An anonymous reader quotes a report from Bloomberg: Blue Origin sustained failures in recent weeks of testing including a factory mishap that damaged a portion of a future New Glenn rocket, the long-awaited centerpiece of the Jeff Bezos-backed startup's push to take on SpaceX. The upper portion of one rocket crumpled into itself, in part due to worker error, while it was being moved to a storage hangar, according to people familiar with the situation. In a separate incident, another upper rocket portion failed during stress testing and exploded, the people said. Repairs are underway, another person said, noting there were no injuries during either episode. The previously unreported incidents illustrate the hurdles Blue Origin is grappling with while ramping up production of New Glenn, which is four years overdue. At the same time, new Chief Executive Officer Dave Limp has hired a slate of executives to shake the company out of a years-long R&D slump.

Read more of this story at Slashdot.

Lionsgate is recalling its latest trailer for Francis Ford Coppola's epic "Megalopolis," which featured a littany of fabricated quotes from famous film critics. From a report: "Lionsgate is immediately recalling our trailer for 'Megalopolis,'" a Lionsgate spokesperson said in a statement provided to Variety. "We offer our sincere apologies to the critics involved and to Francis Ford Coppola and American Zoetrope for this inexcusable error in our vetting process. We screwed up. We are sorry." The trailer, released on Wednesday morning, aimed to position Coppola's latest film as a work of art that would withstand the test of time, much like his previous masterpieces "The Godfather" and "Apocalypse Now." The video included several quotes from critics panning Coppola's previous work -- but none of the phrases, attributed to the likes of Roger Ebert and Pauline Kael, could be found in any of their reviews.

Read more of this story at Slashdot.

Phoronix's Michael Larabel benchmarked AMD's latest Ryzen 9 9950X in several different Linux distros and found that the Zen 5 chip performs up to 16% faster with the Intel-optimized Clear Linux distro. Here's an excerpt from the report: The Linux distributions for this round of testing on the AMD Ryzen 9 9950X included Arch Linux, CachyOS, Clear Linux, Fedora Workstation 40, Ubuntu 24.04 LTS, and a recent daily snapshot of Ubuntu 24.10 in its current development form. Intel's Clear Linux is the one most interesting for looking at on the new AMD Zen 5 hardware. While there hasn't been so much Clear Linux news in recent times, it remains the most well optimized x86_64 Linux distribution out of the box. Clear Linux makes use of compiler function multi versioning, performance-minded defaults, aggressive compiler CFLAGS/CXXFLAGS defaults, optional AVX-512 usage for more libraries, and many other patches and optimizations in the name of delivering the greatest x86_64 Linux performance. And while not Intel's focus, it works typically on AMD hardware too. [...] Using the same Ryzen 9 9950X system, all of these Linux distributions were tested in their default / out-of-the-box state. [...] When taking the geometric mean of 59 benchmarks run across all of the Linux distributions on this AMD Ryzen 9 9950X system, Intel's Clear Linux easily took the crown. Ubuntu 24.04 LTS -- which was used for all of the Ryzen 9000 series Linux testing so far on Phoronix -- was the slowest. Tapping Intel's Clear Linux netted a 16% improvement on top of the performance offered by Ubuntu 24.04 LTS! Ubuntu 24.04 with the Ryzen 9000 series was already looking great generationally, but as shown today the performance can be even better with further software optimizations. The Arch Linux powered CachyOS that is tuned out-of-the-box with a similar aim to Clear Linux also performed great. CachyOS was 7% faster than Ubuntu 24.04 LTS based on the geo mean and 3% faster than upstream Arch Linux itself. For different workloads though the CachyOS advantage over Arch Linux varied from a minimal difference to quite significant advantages. From the performance of PHP and Python scripts atop Clear Linux to compiling various server and HPC minded software, Intel's Clear Linux -- and a commendable second place for CachyOS -- were showing that even greater performance can be achieved on the AMD Ryzen 9 9950X. Even for devoted Ubuntu Linux users, these results did show some nice advantages of the upcoming Ubuntu 24.10 release over Ubuntu 24.04 LTS thanks to the GCC 14 compiler. Ubuntu 24.10 performance is also still subject to change since the current daily ISOs haven't yet moved past the Linux 6.8 kernel while Ubuntu 24.10 in October will be shipping with Linux 6.11.

Read more of this story at Slashdot.

In a blog post on Wednesday, Neuralink said its second human recipient is using the brain chip to play Counter-Strike 2 and develop 3D designs in CAD software. "Alex" was given the brain chip last month to help restore his autonomy after a spinal cord injury. PCMag reports: Like the first Neuralink patient, Noland Arbaugh, Alex has also been using the brain chip to play his favorite computer games, such as Counter-Strike 2. Before, Alex had to use a mouth-operated controller, called a QuadStick, to play the first-person shooter. But even then, the controller limited him to only moving or aiming his weapon at a single time, never simultaneously like a normal Counter-Strike player. In other words, Alex had to essentially switch back and forth between the mouse and keyboard functions while playing the game. But thanks to Neuralink, he can now aim with the implant, and simultaneously move while using the QuadStick. [...] In the blog post, Neuralink also addressed a problem the company faced when placing the chip in Arbaugh, the first patient. Despite a successful surgery, about 85% of the thread-based electrodes attached to his brain later became displaced, undermining the full potential of the chip to read neural signals. Although Arbaugh can still use his implant effectively, Neuralink wanted to avoid a repeat with Alex. In response, the company developed several "mitigations," which include reducing the chance of an air pocket forming during surgery and placing the implant deeper into the brain tissue. "Promisingly, we have observed no thread retraction in our second participant," the company said of Alex. Whether Alex's implant outperforms the brain chip in Arbaugh was left unclear. In the meantime, Neuralink says it's working on ways to enhance the controls on the technology "to deliver full mouse and video game controller functionality." "Additionally, we plan to enable the Link [brain chip] to interact with the physical world, allowing users to feed themselves and move more independently by controlling a robotic arm or their wheelchair," the company said. You can watch Alex playing Counter-Strike 2 on YouTube.

Read more of this story at Slashdot.

Today's anonymous submitter found some Java code which finds the largest value in a quartet of floats. Now, the code is quite old, so it actually predates varargs in Java. That doesn't excuse any of what you're about to see.

public float CalculateMaximumValue(float a, float b, float c, float d) { int i = 0; float[] arr = new float[] { 0, 0, 0, 0 }; float gtval = 0; for (i = 0; i < 4; i++) { arr[i] = 0; } arr[0] = a; arr[1] = b; arr[2] = c; arr[3] = d; gtval = arr[0]; for (i = 0; i < 4; i++) { if (arr[i] > gtval) { gtval = arr[i]; } } return gtval; }

The best thing I can say about this is that they didn't use some tortured expansion of every possible comparison:

if (a > b && a > c && a > d) return a; if (b > a && b > c && b > d) return b; …

Honestly, that would be awful, but I'd prefer it. This just makes my eyes sting when I look at it.

But let's trace through it, because each step is dumb.

We start by creating an empty array, where every value is initialized to zero. This isn't necessary, as that's what Java does by default. But then, we loop across the array to set things to zero one more time, just to be sure.

Once we're convinced every value is definitely zero, we replace those zeroes with the real values. Then we can loop across the array and find the largest value with straightforward comparisons.

This code is, in some ways, the worst kind of code. It's bad, but not so bad as it's ever going to cause real, serious problems. No one is going to see any bugs or inefficiencies coming from this method. It's just an ugly mess that's going to sit there in that codebase until the entire thing gets junked, someday. It's just an irritant that never rises to the level of frustration which drives action.

[Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today!

An anonymous reader quotes a report from Reuters: U.S. oilfield services firm Halliburton on Wednesday was hit by a cyberattack, according to a person familiar with the matter. Halliburton said it was aware of an issue affecting certain systems at the company and was working to determine the cause and impact of the problem. The company was also working with "leading external experts" to fix the issue, a spokesperson said in an emailed statement. The attack appeared to impact business operations at the company's north Houston campus, as well as some global connectivity networks, the person said, who declined to be identified because they were not authorized to speak on the record. The company has asked some staff not to connect to internal networks, the person said. Houston, Texas-based Halliburton is one of the largest oilfield services firms in the world, providing drilling services and equipment to major energy producers around the globe. It had nearly 48,000 employees and operated in more than 70 countries at the end of last year.

Read more of this story at Slashdot.

A sophisticated extortion campaign has targeted 110,000 domains by exploiting misconfigured AWS environment files, security firm Cyble reports. The attackers scanned for exposed .env files containing cloud access keys and other sensitive data. Organizations that failed to secure their AWS environments found their S3-stored data replaced with ransom notes. The attackers used a series of API calls to verify data, enumerate IAM users, and locate S3 buckets. Though initial access lacked admin privileges, they created new IAM roles to escalate permissions. Cyble researchers noted the attackers' use of AWS Lambda functions for automated scanning operations.

Read more of this story at Slashdot.

The old Sonos app won't be making a return to replace the buggy new version. According to Sonos CEO Patrick Spence, rereleasing the old app would make things worse now that updated software has already been sent out to the company's speakers and cloud infrastructure. The Verge reports: In a Reddit AMA response posted Tuesday, Sonos CEO Spence says that he was hopeful "until very recently" that the company could rerelease the app, confirming a report from The Verge that the company was considering doing so. [...] Since the new app was released on May 7th, Spence has issued a formal apology and announced in August that the company would be delaying the launch of two products "until our app experience meets the level of quality that we, our customers, and our partners expect from Sonos." "The trick of course is that Sonos is not just the mobile app, but software that runs on your speakers and in the cloud too," writes Spence in the Reddit AMA. "In the months since the new mobile app launched we've been updating the software that runs on our speakers and in the cloud to the point where today S2 is less reliable & less stable then what you remember. After doing extensive testing we've reluctantly concluded that re-releasing S2 would make the problems worse, not better. I'm sure this is disappointing. It was disappointing to me."

Read more of this story at Slashdot.

According to Bloomberg's Mark Gurman (paywalled), App Store vice president Matt Fischer is departing the company in October as Apple prepares for organizational changes in response to regulatory pressure. MacRumors reports: Apple plans to split its App Store group into two teams, one that handles the App Store and a second team that oversees alternative app distribution. As of earlier this year, Apple has supported iOS app downloads from alternative app stores and from websites in the European Union, a change that the company had to make to comply with the Digital Markets Act. To handle ongoing compliance with EU regulations for app distribution and alternative payment methods, App Store chief Phil Schiller is changing the App Store's hierarchy. Fischer joined Apple in 2003 to oversee iTunes marketing, but he has served as the vice president of the App Store since 2010. In an email to Apple employees today, Fischer said that he had been thinking about leaving Apple for some time, and the reorganization provided the right opportunity. With Fischer leaving, App Store senior director Carson Oliver will oversee the App Store, and Ann Thai, a director who oversees App Store features, will head up the team that handles alternative app distribution.

Read more of this story at Slashdot.

Google has reached a groundbreaking deal with California lawmakers to contribute millions to local newsrooms, aiming to support journalism amid its decline as readers migrate online and advertising dollars evaporate. The agreement also includes a controversial provision for artificial intelligence funding. Politico reports: California emulated a strategy that other countries like Canada have used to try and reverse the journalism industry's decline as readership migrated online and advertising dollars evaporated. [...] Under the deal, the details of which were first reported by POLITICO on Monday, Google and the state of California would jointly contribute a minimum of $125 million over five years to support local newsrooms through a nonprofit public charity housed at UC Berkeley's journalism school. Google would contribute at least $55 million, and state officials would kick in at least $70 million. The search giant would also commit $50 million over five years to unspecified "existing journalism programs." The deal would also steer millions in tax-exempt private dollars toward an artificial intelligence initiative that people familiar with the negotiations described as an effort to cultivate tech industry buy-in. Funding for artificial intelligence was not included in the bill at the core of negotiations, authored by Assemblymember Buffy Wicks. The agreement has drawn criticism from a journalists' union that had so far championed Wicks' effort. Media Guild of the West President Matt Pearce in an email to union members Sunday evening said such a deal would entrench "Google's monopoly power over our newsrooms." "This public-private partnership builds on our long history of working with journalism and the local news ecosystem in our home state, while developing a national center of excellence on AI policy," said Kent Walker, chief legal officer for Alphabet, the parent company of Google. Media Guild of the West President Matt Pearce wasn't so chipper. He criticized the plan in emails with union members, calling it a "total rout of the state's attempts to check Google's stranglehold over our newsrooms."

Read more of this story at Slashdot.

In a tragic update to Monday's story, authorities have recovered the bodies of former Autonomy CEO Mike Lynch and his teenage daughter Hannah. The Register reports: Italian divers are said to have found the billionaire father and his daughter, 18, inside one of the sunken vessel's cabins, according to The Telegraph. The capsized ship presently rests 49 meters below the surface, about half a mile from the coast. [...] Angela Bacares, Lynch's wife, was rescued at sea and is recovering. Canadian Broadcasting Company News has reported that the body of Recaldo Thomas, a Canadian-born man who resided in Antigua and served as the ship's cook, has been recovered. Other missing individuals have been identified by The Independent as: Christopher Morvillo, a lawyer who had represented Lynch and wife Neda Morvillo; Jonathan Bloomer, chairman of investment bank Morgan Stanley International and wife Judy Bloomer. The Register has published an obituary for Mike Lynch.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Dark Reading: Researchers have exploited a vulnerability in Microsoft's Copilot Studio tool allowing them to make external HTTP requests that can access sensitive information regarding internal services within a cloud environment -- with potential impact across multiple tenants. Tenable researchers discovered the server-side request forgery (SSRF) flaw in the chatbot creation tool, which they exploited to access Microsoft's internal infrastructure, including the Instance Metadata Service (IMDS) and internal Cosmos DB instances, they revealed in a blog post this week. Tracked by Microsoft as CVE-2024-38206, the flaw allows an authenticated attacker to bypass SSRF protection in Microsoft Copilot Studio to leak sensitive cloud-based information over a network, according to a security advisory associated with the vulnerability. The flaw exists when combining an HTTP request that can be created using the tool with an SSRF protection bypass, according to Tenable. "An SSRF vulnerability occurs when an attacker is able to influence the application into making server-side HTTP requests to unexpected targets or in an unexpected way," Tenable security researcher Evan Grant explained in the post. The researchers tested their exploit to create HTTP requests to access cloud data and services from multiple tenants. They discovered that "while no cross-tenant information appeared immediately accessible, the infrastructure used for this Copilot Studio service was shared among tenants," Grant wrote. Any impact on that infrastructure, then, could affect multiple customers, he explained. "While we don't know the extent of the impact that having read/write access to this infrastructure could have, it's clear that because it's shared among tenants, the risk is magnified," Grant wrote. The researchers also found that they could use their exploit to access other internal hosts unrestricted on the local subnet to which their instance belonged. Microsoft responded quickly to Tenable's notification of the flaw, and it has since been fully mitigated, with no action required on the part of Copilot Studio users, the company said in its security advisory. Further reading: Slack AI Can Be Tricked Into Leaking Data From Private Channels

Read more of this story at Slashdot.

Rotten Tomatoes and Fandango are rolling out a new "Verified Hot" rating for users who actually bought a ticket to the movie being reviewed. "The designation is only given to theatrical movies that have reached an audience score above 90 percent among user ratings," adds IndieWire. From the report: Movie ticketing app Fandango is the parent company to Rotten Tomatoes, so if you bought your ticket through Fandango and then rated a movie using that same user info on Rotten Tomatoes, RT is able to confirm you bought a ticket and can filter out anyone else who may just be rating things blindly. A rep for RT tells IndieWire the goal is to work with other partners so that other people who don't use Fandango can still be considered verified. Rotten Tomatoes also expanded its Popcornmeter designations. Anything with an audience score above 60 percent of people rating it as 3.5 stars or higher will be labeled "Hot," and movies below that 60 percent threshold are now "Stale." The "Certified Fresh" badge for movies that achieve a strong enough critics score has been around for a while, but in 2020 RT introduced a "Top Critics" feature such that you could filter out the dozens or hundreds of aggregated critics from unreliable sources who could be skewing a film's score. Anyone can vote or rate movies on Rotten Tomatoes if you're an audience member, but you can also filter out ratings from those not considered "verified." Rotten Tomatoes made some other tweaks too under the hood: Both the Popcornmeter and Tomatometer need to meet a new minimum number of reviews published for a score to appear. Not everything gets reviewed widely, so the threshold varies depending on a film's total projected domestic box office forecast. A full list of "Verified Hot" films can be found here.

Read more of this story at Slashdot.

Phoronix's Michael Larabel reports: As part of Intel's Scalable Video Technology (SVT) initiative they had been developing SVT-HEVC as a BSD-licensed high performance H.265/HEVC video encoder optimized for Xeon Scalable and Xeon D processors. But recently they've changed course and the project has been officially discontinued. [...] The SVT-AV1 project a while ago was already punted to the Alliance for Open Media (AOMedia) project and one of its lead maintainers having joined Meta from Intel two years ago. SVT-AV1 continues excelling great outside the borders of Intel but SVT-HEVC (and SVT-VP9) have remained Intel open-source projects but at least officially SVT-HEVC has ended. SVT-HEVC hadn't seen a new release since 2021 and there are already several great open-source H.265 encoders out there like x265 and Kvazaar. But as of a few weeks ago, SVT-HEVC upstream is now discontinued. The GitHub repository was put into a read-only state [with a discontinuation notice]. Meanwhile SVT-VP9 doesn't have any discontinuation notice at this time. The SVT-VP9 GitHub repository remains under Intel's Open Visual Cloud account although it hasn't seen any new commits in four months and the last tagged release was back in 2020.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Chrome users who declined to sync their Google accounts with their browsing data secured a big privacy win this week after previously losing a proposed class action claiming that Google secretly collected personal data without consent from over 100 million Chrome users who opted out of syncing. On Tuesday, the 9th US Circuit Court of Appeals reversed (PDF) the prior court's finding that Google had properly gained consent for the contested data collection. The appeals court said that the US district court had erred in ruling that Google's general privacy policies secured consent for the data collection. The district court failed to consider conflicts with Google's Chrome Privacy Notice (CPN), which said that users' "choice not to sync Chrome with their Google accounts meant that certain personal information would not be collected and used by Google," the appeals court ruled. Rather than analyzing the CPN, it appears that the US district court completely bought into Google's argument that the CPN didn't apply because the data collection at issue was "browser agnostic" and occurred whether a user was browsing with Chrome or not. But the appeals court -- by a 3-0 vote -- did not. In his opinion, Circuit Judge Milan Smith wrote that the "district court should have reviewed the terms of Google's various disclosures and decided whether a reasonable user reading them would think that he or she was consenting to the data collection." "By focusing on 'browser agnosticism' instead of conducting the reasonable person inquiry, the district court failed to apply the correct standard," Smith wrote. "Viewed in the light most favorable to Plaintiffs, browser agnosticism is irrelevant because nothing in Google's disclosures is tied to what other browsers do." Smith seemed to suggest that the US district court wasted time holding a "7.5-hour evidentiary hearing which included expert testimony about 'whether the data collection at issue'" was "browser-agnostic." "Rather than trying to determine how a reasonable user would understand Google's various privacy policies," the district court improperly "made the case turn on a technical distinction unfamiliar to most 'reasonable'" users, Smith wrote. Now, the case has been remanded to the district court where Google will face a trial over the alleged failure to get consent for the data collection. If the class action is certified, Google risks owing currently unknown damages to any Chrome users who opted out of syncing between 2016 and 2024. According to Smith, the key focus of the trial will be weighing the CPN terms and determining "what a 'reasonable user' of a service would understand they were consenting to, not what a technical expert would."

Read more of this story at Slashdot.

A growing body of scientific evidence shows that microplastics are accumulating in critical human organs, including the brain, leading researchers to call for more urgent actions to rein in plastic pollution. From a report: Studies have detected tiny shards and specks of plastics in human lungs, placentas, reproductive organs, livers, kidneys, knee and elbow joints, blood vessels and bone marrow. Given the research findings, "it is now imperative to declare a global emergency" to deal with plastic pollution, said Sedat Gundogdu, who studies microplastics at Cukurova University in Turkey. Humans are exposed to microplastics -- defined as fragments smaller than 5mm in diameter -- and the chemicals used to make plastics from widespread plastic pollution in air, water and even food. The health hazards of microplastics within the human body are not yet well-known. Recent studies are just beginning to suggest they could increase the risk of various conditions such as oxidative stress, which can lead to cell damage and inflammation, as well as cardiovascular disease. Animal studies have also linked microplastics to fertility issues, various cancers, a disrupted endocrine and immune system, and impaired learning and memory.

Read more of this story at Slashdot.

bobdevine writes: The Linux operating system has reached a notable milestone in desktop market share, according to the latest data from StatCounter. As of July 2024, Linux has achieved a 4.45% market share for desktop operating systems worldwide. While this percentage might seem small to those unfamiliar with the operating system landscape, it represents a significant milestone for Linux and its dedicated community. What makes this achievement even more thrilling is the upward trajectory of Linux's adoption rate.

Read more of this story at Slashdot.

South Africa's telecoms industry body is pushing for digital content and service providers to help pay for the roll out of network infrastructure because they generate a huge part of the internet traffic. From a report: The Association of Comms and Technology (ACT) CEO Nomvuyiso Batyi said that the revenues generated by over-the-top (OTT) platforms and the continued success of the OTT model was dependent on the availability of high-quality, reliable and efficient network infrastructure. So "what we're saying is that the OTTs should contribute towards the network upgrades, the network building," she added. OTT platforms or services deliver digital content such as video, audio and messaging directly to consumers over the internet. "Fair share" arrangements ensure that OTT providers contribute to the costs of building, maintaining, and upgrading the infrastructure that supports their business.

Read more of this story at Slashdot.

CrowdStrike's president hit out at "shady" efforts by its cyber security rivals to scare its customers and steal market share in the month since its botched software update sparked a global IT outage. From a report: Michael Sentonas told the Financial Times that attempts by competitors to use the July 19 disruption to promote their own products were "misguided." After criticism from rivals including SentinelOne and Trellix, the CrowdStrike executive said no vendor could "technically" guarantee that their own software would never cause a similar incident. "Our industry is built on trust," Sentonas said. For rivals to take advantage of the meltdown to push their own products "lets themselves down because, ultimately, people know really quickly fact from, possibly, some shady commentary." Texas-based CrowdStrike had a reputation as many major companies' first line of defense against cyber attacks, but the high-profile nature of its clients exacerbated the impact of July's global disruption that shut down 8.5 million Windows devices. Insurers have estimated that losses from the disruption, which grounded flights and shut down hospital systems, could run into billions of dollars. Delta Air Lines, which canceled more than 6,000 flights, has estimated that the outages will cost it $500 million and has threatened litigation.

Read more of this story at Slashdot.

An anonymous reader shares a report: U.S. agencies are increasingly accessing parts of a half-billion encrypted chat message haul that has rocked the global organized crime underground, using the chats as part of multiple drug trafficking prosecutions, according to a 404 Media review of U.S. court records. In particular, U.S. authorities are using the chat messages to prosecute alleged maritime drug smugglers who traffic cocaine using speedboats and commercial ships. The court records show the continued fallout of the massive hack of encrypted phone company Sky in 2021, in which European agencies obtained the intelligence goldmine of messages despite Sky being advertised as end-to-end encrypted. European authorities have used those messages as the basis for many prosecutions and drug seizures across the continent. Now, it's clear that the blast radius extends to the United States.

Read more of this story at Slashdot.