Aggregator

Potential takeover would represent significant commitment to the open instruction set architecture

More reasons to love social media and AI

New simulations suggest Venus' extremely slow backward rotation may have been triggered by a high-angle collision with a fast-moving object roughly one-tenth its mass. The impact could have dramatically altered Venus' spin and melted nearly its entire mantle. Universe Today reports: Venus' bizarre and extraordinarily slow retrograde rotation on its axis has long puzzled planetary scientists. But in a new paper presented at the recent European Geosciences Union General Assembly in Vienna, the authors argue that their models indicate that a high angle moon-sized, high-velocity impactor likely triggered Venus's strange 248-day rotation. And it probably happened within the first 50 million years of Venus' formation. [...] The team found that an impactor that is about a tenth of Venus' mass hitting the planet at a high angle could drastically slow the early young planet's rotation. Depending on the actual impact parameters, we can slow down a rapidly rotating early Venus to rotation rates that are that are compatible with long-term evolution towards a slow rotating planet, says [Cedric Gillmann, the paper's lead author and a planetary scientist at ETH Zurich]. Or even in some cases with large energetic impact that happen with a tangential impact that would even put planets early on in already a retrograde but faster rotation, he says. In the simulations, giant impacts expectedly produce surface magma oceans, the paper's authors note. Their relative depths vary depending on impact properties: from a shallow melt layer in the order of 100km thick to a fully molten mantle, they note. If the surface can radiate heat to space efficiently, the magma ocean cools down quickly, they write. If Gillmann and colleagues are correct, Venus' likely impactor also melted some 99 percent of Venus' mantle. That is, the interior structure that extends between its core and crust. You will get rid of that impact heat pretty efficiently, and after a few hundred million years, you end up seeing an evolution that is very difficult to distinguish from a case where you don't have an impact, says Gillmann. What role the impact may have played in Venus' lack of plate tectonics, however, remains open for debate. But it's known that Venus' lack of a large-scale carbon recycling mechanism likely led to its current runaway greenhouse.

Read more of this story at Slashdot.

Union says outsourcer will miss June 30 target after portal meltdown and mounting complaints

Analysts say Redmond still has billions of reasons to keep backing its flagship DBMS, even as Azure, Postgres, and AI hog the spotlight

Look to AI agents and open source to escape the vendor-driven upgrade cycle

Nextcloud rollout shows locally controlled storage is one thing; getting users off Office is quite another

The newest open-source project out of Intel is the Intel Performance Skills project that is providing AI agent skills to help with CPU performance analysis and performance optimizations on Linux...

The GNU Linux-libre project announced today the release and general availability of the GNU Linux-libre 7.1 kernel for those who seek 100% freedom for their GNU/Linux computers and software freedom lovers.

In addition to the surprising impact of /proc/filesystems read optimizations for Linux 7.2, another one of the VFS pull requests for this next kernel version is delivering some nice improvements for EXT4 and XFS around IOmap, the framework that maps file data offsets in memory to their physical locations on storage...

A Chinese Zhuque-2E rocket's upper stage broke apart shortly after last week's June 9 launch, likely creating 100 to 150 pieces of debris in a busy region of low-Earth orbit crossed by the ISS and lower-altitude Starlink satellites. Most fragments should reenter within months because of atmospheric drag, but experts say the incident adds to a worsening trend as China leaves more large rocket bodies in orbit while expanding its launch rate. Ars Technica reports: The US Space Force confirmed the breakup event in a post on space-track.org, a website used by the military to distribute orbit data to the public. "The tracked pieces are being incorporated into routine conjunction assessment to support spaceflight safety," the Space Force wrote in an advisory. "There are currently no threats to human spaceflight. Analysis is ongoing." So far, the Space Force has not added any of the debris fragments to the official catalog of human-made space objects. [...] The bad news is that the Zhuque-2E's breakup is the latest chapter in China's growing contribution to the space junk problem. After decades of leaving spent rocket bodies in orbit, launch operators in most countries now reserve enough fuel to steer their upper stages back to Earth for controlled reentries. Rocket bodies attributed to Russia and the former Soviet Union account for the bulk of the launch-related debris in long-lived orbits, followed by China and the United States. But the Russian and American numbers are declining or holding steady, while the mass of Chinese rocket bodies in these long-lived orbits has grown by more than 150 percent in the past five years, according to a new analysis by Space Domain Awareness expert Jim Shell. The increase comes as China ramps up launches of its own megaconstellations designed to compete with SpaceX's Starlink. Rocket bodies are the most concerning sources of space debris because they are typically fairly large in size and mass, often with residual propellant and high-pressure gases that can trigger an explosion. There is no way to maneuver or dispose of them if left abandoned in orbit after releasing their payloads. McKnight characterized the recent breakup of the Zhuque-2E rocket as a "slight space safety issue," but the trend is not good. China's Long March 6A rocket has an especially bad track record, including two explosions that littered a higher-altitude low-Earth orbit with more than 1,000 debris fragments, where they will remain for decades or centuries. "Three of the top four breakup events in LEO are of Chinese origin, with two of these events being from Chinese (rocket body) explosions in the last four years," McKnight said.

Read more of this story at Slashdot.

Ubuntu Touch 24.04-2 promises better web compatibility with Morph Browser, moving from Chromium 87 to Chromium 134.

Earmarked donations let GNOME fund two fellows to modernize Files (Nautilus), improve tooling, and bolster project-level governance.

An anonymous reader quotes a report from TechCrunch: A group made up of dozens of cybersecurity experts, including several well-known veterans of the industry, published an open letter to the U.S. government asking it to lift the export control order on Anthropic's Fable and Mythos models. According to the open letter, "this action has taken the best models away from [cybersecurity] defenders" who now can't use the models to find vulnerabilities and make their software and products more secure. "To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous," read the letter. On Friday, the U.S. government ordered Anthropic to limit the export of Fable and Mythos, citing national security concerns, without explaining the specific reasons behind the order, according to Anthropic. In response, the company suspended access to the models to all users worldwide. As of this writing, the letter is signed by 76 cybersecurity experts, including Alex Stamos, former Facebook chief of security; Casey Ellis, the founder bug bounty platform Bugcrowd; Jon Callas, famed cryptographer and former Apple security design and architecture manager; Paul Vixie, computer scientist ; Dino Dai Zovi, the former head of applied security engineering at Block; Katie Moussouris, the founder of Luta Security; and Rachel Tobac, the CEO of the security awareness training firm SocialProof Security. [...] Anthropic said that the White House export control order may have been based on a report that there was a method to bypass -- or jailbreak -- Fable to unlock its powerful Mythos-level capabilities. According to Katie Moussouris, one of the signatories of the open letter, the method was demonstrated by Amazon researchers in a paper that is not public but that she has reviewed. But Moussouris said in a blog post that the paper did not actually demonstrate a real jailbreak. Instead, she wrote, the researchers simply asked Fable to fix open source code with public and known vulnerabilities along with "deliberately planted vulnerabilities," after the model initially refused to "review the code for security issues." "The behavior described in the paper cannot meaningfully be fixed, and any attempt would only weaken the model for defense," Moussouris wrote. "Defenders need to be able to ask AI to fix the bugs in a file, explain why the fix matters, and write tests that confirm the patch works. That is not a guardrail bypass. It is the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day." Moussouris' critique was echoed in the open letter, which also said that the group of experts believe the model capabilities in the Amazon paper "can be replicated" on OpenAI's GPT-5.5, on Anthropic's own publicly available Claude Opus 4.8 and Sonnet, "and even Chinese models like Kimi 2.7." Moussouris told TechCrunch that "the bugs used to demonstrate the techniques in the paper can be found using the other models. The method in the paper is a guardrail bypass technique. Other models that lack the Fable guardrails often won't refuse the straightforward request to look for security bugs, so they don't need a bypass." The letter also asked for transparently and fairly enforced regulations created by "a democratic rule-making process" that are based on scientific research done by industry and academic experts, and "used only to the minimal extent necessary to ensure the safety of the American public."

Read more of this story at Slashdot.

FreeRDP 3.27 arrives with stronger TLS defaults, five security advisories, Android client updates, and Azure/Entra improvements.

The FreeBSD Project announced today the launch of an AI-Assisted Vulnerability Discovery Project with grant funding provided by the Linux Foundation backed Alpha-Omega project. Alpha-Mega has sponsors including Microsoft, AWS, Google, Anthrophic, OpenAI, and others who will now be helping with FreeBSD uncovering new vulnerabilities by leveraging AI...

Modern applications are API-driven, interconnected, and often over-permissioned, making them an ideal target for AI-assisted attacks.

What's up, DocLang?

The Federal Data Center Enhancement Act (FDCEA) is set to expire in September without an apparent replacement, potentially ending requirements for federal agencies to report on data-center efficiency, resilience, energy and water use, and contractor sustainability. Wired reports: Despite the public backlash, the Office of Management and Budget (OMB), the government agency that sets guidance for how agencies implement policies in line with the president's agenda, is not providing any plans for how federal agencies should manage the sunset or continue to implement reporting beyond the timeline of the law. This, current and former workers at OMB and the General Services Administration (GSA) say, signals that the Trump administration is set to take an even more hands-off approach to data center oversight and regulation. A replacement for the requirements laid out in FDCEA would, in other administrations, have been in the works for months ahead of its expiration. An employee with the GSA, the agency that oversees the government's IT services and helps to implement the FDCEA, says that the lack of any sort of plan is highly uncommon. The employee spoke to WIRED on the condition of anonymity for fear of retaliation. "Never in the history of data center policies has a policy expired without another one having been painstakingly worked on for three years behind the scenes," says the GSA employee. "The technology has changed so much it's not about getting everything right, it's about doing the best they can and updating to a new policy. They claim they're going to make sure private companies pay their fare share, but they haven't explained how they'll do that." [...] There has been a burst of data-center-related legislation introduced in Congress this year, from bills that mandate environmental reviews of data centers to bills designed to protect local moratoriums. However, it appears that none of these bills are designed to address the requirements in FDCEA, nor do they specifically address federally run or leased data centers. [...] A search of reginfo.gov, the OMB website that contains reports on the president's Unified Agenda, also turns up nothing for the FDCEA. "By letting this expire, OMB is going to enter into this new age of prioritizing rapid AI development over any sort of centralized control or rigorous standards," says the anonymous GSA employee who spoke to Wired. "In the absence of a new policy from OMB, [GSA] has no directive or measurable standards with which to point agencies towards managing data centers efficiently."

Read more of this story at Slashdot.

alternative_right shares a report from The Hill: The FBI released an urgent security warning to the public about a fast-acting scam targeting Microsoft 365 users on Teams, Outlook and OneDrive. The agency warned that the hacking platform Kali365 seeks out OAuth device codes, allowing scammers to sneak past multi-factor authentication codes, and without the need for a password, to access Microsoft accounts. Scammers will send a phishing email impersonating a trusted document-sharing service with a device code and instructions on how to verify, according to the FBI. "Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities," the FBI stated. The platform is sold to scammers with a $250 per month subscription. The FBI, which first detected Kali365 in April, described the hacking platform as an "emerging Phishing-as-a-Service platform." Hackers with limited skills can access advanced phishing tools through the platform, according to NordPass.

Read more of this story at Slashdot.