Aggregator

This is your technical deep-dive into the practical tools and techniques that define the next generation of resilient Dev and IT operations.

An anonymous reader quotes a report from The Guardian: In May, the federal government announced without warning that it would take apart a network of ocean monitoring systems that it had spent over $350 million to build. No reason was given for the decision to shut down the Ocean Observatories Initiative (OOI), but suspicion immediately focused on the network's role in tracking climate change. But the OOI also provides data that's useful for weather forecasting and fisheries management, leading to widespread opposition. Today, it appears that the opposition has won, as the government will announce that it's reversing the decision. The big remaining question is how much damage the OOI took during the intervening month. [...] The OOI is a federally supported resource that provides ocean data for use by academic researchers, government planners, and private companies. It consists of arrays of monitoring systems in several locations in both the Atlantic and Pacific Oceans that can track things like currents, salinity, chemical levels, temperatures, and tectonic activity. (There are over 100 individual entries on the page that display the data gathered by the system.) Obviously, there are many potential uses of that data. The fact that it has been gathered continuously for a decade means it can help track changes in how carbon dioxide and heat enter the oceans. This is probably what made it a target for the climate change denialists who helped set the Trump administration's policy. Those policymakers are perfectly happy to annoy people with environmental concerns, but they apparently neglected to consider how upset everyone else would be about losing access to the other data. The ensuing public backlash led the Senate on Wednesday to unanimously agree with a measure that would block the government from taking down the OOI. Today's decision may indicate that the administration recognized it had gotten itself into a fight it knew it was losing. The National Science Foundation formally announced the decision, stating: "effective immediately, [it] will not proceed with further removal or descoping of equipment from the remaining arrays and will continue operations including planned maintenance." The agency added that it "appreciates the concerns raised by the range of stakeholders that have informed us they rely on data" from the OOI. The NSF also said it would "issue a Dear Colleague Letter to collect input from stakeholders and convene an expert panel to assess observational needs, evaluate available data sources, consider responses ... and help the agency identify a sustainable path for NSF's ocean observing systems."

Read more of this story at Slashdot.

Adobe is expanding its Firefly AI assistant into Premiere, Illustrator, InDesign, and Frame.io, where it can automate all sorts of tasks such as organizing clips, renaming assets, adding interview markers, rearranging layers, and finding missing fonts. It's available starting today as part of a public beta. TechCrunch reports: Adobe is slowly transforming Firefly to increasingly resemble Canva, at least when it comes to AI features, loading up the app with AI tools that can generate images, videos and storyboards. The company is now adding a new feature called Elements that can save AI-generated characters, objects and locations for later use. Firefly is also getting a Projects feature that can store existing assets in one place, and share context. This could be useful for teams creating a video series or brand campaigns. Both of these features are currently available in a private beta. The company said users can now describe a brand and its style, or upload existing collateral, in Firefly to have it generate a brand kit, complete with logos, brand identity and color palettes, or even generate product videos from photos. Users can also create storyboards to create videos.

Read more of this story at Slashdot.

California's proposed "billionaire tax" has gathered enough signatures to qualify for the November ballot, setting up a major fight between labor unions and some of Silicon Valley's richest figures. From the report: The California Billionaire Tax Act, colloquially known as the billionaire tax, would levy a one-time 5% tax on any California resident worth more than $1bn. The proposal is backed by the Service Employees International Union-United Healthcare Workers West as a means of funding California's strained healthcare and education programs. The proposal has become one of the state's biggest political flashpoints as it gained momentum throughout the year, with prominent billionaires, such as the Google co-founder Larry Page, making moves to cut ties with the state and Newsom vowing to block it from going to a vote. Although it has gained enough signatures for the ballot, the groups backing the measure have until June 25 to decide whether to move forward or potentially strike a deal with the state. While unions backing the group have framed the proposal as a way of getting the ultra-rich to pay their fair share, many of the state's tech elites have condemned the tax and spent millions attempting to crush it. The Google co-founder Sergey Brin has spent $82m alone on efforts to fight the tax, while joining other Silicon Valley billionaires in declaring he will leave California if it goes through. The Palantir co-founder Peter Thiel, crypto billionaire Chris Larsen and Ring founder James Siminoff are among the other tech moguls who have made huge political donations to groups opposing the tax. California has the most billionaires out of any state, many of whom have increased their wealth in recent years amid the AI boom.

Read more of this story at Slashdot.

You might say the system packs two kilapixels of compute

The privacy-focused Tails 7.9 is now available with Tor Browser 15.0.16, updated firmware for newer hardware, and a Secure Boot notification fix.

Canonical and the Ubuntu Release Team have implemented an important policy change for Ubuntu flavors moving forward. If they are to have an official release, they must now successfully submit a beta release...

SonicDE is a new community project focused on preserving KDE’s X11 desktop components as upstream Plasma moves fully to Wayland.

Midjourney is expanding beyond AI image generation with plans for a medical-imaging business built around a water-based, full-body ultrasound scanner that uses hundreds of thousands of sensors and AI to reconstruct MRI-like images. "As you descend into the water, hundreds of thousands of tiny elements take turns, sending out waves, listening together, compressing and then streaming data to a massive cluster where thousands of computers split the task," Midjourney explained in the announcement. "By looking at how the shapes of all the waves change, we reconstruct a detailed map or 'image' which basically lets us figure out what's in there." The company hopes to open a San Francisco scanning "spa" in late 2027, with 50,000 or more deployed around the world by 2031. The Register reports: It's not clear how fast the process is with the prototype unit, but Midjourney said its goal is for the whole thing to take around a minute. "We think it's completely possible that with enough early imaging in the future, the world could avoid 30% of all deaths and 50% of all healthcare costs," the company added. According to a "technical" video included in the announcement, there's a ring of 40 scanners included in the prototype unit the company has built. That ring of 40 elements contains 358,000 ultrasonic elements made up of tiny transducers that create ultrasound waves in water while listening for how they change when they slap the body of whoever is in Midjourney's dunk tank up to a thousand times a second. [...] Midjourney said that it's planning to open its first ultrasound scanner spa at the end of 2027, but it has another hurdle to jump: FDA approval. Beyond improving its tech so that the second-generation scanner is ready for its 2027 spa date, "regulation is the next limit," the company said. "Normally, for every diagnostic medical capability you need FDA approval," Midjourney explained. "We're starting by just giving you detailed body composition maps -- and we'll be submitting regular test results to the FDA for increased capabilities." Midjourney also fails to mention how it will store and secure those scans, whether it will use said scans to train its body composition-detection algorithms, and how it's ensuring those algorithms get things right that it usually take a human a few years of education and training to learn.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Associated Press: As artificial intelligence companies reshape the economy and race toward trillion-dollar valuations, Sen. Bernie Sanders is proposing a sweeping transfer of wealth and power from the industry to the American public. The legislation, shown first to The Associated Press, would create a sovereign wealth fund overseen by an independent commission and financed through a one-time 50% tax on the stock of the largest AI companies. Sanders estimates that the tax would create a nearly $7 trillion fund that would generate hundreds of billions of dollars annually in direct payments to Americans and programs such as health care, education and housing. [...] The 50% tax would apply to AI companies that reach $200 million in annual AI sales. Any new AI company that reaches that benchmark would also be subject to the tax. It would create a sovereign wealth fund -- similar to those used by countries around the world and some U.S. states -- that Sanders estimates would be worth around $7 trillion. Unlike a traditional tax, the proposal would require companies to transfer stock rather than cash, effectively making the American public a major shareholder in the country's largest AI firms. A seven-person independent commission -- nominated by the president and confirmed by the Senate -- would manage the fund and use its voting shares "to block decisions that hurt the American people and to push for policies that help them," the bill summary says. Sanders proposes that a 5% annual dividend from the fund would provide direct payments of more than $1,000 to every American. If companies grow, the gains would be used for public goods such as education, housing and health care. Sanders argues taxpayers would not bear the losses if AI company valuations decline. "We're not going to lose any money, even if there is a bust in the bubble," Sanders said. The commission would be directed to "to block decisions that hurt the American people and to push for policies that help them," according to the summary. "The benefits cannot simply go to the handful of wealthy corporations. They will be shared by the American people," the independent Vermont senator said in an interview Wednesday. "The public has got to have a significant seat at the table to make sure that terrible things do not happen to ordinary people, and that in fact, AI benefits ordinary people, not hurts them," Sanders said.

Read more of this story at Slashdot.

Apple is allowing iPhone developers in Brazil to distribute apps through authorized alternative marketplaces and use third-party payment systems following action by the country's competition regulator. "In other words, developers in Brazil will be able to circumvent the App Store and Apple's in-app purchase system, but there are still fees," reports MacRumors. Apple will collect commissions ranging from 5% on externally distributed apps to as much as 26% for some App Store transactions using its payment system. From the report: Alternative app marketplaces will have to be authorized by Apple and will need to meet ongoing requirements. For apps that are still distributed through the App Store, developers will be able to include an alternative payment processing method in their app and/or link users to a website to complete a transaction. These changes are available on iOS 26.5 and later, and they are the result of regulatory action from Brazil's competition regulator. Apple has added a new page on its website with additional details for developers in Brazil. Apple said these changes introduce privacy and security risks for users, including children. The company has introduced safeguards to mitigate these risks, including a notarization process for iOS apps, an authorization process for app marketplaces, and limitations on external links and alternative payments for users under the age of 18. Apple has already allowed alternative app stores and/or third-party payment systems on iOS in the EU, Japan, and South Korea, and it will likely be forced to do so in the UK and Australia too, due to similar regulations in those countries.

Read more of this story at Slashdot.

The underlying technology is real...and borrowed from a partner the company failed to mention

Google has begun rolling out Android 17, the June Pixel Feature Drop, and Wear OS 7 simultaneously across supported Pixel phones and watches. Highlights include floating app bubbles, improved foldable multitasking and gaming, tighter location and contact permissions, stronger lost-device protections, new Pixel AI tools, and up to 10% better Pixel Watch battery life. PhoneArena reports: Pixel owners are the clear winners, since everything here reaches Pixel first and a lot of it goes back to the Pixel 6. Fold owners get the most toys, with the Bubble Bar and foldable gaming mode built for the big screen. Watch wearers get the quietly important upgrade. Better battery and Live Updates make an everyday wearable easier to rely on, especially if you keep it on overnight. Google's latest Pixel Drop combines several AI-powered tools with a broader slate of Android 17 upgrades. Pixel owners gain Lyria 3 for generating music from text or images, Gemini Omni for creating custom video clips, enhanced call translation and screening, AirDrop-compatible Quick Share, expanded Magic Cue support, and conversational photo editing. Android 17 builds on those additions with floating app Bubbles, selfie-camera Screen Reactions, and a split-screen gaming mode for foldables, while also strengthening privacy and security with more granular location and contact permissions, improved lost-device protection, tighter PIN-guessing limits, and enhanced threat detection. Other additions include expanded parental controls, separate assistant volume and app memory settings, and an option to hide app names for greater privacy. You can read more about everything new in Android 17 in Google's blog post.

Read more of this story at Slashdot.

This will enable users on Fedora to finally be able to use a full Btrfs disk configuration without custom work outside of the installer. It will also help with improving the safety of software updates for those using Btrfs by having the system configured to automatically generate full system snapshots and boot entries for those snapshots for rescue/recovery purposes. In addition, this will enable future work on interesting custom alternative approaches for producing appliances (such as appliances built so that they receive updates via btrfs send/receive atomically and re-root) without unusual tooling.Targeted release: Fedora 45

Overnight Valve released SteamOS 3.8.10 into the stable channel. for succeeding SteamOS 3.7. There's a lot happening across the board to their in-house Linux platform for the likes of the Steam Deck and upcoming Steam Machine hardware...

Ed's note to Corey: Blink once if you're safe, twice if you're in danger

Security researcher Justin O'Leary says Google initially accepted his Config Connector privilege-escalation report as a high-priority, high-severity bug, then denied a bounty by declaring the behavior "working as intended." According to The Register, a Google rep initially praised O'Leary's report with a "Nice catch!" before the cloud giant reversed course, declaring that no vulnerability existed and therefore no fix or reward was warranted. "The bug report, however, is still marked high-priority and accepted," the publication notes. The alleged flaw, dubbed ConfigConfusion, could let a Kubernetes namespace user exploit an overprivileged service account to become a GCP organization owner with only a few lines of YAML and little apparent audit visibility. O'Leary details the incident in a blog post. The Register reports: According to O'Leary, Config Connector doesn't perform an authorization check, and this allows any Config Connector service account with org-level permissions to bypass Identity and Access Management (IAM) authorization and gain the highest level of control (roles/owner) to an entire GCP Organization -- the root node of all of a company's resources within Google Cloud. On March 27, a Google security engineer accepted O'Leary's report and told him: "Nice catch!" The employee said that they filed a bug based on O'Leary's report with the relevant product team and assured him the Chocolate Factory's security squad would work with relevant Google Cloud people to fix the flaw. "We'll work with the product team to ensure this issue is address. We'll let you know when the issue was fixed," the engineer said. "In the meantime, review the payment option selected in your bughunters.google.com profile." Google assigned the bug P1 priority and S1 severity, signifying a flaw worthy of urgent repair because it affects a large percentage of users and can disrupt core organizational functions. "I figured that was the end of that," O'Leary said in a phone interview with The Register. Eleven days later, on April 7, he received a new message from a Google Security Bot reversing the earlier decision. The Reg viewed the email, and O'Leary included a screenshot in his Thursday writeup. The message said that the Cloud Vulnerability Reward Program panel decided that the "security impact of this issue does not meet the criteria to qualify for a reward." After reviewing the bug report, Google determined the software "is working as intended," the message continued. It also noted that the program's decision not to pay a bounty "does not mean that the product team won't fix the issue." Nearly three months later, the case remains P1/S1 with the status "in progress (accepted)." Google hasn't assigned a CVE or issued a fix. O'Leary didn't receive any reward for his research. [...] "This is a pattern," O'Leary told [The Register]. "This is just how these trillion-dollar companies deal with people like me. In my day job, we use GKE, and it's incredibly frustrating on my end, when I find a critical vulnerability in the system that's being widely used, and I can't even get the vendor to patch their own stuff." A Google spokesperson told The Register: "The issue reported does not qualify for a reward because the GCP IAM authorization bypass is only exploitable if an attacker has access to a Config Connector Service Account that's been granted the Organization Admin role by the organization (i.e., it is privileged). Additionally, an attacker would first need to gain entry to an organization's environment (e.g., an exposed container) in order to leverage the privileged Config Connector instance and execute commands with administrative authority, such as the IAM bypass. Granting this level of access to the Config Connector Service Account goes against Google Cloud's publicly shared best practices and the principle of least privilege."

Read more of this story at Slashdot.

Soaring PC prices make alternatives to hardware refreshes interesting

Bird-branded AI will ride on Stonking Stingray

An anonymous reader quotes a report from MacRumors: Apple is raising its prices to offset the high cost of memory and storage, CEO Tim Cook told The Wall Street Journal. Apple is no longer able to absorb the increased prices and will need to pass some of the cost on to consumers. "Unfortunately, price increases are unavoidable," said Cook. "We're doing our best to mitigate the huge increases that are being passed to us, and we've been trying to shield our customers from the increases, but the situation has become unsustainable." Growing demand for memory and storage chips from AI companies has led to chip shortages and higher costs. The Wall Street Journal suggests Apple will need to increase device costs "substantially" to maintain its current profit margins given the cost of memory chips and SSDs. Research firm TechInsights claims Apple will need to make the iPhone 18 Pro around $270 more expensive to keep its existing profit margin. Apple is struggling more with memory chips, but storage chips are also an issue. "There's less supply at a time when consumers want devices and the memory guys are passing along huge price increases," Cook told The Wall Street Journal. Cook said Apple will use its cash to increase memory supply, but he did not give details on what that means. Apple does not plan to create its own memory and storage factories. "We can't do everything," Cook said. "We know what we're good at." Cook likened the memory shortages to a hundred-year flood. "I've never seen anything like it in any area in over 40 years," he said. Further reading: Smartphone Market To Shrink 15% This Year Due To Memory Crisis

Read more of this story at Slashdot.