Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Submission + - Bitwarden's FOSS halo slips as new SDK requirement locks down freedoms (theregister.com)

AmiMoJo writes: The Bitwarden online credentials storage service is changing its build requirements – which some commentators feel mean it's no longer FOSS. The question has been highlighted by a new issue on the project's GitHub page, with the strong title "Desktop version 2024.10.0 is no longer free software." This is because of a new build requirement, added in a pull request a couple of weeks ago titled "Introduce SDK client." This SDK (software development kit) is required to compile the software from source – either the Bitwarden server or any of its client applications. The problem is that although the SDK is available, it is under a license that means it's not free software.

Comment Re:Sad but not surprising. (Score 1, Troll) 133

Only in putler's paranoid imagination. Unfortunately, he is not in a lunatic asylum and has the means to broadcast his lunacy to conspiracy nutters all over the world.

Instead of calling me insane, perhaps you could try to understand the situation a little more deeply or at least argue about what I've said. It's much more polite and respectful when you reply to someone you don't know.

Of course not, there's no declaration of war if you stop at semantics. There has been no declaration of war. I can see that my use of the term “war” is provoking some very negative reactions.

So I'm going to go into a little more detail or precision.

The United States is one of the NATO countries that have voted for and are applying economic sanctions against Russia, and are supplying Ukraine with weapons against Russia. In this sense, the United States is, from Russia's point of view, in the hostile camp.

So I apologize to you, because the term war was exaggerated and inaccurate; because I lacked nuance here, I admit.

So yes, in any case, the state of relations between the US and Russia being what it is these days, it's no surprise that the Russian authorities are being tough on US companies.

Comment Stupid claim in summary (Score 4, Insightful) 29

with methane possibly still present and usable as an energy source

This is Mars, where do you get Oxygen to react Methane as an energy source?

And?

How much energy do you spend to extract and process the clay to extract this methane and all the process to extract an Oxydizer from a yet unknown source.

This is just to highlight this baseless stupid claim in the summary.

Comment misleading title once again (Score 3, Insightful) 143

A more appropriate title would have been:
"A Robot Begins collecting samples of Melted Fuel From the Fukushima Nuclear Plant."

But whatever. The person who wrote the misleading title perfectly knows it is misleading.

Never take nuisance for ignorance.

Comment Re:contract for what? (Score 1) 74

They try to split it as:

Your contract with Costco is to acquire a branded bottle with something in it.
Then they want you to agree to a usage license if you want to ingest the content of the bottle.

That's the very same model as when you buy a music album on a media CD, Vinyl, Cassette.
The store and you contract to acquire the media.
When you listen to the music, you "agree" to the usage license contract with the music publisher.

I do not pretend it is fair. Just it is a known model of adding a usage license to a purchased media.

Comment Recylcing plastic is a producers' fueled lie (Score 1) 114

The only economically worthy and environmentally least damaging way to dispose of plastic, is with high temperature incineration, period!

High temperature incineration has a positive energy output suitable for heating water and producing electricity.
Incineration breaks down complex chemicals to (co2, water, nitrogen). The co2 output is limited to that contained in the plastic. Processing is self sustained. Logistic is limited to a single site.

Every other method has unsustainable drawbacks in term of energy use, efficiency, toxic leaks, logistical cost, any or all of those at various degree.

Submission + - regreSSHion: Unauthenticated Remote Root Vulnerability in OpenSSH Server (qualys.com)

Artem S. Tashkinov writes: The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects sshd in its default configuration.

Based on searches using Censys and Shodan, we have identified over 14 million potentially vulnerable OpenSSH server instances exposed to the Internet. Anonymized data from Qualys CSAM 3.0 with External Attack Surface Management data reveals that approximately 700,000 external internet-facing instances are vulnerable. This accounts for 31% of all internet-facing instances with OpenSSH in our global customer base.

In our security analysis, we identified that this vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, which was reported in 2006. A regression in this context means that a flaw, once fixed, has reappeared in a subsequent software release, typically due to changes or updates that inadvertently reintroduce the issue. This incident highlights the crucial role of thorough regression testing to prevent the reintroduction of known vulnerabilities into the environment. This regression was introduced in October 2020 (OpenSSH 8.5p1).

Submission + - Is the world's biggest fusion experiment dead after new delay to 2035? (newscientist.com)

MattSparkes writes: ITER, the world’s largest fusion power project, has been hit by a 10-year delay, meaning plans to switch it on have now been pushed back to 2035. Such a delay could see ITER being overtaken by commercial fusion projects, leaving some to question whether it is even worth continuing with the experiment, suggesting that management should not "chase sunk costs".

The reactor, which is under construction in France, is a vast international effort involving the European Union, China, India, Japan, South Korea, Russia and the US. Work officially started in 2006, although discussions date back to 1985, and the first run of the reactor to create plasma was initially scheduled for 2020, but later pushed back to 2025. Construction costs have boomed, with early estimates having already risen by 300 per cent, to over €20 billion, in 2020.

Slashdot Top Deals

Space tells matter how to move and matter tells space how to curve. -- Wheeler

Working...