Feed aggregator

Senate GOP Budget Bill Has Little-Noticed Provision That Could Hurt Your Wi-Fi

Slashdot - Mon, 2025-06-30 22:40
An anonymous reader shares a report: Sen. Ted Cruz (R-Texas) has a plan for spectrum auctions that could take frequencies away from Wi-Fi and reallocate them for the exclusive use of wireless carriers. The plan would benefit AT&T, which is based in Cruz's home state, along with Verizon and T-Mobile. Cruz's proposal revives a years-old controversy over whether the entire 6 GHz band should be devoted to Wi-Fi, which can use the large spectrum band for faster speeds than networks that rely solely on the 2.4 and 5 GHz bands. Congress is on the verge of passing legislation that would require spectrum to be auctioned off for full-power, commercially licensed use, and the question is where that spectrum will come from. When the House of Representatives passed its so-called "One Big Beautiful Bill," it excluded all of the frequencies between 5.925 and 7.125 gigahertz from the planned spectrum auctions. But Cruz's version of the budget reconciliation bill, which is moving quickly toward a final vote, removed the 6 GHz band's protection from spectrum auctions. The Cruz bill is also controversial because it would penalize states that regulate artificial intelligence. Instead of excluding the 6 GHz band from auctions, Cruz's bill would instead exclude the 7.4-8.4 GHz band used by the military. Under conditions set by the bill, it could be hard for the Commerce Department and Federal Communications Commission to fulfill the Congressional mandate without taking some spectrum away from Wi-Fi.

Read more of this story at Slashdot.

Categories: Computer, News

Apple Weighs Using Anthropic or OpenAI To Power Siri in Major Reversal

Slashdot - Mon, 2025-06-30 22:00
Apple is considering using AI technology from Anthropic or OpenAI to power a new version of Siri, according to Bloomberg, sidelining its own in-house models in a potentially blockbuster move aimed at turning around its flailing AI effort. From the report: The iPhone maker has talked with both companies about using their large language models for Siri, according to people familiar with the discussions. It has asked them to train versions of their models that could run on Apple's cloud infrastructure for testing, said the people, who asked not to be identified discussing private deliberations. If Apple ultimately moves forward, it would represent a monumental reversal. The company currently powers most of its AI features with homegrown technology that it calls Apple Foundation Models and had been planning a new version of its voice assistant that runs on that technology for 2026. A switch to Anthropic's Claude or OpenAI's ChatGPT models for Siri would be an acknowledgment that the company is struggling to compete in generative AI -- the most important new technology in decades. Apple already allows ChatGPT to answer web-based search queries in Siri, but the assistant itself is powered by Apple.

Read more of this story at Slashdot.

Categories: Computer, News

VP.net Promises "Cryptographically Verifiable Privacy"

Slashdot - Mon, 2025-06-30 20:50
TorrentFreak spotlights VP.net, a brand-new service from Private Internet Access founder Andrew Lee (the guy who gifted Linux Journal to Slashdot) that eliminates the classic "just trust your VPN" problem by locking identity-mapping and traffic-handling inside Intel SGX enclaves. The company promises 'cryptographically verifiable privacy' by using special hardware 'safes' (Intel SGX), so even the provider can't track what its users are up to. The design goal is that no one, not even the VPN company, can link "User X" to "Website Y." Lee frames it as enabling agency over one's privacy: "Our zero trust solution does not require you to trust us - and that's how it should be. Your privacy should be up to your choice - not up to some random VPN provider in some random foreign country." The team behind VP.net includes CEO Matt Kim as well as arguably the first Bitcoin veterans Roger Ver and Mark Karpeles. Ask Slashdot: Now that there's a VPN where you don't have to "just trust the provider" - arguably the first real zero-trust VPN - are trust based VPNs obsolete?

Read more of this story at Slashdot.

Categories: Computer, News

WordPress CEO Regrets 'Belongs to Me' Comment Amid Ongoing WP Engine Legal Battle

Slashdot - Mon, 2025-06-30 20:45
Automattic CEO Matt Mullenweg said he regrets telling the media that "WordPress.org just belongs to me personally" during a new interview about his company's legal dispute with hosting provider WP Engine. The comment has been "taken out of context so many times" and represents "the worst thing ever," Mullenweg said in a new podcast interview with The Verge. The dispute began when Mullenweg accused WP Engine of "free-riding" on WordPress's open-source ecosystem without contributing adequate resources back to the project. Mullenweg filed a lawsuit against WP Engine while cutting off the company's access to core WordPress technologies. WP Engine countersued, and Automattic was forced to reverse some retaliatory measures. The controversy triggered significant internal upheaval at Automattic. The company offered "alignment" buyouts to employees who disagreed with the direction, reducing headcount from a peak of 2,100 to approximately 1,500 people. Mullenweg said this was "probably the fourth big time" WordPress has faced such community controversy, though the first in the current media landscape. WordPress powers 43% of websites globally. Mullenweg said he wants to return to "the most collaborative version of WordPress possible" but noted the legal proceedings continue with both sides spending "millions of dollars a month on lawyers."

Read more of this story at Slashdot.

Categories: Computer, News

In China, Coins and Banknotes Have All But Disappeared

Slashdot - Mon, 2025-06-30 20:08
China's transition to digital payments has reached the point where physical cash has nearly vanished from daily commerce, with WeChat and Alipay now handling transactions from supermarkets to public transportation across the world's second-largest economy. Many businesses no longer maintain traditional cash registers and instead scan QR codes presented by customers, while numerous taxis refuse cash payments entirely. The widespread adoption has given tech giants Tencent and Alibaba immense power over routine financial transactions, prompting China's central bank to develop a competing digital yuan currency.

Read more of this story at Slashdot.

Categories: Computer, News

Microsoft's New AI Tool Outperforms Doctors 4-to-1 in Diagnostic Accuracy

Slashdot - Mon, 2025-06-30 19:20
Microsoft's new AI diagnostic system achieved 80% accuracy in diagnosing patients compared to 20% for human doctors, while reducing costs by 20%, according to company research published Monday. The MAI Diagnostic Orchestrator queries multiple leading AI models including OpenAI's GPT, Google's Gemini, Anthropic's Claude, Meta's Llama, and xAI's Grok in what the company describes as a "chain-of-debate style" approach. The system was tested against 304 case studies from the New England Journal of Medicine using Microsoft's Sequential Diagnosis Benchmark, which breaks down each case into step-by-step diagnostic processes that mirror how human physicians work. Microsoft CEO of AI Mustafa Suleyman called the development "a genuine step toward medical superintelligence."

Read more of this story at Slashdot.

Categories: Computer, News

Microsoft Authenticator Will Stop Supporting Passwords

Slashdot - Mon, 2025-06-30 18:40
Avantare writes: Microsoft Authenticator houses your passwords and lets you sign into all of your Microsoft accounts using a PIN, facial recognition such as Windows Hello, or other biometric data, like a fingerprint. Authenticator can be used in other ways, such as verifying you're logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your Microsoft accounts. In June, Microsoft stopped letting users add passwords to Authenticator, but here's a timeline of other changes you can expect, according to Microsoft: July 2025: You won't be able to use the autofill password function. August 2025: You'll no longer be able to use saved passwords.

Read more of this story at Slashdot.

Categories: Computer, News

That Dropped Call With Customer Service? It Was on Purpose

Slashdot - Mon, 2025-06-30 18:04
Companies deliberately design customer service friction to discourage refunds and claims, according to research into a practice academics call "sludge." The term, coined by legal scholar Cass R. Sunstein and economist Richard H. Thaler in their updated version of "Nudge," describes tortuous administrative demands, endless wait times, and excessive procedural fuss that impede customers. ProPublica reported in 2023 that Cigna saved millions of dollars by rejecting claims without having doctors read them. The Consumer Financial Protection Bureau ordered Toyota's motor-financing arm to pay $60 million for alleged misdeeds including deliberately setting up dead-end hotlines for canceling products and services. The 2023 National Customer Rage Survey found that the percentage of American consumers seeking revenge for customer service hassles had tripled in three years.

Read more of this story at Slashdot.

Categories: Computer, News

Apple Plans First Sub-$999 MacBook Using iPhone Chip, Analyst Says

Slashdot - Mon, 2025-06-30 17:20
Apple plans to release a cheaper MacBook powered by the A18 Pro chip used in the iPhone 16 Pro line, according to analyst Ming-Chi Kuo. The laptop will be priced below $999 -- first time for a MacBook Air -- and go into production in late 2025 or early 2026 on the new laptop, the analyst noted. The device will feature the same 13-inch screen as the current MacBook Air, with the chip representing the primary difference between models. The A18 Pro chip delivers single-core performance around 3,500 on Geekbench, trailing the M4 chip only slightly, though multicore performance lags significantly at approximately 8,780 versus 15,000 for the M4. The A18's multicore performance matches the original 2020 M1 chip.

Read more of this story at Slashdot.

Categories: Computer, News

Xbox Founding Team Member Says Xbox Hardware Is 'Dead'

Slashdot - Mon, 2025-06-30 16:41
A founding member of the Xbox team says she believes Xbox hardware is "dead" and that Microsoft appears to be planning a "slow exit" from the gaming hardware business. Microsoft recently announced partnerships with external hardware companies including the ROG Xbox Ally, which runs Windows and functions as a portable PC that can run games from external stores like Steam. Laura Fryer, one of Microsoft Game Studios' first employees who worked as a producer on the original Gears of War games and served as director of the Xbox Advanced Technology Group, called the partnerships evidence of Microsoft's inability to ship hardware. "Personally, I think Xbox hardware is dead. The plan appears to be to just drive everybody to Game Pass," Fryer said.

Read more of this story at Slashdot.

Categories: Computer, News

Nintendo Pulls Products From Amazon US Site

Slashdot - Mon, 2025-06-30 16:02
Nintendo pulled its products from Amazon's US site after a disagreement over unauthorized sales, meaning the e-commerce company missed out on the recent debut of Nintendo's Switch 2 -- the biggest game console launch of all time. From a report: The Japanese company stopped selling on Amazon after noticing that third-party merchants were offering games for sale in the US at prices that undercut Nintendo's advertised rates, according to a person familiar with the situation. Enterprising sellers were buying Nintendo products in bulk in Southeast Asia and exporting them to the US, said the person, who requested anonymity to discuss confidential information. Nintendo product listings started disappearing from Amazon's US site last year, gaming news outlets reported at the time. The listings had previously appeared as "Sold by Amazon," which typically denotes merchandise the online retailer buys directly from brands. Some Nintendo products remained on the site, but they were listed by independent merchants who sell their goods on Amazon's sprawling online marketplace.

Read more of this story at Slashdot.

Categories: Computer, News

UV-C Light Kills Nearly Everything - Except This Unusual Organism

Slashdot - Mon, 2025-06-30 13:34
"Earth's ozone layer blocks the Sun's shortest wave radiation, called UV-C, which is so damaging to cells in high doses that it's a go-to sterilizer in hospitals," writes Slashdot reader sciencehabit. "UV-C is such a killer, in fact, that scientists have questioned whether life can survive on worlds that lack an ozone layer, such as Mars or distant exoplanets. "But research published this month in Astrobiology suggests one hardy lichen, a hybrid organism made of algae and fungi, may have cracked the UV-C code with a built-in sunscreen, despite never experiencing these rays in its long evolutionary history." Science magazine explains: When scientists brought a sample of the species, the common desert dweller Clavascidium lacinulatum, back to the lab, graduate student Tejinder Singh put the lichen through the wringer. First, Singh dehydrated the lichen, to make sure it couldn't grow back in real time and mask any UV damage. Then he placed the lichen a few centimeters under a UV lamp and blasted it with radiation. The lichen seemed just fine. So Singh purchased the most powerful UV-C lamp he could find online, capable of sending out 20 times more radiation than the amount expected on Mars. When he tested the lamp on the most radiation-resistant life form on Earth, the bacterium Deinococcus radiodurans, it died in less than a minute. After 3 months—likely the highest amount of UV-C radiation ever tested on an organism—Singh pulled the sample so he could finish his master's thesis in time. About half of the lichen's algal cells had survived. Then, when the team ground up and cultured part of the surviving lichen, about half of its algal cells sprouted new, green colonies after 2 weeks, showing it maintained the ability to reproduce. The species may provide a blueprint for surviving on Mars or exoplanets, which don't have an ozone layer to protect them.

Read more of this story at Slashdot.

Categories: Computer, News

In Last-Minute Move, Canada Rescinds Digital Services Tax, Restarts Negotiations

Slashdot - Mon, 2025-06-30 10:34
"Canada and the United States have resumed trade negotiations," reports Newsweek, "after Canadian Prime Minister Mark Carney agreed to rescind the country's digital services tax on U.S. technology companies." The development follows President Donald Trump's announcement on Friday that he was suspending all trade talks with Canada "effective immediately" over the tax policy... Canada's quick reversal signals the high stakes involved in maintaining trade relationships with the United States, particularly given the countries' deeply integrated economies. Carney's office confirmed on Sunday that both leaders have agreed to restart negotiations after Canada committed to abandoning the 3 percent levy targeting major U.S. tech giants including Amazon, Google, Meta, Uber, and Airbnb. The tax was scheduled to take effect Monday and would have applied retroactively, creating an estimated $2 billion bill for American companies. The conflict escalated rapidly after Canada's Finance Department confirmed Friday that companies would still be required to make their first digital tax payments Monday, despite ongoing negotiations. The tax targeted revenue generated from Canadian users rather than corporate profits, making it particularly burdensome for technology companies operating internationally... Canada's decision to rescind the tax came "in anticipation" of reaching a broader trade agreement, according to government officials. With negotiations resuming, both countries will likely focus on addressing broader trade issues beyond the digital services tax.

Read more of this story at Slashdot.

Categories: Computer, News

CodeSOD: A Highly Paid Field

The Daily WTF - Mon, 2025-06-30 08:30

In ancient times, Rob's employer didn't have its own computer; it rented time on a mid-range computer and ran all its jobs using batch processing in COBOL. And in those ancient times, these stone tools were just fine.

But computing got more and more important, and the costs for renting time kept going up and up, so they eventually bought their own AS/400. And that meant someone needed to migrate all of their COBOL to RPG. And management knew what you do for those kinds of conversions: higher a Highly Paid Consultant.

On one hand, the results weren't great. On the other, the code is still in use, though has been through many updates and modernizations and migrations in that time. Still, the HPC's effects can be felt, like this block, which hasn't been touched since she was last here:

// CHECK FOR VALID FIELD IF FIELD1 <> *BLANKS AND FIELD1 < '1' AND FIELD1 > '5'; BadField1 = *ON; LEAVESR; ENDIF;

This is a validation check on a field (anonymized by Rob), but the key thing I want you to note is that what the field stores are numbers, but it stores those numbers as text- note the quotes. And the greater-than/less-than operators will do lexical comparisons on text, which means '21' < '5' is true.

The goal of this comparison was to require the values to be between 1 and 5. But that's not what it's enforcing. The only good(?) news is that this field also isn't used. There's one screen where users can set the value, but no one has- it's currently blank everywhere- and nothing else in the system references the value. Which raises the question of why it's there at all.

But those kinds of questions are par for the course for the HPC. When they migrated a bunch of reports and the users compared the results with the original versions, the results didn't balance. The HPC's explanation? "The users are changing the data to make me look bad."

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!
Categories: Computer

After 45 Years, 74-Year-Old Spreadsheet Legend/EFF Cofounder Mitch Kapor Gets His MIT Degree

Slashdot - Mon, 2025-06-30 06:34
Mitch Kapor dropped out of MIT's business school in 1979 — and had soon cofounded the pioneering spreadsheet company Lotus. He also cofounded the EFF, was the founding chair of the Mozilla Foundation, and is now a billionaire (and an VC investor at Kapor Capital). 45 years later, when the 74-year-old was invited to give a guest lecture at MIT's business school last year by an old friend (professor Bill Aulet), he'd teased the billionaire that "there's only one problem, Mitch, I see here you haven't graduated from MIT." The Boston Globe tells the story... After graduating from Yale in 1971 and bouncing around for almost a decade as "a lost and wandering soul," working as a disc jockey, a Transcendental Meditation teacher, and a mental health counselor, Kapor said he became entranced by the possibilities of the new Apple II personal computer. He started writing programs to solve statistics problems and analyze data, which caught the attention of Boston-area software entrepreneurs Dan Bricklin and Bob Frankston, who co-created VisiCalc, one of the first spreadsheet programs. They introduced Kapor to their California-based software publisher, Personal Software. Midway through Kapor's 12-month master's program, the publisher offered him the then-princely sum of about $20,000 if he'd adapt his stats programs to work with VisiCalc. To finish the project, he took a leave from MIT, but then he decided to leave for good to take a full-time job at Personal. Comparing his decision to those of other famed tech founder dropouts, like Bill Gates, Kapor said he felt the startup world was calling to him. "It was just so irresistible," he said. "It felt like I could not let another moment go by without taking advantage of this opportunity or the window would close...." When Aulet made his joke on the phone call with his old friend in 2024, Kapor had largely retired from investing and realized that he wanted to complete his degree. "I don't know what prompted me, but it started a conversation" with MIT about the logistics of finally graduating, Kapor said. By the time Kapor gave the lecture in March, Aulet had discovered Kapor was only a few courses short. MIT does not give honorary degrees, but school officials allow students to make up for missing classes with an independent study and a written thesis. Kapor decided to write a paper on the roots and development of his investing strategy. "It's timely, it's highly relevant, and I have things to say," he said. One 77-page thesis later, Kapor, donning a cap and gown, finally received his master's degree in May, at a ceremony in the Hyatt Regency Hotel in Cambridge, not far from where he founded Lotus.

Read more of this story at Slashdot.

Categories: Computer, News

UK Scientists Plan to Construct Synthetic Human Genetic Material From Scratch

Slashdot - Mon, 2025-06-30 04:34
"Researchers are embarking on an ambitious project to construct human genetic material from scratch," reports the Guardian, "to learn more about how DNA works and pave the way for the next generation of medical therapies." Scientists on the Synthetic Human Genome (SynHG) project will spend the next five years developing the tools and knowhow to build long sections of human genetic code in the lab. These will be inserted into living cells to understand how the code operates. Armed with the insights, scientists hope to devise radical new therapies for the treatment of diseases. Among the possibilities are living cells that are resistant to immune attack or particular viruses, which could be transplanted into patients with autoimmune diseases or with liver damage from chronic viral infections. "The information gained from synthesising human genomes may be directly useful in generating treatments for almost any disease," said Prof Jason Chin, who is leading the project at the MRC's Laboratory of Molecular Biology (LMB) in Cambridge... For the SynHG project, researchers will start by making sections of a human chromosome and testing them in human skin cells. The project involves teams from the universities of Cambridge, Kent, Manchester, Oxford and Imperial College London... Embedded in the project is a parallel research effort into the social and ethical issues that arise from making genomes in the laboratory, led by Prof Joy Zhang at the University of Kent. "We're a little way off having anything tangible that can be used as a therapy, but this is the time to start the discussion on what we want to see and what we don't want to see," said Dr Julian Sale, a group leader at the LMB.

Read more of this story at Slashdot.

Categories: Computer, News

Beware of Promoting AI in Products, Researchers Warn Marketers

Slashdot - Mon, 2025-06-30 02:34
The Wall Street Journal reports that "consumers have less trust in offerings labeled as being powered by artificial intelligence, which can reduce their interest in buying them, researchers say." The effect is especially pronounced for offerings perceived to be riskier buys, such as a car or a medical-diagnostic service, say the researchers, who were from Washington State University and Temple University. "When we were thinking about this project, we thought that AI will improve [consumers' willingness to buy] because everyone is promoting AI in their products," says Dogan Gursoy, a regents professor of hospitality business management at Washington State and one of the study's authors. "But apparently it has a negative effect, not a positive one." In multiple experiments, involving different people, the researchers split participants into two groups of around 100 each. One group read ads for fictional products and services that featured the terms "artificial intelligence" or "AI-powered," while the other group read ads that used the terms "new technology" or "equipped with cutting-edge technologies." In each test, members of the group that saw the AI-related wording were less likely to say they would want to try, buy or actively seek out any of the products or services being advertised compared with people in the other group. The difference was smaller for items researchers called low risk — such as a television and a generic customer-service offering... Meanwhile, a separate, forthcoming study from market-research firm Parks Associates that used different methods and included a much larger sample size came to similar conclusions about consumers' reaction to AI in products. "We straight up asked consumers, 'If you saw a product that you liked that was advertised as including AI, would that make you more or less likely to buy it?' " says Jennifer Kent, the firm's vice president of research. Of the roughly 4,000 Americans in the survey, 18% said AI would make them more likely to buy, 24% said less likely and to 58% it made no difference, according to the study. "Before this wave of generative AI attention over the past couple of years, AI-enabled features actually have tested very, very well," Kent says.

Read more of this story at Slashdot.

Categories: Computer, News

Earth is Trapping Much More Heat Than Climate Models Forecast

Slashdot - Mon, 2025-06-30 00:36
What happens if you track how much heat enters Earth's atmosphere and how much heat leaves? You discover that Earth's energy budget "is now well and truly out of balance," three climate researchers write at The Conversation: Our recent research found this imbalance has more than doubled over the last 20 years. Other researchers have come to the same conclusions. This imbalance is now substantially more than climate models have suggested... These findings suggest climate change might well accelerate in the coming years... [T]he burning of coal, oil and gas has now added more than two trillion tonnes of carbon dioxide and other greenhouse gases to the atmosphere. These trap more and more heat, preventing it from leaving. Some of this extra heat is warming the land or melting sea ice, glaciers and ice sheets. But this is a tiny fraction. Fully 90% has gone into the oceans due to their huge heat capacity... The doubling of the energy imbalance has come as a shock, because the sophisticated climate models we use largely didn't predict such a large and rapid change. Typically, the models forecast less than half of the change we're seeing in the real world. We don't yet have a full explanation. But new research suggests changes in clouds is a big factor. Clouds have a cooling effect overall. But the area covered by highly reflective white clouds has shrunk, while the area of jumbled, less reflective clouds has grown. While we don't know why the cloud are changing, it "might be part of a trend caused by global warming itself, that is, a positive feedback on climate change. These findings suggest recent extremely hot years are not one-offs but may reflect a strengthening of warming over the coming decade or longer...." "We've known the solution for a long time: stop the routine burning of fossil fuels and phase out human activities causing emissions such as deforestation."

Read more of this story at Slashdot.

Categories: Computer, News

For the Free Software Foundation's Summer Fundraiser, the 'GNU Press Shop' is Open

Slashdot - Sun, 2025-06-29 23:34
The Free Software Foundation is a non-profit — and they're having some fun with it. They've just announced a summer fundraiser, "and that means the GNU Press Shop is open!" From now until July 28, you can buy your FSF gear at the GNU Press shop. First and foremost, there's the launch of the FSF's fortieth anniversary shirt in a summery yellow. We're taking orders for a limited time for these (until July 28), and then printing them — you should have yours on your shoulders a few weeks after the shop closes. We've also restocked some favorites in the shop: - A fresh batch of the popular Ada & Zangemann: A Tale of Software, Skateboards, and Raspberry Ice Cream book by Matthias Kirschner from the Free Software Foundation Europe (FSFE). This tale of software, skateboards, and raspberry ice cream teaches kids how neat and exciting it is having control over your software, a perfect fun summer read! - Reading is hard in the glaring sun, so shade your eyes with a freshly restocked GNU baseball cap in pitch black with brilliant gold embroidery. These are great for wearing anywhere, especially to free software events. - For privacy, protect yourself from surveillance with ease and panache with this slick webcam guard. We also hope you'll consider becoming an FSF associate member, putting yourself at the heart of our commitment to ensuring a world where all software respects our freedom and dignity. Plus, you'll help us reach our summer fundraising goal of 200 new associate members before July 11, and of course you'll also receive a 20% discount at the GNU Press Shop. A note about shipping: the GNU Press shop opens periodically, and we collect all orders during this time and schedule orders to be sent out on specific shipping dates with the help of volunteers. We will be doing the shipping at the end of the FSF's fundraiser, which means there will be a delay between placing your order and receiving it... If you happen to be in the Boston area in July, and would like to support the FSF's work, we are looking for volunteers to help pack and ship our orders. Also on sale are the book "Free as in Freedom 2.0" (Richard Stallman's 2010 revision of the 2002 biography by Sam Williams with extensive additional commentary) and "Free Software Free Society: Selected Essays of Richard M. Stallman" (the 3rd edition published in 2015). And there's also several other books, t-shirts, other FSF-branded gear, and even a sticker that warns people "There is no cloud... just other people's computers."

Read more of this story at Slashdot.

Categories: Computer, News

New NSA/CISA Report Again Urges the Use of Memory-Safe Programming Language

Slashdot - Sun, 2025-06-29 21:59
An anonymous reader shared this report from the tech news site The Register: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) this week published guidance urging software developers to adopt memory-safe programming languages. "The importance of memory safety cannot be overstated," the inter-agency report says... The CISA/NSA report revisits the rationale for greater memory safety and the government's calls to adopt memory-safe languages (MSLs) while also acknowledging the reality that not every agency can change horses mid-stream. "A balanced approach acknowledges that MSLs are not a panacea and that transitioning involves significant challenges, particularly for organizations with large existing codebases or mission-critical systems," the report says. "However, several benefits, such as increased reliability, reduced attack surface, and decreased long-term costs, make a strong case for MSL adoption." The report cites how Google by 2024 managed to reduce memory safety vulnerabilities in Android to 24 percent of the total. It goes on to provide an overview of the various benefits of adopting MSLs and discusses adoption challenges. And it urges the tech industry to promote memory safety by, for example, advertising jobs that require MSL expertise. It also cites various government projects to accelerate the transition to MSLs, such as the Defense Advanced Research Projects Agency (DARPA) Translating All C to Rust (TRACTOR) program, which aspires to develop an automated method to translate C code to Rust. A recent effort along these lines, dubbed Omniglot, has been proposed by researchers at Princeton, UC Berkeley, and UC San Diego. It provides a safe way for unsafe libraries to communicate with Rust code through a Foreign Function Interface.... "Memory vulnerabilities pose serious risks to national security and critical infrastructure," the report concludes. "MSLs offer the most comprehensive mitigation against this pervasive and dangerous class of vulnerability." "Adopting memory-safe languages can accelerate modern software development and enhance security by eliminating these vulnerabilities at their root," the report concludes, calling the idea "an investment in a secure software future." "By defining memory safety roadmaps and leading the adoption of best practices, organizations can significantly improve software resilience and help ensure a safer digital landscape."

Read more of this story at Slashdot.

Categories: Computer, News

Pages