Anthropic researcher Nicholas Carlini set 16 instances of Claude Opus 4.6 loose on a shared codebase over two weeks to build a C compiler from scratch, and the AI agents produced a 100,000-line Rust-based compiler capable of building a bootable Linux 6.9 kernel on x86, ARM and RISC-V architectures.

The project ran through nearly 2,000 Claude Code sessions and cost about $20,000 in API fees. Each instance operated inside its own Docker container, independently claiming tasks via lock files and pushing completed code to a shared Git repository. No orchestration agent directed traffic. The compiler achieved a 99% pass rate on the GCC torture test suite and can compile major open source projects including PostgreSQL, SQLite, Redis, FFmpeg and Doom. But it lacks a 16-bit x86 backend and calls out to GCC for that step, its assembler and linker remain buggy, and it produces less efficient code than GCC running with all optimizations disabled.

Carlini also invested significant effort building test harnesses and feedback systems to keep the agents productive, and the model hit a practical ceiling at around 100,000 lines as bug fixes and new features frequently broke existing functionality.

Meta has agreed to acquire viral AI agent startup Manus, "a Singapore-based AI startup that's become the talk of Silicon Valley since it materialized this spring with a demo video so slick it went instantly viral," reports TechCrunch. "The clip showed an AI agent that could do things like screen job candidates, plan vacations, and analyze stock portfolios. Manus claimed at the time that it outperformed OpenAI's Deep Research." From the report: By April, just weeks after launch, the early-stage firm Benchmark led a $75 million funding round that assigned Manus a post-money valuation of $500 million. General partner Chetan Puttagunta joined the board. Per Chinese media outlets, some other big-name backers had already invested in Manus at that point, including Tencent, ZhenFund, and HSG (formerly known as Sequoia China) via an earlier $10 million round.

Though Bloomberg raised questions when Manus started charging $39 or $199 a month for access to its AI models (the outlet noted the pricing seemed "somewhat aggressive... for a membership service still in a testing phase,") the company recently announced it had since signed up millions of users and crossed $100 million in annual recurring revenue. That's when Meta started negotiating with Manus, according to the WSJ, which says Meta is paying $2 billion -- the same valuation Manus was seeking for its next funding round.

For Zuckerberg, who has staked Meta's future on AI, Manus represents something new: an AI product that's actually making money (investors have grown increasingly twitchy about Meta's $60 billion infrastructure spending spree). Meta says it'll keep Manus running independently while weaving its agents into Facebook, Instagram, and WhatsApp, where Meta's own chatbot, Meta AI, is already available to users.

Researchers have unveiled two new hardware-based attacks, Battering RAM and Wiretap, that break Intel SGX and AMD SEV-SNP trusted enclaves by exploiting deterministic encryption and physical interposers. Ars Technica reports: In the age of cloud computing, protections baked into chips from Intel, AMD, and others are essential for ensuring confidential data and sensitive operations can't be viewed or manipulated by attackers who manage to compromise servers running inside a data center. In many cases, these protections -- which work by storing certain data and processes inside encrypted enclaves known as TEEs (Trusted Execution Enclaves) -- are essential for safeguarding secrets stored in the cloud by the likes of Signal Messenger and WhatsApp. All major cloud providers recommend that customers use it. Intel calls its protection SGX, and AMD has named it SEV-SNP.

Over the years, researchers have repeatedly broken the security and privacy promises that Intel and AMD have made about their respective protections. On Tuesday, researchers independently published two papers laying out separate attacks that further demonstrate the limitations of SGX and SEV-SNP. One attack, dubbed Battering RAM, defeats both protections and allows attackers to not only view encrypted data but also to actively manipulate it to introduce software backdoors or to corrupt data. A separate attack known as Wiretap is able to passively decrypt sensitive data protected by SGX and remain invisible at all times.

Facing mounting competition from autonomous taxi services like Waymo, Uber is in early talks to help fund Travis Kalanick's potential acquisition of Pony.ai's U.S. subsidiary (source paywalled; alternative source). If completed, the deal would reunite Kalanick with Uber (now under CEO Dara Khosrowshahi) and position Pony.ai to operate independently of its Chinese parent amid rising U.S. regulatory pressures. The New York Times reports: The company, Pony.ai, was founded in Silicon Valley in 2016 but has its main presence in China, and has permits to operate robot taxis and trucks in the United States and China. The talks are preliminary, said the people, who were not authorized to speak about the confidential conversations. Mr. Kalanick will run Pony if the deal is completed, they said. It is unclear what role, if any, Uber would take in Pony as an investor. Financial details of the potential transaction could not be determined. Pony went public last year in the United States, raising $260 million in a share sale. Its market capitalization stands around $4.5 billion.

If the deal goes through, Mr. Kalanick, 48, will remain in his day job running CloudKitchens, a virtual restaurant start-up that he founded after leaving Uber in 2017. He would also work more closely with Dara Khosrowshahi, who took over as Uber's chief executive after Mr. Kalanick's ouster. The discussions are the starkest sign yet that Uber is under pressure from Waymo, the driverless car unit spun out of Google, and other autonomous car services. When Mr. Kalanick was Uber's chief executive, the company tried developing autonomous vehicle technology. It then bought Otto, a self-driving trucking start-up run by Anthony Levandowski, a former Google engineer. Google later sued Mr. Levandowski for theft of trade secrets and sued Uber to bar it from using its self-driving technology.

Under Mr. Khosrowshahi, Uber has taken a different tack to self-driving cars. The company has struck roughly 18 partnerships with autonomous vehicle companies like Wayve, May Mobility and WeRide to bring pilot programs for driverless car services into Europe, the Middle East and Asia. The goal, Mr. Khosrowshahi has said in podcast interviews, has been to put "as many cars on Uber's network as possible." He has maintained that while autonomous vehicles are growing steadily, ride-hailing networks will have both human and robot drivers for years.

Announced in an internal memo from Microsoft CEO Satya Nadella, LinkedIn CEO Ryan Roslansky has been appointed to also lead the Office, Outlook, and Microsoft 365 Copilot teams as part of an internal AI reorganization. Roslansky will report to Rajesh Jha for Office while continuing to run LinkedIn independently under Nadella. The Verge reports: "LinkedIn remains a top priority and will continue to operate as an independent subsidiary," says Nadella in his memo. "This move brings us closer to the original vision we laid out nine years ago with the LinkedIn acquisition: connecting the world's economic graph with the Microsoft Graph. And I look forward to how Ryan will bring his product ethos and leadership to entertainment and devices." Sumit Chauhan and Gaurav Sareen, senior executives in the Office and Microsoft 365 teams, will remain on the entertainment and devices leadership team, but along with their teams they'll join Jon Friedman and the UX team to work directly for Roslansky.

Charles Lamanna and his BIC team are also moving to report to Rajesh Jha as part of an AI shakeup. "Charles has consistently kept us focused on what it takes to win in business applications and the agent layer, and I look forward to the impact he and his team will have in entertainment and devices," says Nadella. In a separate memo, Lamanna also announced that starting July 2nd Lili Cheng will take on the newly expanded role of CTO of the BIC team. Dan Lewis is also taking on the role of corporate vice president of Copilot Studio. "We are poised to reinvent every role and every business process, and start to reimagine organizations as composed of people and agents," says Lamanna in an internal memo.

Both the Lamanna and Roslansky moves are very interesting, as the business Copilot team and Microsoft 365 Copilot team have been in separate parts of Microsoft's sprawling AI and cloud teams up until this point. This has led to a situation where nobody really owns Copilot all up inside Microsoft, but now the separate leaders of Microsoft 365 Copilot and the business Copilot teams now both report to Rajesh Jha. The consumer Copilot will still be run by Microsoft AI CEO Mustafa Suleyman.

An anonymous reader quotes a report from TechCrunch: The newest online-only school greenlighted (PDF) by the Arizona State Board for Charter Schools comes with a twist: The academic curriculum will be taught entirely by AI. Charter schools -- independently operated but publicly funded -- typically get greater autonomy compared to traditional public schools when it comes to how subjects are taught. But Unbound Academy's application, which proposes an "AI-driven adaptive learning technology" that "condenses academic instruction into a two-hour window," is a first for the model. (Unbound's founders have been running a similar program at a "high-end private school" in Texas, which appears to be in-person.)

Unbound's approach leans on edtech platforms like IXL and Khan Academy, and students engage with "interactive, AI-powered platforms that continuously adjust to their individual learning pace and style." There will be humans, just fewer of them, and maybe not actual accredited teachers: It will adopt a "human-in-the-loop" approach with "skilled guides" monitoring progress who can provide "targeted interventions" and coaching for each student. Academic instruction is whittled down to just two hours. The remainder of the students' day will include "life-skills workshops" covering areas such as critical thinking, creative problem-solving, financial literacy, public speaking, goal setting, and entrepreneurship. The online-only school targets students from fourth to eighth grades.

Launched in 2013, itch.io lets users host and sell indie video games online — now offering more than 200,000 — as well as other digital content like music and comics. But then someone uploaded a page based on a major videogame title, according to Game Rant. And somehow this provoked a series of overreactions and missteps that eventually knocked all of itch.io offline for several hours...

The page was about the first release from game developer 10:10 — their game Funko Fusion, which features characters in the style of Funko's long-running pop-culture bobbleheads. As a major brand, Funko monitors the web with a "brand protection" partner (named BrandShield). Interestingly, BrandShield's SaaS product "leverages AI-driven online brand protection," according to their site, to "detect and remove" things like brand impersonations "with over 98% success. Our advanced takedown capabilities save you time..." (Although BrandShield's CEO told the Verge that following AI reports "our team of Cybersecurity Threat hunters and IP lawyers decide on what actions should be taken.") This means that after automatically spotting the itch.io page with its web-crawling software, it was BrandShield's "team of Cybersecurity Threat hunters and IP lawyers" who decided to take action (for that specific page). But itch.io founder Leaf Corcoran commented on social media: From what I can tell, some person made a fan page for an existing Funko Pop video game (Funko Fusion), with links to the official site and screenshots of the game. The BrandShield software is probably instructed to eradicate all "unauthorized" use of their trademark, so they sent reports independently to our host and registrar claiming there was "fraud and phishing" going on, likely to cause escalation instead of doing the expected DMCA/cease-and-desist. Because of this, I honestly think they're the malicious actor in all of this.
Corcoran says he replied to both his registrar (iwantmyname) and to his site's host, telling them he'd removed the offending page (and disabled its uploader's account). This satisfied his host, Corcoran writes — but the registrar's owner later told him they'd never received his reply.

"And that's why they took the domain down."

In an interview with Polygon, Corcoran points out that the web page in question had already been dealt with five days before his registrar offlined his entire site. "No communication after that.... No 'We haven't heard from you, we're about to shut your domain down' or anything like that."

Defending themselves over the incident, BrandShield posted on X.com that they'd identified an "infringement" (also calling it an "abuse"), and that they'd requested "a takedown of the URL in question — not of the entire itch.io domain." They don't say this, but it seems like their concern might've been that the page looked official enough to impersonate Funko Fusion. But X.com readers added this context. "Entire domains do not go down on the basis of a copyright takedown request of an individual URL. This is the direct result of a fraudulent claim of malicious activity."

And Corcoran also posted an angry summation on X.com: I kid you not, @itchio has been taken down by @OriginalFunko because they use some trash "AI Powered" Brand Protection Software called @BrandShieldltd that created some bogus Phishing report to our registrar, @iwantmyname, who ignored our response and just disabled the domain.
The next day Funko's official account on X.com also issued their own statement that they "hold a deep respect and appreciation for indie games, indie gamers, and indie developers." (Though "Added Context" from X.com readers notes Funko's statement still claimed a "takedown request" was issued, rather than what Corcoran says was a false "fraud and phishing" report.)

Funko.com also posted that they'd "reached out" to itch.io "to engage with them on this issue." But this just led to another angry post from Corcoran. "This is not a joke, Funko just called my mom." Cocoran then posted what looks like a screenshot of a text message his mother sent him. Though she doesn't say which company was involved, his mother's text says she "Got a strange call from a company about accusatory statements on your social media account. Call me..."

Thanks to ewhac (Slashdot reader #5,844) for sharing the news.

Google's long-running project to split up ChromeOS and its Chrome browser is currently in beta and should be live in the stable channel later this month. The flags that turn on the feature by default were spotted by Kevin Tofel from About Chromebooks. Ars Technica reports: The project is called "Lacros" which Google says stands for "Linux And ChRome OS." This will split ChromeOS's Linux OS from the Chrome browser, allowing Google to update each one independently. Google documentation on the project says, "On Chrome OS, the system UI (ash window manager, login screen, etc.) and the web browser are the same binary. Lacros separates this functionality into two binaries, henceforth known as ash-chrome (system UI) and lacros-chrome (web browser)." Part of the project involves sprucing up the ChromeOS OS, and Google's docs say, "Lacros can be imagined as 'Linux chrome with more Wayland support.'"

On the browser side, ChromeOS would stop using the bespoke Chrome browser for ChromeOS and switch to the Chrome browser for Linux. The same browser you get on Ubuntu would now ship on ChromeOS. In the past, turning on Lacros in ChromeOS would show both Chrome browsers, the outgoing ChromeOS one and the new Linux one. Lacros has been in development for around two years and can be enabled via a Chrome flag. Tofel says his 116 build no longer has that flag since it's the default now. Google hasn't officially confirmed this is happening, but so far, the code is headed that way.

"A group of researchers at Stanford University and Google have created a miniature RPG-style virtual world similar to The Sims," writes Ars Technica, "where 25 characters, controlled by ChatGPT and custom code, live out their lives independently with a high degree of realistic behavior." "Generative agents wake up, cook breakfast, and head to work; artists paint, while authors write; they form opinions, notice each other, and initiate conversations; they remember and reflect on days past as they plan the next day," write the researchers in their paper... To pull this off, the researchers relied heavily on a large language model for social interaction, specifically the ChatGPT API. In addition, they created an architecture that simulates minds with memories and experiences, then let the agents loose in the world to interact.... To study the group of AI agents, the researchers set up a virtual town called "Smallville," which includes houses, a cafe, a park, and a grocery store.... Interestingly, when the characters in the sandbox world encounter each other, they often speak to each other using natural language provided by ChatGPT. In this way, they exchange information and form memories about their daily lives.

When the researchers combined these basic ingredients together and ran the simulation, interesting things began to happen. In the paper, the researchers list three emergent behaviors resulting from the simulation. None of these were pre-programmed but rather resulted from the interactions between the agents. These included "information diffusion" (agents telling each other information and having it spread socially among the town), "relationship memory" (memory of past interactions between agents and mentioning those earlier events later), and "coordination" (planning and attending a Valentine's Day party together with other agents).... "Starting with only a single user-specified notion that one agent wants to throw a Valentine's Day party," the researchers write, "the agents autonomously spread invitations to the party over the next two days, make new acquaintances, ask each other out on dates to the party, and coordinate to show up for the party together at the right time...."

To get a look at Smallville, the researchers have posted an interactive demo online through a special website, but it's a "pre-computed replay of a simulation" described in the paper and not a real-time simulation. Still, it gives a good illustration of the richness of social interactions that can emerge from an apparently simple virtual world running in a computer sandbox.
Interstingly, the researchers hired human evaluators to gauge how well the AI agents produced believable responses — and discovered they were more believable than when supplied their own responses.

Thanks to long-time Slashdot reader Baron_Yam for sharing the article.

Microsoft has once again been caught allowing its legitimate digital certificates to sign malware in the wild, a lapse that allows the malicious files to pass strict security checks designed to prevent them from running on the Windows operating system. ArsTechnica: Multiple threat actors were involved in the misuse of Microsoft's digital imprimatur, which they used to give Windows and endpoint security applications the impression malicious system drivers had been certified as safe by Microsoft. That has led to speculation that there may be one or more malicious organizations selling malicious driver-signing as a service. In all, researchers have identified at least nine separate developer entities that abused the certificates in recent months.

The abuse was independently discovered by four third-party security companies, which then privately reported it to Microsoft. On Tuesday, during Microsoft's monthly Patch Tuesday, the company confirmed the findings and said it has determined the abuse came from several developer accounts and that no network breach has been detected. The software maker has now suspended the developer accounts and implemented blocking detections to prevent Windows from trusting the certificates used to sign the compromised certificates. "Microsoft recommends that all customers install the latest Windows updates and ensure their anti-virus and endpoint detection products are up to date with the latest signatures and are enabled to prevent these attacks," company officials wrote.

An anonymous reader quotes a report from ZDNet: Microsoft's Windows Subsystem for Linux (WSL) for running GNU/Linux environments on Windows 10 and Windows 11 has reached version 1.0.0 and is now generally available. Microsoft has been building WSL, including its own custom Linux kernel, for several years now. At first, WSL and WSL2 were an optional component within Windows, but last October Microsoft made the preview WSL available in the Microsoft Store as a separate app. The Store version could deliver users -- mostly developers and IT pros -- faster updates and features independently of updates to Windows.

As well as WSL shedding the "preview" label, Microsoft is making the WSL app from the Store the default for new users. As Microsoft noted last October at the release of Windows 11, the long term plan was to move WSL users to the Store version. However, Windows 11 still supported the "inbox version" of WSL while it continued developing the Store version. With this release, Microsoft is backporting WSL functionality to Windows 10 and 11 to make the Store version of WSL the default experience. The latest backport is available to "seekers" who click "Check for Updates" in Windows Settings, but in mid-December it will be pushed automatically to devices. The updates are available for Windows 10 version 21H1, 21H2, or 22H2, or on Windows 11 21H2 with all of the November updates applied.

Microsoft detailed a number of changes to commands now that the Store version of WSL is the default version, noting "wsl.exe --install will now automatically install the Store version of WSL, and will no longer enable the "Windows Subsystem for Linux" optional component, or install the WSL kernel or WSLg MSI packages as they are no longer needed." The virtual machine platform optional component will still be enabled, and by default Ubuntu will still be installed. One of the main new additions to WSL 1.0 is that users can opt in to support for systemd, the at-one-point maligned Linux system and service manager, which runs by default in several Linux distros, including Ubuntu and Debian. Also, Windows 10 users can use Linux GUI apps, a capability that was previously exclusive to Windows 11 users.

An anonymous reader quotes a report from Ars Technica: Following in the footsteps of iOS 14, Google is rolling out an app privacy section to the Play Store on Tuesday. When you look up an app on the Play Store, alongside sections like "About this app" and "ratings and reviews," there will be a new section called "Data privacy & security," where developers can explain what data they collect. Note that while the section will be appearing for users starting today, it might not be filled out by developers. Google's deadline for developers to provide privacy information is July 20. Even then, all of this privacy information is provided by the developer and is essentially working on the honor system.

Here's how Google describes the process to developers: "You alone are responsible for making complete and accurate declarations in your app's store listing on Google Play. Google Play reviews apps across all policy requirements; however, we cannot make determinations on behalf of the developers of how they handle user data. Only you possess all the information required to complete the Data safety form. When Google becomes aware of a discrepancy between your app behavior and your declaration, we may take appropriate action, including enforcement action."

Once the section is up and running, developers will be expected to list what data they're collecting, why they're collecting it, and who they're sharing it with. The support page features a big list of data types for elements like "location," "personal info," "financial info," "web history," "contacts," and various file types. Developers are expected to list their data security practices, including explaining if data is encrypted in transit and if users can ask for data to be deleted. There's also a spot for "Google Play's Families Policy" compliance, which is mostly just a bunch of US COPPA and EU GDPR requirements. Google says developers can also indicate if their app has "been independently validated against a global security standard."

What happened after a New Hampshire state representative proposed legislation either encouraging or requiring free software in much of the state government? The Concord Monitor writes, "It's been three decades since Linux launched the modern world of free, open-source software, but you'd hardly have known that at a state legislative hearing Tuesday. One bill (HB 1273) from Eric Gallager, a Concord Democrat, is a sweeping effort that not only establishes a committee to study "replacing all proprietary software used by state agencies with free software" but also does such things as limit non-compete clauses that conflict with open-source development and forbid Javascript in state government websites. The other bill (HB 1581) from Lex Berezhny, a Grafton Republican, would reinstate a requirement that state agencies must use open-source software when it is "the most effective software solution." That requirement existed in state law from 2012 to 2018, he said.

Gallager said the two bills were developed separately. "The fact that you've got people in both parties thinking about this issue independently shows there is a wide range of support for it," he said.

The Executive Department and Administration committee sent both bills to subcommittee.
But what's interesting is the arguments that were made — both for and against: Tuesday's hearing drew the state's most prominent free software advocate, Jon Hall, a programmer whose legacy in the field dates back three decades... Among his arguments, Hall said that studies have shown that free and open-source software is cheaper in the long run than software from Microsoft or other vendors because you don't have to buy regular licenses or be forced into software upgrades or have to ditch equipment like printers because they are no longer supported. Even when free and open-source software has higher costs due to training, he said, those costs have benefits. "Where does the money that you spend go? You can send millions of dollars to Redmond (Washington, home of Microsoft) or Silicon Valley, or pay local software developers," Hall argued.

On the other hand, Denis Goulet, commissioner of the Department of Information Technology, said Gallager's bill would put large and hard-to-quantify costs onto the state. "It would take a year, two years, to figure out what it would cost" due to training on new systems, he told the committee. "It wouldn't be small." Goulet, who opposed Gallager's bill and did not speak on Berezhny's, said the state already uses open-source systems as appropriate, pointing to its web content management system.

"I estimate 85 percent of systems contained one or more open-source libraries," he said.
The lead developer and founder of Libreboot tweeted video of the hearing, where you can also hear the first opponent of the legislation — state representative Stephen Pearson.

Click here to read some of the highlights from Tuesday's hearing:

Executives at the social network have clashed over CrowdTangle, a Facebook-owned data tool that revealed users' high engagement levels with right-wing media sources. From a report: One day in April, the people behind CrowdTangle, a data analytics tool owned by Facebook, learned that transparency had limits. Brandon Silverman, CrowdTangle's co-founder and chief executive, assembled dozens of employees on a video call to tell them that they were being broken up. CrowdTangle, which had been running quasi-independently inside Facebook since being acquired in 2016, was being moved under the social network's integrity team, the group trying to rid the platform of misinformation and hate speech. Some CrowdTangle employees were being reassigned to other divisions, and Mr. Silverman would no longer be managing the team day to day. The announcement, which left CrowdTangle's employees in stunned silence, was the result of a yearlong battle among Facebook executives over data transparency, and how much the social network should reveal about its inner workings. On one side were executives, including Mr. Silverman and Brian Boland, a Facebook vice president in charge of partnerships strategy, who argued that Facebook should publicly share as much information as possible about what happens on its platform -- good, bad or ugly.

On the other side were executives, including the company's chief marketing officer and vice president of analytics, Alex Schultz, who worried that Facebook was already giving away too much. They argued that journalists and researchers were using CrowdTangle, a kind of turbocharged search engine that allows users to analyze Facebook trends and measure post performance, to dig up information they considered unhelpful -- showing, for example, that right-wing commentators like Ben Shapiro and Dan Bongino were getting much more engagement on their Facebook pages than mainstream news outlets. These executives argued that Facebook should selectively disclose its own data in the form of carefully curated reports, rather than handing outsiders the tools to discover it themselves. Team Selective Disclosure won, and CrowdTangle and its supporters lost. An internal battle over data transparency might seem low on the list of worthy Facebook investigations. But the CrowdTangle story is important, because it illustrates the way that Facebook's obsession with managing its reputation often gets in the way of its attempts to clean up its platform. And it gets to the heart of one of the central tensions confronting Facebook in the post-Trump era. The company, blamed for everything from election interference to vaccine hesitancy, badly wants to rebuild trust with a skeptical public. But the more it shares about what happens on its platform, the more it risks exposing uncomfortable truths that could further damage its image.

NortonLifelock has added the ability to mine Ethereum cryptocurrency directly within its Norton 360 antivirus program as a way to "protect" users from malicious mining software. BleepingComputer reports: This new mining feature is called 'Norton Crypto' and will be rolling out tomorrow to Norton 360 users enrolled in Norton's early adopter program. When Norton Crypto is enabled, the software will use the device's graphics card (GPU) to mine for Ethereum, which will then be transferred into a Norton wallet hosted in the cloud. It is not clear if every device running Norton Crypto is mining independently or as part of a pool of users for a greater chance of earning rewards of Ethereum.

As the difficulty of mining Ethereum by yourself is very high, Norton users will likely be pooled together for greater chances of mining a block. If Norton is operating a pool for this new feature, they may take a small fee of all mined Ethereum as is common among pool operators, making this new feature a revenue generator for the company. "As the crypto economy continues to become a more important part of our customers' lives, we want to empower them to mine cryptocurrency with Norton, a brand they trust," said Vincent Pilette, CEO of NortonLifeLock. "Norton Crypto is yet another innovative example of how we are expanding our Cyber Safety platform to protect our customers' ever-evolving digital lives."

"Gregory Kurtzer, co-founder of the now-defunct CentOS Linux distribution, has founded a new startup company called Ctrl IQ, which will serve in part as a sponsoring company for the upcoming Rocky Linux distribution," Ars Technica reports: Kurtzer co-founded CentOS Linux in 2004 with mentor Rocky McGaugh, and it operated independently for 10 years until being acquired by Red Hat in 2014. When Red Hat killed off CentOS Linux in a highly controversial December 2020 announcement, Kurtzer immediately announced his intention to recreate CentOS with a new distribution named after his deceased mentor.

The Rocky Linux concept got immediate, positive community reaction — but there's an awful lot of work and expense that goes into creating and maintaining a Linux distribution. The CentOS Linux project itself made that clear when it went for the Red Hat acquisition in 2014; without its own source of funding, the odds of Rocky Linux becoming a complete 1:1 replacement — serving the same massive volume of users that CentOS did — seemed dicey at best.
In a statement Ctrl IQ notes the Rocky Linux community was already "in the thousands of people driving the foundation of the organization..."

And as for Gregory Kurtzer, he was "originally basing Ctrl IQ's stack on CentOS, but he needed to pivot, as did most of the community to something else. Due to the alignment, Greg chose Rocky, and has been asked to help support it." Ars Technica adds: The company describes itself in its announcement as the suppliers of a "full technology stack integrating key capabilities of enterprise, hyper-scale, cloud and high-performance computing..."

Wading through the buzzword bingo, Ctrl IQ's real business seems to be in supplying relatively turn-key infrastructure for high-performance computing (HPC) workloads, capable of running distributed across multiple sites and/or cloud providers... Not all of Ctrl IQ's offerings are theoretical. Warewulf, also founded by Kurtzer, is currently developed and maintained by the US Department of Energy. Anyone can freely download and use Warewulf, but it's not difficult to imagine value added in consulting with one of its founders...

Ctrl IQ is one of three Tier 1 sponsors identified by the Rocky Linux project, along with Amazon Web Services (which provides core build infrastructure) and Mattermost, which is providing enterprise collaboration services...

Rocky Linux is generally expected to be widely available in Q2 2021, with a first-release candidate build expected on March 31.

Microsoft says in a blog post that PepsiCo is using their Project Bonsai "machine teaching" service to "help ensure its Cheetos cheese-puff snacks all have the same texture, crunch and shape," reports The Wall Street Journal. From the blog post: PepsiCo built a computer vision system that continually monitors Cheeto attributes. Data about qualities such as density and length are fed to the Project Bonsai solution, which makes adjustments to bring the product within spec. This approach reduces the time it takes to correct inconsistencies and allows operators to focus on parts of the line that require human expertise. PepsiCo is preparing to use the solution in a production plant and exploring how to use the solution with other products, including the tortilla chip manufacturing process. An out-of-spec product can't be sold, which leads to wasted resources, time, and money. Greater consistency helps PepsiCo maintain high quality products while maximizing throughput.

To make an ideal Cheeto, the solution needed examples of what wasn't ideal -- and needed to know what to do in those cases. The extruder line is self-contained and well-suited for developing and testing an autonomous system solution. Operators had been running it manually, which gave developers the opportunity to build the solution from scratch, instead of on top of other software. The AI solution has a recommendation mode and a closed loop control mode. In both modes, a computer vision system continuously measures the quality of the Cheetos. In recommendation mode, the AI will alert an operator if the product drifts out of spec, displaying on an instrument panel the attributes that are not ideal as well as a recommendation to correct it. The operator can push a button to make any or all recommended adjustments.

In control mode, the only difference is that the AI solution skips the recommendation step and adjusts the extruder line specifications independently. The company expects that running this intelligent control system will return product to acceptable attributes faster. In the current extruder line, operators measure product attributes manually at defined intervals. If the Cheetos are out of spec, the operator makes adjustments based on guidelines or experience to return the product to acceptable quality. The problem: Infrequent sampling meant that the line could be producing out-of-spec Cheetos for a longer period of time without anyone realizing. The Project Bonsai solution will monitor the product almost continuously, using sensors to oversee characteristics such as length and bulk density. That way, it knows as soon as the product strays outside a defined range.

Security researchers and hackers have had access to a leaked early version of iOS 14, the iPhone's next operating system, since at least February, Motherboard reported Friday. From the report: That's almost eight months before the expected official release of iOS 14, given that Apple usually publishes the new iOS in September along with the announcement of new phones. Sometimes, screenshots and descriptions of new features leak before the official reveal. This time, however, an entire version of the operating system has leaked and is being widely circulated among hackers and security researchers. Motherboard has not been able to independently verify exactly how it leaked, but five sources in the jailbreaking community familiar with the leak told us they think that someone obtained a development iPhone 11 running a version of iOS 14 dated December 2019, which was made to be used only by Apple developers. According to those sources, someone purchased it from vendors in China for thousands of dollars, and then extracted the iOS 14 internal build and distributed it in the iPhone jailbreaking and hacking community.

Long-time Slashdot reader joemite shared Wired's report about a small town of Basalt Vista, Colorado, where homeowners like Katela Escobar are testing highly scaleable "advanced power grid technologies that could turn every home into an appendage of a decentralized power plant."

Basalt Vista is designed to be an all-electric community that produces as much power as it uses. Each home comes outfitted with an electric vehicle charger in the garage, a large battery pack in the basement, and a roof covered with solar panels. The homes are linked together as a microgrid, a self-contained electricity distribution network that can operate independently of the regional electric grid. Their energy systems work together to balance the energy load across the neighborhood — the solar panels harvest energy, plugged in EVs can store electricity as needed, and large battery packs can supply power when the sun isn't shining.

But what makes Basalt Vista's microgrid unique is that it autonomously allocates power. There's an internet-connected control box in the basement of each home running experimental software that continuously optimizes electricity distribution across the microgrid and the flow of energy to and from the larger regional grid. When one home produces more energy than it needs, it can autonomously make the decision to redistribute it to its neighbors or store it for later... Basalt Vista is a testbed for a so-called "virtual power plant," a network of self-optimizing energy resources that unbundles the centralized utility and distributes it across the grid... [T]hey aggregate and control distributed energy sources so they can perform the functions of a large centralized power plant — generating and storing electricity — for the wider grid. This virtual power plant could serve as an antidote to the inherent variability of renewable energy systems by efficiently matching supply and demand across widely-distributed electricity producers and consumers.

For now, the technology exists in the basements of Escobar and her neighbors at Basalt Vista. But if the experiment is successful, it may one day control power for millions of other families.

Troy Hunt, the owner and founder of the well-known and respected data breach notification website "Have I Been Pwned," announced in a blog post today that his website is no longer being sold and will continue running independently. The news comes several months after Hunt announced he was actively looking for a buyer.

Last June, Hunt wrote: "To date, every line of code, every configuration and every breached record has been handled by me alone. There is no 'HIBP team,' there's one guy keeping the whole thing afloat. It's time for HIBP to grow up. It's time to go from that one guy doing what he can in his available time to a better-resourced and better-funded structure that's able to do way more than what I ever could on my own."

Now, according to Hunt, "unexpected changes" with the business model of the party believed to be the purchaser of the service "made the deal infeasible." "It wasn't something I could have seen coming nor was it anything to do with HIBP itself, but it introduced a range of new and insurmountable barriers," writes Hunt in today's blog post. Hunt goes on to explain what's been happening since April 2019 and how the service will operate in the future.