Slashdot

"I am curious as to what other Slashdotters use for backing up of home machines," asks long-time Slashdot reader serviscope_minor: I moved away from the "bunch of disks with some off site" method. I found most of the methods generally had one or more of the following problems: poor Linux support, weak security (e.g. leaking file names), outrageously expensive, hard to set up, tied to a single storage supplier I don't fully trust, entirely proprietary (which makes me doubt long term stability), lack of file history, reputation for slowness, and so on. My current solution is Unixy: separate tools for separate jobs. Borg for backups to a local machine. Rclone for uploading to business cloud storage, versioned cloud storage to provide resistance against bitrot and other corruption. They're interested in "what other Slashdotters use," as well as "why and what your experience has been given more than superficial testing." So share you own thoughts in the comments. What do you use for backups at home?

Read more of this story at Slashdot.

"The new Google Pay app came out of beta this week, and it marks the first step in a major upheaval in the Google Pay service," writes Ars Technica, complaining "Google is killing one perfectly fine service and replacing it with a worse, less functional service." The fun, confusing wrinkle here is that the new and old services are both called "Google Pay...." The old Google Pay service that has been around for years is dying. The app will be shut down in the U.S. on April 5... - If you want to continue using New Google Pay, you'll have to go find and download a totally new app. - NFC tap-and-pay functionality won't really change once you set up the new app, but the New Google Pay app won't use your Google account for P2P payments anymore. You'll be required to make a new account. - You won't be able to send any money to your new contacts until they download the new app and make a new account, too. - On top of all that, the Google Pay website will be stripped of all payment functionality in the U.S. on April 5, and New Google Pay won't support doing anything from the web. You won't be able to transfer money, view payment activity, or see your balance from a browser. - In addition to less convenient access and forcing users to remake their accounts, New Google Pay is also enticing users to switch with new fees for transfers to debit cards. Old Google Pay did this for free, but New Google Pay now has "a fee of 1.5% or $.31 (whichever is higher), when you transfer out money with a debit card..." The worst part of it all is that, like the move from Google Music to YouTube Music, there is no reward at the end of this transition. Besides sending out an email, Google also created a support page and a notice at the top of pay.google.com, Ars Technica reports. But they call it "yet anothre annoying transition... an occurrence that's getting more frequent and more annoying in recent years, thanks to similar Google shutdowns of Google Play Music, Cloud Print, Inbox, Works with Nest, the ongoing Hangouts situation, and many others."

Read more of this story at Slashdot.

The Next Web tells the story of an AI researcher who discovered the results of a machine learning research paper couldn't be reproduced. But then they'd heard similar stories from Reddit's Machine Learning forum: "Easier to compile a list of reproducible ones...," one user responded. "Probably 50%-75% of all papers are unreproducible. It's sad, but it's true," another user wrote. "Think about it, most papers are 'optimized' to get into a conference. More often than not the authors know that a paper they're trying to get into a conference isn't very good! So they don't have to worry about reproducibility because nobody will try to reproduce them." A few other users posted links to machine learning papers they had failed to implement and voiced their frustration with code implementation not being a requirement in ML conferences. The next day, ContributionSecure14 created "Papers Without Code," a website that aims to create a centralized list of machine learning papers that are not implementable... Papers Without Code includes a submission page, where researchers can submit unreproducible machine learning papers along with the details of their efforts, such as how much time they spent trying to reproduce the results... If the authors do not reply in a timely fashion, the paper will be added to the list of unreproducible machine learning papers.

Read more of this story at Slashdot.

The Associated Press reports: After getting $500 per month for two years without rules on how to spend it, 125 people in California paid off debt, got full-time jobs and reported lower rates of anxiety and depression, according to a study released Wednesday. The program in the Northern California city of Stockton was the highest-profile experiment in the U.S. of a universal basic income, where everyone gets a guaranteed amount per month for free... Stockton was an ideal place, given its proximity to Silicon Valley and the eagerness of the state's tech titans to fund the experiment as they grapple with how to prepare for job losses that could come with automation and artificial intelligence. The Stockton Economic Empowerment Demonstration launched in February 2019, selecting a group of 125 people who lived in census tracts at or below the city's median household income of $46,033. The program did not use tax dollars, but was financed by private donations, including a nonprofit led by Facebook co-founder Chris Hughes. A pair of independent researchers at the University of Tennessee and the University of Pennsylvania reviewed data from the first year of the study, which did not overlap with the pandemic. A second study looking at year two is scheduled to be released next year. When the program started in February 2019, 28% of the people slated to get the free money had full-time jobs. One year later, 40% of those people had full-time jobs. A control group of people who did not get the money saw a 5 percentage point increase in full-time employment over that same time period. "These numbers were incredible. I hardly believed them myself," said Stacia West, an assistant professor at the University of Tennessee who analyzed the data along with Amy Castro Baker, an assistant professor at the University of Pennsylvania. The Stockton mayor who'd started the program told reporters to "tell your friends, tell your cousins, that guaranteed income did not make people stop working."

Read more of this story at Slashdot.

Long-time Slashdot reader Nkwe shares an article from NPR: His job was to sign and submit an official form. Sign the form, he believed, and he'd risk the lives of the seven astronauts set to board the spacecraft the next morning. Refuse to sign, and he'd risk his job, his career, and the good life he'd built for his wife and four children. "And I made the smartest decision I ever made in my lifetime," McDonald told me. "I refused to sign it. I just thought we were taking risks we shouldn't be taking...." Now, 35 years after Challenger, McDonald's family reports that he died Saturday in Ogden, Utah, after suffering a fall and brain damage. He was 83 years old. "There are two ways in which [McDonald's] actions were heroic," recalls Mark Maier, who directs a leadership program at Chapman University and produced a documentary about the Challenger launch decision. One was on the night before the launch, refusing to sign off on the launch authorization and continuing to argue against it," Maier says. "And then afterwards in the aftermath, exposing the cover-up that NASA was engaged in...." He later co-authored one of the most definitive accounts of the Challenger disaster: Truth, Lies, and O-Rings — Inside the Space Shuttle Challenger Disaster. In retirement, McDonald became a fierce advocate of ethical decision-making and spoke to hundreds of engineering students, engineers and managers.

Read more of this story at Slashdot.

After downloading Microsoft's Edge, "Technically Incorrect" columnist Chris Matyszczyk "was then subject to constant pestering from Microsoft to, well, download the new Edge. Which was an entirely new dimension of irritation." But occasionally browsing with Edge triggered other responses... Initially, this annoyed Google. When the misguided logged into their Gmail accounts from Edge, Google sent them a helpful message telling them that Chrome was better. You know, fast, simple, and secure. Supposedly. As the months rolled on, things seem to calm down. Google and Microsoft came to a rapprochement. Edge is now the second most popular browser — it does help that it descends upon all Windows users like manna from Seattle. Perhaps it's Edge's swift rise that has finally made Apple shriek in public. Last week, I opened Edge, only to get a big surprise. In the top right-hand corner of my MacBook Air, there appeared a message. From Apple. "TRY THE NEW SAFARI," shouted the headline. The text added: "Fast, energy efficient and with a beautiful design." I gasped in wonder. I stared and then, naturally, took a screenshot. The notifications in the top right-hand corner of my screen are usually confined to declarations of a pending update, or a nag about my last backup. But never actually selling. I've never seen an Apple ad appear there. I don't think I've ever seen Apple instantly react to my opening any rival's product on my MacBook Air. It's not as if, every time I open Microsoft Word, Apple taps me on the shoulder and aggressively suggests I use Pages.

Read more of this story at Slashdot.

"WhatsApp, the Facebook-owned messaging platform used by 2 billion people largely in the global south, has become a particularly troublesome vector for misinformation," writes Quartz — though it's not clear what the answer is: The core of the problem is its use of end-to-end encryption, a security measure that garbles users' messages while they travel from one phone to another so that no one other than the sender and the recipient can read them. Encryption is a crucial privacy protection, but it also prevents WhatsApp from going as far as many of its peers to moderate misinformation. The app has taken some steps to limit the spread of viral messages, but some researchers and fact-checkers argue it should do more, while privacy purists worry the solutions will compromise users' private conversations... In April 2020, WhatsApp began slowing the spread of "highly forwarded messages," the smartphone equivalent of 1990s chain emails. If a message has already been forwarded five times, you can only forward it to one person or group at a time. WhatsApp claims that simple design tweak cut the spread of viral messages by 70%, and fact-checkers have cautiously cheered the change. But considering that all messages are encrypted, it's impossible to know how much of an impact the cut had on misinformation, as opposed to more benign content like activist organizing or memes. Researchers who joined and monitored several hundred WhatsApp groups in Brazil, India, and Indonesia found that limiting message forwarding slows down viral misinformation, but doesn't necessarily limit how far the messages eventually spread.... This isn't just a semantic argument, says EFF strategy director Danny O'Brien. Even the smallest erosion of encryption protections gives Facebook a toehold to begin scanning messages in a way that could later be abused, and protecting the sanctity of encryption is worth giving up a potential tool for curbing misinformation. "This is a consequence of a secure internet," O'Brien says. "Dealing with the consequences of that is going to be a much more positive step than dealing with the consequences of an internet where no one is secure and no one is private...." No matter what WhatsApp does, it will have to contend with dueling constituencies: the privacy hawks who see the app's encryption as its most important feature, and the fact-checkers who are desperate for more tools to curb the spread of misinformation on a platform that counts a quarter of the globe among its users. Whatever Facebook decides will have widespread consequences in a world witnessing the simultaneous rise of fatal lies and techno-authoritarianism.

Read more of this story at Slashdot.

Reuters reports: The White House on Sunday urged computer network operators to take further steps to gauge whether their systems were targeted amid a hack of Microsoft Corp's Outlook email program, saying a recent software patch still left serious vulnerabilities. "This is an active threat still developing and we urge network operators to take it very seriously," a White House official said, adding that top U.S. security officials were working to decide what next steps to take following the breach... While Microsoft released a patch last week to shore up flaws in its email software, the remedy still leaves open a so-called back door that can allow access to compromised servers and perpetuating further attacks by others. "We can't stress enough that patching and mitigation is not remediation if the servers have already been compromised, and it is essential that any organization with a vulnerable server take measures to determine if they were already targeted," the White House official said... The back channels for remote access can impact credit unions, town governments and small business, and have left U.S. officials scrambling to reach victims, with the FBI on Sunday urging them to contact the law enforcement agency. Those affected appear to host Web versions of Microsoft's email program Outlook on their own machines instead of cloud providers, possibly sparing many major companies and federal government agencies, records from the investigation suggest... So far, only a small percentage of infected networks have been compromised through the back door, the source previously told Reuters, but more attacks are expected.

Read more of this story at Slashdot.

David Plummer is a retired Microsoft operating systems engineer, "going back to the MS-DOS and Windows 95 days." (He adds that in the early '90s he'd fixed a few handle leaks in the early source code of Linux, "and sent my changes off to Linus at Rutgers.") This weekend on YouTube he shared his thoughts on "the classic confrontation: Windows versus Linux," promising an "epic operating systems face-off." Some highlights: On Usability: "Linux's itself lacks a proper user interface beyond the command line. That command line can be incredibly powerful, particularly if you're adept with Bash or Zsh or similar, but you can't really describe it as particularly usable. Of course most distributions do come with a desktop user interface of some kind if you prefer, but as a bit of a shell designer myself, if I might be so bold, they're generally pretty terrible. At least the Mint distribution looks pretty nice. "Windows, on the other hand, includes by default a desktop shell interface that, if you set aside the entirely subjective design aesthetics, is professionally designed, usability tested and takes into consideration the varying levels of accessibility required by people with different limitations. In terms of usability, particularly if you do include accessibility in that metric, Windows comes out ahead..." On Updates: "Windows users are well served by a dedicated Windows Update team at Microsoft, but the process has occasionally had its hiccups and growing pains. It's very easy to update a Linux system, and while there's no professional team sitting by the big red phone ready to respond to Day Zero exploits, the updates do come out with reasonable alacrity, and in some cases you can even update the kernel without rebooting. "Keep in mind, however, that Linux is a monolithic kernel, which means that it's all one big happy kernel. Almost everything is in there. If they hadn't started to add that ability a few years back, you'd be rebooting for every driver install. The reality is that some parts of the Linux kernel are just going to require a reboot, just as some parts of the Windows system are going to as well. I think we can likely all agree, however, that Windows software is hardly selective about rebooting the system, and you're asked to do it far too often. "While we're on the topic of upgrades, we can't overlook the fact that upgrades are generally free in the Open Source world, unless you're using a pre-built distribution from a vendor. To it's credit, though, I don't remember the last time Microsoft actually charged for an operating system upgrade if you were just a normal end user or enthusiast. Still, this point goes to Linux." Plummer also says he agrees with that argument that open source software is more open to security exploits, "simply because, all else equal, it's easy to figure out where the bugs are to exploit in the first place," while proprietary software has professional test organizations hunting for bugs. "I think it's a bit of a fallacy to rely on the 'many eyeballs' approach..." Yet he still ultimately concludes Linux is more secure simply because the vast universe of Windows makes it a much more attractive target. Especially since most Windows users retain full administrator privileges...

Read more of this story at Slashdot.

"At the recent tinyML Summit 2021, Raspberry Pi co-founder Eben Upton teased the future of 'Pi Silicon'," writes Tom's Hardware, adding "It looks like machine learning could see a massive improvement thanks to Raspberry Pi's news in-house chip development team..." Raspberry Pi's in-house application specific integrated circuit team are working on the next iteration, and seems to be focused on lightweight accelerators for ultra low power machine learning applications. During Upton's talk at 40 minutes the slide changes and we see "Future Directions," a slide that shows three current generation 'Pi Silicon' boards, two of which are from board partners, SparkFun's MicroMod RP2040 and Arduino's Nano RP2040 Connect. The third is from ArduCam and they are working on the ArduCam Pico4ML which incorporates machine learning, camera, microphone and screen into a the Pico package. The last bullet point hints at what the future silicon could be. It may come in the form of lightweight accelerators possibly 4-8 multiply-accumulates (MACs) per clock cycle.

Read more of this story at Slashdot.

The Seattle Times reports: Haunted by the two deadly crashes of Boeing 737 MAX jets and his agency's role in approving the plane, veteran Federal Aviation Administration (FAA) safety engineer Joe Jacobsen is stepping forward publicly to give the victims' families "a firsthand account of what the truth is." In a detailed letter sent last month to a family that lost their daughter in the second MAX crash in Ethiopia two years ago this week, and in interviews with The Seattle Times, Jacobsen gave the first personal account by an insider of the federal safety agency's response to the MAX crashes... He believes additional system upgrades are needed beyond Boeing's fix for the MAX that was blessed by the FAA and other regulators. And Jacobsen argues that the plane would be safer if Boeing simply removed altogether the new software — the Maneuvering Characteristics Augmentation System (MCAS) — that went wrong in the two crashes that killed 346 people. Jacobsen also calls for the replacement of some of the people at "the highest levels of FAA management," whom he blames for creating a culture too concerned with fulfilling the demands of industry. In his letter and interview, Jacobsen also described in more depth than previously reported how an autothrottle system issue may have contributed to the crash in Ethiopia in March 2019. Boeing and the FAA said in separate statements they believe the MAX is fixed and safe, and that regulators worldwide have validated this conclusion... A week after the Lion Air crash on Oct. 29, 2018, Jacobsen received an email from a colleague asking if there was an issue paper on MCAS. "This was the first day that I heard about MCAS," he wrote. "We had no issue papers, and if we had, I would have been the engineer responsible for providing technical content and comment on such an issue paper." When he did get a look at the system, Jacobsen said he was "shocked to discover that the airplane was purposely designed and certified to use just one AOA (Angle of Attack) input for a flight critical function." If given the chance during the original certification, he's certain that he and "6 to 8 of our most experienced engineers in the Seattle office" would have identified that as a serious design flaw because there's "a long history of AOA sensor failures." Instead, Boeing minimized MCAS and kept the details of its assessment to itself... The article also argues that Boeing itself didn't grasp the danger of its system. "Michael Teal, 737 MAX chief engineer, testified to Congress that he first learned only after the Lion Air crash that MCAS relied on a single sensor.

Read more of this story at Slashdot.

Long-time Slashdot reader sproketboy shared a link to SvarDOS, "an open-source project that is meant to integrate the best out of the currently available DOS tools, drivers and games." From their site: DOS development has been abandoned by commercial players a very long time ago, mostly during early nineties. Nowadays, it survives solely through the efforts of hobbyists and retro-enthusiasts, but this is a highly sparse and unorganized ecosystem. SvarDOS aims to collect available DOS software, package it and make it easy to find and install applications using a network-enabled package manager (like apt-get, but for DOS and able to run even on a 8086 PC). Once installed, SvarDOS is a minimalistic DOS system that offers only the FreeDOS kernel and the most basic tools for system administration. It is up to the user to install additional packages. Care is taken so SvarDOS remains 8086-compatible, at least in its most basic (core) configuration. SvarDOS files are published under the terms of the MIT license. This applies only to SvarDOS-specific files, though - the packages supplied with SvarDOS may be subject to different licenses (GPL, BSD, Public Domain, Freeware...).

Read more of this story at Slashdot.

"iCloud has had the occasional service issue, but its latest problem appears to be highly... specific," writes Engadget: Actor and author Rachel True claims iCloud has effectively locked her out of her account due to the way her last name was written. Reportedly, her Mac thought lower-case "true" was a Boolean (true or false) flag, leading the iCloud software on the computer to seize up. The problem has persisted for over six months, she said. True said she'd spent hours talking to customer service, and that Apple hadn't stopped charging her for service. She could switch to the free tier, although she'd also lose most of her online storage if she did. True has apparently resorted to imploring desperately in tweets to both @Apple and @AppleSupport. "Now that I a layman have explained problem to you a giant computer company, could u fix...?" "A thing I've learned about life so far is I hate being the test case." "When I get a dog I'm naming it Boolean Bobby Drop Tables True"

Read more of this story at Slashdot.

ArghBlarg (Slashdot reader #79,067) shares some research from a senior application security engineer at GitLab: Michael Henrikson describes his investigations into Go package manager "supply chain" attacks and found at least one very suspicious package, typosquatting on one of the most popular logging libraries. The imposter package phones home to an IP he alleges belongs to the Chinese company Tencent, a good case for always going over your package imports, in any language, and ensuring you're either a) auditing them regularly, or b) keeping frozen vendored copies which you can trust. From the article: I honestly expected the list to be bigger, but I was of course happy to see that the Go ecosystem isn't completely infested (yet) with malicious typosquat packages... It looks like the author utfave wants to know the hostname, operating system, and architecture of all the machines using their version of urfave/cli. The function extracts the system information and then calls out to the IP address 122.51.124.140 belonging to the Chinese company Shenzhen Tencent Computer Systems via HTTP with the system information added as URL parameters. While this code won't give them any access to systems, it's highly suspicious that they collect this information and the actor can quickly change this code to call back with a reverse shell if they identify a system to be valuable or interesting... I think Go is in a better situation than other programming languages because the source of packages is always explicitly written every time they are used, but code editor automation could make typosquat attacks more likely to happen as the developer doesn't write the import paths manually as often.

Read more of this story at Slashdot.

In the areas where Amazon operates, "low-wage workers at other businesses have seen significant wage growth since 2018..." reports the New York Times, "and not because of new minimum-wage laws." The gains are a direct result of Amazon's corporate decision to increase starting pay to $15 an hour three years ago, which appears to have lifted pay for low-wage workers in other local companies as well, according to new research from economists at the University of California, Berkeley, and Brandeis University... [T]he research illustrates how difficult it can be for low-wage workers to command higher pay in the modern American economy — until a powerful outside actor, like a large employer or a government, intervenes. Most directly, there is little evidence in the paper that raising the minimum wage would lead to significant job loss, even in low-cost rural areas, a finding consistent with several recent studies. Other research, including a recent report from the Congressional Budget Office, has found a larger negative effect on jobs, although still smaller than many economists believed in the past. The authors of the latest study — Ellora Derenoncourt of Berkeley and Clemens Noelke and David Weil of Brandeis — studied Amazon, Walmart and Target, which operate in areas where wages tend to be low. But even in those places, the researchers found, wage increases by the large corporate employers appear to drive up wages without driving down employment. "When you have major changes in the wage policies of large actors in the labor market, this has ripple effects," Dr. Derenoncourt said in an interview. At the same time, Dr. Weil added, "the sky doesn't fall."

Read more of this story at Slashdot.

Slashdot reader b-dayyy quotes the Linux Security blog: While all Linux 'distros' — or distributed versions of Linux software — are secure by design, certain distros go above and beyond when it comes to protecting users' privacy and security. We've put together a list of our favorite specialized secure Linux distros and spoken with some of their lead developers to find out first-hand what makes these distros so great. This "favorites" list cites six "excellent specialized secure Linux distros." Some highlights from the article: In a conversation with the LinuxSecurity editors, Qubes OS Community Manager Andrew David Wong elaborated, "Rather than attempting to fix all of the security bugs in software, Qubes assumes that all software is buggy and compartmentalizes it accordingly, so that when flaws are inevitably exploited, the damage is contained and the user's most valuable data is protected." A Kali Linux contributor provides some insight into the distro's history and the benefits it offers users: "Named after a Hindu goddess, Kali has been around for a long time — but it's still updated weekly, can be run in live mode or installed to a drive, and can also be used on ARM devices like Raspberry Pi." Obviously there's strong opinions among Slashdot readers. So share your own thoughts in the comments. What's the best Linux distro for enhanced privacy and security?

Read more of this story at Slashdot.

Tim Wu coined the phrase "net neutrality". He's the author of The Curse of Bigness: Antitrust in the New Gilded Age , and Bloomberg calls him an "outspoken advocate for aggressive antitrust enforcement against U.S. technology giants." They add that now the Columbia University media law professor "is joining the White House an adviser, signaling that the Biden administration is preparing to square off against the industry's biggest companies." Wu will join the National Economic Council as a special assistant on technology and competition policy, the White House said Friday. Wu's appointment elevates to a senior position in the administration a leading antitrust expert, favored by progressives, who has assailed the power of dominant tech companies like Alphabet Inc.'s Google and Facebook Inc. Both companies were sued by U.S. antitrust enforcers last year for allegedly abusing their monopoly power... After the Federal Trade Commission and state attorneys general sued Facebook in December, Wu wrote a column in the New York Times comparing Facebook's strategy of buying competitors to Standard Oil's tactics in the 19th century. "What the federal government and states are doing is reasserting a fundamental rule for all American business: You cannot simply buy your way out of competition," Wu wrote. "Facebook, led by its chief executive, Mark Zuckerberg, has taken that strategy to a smirking and egregious extreme, acquiring multiple companies to stifle the competitive threat they pose." Wu joins the Biden administration as tech giants are grappling with a reckoning in Washington that could transform the industry. The Facebook lawsuit could lead to the breakup of the company, while the Justice Department's complaint against Google targets the heart of its business — Internet search. Antitrust enforcers have also opened investigations of Apple Inc. and Amazon... Wu argued in his book, The Curse of Bigness: Antitrust in the New Gilded Age, that rising concentration across the economy has led to concentrated wealth and power as well as radicalized politics that threatens American democracy. A White House press briefing Friday included this response to a question about Biden's plans for big tech companies: The President has been clear — on the campaign, and, probably, more recently — that he stands up to the abuse of power, and that includes the abuse of power from big technology companies and their executives. And Tim will help advance the President's agenda, which includes addressing the economic and social challenges posed by the growing power of tech platforms; promoting competition and addressing monopoly and market power issues; expanding access to broadband for low-income and rural communities across the country... We don't have new policy to announce here... Just that the President believes, as he's talked about before, that it's important to promote competition and address monopoly and market power issues. Interestingly, last August Wu also wrote an op-ed in the New York Times titled "A TikTok Ban is Overdue," arguing that China's "extensive blocking, censorship and surveillance violate just about every principle of internet openness and decency. China keeps a closed and censorial internet economy at home while its products enjoy full access to open markets abroad..." The asymmetry is unfair and ought no longer be tolerated. The privilege of full internet access — the open internet — should be extended only to companies from countries that respect that openness themselves... [China] bans not only most foreign competitors to its tech businesses but also foreign sources of news, religious instruction and other information, while using the internet to promote state propaganda and engage in foreign electoral interference... Few foreign companies are allowed to reach Chinese citizens with ideas or services, but the world is fully open to China's online companies... The idealists who thought the internet would automatically create democracy in China were wrong. Some think that it is a tragic mistake for the United States to violate the principles of internet openness that were pioneered in this country. But there is also such a thing as being a sucker. If China refuses to follow the rules of the open internet, why continue to give it access to internet markets around the world...? We need to wake up to the game we are playing when it comes to the future of the global internet. The idealists of the 1990s and early '00s believed that building a universal network, a kind of digital cosmopolitanism, would lead to world peace and harmony. No one buys that fantasy any longer. But if we want decency and openness to survive on the internet — surely a more attainable goal — the nations that hold such values need to begin fighting to protect them.

Read more of this story at Slashdot.

Last week Firefox's official blog responded to some viral misinformation about the Firefox logo. "People were up in arms because they thought we had scrubbed fox imagery from our browser. Rest easy knowing nothing could be further from the truth..." Sure, it's stressful to have hundreds of thousands of people shouting things like "justice for the fox" in all-caps in your mentions for three days straight, but ultimately that means people are thinking about the brand in a way they might not have for years. .. The logo causing all the stir is one we created a while ago with input from our users. Back in 2019, we updated the Firefox browser logo and added the parent brand logo as a new logo for our broader product portfolio that extends beyond the browser... which represents the family of Firefox products we make outside of just the Firefox browser, like Firefox Monitor. It's not an icon you're going to see on a dock, phone's home screen or desktop, though. We didn't get rid of the fox then and have no plans to do so now, or ever. Plenty of folks jumped in to try and clear things up in the original thread, but once the "they killed the fox" meme caught momentum and became the "Firefox minimalist logo" meme, there was no stopping it. It spread to Instagram and then to Reddit. The memes became so pervasive that there were memes being made about how there were too many Firefox logo memes... Well, fear not, because no matter what you think you heard on the internet, the fox isn't leaving any time soon. For our Firefox Nightly users out there, we're bringing back a very special version of an older logo, as a treat. Stay tuned.

Read more of this story at Slashdot.

InfoQ reports: Deno 1.8 recently shipped with plenty of new features, including WebGPU support, internationalization APIs, stabilized import maps, support for fetching private modules, and more. The Deno permissions API is now stable. Deno 1.8 additionally ships with TypeScript 4.2. The release note explained the motivation behind the support for the WebGPU APIs as follows: These days, most neural networks are defined in Python with the computation offloaded to GPUs. We believe JavaScript, instead of Python, could act as an ideal language for expressing mathematical ideas if the proper infrastructure existed. Providing WebGPU support out-of-the-box in Deno is a step in this direction. Our goal is to run Tensorflow.js on Deno, with GPU acceleration. We expect this to be achieved in the coming weeks or months. WebGPU is an API originally proposed by Apple that exposes the GPU computation functionality available on many devices. WebGPU may provide better performance than WebGL in tasks that benefit from parallel processing — as often occurs in scientific computing, machine learning, graphics and games development... Deno users can upgrade by running deno upgrade in a terminal.

Read more of this story at Slashdot.

"In a message to the Linux Kernel Mailing List Wednesday, founding developer Linus Torvalds warned the world not to use the 5.12-rc1 kernel in his public git tree..." writes Ars Technica: As it turns out, when Linus Torvalds flags some code dontuse, he really means it — the problem with this 5.12 release candidate broke swapfile handling in a very unpleasant way. Specifically, the updated code would lose the proper offset pointing to the beginning of the swapfile. Again, in Torvalds' own words, "swapping still happened, but it happened to the wrong part of the filesystem, with the obvious catastrophic end results." If your imagination is insufficient, this means that when the kernel paged contents of memory out to disk, the data would land on random parts of the same disk and partition the swapfile lived on... not as files, mind you, but as garbage spewed directly to raw sectors on the disk. This means overwriting not only data in existing files, but also rather large chunks of metadata whose corruption would likely render the entire filesystem unmountable and unusable. Torvalds goes on to point out that if you aren't using swap at all, this problem wouldn't bite you. And if you're using swap partitions, rather than swap files, you'd be similarly unaffected... Torvalds also advised anyone who'd already pulled his git tree to do a git tag -d v5.12-rc1 "to actually get rid of the original tag name..." — or at least, to not use it for anything. "I want everybody to be aware..." Torvalds writes, "because _if_ it bites you, it bites you hard, and you can end up with a filesystem that is essentially overwritten by random swap data. This is what we in the industry call 'double ungood'."

Read more of this story at Slashdot.