tinkertim - Slashdot User

Comment They will be sued by the next victims (Score 1) 10

by davidwr on Tuesday May 12, 2026 @06:38PM (#66140723) Attached to: Instructure Pays Canvas Hackers To Delete Students' Stolen Data

The next major ransomware victims will sue Instructure for encouraging ransomware attacks.

Comment "Apple presents the iRack" (Score 1) 1

by davidwr on Tuesday May 12, 2026 @10:25AM (#66139978) Attached to: There's an Unhinged New Video Game About Trump and the Iran War

This sounds like the video game version of the MadTV sketch Apple presents the iRack from a couple of decades ago, spoofing the war in Iraq.

Comment Better title: (Score 5, Insightful) 65

by davidwr on Tuesday May 12, 2026 @01:24AM (#66139604) Attached to: A Data Center Drained 30 Million Gallons of Water Unnoticed

"Bureaucratic slip-up allows facility under construction to delay paying for water bill for several months. Coincidentally, facility happens to be a data center."

Comment Anyone have an E2EE over SMS protocol? (Score 1) 26

by davidwr on Monday May 11, 2026 @04:18PM (#66139002) Attached to: iPhone-Android RCS Conversations Are End-To-End Encrypted In iOS 26.5

In principle, I can send your phone arbitrary unlimited data using just SMS, subject only to rate-limiting and management of dropped, delayed, or out-of-order SMS messages.

If I have your public key, I can send it to you encrypted.

In practice, I don't know if such a thing exists.

Comment Back to the past (Score 3, Insightful) 29

by davidwr on Monday May 11, 2026 @12:06PM (#66138440) Attached to: Apple Now Requires Verification For Education Store

Back in the 20th century, you get student/teacher discounts through university/school channels and possibly from other authorized Apple resellers, but you had to show ID.

Comment coming soon - quarter petabyte SSD ... (Score 1) 70

by davidwr on Friday May 08, 2026 @06:16PM (#66134908) Attached to: Micron Ships Gigantic 245TB SSD

... for the low low price of a quarter peta-buck.

Comment sarcasm aside (Score 1) 43

by davidwr on Friday May 08, 2026 @04:46PM (#66134774) Attached to: Thousands of Vibe-Coded Apps Expose Corporate and Personal Data On the Open Web

There IS a place for AI as a coding assistant. If used right by someone who COULD write good code from scratch AND who is well-versed in using his AI tools, it could actually save time.

In very limited problem domains, non-AI program-generators and LLM-"AI" program-generators can actually produce usable, correct, reasonably efficient code almost all of the time. But so could a reasonably competent programmer who was an expert in the problem domain.

In any case, using AI is likely to use a lot of electricity.

Comment Re:Not a vibe-coding problem (Score 2) 43

by davidwr on Friday May 08, 2026 @04:42PM (#66134766) Attached to: Thousands of Vibe-Coded Apps Expose Corporate and Personal Data On the Open Web

Old way for a small task an entry-level person could do in 2 weeks solo: a week to design, a few days to code, a few days to unit test

New way - "official/what you tell your boss": a few hours to design/decide what you want the output to look like and rough-draft your prompts a hours to "code"/prompt the AI, including iterations, and a few hours to test the results.

New way - "reality/what you actually do": design? what's that? a few hours to iteratively create prompts until you get output that "feels good," and testing the results - yeah, right, who has time for that?

Sigh.

Comment Nobody will ever break this (Score 3, Funny) 106

by davidwr on Thursday May 07, 2026 @07:49PM (#66133242) Attached to: 60% of MD5 Password Hashes Are Crackable In Under an Hour

9cc2ae8a1ba7a93da39b46fc1019c481

Comment This could be good if it were curated (Score 1) 52

by davidwr on Wednesday May 06, 2026 @07:16PM (#66131144) Attached to: Google's AI Search Results Will Now Turn To Reddit For 'Expert Advice'

If only the very small percentage - possibly "0 plus epsilon" or less - of Reddit that was worthy of the term "expert advice" were used as training data, this could be useful.

But the odds of that happening are less than "0 plus epsilon."

Comment My "design choices" involve... (Score 5, Funny) 107

by davidwr on Wednesday May 06, 2026 @07:14PM (#66131140) Attached to: Microsoft Edge Stores Passwords In Plaintext In RAM

... designing my workflow to avoid using this browser.

Submission + - AI finds signs of pancreatic cancer before tumors develop (nbcnews.com)

Submitted by fjo3 on Monday May 04, 2026 @02:55PM

fjo3 writes: An AI model developed at the Mayo Clinic in Rochester, Minnesota, detected abnormalities on patients’ CT scans up to three years before they were diagnosed with pancreatic cancer, according to research published this week in the journal Gut.

The scientists behind the model, which is now being evaluated in a clinical trial, trained it by feeding it CT scans from patients who had been screened for other medical conditions then were later diagnosed with pancreatic cancer. The team then had radiologists review the scans and compared their ability to find early signs of cancer to that of the AI model. The model was found to be three times better at identifying the early signs.

Submission + - Plant Seeds Do Something Incredible When The Sound of Rain Strikes (sciencealert.com)

Submitted by alternative_right on Monday May 04, 2026 @09:47AM

alternative_right writes: Plant seeds can sense the vibrations generated by falling raindrops and
respond by waking from their state of dormancy to welcome the water,
new research shows.

Submission + - Robots are building clay homes in Central Texas using dirt from the ground (kxan.com)

Submitted by alternative_right on Saturday May 02, 2026 @09:33PM

alternative_right writes: A startup south of Austin is using robots to build homes out of clay pulled directly from the ground â" a new approach aimed at lowering costs and changing how houses are built.

Submission + - Copy Fail exploit lets 732 bytes hijack Linux systems and quietly grab root (nerds.xyz)

Submitted by BrianFagioli on Wednesday April 29, 2026 @06:30PM

BrianFagioli writes: A newly disclosed Linux kernel vulnerability called Copy Fail (CVE-2026-31431) allows an unprivileged user to gain root access using a tiny 732-byte script, and it works with unsettling consistency across major distributions. Unlike older exploits that relied on race conditions or fragile timing, this one is a straight-line logic flaw in the kernelâ(TM)s crypto subsystem. It abuses AF_ALG sockets and splice to overwrite a few bytes in the page cache of a target file, such as /usr/bin/su. Because the kernel executes from the page cache, not directly from disk, the attacker can inject code into a setuid binary in memory and immediately escalate privileges.

What makes this especially concerning is how quiet it is. The file on disk remains unchanged, so standard integrity checks see nothing wrong, while the in-memory version has already been tampered with. The same primitive can also cross container boundaries since the page cache is shared, raising the stakes for multi-tenant environments and Kubernetes nodes. The underlying issue traces back to an in-place optimization added years ago, now being rolled back as part of the fix. Until patched kernels are widely deployed, this is one of those bugs that feels less like a theoretical risk and more like a practical, reliable path to full system compromise.

Slashdot Top Deals