Feed aggregator

Xbox gaming makes the jump to Windows on Arm, but can it stem the tide of gamers turning to Linux?  Tom's Guide

The 6 Linux distros I expect to rule 2026 - as someone who's tested hundreds of them  ZDNET

Focusrite Forte USB Audio Interface To Be Supported By Linux 7.0  Phoronix

DAXFS Proposed as a Zero-Copy Shared Memory Filesystem for Linux  Linuxiac

An anonymous reader shared this article from the blog Linuxiac In a blog post, Alan Pope, a longtime Ubuntu community figure and former Canonical employee who remains an active Snap publisher... [warns of] a persistent campaign of malicious snaps impersonating cryptocurrency wallet applications. These fake apps typically mimic well-known projects such as Exodus, Ledger Live, or Trust Wallet, prompting users to enter wallet recovery phrases, which are then transmitted to attackers, resulting in drained funds. The perpetrators had originally used similar-looking characters from other alphabets to mimic other app listings, then began uploading "revisions" to other innocuous-seeming (approved) apps that would transform their original listing into that of a fake crypto wallet app. But now they're re-registering expired domains to take over existing Snap Store accounts, which Pope calls "a significant escalation..." I worked for Canonical between 2011 and 2021 as an Engineering Manager, Community Manager, and Developer Advocate. I was a strong advocate for snap packages and the Snap Store. While I left the company nearly five years ago, I still maintain nearly 50 packages in the Snap Store, with thousands of users... Personally, I want the Snap Store to be successful, and for users to be confident that the packages they install are trustworthy and safe. Currently, that confidence isn't warranted, which is a problem for desktop Linux users who install snap packages. I report every bad snap I encounter, and I know other security professionals do the same — even though doing so results in no action for days sometimes... To be clear: none of this should be seen as an attack on the Snap Store, Canonical, or the engineers working on these problems. I'm raising awareness of an issue that exists, because I want it fixed... But pretending there isn't a problem helps nobody.

Read more of this story at Slashdot.

An anonymous reader shared this article from the blog Linuxiac In a blog post, Alan Pope, a longtime Ubuntu community figure and former Canonical employee who remains an active Snap publisher... [warns of] a persistent campaign of malicious snaps impersonating cryptocurrency wallet applications. These fake apps typically mimic well-known projects such as Exodus, Ledger Live, or Trust Wallet, prompting users to enter wallet recovery phrases, which are then transmitted to attackers, resulting in drained funds. The perpetrators had originally used similar-looking characters from other alphabets to mimic other app listings, then began uploading "revisions" to other innocuous-seeming (approved) apps that would transform their original listing into that of a fake crypto wallet app. But now they're re-registering expired domains to take over existing Snap Store accounts, which Pope calls "a significant escalation..." I worked for Canonical between 2011 and 2021 as an Engineering Manager, Community Manager, and Developer Advocate. I was a strong advocate for snap packages and the Snap Store. While I left the company nearly five years ago, I still maintain nearly 50 packages in the Snap Store, with thousands of users... Personally, I want the Snap Store to be successful, and for users to be confident that the packages they install are trustworthy and safe. Currently, that confidence isn't warranted, which is a problem for desktop Linux users who install snap packages. I report every bad snap I encounter, and I know other security professionals do the same — even though doing so results in no action for days sometimes... To be clear: none of this should be seen as an attack on the Snap Store, Canonical, or the engineers working on these problems. I'm raising awareness of an issue that exists, because I want it fixed... But pretending there isn't a problem helps nobody.

Read more of this story at Slashdot.

An anonymous reader shared this report from the Guardian: Google's search feature AI Overviews cites YouTube more than any medical website when answering queries about health conditions, according to research that raises fresh questions about a tool seen by 2 billion people each month. The company has said its AI summaries, which appear at the top of search results and use generative AI to answer questions from users, are "reliable" and cite reputable medical sources such as the Centers for Disease Control and Prevention and the Mayo Clinic. However, a study that analysed responses to more than 50,000 health queries, captured using Google searches from Berlin, found the top cited source was YouTube. The video-sharing platform is the world's second most visited website, after Google itself, and is owned by Google. Researchers at SE Ranking, a search engine optimisation platform, found YouTube made up 4.43% of all AI Overview citations. No hospital network, government health portal, medical association or academic institution came close to that number, they said. "This matters because YouTube is not a medical publisher," the researchers wrote. "It is a general-purpose video platform...." In one case that experts said was "dangerous" and "alarming", Google provided bogus information about crucial liver function tests that could have left people with serious liver disease wrongly thinking they were healthy. The company later removed AI Overviews for some but not all medical searches... Hannah van Kolfschooten, a researcher specialising in AI, health and law at the University of Basel who was not involved with the research, said: "This study provides empirical evidence that the risks posed by AI Overviews for health are structural, not anecdotal. It becomes difficult for Google to argue that misleading or harmful health outputs are rare cases. "Instead, the findings show that these risks are embedded in the way AI Overviews are designed. In particular, the heavy reliance on YouTube rather than on public health authorities or medical institutions suggests that visibility and popularity, rather than medical reliability, is the central driver for health knowledge."

Read more of this story at Slashdot.

Mecha Comet is an open-source hardware, modular Linux handheld computer (Crowdfunding)  CNX Software

Mecha Comet is an open-source hardware, modular Linux handheld computer (Crowdfunding)  CNX Software

CachyOS is the latest Linux distro to put Wayland first in its new update  XDA

Trend Micro's Zero Day Initiative sponsored its third annual Pwn2Own Automotive competition in Tokyo this week, receiving 73 entries, the most ever for a Pwn2Own event. "Under Pwn2Own rules, all disclosed vulnerabilities are reported to affected vendors through ZDI," reports Help Net Security, "with public disclosure delayed to allow time for patches." Infotainment platforms from Tesla, Sony, and Alpine were among the systems compromised during demonstrations. Researchers achieved code execution using techniques that included buffer overflows, information leaks, and logic flaws. One Tesla infotainment unit was compromised through a USB-based attack, resulting in root-level access. Electric vehicle charging infrastructure also received significant attention. Teams successfully demonstrated exploits against chargers from Autel, Phoenix Contact, ChargePoint, Grizzl-E, Alpitronic, and EMPORIA. Several attacks involved chaining multiple vulnerabilities to manipulate charging behavior or execute code on the device. These demonstrations highlighted how charging stations operate as network-connected systems with direct interaction with vehicles. There's video recaps on the ZDI YouTube channel — apparently the Fuzzware.io researchers "were able to take over a Phoenix Contact EV charger over bluetooth." Three researchers also exploited the Alpitronic's HYC50 fast-charging with a classic TOCTOU bug, according to the event's site, "and installed a playable version of Doom to boot." They earned $20,000 — part of $1,047,000 USD was awarded during the three-day event. More coverage from SecurityWeek: The winner of the event, the Fuzzware.io team, earned a total of $215,500 for its exploits. The team received the highest individual reward: $60,000 for an Alpitronic HYC50 EV charger exploit delivered through the charging gun. ZDI described it as "the first public exploit of a supercharger".

Read more of this story at Slashdot.

Wine-Staging 11.1 Adds Patches For Enabling Recent Adobe Photoshop Versions On Linux  Phoronix

CIO magazine reports that "the push toward in-person work environments will make it more difficult for IT leaders to retain and recruit staff, some experts say." "In addition to resistance, there would also be the risk of talent turnover," [says Lawrence Wolfe, CTO at marketing firm Converge]... "The truth is, both physical and virtual collaboration provide tremendous value...." IT workers facing work-from-office mandates are two to three times more likely than their counterparts to look for new jobs, according to Metaintro, a search engine that tracks millions of jobs. IT leaders hiring new employees may also face significant headwinds, with it taking 40% to 50% longer to fill in-person roles than remote jobs, according to Metaintro. "Some of the challenges CIOs face include losing top-tier talent, limiting the pool of candidates available for hire, and damaging company culture, with a team filled with resentment," says Lacey Kaelani, CEO and cofounder at Metaintro... There are several downsides for IT leaders to in-person work mandates, [adds Lena McDearmid, founder and CEO of culture and leadership advisory firm Wryver], as orders to commute to an office can feel arbitrary or rooted in control rather than in value creation. "That erodes trust quickly, particularly in IT teams that proved they could deliver remotely for years," she adds. The mandates can also create new friction for IT leaders by requiring them to deal with morale issues, manage exceptions, and spend time enforcing policy instead of leading strategy, she says. "There's also a real risk of losing experienced, high-performing talent who have options and are unwilling to trade autonomy for proximity without a clear reason," McDearmid adds. "When companies mandate daily commutes without a clear rationale, they often narrow their talent pool and increase attrition, particularly among people who know they can work effectively elsewhere." McDearmid has seen teams "sitting next to each other" who collaborate poorly "because decisions are unclear or leaders equate visibility with progress... Collaboration doesn't automatically improve just because people share a building." And Rebecca Wettemann, CEO at IT analyst firm Valoir, warns of return-to-office mandates "being used as a Band-Aid for poor management. When IT professionals feel they're being evaluated based on badge swipes, not real accomplishments, they will either act accordingly or look to work elsewhere." Thanks to Slashdot reader snydeq for sharing the article.

Read more of this story at Slashdot.

"Airlines canceled more than 10,000 U.S. flights scheduled for this weekend," reports CNBC, "as a massive winter storm sweeps across the country, with heavy snow and sleet forecast, followed by bitter cold... set to snarl travel for hundreds of thousands of people for days." More than 3,500 flights on Saturday were canceled, according to flight tracker FlightAware. Many of Saturday's cancellations were in and out of Dallas Fort Worth International Airport, with about 1,300 scrubbed flights, and at Dallas Love Field, with 186 cancellations, the majority of the schedule at each airport. American Airlines, based in Fort Worth, Texas, had canceled 902 Saturday flights, about 30% of its mainline schedule and Southwest Airlines canceled 571 flights, or 19%, according to FlightAware. U.S. flight cancellations nearly doubled to more than 7,000 [now up to 8,947] on Sunday when the storm is expected to hit the mid-Atlantic and Northeast U.S. As of midday on Saturday, most flights from Raleigh-Durham International Airport in North Carolina to Portland, Maine, were canceled. Major airline hubs were affected as far south as Atlanta, where Delta Air Lines is based.... American, Delta, JetBlue Airways, Southwest Airlines, United Airlines and other U.S. carriers said they are waiving change and cancellation fees as well as fare differences to rebook for customers with tickets to and from more than 40 airports around the country. The waivers include restrictive basic economy tickets. More than 80% of Sunday's flights at New York's LaGuardian Airport were cancelled, according to the article, at well as 90% of Sunday's flights at Viriginia's Ronald Reagan Washington National Airport.

Read more of this story at Slashdot.

Slashdot reader Mr. Dollar Ton summarizes this article from Bloomberg: According to a new report from think tank "Ember", the availability of cheap green tech can have developing countries profit from earlier investment and skip steps in the transition from fossil to alternatives. India is put forward as an example. While China's rapid electrification has been hailed as a miracle, by some measures, India is moving ahead faster than China did when it was at similar levels of economic development. It's an indication that clean electricity could be the most direct way to boost growth for other developing economies. That's mainly because India has access to solar panels and electric cars at a much lower price than China did about a decade ago. Chinese investments lowered the costs of what experts call "modular technologies" — the production of each solar panel, battery cell and electric car enables engineers to learn how to make it more efficiently. The think tank's team even argues "that countries such as India, which don't have significant domestic fossil-fuel reserves, will become 'electrostates' that meet most of their energy needs through electricity generated from clean sources," according to the article: No country is an electrostate yet, [says Ember strategist Kingsmill Bond], but countries are increasingly turning to green electricity to power their economies. Nations that are less developed than India will see even more advantages as the cost of electricity technologies, from solar panels and electric vehicles to battery components and minerals, continue to fall. Neither India nor China is going electric purely to cut emissions or meet climate targets, says Bond. They're doing so because it makes economic sense, particularly for India, which imports more than 40% of its primary energy in the form of coal, oil and gas, according to the International Energy Agency. "To grow and have energy independence, India needs to reduce the terrible burden of fossil-fuel imports worth $150 billion each year," said Bond. "India needs to find other solutions...." [I]f countries like India find ways to grow electrotech manufacturing without absolute dependence on Chinese equipment, electrification could speed up further. With the U.S. and Europe continuing to add exclusions for Chinese-linked electrotech, countries like India will have an incentive to invest in their own manufacturing capacity. "We are probably at a moment of peak Chinese dominance in the electrotech system, as the rest of the world starts to wake up and realize that this is the energy future," he said.

Read more of this story at Slashdot.

Early Friday "there were nearly 113 incidents of people reporting issues with Microsoft 365 as of 1:05 a.m. ET," reports Reuters. But that's down "from over 15,890 reports at its peak a day earlier, according to Downdetector." Reuters points out the outage affected antivirus software Microsoft Defender and data governance software Microsoft Purview, while CRN notes it also impacted "a number of Microsoft 365 services" including Outlook and Exchange online: During the outage, Outlook users received a "451 4.3.2 temporary server issue" error message when attempting to send or receive email. Users did not have the ability to send and receive email through Exchange Online, including notification emails from Microsoft Viva Engage, according to the vendor. Other issues that cropped up include an inability to send and receive subscription email through [analytics platform] Microsoft Fabric, collect message traces, search within SharePoint online and Microsoft OneDrive and create chats, meetings, teams, channels or add members in Microsoft Teams... As with past cloud outages with other vendors, even after Microsoft fixed the issues, recovery efforts by its users to return to a normal state took additional time... Microsoft confirmed in a post on X [Thursday] at 4:14 p.m. ET that it "restored the affected infrastructure to a (healthy) state" but "further load balancing is required to mitigate impact...." The company reported "residual imbalances across the environment" at 7:02 p.m., "restored access to the affected services" and stable mail flow at 12:33 a.m. Jan. 23. At that time, Microsoft still saw a "small number of remaining affected services" without full service stability. The company declared impact from the event "resolved" at 1:29 p.m. Eastern. Microsoft sent out another X post at 8:20 a.m. asking users experiencing residual issues to try "clearing local DNS caches or temporarily lowering DNS TTL values may help ensure a quicker remediation...." Microsoft said in an admin center update that [Thursday's] outage was "caused by elevated service load resulting from reduced capacity during maintenance for a subset of North America hosted infrastructure." Furthermore, Microsoft noted that during "ongoing efforts to rebalance traffic" it introduced a "targeted load balancing configuration change intended to expedite the recovery process, which incidentally introduced additional traffic imbalances associated with persistent impact for a portion of the affected infrastructure." US itek's David Stinner said it appears that Microsoft did not have enough capacity on its backup system while doing maintenance on its main system. "It looks like the backup system was overloaded, and it brought the system down while they were still doing maintenance on the main system," he said. "That is why it took so many hours to get back up and running. If your primary system is down for maintenance and your backup system fails due to capacity issues, then it is going to take a while to get your primary system back up and running." "This was not Microsoft's first outage of 2026," the article notes, "with the vendor handling access issues with Teams, Outlook and other M365 services on Wednesday, a Copilot issue on Jan. 15 plus an Azure outage earlier in the month..."

Read more of this story at Slashdot.

An anonymous reader shared this report from Fortune The large language models (LLMs) that have captivated the world are not a path to human-level intelligence, two AI experts asserted in separate remarks at Davos. Demis Hassabis, the Nobel Prize-winning CEO of Google DeepMind, and the executive who leads the development of Google's Gemini models, said today's AI systems, as impressive as they are, are "nowhere near" human-level artificial general intelligence, or AGI. [Though the artilcle notes that later Hassabis predicted there was a 50% chance AGI might be achieved within the decade.] Yann LeCun — an AI pioneer who won a Turing Award, computer science's most prestigious prize, for his work on neural networks — went further, saying that the LLMs that underpin all of the leading AI models will never be able to achieve humanlike intelligence and that a completely different approach is needed... ["The reason ... LLMs have been so successful is because language is easy," LeCun said later.] Their views differ starkly from the position asserted by top executives of Google's leading AI rivals, OpenAI and Anthropic, who assert that their AI models are about to rival human intelligence. Dario Amodei, the CEO of Anthropic, told an audience at Davos that AI models would replace the work of all software developers within a year and would reach "Nobel-level" scientific research in multiple fields within two years. He said 50% of white-collar jobs would disappear within five years. OpenAI CEO Sam Altman (who was not at Davos this year) has said we are already beginning to slip past human-level AGI toward "superintelligence," or AI that would be smarter than all humans combined... The debate over AGI may be somewhat academic for many business leaders. The more pressing question, says Cognizant CEO Ravi Kumar, is whether companies can capture the enormous value that AI already offers. According to Cognizant research released ahead of Davos, current AI technology could unlock approximately $4.5 trillion in U.S. labor productivity — if businesses can implement it effectively.

Read more of this story at Slashdot.

"NASA remains confident it has a handle on the problem and the vehicle can bring the crew home safely," reports CNN. But "When four astronauts begin a historic trip around the moon as soon as February 6, they'll climb aboard NASA's 16.5-foot-wide Orion spacecraft with the understanding that it has a known flaw — one that has some experts urging the space agency not to fly the mission with humans on board..." The issue relates to a special coating applied to the bottom part of the spacecraft, called the heat shield... This vital part of the Orion spacecraft is nearly identical to the heat shield flown on Artemis I, an uncrewed 2022 test flight. That prior mission's Orion vehicle returned from space with a heat shield pockmarked by unexpected damage — prompting NASA to investigate the issue. And while NASA is poised to clear the heat shield for flight, even those who believe the mission is safe acknowledge there is unknown risk involved. "This is a deviant heat shield," said Dr. Danny Olivas, a former NASA astronaut who served on a space agency-appointed independent review team that investigated the incident. "There's no doubt about it: This is not the heat shield that NASA would want to give its astronauts." Still, Olivas said he believes after spending years analyzing what went wrong with the heat shield, NASA "has its arms around the problem..." "I think in my mind, there's no flight that ever takes off where you don't have a lingering doubt," Olivas said. "But NASA really does understand what they have. They know the importance of the heat shield to crew safety, and I do believe that they've done the job." Lakiesha Hawkins, the acting deputy associate administrator for NASA's Exploration Systems Development Mission Directorate, echoed that sentiment in September, saying, "from a risk perspective, we feel very confident." And Reid Wiseman, the astronaut set to command the Artemis II mission, has expressed his confidence. "The investigators discovered the root cause, which was the key" to understanding and solving the heat shield issue, Wiseman told reporters last July. "If we stick to the new reentry path that NASA has planned, then this heat shield will be safe to fly." Others aren't so sure. "What they're talking about doing is crazy," said Dr. Charlie Camarda, a heat shield expert, research scientist and former NASA astronaut. Camarda — who was also a member of the first space shuttle crew to launch after the 2003 Columbia disaster — is among a group of former NASA employees who do not believe that the space agency should put astronauts on board the upcoming lunar excursion. He said he has spent months trying to get agency leadership to heed his warnings to no avail... Camarda also emphasized that his opposition to Artemis II isn't driven by a belief it will end with a catastrophic failure. He thinks it's likely the mission will return home safely. More than anything, Camarda told CNN, he fears that a safe flight for Artemis II will serve as validation for NASA leadership that its decision-making processes are sound. And that's bound to lull the agency into a false sense of security, Camarda warned. CNN adds that Dr. Dan Rasky, an expert on advanced entry systems and thermal protection materials who worked at NASA for more than 30 years, also does not believe NASA should allow astronauts to fly on board the Artemis II Orion capsule. And "a crucial milestone could be days away as Artemis program leaders gather for final risk assessments and the flight readiness review," when top NASA brass determine whether the Artemis II rocket and spacecraft are ready to take off with a human crew.

Read more of this story at Slashdot.

Microsoft just gave us another great reason to switch to Linux  MakeUseOf

CachyOS ISO Release for January 2026 Brings KDE’s New Plasma Login Manager  9to5Linux