You are here

Agreguesi i feed

Google To Stop Giving Answers To Silly Questions

Slashdot - Enj, 11/08/2022 - 4:41md
Google will stop giving snappy answers to stupid questions, the company has announced, as it seeks to improve its search engine's "featured snippets" service. From a report: That means users should see fewer answers to questions such as "When did Snoopy assassinate Abraham Lincoln?", to which the service would once merrily respond with "1865" -- the right date, but very much the wrong assassin. "This clearly isn't the most helpful way to display this result," said the company's head of search, Pandu Nayak, in a blogpost announcing the changes. "We've trained our systems to get better at detecting these sorts of false premises, which are not very common, but there are cases where it's not helpful to show a featured snippet. We've reduced the triggering of featured snippets in these cases by 40% with this update." Snippets, which sometimes show up as a featured response to direct questions asked of Google Search, have long been a cornerstone of the company's AI strategy. The same technology powers its smart speakers and voice assistants, and lets the search engine satisfy search queries without visitors clicking away to other websites. But the snippets, which are automatically generated from the contents of websites, have also been a thorn in Google's side for just as long. [...] In an effort to address the root cause of such mistakes, Google is also rolling out new warnings for times when a search term has hit a "data void" -- a question where a good answer might simply not exist.

Read more of this story at Slashdot.

China Has Painted Itself Into a Semiconductor Corner

Slashdot - Enj, 11/08/2022 - 4:03md
Tim Culpan, writing at Bloomberg: As Washington embarks on a multi-billion dollar, decade-long semiconductor development campaign, Beijing is reckoning with its own 20-year effort that's largely failed to deliver. Both will need to grapple with wasted funds and misguided goals as they play catch-up to Taiwan and South Korea. Architects of China's ambitious efforts may be facing the music for having not produced world-beating technology, Bloomberg News reported this week. Multiple corruption probes announced by authorities stem from anger among the nation's top leaders over an inability to develop semiconductors that could replace American components, it reported. Two of the most scrutinized areas are the $9 billion bailout of Tsinghua Unigroup Co., and the National Integrated Circuit Industry Investment Fund -- known as the Big Fund. For all intents and purposes, China has failed to achieve its semiconductor goals, and those tasked with realizing them are being brought to account. Beijing won't be smarting at the loss of money -- it's been willing to burn cash -- but at the lack of progress such expenditure was supposed to buy. Those looking at China's achievements are mostly finding what they seek, and ignoring the rest. Semiconductor Manufacturing International, for example, got a lot of attention recently when industry analysts TechInsights wrote: "SMIC has been able to fabricate features that are small enough to be considered 7nm."

Read more of this story at Slashdot.

Cisco Hacked By Yanluowang Ransomware Gang, 2.8GB Allegedly Stolen

Slashdot - Enj, 11/08/2022 - 3:00md
An anonymous reader quotes a report from BleepingComputer: Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online. The company revealed that the attackers could only harvest and steal non-sensitive data from a Box folder linked to a compromised employee's account. "Cisco experienced a security incident on our corporate network in late May 2022, and we immediately took action to contain and eradicate the bad actors," a Cisco spokesperson told BleepingComputer. "Cisco did not identify any impact to our business as a result of this incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations. On August 10 the bad actors published a list of files from this security incident to the dark web. We have also implemented additional measures to safeguard our systems and are sharing technical details to help protect the wider security community." The Yanluowang threat actors gained access to Cisco's network using an employee's stolen credentials after hijacking the employee's personal Google account containing credentials synced from their browser. The attacker convinced the Cisco employee to accept multi-factor authentication (MFA) push notifications through MFA fatigue and a series of sophisticated voice phishing attacks initiated by the Yanluowang gang that impersonated trusted support organizations. The threat actors finally tricked the victim into accepting one of the MFA notifications and gained access to the VPN in the context of the targeted user. Once they gained a foothold on the company's corporate network, Yanluowang operators spread laterally to Citrix servers and domain controllers. "They moved into the Citrix environment, compromising a series of Citrix servers and eventually obtained privileged access to domain controllers," Cisco Talos said. After gaining domain admin, they used enumeration tools like ntdsutil, adfind, and secretsdump to collect more information and installed a series of payloads onto compromised systems, including a backdoor. Ultimately, Cisco detected and evicted them from its environment, but they continued trying to regain access over the following weeks. [...] Last week, the threat actor behind the Cisco hack emailed BleepingComputer a directory listing of files allegedly stolen during the attack. The threat actor claimed to have stolen 2.75GB of data, consisting of approximately 3,100 files. Many of these files are non-disclosure agreements, data dumps, and engineering drawings.

Read more of this story at Slashdot.

GitHub Dependabot Now Alerts Developers On Vulnerable GitHub Actions - Enj, 11/08/2022 - 2:06md
Cloud-based code hosting platform GitHub has announced that it will now start sending Dependabot alerts for vulnerable GitHub Actions to help developers fix security issues in CI/CD workflows.

CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems - Enj, 11/08/2022 - 2:03md
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

5.19.1: stable

Kernel Linux - Enj, 11/08/2022 - 1:22md
Version:5.19.1 (stable) Released:2022-08-11 Source:linux-5.19.1.tar.xz PGP Signature:linux-5.19.1.tar.sign Patch:full ChangeLog:ChangeLog-5.19.1

5.18.17: stable

Kernel Linux - Enj, 11/08/2022 - 1:20md
Version:5.18.17 (stable) Released:2022-08-11 Source:linux-5.18.17.tar.xz PGP Signature:linux-5.18.17.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.18.17

5.15.60: longterm

Kernel Linux - Enj, 11/08/2022 - 1:09md
Version:5.15.60 (longterm) Released:2022-08-11 Source:linux-5.15.60.tar.xz PGP Signature:linux-5.15.60.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.15.60

5.10.136: longterm

Kernel Linux - Enj, 11/08/2022 - 1:06md
Version:5.10.136 (longterm) Released:2022-08-11 Source:linux-5.10.136.tar.xz PGP Signature:linux-5.10.136.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.10.136

5.4.210: longterm

Kernel Linux - Enj, 11/08/2022 - 12:57md
Version:5.4.210 (longterm) Released:2022-08-11 Source:linux-5.4.210.tar.xz PGP Signature:linux-5.4.210.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.4.210

4.19.255: longterm

Kernel Linux - Enj, 11/08/2022 - 12:48md
Version:4.19.255 (longterm) Released:2022-08-11 Source:linux-4.19.255.tar.xz PGP Signature:linux-4.19.255.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.19.255

Researchers Find Way To Shrink a VR Headset Down To Normal Glasses Size

Slashdot - Enj, 11/08/2022 - 12:00md
Researchers from Stanford University and Nvidia have teamed up to help develop VR glasses that look a lot more like regular spectacles. PC Gamer reports: "A major barrier to widespread adoption of VR technology, however, is the bulky form factor of existing VR displays and the discomfort associated with that," the research paper published at Siggraph 2022 says. These aptly named "Holographic Glasses" can deliver a full-colour 3D holographic image using optics that are only 2.5mm thick. Compared to the traditional way a VR headset works, in which a lens magnifies a smaller display some distance away from it, shrinking all the prerequisite parts down to such a small size is quite the spectacular step forward for VR. The Holographic Glasses prototype uses pancake lenses, which is a concept that has been thrown around a couple of times in the past few years. These pancake lenses not only allow for a much smaller profile but reportedly they have a few other benefits, too: the resolution they can offer is said to be unlimited, meaning you can crank up the resolution for VR headsets, and they offer a much wider field of view at up to 200 degrees. [...] The research paper lists the glasses as such: "a coherent light source that is coupled into a pupil-replicating waveguide, which provides the illumination for a phase-only SLM that is mounted on the waveguide in front of the user's eye. This SLM creates a small image behind the device, which is magnified by a thin geometric phase (GP) lens." Though, it's very much a promise of what's to come more than an immediately shippable product today. There are some limitations: while there's scope to have a much higher FOV than current generation VR headsets, this particular wearable prototype only offered an FOV of 22.8 degrees. The benchtop prototype offered even less, at only 16.1 degrees. "[The FOV] is far smaller than commercially available VR/AR displays. However, the FOV was mainly limited by the size of the available SLM and the focal length of the GP lens, both of which could be improved with different components," the researchers say. Another limitation is the likely requirement for a very accurate measurement of the user's pupil, which won't be easy without a well-thought-out design. It would be possible to use an infrared gaze tracker to do this, the researchers note, but you'd need to be able to track the wearer's pupil size constantly as they will adjust often to different light conditions while using the glasses.

Read more of this story at Slashdot.

FCC Cancels $886 Million In Funding For SpaceX's Starlink

Slashdot - Enj, 11/08/2022 - 9:00pd
The FCC is canceling $886 million in funding for Starlink to expand access in rural areas, citing the satellite internet system's cost and doubts over whether it can supply fast enough speeds. PC Magazine reports: The agency today announced it had rejected "long-form applications" from both SpaceX and an ISP called LTD Broadband to secure funding from the FCC's Rural Digital Opportunity Fund. "The Commission determined that these applications failed to demonstrate that the providers could deliver the promised service," the FCC said in a statement. FCC Chairwoman Jessica Rosenworcel added: "We cannot afford to subsidize ventures that are not delivering the promised speeds or are not likely to meet program requirements." In December 2020, the FCC awarded $886 million to SpaceX to help its Starlink service supply high-speed broadband to 642,925 locations in 35 states. However, it came with a requirement that SpaceX provide a long-form application about how Starlink would meet its obligations before the federal funding could be fully secured. The FCC's goal with the Rural Digital Opportunity Fund is to supply gigabit internet speeds to over 85% of the selected rural locations and at least 100Mbps download speeds for all 99.7% of the locations in the coming years. "Starlink's technology has real promise," Rosenworcel said. "But the question before us was whether to publicly subsidize its still developing technology for consumer broadband -- which requires that users purchase a $600 dish -- with nearly $900 million in universal service funds until 2032."

Read more of this story at Slashdot.

GM Makes $1,500 OnStar Subscription Mandatory On GMC, Buick, Cadillac Models

Slashdot - Enj, 11/08/2022 - 5:30pd
An anonymous reader quotes a report from The Drive: If you don't want to pay for in-car subscriptions every month, no problem: Just pay it all upfront. That's the line from General Motors today after news spread that it's making a three-year, $1,500 OnStar connected services subscription a mandatory "option" for new Buick, GMC, and Cadillac Escalade models. The subscription, which enables things like using your phone as a key fob, data-enabled navigation, audio streaming, and Amazon's Alexa virtual assistant, is still optional on other GM vehicles, with the Premium package running $49.99 a month. But don't be surprised if this new setup spreads across the automaker's full portfolio. The $1,500 charge for OnStar will effectively raise the base prices of these cars, though the exact increase varies from model to model. All Buicks will see a price increase of $1,500. Higher trim GMCs will see an increase of as little as $905 with the Hummer EV getting no MSRP boost. Base model GMC pickups, the Sierra and Canyon, are hit the hardest with a $1,675 increase. By far the most common price hike is $1,500, which also applies to the Cadillac Escalade, Automotive News reports. Speaking to GM Authority, a spokesperson said making customers pay for the service will "enhance [their] vehicle ownership experience." They went on to state that "By including this plan as standard equipment on the vehicle, it provides more customer value and a more seamless onboarding experience." The automaker confirmed to AN that buyers who don't activate OnStar and have no desire to use the services will not be offered a discount. Further reading: BMW Starts Selling Heated Seat Subscriptions For $18 a Month

Read more of this story at Slashdot.

next-20220811: linux-next

Kernel Linux - Enj, 11/08/2022 - 4:13pd
Version:next-20220811 (linux-next) Released:2022-08-11

IRS Seeks SFOX Customer Information in Cryptocurrency Tax Push

Slashdot - Enj, 11/08/2022 - 4:02pd
The Internal Revenue Service is seeking to identify customers of cryptocurrency prime dealer SFOX as part of its efforts to force crypto investors to pay taxes on their holdings. Bloombeg reports: In court filings in New York and Los Angeles, the tax authority asked federal judges to let it serve summonses on SFOX and M.Y. Safra Bank, which partnered with SFOX in 2019 to offer its customers cash deposit accounts backed by the Federal Deposit Insurance Corporation. The IRS is seeking account and transaction records for users with cryptocurrency transactions over $20,000 in any year from 2016 to 2021. "Transactions in cryptocurrency have grown substantially in recent years, and the IRS is concerned that taxpayers are not properly reporting these transactions on their tax returns," a lawyer for the government said in court papers filed Monday in Los Angeles. Meanwhile, according to Bloomberg (paywalled), the FTC is "investigating the operators of the BitMart cryptocurrency exchange over a December 2021 hack that led to consumer losses between $150 million and $200 million -- marking the agency's first known probe into crypto markets."

Read more of this story at Slashdot.

Iran Cheerfully Admits Using Cryptocurrency To Pay For Imports

Slashdot - Enj, 11/08/2022 - 3:25pd
Iran has announced it used cryptocurrency to pay for imports, raising the prospect that the nation is using digital assets to evade sanctions. The Register reports: Trade minister Alireza Peyman Pak revealed the transaction with the tweet [here], which translates as "This week, the first official import order was successfully placed with cryptocurrency worth ten million dollars. By the end of September, the use of cryptocurrencies and smart contracts will be widespread in foreign trade with target countries." It is unclear what Peman Pak referred to with his mention of widespread use of crypto for foreign trade, and the identity of the foreign countries he mentioned is also obscure. But the intent of the announcement appears clear: Iran will use cryptocurrency to settle cross-border trades.

Read more of this story at Slashdot.

Spotify Tests Selling Concert Tickets Directly To Fans

Slashdot - Enj, 11/08/2022 - 2:45pd
As first reported by Music Ally, Spotify is testing a new website to sell tickets directly to fans, "rather than just linking to external ticketing firms." From the report: For now, this is strictly a test rather than a full commercial launch. It kicks off [August 10] with a small number of artists, with pre-sale tickets available to fans through Spotify's app and a newly-launched website. The test is happening in the US, with Annie DiRusso, Tokimonsta, Osees, Dirty Honey, Limbeck, Crows and Four Years Strong the first artists confirmed for the initiative. The tickets will come from those artists' pre-sale allocations for upcoming concerts. Don't get carried away with any 'Spotify takes on Ticketmaster' hyperbole just yet. The company is making it very clear that this is just a test for now, and that it's focused on pre-sales rather than primary ticketing. [...] The theory behind the test kicking off this week is to find out whether Spotify can both widen its involvement in pre-sales while selling the tickets directly. We would expect that to include a share of the revenues, although Spotify declined to give any details of the business model. There's another obvious motivation behind the test. Pre-sales of their own allocations can be an important income stream for artists, so if Spotify can help them do it, that could be a reputation-booster at a time of renewed debate (alright: big arguments) about musicians' streaming royalties. If Spotify can also become one of the ways artists ensure their tickets go to genuine fans rather than touts -- resales are not allowed in the test -- that could also be positive. And in this case, Spotify has the data to prove whether ticket buyers are genuine fans: their listening history. Important caveat: there's no suggestion at this point that Spotify will use this data as a barrier to purchase, in a 'you can't buy this artist's pre-sale ticket because you haven't streamed them enough' way. We're imagining something else: options for artists to promote their native-Spotify pre-sales to their biggest listeners in the cities / regions where the concerts are happening.

Read more of this story at Slashdot.

Twitch Founder Justin Kan: Web3 Games Don't Need To Lure Players With Profit

Slashdot - Enj, 11/08/2022 - 2:02pd
An anonymous reader quotes a report from TechCrunch: Top crypto VCs are constantly touting the potential of video games as one of the most compelling use cases for blockchain technology. [...] TechCrunch talked to Justin Kan, co-founder of Twitch and more recently, Solana-based gaming NFT marketplace Fractal, to get his thoughts on what it will take for this subsector of web3 to live up to the hype. Kan said that web3 gaming has a long way to go -- while there are about 3 billion gamers in the world, including those who play mobile games, he noted, far fewer have bought or interacted with any sort of blockchain-based gaming asset. Kan sees this gap as an opportunity for blockchain technology to fundamentally change how video game studios operate. "I think the idea of creating digital assets, and then taxing everyone for all the transactions around them is a good model," Kan said. In some ways, web3 gaming was been built in response to the success of games such as Fortnite that were able to unlock a lucrative monetization path for gaming studios through micro-transactions from users buying custom items such as outfits and weapons. Web3 game developers hope to take that vision a step further by enabling players to take those custom digital assets between different games, turning gaming into an interoperable, immersive ecosystem, Kan explained. Kan has made around 10 angel investments in web3 gaming startups, including in the studio behind NFT-based shooter game BR1: Infinite Royale, he said. Still, he admitted that building this interoperable ecosystem, which he sees as the future of video games overall, doesn't technically require blockchain technology at all. "Blockchain is just the way that it's going to happen, I think, because there's a lot of cultural momentum around people equating blockchain with openness and trusting things that are decentralized on the blockchain." [T]he appeal of an open gaming ecosystem is more about the principle of the matter than it is about making a living. "I actually think that people equate NFTs and games with this play-to-earn model where people are making money and doing their job [by gaming], and I think that's completely unnecessary," Kan said. "Having digital assets in your game can work and be valuable, even if nobody is making money and there's no speculative appreciation or price appreciation on your assets," he added. It's common for popular games to attract new development on top of their existing intellectual property. Kan shared the example of Counter-Strike: Global Offensive (CSGO), a video game in which custom "skins" have sold for as much as $150,000 each. "I funded a company that builds on top of the CSGO skins," he said. "CSGO changed the rules about what was allowed and actually confiscated over a million dollars just from this company -- so yeah, I don't want to build on top of these non-open platforms anymore." "Kan sees blockchain-based games as just a 'more economically immersive' version of the marketplaces that already exist in video games," adds TechCrunch. "He doesn't think users will flock to blockchain gaming just to make money, though." "I think that web3 games are just being more open and saying, instead of this being a black market, we're going to make this a real market and people's economic participation is going to vary to different levels. There's gonna be people who only play the game and never buy things with money. There's gonna be some people who are making some side money because they're really good at the game, and they're getting some things in the game they're selling [or trading]." He added: "In order for this market to actually be big, it's going to require normal people who want to play games for fun to play these games. That doesn't exist yet. I think most of the market today is people who are crypto-native."

Read more of this story at Slashdot.

Disney Raises Streaming Prices After Services Post Big Operating Loss

Slashdot - Enj, 11/08/2022 - 1:20pd
As part of an effort to make its streaming business profitable, Disney announced that the price of ad-free Disney+ will rise 38% to $10.99 -- "a $3 per month increase," reports CNBC. "The price of Hulu without ads will rise by $2 per month, from $12.99 to $14.99, effective as of Oct. 10. Hulu with ads will go up by $1 per month, rising from $6.99 to $7.99." From the report: The price increases reflect the growing operating loss for Disney's streaming services. Disney+, Hulu and ESPN+ combined to lose $1.1 billion in the fiscal third quarter, $300 million more than the average analyst estimate, reflecting the higher cost of content on the services. The increased operating loss occurred even while Disney added about 15 million new Disney+ subscribers in the quarter, about 5 million more than analysts estimated. Disney has previously stated it plans to lose money on Disney+ until 2024. Average revenue per user for Disney+ decreased by 5% in the quarter in the U.S. and Canada due to more customers taking cheaper multi-product offerings. Overall, the company's quarterly results, also announced Wednesday, beat analysts' expectations on the top and bottom lines. Disney+ subscriptions rose to 152.1 million during the most recent period, higher than Wall Street's projections of 147 million. In a separate article, CNBC reports that Disney now projects between 215 million and 245 million total Disney+ customers by 2024, "down 15 million on both the low end and high end of the company's previous guidance." Previously, the guidance was between 230 million and 260 million by the end of fiscal 2024. They also reaffirmed its expectation that the streaming service will become profitable by the end of 2024.

Read more of this story at Slashdot.


Subscribe to AlbLinux agreguesi