Christoph Hellwig continues to voice strong opposition to Rust in the Linux kernel, arguing that its introduction creates fragmentation, unclear language guidelines, and additional burdens on maintainers. He also says Linus Torvalds has privately stated he will override objections to Rust code, effectively making its adoption inevitable. Phoronix's Michael Larabel has the latest: The latest on Hellwig's perspective of Rust code within the Linux kernel is below. Some interesting insight from a dissenting view. The thread in full can be found on the Rust for Linux mailing list. [Here's an excerpt from the thread:] "I don't think having a web page in any form is useful. If you want it to be valid it has to be in the kernel tree and widely agreed on. It also states factually incorrect information. E.g. 'Some subsystems may decide they do not want to have Rust code for the time being, typically for bandwidth reasons. This is fine and expected.' while Linus in private said that he absolutely is going to merge Rust code over a maintainers objection. (He did so in private in case you are looking for a reference). So as of now, as a Linux developer or maintainer you must deal with Rust if you want to or not. [...] Right now the rules is Linus can force you whatever he wants (it's his project obviously) and I think he needs to spell that out including the expectations for contributors very clearly."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Gizmodo: Protector, an app that lets you book armed goons the same way you'd call for an Uber, is having a viral moment. The app started doing the rounds on social media after consultant Nikita Bier posted about it on X. Protector lets the user book armed guards on demand. Right now it's only available in NYC and LA. According to its marketing, every guard is either "active duty or retired law enforcement and military." Every booking comes with a motorcade and users get to select the number of Escalades that'll be joining them as well as the uniforms their hired goons will wear. Protector is currently "#7 in Travel" on Apple's App Store. It's not available for people who use Android devices. [...] The marketing for Protector, which lives on its X account, is surreal. A series of robust and barrel-chested men in ill-fitting black suits deliver their credentials to the camera while sitting in front of a black background. They're all operators. They describe careers in SWAT teams and being deployed to war zones. They show vanity shots of themselves kitted out in operator gear. All of them have a red lapel pin bearing the symbol of Protector. If the late UnitedHealthcare CEO had used Protector, he might still be alive today, suggests Protector in its marketing materials. A video on X shows "several fantasy versions of the assassination where a Protector is on hand to prevent the assassin from killing the CEO," reports Gizmodo. The app is a product from parent company Protector Security Solutions, which was founded by Nick Sarath, a former product designer at Meta.

Read more of this story at Slashdot.

An anonymous reader shares a report: U.S. personal injury law firm Morgan & Morgan sent an urgent email this month to its more than 1,000 lawyers: Artificial intelligence can invent fake case law, and using made-up information in a court filing could get you fired. A federal judge in Wyoming had just threatened to sanction two lawyers at the firm who included fictitious case citations in a lawsuit against Walmart. One of the lawyers admitted in court filings last week that he used an AI program that "hallucinated" the cases and apologized for what he called an inadvertent mistake. AI's penchant for generating legal fiction in case filings has led courts around the country to question or discipline lawyers in at least seven cases over the last two years, and created a new high-tech headache for litigants and judges, Reuters found. The Walmart case stands out because it involves a well-known law firm and a big corporate defendant. But examples like it have cropped up in all kinds of lawsuits since chatbots like ChatGPT ushered in the AI era, highlighting a new litigation risk.

Read more of this story at Slashdot.

Public interest groups on Tuesday asked the full 6th U.S. Circuit Court of Appeals to reconsider a ruling that the Federal Communications Commission lacked legal authority to reinstate landmark net neutrality rules. From a report: The decision by a three-judge panel blocked the FCC under then President Joe Biden that had sought to reinstate the open internet rules implemented in 2015 but later repealed by the agency under President Donald Trump. The groups -- Free Press, Public Knowledge, Open Technology Institute and the Benton Institute for Broadband & Society -- argue the appeals court decision conflicts with an earlier decision by another court. The groups said the case centers on the FCC's decades-long effort to prevent broadband internet providers "from abusing their gatekeeping power, in furtherance of the providers' economic or political interests, to constrain their users' access to third-party websites."

Read more of this story at Slashdot.

Lloyds Banking Group is assessing the skills of thousands of technology staffers in the UK to determine whether they can keep working at the bank once it upgrades its technology [alternative source]. Bloomberg: The British lender, which is carrying out a multiyear overhaul of its systems, put these workers on notice this month that they are at risk of losing their jobs and will be required to reapply for new positions across the bank, according to people familiar with the matter. In a company town hall last week, executives informed those staffers that they were in the process of assessing their technical skills based on a test they took last year to determine where, if anywhere, they can be placed within Lloyds, the people said, asking not to be named discussing non-public information.

Read more of this story at Slashdot.

A new report released by Cisco finds that 97% of CEOs surveyed are planning AI integration. Similarly, 92% of companies recently surveyed by McKinsey plan to invest more in generative AI over the next three years. Fortune: To that end, many companies are seeking tech-savvy finance talent, according to a new report by software company Datarails. The researchers analyzed 6,000 job listings within the CFO's office -- CFO, controller, financial planning and analysis (FP&A), and accountant -- advertised on job search websites including LinkedIn, Glassdoor, Indeed, Job2Careers, and ZipRecruiter. Of the 1,000 job listings for CFOs in January 2025, 27% included AI in the job description. This compares to 8% mentions of AI in 1,000 CFO job listings at the same time last year. Take, for example, Peaks Healthcare Consulting which required a CFO candidate to "continuously learn and integrate AI to improve financial processes and decision making," Datarails notes in the report. Regarding FP&A professionals, in January 2025, 35% of analyst roles mentioned AI competency as a requirement, compared to 14% in January 2024, according to the report.

Read more of this story at Slashdot.

Chinese AI startup DeepSeek has updated its business registry information with key changes to personnel and operational scope, signaling a shift towards monetizing its cost-efficient-yet-powerful large language models. From a report: The Hangzhou-based firm's updated business scope includes "internet information services," according to business registry service Tianyancha. The move is the first sign of DeepSeek's desire to monetise its popular technology, according to Zhang Yi, founder and chief analyst at consultancy iiMedia. With eyes on developing a business model, DeepSeek intends to shift away from being purely focused on research and development, Zhang added. "The move reflects that for a company like DeepSeek, which managed to accumulate technology and develop a product, monetisation is becoming a necessary next step," Zhang said. DeepSeek's previous business scope said it engages in engineering and AI software development, among others, hinting at a more research-driven approach.

Read more of this story at Slashdot.

An anonymous reader shares a report: Later this month, Intuitive Machines, the private company behind the first commercial lander that touched down on the moon, will launch a second lunar mission from NASA's Kennedy Space Center. The plan is to deploy a lander, a rover, and hopper to explore a site near the lunar south pole that could harbor water ice, and to put a communications satellite on lunar orbit. But the mission will also bring something that's never been installed on the moon or anywhere else in space before -- a fully functional 4G cellular network. Point-to-point radio communications, which need a clear line of sight between transmitting and receiving antennas, have always been a backbone of both surface communications and the link back to Earth, starting with the Apollo program. Using point-to-point radio in space wasn't much of an issue in the past because there never have been that many points to connect. Usually, it was just a single spacecraft, a lander, or a rover talking to Earth. And they didn't need to send much data either. "They were based on [ultra high frequency] or [very high frequency] technologies connecting a small number of devices with relatively low data throughput," says Thierry Klein, president of Nokia Bell Labs Solutions Research, which was contracted by NASA to design a cellular network for the moon back in 2020.

Read more of this story at Slashdot.

SCMP: Chinese scientists have developed a revolutionary repair technology that could make lithium-ion batteries last over six times longer. Announcing their discovery in the journal Nature on Wednesday, the researchers said this low-cost, eco-friendly technology could soon be ready to enter the market. The batteries are key for many modern technologies, from smartphones to electric vehicles. However, as these batteries age, they often become less efficient -- a process that cold weather accelerates. The researchers said they could counter this problem with the "injection" of a special solution to rejuvenate "sick" batteries. At present, lithium-ion batteries rely on sophisticated materials used to generate lithium ions -- whose movement through electrolyte is key to their performance -- and then protect them to ensure a decent lifespan. Typically these lithium ions move from the positive terminal to the negative when the battery is charging, a process which is then reversed when it is generating power. The battery is considered to have expired when the supply of lithium ions runs low -- for example some electric car batteries have a lifespan of around 1,500 charge cycles -- but other components in the battery still remain in good working order after this happens. This insight prompted the two lead researchers, Gao Yue and Peng Huisheng from Fudan University's macromolecular science department, to see if they could revive a battery by replenishing the supply of active lithium ions.

Read more of this story at Slashdot.

A new family of superconductors is exciting physicists. Compounds containing nickel have been shown to carry electricity without resistance at the relatively high temperature of 45 kelvin (-228C) -- and without being squeezed under pressure. Nature: Physicists at the Southern University of Science and Technology (Sustech) in Shenzhen, China, observed the major hallmarks of superconductivity in a thin film of crystals of nickel oxide, which they grew in the laboratory. They published their work in Nature on 17 February. "There's a huge hope that we could eventually raise the critical temperature and make [such materials] more useful for applications," says Dafeng Li, a physicist at the City University of Hong Kong. Nickelates now join two groups of ceramics -- copper-based cuprates and iron-based pnictides -- as 'unconventional superconductors' that operate at room pressure and temperatures as high as 150K (-123C). This new data point could help physicists to finally explain how high-temperature superconductors work, and ultimately to design materials that operate under ambient conditions. This would make technologies, such as magnetic resonance imaging, radically cheaper and more efficient. How unconventional superconductors operate at warmer temperatures remains largely a mystery, whereas the mechanism behind how some metals can carry electricity without resistance at colder temperatures, or extreme pressures, has been understood since 1957. The ability of the Sustech researchers to precisely engineer the material's properties is huge boon in trying to use nickelates to unravel the theory behind unconventional superconductivity, says Lilia Boeri, a physicist at the Sapienza University of Rome. "The idea that you have a system that you can sort of tune experimentally, is something quite exciting."

Read more of this story at Slashdot.

Acer will raise laptop prices in the United States by 10% next month due to Trump administration tariffs on Chinese imports, CEO Jason Chen said. "We will have to adjust the end user price to reflect the tariff," Chen said. "We think 10 percent probably will be the default price increase because of the import tax." The Taiwan-based company, the fifth-largest computer seller in the U.S. market behind HP, Dell, Lenovo and Apple, could add hundreds of dollars to its high-end laptops that cost up to $3,700. Chen said Acer is exploring manufacturing options outside China, including possible U.S. production. The company has already moved desktop computer assembly out of China following earlier 25% tariffs during Trump's first term. The 10% tariff imposed this month affects nearly 80% of U.S. laptop imports from China.

Read more of this story at Slashdot.

India's Tata Consultancy Services allegedly manipulated U.S. visa programs by falsifying management credentials for foreign workers, according to lawsuits and federal data obtained by Bloomberg News. TCS, India's largest IT services firm, received upwards of 6,500 L-1A visas for managers from October 2019 through September 2023, more than the next seven largest recipients combined. In contrast, TCS categorized fewer than 600 of its 31,000 U.S.-based employees as executives and managers in a 2022 federal report. Former TCS manager Anil Kini alleged in a lawsuit that in January 2017, a senior manager ordered him to alter organizational charts to hide discrepancies for employees without management responsibilities. The Equal Employment Opportunity Commission found "credible documentary evidence" that TCS "frequently falsifies documents in support of L-1 visa applications," according to a 2019 letter. L-1A visas for managers, unlike H-1B visas, have no pay requirements or caps. TCS has denied wrongdoing, saying it "strongly refutes these inaccurate allegations by certain ex-employees, which have previously been dismissed by multiple courts."

Read more of this story at Slashdot.

PAjamian writes: Two years ago Red Hat announced an end to its public source code availability. This caused a great deal of outcry from the Enterprise Linux community at large. Since then many have waited for a statement from the Free Software Foundation concerning their stance on the matter. Now, nearly two years later the FSF has finally responded to questions regarding their stance on the issue with the following statement: Generally, we don't agree with what Red Hat is doing. Whether it constitutes a violation of the GPL would require legal analysis and the FSF does not give legal advice. However, as the stewards of the GNU GPL we can speak how it is intended to be applied and Red Hat's approach is certainly contrary to the spirit of the GPL. This is unfortunate, because we would expect such flagship organizations to drive the movement forward. When asked if the FSF would be willing to intervene on behalf of the community they had this to say:As of today, we are not aware of any issue with Red Hat's new policy that we could pursue on legal grounds. However, if you do find a violation, please follow these instructions and send a report to license-violation@gnu.org. Following is the full text of my original email to them and their response: Subject: Statement about recent changes in source code distribution for Red Hat Enterprise LinuxDate: 2023-07-16 00:39:51 > Hi,>> I'm a user of Red Hat Enterprise Linux, Rocky Linux and other Linux> distributions in the RHEL ecosystem. I am also involved in the EL> (Enterprise Linux) community which is being affected by the statements> and changes in policy made by Red Hat at> https://www.redhat.com/en/blog/furthering-evolution-centos-stream and> https://www.redhat.com/en/blog/red-hats-commitment-open-source-> response-gitcentosorg-changes> (note there are many many more links and posts about this issue which> I> believe you are likely already aware of). While a few of these> questions are answered more directly by the license FAQ some of them> are> not and there are a not insignificant number of people who would very> much appreciate a public statement from the FSF that answers these> questions directly.>> Can you please comment or release a statement about the Free Software> Foundation's position on this issue? Specifically:> Thank you for writing in with your questions. My apologies for the delay, but we are a small team with limited resources and can be challenging keeping up with all the emails we receive. Generally, we don't agree with what Red Hat is doing. Whether it constitutes a violation of the GPL would require legal analysis and the FSF does not give legal advice. However, as the stewards of the GNU GPL we can speak how it is intended to be applied and Red Hat's approach is certainly contrary to the spirit of the GPL. This is unfortunate, because we would expect such flagship organizations to drive the movement forward. > Is Red Hat's removal of sources from git.centos.org a violation of the> GPL and various other Free Software licenses for the various programs> distributed under RHEL?>> Is Red Hat's distribution of source RPMs to their customers under> their> subscriber agreement sufficient to satisfy the above mentioned> licenses?>> Is it a violation if Red Hat terminates a subscription early because> their customer exercised their rights under the GPL and other Free> Software licenses to redistribute the RHEL sources or create> derivative> works from them?>> Is it a violation if Red Hat refuses to renew a subscription that has> expired because a customer exercised their rights to redistribute or> create derivative works?>> A number of the programs distributed with RHEL are copyrighted by the> FSF, some examples being bash, emacs, GNU core utilities, gcc, gnupg> and> glibc. Given that the FSF has standing to act in this matter would> the> FSF be willing to intervene on behalf of the community in order to get> Red Hat to correct any of the above issues?> As of today, we are not aware of any issue with Red Hat's new policy that we could pursue on legal grounds. However, if you do find a violation, please [follow these instructions][0] and send a report to <license-violation@gnu.org>. [0]: https://www.gnu.org/licenses/gpl-violation.html If you are interested in something more specific on this, the Software Freedom Conservancy [published an article about the RHEL][1] situation and hosted a [panel at their conference in 2023][2]. These cover the situation fairly thoroughly. [1]: https://sfconservancy.org/blog/2023/jun/23/rhel-gpl-analysis/[2]: https://sfconservancy.org/blog/2023/jul/19/rhel-panel-fossy-2023/

Read more of this story at Slashdot.

Former PlayStation executive Shuhei Yoshida has attributed the current wave of video game industry layoffs and slowdown to companies overextending during the COVID-19 pandemic. "I think it's an overreaction to the COVID situation. Companies invested too much, including ourselves. Then we had to face reality and make adjustments," Yoshida told VentureBeat in an interview. Yoshida, who left Sony in January after 31 years at PlayStation, suggested the industry's growth would have been more stable without the pandemic-driven surge. "If you take out the COVID years you'd have smoother growth over the years," he said. Yoshida's comments come amid widespread job cuts across the gaming sector, including at Sony, Microsoft, Epic Games, and other major publishers following a post-pandemic decline in gaming engagement.

Read more of this story at Slashdot.

xAI has launched Grok 3, the latest iteration of its large language model, alongside new capabilities for its iOS and web applications. The model has been trained on approximately 200,000 GPUs in a Memphis data center, representing what CEO Elon Musk claims is a tenfold increase in computing power compared to its predecessor. The new release introduces two specialized variants: Grok 3 Reasoning and Grok 3 mini Reasoning, designed to methodically analyze problems similar to OpenAI's o3-mini and DeepSeek's R1 models. According to xAI's benchmarks, Grok 3 outperforms GPT-4o on several technical evaluations, including AIME for mathematical reasoning and GPQA for PhD-level science problems. A notable addition is the DeepSearch feature, which combs through web content and X posts to generate research summaries. The platform will be available through X's Premium+ subscription and a new SuperGrok tier ($30/month or $300/year), with the latter offering enhanced reasoning capabilities and unlimited image generation. To prevent knowledge extraction through model distillation -- a technique recently attributed to DeepSeek's alleged copying of OpenAI's models -- xAI has implemented measures to obscure the reasoning models' thought processes in the Grok app. The company plans to release the Grok 2 model as open source once Grok 3 achieves stability.

Read more of this story at Slashdot.

Gretchen saw this line in the front-end code for their website and freaked out:

let bucket = new AWS.S3({ params: { Bucket: 'initech-logos' } });

This appeared to be creating an object to interact with an Amazon S3 bucket on the client side. Which implied that tokens for interacting with S3 were available to anyone with a web browser.

Fortunately, Gretchen quickly realized that this line was commented out. They were not hosting publicly available admin credentials on their website anymore.

.comment { border: none; }

They used to, however, and the comments in the code made this a bit more clear:

// inside an angular component: uploadImage(): void { const uniqueName = `${this.utils.generateUUID()}_${this.encrDecSrvc.getObject(AppConstants.companyID)}_${this.file.name}` /*; @note: Disable usage of aws credential, transfer flow to the backend. @note; @disable-aws-credential */ /*; AWS.config.region = 'us-east-1' let bucket = new AWS.S3({ params: { Bucket: 'initech-billinglogos' } }); */ const bucket = ( AWSBucketMask ); const params = { Bucket: 'initech-logos', Key: 'userprofilepic/' + uniqueName, ACL: "public-read", Body: this.file }; const self = this; bucket.upload( params, function (err, data) { if (err) { console.log("error while saving file on s3 server", err); return; } self.isImageUrl = true; self.imageUrl = data.Location; self.myProfileForm.controls['ProfilePic'].setValue(self.imageUrl); self.encrDecSrvc.addObject(AppConstants.imageUrl, self.imageUrl); self.initechAPISrvc.fireImageView(true); self.saveProfileData(); self.fileUpload.clear() }, self.APISrvc ); }

Boy, this makes me wonder what that AWSBucketMask object is, and what its upload function does.

export class AWSBucketMask { public static async upload( option, callback, service ){ const fileReader = new FileReader( ); fileReader.onloadend = ( ( ) => { const dataURI = ( `${ fileReader.result }` ); const [ entityType, mimeType, baseType, data ] = ( dataURI.split( /[\:\;\,]/ ) ); option.ContentEncoding = baseType; option.ContentType = mimeType; option.Body = data; service.awsBucketMaskUpload( option ) .subscribe( function( responseData ){ callback( null, responseData.data ); }, function( error ){ callback( error ); } ); } ); fileReader.readAsDataURL( option.Body ); } public static async deleteObject( option, callback, service ){ service.awsBucketMaskDeleteObject( option ) .subscribe( function( responseData ){ callback( null, responseData ); }, function( error ){ callback( error ); } ); } public static async deleteObjects( option, callback, service ){ service.awsBucketMaskDeleteObjects( option ) .subscribe( function( responseData ){ callback( null, responseData ); }, function( error ){ callback( error ); } ); } public static async getSignedUrl( namespace, option, callback, service ){ service.awsBucketMaskGetSignedUrl( namespace, option ) .subscribe( function( responseData ){ callback(null, responseData.data); }, function( error ){ callback( error ); } ); } }

The important thing to notice here is that each of the methods here invokes a web service service.awsBucketMaskUpload, for example. Given that nothing actually checks their return values and it's all handled through callback hell, this is a clear example of async pollution- methods being marked async without understanding what async is supposed to do.

But that's not the real WTF. You may notice that these calls back to the webservice are pretty thin. You see, here's the problem: originally, they just bundled the S3 into the client-side, so the client-side code could do basically anything it wanted to in S3. Adding a service to "mask" that behavior would have potentially meant doing a lot of refactoring, so instead they made the service just a dumb proxy. Anything you want to do on S3, the service does for you. It does no authentication. It does no authorization. It runs with the admin keys, so if you can imagine a request you want to send it, you can send it that request. But at least the client doesn't have access to the admin keys any more.

This is an accounting application, so some of the things stored in S3 are confidential financial information.

Gretchen writes:

We have to take cybersecurity courses every 3 months, but it seems like this has no effect on the capabilities of my fellow coworkers.

You can lead a programmer to education, but you can't make them think.

[Advertisement] Plan Your .NET 9 Migration with Confidence
Your journey to .NET 9 is more than just one decision.Avoid migration migraines with the advice in this free guide. Download Free Guide Now!

SanDisk aims to produce petabyte-scale SSDs through its new UltraQLC platform, though the company has not specified a release timeline. The technology, it said, combines SanDisk's BICS 8 QLC 3D NAND with a proprietary 64-channel controller featuring hardware accelerators that offload storage functions from firmware to reduce latency and improve reliability. The initial UltraQLC drives will use 2Tb NAND chips to reach 128TB capacities, with future iterations targeting 256TB, 512TB, and eventually 1PB as higher-density NAND becomes available. The controller dynamically adjusts power based on workload and employs an advanced bus multiplexer to handle increased data loads from high-density QLC stacks, the company said.

Read more of this story at Slashdot.

NAND flash prices are expected to slide due to oversupply, forcing memory chipmakers to cut production to match lower-than-expected orders from PC and smartphone manufacturers. From a report: The superabundance of stock is putting a financial strain on suppliers of NAND flash, according to TrendForce, which says growth rate forecasts are being revised down from 30 percent to 10-15 percent for 2025. "NAND flash manufacturers have adopted more decisive production cuts, scaling back full-year output to curb bit supply growth. These measures are designed to swiftly alleviate market imbalances and lay the groundwork for a price recovery," TrendForce stated. Shrish Pant, Gartner director analyst and technology product leader, expects NAND flash pricing to remain weak for the first half of 2025, though he projects higher bit shipments for SSDs in the second half due to continuing AI server demand. "Vendors are currently working tirelessly to discipline supply, which will lead to prices recovering in the second half of 2025. Long term, AI demand will continue to drive the demand for higher-capacity/better-performance SSDs," Pant said. Commenting on the seasonal nature of the memory market, Pant told The Register: "Buying patterns will mean that NAND flash prices will remain cyclical depending on hyperscalers' buying behavior."

Read more of this story at Slashdot.

Mexico has threatened legal action against Google after the tech company refused to fully restore the name Gulf of Mexico on its mapping service, escalating a dispute sparked by U.S. President Donald Trump's move to rename the body of water. Google Maps currently displays the water body as Gulf of America within U.S. territory, Gulf of Mexico within Mexican borders, and Gulf of Mexico (Gulf of America) elsewhere, according to a letter from Google vice president Cris Turner to Mexican President Claudia Sheinbaum. Mexico argues the policy violates its sovereignty since the U.S. controls only 46% of the gulf, while Mexico and Cuba control 49% and 5% respectively. The historic name Gulf of Mexico, dating to 1607, is recognized by the United Nations. The dispute has strained U.S.-Mexico relations, with the White House barring Associated Press reporters from events over the news agency's naming policy.

Read more of this story at Slashdot.

Apps offering lifetime subscriptions may pose risks despite potential cost savings, according to cybersecurity experts and analysts. While some lifetime plans can pay off quickly - like dating app Bumble's $300 premium subscription that breaks even in five months - others require years of use to justify hefty upfront costs. Meditation app Waking Up charges $1,500 for lifetime access, requiring over 11 years of use to recoup the investment. Security researchers warn against lifetime subscriptions for services with high recurring costs like VPNs and cloud storage. Such providers may compromise user privacy or cut corners on infrastructure to offset losses, said Trevor Hilligoss, senior vice president at cybercrime research group SpyCloud Labs.

Read more of this story at Slashdot.