a snowstorm in the dark, people were driving by to see it, said Jim Toscano, co-owner of the Free Age film production company, where the statue now stands firmly bolted down near the sidewalk. RoboCop hit theaters in 1987, portraying a near-future Detroit as crime-ridden and poorly protected by a beleaguered and outgunned police force, until actor Peter Weller appeared as a nearly invincible cyborg, apparently created by a nefarious corporation bent on privatizing policing. A grassroots campaign to build a RoboCop statue in Detroit began in 2010, eventually raising over $67,000 on Kickstarter and resulting in a completed sculpture in 2017. However, hosting setbacks caused it to get stuck, "stored away from public view," reports the Guardian. The project finally found a home after business owner Mike Toscano agreed to display it in their new open-air product market, calling it "too unique and too cool not to do."

[ Read more of this story ]( https://entertainment.slashdot.org/story/25/12/04/2211225/robocop-statue-rises-in-detroit?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Ars Technica: A Donald Trump-backed push has failed to wedge a federal measure that would block states from passing AI laws for a decade into the National Defense Authorization Act (NDAA). House Majority Leader Steve Scalise (R-La.) told reporters Tuesday that a sect of Republicans is now "looking at other places" to potentially pass the measure. Other Republicans opposed including the AI preemption in the defense bill, The Hill reported, joining critics who see value in allowing states to quickly regulate AI risks as they arise.

For months, Trump has pressured the Republican-led Congress to block state AI laws that the president claims could bog down innovation as AI firms waste time and resources complying with a patchwork of state laws. But Republicans have continually failed to unite behind Trump's command, first voting against including a similar measure in the "Big Beautiful" budget bill and then this week failing to negotiate a solution to pass the NDAA measure. [...]

"We MUST have one Federal Standard instead of a patchwork of 50 State Regulatory Regimes," Trump wrote on Truth Social last month. "If we don't, then China will easily catch us in the AI race. Put it in the NDAA, or pass a separate Bill, and nobody will ever be able to compete with America." If Congress bombs the assignment to find another way to pass the measure, Trump will likely release an executive order to enforce the policy. Republicans in Congress had dissuaded Trump from releasing a draft of that order, requesting time to find legislation where they believed an AI moratorium could pass. "The controversial proposal had faced backlash from a nationwide, bipartisan coalition of state lawmakers, parents, faith leaders, unions, whistleblowers, and other public advocates," the NDAA, a bipartisan group that lobbies for AI safety laws, said in a press release.

This "widespread and powerful" movement "clapped back" at Republicans' latest "rushed attempt to sneak preemption through Congress," Brad Carson, ARI's president, said, because "Americans want safeguards that protect kids, workers, and families, not a rules-free zone for Big Tech."

[ Read more of this story ]( https://politics.slashdot.org/story/25/12/04/2228233/republicans-drop-trump-ordered-block-on-state-ai-laws-from-defense-bill?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

NASA's OSIRIS-REx samples from asteroid Bennu have revealed bio-essential sugars, a never-before-seen "space gum" polymer, and unusually high levels of supernova-origin dust. The findings bolster the RNA-world hypothesis, suggest complex organics formed early on Bennu's parent body, and show preserved presolar grains that escaped alteration for billions of years.

"All five nucleobases used to construct both DNA and RNA, along with phosphates, have already been found in the Bennu samples brought to Earth by OSIRIS-REx," said lead scientist Yoshihiro Furukawa of Tohoku University. "The new discovery of ribose means that all of the components to form the molecule RNA are present in Bennu."

The findings have been published in three new papers by the journals Nature Geosciences and Nature Astronomy. NASA also published a video on YouTube detailing the discovery.

[ Read more of this story ]( https://science.slashdot.org/story/25/12/04/2237242/sugars-gum-stardust-found-in-nasas-asteroid-bennu-samples?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Oracle опубликовала выпуск операционной системы Solaris 11.4 SRU 87 (Support Repository Update), в котором предложена серия значительных изменений и улучшений для ветки Solaris 11.4. Для установки предложенных в обновлении исправлений достаточно выполнить команду 'pkg update'. Пользователи также могут воспользоваться бесплатной редакцией Solaris 11.4 CBE (Common Build Environment), развиваемой с использованием модели непрерывной публикации новых версий.

https://www.opennet.ru/opennews/art.shtml?num=64379

Вышла новая версия Ferrocene – компилятора языка Rust, предназначенного для написания особенно чувствительных к безопасности и надёжности систем. От [ эталонной реализации ]( https://github.com/rust-lang/rust ) Ferrocene отличается наличием сертификатов ISO 26262 (ASIL D), IEC 61508 (SIL 3) и IEC 62304 (Class C).

( [ читать дальше... ]( https://www.linux.org.ru/news/development/18159076#cut ) )

NASA and CNES's SWOT satellite captured the first high-resolution, wide-swath image of a major tsunami in the open ocean after the July 2025 Kuril-Kamchatka quake. "Instead of a single neat crest racing across the basin, the image revealed a complicated, braided pattern of energy dispersing and scattering over hundreds of miles," reports Earth.com. "These are details that traditional instruments almost never resolve. They suggest the physics we use to forecast tsunami hazards -- especially the assumption that the largest ocean-crossing waves travel as largely "non-dispersive" packets -- need a revision." From the report: Three takeaways emerge. First, high-resolution satellite altimetry can see the internal structure of a tsunami in mid-ocean, not just its presence. Second, researchers now argue that dispersion -- often downplayed for great events -- may shape how energy spreads into leading and trailing waves, which could alter run-up timing and the force on harbor structures. Third, combining satellite swaths, DART time series, seismic records, and geodetic deformation gives a more faithful picture of the source and its evolution along strike.

For tsunami modelers and hazard planners, the message is equal parts caution and opportunity. The physics now has to catch up with the complexity that SWOT has revealed, and planners need forecasting systems that can merge every available data stream. The waves won't get any simpler -- but our predictions can get a lot sharper. The findings have been published in the journal The Seismic Record.

[ Read more of this story ]( https://news.slashdot.org/story/25/12/05/0135228/satellite-captures-the-first-detailed-look-at-a-massive-tsunami?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Представлен релиз HTTP-сервера Apache 2.4.66, в котором устранено 5 уязвимостей и внесено несколько десятков изменений.

https://www.opennet.ru/opennews/art.shtml?num=64380

Компания Proxmox, известная разработкой продуктов Proxmox Virtual Environment, Proxmox Backup Server и Proxmox Mail Gateway, представила первый стабильный релиз нового дистрибутива - Proxmox Datacenter Manager, включающий интерфейс пользователя и инструментарий для централизованного управления несколькими независимыми кластерами на базе Proxmox Virtual Environment. Серверный бэкенд, утилиты командной строки и новый web-интерфейс написаны на языке Rust и распространяются под лицензией AGPLv3. Для создания web-интерфейса использован собственный набор виджетов, основанный на web-фреймворке Yew. Размер установочного iso-образа 1.5 ГБ.

https://www.opennet.ru/opennews/art.shtml?num=64382

An anonymous reader quotes a report from MIT Technology Review: New research reveals that AI chatbots can shift voters' opinions in a single conversation -- and they're surprisingly good at it. A multi-university team of researchers has found that chatting with a politically biased AI model was more effective than political advertisements at nudging both Democrats and Republicans to support presidential candidates of the opposing party. The chatbots swayed opinions by citing facts and evidence, but they were not always accurate -- in fact, the researchers found, the most persuasive models said the most untrue things. The findings, detailed in a pair of studies published in the journals Nature and Science, are the latest in an emerging body of research demonstrating the persuasive power of LLMs. They raise profound questions about how generative AI could reshape elections.

[ Read more of this story ]( https://politics.slashdot.org/story/25/12/05/0141235/ai-chatbots-can-sway-voters-better-than-political-ads?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Netflix says its open AV1 video codec now powers about 30% of all streaming on the platform and is rapidly becoming its primary delivery format thanks to major gains in compression, bandwidth efficiency, HDR support, and film-grain rendering. TVTechnology reports: The blog by Liwei Guo, Zhi Li, Sheldon Radford and Jeff Watts comes at a time when AV2 is on the horizon. [...] The blog revisits Netflix's AV1 journey to date, highlights emerging use cases, and shares adoption trends across the device ecosystem. It noted that since entering the streaming business in 2007, Netflix has primarily relied on H.264/AVC as its streaming format. "Looking ahead, we are excited about the forthcoming release of AV2, announced by the Alliance for Open Media for the end of 2025," said the authors. "AV2 is poised to set a new benchmark for compression efficiency and streaming capabilities, building on the solid foundation laid by AV1. At Netflix, we remain committed to adopting the best open technologies to delight our members around the globe. While AV2 represents the future of streaming, AV1 is very much the present -- serving as the backbone of our platform and powering exceptional entertainment experiences across a vast and ever-expanding ecosystem of devices."

[ Read more of this story ]( https://news.slashdot.org/story/25/12/05/0146253/av1-open-video-codec-now-powers-30-of-netflix-streaming?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Two Virginia brothers Muneeb and Sohaib Akhter, previously convicted of hacking the U.S. State Department, were rehired as federal contractors and are now charged with conspiring to steal sensitive data and destroy government databases after being fired. "Following the termination of their employment, the brothers allegedly sought to harm the company and its U.S. government customers by accessing computers without authorization, issuing commands to prevent others from modifying the databases before deletion, deleting databases, stealing information, and destroying evidence of their unlawful activities," the Justice Department said in a Wednesday press release. BleepingComputer reports: According to court documents, Muneeb Akhter deleted roughly 96 databases containing U.S. government information in February 2025, including Freedom of Information Act records and sensitive investigative documents from multiple federal agencies. One minute after deleting a Department of Homeland Security database, Muneeb Akhter also allegedly asked an artificial intelligence tool for instructions on clearing system logs after deleting a database.

The two defendants also allegedly ran commands to prevent others from modifying the targeted databases before deletion, and destroyed evidence of their activities. The prosecutors added that both men wiped company laptops before returning them to the contractor and discussed cleaning out their house in anticipation of a law enforcement search. The complaint also claims that Muneeb Akhter stole IRS information from a virtual machine, including federal tax data and identifying information for at least 450 individuals, and stole Equal Employment Opportunity Commission information after being fired by the government contractor.

Muneeb Akhter has been charged with conspiracy to commit computer fraud and destroy records, two counts of computer fraud, theft of U.S. government records, and two counts of aggravated identity theft. If found guilty, he faces a minimum of two years in prison for each aggravated identity theft count, with a maximum of 45 years on other charges. His brother, Sohaib, is charged with conspiracy to commit computer fraud and password trafficking, facing a maximum penalty of six years if convicted.

[ Read more of this story ]( https://yro.slashdot.org/story/25/12/05/0251201/contractors-with-hacking-records-accused-of-wiping-96-government-databases?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

On Dec. 2, QuickTime turned 34, and despite its origins in Apple's chaotic 1990s (1991 to be exact), "it's still the backbone of video on our devices," writes Macworld's Jason Snell. That includes MP4 and Apple's immersive video formats for Vision Pro. From the report: By the late '80s and early '90s, digital audio had been thoroughly integrated into Macs. (PCs needed add-on cards to do much more than issue beeps.) The next frontier was video, and even better, synchronized video and audio. There were a whole lot of challenges: the Macs of the day were not really powerful to decode and display more than a few frames per second, which was more of a slideshow than a proper video. Also, the software written to decode and encode such video (called codecs) was complex and expensive, and there were lots of different formats, making file exchange unreliable.

Apple's solution wasn't to invent entirely new software to cover every contingency, but to build a framework for multimedia creation and playback that could use different codecs as needed. At its heart was a file that was a container for other streams of audio and video in various formats: the QuickTime Movie, or MOV.

[...] QuickTime's legacy lives on. At a recent event I attended at Apple Park, Apple's experts in immersive video for the Vision Pro pointed out that the standard format for immersive videos is, at its heart, a QuickTime container. And perhaps the most ubiquitous video container format on the internet, the MP4 file? That standard file format is actually a container format that can encompass different kinds of audio, video, and other information, all in one place. If that sounds familiar, that's because MPEG-4 is based on the QuickTime format.
Thirty-four years later, QuickTime may seem like a quaint product of a long-lost era of Apple. But the truth is, it's become an integral part of the computing world, so pervasive that it's almost invisible. I'd like to forget most of what happened at Apple in the early 1990s, but QuickTime definitely deserves our appreciation.

[ Read more of this story ]( https://news.slashdot.org/story/25/12/05/031249/quicktime-turns-34?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from the New York Times: A few years ago, Paul Wieland, a 44-year-old information technology professional living in New York's Adirondack Mountains, was wrapping up a home renovation when he ran into a hiccup. He wanted to be able to control his new garage door with his smartphone. But the options available, including a product called MyQ, required connecting to a company's internet servers. He believed a "smart" garage door should operate only over a local Wi-Fi network to protect a home's privacy, so he started building his own system to plug into his garage door. By 2022, he had developed a prototype, which he named RATGDO, for Rage Against the Garage Door Opener. He had hoped to sell 100 of his new gadgets just to recoup expenses, but he ended up selling tens of thousands. That's because MyQ's maker did what a number of other consumer device manufacturers have done over the last few years, much to the frustration of their customers: It changed the device, making it both less useful and more expensive to operate.

Chamberlain Group, a company that makes garage door openers, had created the MyQ hubs so that virtually any garage door opener could be controlled with home automation software from Apple, Google, Nest and others. Chamberlain also offered a free MyQ smartphone app. Two years ago, Chamberlain started shutting down support for most third-party access to its MyQ servers. The company said it was trying to improve the reliability of its products. But this effectively broke connections that people had set up to work with Apple's Home app or Google's Home app, among others. Chamberlain also started working with partners that charge subscriptions for their services, though a basic app to control garage doors was still free.

While Mr. Wieland said RATGDO sales spiked after Chamberlain made those changes, he believes the popularity of his device is about more than just opening and closing a garage. It stems from widespread frustration with companies that sell internet-connected hardware that they eventually change or use to nickel-and-dime customers with subscription fees. "You should own the hardware, and there is a line there that a lot of companies are experimenting with," Mr. Wieland said in a recent interview. "I'm really afraid for the future that consumers are going to swallow this and that's going to become the norm." [...] For Mr. Wieland, the fight isn't over. He started a company named RATCLOUD, for Rage Against the Cloud. He said he was developing similar products that were not yet for sale.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/12/05/0315226/why-one-man-is-fighting-for-our-right-to-control-our-garage-door-openers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Netflix is buying Warner Bros. Discovery in an $82.7 billion deal that gives it HBO, iconic franchises, and major studio infrastructure. "Warner Bros. shareholders will receive $27.75 a share in cash and stock in Netflix," notes Bloomberg. "The total equity value of the deal is $72 billion, while the enterprise value of the deal is about $82.7 billion." From the report: Prior to the closing of the sale, Warner Bros. will complete the planned spinoff of its networks division, which includes cable channels such as CNN, TBS and TNT. That transaction is now expected to be completed in the third quarter of 2026, Netflix said in a statement. With the purchase, Netflix becomes owner of the HBO network, along with its library of hit shows like The Sopranos and The White Lotus. Warner Bros. assets also include its sprawling studios in Burbank, California, along with a vast film and TV archive that includes Harry Potter and Friends.

Netflix said it expects to maintain Warner Bros.' current operations and build on its strengths, including theatrical releases for films, a point that had been a cause of concern in Hollywood. Netflix said the deal will allow it to "significantly expand" US production capacity and invest in original content, which will create jobs and strengthen the entertainment industry. Still, the combination is also expected to create "at least $2 billion to $3 billion" in cost savings per year by the third year, according to the statement. U.S. Senator Mike Lee, a Republican from Utah who leads the Senate antitrust committee, said the acquisition "should send alarm to antitrust enforcers around the world."

"Netflix built a great service, but increasing Netflix's dominance this way would mean the end of the Golden Age of streaming for content creators and consumers," Lee wrote in a post on X.

U.S. Senator Elizabeth Warren called it an antitrust "nightmare" that would harm workers and consumers. "A Netflix-Warner Bros would create one massive media giant with control of close to half of the streaming market -- threatening to force Americans into higher subscription prices and fewer choices over what and how they watch, while putting American workers at risk," Warren said on Friday. "It would mean more price hikes, ads, & cookie cutter content, less creative control for artists, and lower pay for workers," she said in a post on X. "The media industry is already controlled by a few corporations with too much power to censor free speech. The gov't must step in."

[ Read more of this story ]( https://entertainment.slashdot.org/story/25/12/05/1728256/netflix-to-buy-warner-bros-in-72-billion-cash-stock-deal?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Oracle опубликовала дистрибутив Oracle Linux 10.1, созданный на основе пакетной базы Red Hat Enterprise Linux 10.1 и полностью бинарно совместимый с ней. Для загрузки без ограничений предложены установочные iso-образы, размером 10 ГБ и 1.3 ГБ, подготовленные для архитектур x86_64 и ARM64 (aarch64). Для Oracle Linux 10 открыт неограниченный и бесплатный доступ к yum-репозиторию с бинарными обновлениями пакетов с устранением ошибок (errata) и проблем безопасности. Для загрузки также подготовлены отдельно поддерживаемые репозитории с наборами пакетов Application Stream и CodeReady Builder.

https://www.opennet.ru/opennews/art.shtml?num=64385

Cloudflare says it blocked 416 billion AI scraping attempts in five months and warns that AI is reshaping the internet's economic model -- with Google's combined crawler creating a monopoly-style dilemma where opting out of AI means disappearing from search altogether. Tom's Hardware reports: "The business model of the internet has always been to generate content that drive traffic and then sell either things, subscriptions, or ads, [Cloudflare CEO Matthew Prince] told Wired. "What I think people don't realize, though, is that AI is a platform shift. The business model of the internet is about to change dramatically. I don't know what it's going to change to, but it's what I'm spending almost every waking hour thinking about."

While Cloudflare blocks almost all AI crawlers, there's one particular bot it cannot block without affecting its customers' online presence -- Google. The search giant combined its search and AI crawler into one, meaning users who opt out of Google's AI crawler won't be indexed in Google search results. "You can't opt out of one without opting out of both, which is a real challenge -- it's crazy," Prince continued. "It shouldn't be that you can use your monopoly position of yesterday in order to leverage and have a monopoly position in the market of tomorrow."

[ Read more of this story ]( https://tech.slashdot.org/story/25/12/05/1940241/cloudflare-says-it-blocked-416-billion-ai-scraping-requests-in-5-months?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

В кодовую базу, на основе которой формируется релиз GNOME 50, принят набор изменений с реализацией возможности восстановления приложений, запущенных в прошлом сеансе. В менеджер сеансов gnome-session добавлен режим для сохранения списка запущенных приложений во время завершения сеанса и восстановления их окон (запуска приложений) в последующем сеансе. В конфигуратор добавлен соответствующий переключатель, позволяющий отключить данное поведение.

https://www.opennet.ru/opennews/art.shtml?num=64383

Опубликован выпуск пакетного фильтра nftables 1.1.6, унифицирующего интерфейсы фильтрации пакетов для IPv4, IPv6, ARP и сетевых мостов (нацелен на замену iptables, ip6table, arptables и ebtables). Одновременно опубликован выпуск сопутствующей библиотеки libnftnl 1.3.1, предоставляющей низкоуровневый API для взаимодействия с подсистемой nf_tables.

https://www.opennet.ru/opennews/art.shtml?num=64386

The New York Times is suing Perplexity for copyright infringement, accusing the AI startup of repackaging its paywalled reporting without permission. TechCrunch reports: The Times joins several media outlets suing Perplexity, including the Chicago Tribune, which also filed suit this week. The Times' suit claims that "Perplexity provides commercial products to its own users that substitute" for the outlet, "without permission or remuneration." [...] "While we believe in the ethical and responsible use and development of AI, we firmly object to Perplexity's unlicensed use of our content to develop and promote their products," Graham James, a spokesperson for The Times, said in a statement. "We will continue to work to hold companies accountable that refuse to recognize the value of our work."

Similar to the Tribune's suit, the Times takes issue with Perplexity's method for answering user queries by gathering information from websites and databases to generate responses via its retrieval-augmented generation (RAG) products, like its chatbots and Comet browser AI assistant. "Perplexity then repackages the original content in written responses to users," the suit reads. "Those responses, or outputs, often are verbatim or near-verbatim reproductions, summaries, or abridgments of the original content, including The Times's copyrighted works."

Or, as James put it in his statement, "RAG allows Perplexity to crawl the internet and steal content from behind our paywall and deliver it to its customers in real time. That content should only be accessible to our paying subscribers." The Times also claims Perplexity's search engine has hallucinated information and falsely attributed it to the outlet, which damages its brand. "Publishers have been suing new tech companies for a hundred years, starting with radio, TV, the internet, social media, and now AI," Jesse Dwyer, Perplexity's head of communications, told TechCrunch. "Fortunately it's never worked, or we'd all be talking about this by telegraph."

[ Read more of this story ]( https://yro.slashdot.org/story/25/12/05/2021202/the-new-york-times-is-suing-perplexity-for-copyright-infringement?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

India is weighing a proposal to mandate always-on satellite tracking in smartphones for precise government surveillance -- an idea strongly opposed by Apple, Google, Samsung, and industry groups. Reuters reports: For years, the [Prime Minister Narendra Modi's] administration has been concerned its agencies do not get precise locations when legal requests are made to telecom firms during investigations. Under the current system, the firms are limited to using cellular tower data that can only provide an estimated area location, which can be off by several meters.

The Cellular Operators Association of India (COAI), which represents Reliance's Jio and Bharti Airtel, has proposed that precise user locations should only be provided if the government orders smartphone makers to activate A-GPS technology -- which uses satellite signals and cellular data -- according to a June internal federal IT ministry email. That would require location services to always be activated in smartphones with no option for users to disable them. Apple, Samsung, and Alphabet's Google have told New Delhi that should not be mandated, said three of the sources who have direct knowledge of the deliberations.

A measure to track device-level location has no precedent anywhere else in the world, lobbying group India Cellular & Electronics Association (ICEA), which represents both Apple and Google, wrote in a confidential July letter to the government, which was viewed by Reuters. "The A-GPS network service ... (is) not deployed or supported for location surveillance," said the letter, which added that the measure "would be a regulatory overreach." Earlier this week, Modi's government was forced to rescind an order requiring smartphone makers to preload a state-run cyber safety app on all devices after public backlash and privacy concerns.

[ Read more of this story ]( https://yro.slashdot.org/story/25/12/05/2110209/india-reviews-telecom-industry-proposal-for-always-on-satellite-location-tracking?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Meta is acquiring AI wearable startup Limitless, maker of a pendant that records conversations and generates summaries. "We're excited that Limitless will be joining Meta to help accelerate our work to build AI-enabled wearables," a Meta spokesperson said in a statement. CNBC reports: Limitless CEO Dan Siroker revealed the deal on Friday via a corporate blog post but did not disclose the financial terms. "Meta recently announced a new vision to bring personal superintelligence to everyone and a key part of that vision is building incredible AI-enabled wearables," Siroker said in the post and an accompanying video. "We share this vision and we'll be joining Meta to help bring our shared vision to life."

[ Read more of this story ]( https://hardware.slashdot.org/story/25/12/05/2114250/meta-acquires-ai-wearable-company-limitless?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

U.S. and Canadian cybersecurity agencies say Chinese-linked actors deployed "Brickstorm" malware to infiltrate critical infrastructure and maintain long-term access for potential sabotage. Reuters reports: The Chinese-linked hacking operations are the latest example of Chinese hackers targeting critical infrastructure, infiltrating sensitive networks and "embedding themselves to enable long-term access, disruption, and potential sabotage," Madhu Gottumukkala, the acting director of the Cybersecurity and Infrastructure Security Agency, said in an advisory signed by CISA, the National Security Agency and the Canadian Centre for Cyber Security. According to the advisory, which was published alongside a more detailed malware analysis report (PDF), the state-backed hackers are using malware known as "Brickstorm" to target multiple government services and information technology entities. Once inside victim networks, the hackers can steal login credentials and other sensitive information and potentially take full control of targeted computers.

In one case, the attackers used Brickstorm to penetrate a company in April 2024 and maintained access through at least September 3, 2025, according to the advisory. CISA Executive Assistant Director for Cybersecurity Nick Andersen declined to share details about the total number of government organizations targeted or specifics around what the hackers did once they penetrated their targets during a call with reporters on Thursday. The advisory and malware analysis reports are based on eight Brickstorm samples obtained from targeted organizations, according to CISA. The hackers are deploying the malware against VMware vSphere, a product sold by Broadcom's VMware to create and manage virtual machines within networks. [...] In addition to traditional espionage, the hackers in those cases likely also used the operations to develop new, previously unknown vulnerabilities and establish pivot points to broader access to more victims, Google said at the time.

[ Read more of this story ]( https://it.slashdot.org/story/25/12/05/2135231/chinese-linked-hackers-use-backdoor-for-potential-sabotage-us-and-canada-say?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

sinij shares news of the Trump administration surprising the auto industry by granting approval for "tiny cars" to be built in the United States. Bloomberg reports: President Donald Trump, apparently enamored by the pint-sized Kei cars he saw during his recent trip to Japan, has paved the way for them to be made and sold in the U.S., despite concerns that they're too small and slow to be driven safely on American roads.
"They're very small, they're really cute, and I said "How would that do in this country?'" Trump told reporters on Wednesday at the White House, as he outlined plans to relax stringent Biden-era fuel efficiency standards.

"But we're not allowed to make them in this country and I think you're gonna do very well with those cars, so we're gonna approve those cars," he said, adding that he's authorized Transportation Secretary Sean Duffy to approve production. [...] In response to Trump's latest order, Duffy said his department has "cleared the deck" for Toyota Motor Corp. and other carmakers to build and sell cars in the U.S. that are "smaller, more fuel-efficient." Trump's seeming embrace of Kei cars is the latest instance of passenger vehicles being used as a geopolitical bargaining chip between the U.S. and Japan. "This makes a lot of sense in urban settings, especially when electrified," comments sinij. "Hopefully these are restricted from the highway system."

The report notes that these Kei cars generally aren't allowed in the U.S. as new vehicles because they don't meet federal crash-safety and performance standards, and many states restrict or ban them due to concerns that they're too small and slow for American roads. However, they can be imported if they're over 25 years old, but then must abide by state rules that often limit them to low speeds or private property use.

[ Read more of this story ]( https://tech.slashdot.org/story/25/12/05/221241/trump-wants-asias-cute-kei-cars-to-be-made-and-sold-in-us?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.