Feed aggregator

Apple's Podcasts app on both iOS and Mac has been exhibiting strange behavior for months, spontaneously launching and presenting users with obscure religion, spirituality and education podcasts they never subscribed to -- and at least one of these podcasts contains a link attempting a cross-site scripting attack, 404 Media reports. Joseph Cox, a journalist at the outlet, documented the issue after repeatedly finding his Mac had launched the Podcasts app on its own, presenting bizarre podcasts with titles containing garbled code, external URLs to Spotify and Google Play, and in one case, what appears to be XSS attack code embedded directly in the podcast title itself. Patrick Wardle, a macOS security expert and creator of Objective-See, confirmed he could replicate similar behavior: simply visiting a website can trigger the Podcasts app to open and load an attacker-chosen podcast without any user prompt or approval. Wardle said this creates "a very effective delivery mechanism" if a vulnerability exists in the Podcasts app, and the level of probing suggests adversaries are actively evaluating it as a potential target. The XSS-attempting podcast dates from around 2019. A recent review in the app asked "How does Apple allow this attempted XSS attack?" Asked for comment five times by 404 Media, Apple did not respond.

Read more of this story at Slashdot.

How to manage your Linux firewall the easy way - without touching the terminal  ZDNET

6 Linux terminal habits I wish I learned years ago  XDA

Australia's streaming quotas have become law. Legislation requiring the likes of Netflix, Disney+ and HBO Max to spend a portion of their local earnings on original Australian content has been passed in parliament, and now comes into effect. From a report: The quotas were announced earlier this month. This will see global streamers with more than one million Australian subscribers made to spend 10% of their total Australian expenditure -- or 7.5% of their revenues -- on local originals, whether they are dramas, children's shows, docs, or arts and educational programs. Failing to comply with the rules will see streamers fined up to ten times their annual revenues in Australia. This is more than what broadcasters are liable for if they breach their quota rules laws. Streamers will be given three years to get their production operations in line. Streamers have long opposed government-set quotas and content levies, arguing they already meaningfully invest in the production sectors of the countries in which they operate. Producers, in general, have welcomed the systems, but remain wary that they could push streaming services out of their countries.

Read more of this story at Slashdot.

How much RAM does your Linux PC need in 2025? Here's my ultimate sweet spot  ZDNET

The Integrity Dilemma: Why Top-Tier Studios Are Rejecting Valve’s Linux Push  WebProNews

China installed 295,000 industrial robots last year -- nearly nine times as many as the United States and more than the rest of the world combined -- as the country races to automate its manufacturing base amid rising labor costs at home and tariff threats from abroad. The nation's stock of operational robots surpassed 2 million in 2024, according to the International Federation of Robotics. Of 131 factories globally recognized by the World Economic Forum for boosting productivity through cutting-edge technologies like AI, 45 are in mainland China compared to three in the US. At Midea's washing machine factory in Jingzhou, an AI "factory brain" manages 14 virtual agents that coordinate robots and machines on the floor. The home-appliance giant reports that its revenue per employee grew nearly 40% between 2015 and 2024, and processes that once took 15 minutes now take 30 seconds. Down jacket maker Bosideng has cut sample production time from 100 days to 27 days using AI design tools, reducing development costs by 60%. At the port of Tianjin, scheduling that previously required 24 hours now takes 10 minutes, and 88% of large container equipment is automated. The port's operator says it requires 60% fewer workers than traditional facilities.

Read more of this story at Slashdot.

See the next edition of Crafted in Mexico, Google Arts & Culture’s showcase of Mexico’s creative landscape.See the next edition of Crafted in Mexico, Google Arts & Culture’s showcase of Mexico’s creative landscape.

Open-Source Nouveau+NVK vs. NVIDIA 580 Linux Gaming/Graphics & Compute Driver Performance  Phoronix

New Linux Patches Enhance Single-Threaded Performance On Many-Core CPUs  Phoronix

MangoHud performance overlay for Linux v0.8.2 released  GamingOnLinux

KDE Plasma sets date to dump X11 as Wayland push accelerates  theregister.com

Researchers at the Pacific Institute documented 420 water-related conflicts globally in 2024, a record that far surpasses the 355 incidents logged in 2023 and continues a trend that has seen such violence more than quadruple over the past five years. The Oakland-based water think tank's database tracks disputes where water triggered violence, where water systems were targeted, and where infrastructure became collateral damage in broader conflicts. The Middle East reported the most incidents at 138, including 66 tied to the Israeli-Palestinian conflict. The Israeli military destroyed more than 30 wells in Rafah and Khan Yunis, and there were numerous reports of settlers destroying pipelines and tanks in the West Bank. The Russia-Ukraine war accounted for 51 incidents, including strikes that disrupted water service in Ukrainian cities.

Read more of this story at Slashdot.

Why people keep flocking to Linux in 2025 (and it's not just to escape Windows)  ZDNET

An analysis of submissions to next year's International Conference on Learning Representations has found that roughly one in five peer reviews were fully generated by AI, a discovery that came after researchers including Carnegie Mellon's Graham Neubig grew suspicious of feedback on their manuscripts that seemed unusually verbose and requested non-standard statistical analyses. Neubig posted on X offering a reward for anyone who could scan the conference's submissions for AI-generated text, and Max Spero, CEO of detection tool developer Pangram Labs, responded the next day. Pangram screened all 19,490 studies and 75,800 peer reviews submitted to ICLR 2026, finding that 21% of reviews were fully AI-generated and more than half showed signs of AI use. The conference had permitted AI tools for polishing text but prohibited falsified content. Each reviewer was assigned five papers to review in two weeks on average -- a load that senior programme chair Bharath Hariharan described as "much higher than what has been done in the past."

Read more of this story at Slashdot.

3 cool Linux apps to try this weekend (November 28 - 30)  How-To Geek

VK messenger Max becomes available on Astra Linux  Telecompaper

ChatGPT can browse the web, write code and analyze images, but ask it what time it is and you might get the correct answer, a confident wrong answer, or a polite refusal -- sometimes all three within minutes of each other. The problem stems from how large language models work. These systems predict answers based on training data and don't receive constant real-time updates about things like time unless they specifically search the internet. AI robotics expert Yervant Kulbashian told The Verge that a language model "is only referencing things that have entered this space," comparing it to a castaway on an island stocked with books but no watch. OpenAI can give ChatGPT access to system clocks, and does so through features like Search. But there are tradeoffs: every clock check consumes space in the model's context window, the finite portion of information it can hold at any given moment. Pasquale Minervini, a natural language processing researcher at the University of Edinburgh, said the leading models also struggle to read analog clock faces and have trouble with calendars.

Read more of this story at Slashdot.

AMD ISP4 Linux Webcam Driver Updated For HP ZBook Ultra G1a & Future Ryzen Laptops  Phoronix

Damaged Pocket Computer Becomes Portable Linux Machine  Hackaday