I suspect part of it is that the mitigation for DirtyFrag covers it, so everyone who blocked all the modules in question when that had only an incomplete patch probably hasn't unblocked them yet. I think this is the 4th patch for these modules, and only got a new name rather than just "there's still a way to get this code to do the wrong thing" because a different outside team found this one.

THAT SUCKS BRO

It would be an entire 7 years later before anybody managed to put a thermistor in the package to stop cpus from destroying themselves. An eternity in that era.

Yeah, and the person who released the information first was operating in an "if I noticed this, doing only as much as I'm doing, surely attackers would also notice" mode. Possibly some patches these days are sufficiently obvious as to their correctness and also effect that they should first become public as a set of stable releases. This was a kind of special case, as CopyFail was the combination of some code doing something strange with one user not being prepared for it, and fixed the user. If there are other users that also aren't prepared, fixing them isn't going to be subtle.

How shadows and reflections move when you're 10 milies from a mostly flat surface a thousand miles across is legitimately hard to analyze for a visual system that evolved on the ground, especially if you throw in small periodic surface orientation variations. Given how complicated it is to explain rare rainbow-related phenomena like sun dogs, it would be surprising if we'd identified and explained everything that can appear when flying above the ocean.

While you're at it, you also need to block installing esp4, esp6, and rxrpc, for, y'know, reasons.

Rich people like Musk generally just have the doctors/nurses make house calls. I have my doubts that Musk is going the legitimate medical treatment route but it's a popular practice. Michael Jackson had a Dr. Feelgood at his house basically all the time.

According to the article, they (by way of their cloud provider) had DR backups, which they were able to get restored. But getting offline backups restored takes longer than the SLAs they give their customers and loses some data that hasn't been copied offline yet, which is why they also have backups that are complete and immediately available, using the API key that the attacker -- sorry, AI -- found in a file it wasn't supposed to have access to.

Reasons vary. I know someone working in HR at a famous Japanese company. Rotating employees to offices around the world generally falls into 3 categories- 1. Giving experience, or rewarding good workers the company would like to develop into management. 2. Temporarily getting rid of useless or unliked employees without needing to fire them, which is very difficult in Japan. 3. Specialists for specific projects where hiring US citizens would be too much of a hassle. Employees in category 2 tend to be assigned to developing or undesirable countries, but some do come to the US too.

The truth varies slightly from the headlines. These companies paid huge sums for offshore leases. Trump is refunding those. Still a boneheaded move but the companies involved are definitely not profiting or happy about this outcome.

Geothermal developments are legit. Essentially, most of the US geothermal sites were built/drilled back in the 70s and 80s. Hydraulic fracturing and some of the other oil and gas drilling advancements of the past 30 years have yet to be applied to geothermal. There is room for a new player to tie these things together, especially if they can build turnkey plants or sell steam to existing sites on long term contracts (they plan for both). However, they aren't worth anywhere near $3B.

Verizon's 2 Gbps Fios home service doesn't support IPv6, due apparently to them picking hardware for this particular service that doesn't handle it. Their other service does handle it, including slower home Fios, but not that in particular.

The fundamental issue is that theaters need to generate a certain amount of revenue per square foot to be profitable. People "rent" small amounts of space for a couple hours then they leave. But theaters are massive buildings, the desirable time slots are finite, and even on a good day it's a struggle to pack a theater. Somebody has to pay for everything and it seemes to be a figure that requires high gross profits and extensive upselling to get to that number.

It uses VRTX, reportedly. Linux wasn't suitable as a real-time OS when the Hubble was designed, or really even when the Hubble got the 486 installed in 2009.

The LitleLLM packages were comprimosed on Tuesday. The packages compromised today were telnyx 4.87.1 and 4.87.2. It's the same root cause: credentials exposed to a compromised version of Trivy earlier were used to make an unauthorized release of a compromised version of a different package.