Forgot your password?
Close
typodupeerror

Submission + - Clean energy just put China's CO2 emissions into reverse for first time (carbonbrief.org)

Submitted by AmiMoJo
AmiMoJo writes: For the first time, the growth in China’s clean power generation has caused the nation’s carbon dioxide (CO2) emissions to fall despite rapid power demand growth. The new analysis for Carbon Brief shows that China’s emissions were down 1.6% year-on-year in the first quarter of 2025 and by 1% in the latest 12 months. Electricity supply from new wind, solar and nuclear capacity was enough to cut coal-power output even as demand surged, whereas previous falls were due to weak growth.

The analysis, based on official figures and commercial data, shows that China’s CO2 emissions have now been stable, or falling, for more than a year. However, they remain only 1% below the latest peak, implying that any short-term jump could cause China’s CO2 emissions to rise to a new record. Growth in clean power generation has now overtaken the current and long-term average growth in electricity demand, pushing down fossil fuel use.

Submission + - I ordered vintage tech. Ebay deliberately destroyed it (ebay.com)

Submitted by ayjaym
ayjaym writes: The HP65. The world's first hand-held programmable calculator. One flew on the Apollo-Soyuz missions as a backup to the main computer system.
So when I saw one listed on eBay, I immediately purchased it from the US seller. It was to be dispatched via ebay's Global Fulfilment Program. From previous experience I knew this was a tortuous process; items can take a month to travel from the US to the UK.
What I didn't know is that there was a random chance of my item being deliberately destroyed by eBay. One moment it was at the 'inspection' stage, prior to being shipped, and then, just like that — like the 'lifesystems terminated' chilling message in 2001 — it was gone. "Item failed inspection". "Item liquidated".
I contacted eBay support. No, we can't tell you why. No, both parties will be refunded. No, the item won't be returned to the seller. It will be destroyed.
Why?. Well — who knows. There were no batteries, no toxic chemicals. Just a calculator. An irreplaceable piece of vintage tech, deliberately destroyed for reasons utterly unknown.
And this isn't an isolated incident. The opaque 'inspection' step apparently quite often triggers random rejection, usually with the destruction of the item. Antiques, coins, you name it. Nobody knows and few care because both parties get their money back. Except — an irreplaceable piece of tech history has now been destroyed, and I feel responsible. All I wanted to do was restore it, and now I've been the agent of its destruction. It's heartbreaking.

Submission + - Don Bitzer, Creator of Greatest Computer Network You Never Heard Of, Dead at 90 2

Submitted by theodp
theodp writes: No newspaper obit yet, but Brian Dear writes on Mastodon: "Wow...end of an era. Dr. Donald L. Bitzer, creator of the PLATO system, and co-inventor of many key technologies like the AC gas-plasma flat-screen display, passed away yesterday at 90. Don was the main person I wrote about in my book The Friendly Orange Glow. No words. RIP, Don." In a separate email, Dear added, "I never ever met a more generous, supportive, enthusiastic person in the world. [..] He was an inspiration to us all, and to the world, which he made a better place."

The late film critic Roger Ebert reported on PLATO's potential to deliver online learning to homebound students in a 1962 article he wrote for the News-Gazette while still in high school. In a 1981 appearance on the Phil Donahue Show, Bitzer demoed some of PLATO's capabilities to a studio audience, including bit-mapped graphics on a flat-screen plasma panel, back-projected color images for storytelling, touch input (infrared), speech (English and Swedish), computer-generated music with animated notes, texting over the PLATO network, email, screen sharing, and primitive text-to-animation prompting. Bitzer also describes his vision of the future, which included households connected to a "world wide network" ("probably within the next 5-10 years"), autonomous cars (in 30-60 years), AI, digital libraries, and cloud computing.

PLATO, as VIce reported, was the greatest computer network you've never heard of. And that includes the likes of U.S. Secretary of Education Arne Duncan, who marveled that his kids could code online in 2014, unaware that 650 students were learning programming online with Don Bitzer's PLATO at the Univ. of Illinois during the Spring 1975 semester (Duncan was a 1987 Harvard grad).

Submission + - FDA may outlaw food dyes 'within weeks': Bombshell move would affect candy, soda (nbcnews.com) 1

Submitted by schwit1
schwit1 writes: The Food and Drug Administration will decide on a ban of certain food dyes in the coming weeks after receiving a petition to review the safety of Red 3, NBC News reports.

“With Red 3, we have a petition in front of us to revoke the authorization board, and we’re hopeful that in the next few weeks we’ll be acting on that petition,” Jim Jones, the deputy commissioner for human foods at the FDA, said during a Senate meeting this week, per NBC.

According to the FDA, the agency has reviewed the safety of Red 3 —which is derived from petroleum and found snacks, beverages, candy and more — in food and drugs “multiple times” since it was first approved in 1969, but the petition has requested for the additive to be reviewed once more.

While the FDA has stated that food dyes are safe and do not pose health risks, the dye was banned from topical drugs and cosmetics in 1990.

Submission + - Linksys Velop routers send Wi-Fi passwords in plaintext to US servers (stackdiary.com)

Submitted by schwit1
schwit1 writes: This discovery involves the Linksys Velop Pro 6E and Velop Pro 7 mesh routers. During routine installation checks, Testaankoop detected several data packets being transmitted to an Amazon server in the US. These packets included the configured SSID name and password in clear text, identification tokens for the network within a broader database, and an access token for a user session, potentially paving the way for a man-in-the-middle (MITM) attack.

Submission + - Polyfill.io Supply Chain Attack (qualys.com)

Submitted by protehnica
protehnica writes:

The polyfill.js is a popular open-source library that supports older browsers. Thousands of sites embed it using the cdn[.]polyfill[.]io domain. In February 2024, a Chinese company (Funnull) bought the domain and the GitHub account. The company has modified Polyfill.js so malicious code would be inserted into websites that embedded scripts from cdn.polyfill[.]io. Any script adopted from cdn.polyfill[.]io would immediately download malicious code from the Chinese company’s site. Some of the known outcomes are:

  • user would be redirected to scam sites,
  • allows an attacker to steal sensitive data,
  • potentially perform code execution.

Submission + - Is the world's biggest fusion experiment dead after new delay to 2035? (newscientist.com)

Submitted by MattSparkes
MattSparkes writes: ITER, the world’s largest fusion power project, has been hit by a 10-year delay, meaning plans to switch it on have now been pushed back to 2035. Such a delay could see ITER being overtaken by commercial fusion projects, leaving some to question whether it is even worth continuing with the experiment, suggesting that management should not "chase sunk costs".

The reactor, which is under construction in France, is a vast international effort involving the European Union, China, India, Japan, South Korea, Russia and the US. Work officially started in 2006, although discussions date back to 1985, and the first run of the reactor to create plasma was initially scheduled for 2020, but later pushed back to 2025. Construction costs have boomed, with early estimates having already risen by 300 per cent, to over €20 billion, in 2020.

Submission + - Systemd wants to expand to include a sudo replacement (fosspost.org)

Submitted by Anonymous Coward
An anonymous reader writes: Systemd lead developer Lennart Poettering has posted on Mastodon about their upcoming v256 release of Systemd, which is expected to include a sudo replacement called “run0”.

The developer talks about the weaknesses of sudo, and how it has a large possible attack surface. For example, sudo supports network access, LDAP configurations, other types of plugins, and much more. But most importantly, its SUID binary provides a large attack service according to Lennart:

"I personally think that the biggest problem with sudo is the fact it’s a SUID binary though – the big attack surface, the plugins, network access and so on that come after it it just make the key problem worse, but are not in themselves the main issue with sudo. SUID processes are weird concepts: they are invoked by unprivileged code and inherit the execution context intended for and controlled by unprivileged code. By execution context I mean the myriad of properties that a process has on Linux these days, from environment variables, process scheduling properties, cgroup assignments, security contexts, file descriptors passed, and so on and so on."

He’s saying that sudo is a Unix concept from many decades ago, and a better privilege escalation system should be in place for 2024 security standards:

  "So, in my ideal world, we’d have an OS entirely without SUID. Let’s throw out the concept of SUID on the dump of UNIX’ bad ideas. An execution context for privileged code that is half under the control of unprivileged code and that needs careful manual clean-up is just not how security engineering should be done in 2024 anymore."

Submission + - GitHub Besieged By Millions of Malicious Repositories In Ongoing Attack (arstechnica.com)

Submitted by Anonymous Coward
An anonymous reader writes: GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency from developer devices, researchers said. The malicious repositories are clones of legitimate ones, making them hard to distinguish to the casual eye. An unknown party has automated a process that forks legitimate repositories, meaning the source code is copied so developers can use it in an independent project that builds on the original one. The result is millions of forks with names identical to the original one that add a payload that’s wrapped under seven layers of obfuscation. To make matters worse, some people, unaware of the malice of these imitators, are forking the forks, which adds to the flood.

“Most of the forked repos are quickly removed by GitHub, which identifies the automation,” Matan Giladi and Gil David, researchers at security firm Apiiro, wrote Wednesday. “However, the automation detection seems to miss many repos, and the ones that were uploaded manually survive. Because the whole attack chain seems to be mostly automated on a large scale, the 1% that survive still amount to thousands of malicious repos." Given the constant churn of new repos being uploaded and GitHub’s removal, it’s hard to estimate precisely how many of each there are. The researchers said the number of repos uploaded or forked before GitHub removes them is likely in the millions. They said the attack “impacts more than 100,000 GitHub repositories.”

Submission + - Restoring a 1986 DEC PDP/11 Minicomputer - Will it boot?? (youtube.com) 1

Submitted by Shayde
Shayde writes: I've been working on a PDP/11 I basically got as a 'barn find' from an estate sale a year ago. The project has absolutely had it's ups and downs, as the knowledgebase for these machines is aging quickly. I'm hoping to restore my own expertise with this build, but it's been challenging finding parts, technical details, and just plain information.

I leaned pretty heavily on the folks at the Vintage Computing Federation (vcfed.org), as well as connections I've made in the industry — and made some great progress.

The latest chapter in how it's going was just posted, check it out if you're keen on retrocomputing and old minicomputers and DEC gear.

Submission + - Bruce Schneier: 'We Are About To Enter the Era of Mass Spying' (arstechnica.com)

Submitted by Anonymous Coward
An anonymous reader writes: In an editorial for Slate published Monday, renowned security researcher Bruce Schneier warned that AI models may enable a new era of mass spying, allowing companies and governments to automate the process of analyzing and summarizing large volumes of conversation data, fundamentally lowering barriers to spying activities that currently require human labor. In the piece, Schneier notes that the existing landscape of electronic surveillance has already transformed the modern era, becoming the business model of the Internet, where our digital footprints are constantly tracked and analyzed for commercial reasons.

Spying, by contrast, can take that kind of economically inspired monitoring to a completely new level: "Spying and surveillance are different but related things," Schneier writes. "If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents of those conversations. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did." Schneier says that current spying methods, like phone tapping or physical surveillance, are labor-intensive, but the advent of AI significantly reduces this constraint. Generative AI systems are increasingly adept at summarizing lengthy conversations and sifting through massive datasets to organize and extract relevant information. This capability, he argues, will not only make spying more accessible but also more comprehensive. "This spying is not limited to conversations on our phones or computers," Schneier writes. "Just as cameras everywhere fueled mass surveillance, microphones everywhere will fuel mass spying. Siri and Alexa and 'Hey, Google' are already always listening; the conversations just aren’t being saved yet." [...]

In his editorial, Schneier raises concerns about the chilling effect that mass spying could have on society, cautioning that the knowledge of being under constant surveillance may lead individuals to alter their behavior, engage in self-censorship, and conform to perceived norms, ultimately stifling free expression and personal privacy. So what can people do about it? Anyone seeking protection from this type of mass spying will likely need to look toward government regulation to keep it in check since commercial pressures often trump technological safety and ethics. [...] Schneier isn't optimistic on that front, however, closing with the line, "We could prohibit mass spying. We could pass strong data-privacy rules. But we haven’t done anything to limit mass surveillance. Why would spying be any different?" It's a thought-provoking piece, and you can read the entire thing on Slate.

Submission + - Ask Slashdot: Password standards? 9

Submitted by eggegick
eggegick writes: Is there some sort of official standard for password length and
complexity that we can ask organizations to use? Every site I visit
has its own idea of the minimum and maximum number of characters, the
number of digits, the number of upper/lowercase characters, the number
of punctuation characters allowed and even what punctuation characters
are allowed and which are not.

The limit of password size really torques me, as that suggests they
are storing the password (they need to limit storage size), rather
than its hash value (fixed size), which is a real security blunder.

Also, the stupid dots drive me bonkers, especially when there is no
"unhide" button. For crying out loud, nobody is looking over my
shoulder! Make the "unhide" default.

I know the NIST has recommendations, but they are fuzzy, not a simple
statement you can give to Grandma.

Submission + - Apple co-founder Steve Wozniak in hospital

Submitted by Alain Williams
Alain Williams writes: Apple co-founder Steve Wozniak is in hospital in Mexico, according to multiple reports.
It is not currently clear what the cause is. The 73-year-old was in Mexico City attending the World Business Forum (WBF), a business conference.
An unnamed source from the WBF said that Mr Wozniak fainted on Wednesday afternoon at the event, according to the CNN news website.

Submission + - Euclid telescope: First images revealed from 'dark Universe' mission (bbc.com)

Submitted by AmiMoJo
AmiMoJo writes: Europe's Euclid telescope is ready to begin its quest to understand the greatest mysteries in the Universe. Exquisite imagery from the space observatory shows its capabilities to be exceptional. Over the next six years, Euclid will survey a third of the heavens to get some clues about the nature of so-called dark matter and dark energy.

The €1.4bn (£1.2bn) Euclid telescope went into space in July. Since then, engineers have been fine-tuning it. There were some early worries. Initially, Euclid's optics couldn't lock on to stars to take a steady image. This required new software for the telescope's fine guidance sensor. Engineers also found some stray light was polluting pictures when the observatory was pointed in a certain way. But with these issues all now resolved, Euclid is good to go — as evidenced by the release of five sample images on Tuesday.

Submission + - "Encryption king" arrested in Istanbul (404media.co)

Submitted by Anonymous Coward
An anonymous reader writes: Hakan Ayik, an infamous drug trafficker who also popularized the use of certain brands of encrypted phones around the world, was arrested during a series of dramatic raids in Turkey last week. At one point a group of heavily armed Turkish tactical officers in brown and gray camouflage piled outside an apartment and banged on the door repeatedly. They then smashed the door down and moved inside with a riot shield, according to a video tweeted by Turkey’s Minister of the Interior. The video then showed a photograph of Ayik, shirtless and on his knees while staring straight ahead, surrounded by multiple officers.
It was a moment that capped off the arrest of Australia’s most wanted man, and a sign that Turkey is no longer a safe haven to organized criminals. But it was also something of a closing act on Anom, a brand of encrypted phone that the FBI secretly took over and managed for years after inserting a backdoor into the product, allowing agents to read tens of millions of messages sent across it. Ayik unknowingly helped the FBI gain that piercing insight into organized crime by selling the devices to other criminal associates. Given Ayik’s position as a trusted authority on what communications tools drug traffickers should use, one associate even referred to him as the “encryption king” in an Anom message I’ve seen.

Slashdot Top Deals

Algol-60 surely must be regarded as the most important programming language yet developed. -- T. Cheatham

Close