It's been a 1,000 years since there was a significant volcanic eruption from Mount Rainier, CNN reminds readers. It's a full 60 miles from Tacoma, Washington — and 90 miles from Seattle. Yet "more than Hawaii's bubbling lava fields or Yellowstone's sprawling supervolcano, it's Mount Rainier that has many U.S. volcanologists worried."

"Mount Rainier keeps me up at night because it poses such a great threat to the surrounding communities, said Jess Phoenix, a volcanologist and ambassador for the Union of Concerned Scientists, on an episode of CNN's series "Violent Earth With Liv Schreiber." The sleeping giant's destructive potential lies not with fiery flows of lava, which, in the event of an eruption, would be unlikely to extend more than a few miles beyond the boundary of Mount Rainier National Park in the Pacific Northwest. And the majority of volcanic ash would likely dissipate downwind to the east away from population centers, according to the US Geological Survey. Instead, many scientists fear the prospect of a lahar — a swiftly moving slurry of water and volcanic rock originating from ice or snow rapidly melted by an eruption that picks up debris as it flows through valleys and drainage channels.

"The thing that makes Mount Rainier tough is that it is so tall, and it's covered with ice and snow, and so if there is any kind of eruptive activity, hot stuff ... will melt the cold stuff and a lot of water will start coming down," said Seth Moran, a research seismologist at USGS Cascades Volcano Observatory in Vancouver, Washington. "And there are tens, if not hundreds of thousands of people who live in areas that potentially could be impacted by a large lahar, and it could happen quite quickly." The deadliest lahar in recent memory was in November 1985 when Colombia's Nevado del Ruiz volcano erupted. Just a couple hours after the eruption started, a river of mud, rocks, lava and icy water swept over the town of Armero, killing over 23,000 people in a matter of minutes... Bradley Pitcher, a volcanologist and lecturer in Earth and environmental sciences at Columbia University, said in an episode of CNN's "Violent Earth"... said that Mount Rainier has about eight times the amount of glaciers and snow as Nevado del Ruiz had when it erupted. "There's the potential to have a much more catastrophic mudflow...."

Lahars typically occur during volcanic eruptions but also can be caused by landslides and earthquakes. Geologists have found evidence that at least 11 large lahars from Mount Rainier have reached into the surrounding area, known as the Puget Lowlands, in the past 6,000 years, Moran said.
Two major U.S. cities — Tacoma and South Seattle — "are built on 100-foot-thick (30.5-meter) ancient mudflows from eruptions of Mount Rainier," the volcanologist said on CNN's "Violent Earth" series.

CNN's article adds that the US Geological Survey already set up a lahar detection system at Mount Rainier in 1998, "which since 2017 has been upgraded and expanded. About 20 sites on the volcano's slopes and the two paths identified as most at risk of a lahar now feature broadband seismometers that transmit real-time data and other sensors including trip wires, infrasound sensors, web cameras and GPS receivers."

Dell's recent return-to-office mandate has met significant resistance, with nearly 50% of US full-time employees opting to remain remote, despite potential career consequences, according to Business Insider. The policy, introduced in February, requires hybrid workers to attend office 39 days per quarter, while remote workers face promotion restrictions. Internationally, about a third of staff chose remote work.

Further reading: Dell Makes Return-To-Office Push With VPN, Badge Tracking.

"Over at Fast Company, where we're celebrating 1994 Week, I wrote about the year of Peak CD-ROM, when excitement over the medium's potential was sky-high and the World Wide Web's audience still numbered in the extremely low millions," writes Slashdot reader and Fast Company technology editor Harry McCracken (harrymcc). "I cover once-famous products such as Microsoft's Encarta encyclopedia, the curse of shovelware, the rise of a San Francisco neighborhood known as 'Multimedia Gulch,' and why the whole dream soon came crashing down." Here's an excerpt from the article: Thirty years ago, a breakthrough technology was poised to transform how people stayed informed, entertained themselves, and maybe even shopped. I'm not talking about the World Wide Web. True, it was already getting good buzz among early adopter types. But even three years after going online, Tim Berners-Lee's creation was "still relatively slow and crude" and "limited to perhaps two million Internet users who have the proper software to gain access to it," wrote The New York Times' Peter H. Lewis in November 1994. At the time, it was the CD-ROM that had captured the imagination of consumers and the entire publishing industry. The high-capacity optical discs enabled mass distribution of multimedia for the first time, giving software developers the ability to create new kinds of experiences. Some of the largest companies in America saw them as media's next frontier, as did throngs of startups. In terms of pure mindshare, 1994 might have been the year of Peak CD, with 17.5 million CD-ROM drives and $590 million in discs sold, according to research firms Dataquest and Link Resources.

You already know that the frenzy didn't last. As the web got faster, slicker, and more readily accessible, CD-ROMs came to look pretty mundane, and eventually faded from memory. Myst, once the best-selling PC game of all time, might be the only 1990s disc that retains a prominent spot in our shared cultural consciousness. (Full disclosure: I do have a friend who can be relied upon to fondly bring up Microsoft's Cinemania movie guide about once a year for no apparent reason.) Revisiting the discs that defined the mid-1990s -- all of which are incompatible with modern operating systems -- isn't easy. To get some of them up and running again, I downloaded virtual CD-ROM files from the Internet Archive and used them with Windows 3.1 on my iPad Pro, courtesy of a piece of software Apple removed from the App Store in 2021. Spending time with titles such as Compton's Interactive Encyclopedia and It's a Wonderful Life Multi-Media Edition, three decades after they last commanded my attention, was a Proustian rush. You may not want to go to similar extremes. But would you indulge me as I wallow in enough CD-ROM nostalgia to get it out of my system?

In November Google agreed to pay Canadian news publishers $100 million annually "in order to be exempt from the Online News Act, which compels tech companies to enter into agreements with news publishers," writes the Canadian Press.

On Friday Google "named the organization it has selected to distribute the $100 million..." The Canadian Journalism Collective will be responsible for ensuring eligible news organizations get their share of the money. The collective is a federally incorporated non-profit organization that was created for this purpose. It was founded in May by a group of independent publishers and broadcasters... "We hope these next steps will be completed as quickly as possible, so Canadian publishers and journalists can soon begin to receive the proceeds of this new contribution model," Google said in a blog entry posted on their website Friday...

The money will be distributed proportionately based on how many full time-journalists the companies employ. Small print and digital outlets can expect to receive about $17,000 per journalist that they employ, an official with the Canadian Heritage Department has said.
Google's money will go to 1,520 news organizations, according to Google's blog post — which describes the arrangement as "addressing our concerns with the Online News Act" and "a viable path to an exemption at a clear and commercially acceptable commitment level..." As part of this transition, we have advised partners in our Google News Showcase program (our online news experience and licensing program for news organizations) will cease to operate in Canada later this year as we transition to this new contribution model. We will be maintaining some Google News Initiative programming in Canada. This includes a range of collaborative tools and resources that can support the advancement of quality journalism. However, with our monetary contribution in Canada now streamlined into the new single collective model, these investments will be non-monetary in nature.

The Marubo people, an isolated Indigenous tribe in the Amazon, have gained high-speed internet access through Elon Musk's Starlink service, drastically altering their traditional way of life. While the internet has brought significant benefits like improved communication and emergency response, it has also introduced challenges such as social media addiction, exposure to inappropriate content, and cultural erosion. The New York Times reports: After only nine months with Starlink, the Marubo are already grappling with the same challenges that have racked American households for years: teenagers glued to phones; group chats full of gossip; addictive social networks; online strangers; violent video games; scams; misinformation; and minors watching pornography. Modern society has dealt with these issues over decades as the internet continued its relentless march. The Marubo and other Indigenous tribes, who have resisted modernity for generations, are now confronting the internet's potential and peril all at once, while debating what it will mean for their identity and culture.

The internet was an immediate sensation. "It changed the routine so much that it was detrimental," [admitted one Marubo leader, Enoque Marubo]. "In the village, if you don't hunt, fish and plant, you don't eat." Leaders realized they needed limits. The internet would be switched on for only two hours in the morning, five hours in the evening, and all day Sunday. During those windows, many Marubo are crouched over or reclined in hammocks on their phones. They spend lots of time on WhatsApp. There, leaders coordinate between villages and alert the authorities to health issues and environmental destruction. Marubo teachers share lessons with students in different villages. And everyone is in much closer contact with faraway family and friends. To Enoque, the biggest benefit has been in emergencies. A venomous snake bite can require swift rescue by helicopter. Before the internet, the Marubo used amateur radio, relaying a message between several villages to reach the authorities. The internet made such calls instantaneous. "It's already saved lives," he said.

In April, seven months after Starlink's arrival, more than 200 Marubo gathered in a village for meetings. Enoque brought a projector to show a video about bringing Starlink to the villages. As proceedings began, some leaders in the back of the audience spoke up. The internet should be turned off for the meetings, they said. "I don't want people posting in the groups, taking my words out of context," another said. During the meetings, teenagers swiped through Kwai, a Chinese-owned social network. Young boys watched videos of the Brazilian soccer star Neymar Jr. And two 15-year-old girls said they chatted with strangers on Instagram. One said she now dreamed of traveling the world, while the other wants to be a dentist in Sao Paulo. This new window to the outside world had left many in the tribe feeling torn. "Some young people maintain our traditions," said TamaSay Marubo, 42, the tribe's first woman leader. "Others just want to spend the whole afternoon on their phones."

Gizmodo reports there's been progress on a male birth-control gel "being developed with the help of several organizations, including the U.S. government's National Institute of Child Health and Human Development, part of the larger NIH." It's now being tested in a larger-scale Phase IIB trial, which involves around 400 couples. [Five milliliters of gel — about a teaspon — is applied to each shoulder blade once a day, reports NBC News.] That trial is still ongoing, but researchers have already begun to pore through some of the available data, which has provided encouraging results. In the summer of 2022, for instance, Diana Blithe, chief of the NICHD's Contraceptive Development Program, reported that the NES/T gel's efficacy rate so far appeared to be on par or even better than contraceptive hormonal options for women...

The findings are still preliminary, and it will take more time for the full Phase II data to be collected and analyzed. But Blithe and her team have been encouraged by everything they've seen to date. In the team's early assessments, the gel appears to be both effective and safe, with minimal side effects for men taking it... Blithe and her colleagues are set to meet with the FDA next year about the steps needed to begin a larger Phase III trial and are still seeking a commercial partner to help bring the NES/T gel to the market.
Initial findings also showed that the contraceptive worked faster than expected, Blithe said, according to NBC News. They add that at least three other companies are also working on male birth control: Also at the Boston conference on Sunday, YourChoice Therapeutics said a very small trial in the U.K. — just 16 men — showed that its nonhormonal pill, YCT-529, was safe and free of side effects. The San Francisco company's nonhormonal pill works by blocking the vitamin A receptor important for male fertility.YourChoice is planning a larger trial, according to CEO Akash Bakshi.

"A Swiss biocomputing startup has launched an online platform that provides remote access to 16 human brain organoids," reports Tom's Hardware: FinalSpark claims its Neuroplatform is the world's first online platform delivering access to biological neurons in vitro. Moreover, bioprocessors like this "consume a million times less power than traditional digital processors," the company says. FinalSpark says its Neuroplatform is capable of learning and processing information, and due to its low power consumption, it could reduce the environmental impacts of computing. In a recent research paper about its developments, FinalSpakr claims that training a single LLM like GPT-3 required approximately 10GWh — about 6,000 times greater energy consumption than the average European citizen uses in a whole year. Such energy expenditure could be massively cut following the successful deployment of bioprocessors.

The operation of the Neuroplatform currently relies on an architecture that can be classified as wetware: the mixing of hardware, software, and biology. The main innovation delivered by the Neuroplatform is through the use of four Multi-Electrode Arrays (MEAs) housing the living tissue — organoids, which are 3D cell masses of brain tissue...interfaced by eight electrodes used for both stimulation and recording... FinalSpark has given access to its remote computing platform to nine institutions to help spur bioprocessing research and development. With such institutions' collaboration, it hopes to create the world's first living processor.
FinalSpark was founded in 2014, according to Wikipedia's page on wetware computing. "While a wetware computer is still largely conceptual, there has been limited success with construction and prototyping, which has acted as a proof of the concept's realistic application to computing in the future."

Thanks to long-time Slashdot reader Artem S. Tashkinov for sharing the article.

The notorious hacker group ShinyHunters has claimed to have breached the security of Ticketmaster-Live Nation, compromising the personal data more than half a billion users. "This massive 1.3 terabytes of data, is now being offered for sale on Breach Forums for a one-time sale for $500,000," reports Hackread. From the report: ShinyHunters has allegedly accessed a treasure trove of sensitive user information, including full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data. Specifically, the compromised payment data includes customer names, the last four digits of card numbers, expiration dates, and even customer fraud details. The data breach, if confirmed, could have severe implications for the affected users, leading to potential identity theft, financial fraud, and further cyber attacks. The hacker group's bold move to put this data on sale goes on to show the growing menace of cybercrime and the increasing sophistication of these cyber adversaries.

An anonymous reader quotes a report from the New York Times: The defense lawyer minced no words as he addressed a room full of plastic-industry executives. Prepare for a wave of lawsuits with potentially "astronomical" costs. Speaking at a conference earlier this year, the lawyer, Brian Gross, said the coming litigation could "dwarf anything related to asbestos," one of the most sprawling corporate-liability battles in United States history. Mr. Gross was referring to PFAS, the "forever chemicals" that have emerged as one of the major pollution issues of our time. Used for decades in countless everyday objects -- cosmetics, takeout containers, frying pans -- PFAS have been linked to serious health risks including cancer. Last month the federal government said several types of PFAS must be removed from the drinking water of hundreds of millions of Americans. "Do what you can, while you can, before you get sued," Mr. Gross said at the February session, according to a recording of the event made by a participant and examined by The New York Times. "Review any marketing materials or other communications that you've had with your customers, with your suppliers, see whether there's anything in those documents that's problematic to your defense," he said. "Weed out people and find the right witness to represent your company."

A wide swath of the chemicals, plastics and related industries are gearing up to fight a surge in litigation related to PFAS, or per- and polyfluoroalkyl substances, a class of nearly 15,000 versatile synthetic chemicals linked to serious health problems. [...] PFAS-related lawsuits have already targeted manufacturers in the United States, including DuPont, its spinoff Chemours, and 3M. Last year, 3M agreed to pay at least $10 billion to water utilities across the United States that had sought compensation for cleanup costs. Thirty state attorneys general have also sued PFAS manufacturers, accusing the manufacturers of widespread contamination. But experts say the legal battle is just beginning. Under increasing scrutiny are a wider universe of companies that use PFAS in their products. This month, plaintiffs filed a class-action lawsuit against Bic, accusing the razor company for failing to disclose that some of its razors contained PFAS. Bic said it doesn't comment on pending litigation, and said it had a longstanding commitment to safety.

The Biden administration has moved to regulate the chemicals, for the first time requiring municipal water systems to remove six types of PFAS. Last month, the Environmental Protection Agency also designated two of those PFAS chemicals as hazardous substances under the Superfund law, shifting responsibility for their cleanup at contaminated sites from taxpayers to polluters. Both rules are expected to prompt a new round of litigation from water utilities, local communities and others suing for cleanup costs. "To say that the floodgates are opening is an understatement," said Emily M. Lamond, an attorney who focuses on environmental litigation at the law firm Cole Schotz. "Take tobacco, asbestos, MTBE, combine them, and I think we're still going to see more PFAS-related litigation," she said, referring to methyl tert-butyl ether, a former harmful gasoline additive that contaminated drinking water. Together, the trio led to claims totaling hundreds of billions of dollars. Unlike tobacco, used by only a subset of the public, "pretty much every one of us in the United States is walking around with PFAS in our bodies," said Erik Olson, senior strategic director for environmental health at the Natural Resources Defense Council. "And we're being exposed without our knowledge or consent, often by industries that knew how dangerous the chemicals were, and failed to disclose that," he said. "That's a formula for really significant liability."

An anonymous reader shares a report: Commercial dot-matrix printing was yet another arena in which the needs of Chinese character I/O were not accounted for. This is witnessed most clearly in the then-dominant configuration of printer heads -- specifically the 9-pin printer heads found in mass-manufactured dot-matrix printers during the 1970s. Using nine pins, these early dot-matrix printers were able to produce low-resolution Latin alphabet bitmaps with just one pass of the printer head. The choice of nine pins, in other words, was "tuned" to the needs of Latin alphabetic script.

These same printer heads were incapable of printing low-resolution Chinese character bitmaps using anything less than two full passes of the printer head, one below the other. Two-pass printing dramatically increased the time needed to print Chinese as compared to English, however, and introduced graphical inaccuracies, whether due to inconsistencies in the advancement of the platen or uneven ink registration (that is, characters with differing ink densities on their upper and lower halves).

Compounding these problems, Chinese characters printed in this way were twice the height of English words. This created comically distorted printouts in which English words appeared austere and economical, while Chinese characters appeared grotesquely oversized. Not only did this waste paper, but it left Chinese-language documents looking something like large-print children's books. When consumers in the Chinese-Japanese-Korean (CJK) world began to import Western-manufactured dot-matrix printers, then, they faced yet another facet of Latin alphabetic bias.

Roughly 160,000 U.S.-based amateur radio enthusiasts belong to the American Radio Relay League, a nonprofit with 100 full-time and part-time staff members.

Nine days ago it announced "that it suffered a cyberattack that disrupted its network and systems," reports BleepingComputer, "including various online services hosted by the organization." "We are in the process of responding to a serious incident involving access to our network and headquarters-based systems. Several services, such as Logbook of The World and the ARRL Learning Center, are affected," explained ARRL in a press release... [T]he ARRL took steps to allay members' concerns about the security of their data, confirming that they do not store credit card information or collect social security numbers.

However, the organization confirmed that its member database contains some private information, including names, addresses, and call signs. While they do not specifically state email addresses are stored in the database, one is required to become a member of the organization.
"The ARRL has not specifically said that its member database has been accessed by hackers," Security Week points out, "but its statement suggests it's possible."

The site adds that it has also "reached out to ARRL to find out if this was a ransomware attack and whether the attackers made any ransom demand."

Thanks to Slashdot reader AzWa Snowbird for sharing the news.

An anonymous reader quotes a report from Ars Technica: Computer pioneer Gordon Bell, who as an early employee of Digital Equipment Corporation (DEC) played a key role in the development of several influential minicomputer systems and also co-founded the first major computer museum, passed away on Friday, according to Bell Labs veteran John Mashey. Mashey announced Bell's passing in a social media post on Tuesday morning. "I am very sad to report [the] death May 17 at age 89 of Gordon Bell, famous computer pioneer, a founder of Computer Museum in Boston, and a force behind the @ComputerHistory here in Silicon Valley, and good friend since the 1980s," wrote Mashey in his announcement. "He succumbed to aspiration pneumonia in Coronado, CA."

Bell was a pivotal figure in the history of computing and a notable champion of tech history, having founded Boston's Computer Museum in 1979, which later became the heart of the Computer History Museum in Mountain View, with his wife Gwen Bell. He was also the namesake of the ACM's prestigious Gordon Bell Prize, created to spur innovations in parallel processing. Bell also mentored at Microsoft in 1995, where he "studied telepresence technologies and served as the subject of the MyLifeBits life-logging project," reports Ars. "The initiative aimed to realize Vannevar Bush's vision of a system that could store all the documents, photos, and audio a person experienced in their lifetime."

Former Windows VP Steven Sinofsky said Bell "was immeasurably helpful at Microsoft where he was a founding advisor and later full time leader in Microsoft Research. He advised and supported countless researchers, projects, and product teams. He was always supportive and insightful beyond words. He never hesitated to provide insights and a few sparks at so many of the offsites that were so important to the evolution of Microsoft."

"His memory is a blessing to so many," added Sinofsky in a post memorializing Bell. "His impact on all of us in technology will be felt for generations. May he rest in peace."

Recent research led by the University of California, Irvine has discovered warm, high-pressure seawater causing significant melting under the Thwaites Glacier in Antarctica. "There are places where the water is almost at the pressure of the overlying ice, so just a little more pressure is needed to push up the ice," said lead author Eric Rignot, UC Irvine professor of Earth system science. "The water is then squeezed enough to jack up a column of more than half a mile of ice." Interesting Engineering reports: A team of glaciologists led by researchers at the University of California, Irvine employed high-resolution satellite radar data to uncover evidence of the warm, high-pressure seawater intrusion beneath the glacier. A statement by the scientists noted that the widespread contact between ocean water and the glacier -- a process replicated throughout Antarctica and in Greenland -- causes "vigorous melting" and may require a reassessment of global sea level rise projections.

In a bid to comprehend the impact of ocean-water interaction on glacial melting, glaciologists examined data collected between March 2023 and June 2023 sourced from Finland's ICEYE commercial satellite mission. These satellites represent a collection that resembles constellations in polar orbit around the planet. They employ InSAR -- interferometric synthetic aperture radar -- to continuously track changes on the Earth's surface. "When we have a continuous time series and compare that with the tidal cycle, we see the seawater coming in at high tide and receding and sometimes going farther up underneath the glacier and getting trapped," said Rignot. "Thanks to ICEYE, we're beginning to witness this tidal dynamic for the first time."

He explained that seawater entering the base of the ice sheet, along with freshwater from geothermal heat and friction, accumulates and needs to flow. This water moves through natural channels or pools in cavities, creating pressure that lifts the ice sheet. Co-author Christine Dow, professor in the Faculty of Environment at the University of Waterloo in Ontario, Canada alluding to the glacier in question said that the Thwaites is the most unstable place in the Antarctic and contains the equivalent of 60 centimeters of sea level rise. The worry is that we are underestimating the speed at which the glacier is changing, which would be devastating for coastal communities around the world. "At the moment we don't have enough information to say one way or the other how much time there is before the oceanwater intrusion is irreversible, says Dow. The study was published in the journal Proceedings of the National Academy of Sciences.

"China's navy has apparently tested out a hypersonic rail gun," reports Futurism, describing it as "basically a device that uses a series of electromagnets to accelerate a projectile to incredible speeds."

But "during a demonstration of its power, things didn't go quite as planned." As the South China Morning Post reports, the rail gun test lobbed a precision-guided projectile — or smart bomb — nine miles into the stratosphere. But because it apparently didn't go up as high as it was supposed to, the test was ultimately declared unsuccessful. This conclusion came after an analysis led by Naval Engineering University professor Lu Junyong, whose team found with the help of AI that even though the winged smart bomb exceeded Mach 5 speeds, it didn't perform as well as it could have. This occurred, as Lu's team found, because the projectile was spinning too fast during its ascent, resulting in an "undesirable tilt."
But what's more interesting is the project itself. "Successful or not, news of the test is a pretty big deal given that it was just a few months ago that reports emerged about China's other proposed super-powered rail gun, which is intended to send astronauts on a Boeing 737-size ship into space.... which for the record did not make it all the way to space..." Chinese officials, meanwhile, are paying lip service to the hypersonic rail gun technology's potential to revolutionize civilian travel by creating even faster railways and consumer space launches, too.
Japan and France also have railgun projects, according to a recent article from Defense One. "Yet the nation that has demonstrated the most continuing interest is China," with records of railgun work dating back as far as 2011: The Chinese team claimed that their railgun can fire a projectile 100 to 200 kilometers at Mach 6. Perhaps most importantly, it uses up to 100,000 AI-enabled sensors to identify and fix any problems before critical failure, and can slowly improve itself over time. This, they said, had enabled them to test-fire 120 rounds in a row without failure, which, if true, suggests that they solved a longstanding problem that reportedly bedeviled U.S. researchers. However, the team still has a ways to go before mounting an operational railgun on a ship; according to one Chinese article, the projectiles fired were only 25mm caliber, well below the size of even lightweight naval artillery.

As with many other Chinese defense technology programs, much remains opaque about the program...

While railguns tend to get the headlines, this lab has made advances in a wide range of electric and electromagnetic applications for the PLA Navy's warships. For example, the lab's research on electromagnetic launch technology has also been applied to the development of electromagnetic catapults for the PLAN's growing aircraft carrier fleet...

While it remains to be seen whether the Chinese navy can develop a full-scale railgun, produce it at scale, and integrate it onto its warships, it is obvious that it has made steady advances in recent years on a technology of immense military significance that the US has abandoned.
Thanks to long-time Slashdot reader Tangential for sharing the news.

Jeremy Allison — Sam (Slashdot reader #8,157) is a Distinguished Engineer at Rocky Linux creator CIQ. This week he published a blog post responding to promises of Linux distros "carefully selecting only the most polished and pristine open source patches from the raw upstream open source Linux kernel in order to create the secure distribution kernel you depend on in your business."

But do carefully curated software patches (applied to a known "frozen" Linux kernel) really bring greater security? "After a lot of hard work and data analysis by my CIQ kernel engineering colleagues Ronnie Sahlberg and Jonathan Maple, we finally have an answer to this question. It's no." The data shows that "frozen" vendor Linux kernels, created by branching off a release point and then using a team of engineers to select specific patches to back-port to that branch, are buggier than the upstream "stable" Linux kernel created by Greg Kroah-Hartman. How can this be? If you want the full details the link to the white paper is here. But the results of the analysis couldn't be clearer.

- A "frozen" vendor kernel is an insecure kernel. A vendor kernel released later in the release schedule is doubly so.

- The number of known bugs in a "frozen" vendor kernel grows over time. The growth in the number of bugs even accelerates over time.

- There are too many open bugs in these kernels for it to be feasible to analyze or even classify them....

[T]hinking that you're making a more secure choice by using a "frozen" vendor kernel isn't a luxury we can still afford to believe. As Greg Kroah-Hartman explicitly said in his talk "Demystifying the Linux Kernel Security Process": "If you are not using the latest stable / longterm kernel, your system is insecure."
CIQ describes its report as "a count of all the known bugs from an upstream kernel that were introduced, but never fixed in RHEL 8." For the most recent RHEL 8 kernels, at the time of writing, these counts are: RHEL 8.6 : 5034 RHEL 8.7 : 4767 RHEL 8.8 : 4594

In RHEL 8.8 we have a total of 4594 known bugs with fixes that exist upstream, but for which known fixes have not been back-ported to RHEL 8.8. The situation is worse for RHEL 8.6 and RHEL 8.7 as they cut off back-porting earlier than RHEL 8.8 but of course that did not prevent new bugs from being discovered and fixed upstream....

This whitepaper is not meant as a criticism of the engineers working at any Linux vendors who are dedicated to producing high quality work in their products on behalf of their customers. This problem is extremely difficult to solve. We know this is an open secret amongst many in the industry and would like to put concrete numbers describing the problem to encourage discussion. Our hope is for Linux vendors and the community as a whole to rally behind the kernel.org stable kernels as the best long term supported solution. As engineers, we would prefer this to allow us to spend more time fixing customer specific bugs and submitting feature improvements upstream, rather than the endless grind of backporting upstream changes into vendor kernels, a practice which can introduce more bugs than it fixes.
ZDNet calls it "an open secret in the Linux community." It's not enough to use a long-term support release. You must use the most up-to-date release to be as secure as possible. Unfortunately, almost no one does that. Nevertheless, as Google Linux kernel engineer Kees Cook explained, "So what is a vendor to do? The answer is simple: if painful: Continuously update to the latest kernel release, either major or stable." Why? As Kroah-Hartman explained, "Any bug has the potential of being a security issue at the kernel level...."

Although [CIQ's] programmers examined RHEL 8.8 specifically, this is a general problem. They would have found the same results if they had examined SUSE, Ubuntu, or Debian Linux. Rolling-release Linux distros such as Arch, Gentoo, and OpenSUSE Tumbleweed constantly release the latest updates, but they're not used in businesses.
Jeremy Allison's post points out that "the Linux kernel used by Android devices is based on the upstream kernel and also has a stable internal kernel ABI, so this isn't an insurmountable problem..."

Ars Technica looks at what happened after Google's answer to Amazon's cloud service "accidentally deleted a giant customer account for no reason..."

"[A]ccording to UniSuper's incident log, downtime started May 2, and a full restoration of services didn't happen until May 15." UniSuper, an Australian pension fund that manages $135 billion worth of funds and has 647,000 members, had its entire account wiped out at Google Cloud, including all its backups that were stored on the service... UniSuper's website is now full of must-read admin nightmare fuel about how this all happened. First is a wild page posted on May 8 titled "A joint statement from UniSuper CEO Peter Chun, and Google Cloud CEO, Thomas Kurian...." Google Cloud is supposed to have safeguards that don't allow account deletion, but none of them worked apparently, and the only option was a restore from a separate cloud provider (shoutout to the hero at UniSuper who chose a multi-cloud solution)... The many stakeholders in the service meant service restoration wasn't just about restoring backups but also processing all the requests and payments that still needed to happen during the two weeks of downtime.

The second must-read document in this whole saga is the outage update page, which contains 12 statements as the cloud devs worked through this catastrophe. The first update is May 2 with the ominous statement, "You may be aware of a service disruption affecting UniSuper's systems...." Seven days after the outage, on May 9, we saw the first signs of life again for UniSuper. Logins started working for "online UniSuper accounts" (I think that only means the website), but the outage page noted that "account balances shown may not reflect transactions which have not yet been processed due to the outage...." May 13 is the first mention of the mobile app beginning to work again. This update noted that balances still weren't up to date and that "We are processing transactions as quickly as we can." The last update, on May 15, states, "UniSuper can confirm that all member-facing services have been fully restored, with our retirement calculators now available again."

The joint statement and the outage updates are still not a technical post-mortem of what happened, and it's unclear if we'll get one. Google PR confirmed in multiple places it signed off on the statement, but a great breakdown from software developer Daniel Compton points out that the statement is not just vague, it's also full of terminology that doesn't align with Google Cloud products. The imprecise language makes it seem like the statement was written entirely by UniSuper.
Thanks to long-time Slashdot reader swm for sharing the news.

An anonymous reader quotes a report from TechCrunch: Hyundai has agreed to spend nearly $1 billion on Motional, an investment that will give the automaker a majority stake while providing the self-driving startup with the necessary capital to keep operating. The Korean automaker invested $475 million directly into Motional as part of a broader deal that includes buying out joint venture partner Aptiv. As part of the deal, Hyundai will spend another $448 million to buy 11% of Aptiv's common equity interest in Motional, according to information revealed Thursday in Aptiv's first-quarter earnings report.

Aptiv also shared that it expects to reduce its common equity interest in Motional from 50% as of March 31 to about 15%, leaving Hyundai with the remaining 85% control. Aptiv Chairman and CEO Kevin Clark flagged in January that the company would reduce its ownership interest in Motional. The company said at the time that it would stop allocating capital towards Motional due to the high cost of commercializing a robotaxi business and the long road ahead to profits. Aptiv on Thursday reduced its full-year net sales forecast for 2024 to be between $20.85 billion and $21.45 billion, down from between $21.3 billion to $21.9 billion. Motional confirmed the new funding round and increased stake from Hyundai, but didn't confirm Aptiv's numbers. Hyundai, however, said the amounts listed in Aptiv's earnings report were accurate. "Motional started as Boston-based autonomous vehicle startup nuTonomy in 2013, before being acquired by Delphi for $450 million," reports TechCrunch. "Delphi would later split it's business with the Aptiv unit absorbing nuTonomy. The entity became Motional under a $4 billion Hyundai-Aptiv joint venture in 2019."

"While it's clear from Aptiv's earnings report that the company is trying to manage risks and optimize finances amid a less positive outlook, the company's retreat, and Hyundai's step forward, raises questions about Motional's future."

An anonymous reader shares a column: When Apple CEO Tim Cook and a bunch of his deputies take the virtual stage next week to announce new iPads, they're going to spend a lot of time talking about specs. If the rumors are true, we're going to get new iPad Pros with OLED screens and thinner bodies, new Airs with faster chips and a correctly placed front camera, and a couple of new accessories. Before they even launch, I feel confident telling you these are the best iPads ever. But after all these years, I still don't know how to tell you whether you should want an iPad. Or what you'd want to do with it.

This has been true forever, of course. The iPad is the jack-of-all-trades in Apple's lineup, a terrific device in many ways that still feels increasingly redundant now that so many people have big phones and long-lasting laptops. Apple seems to have spent the last decade-plus enamored with the idea of the iPad as a shapeshifter -- a device that can be exactly what you need at any given time. The company loves that the iPad's use case is hard to pin down, that it means different things to different people. It's a fun, good, ambitious idea: The One Gadget To Rule Them All. The way to make that happen, though, is not to upgrade the chips or move the buttons or redesign the rounded corners. It's to focus less on the iPad itself and more on the things you attach to it.

[...] The iPad is a screen and a processor, and everything else should be an add-on for whenever you need it. Give the gamers a controller and an external GPU. Give the music lovers a speaker dock, and give the smart home fanatics a bunch of buttons that connect to various devices. The photographers need lenses; the spreadsheeters need a keyboard with function keys. The Pencil and the Magic Keyboard are a start, but Apple needs to do much more. The company needs to spend less time worrying about the iPad itself -- a device famous for how long it lasts and that hardly anyone is using to its full potential -- and more time on how to make it more than just a tablet. (Plus, bonus for Apple: it's going to be a lot easier to get people to buy accessories than to convince them to upgrade their iPad when they don't need to.)

Jules Roscoe reports via 404 Media: Russia has replaced Wikipedia with a state-sponsored encyclopedia that is a clone of the original Russian Wikipedia but which conveniently has been edited to omit things that could cast the Russian government in poor light. Real Russian Wikipedia editors used to refer to the real Wikipedia as Ruwiki; the new one is called Ruviki, has "ruwiki" in its url, and has copied all Russian-language Wikipedia articles and strictly edited them to comply with Russian laws. The new articles exclude mentions of "foreign agents," the Russian government's designation for any person or entity which expresses opinions about the government and is supported, financially or otherwise, by an outside nation. [...]

Wikimedia RU, the Russian-language chapter of the non-profit that runs Wikipedia, was forced to shut down in late 2023 amid political pressure due to the Ukraine war. Vladimir Medeyko, the former head of the chapter who now runs Ruviki, told Novaya Gazeta Europe in July that he believed Wikipedia had problems with "reliability and neutrality." Medeyko first announced the project to copy and censor the 1.9 million Russian-language Wikipedia articles in June. The goal, he said at the time, was to edit them so that the information would be "trustworthy" as a source for all Russian users. Independent outlet Bumaga reported in August that around 110 articles about the war in Ukraine were missing in full, while others were severely edited. Ruviki also excludes articles about reports of torture in prisons and scandals of Russian government representatives. [...]

Graphic designer Constantine Konovalov calculated the number of characters changed between Wikipedia RU and Ruviki articles on the same topics, and found that there were 205,000 changes in articles about freedom of speech; 158,000 changes in articles about human rights; 96,000 changes in articles about political prisoners; and 71,000 changes in articles about censorship in Russia. He wrote in a post on X that the censorship was "straight out of a 1984 novel." Interestingly, the Ruviki article about George Orwell's 1984 entirely omits the Ministry of Truth, which is the novel's main propaganda outlet concerned with governing "truth" in the country.

RockDoctor (Slashdot reader #15,477) wants to tell you about a "new" star that will be visible to the naked eye — without a telescope — sometime before September: By "star", I do not mean "comet", "meteorite" or "firefly", but genuine [star] photons arriving here after about 3000 years in flight, causing your eyes to see a bright point on the nighttime sky. When it happens, the star will go from needing-a- telescope-or-good-binoculars-to-see, to being the 50th (or even 30th) brightest star in the sky.

For a week or so. Of course, it could just go full-on supernova, and be visible in daylight for a few weeks, and dominate the night sky for months. But that's unlikely.
Named "T Corona Borealis" (because it's the 20th variable star studied in the constellation "Corona Borealis") it's now visible all night, all year, for about 60% of the world's population (although normally you need binoculars to see it).

But RockDoctor writes that in 2016, "T CrB" (as it is known) has started showing "a similar pattern of changes" to what happened in the late 1930s when it became one of only 10 "recurring nova" known to science: In 2023, the pattern continued and the match of details got better. The star is expected to undergo another "eruption" — becoming one of the brightest few stars in the sky, within the next couple of months. Maybe the next couple of weeks. Maybe the next couple of hours....

Last week, astrophysicist Dr Becky Smethurst posted on the expected event in her monthly "Night Sky News" video blog. If you prefer your information in text not video, the AAVSO (variable star observers) posted a news alert for it's observers a while ago. They also hosted a seminar on the star, and why it's eruption is expected Real Soon Now, which is also on YouTube. A small selection of recent papers on the subject are posted here, which also includes information on how to get the most up-to-date brightness readings (unless you're a HST / JWST / Palomar / Hawai`i / Chile telescope operator). Yes, the "big guns" of astronomy have prepared their "TOO — Target Of Opportunity" plans, and will be dropping normal observations really quickly when the news breaks and slewing TOO the target.

You won't need your eclipse glasses for this. (Dr Becky's video covers where you can send them for re-use.) But you might want to photograph the appropriate part of the sky so you'll notice when the bomb goes off. Bomb? Did I say that the best model for what is happening is a thermonuclear explosion like a H-bomb the size of the Earth detonating? Well, that's the best analogue.
This CNN article includes a nice animation from NASA illustrating the multi-star interaction that's causing the event: The stars in the orbiting pair are close enough to each other that they interact violently. The red giant becomes increasingly unstable over time as it heats up, casting off its outer layers that land as matter on the white dwarf star. The exchange of matter causes the atmosphere of the white dwarf to gradually heat until it experiences a "runaway thermonuclear reaction," resulting in a nova [according to NASA]...

The NASAUniverse account on X, formerly known as Twitter, will provide updates about the outburst and its appearance.
The BBC reiterates the key data points — that "The rare cosmic event is expected to take place sometime before September 2024. When it occurs it will likely be visible to the naked eye. No expensive telescope will be needed to witness this cosmic performance, says NASA."