|
Did a Weather Balloon, Not a Mysteryious Space Object, Strike That United Airlines Flight?
Slashdot reader joshuark shares this report from SFGate:
The mystery object that struck a plane at 36,000 feet is likely not space debris, as some speculated, but rather a Silicon Valley test project gone wrong...
WindBorne Systems, a Palo Alto startup that uses atmospheric balloons to collect weather data for AI-based forecast models,has come forward to say that they believe they may be responsible for the object that hit the windshield... "At 6am PT, we sent our preliminary investigation to both NTSB and FAA, and are working with both of them to investigate further," [WindBorne's CEO John Dean posted on social media...]
WindBorne said the company has launched more than 4,000 balloons and that it coordinates with the Federal Aviation Administration for every launch.
WindBorne "has conducted more than 4,000 launches," the company said in a statement, noting that they've always coordinated those launched with America's Federal Aviation Administration and filed aviation alerts for every launched balloon. Plus "The system is designed to be safe in the event of a midair collision... Our balloon is 2.4 pounds at launch and gets lighter throughout flight."
We are working closely with the FAA on this matter. We immediately rolled out changes to minimize time spent between 30,000 and 40,000 feet. These changes are already live with immediate effect. Additionally, we are further accelerating our plans to use live flight data to autonomously avoid planes, even if the planes are at a non-standard altitude. We are also actively working on new hardware designs to further reduce impact force magnitude and concentration.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
Security Holes Found in OpenAI's ChatGPT Atlas Browser (and Perplexity's Comet)
The address bar/ChatGPT input window in OpenAI's browser ChatGPT Atlas "could be targeted for prompt injection using malicious instructions disguised as links," reports SC World, citing a report from AI/agent security platform NeuralTrust:
NeuralTrust found that a malformed URL could be crafted to include a prompt that is treated as plain text by the browser, passing the prompt on to the LLM. A malformation, such as an extra space after the first slash following "https:" prevents the browser from recognizing the link as a website to visit. Rather than triggering a web search, as is common when plain text is submitted to a browser's address bar, ChatGPT Atlas treats plain text as ChatGPT prompts by default.
An unsuspecting user could potentially be tricked into copying and pasting a malformed link, believing they will be sent to a legitimate webpage. An attacker could plant the link behind a "copy link" button so that the user might not notice the suspicious text at the end of the link until after it is pasted and submitted. These prompt injections could potentially be used to instruct ChatGPT to open a new tab to a malicious website such as a phishing site, or to tell ChatGPT to take harmful actions in the user's integrated applications or logged-in sites like Google Drive, NeuralTrust said.
Last month browser security platform LayerX also described how malicious prompts could be hidden in URLs (as a parameter) for Perplexity's browser Comet. And last week SquareX Labs demonstrated that a malicious browser extension could spoof Comet's AI sidebar feature and have since replicated the proof-of-concept (PoC) attack on Atlas.
But another new vulnerability in ChatGPT Atlas "could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant's memory and run arbitrary code," reports The Hacker News, citing a report from browser security platform LayerX:
"This exploit can allow attackers to infect systems with malicious code, grant themselves access privileges, or deploy malware," LayerX Security Co-Founder and CEO, Or Eshed, said in a report shared with The Hacker News. The attack, at its core, leverages a cross-site request forgery (CSRF) flaw that could be exploited to inject malicious instructions into ChatGPT's persistent memory. The corrupted memory can then persist across devices and sessions, permitting an attacker to conduct various actions, including seizing control of a user's account, browser, or connected systems, when a logged-in user attempts to use ChatGPT for legitimate purposes....
"What makes this exploit uniquely dangerous is that it targets the AI's persistent memory, not just the browser session," Michelle Levy, head of security research at LayerX Security, said. "By chaining a standard CSRF to a memory write, an attacker can invisibly plant instructions that survive across devices, sessions, and even different browsers. In our tests, once ChatGPT's memory was tainted, subsequent 'normal' prompts could trigger code fetches, privilege escalations, or data exfiltration without tripping meaningful safeguards...."
LayerX said the problem is exacerbated by ChatGPT Atlas' lack of robust anti-phishing controls, the browser security company said, adding it leaves users up to 90% more exposed than traditional browsers like Google Chrome or Microsoft Edge. In tests against over 100 in-the-wild web vulnerabilities and phishing attacks, Edge managed to stop 53% of them, followed by Google Chrome at 47% and Dia at 46%. In contrast, Perplexity's Comet and ChatGPT Atlas stopped only 7% and 5.8% of malicious web pages.
From The Conversation:
Sandboxing is a security approach designed to keep websites isolated and prevent malicious code from accessing data from other tabs. The modern web depends on this separation. But in Atlas, the AI agent isn't malicious code — it's a trusted user with permission to see and act across all sites. This undermines the core principle of browser isolation.
Thanks to Slashdot reader spatwei for suggesting the topic.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
|
MIT Physicists Find a Way To See Inside Atoms That May Aid Search For Antimatter
"Traditionally, exploring the interior of atomic nuclei requires enormous particle accelerators that stretch for kilometers and propel beams of electrons at extremely high speeds," writes SciTechDaily.
But MIT physicists have unveiled a groundbreaking alternative that "used the atom's own electrons as probes to momentarily enter the nucleus..."
In research published in Science, a team of MIT physicists achieved exceptionally precise measurements of the energy of electrons orbiting a radium atom that had been chemically bonded with a fluoride atom to form radium monofluoride. By studying these molecules, the researchers created a kind of miniature particle collider. Within this environment, the electrons surrounding the radium atom were confined closely enough to occasionally slip into the nucleus before returning to their usual orbits... When those electrons returned to their outer paths, they retained the altered energy, effectively carrying a "message" from within the nucleus that could be decoded to reveal its internal arrangement...
[The researchers] trapped and cooled the molecules and sent them through a system of vacuum chambers, into which they also sent lasers, which interacted with the molecules. In this way, the researchers were able to precisely measure the energies of electrons inside each molecule. When the researchers analyzed their measurements, they noticed that the electrons carried slightly different energies than expected if they had remained outside the nucleus. The difference was incredibly small, only about one millionth of the energy of the laser photon used to excite the molecules, but it was clear evidence that the electrons had entered the radium nucleus and interacted with its protons and neutrons...
The researchers plan to use this new technique to create a detailed map of how forces are distributed inside the nucleus... to chart the nucleus with greater precision and search for possible violations of fundamental symmetries in nature.
"It is thought that additional sources of fundamental symmetry violation are required to explain the almost complete absence of antimatter in our universe," the article points out. "Such violations could be seen within the nuclei of certain atoms such as radium...
"Unlike most atomic nuclei, which are spherical in shape, the radium atom's nucleus has a more asymmetrical configuration, similar to a pear. Scientists predict that this pear shape could significantly enhance their ability to sense the violation of fundamental symmetries, to the extent that they may be potentially observable."
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
Samsung Building Facility With 50,000 Nvidia GPUs To Automate Chip Manufacturing
An anonymous reader quotes a report from CNBC: Korean semiconductor giant Samsung said Thursday that it plans to buy and deploy a cluster of 50,000 Nvidia graphics processing units to improve its chip manufacturing for mobile devices and robots. The 50,000 Nvidia GPUs will be used to create a facility Samsung is calling an "AI Megafactory." Samsung didn't provide details about when the facility would be built. It's the latest splashy partnership for Nvidia, whose chips remain essential for building and deploying advanced artificial intelligence. [...]
On Thursday, Nvidia representatives said they will work with Samsung to adapt the Korean company's chipmaking lithography platform to work with Nvidia's GPUs. That process will results in 20 times better performance for Samsung, the Nvidia representatives said. Samsung will also use Nvidia's simulation software called Omniverse. Known for its mobile phones, Samsung also said it would use the Nvidia chips to run its own AI models for its devices. In addition to being a partner and customer, Samsung is also a key supplier for Nvidia. Samsung makes the kind of high-performance memory Nvidia uses in large quantities, alongside its AI chips, called high bandwidth memory. Samsung said it will work with Nvidia to tweak its HBM4 memory for use in AI chips.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
|
Falling Panel Prices Lead To Global Solar Boom, Except For the US
Longtime Slashdot reader AmiMoJo shares a report from the Financial Times: Solar power developers want to cover an area larger than Washington, DC, with silicon panels and batteries, converting sunlight into electricity that will power air conditioners in sweltering Las Vegas along with millions of other homes and businesses. But earlier this month, bureaucrats in charge of federal lands scrapped collective approval for the Esmeralda 7 projects, in what campaigners fear is part of an attack on renewable energy under President Donald Trump. "We will not approve wind or farmer destroying [sic] Solar," he posted on his Truth Social platform in August. Developers will need to reapply individually, slowing progress.
Thousands of miles away on the other side of the Pacific Ocean, it is a different story. China has laid solar panels across an area the size of Chicago high up on the Tibetan Plateau, where the thin air helps more sunlight get through. The Talatan Solar Park is part of China's push to double its solar and wind generation capacity over the coming decade. "Green and low-carbon transition is the trend of our time," President Xi Jinping told delegates at a UN summit in New York last month. China's vast production of solar panels and batteries has also pushed down the prices of renewables hardware for everyone else, meaning it has "become very difficult to make any other choice in some places," according to Heymi Bahar, senior analyst at the International Energy Agency. [...]
More broadly, the US's focus on fossil fuels and pullback of support for clean energy further cedes influence over the future global energy system to China. The US is trying to tie its trading partners into fossil fuels, pressing the EU to buy $750 billion of American oil, natural gas, and nuclear technologies during his presidency as part of a trade deal, scuppering an initiative to begin decarbonizing world shipping and pressuring others to reduce their reliance on Chinese technology. But the collapsing cost of solar panels in particular has spoken for itself in many parts of the world. Experts caution that the US's attacks on renewables could cause lasting damage to its competitiveness against China, even if an administration more favorable to renewables were to follow Trump's.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
SpaceX Set To Win $2 Billion Pentagon Satellite Deal
According to the Wall Street Journal, SpaceX is reportedly poised to secure a $2 billion Pentagon contract to develop hundreds of missile-tracking satellites for President Trump's ambitious Golden Dome defense system. The Independent reports: The planned "air moving target indicator" system in question could ultimately feature as many as 600 satellites once it is fully operational, The Wall Street Journal reports. Musk's company has also been linked to two more satellite ventures, which are concerned with relaying sensitive communications and tracing vehicles, respectively.
Golden Dome, inspired by Israel's "Iron Dome," was announced by Trump and Secretary of War Pete Hegseth at the White House in May and will amount to a complex system of satellites and weaponry capable of destroying incoming missiles before they hit American targets. The president promised it would be "fully operational" before he leaves office in January 2029, capable of intercepting rockets, "even if they are launched from space," with an overall price tag of $175 billion.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
|
The Numbers Show Xbox's Current Plan Isn't Working
An anonymous reader quotes a report from Gizmodo: It's time for Xbox to eat some humble pie and perform some real soul-searching. Microsoft released its latest quarterly earnings report and proved the worst of our fears about its gaming brand. Not only are Xbox hardware sales down significantly, but the brand itself is barely treading water. Gamers are voicing their displeasure with their wallets, but Microsoft's top brass is still only thinking about the margins. Microsoft was more keen to promote the scale of its cloud and AI services revenue -- which was up 28% year over year -- than talk about its beleaguered gaming brand. The company's overall gaming revenue fell by 2% compared to the same time last year. This was precipitated by a "decline in Xbox hardware," which was down by 22% following a steady decline quarter after quarter. Its first-party games and its Game Pass subscription were doing better, though the overall growth was only up by 1%, and even that was driven by the "better-than-expected performance" of third-party games. You can give credit to titles like Clair Obscur: Expedition 33 for why Xbox isn't in an even deeper hole than it is now.
The tech giant has no expectation that its Xbox brand will start making more money anytime soon. In its earnings call with investors, Microsoft Chief Financial Officer Amy Hood said the company expects Xbox will continue to decline "in the low to mid-single digits" for the following quarter. That's mostly due to the lack of landmark first-party titles. Just this month, Xbox released Ninja Gaiden 4, The Outer Worlds 2, and Double Fine's The Keeper. Xbox also made a huge marketing push for its first handheld, made in partnership with Asus, the ROG Xbox Ally and Ally X. In any other year, this would be a big month for any gaming company. The dour outlook comes after months of bad news. After two subsequent price hikes, Xbox Series S and Series X consoles now cost between $100 to $150 more than they did at launch five years ago. Microsoft also pushed prices of its Game Pass Ultimate subscription tier from $20 to $30 per month. A full-year's subscription would now demand $360. In a separate article, Gizmodo reviews Microsoft's new ROG Xbox Ally X handheld, which "offers a better experience overall" than the "other small-scale Windows PC gaming devices released this year." However, "it's still nowhere close to what you truly want from a console."
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
OpenAI Launches Aardvark To Detect and Patch Hidden Bugs In Code
OpenAI has introduced Aardvark, a GPT-5-powered autonomous agent that scans, reasons about, and patches code like a human security researcher. "By embedding itself directly into the development pipeline, Aardvark aims to turn security from a post-development concern into a continuous safeguard that evolves with the software itself," reports InfoWorld. From the report: What makes Aardvark unique, OpenAI noted, is its combination of reasoning, automation, and verification. Rather than simply highlighting potential vulnerabilities, the agent promises multi-stage analysis -- starting by mapping an entire repository and building a contextual threat model around it. From there, it continuously monitors new commits, checking whether each change introduces risk or violates existing security patterns.
Additionally, upon identifying a potential issue, Aardvark attempts to validate the exploitability of the finding in a sandboxed environment before flagging it. This validation step could prove transformative. Traditional static analysis tools often overwhelm developers with false alarms -- issues that may look risky but aren't truly exploitable. "The biggest advantage is that it will reduce false positives significantly," noted Jain. "It's helpful in open source codes and as part of the development pipeline."
Once a vulnerability is confirmed, Aardvark integrates with Codex to propose a patch, then re-analyzes the fix to ensure it doesn't introduce new problems. OpenAI claims that in benchmark tests, the system identified 92 percent of known and synthetically introduced vulnerabilities across test repositories, a promising indication that AI may soon shoulder part of the burden of modern code auditing.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
|
FCC To Rescind Ruling That Said ISPs Are Required To Secure Their Networks
The FCC plans to repeal a Biden-era ruling that required ISPs to secure their networks under the Communications Assistance for Law Enforcement Act, instead relying on voluntary cybersecurity commitments from telecom providers. FCC Chairman Brendan Carr said the ruling "exceeded the agency's authority and did not present an effective or agile response to the relevant cybersecurity threats." Carr said the vote scheduled for November 20 comes after "extensive FCC engagement with carriers" who have taken "substantial steps... to strengthen their cybersecurity defenses." Ars Technica reports: The FCC's January 2025 declaratory ruling came in response to attacks by China, including the Salt Typhoon infiltration of major telecom providers such as Verizon and AT&T. The Biden-era FCC found that the Communications Assistance for Law Enforcement Act (CALEA), a 1994 law, "affirmatively requires telecommunications carriers to secure their networks from unlawful access or interception of communications."
"The Commission has previously found that section 105 of CALEA creates an affirmative obligation for a telecommunications carrier to avoid the risk that suppliers of untrusted equipment will "illegally activate interceptions or other forms of surveillance within the carrier's switching premises without its knowledge,'" the January order said. "With this Declaratory Ruling, we clarify that telecommunications carriers' duties under section 105 of CALEA extend not only to the equipment they choose to use in their networks, but also to how they manage their networks." A draft of the order that will be voted on in November can be found here (PDF).
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
Bluesky Hits 40 Million Users, Introduces 'Dislikes' Beta
Bluesky has surpassed 40 million users and is launching a "dislikes" beta to improve its personalization algorithms and reduce toxic content. TechCrunch reports: With the "dislikes" beta rolling out soon, Bluesky will take into account the new signal to improve user personalization. As users "dislike" posts, the system will learn what sort of content they want to see less of. This will help to inform more than just how content is ranked in feeds, but also reply rankings.
The company explained the changes are designed to make Bluesky a place for more "fun, genuine, and respectful exchanges" -- an edict that follows a month of unrest on the platform as some users again criticized the platform over its moderation decisions. While Bluesky is designed as a decentralized network where users run their own moderation, some subset of Bluesky users want the platform itself to ban bad actors and controversial figures instead of leaving it up to the users to block them. Bluesky, however, wants to focus more on the tools it provides users to control their own experience.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
|
Austria's Ministry of Economy Has Migrated To a Nextcloud Platform In Shift Away From US Tech
An anonymous reader quotes a report from ZDNet: Even before Azure had a global failure this week, Austria's Ministry of Economy had taken a decisive step toward digital sovereignty. The Ministry achieved this status by migrating 1,200 employees to a Nextcloud-based cloud and collaboration platform hosted on Austrian-based infrastructure. This shift away from proprietary, foreign-owned cloud services, such as Microsoft 365, to an open-source, European-based cloud service aligns with a growing trend among European governments and agencies. They want control over sensitive data and to declare their independence from US-based tech providers.
European companies are encouraging this trend. Many of them have joined forces in the newly created non-profit foundation, the EuroStack Initiative. This foundation's goal is " to organize action, not just talk, around the pillars of the initiative: Buy European, Sell European, Fund European." What's the motive behind these moves away from proprietary tech? Well, in Austria's case, Florian Zinnagl, CISO of the Ministry of Economy, Energy, and Tourism (BMWET), explained, "We carry responsibility for a large amount of sensitive data -- from employees, companies, and citizens. As a public institution, we take this responsibility very seriously. That's why we view it critically to rely on cloud solutions from non-European corporations for processing this information."
Austria's move and motivation echo similar efforts in Germany, Denmark, and other EU states and agencies. The organizations include the German state of Schleswig-Holstein, which abandoned Exchange and Outlook for open-source programs. Other agencies that have taken the same path away from Microsoft include the Austrian military, Danish government organizations, and the French city of Lyon. All of these organizations aim to keep data storage and processing within national or European borders to enhance security, comply with privacy laws such as the EU's General Data Protection Regulation (GDPR), and mitigate risks from potential commercial and foreign government surveillance.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
YouTube TV Loses ESPN, ABC and Other Disney Channels
Disney's channels, including ESPN, ABC, FX, and NatGeo, have gone dark on YouTube TV after Google and Disney failed to renew their carriage agreement before the October 30 deadline, with each side blaming the other for using unfair negotiating tactics and price hikes. YouTube TV says it will issue a $20 credit to subscribers if the blackout continues while negotiations proceed. Engadget reports: "Last week Disney used the threat of a blackout on YouTube TV as a negotiating tactic to force deal terms that would raise prices on our customers," YouTube said in an announcement on its blog. "They're now following through on that threat, suspending their content on YouTube TV." YouTube added that Disney's decision harms its subscribers while benefiting its own live TV products, such as Hulu+Live TV and Fubo.
In a statement sent to the Los Angeles Times, however, Disney accused Google's YouTube TV of choosing to deny "subscribers the content they value most by refusing to pay fair rates for [its] channels, including ESPN and ABC." Disney also accused Google of using its market dominance to "eliminate competition and undercut the industry-standard terms" that other pay-TV distributors have agreed to pay for its content.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
|
Amazon To Block Piracy Apps On Fire TV
Amazon will begin blocking sideloaded piracy apps on Fire TV devices by cross-checking them against a blacklist maintained by the Alliance for Creativity and Entertainment. The company will, however, continue to allow legitimate sideloading for developers. Heise reports: In response to an inquiry, Amazon explained that it has always worked to ban piracy from its app store. As part of an expanded program led by the ACE, it is now blocking apps that demonstrably provide access to pirated content, including those downloaded outside the app store. This builds on Amazon's ongoing efforts to support creators and protect customers, as piracy can also expose users to malware, viruses, and fraud.
[...] The sideloading option will remain available on Fire TV devices running Amazon's new operating system, Vega OS. However, it is generally limited to developers here. In this context, the company emphasized that, contrary to rumors, there are no plans to upgrade existing Fire TV devices with Fire OS as the operating system to Vega OS.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
Denmark Reportedly Withdraws 'Chat Control' Proposal Following Controversy
An anonymous reader quotes a report from The Record: Denmark's justice minister on Thursday said he will no longer push for an EU law requiring the mandatory scanning of electronic messages, including on end-to-end encrypted platforms. Earlier in its European Council presidency, Denmark had brought back a draft law which would have required the scanning, sparking an intense backlash. Known as Chat Control, the measure was intended to crack down on the trafficking of child sex abuse materials (CSAM). After days of silence, the German government on October 8 announced it would not support the proposal, tanking the Danish effort.
Danish Justice Minister Peter Hummelgaard told reporters on Thursday that his office will support voluntary CSAM detections. "This will mean that the search warrant will not be part of the EU presidency's new compromise proposal, and that it will continue to be voluntary for the tech giants to search for child sexual abuse material," Hummelgaard said, according to local news reports. The current model allowing for voluntary scanning expires in April, Hummelgaard said. "Right now we are in a situation where we risk completely losing a central tool in the fight against sexual abuse of children," he said. "That's why we have to act no matter what. We owe it to all the children who are subjected to monstrous abuse."
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
|
YouTube's AI Moderator Pulls Windows 11 Workaround Videos, Calls Them Dangerous
An anonymous reader shares a report: Is installing Windows 11 with a local account or on unsupported hardware harmful or dangerous? YouTube's AI moderation system seems to think so, as it has started pulling videos that show users how to sidestep Microsoft's setup restrictions.
Tech YouTuber Rich White, aka CyberCPU Tech, was the first to go public about the issue on October 26, when he posted a video reporting the removal of a how-to he published on installing Windows 11 25H2 with a local account instead of a Microsoft account. In the video, White expressed concern that YouTube's automated flagging process may be the root of the problem, as he found it hard to believe that "creating a local account in Windows 11 could lead to serious harm or even death," as YouTube reportedly alleged when it removed the video.
When he appealed, White said that YouTube denied the request within 10 to 20 minutes, early on a Sunday morning, which led him to speculate that there wasn't a human in the loop when the request was shut down. That wasn't his only video removed, either. The next day, White uploaded his video for this week on installing Windows 11 25H2 on unsupported hardware, which was removed hours after being posted. YouTube justified the removal on similar grounds. [...] At least two other YouTubers - Britec09 and Hrutkay Mods - have released videos alleging much of the same.
Slashdot
~Created Sat Nov 1 13:27:25 2025
|
NewsBone.com
Suggest a feed to syndicate here, or check out what I'm doing over at freshtao.
~Created Sat Nov 1 13:27:25 2025
|
|
Removing obfuscation in Minecraft: Java Edition
Gaming isn’t something we talk about very often here on OSNews, but I think this piece of news is actually a rare piece of good, welcome news from this industry. Mojang, the Microsoft-owned company behind Minecraft, has announced it’s going to stop obfuscating the code behind the Java edition of Minecraft. A refresher: the Java edition of Minecraft is the original version of the game, which exists alongside the Bedrock Edition, which is written in C++. Both variants are kept more or less in sync with each other. The Java edition has historically been far more moddable, and comes with far fewer restrictions than the Bedrock Edition, which Microsoft maintains far tighter control over. Still, the modding scene around the Java Edition sprung up in spite of Mojang and Microsoft, not because of them, but over the years the modding scene has been embraced more and more by these two companies. The final step in this embrace comes today as Mojang will no longer obfuscate the code behind th Java Edition. Minecraft: Java Edition has been obfuscated since its release. This obfuscation meant that people couldn’t see our source code. Instead, everything was scrambled – and those who wanted to mod Java Edition had to try and piece together what every class and function in the code did. But we encourage people to get creative both in Minecraft and with Minecraft – so in 2019 we tried to make this tedious process a little easier by releasing “obfuscation mappings”. These mappings were essentially a long list that allowed people to match the obfuscated terms to un-obfuscated terms. This alleviated the issue a little, as modders didn’t need to puzzle out what everything did, or what it should be called anymore. But why stop there? ↫ Minecraft website This is excellent news for the game, the wider modding community, and players. Minecraft is still a massively popular game, and making modding easier is very welcome, as for a lot of people, mods are what make Minecraft actually interesting. It’s also rare to see a massive force in gaming making a positive step like this, so they deserve the few kudos.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
How did the Windows 95 user interface code get brought to the Windows NT code base?
After the release of Windows 95, with its brand new and incredibly influential graphical user interface, it was only a matter of time before this new taskbar, Start menu, and everything else would make its way to Microsoft’s other operating system line, Windows NT. The development of Windows 95 more or less lined up with that of Windows NT 3.5, but it wouldn’t be until Windows NT 4.0, released a little less than a year after Windows 95, that NT, too, would have the brand new user interface. Raymond Chen has published a blog post detailing the cooperation and interplay between the Windows 95 and Windows NT teams, and, as always with Chen, it’s a joy to read. Members of the Windows 95 user interface team met regularly with members of the Windows NT user interface team to keep them aware of what was going on and even get their input on some ideas that the Windows 95 team were considering. The Windows NT user interface team were focused on shipping Windows NT, but they appreciated being kept in the loop. During the late phases of the development of Windows 95, the Windows NT side of the house took a more active role in bringing the Windows 95 user interface to Windows NT. ↫ Raymond Chen at The Old New Thing Chen details there was a lot of code-sharing, to the point where the Windows 95 version of the GUI contained NT-specific code, and vice versa. This code-sharing was quite a lot less elegant than today with tools like git, since Microsoft’s own internal source code system called SLM (pronounced ‘slime’) did not support branches, so they had to regularly perform three-way merges manually. It was a different time, for sure. Anyway, it’s amazing how much of this ancient Microsoft lore could’ve been lost to time, or shrouded in mystery, if it wasn’t for someone like Raymond Chen regularly sharing the stories from Microsoft’s past.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
|
OpenIndiana 2025.10 released
OpenIndiana, the Illumos distribution for general use, has released its latest snapshot release, and there’s some really interesting things in there. To refresh your memory: Illumos is a fork of the final OpenSolaris release, based on Solaris 11, before Oracle closed Solaris back up. It’s been in development ever since that fateful day back in 2010, and several Illumos distributions with unique identities have sprung up around the project. OpenIndiana is one of them, and functions like a rolling release with a snapshot release every six months. OpenIndiana 2025.10 was released today, and this snapshot’s changelog covers changes over the past six months. It comes with all the latest open source packages you would expect, like the latest or at least very recent versions of Firefox, Thunderbird, LibreOffice, and much more, but the GNOME version (44.4 from 2023) is definitely a bit outdated. There’s a ton new utilities written in Rust, and the usual bug and security fixes as well, like for crucial utilities such as OpenSSL and OpenSSH, and things like Python versions 3.14 3.13, 3.12, and 3.9. A particularly interesting bullet point is maintenance work and improvements for Sun Ray support, and the changelog notes that these little thin clients are still popular among their users. I’m very deep into the world of Sun Rays at the moment, so reading that you can still use them through OpenIndiana is amazingly cool. There’s a Sun Ray metapackage that installs the necessary base components, allowing you to install Sun’s/Oracle’s original Sun Ray Server software on OpenIndiana. Even though MATE is the default desktop for OpenIndiana, the Sun Ray Server software does depend on a few GNOME components, so those will be pulled in. I’ve definitely put this on my list, once I’m done with my current Sun Ray deep dive on Solaris 10. If you’re interested in SPARC support, there’s quite a few machines that do work with the SPARC version of OpenIndiana, and recently, there’s been a lot of progress on this front. Running the SPARC version on various servers can work, but desktop use, say, on a Sun Ultra 45, is a bit more problematic due to boot issues and a lack of graphics drivers. The work is ongoing, though, and there’s been a ton of renewed interest.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
Windows to automatically suggest a memory scan after a blue screen
Microsoft is introducing a new feature in Windows to better deal with blue screens of death. In the release notes for Windows 11 Insider Preview Build 26220.6982 (Dev Channel), the company detailed that after a user experiences a blue screen, Windows will automatically perform a memory scan. We’re introducing a new feature that helps improve system reliability. If your PC experiences a bugcheck (unexpected restart), you may see a notification when signing in suggesting a quick memory scan. If you choose to run it, the system will schedule a Windows Memory Diagnostic scan to run during your next reboot (taking 5 minutes or less on average) and then continue to Windows. If a memory issue is found and mitigated, you will see a notification post-reboot. ↫ Amanda Langowski at the Windows Blogs In its current iteration, this memory scan will trigger after every single error code to collect as much data as possible, but Microsoft states it will refine and narrow the number of error codes in the future. In addition, this feature will not be available on Arm64 and systems with Administrator Protection and/or BitLocker without Secure Boot. Let’s hope this feature won’t be a nuisance, but an actually useful feature that helps people uncover memory problems that otherwise remain undiagnosed.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
|
Python Software Foundation has bigger spine than big tech
Back in January 2025, the Python Software Foundation applied for a $1.5 million grant from the US government’s National Science Foundation, under the Safety, Security, and Privacy of Open Source Ecosystems program, to address structural vulnerabilities in Python and PyPI. After a lot of paperwork, their application was approved, but upon receiving the contractual agreement, the Python Software Foundation decided to back out. Why? We became concerned, however, when we were presented with the terms and conditions we would be required to agree to if we accepted the grant. These terms included affirming the statement that we “do not, and will not during the term of this financial assistance award, operate any programs that advance or promote DEI, or discriminatory equity ideology in violation of Federal anti-discrimination laws.” This restriction would apply not only to the security work directly funded by the grant, but to any and all activity of the PSF as a whole. Further, violation of this term gave the NSF the right to “claw back” previously approved and transferred funds. This would create a situation where money we’d already spent could be taken back, which would be an enormous, open-ended financial risk. In the end, however, the PSF simply can’t agree to a statement that we won’t operate any programs that “advance or promote” diversity, equity, and inclusion, as it would be a betrayal of our mission and our community. ↫ Loren Crary at the PSF blog The fact that this is news at all is a deeply sad state of affairs, but it’s great to see at least some organisations in tech still have a spine. In a world where tech giants and their sleazy CEOs are falling over each other to lather the US president in bribes and tasteless gifts, it’s refreshing to see someone passing up on what would be an enormous amount of money for them. The PSF operates on a budget of $5 million a year, so $1.5 million would be a massive boon for the effort. The efforts of the PSF regarding outreach have been incredibly successful over the years. PyCon US had 1% female speakers in 2011, 7% in 2012, 15% in 2013, 33% in both 2014 and 2015, and 40% in 2016. “DEI” efforts usually just mean the gruntwork of reaching out to members of underrepresented groups within your community, and ensuring they feel welcome, safe, and respected. Monocultures tend to be self-destructive, whether we’re talking about operating systems or people. Having perspectives from people with different backgrounds, different life experiences, and different approaches is a massive net benefit to your organisation. Making efforts to foster such environments illegal is absolute batshit insanity, and I’m glad that unlike cowards like Tim Cook or Sundar Pichai, the Python Software Foundation has a spine and is standing up for what’s right.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
I’d like to speak to the Bellcore ManaGeR
I love it when I discover – usually through people smarter than I – an operating system or graphical user interface I’ve never heard of. This time, we’ve got Bellcore MGR, as meticulously detailed by Nina Kalinina a few weeks ago. I love old computers, and I enjoy looking at old user interfaces immensely. I could spend a whole evening on installing an old version of MS Word and playing with it: “Ah, look, how cute, they didn’t invent scrollbars just yet”. A special place in my heart is taken by user interfaces that were historically significant and yet fell into relative obscurity (like Windows 2 or BTRON). This is why I absolutely had to try Bellcore MGR. An early windowing system (1984), it was made by the Bell Communications Research, and it looked like Plan 9’s older sister. The system was distributed over the Usenet, ported to every conceivable Unix-like system, including Minix, Linux and Coherent, and – eventually – mostly forgotten. The only two videos on YouTube that have something to do with MGR have a bit over 1000 views combined, and don’t really show it in the best light possible. And I think it’s a crying shame. ↫ Nina Kalinina The reference to Plan 9 is apt, as MGR definitely seems to function almost exactly like Plan 9’s rio graphical user interface, including things like drawing a rectangle to open a new window. Rio is an acquired taste – to put it very mildly – and it seems MGR fits the same bill. There’s also $home movie, an entire video editor for MGR, which is honestly mind-blowing considering it’s running on a mere SPARCstation in the late ’80s and early ’90s. It has an incredibly unique UNIXy flavour: If you don’t have 40 minutes to watch the tour, please do spend two minutes on this demo of the “$HOME MOVIE” system. It is “a suite of tools for the capture, editing and playback of window system sessions on a Sun Sparcstation” based on MGR. It is probably the most Unix way of making videos: the window manager dumps the rendering commands into a file, then the rendering commands can be altered with a set of small tools, some of which are in awk, and then these rendering commands can be packaged into a single demo. ↫ Nina Kalinina Kalinina had to more or less reverse-engineer its unique video format, too, but in doing so managed to upload the original demonstration of $movie home, narrated by its creator and created in $movie home itself, to YouTube. Kalinina also created and uploaded a ready-made hard disk image of Debian 0.93 with Bellcore MGR preinstalled for use in Qemu and 86Box.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
|
The Linux boot process: from power button to kernel
You press the power button. A second later a wall of text scrolls by, or a logo fades in, and eventually Linux appears. What happens in between is not magic. It is a careful handshake between tiny programs and a very literal CPU. This part follows that handshake until the very first line of C code inside the Linux kernel runs. ↫ 0xkato’s blog Exactly what it says on the tin.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
Upcoming Kwin changes extend battery life
I think most of us are aware that compositors use multiple planes to render our user interfaces, and in the case of KDE’s Kwin specifically, they use two planes – one for the user interface, and one specifically for the mouse cursor. Kwin developer Xaver Hugl has been working on changing Kwin to use more than just two planes, and it turns out this delivers some considerable power use reductions and thus battery life improvements. So, when can you use these changes and test them? Due to various driver issues when trying to use overlays, like slow atomic tests on AMD as well as display freezes on some AMD and NVidia GPUs, this feature is still off by default. However, if you want to experiment anyways or attempt to fix the drivers, starting from Plasma 6.5, you can set the KWIN_USE_OVERLAYS environment variable to enable the feature anyways. If you test it, please report your findings! If there’s problems in the drivers, we’d like to know and have bug reports for the GPU vendors of course, but also if things work well that would be nice to hear. ↫ Xaver Hugl Leave it to Linux graphics-related developers to uncover driver bugs in graphics drivers.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
|
“AI” assistants misrepresent news content 45% of the time
An extensive study by the European Broadcasting Union and the BBC highlights just how deeply inaccurate and untrustworthy “AI” news results really are. “AI” sucks even at its most basic function. It’s incredible how much money is being pumped into this scam, and how many people are wholeheartedly defending these bullshit generators as if their lives depended on it. If these tools can’t even summarise a text – something you learn in early primary school as a basic skill – how on earth are they supposed to perform more complex tasks like coding, making medical assessments, distinguish between a chips bag and a gun? Maybe we deserve it.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
Teenager detained at gunpoint by US cops because “AI” mistook a chips bag for a gun
If you’re eating a bag of chips in an area where “AI” software is being used to monitor people’s behaviour, you might want to reconsider. Some high school kid in the US was hanging out with his friends, when all of a sudden, he was being swarmed by police officers with with guns drawn. Held at gunpoint, he was told to lie down, after which he was detained. Obviously, this is a rather unpleasant experience, so say the least, especially considering the kid in question is a person of colour. In the US. Anyway, the “AI” software used by the police department to monitor citizens’ behaviour mistook an empty chips bag in his pocket for a gun. US police officers, who only receive a few weeks of training, didn’t question what the computer told them and pointed guns at a teenager. In a statement, Omnilert expressed regret over the incident, acknowledging that the image “closely resembled a gun being held.” The company called it a “false positive,” but defended the system’s response, stating it “functioned as intended: to prioritize safety and awareness through rapid human verification.” ↫ Alexa Dikos and Rebecca Pryor at FOX45 News I’ve been warning that the implementation of “AI” was going to lead to people dying, and while this poor kid got lucky this time, you know it’s only a matter of time before people start getting shot by US police because they’re too stupid to question their computer overlords. Add in the fact that “AI” is well-known to be deeply racist, and we have a very deadly cocktail of failures.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
|
OpenBSD 7.8 released
Like clockwork, every six months, we have a new OpenBSD release. OpenBSD 7.8 adds support for the Raspberry Pi 5, tons of improvements to sleep, wake, and hibernate, the TCP stack can now run in parallel on multiple processors, and so much more. DRM has been updated to match Linux 6.12.50, and drivers for the Qualcomm Snapdragon DRM subsystem and Qualcomm DisplayPort controller were added as well. The changelog is, as always, long and detailed, so head on over for the finer details. OpenBSD users will know how to upgrade, and new users can visit the download page.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
What about the icons in pifmgr.dll?
Raymond Chen has another great post about some of the classic icons from Windows 95, this time focusing on pifmgr.dll. In this file, there are a variety of random-seeming icons, and it turns out they’re random for a reason: they were just a bunch a fun, generic icons intended for people to use when creating PIF files. The icons in pifmgr.dll were created just for fun. They were not created with any particular programs in mind, with one obvious exception. They were just a fun mix of icons for people to use for their own homemade shortcut files. ↫ Raymond Chen at The Old New Thing For those of us who didn’t grow up with Windows, or who, god forbid, are too young to know, PIF or personal information files are effectively shortcuts to DOS programs for use in a multitasking environment. A PIF file would not only point to the relevant DOS executable, but also contain information about the environment in which said executable was supposed to run. Their history goes back to IBM’s TopView, and Microsoft later embraced and adapted them for use in Windows.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
|
Understanding driver updates through Windows Update
Microsoft has published a set of short questions and answers about driver updates through Windows Update, and there’s one tidbit in there I found interesting. Driver dates might look old, but that is not true. The driver date is descriptive info set by the driver provider and can be any date they choose. When determining which driver to install, Windows Update uses targeting information set by the provider inside the driver files to determine the best driver. This lets the device provider promote the best driver, regardless of the chosen date. ↫ Microsoft knowledge base article Whenever I do have to fiddle with Windows machines, I always wondered about why some drivers in Windows Update would show some seriously old dates. It turns out the answer is as obvious as it always tends to be: OEMs.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
KDE Plasma 6.5 released
KDE is on a roll lately, and keeps on rolling with today’s release of KDE Plasma 6.5. As the project itself notes, this release focuses on relatively small improvements, refinements, and other niceties, without making any massive changes. With Linux desktops taking accessibility more seriously lately than ever before, I want to focus on the accessibility improvements first. The Orca screen reader now announces caps lock state changes, and screen readers will now describe the Shortcuts and Autostart pages more optimally. There’s also a new grayscale colour filter for people sensitive to colours, developers have done Plasma-wide pass to eliminate bright flashes in the UI, and the desktop zoom feature will now follow the text insertion point as it moves around the UI. Keyboard navigation in various parts of Plasma have been improved, and a few other small changes have been to improve accessiblity. Other changes include rounded bottom window corners (which can be turned off), automatic and scheduled theme and wallpaper transitions (e.g. from light to dark), and a new and improved applications permissions settings panel. A small new feature that will be a massive time saver for me is the ability to favourite items in your clipboard history, so they remain available over time. I reuse certain copied bits of text all the time, and I can’t wait to start using this little addition. Remote desktop has also received a ton of love in Plasma 6.5. You can now share your clipboard, and you no longer need to create dedicated RDP user accounts; you can just log in with your normal account credentials as you would expect you could. Plasma’s Discover application, used for application and update management, has seen major work to improve its performance – very welcome, for sure. Of course, there’s a ton of other changes, too. KDE Plasma 6.5 will find its way to your distribution soon enough.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
|
Intel, AMD to bring memory tagging to x86, at some point
Now that ARM’s memory tagging, used extensively by Android ROMs such as GrapheneOS and now also by Apple, is becoming the new norm to aid in improving memory safety, the x86 world can’t sit idly by. As such, Intel and AMD have announced a ChkTag, x86’s version of memory tagging. ChkTag is a set of new and enhanced x86 instructions to detect memory safety violations, such as buffer overflows and misuses of freed memory (use-after-free). ChkTag is designed to be suitable for hardening applications, operating system kernels, hypervisors for virtualization, and UEFI firmware. ChkTag places control in the software developers’ hands to balance their security needs with operational elements that often become prominent when deploying code. For example, ChkTag provides instruction-granular control over which memory accesses are checked. Compilers can offer optimizations and new language features or intrinsics. ChkTag prepares x86 for a future with increasing amounts of code written in memory-safe languages running alongside code in other languages. Furthermore, ChkTag loads tags from linear/virtual memory that can often be committed on demand. ↫ Intel and AMD’s announcement It’s important to note that ChkTag – why not just call it CheckTag – isn’t ready yet, nor is there any indication when it will be included in any processors from Intel and AMD. The goal is to catch certain memory safety problems in hardware. According to Intel and AMD’s shared announcement, developers will have fine-grained control over the feature, allowing them to tap into the functionality in whatever way they deem necessary or valuable for their software in specific circumstances. My fear is that Intel and AMD will use this feature as a product differentiator, restricting it to either more expensive processors or to Xeon/Threadripper processors, thereby fracturing the market. This would inevitably lead to spotty support for the feature across the x86 landscape, meaning most ordinary consumer won’t benefit from it at all.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
This is how much Anthropic and Cursor spend on Amazon Web Services
I can exclusively reveal today Anthropic’s spending on Amazon Web Services for the entirety of 2024, and for every month in 2025 up until September, and that that Anthropic’s spend on compute far exceeds that previously reported. Furthermore, I can confirm that through September, Anthropic has spent more than 100% of its estimated revenue (based on reporting in the last year) on Amazon Web Services, spending $2.66 billion on compute on an estimated $2.55 billion in revenue. ↫ Ed Zitron These numbers do not even include what the company spends on Google’s services. Going through all the numbers and reporting, Zitron explains that the more “successful” Anthropic becomes, the bigger the gap between income from paying customers and its spending on Amazon and Google services becomes. It’s simply unsustainable, and the longer we keep this scam going, the worse the consequences will be when the bubble pops. Sadly, nobody will go to jail once hell breaks loose.
OSnews
~Created Sat Nov 1 12:06:14 2025
|
