Posted by EditorDavid from Slashdot
From the getting-to-the-core department: An anonymous reader shared this report from The Hacker News:
Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU).
Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems. "These race conditions allow a local attacker to exploit a SUID program and gain read access to the resulting core dump," Saeed Abbasi, manager of product at Qualys TRU, said...
Red Hat said CVE-2025-4598 has been rated Moderate in severity owing to the high complexity in pulling an exploit for the vulnerability, noting that the attacker has to first win the race condition and be in possession of an unprivileged local account... Qualys has also developed proof-of-concept code for both vulnerabilities, demonstrating how a local attacker can exploit the coredump of a crashed unix_chkpwd process, which is used to verify the validity of a user's password, to obtain password hashes from the /etc/shadow file.
Advisories were also issued by Gentoo, Amazon Linux, and Debian, the article points out. (Though "It's worth noting that Debian systems aren't susceptible to CVE-2025-4598 by default, since they don't include any core dump handler unless the systemd-coredump package is manually installed.")
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the Who's-on-first department: "The Doctor is dead. Long live the Doctor!" writes Space.com. (Spoilers ahead...)
"The era of Ncuti Gatwa's Fifteenth Doctor came to a surprise end on Saturday night, as the Time Lord regenerated at the end of "Doctor Who" season 2 finale... [T]he Doctor gradually realises that not everything is back to normal. Poppy, his daughter with Belinda Chandra in the "Wish World" fantasy, has been erased from history, so the Time Lord decides to sacrifice himself by firing a ton of regeneration energy into the time Vortex to "jolt it one degree" — and hopefully bring her back. It goes without saying that his madcap scheme saves Poppy, as we learn that, in this rewritten timeline, the little girl was always the reason Belinda had been desperate to get back home. But arguably the biggest talking point of the episode — and, indeed, the season — is saved until last, as the Doctor regenerates into a very familiar face...
Hint: They played the Doctor's companion, Rose Tyler, "alongside Christopher Eccleston's Ninth Doctor and David Tennant's Tenth Doctor during the phenomenally successful first two seasons of the show's 2005 reboot."
Showrunner Russell T Davies called it "an honour and a hoot" to welcome back Billie Piper to the TARDIS, "but quite how and why and who is a story yet to be told. After 62 years, the Doctor's adventures are only just beginning!"
Although the show's post-regeneration credits have traditionally featured the line "And introducing [insert name] as the Doctor", here it simply says "And introducing Billie Piper". The omission of "as the Doctor" is unlikely to be accidental, suggesting that Davies is playing a very elaborate game with "Who" fandom...
Another mystery! The BBC and Disney+ are yet to confirm if and when "Doctor Who" will return for a third season of its current iteration.
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the spacing-out department: An anonymous reader shared this report from Space.com:
Three world travelers, two Space Camp alums and an aerospace executive whose last name aptly matched their shared adventure traveled into space and back Saturday, becoming the latest six people to fly with Blue Origin, the spaceflight company founded by billionaire Jeff Bezos.
Mark Rocket joined Jaime Alemán, Jesse Williams, Paul Jeris, Gretchen Green and Amy Medina Jorge on board the RSS First Step — Blue Origin's first of two human-rated New Shepard capsules — for a trip above the Kármán Line, the 62-mile-high (100-kilometer) internationally recognized boundary between Earth and space...
Mark Rocket became the first New Zealander to reach space on the mission. His connection to aerospace goes beyond his apt name and today's flight; he's currently the CEO of Kea Aerospace and previously helped lead Rocket Lab, a competing space launch company to Blue Origin that sends most of its rockets up from New Zealand. Alemán, Williams and Jeris each traveled the world extensively before briefly leaving the planet today. An attorney from Panama, Alemán is now the first person to have visited all 193 countries recognized by the United Nations, traveled to the North and South Poles, and now, have been into space. For Williams, an entrepreneur from Canada, Saturday's flight continued his record of achieving high altitudes; he has summitted Mt. Everest and five of the other six other highest mountains across the globe.
"For about three minutes, the six NS-32 crewmates experienced weightlessness," the article points out, "and had an astronaut's-eye view of the planet..."
On social media Blue Origin notes it's their 12th human spaceflight, "and the 32nd flight of the New Shepard program."
Posted by EditorDavid from Slashdot
From the vibes-coding department: Stack Overflow remains in the midst of big changes to counter an AI-fueled drop in engagement. So "We're wondering what kind of online communities Stack Overflow users continue to support in the age of AI," writes their senior analyst, "and whether AI is becoming a closer companion than ever before."
For their 15th year of their annual reader survey, this means "we're not just collecting data; we're reflecting on the last year of questions, answers, hallucinations, job changes, tech stacks, memory allocations, models, systems and agents — together..."
Is it an AI agent revolution yet? Are you building or utilizing AI agents? We want to know how these intelligent assistants are changing your daily workflow and if developers are really using them as much as these keynote speeches assume. We're asking if you are using these tools and where humans are still needed for common developer tasks.
Career shifts: We're keen to understand if you've considered a career change or transitioned roles and if AI is impacting your approach to learning or using existing tools. Did we make up the difference in salaries globally for tech workers...?
They're also re-visiting "a key finding from recent surveys highlighted a significant statistic: 80% of developers reported being unhappy or complacent in their jobs."
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the commencement-ceremony department: "This month, millions of young people will graduate from college," reports the New York Times, "and look for work in industries that have little use for their skills, view them as expensive and expendable, and are rapidly phasing out their jobs in favor of artificial intelligence."
That is the troubling conclusion of my conversations over the past several months with economists, corporate executives and young job seekers, many of whom pointed to an emerging crisis for entry-level workers that appears to be fueled, at least in part, by rapid advances in AI capabilities.
You can see hints of this in the economic data. Unemployment for recent college graduates has jumped to an unusually high 5.8% in recent months, and the Federal Reserve Bank of New York recently warned that the employment situation for these workers had "deteriorated noticeably." Oxford Economics, a research firm that studies labor markets, found that unemployment for recent graduates was heavily concentrated in technical fields like finance and computer science, where AI has made faster gains. "There are signs that entry-level positions are being displaced by artificial intelligence at higher rates," the firm wrote in a recent report.
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the hard-drives department: "Chaos ensued on German roads this week after Google Maps wrongly informed drivers that highways throughout the country were closed during a busy holiday," writes Engadget.
The problem reportedly only lasted for a few hours and by Thursday afternoon only genuine road closures were being displayed. It's not clear whether Google Maps had just malfunctioned, or if something more nefarious was to blame. "The information in Google Maps comes from a variety of sources. Information such as locations, street names, boundaries, traffic data, and road networks comes from a combination of third-party providers, public sources, and user input," a spokesperson for Google told German newspaper Berliner Morgenpost, adding that it is internally reviewing the problem.
Technical issues with Google Maps are not uncommon. Back in March, users were reporting that their Timeline — which keeps track of all the places you've visited before for future reference — had been wiped, with Google later confirming that some people had indeed had their data deleted, and in some cases, would not be able to recover it.
The Guardian describes German drives "confronted with maps sprinkled with a mass of red dots indicating stop signs," adding "The phenomenon also affected parts of Belgium and the Netherlands."
Those relying on Google Maps were left with the impression that large parts of Germany had ground to a halt... The closure reports led to the clogging of alternative routes on smaller thoroughfares and lengthy delays as people scrambled to find detours. Police and road traffic control authorities had to answer a flood of queries as people contacted them for help.
Drivers using or switching to alternative apps, such as Apple Maps or Waze, or turning to traffic news on their radios, were given a completely contrasting picture, reflecting the reality that traffic was mostly flowing freely on the apparently affected routes.
Posted by EditorDavid from Slashdot
From the brain-in-a-pan department: A 15-year-old asked the question — receiving an answer from an associate professor of psychology at Georgia Institute of Technology. They write (on The Conversation) that "As a brain scientist who studies perception, I fully expect mind uploading to one day be a reality.
"But as of today, we're nowhere close..."
Replicating all that complexity will be extraordinarily difficult. One requirement: The uploaded brain needs the same inputs it always had. In other words, the external world must be available to it. Even cloistered inside a computer, you would still need a simulation of your senses, a reproduction of the ability to see, hear, smell, touch, feel — as well as move, blink, detect your heart rate, set your circadian rhythm and do thousands of other things... For now, researchers don't have the computing power, much less the scientific knowledge, to perform such simulations.
The first task for a successful mind upload: Scanning, then mapping the complete 3D structure of the human brain. This requires the equivalent of an extraordinarily sophisticated MRI machine that could detail the brain in an advanced way. At the moment, scientists are only at the very early stages of brain mapping — which includes the entire brain of a fly and tiny portions of a mouse brain. In a few decades, a complete map of the human brain may be possible. Yet even capturing the identities of all 86 billion neurons, all smaller than a pinhead, plus their trillions of connections, still isn't enough. Uploading this information by itself into a computer won't accomplish much. That's because each neuron constantly adjusts its functioning, and that has to be modeled, too. It's hard to know how many levels down researchers must go to make the simulated brain work. Is it enough to stop at the molecular level? Right now, no one knows.
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the are-we-having-funds-yet department: The Ladybird browser project is now officially tax-exempt as a U.S. 501(c)(3) nonprofit.
Started two years ago (by the original creator of SerenityOS), Ladybird will be "an independent, fast and secure browser that respects user privacy and fosters an open web." They're targeting Summer 2026 for the first Alpha version on Linux and macOS, and in May enjoyed "a pleasantly productive month" with 261 merged PRs from 53 contributors — and seven new sponsors (including coding livestreamer "ThePrimeagen").
And they're now recognized as a public charity:
This is retroactive to March 2024, so donations made since then may be eligible for tax exemption (depending on country-specific rules). You can find all the relevant information on our new Organization page. ["Our mission is to create an independent, fast and secure browser that respects user privacy and fosters an open web. We are tax-exempt and rely on donations and sponsorships to fund our development efforts."]
Other announcements for May:
"We've been making solid progress on Web Platform Tests... This month, we added 15,961 new passing tests for a total of 1,815,223."
"We've also done a fair bit of performance work this month, targeting Speedometer and various websites that are slower than we'd like." [The optimizations led to a 10% speed-up on Speedometer 2.1.]
Posted by EditorDavid from Slashdot
From the welcome-to-the-company department: AI company Anthropic (founded in 2021 by a team that left OpenAI) is now making about $3 billion a year in revenue, reports Reuters (citing "two sources familiar with the matter.") The sources said December's projections had been for just $1 billion a year, but it climbed to $2 billion by the end of March (and now to $3 billion) — a spectacular growth rate that one VC says "has never happened."
A key driver is code generation. The San Francisco-based startup, backed by Google parent Alphabet and Amazon, is famous for AI that excels at computer programming. Products in the so-called codegen space have experienced major growth and adoption in recent months, often drawing on Anthropic's models.
Anthropic sells AI models as a service to other companies, according to the article, and Reuters calls Anthropic's success "an early validation of generative AI use in the business world" — and a long-awaited indicator that it's growing. (Their rival OpenAI earns more than half its revenue from ChatGPT subscriptions and "is shaping up to be a consumer-oriented company," according to their article, with "a number of enterprises" limiting their rollout of ChatGPT to "experimentation.")
Then again, in February OpenAI's chief operating officer said they had 2 million paying enterprise users, roughly doubling from September, according to CNBC. The latest figures from Reuters... Anthropic's valuation: $61.4 billion.OpenAI's valuation: $300 billion.
Posted by EditorDavid from Slashdot
From the boldly-going department: In December it looked like NASA's next administrator would be the billionaire businessman/space enthusiast who twice flew to orbit with SpaceX.
But Saturday the nomination was withdrawn "after a thorough review of prior associations," according to an announcement made on social media. The Guardian reports:
His removal from consideration caught many in the space industry by surprise. Trump and the White House did not explain what led to the decision... In [Isaacman's] confirmation hearing in April, he sought to balance Nasa's existing moon-aligned space exploration strategy with pressure to shift the agency's focus on Mars, saying the US can plan for travel to both destinations. As a potential leader of Nasa's 18,000 employees, Isaacman faced a daunting task of implementing that decision to prioritize Mars, given that Nasa has spent years and billions of dollars trying to return its astronauts to the moon...
Some scientists saw the nominee change as further destabilizing to Nasa as it faces dramatic budget cuts without a confirmed leader in place to navigate political turbulence between Congress, the White House and the space agency's workforce.
"It was unclear whom the administration might tap to replace Isaacman," the article adds, though "One name being floated is the retired US air force Lt Gen Steven Kwast, an early advocate for the creation of the US Space Force..."
Ars Technica notes that Kwast, a former Lieutenant General in the U.S. Air Force, has a background that "seems to be far less oriented toward NASA's civil space mission and far more focused on seeing space as a battlefield — decidedly not an arena for cooperation and peaceful exploration."
Posted by EditorDavid from Slashdot
From the watched-over-by-machines-of-loving-grace department: A 21-year-old's startup got a $500,000 investment from Y Combinator — after building their web site and prototype mostly with "vibe coding".
NPR explores vibe coding with Tom Blomfield, a Y Combinator group partner:
"It really caught on, this idea that people are no longer checking line by line the code that AI is producing, but just kind of telling it what to do and accepting the responses in a very trusting way," Blomfield said. And so Blomfield, who knows how to code, also tried his hand at vibe coding — both to rejig his blog and to create from scratch a website called Recipe Ninja. It has a library of recipes, and cooks can talk to it, asking the AI-driven site to concoct new recipes for them. "It's probably like 30,000 lines of code. That would have taken me, I don't know, maybe a year to build," he said. "It wasn't overnight, but I probably spent 100 hours on that."
Blomfield said he expects AI coding to radically change the software industry. "Instead of having coding assistance, we're going to have actual AI coders and then an AI project manager, an AI designer and, over time, an AI manager of all of this. And we're going to have swarms of these things," he said. Where people fit into this, he said, "is the question we're all grappling with." In 2021, Blomfield said in a podcast that would-be start-up founders should, first and foremost, learn to code. Today, he's not sure he'd give that advice because he thinks coders and software engineers could eventually be out of a job. "Coders feel like they are tending, kind of, organic gardens by hand," he said. "But we are producing these superhuman agents that are going to be as good as the best coders in the world, like very, very soon."
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the meet-the-new-bot department: "How does it feel to be replaced by a bot?" asks the Guardian — interviewing several creative workers who know:
Gardening copywriter Annabel Beales
"One day, I overheard my boss saying to a colleague, 'Just put it in ChatGPT....' [My manager] stressed that my job was safe. Six weeks later, I was called to a meeting with HR. They told me they were letting me go immediately. It was just before Christmas...
"The company's website is sad to see now. It's all AI-generated and factual — there's no substance, or sense of actually enjoying gardening."
Voice actor Richie Tavake
"[My producer] told me he had input my voice into AI software to say the extra line. But he hadn't asked my permission. I later found out he had uploaded my voice to a platform, allowing other producers to access it. I requested its removal, but it took me a week, and I had to speak to five people to get it done... Actors don't get paid for any of the extra AI-generated stuff, and they lose their jobs. I've seen it happen."
Graphic designer Jadun Sykes
"One day, HR told me my role was no longer required as much of my work was being replaced by AI. I made a YouTube video about my experience. It went viral and I received hundreds of responses from graphic designers in the same boat, which made me realise I'm not the only victim — it's happening globally..."
Labor economist Aaron Sojourner recently reminded CNN that even in the 1980s and 90s, the arrival of cheap personal computers only ultimately boosted labor productivity by about 3%. That seems to argue against a massive displacement of human jobs — but these anecdotes suggest some jobs already are being lost...
Thanks to long-time Slashdot readers Paul Fernhout and Bruce66423 for sharing the article.
Posted by EditorDavid from Slashdot
From the getting-a-Brazilian department: With over 200 million people, Brazil is the world's fifth-largest country by population. Now it's testing a program that will allow Brazilians "to manage, own, and profit from their digital footprint," according to RestOfWorld.org — "the first such nationwide initiative in the world."
The government says it's partnering with California-based data valuation/monetization firm DrumWave to create "data savings account" to "transform data into economic assets, with potential for monetization and participation in the benefits generated by investing in technologies such as AI LLMs." But all based on "conscious and authorized use of personal information."
RestOfWorld reports:
Today, "people get nothing from the data they share," Brittany Kaiser, co-founder of the Own Your Data Foundation and board adviser for DrumWave, told Rest of World. "Brazil has decided its citizens should have ownership rights over their data...." After a user accepts a company's offer on their data, payment is cashed in the data wallet, and can be immediately moved to a bank account. The project will be "a correction in the historical imbalance of the digital economy," said Kaiser. Through data monetization, the personal data that companies aggregate, classify, and filter to inform many aspects of their operations will become an asset for those providing the data...
< This article continues on their website >
Uploading the Human Mind Could One Day Become a Reality, Predicts Neuroscientist 2025-06-01 12:55:02
