At the end of June, Apple's App Store rejected the Windows/retro PC emulator "UTM SE". But in a reversal Apple approved the app Saturday, reports the Verge.

"We are happy to announce that UTM SE is available (for free) on iOS and visionOS App Store," the developer posted on X, "and coming soon to AltStore PAL."

From the Verge: After Apple rejected the app in June, the developer said it wasn't going to keep trying because the app was "a subpar experience." Today, UTM thanked the AltStore team for helping it and credited another developer "whose QEMU TCTI implementation was pivotal for this JIT-less build."

As with other emulators on the App Store, you can't do much with UTM SE out of the box. It doesn't come with any operating systems, though the app does link to UTM's site, which has guides for Windows XP through Windows 11 emulation, as well as downloads of pre-built virtual Linux machines. Mac OS 9.2.1 and DOS are listed in one screenshot from the UTM SE App Store page. Mac OS 9.2.1 and DOS are listed in one screenshot from the UTM SE App Store page.

"Signal is finally tightening its desktop client's security," reports BleepingComputer — by changing the way it stores plain text encryption keys for the SQLite database where users' messages are stored: When BleepingComputer contacted Signal about the flaw in 2018, we never received a response. Instead, a Signal Support Manager responded to a user's concerns in the Signal forum, stating that the security of its database was never something it claimed to provide. "The database key was never intended to be a secret. At-rest encryption is not something that Signal Desktop is currently trying to provide or has ever claimed to provide," responded the Signal employee...

[L]ast week, mobile security researchers Talal Haj Bakry and Tommy Mysk of Mysk Inc warned on X not to use Signal Desktop because of the same security weakness we reported on in 2018... In April, an independent developer, Tom Plant, created a request to merge code that uses Electron's SafeStorage API "...to opportunistically encrypt the key with platform APIs like DPAPI on Windows and Keychain on macOS," Plant explained in the merge request... When used, encryption keys are generated and stored using an operating system's cryptography system and secure key stores. For example, on Macs, the encryption key would be stored in the Keychain, and on Linux, it would use the windows manager's secret store, such as kwallet, kwallet5, kwallet6, and gnome-libsecret... While the solution would provide additional security for all Signal desktop users, the request lay dormant until last week's X drama.

Two days ago, a Signal developer finally replied that they implemented support for Electron's safeStorage, which would be available soon in an upcoming Beta version. While the new safeStorage implementation is tested, Signal also included a fallback mechanism that allows the program to decrypt the database using the legacy database decryption key...

Signal says that the legacy key will be removed once the new feature is tested.
"To be fair to Signal, encrypting local databases without a user-supplied password is a problem for all applications..." the article acknowledges.

"However, as a company that prides itself on its security and privacy, it was strange that the organization dismissed the issue and did not attempt to provide a solution..."

Slashdot reader joshuark shared this report from BetaNews: Check Point Research has identified a critical zero-day spoofing attack exploiting Microsoft Internet Explorer on modern Windows 10/11 systems, despite the browser's retirement.

Identified as CVE-2024-38112, this vulnerability allows attackers to execute remote code by tricking users into opening malicious Internet Shortcut (.url) files. This attack method has been active for over a year and could potentially impact millions... Attackers use a sophisticated trick to mask the malicious .hta extension, making use of the outdated security of Internet Explorer to compromise systems running updated Windows operating systems.
From Check Point Research: Even though IE has been proclaimed "retired and out-of-support," technically speaking, IE is still part of the Windows OS and is "not inherently unsafe, as IE is still serviced for security vulnerabilities, and there should be no known exploitable security vulnerabilities," according to our communications with Microsoft.

A 2023 red team exercise by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) at an unnamed federal agency exposed critical security failings, including unpatched vulnerabilities, inadequate incident response, and weak credential management, leading to a full domain compromise. According to The Register's Connor Jones, the agency failed to detect or remediate malicious activity for five months. From the report: According to the agency's account of the exercise, the red team was able to gain initial access by exploiting an unpatched vulnerability (CVE-2022-21587 - 9.8) in the target agency's Oracle Solaris enclave, leading to what it said was a full compromise. It's worth noting that CVE-2022-21587, an unauthenticated remote code execution (RCE) bug carrying a near-maximum 9.8 CVSS rating, was added to CISA's known exploited vulnerability (KEV) catalog in February 2023. The initial intrusion by CISA's red team was made on January 25, 2023. "After gaining access, the team promptly informed the organization's trusted agents of the unpatched device, but the organization took over two weeks to apply the available patch," CISA's report reads. "Additionally, the organization did not perform a thorough investigation of the affected servers, which would have turned up IOCs and should have led to a full incident response. About two weeks after the team obtained access, exploit code was released publicly into a popular open source exploitation framework. CISA identified that the vulnerability was exploited by an unknown third party. CISA added this CVE to its Known Exploited Vulnerabilities Catalog on February 2, 2023." [...]

After gaining access to the Solaris enclave, the red team discovered they couldn't pivot into the Windows part of the network because missing credentials blocked their path, despite enjoying months of access to sensitive web apps and databases. Undeterred, CISA managed to make its way into the Windows network after carrying out phishing attacks on unidentified members of the target agency, one of which was successful. It said real adversaries may have instead used prolonged password-praying attacks rather than phishing at this stage, given that several service accounts were identified as having weak passwords. After gaining that access, the red team injected a persistent RAT and later discovered unsecured admin credentials, which essentially meant it was game over for the agency being assessed. "None of the accessed servers had any noticeable additional protections or network access restrictions despite their sensitivity and critical functions in the network," CISA said.

CISA described this as a "full domain compromise" that gave the attackers access to tier zero assets -- the most highly privileged systems. "The team found a password file left from a previous employee on an open, administrative IT share, which contained plaintext usernames and passwords for several privileged service accounts," the report reads. "With the harvested Lightweight Directory Access Protocol (LDAP) information, the team identified one of the accounts had system center operations manager (SCOM) administrator privileges and domain administrator privileges for the parent domain. "They identified another account that also had administrative permissions for most servers in the domain. The passwords for both accounts had not been updated in over eight years and were not enrolled in the organization's identity management (IDM)." From here, the red team realized the victim organization had trust relationships with multiple external FCEB organizations, which CISA's team then pivoted into using the access they already had.

The team "kerberoasted" one partner organization. Kerberoasting is an attack on the Kerberos authentication protocol typically used in Windows networks to authenticate users and devices. However, it wasn't able to move laterally with the account due to low privileges, so it instead used those credentials to exploit a second trusted partner organization. Kerberoasting yielded a more privileged account at the second external org, the password for which was crackable. CISA said that due to network ownership, legal agreements, and/or vendor opacity, these kinds of cross-organizational attacks are rarely tested during assessments. However, SILENTSHIELD assessments are able to be carried out following new-ish powers afforded to CISA by the FY21 National Defense Authorization Act (NDAA), the same powers that also allow CISA's Federal Attack Surface Testing (FAST) pentesting program to operate. It's crucial that these avenues are able to be explored in such exercises because they're routes into systems adversaries will have no reservations about exploring in a real-world scenario. For the first five months of the assessment, the target FCEB agency failed to detect or remediate any of the SILENTSHIELD activity, raising concerns over its ability to spot genuine malicious activity. CISA said the findings demonstrated the need for agencies to apply defense-in-depth principles. The cybersecurity agency recommended network segmentation and a Secure-by-Design commitment.

Speaking of Xbox, the Xbox 360 Store and Marketplace are coming to a close later this month. From a report: Microsoft announced this last year and put an official end date of July 29, according to its official FAQ page. In case you didn't notice, the end of July is fast approaching. All of the games, DLC and any gaming tidbits for Microsoft's second generation console won't be available to purchase or download on the Xbox 360 console. Your games and movie purchases are still safe, however, if you've got any throwback titles on your Xbox One or Series X/S console. You can also still watch your purchased movies and shows on Windows 10 and 11 devices.

Longtime Slashdot reader ArchieBunker shares a report from TIME Magazine: On an evening in December 2023, 43-year-old small business owner Sarah Rosenkranz collapsed in her home in Granbury, Texas and was rushed to the emergency room. Her heart pounded 200 beats per minute; her blood pressure spiked into hypertensive crisis; her skull throbbed. "It felt like my head was in a pressure vise being crushed," she says. "That pain was worse than childbirth." Rosenkranz's migraine lasted for five days. Doctors gave her several rounds of IV medication and painkiller shots, but nothing seemed to knock down the pain, she says. This was odd, especially because local doctors were similarly vexed when Indigo, Rosenkranz's 5-year-old daughter, was taken to urgent care earlier that year, screaming that she felt a "red beam behind her eardrums." It didn't occur to Sarah that these symptoms could be linked. But in January 2024, she walked into a town hall in Granbury and found a room full of people worn thin from strange, debilitating illnesses. A mother said her 8-year-old daughter was losing her hearing and fluids were leaking from her ears. Several women said they experienced fainting spells, including while driving on the highway. Others said they were wracked by debilitating vertigo and nausea, waking up in the middle of the night mid-vomit. None of them knew what, exactly, was causing these symptoms. But they all shared a singular grievance: a dull aural hum had crept into their lives, which growled or roared depending on the time of day, rattling their windows and rendering them unable to sleep. The hum, local law enforcement had learned, was emanating from a Bitcoin mining facility that had recently moved into the area -- and was exceeding legal noise ordinances on a daily basis.

Over the course of several months in 2024, TIME spoke to more than 40 people in the Granbury area who reported a medical ailment that they believe is connected to the arrival of the Bitcoin mine: hypertension, heart palpitations, chest pain, vertigo, tinnitus, migraines, panic attacks. At least 10 people went to urgent care or the emergency room with these symptoms. The development of large-scale Bitcoin mines and data centers is quite new, and most of them are housed in extremely remote places. There have been no major medical studies on the impacts of living near one. But there is an increasing body of scientific studies linking prolonged exposure to noise pollution with cardiovascular damage. And one local doctor -- ears, nose, and throat specialist Salim Bhaloo -- says he sees patients with symptoms potentially stemming from the Bitcoin mine's noise on an almost weekly basis. "I'm sure it increases their cortisol and sugar levels, so you're getting headaches, vertigo, and it snowballs from there," Bhaloo says. "This thing is definitely causing a tremendous amount of stress. Everyone is just miserable about it." "By the end of 2024, we intend to have replaced the majority of air-cooled containers with immersion cooling, with no expansion required," said a representative for Marathon Digital Holdings, the company that owns the mine. "Initial sound readings on immersion containers indicate favorable results in sound reduction and compliance with all relevant state noise ordinances." They did not answer questions about the health impacts their mining site was causing.

"We're living in a nightmare," said Rosenkranz. She clocked the hum at 72 decibels in Indigo's bedroom in the dead of night. "Indigo's room directly faces the mine, which sits about a mile and a half away," notes TIME. She had to be pulled from her school after she developed so many ear infections from the sound.

The report also said a resident's dog "started going bald and developed debilitating anxiety shortly after the Bitcoin mine began operating four blocks away." TIME added: "Directly next door, Tom Weeks' dog Jack Rabbit Slim started shaking and hyperventilating uncontrollably for hours on end; a vet placed him on the seizure medication Gabapentin. Rosenkranz's chickens stopped laying eggs for months. And Jerry and Patricia Campbell's centuries-old oak tree, which had served as the family's hub and protector for generations of backyard family reunions and even a wedding, died suddenly three months ago."

Microsoft and Apple dropped plans to take board roles at OpenAI in a surprise decision that underscores growing regulatory scrutiny of Big Tech's influence over artificial intelligence. From a report: Microsoft, which invested $13 billion in the ChatGPT creator, will withdraw from its observer role on the board, the company said in a letter to OpenAI on Tuesday, which was seen by Bloomberg News. Apple was due to take up a similar role, but an OpenAI spokesperson said the startup won't have board observers after Microsoft's departure. Regulators in the US and Europe had expressed concerns about Microsoft's sway over OpenAI, applying pressure on one of the world's most valuable companies to show that it's keeping the relationship at arm's length. Microsoft has integrated OpenAI's services into its Windows and Copilot AI platforms and, like other big US tech companies, is banking on the new technology to help drive growth.

Serif, the design software developer behind Affinity, has introduced a six-month free trial for its creative suite, offering Affinity Photo, Designer, and Publisher on Mac, Windows PC, and iPad. This move, along with a 50% discount on perpetual licenses, aims to attract Adobe users and reassure them of Affinity's commitment to its one-time purchase pricing model despite its recent acquisition by Canva. The Verge reports: Affinity uses a one-time purchase pricing model that has earned it a loyal fanbase among creatives who are sick of paying for recurring subscriptions. Prices start at $69.99 for Affinity's individual desktop apps or $164.99 for the entire suite, with a separate deal currently offering customers 50 percent off all perpetual licenses.

This discount, alongside the six-month free trial, is potentially geared at soothing concerns that Affinity would change its pricing model after being acquired by Canva earlier this year. "We're saying 'try everything and pay nothing' because we understand making a change can be a big step, particularly for busy professionals," said Affinity CEO Ashley Hewson. "Anyone who takes the trial is under absolutely no obligation to buy."

An anonymous reader shares a report: Microsoft is finally rolling out spellcheck and autocorrect for its Notepad app in Windows 11, more than 40 years after the simple text editor was first introduced in Windows in 1983. The software giant started testing both features in March, and has now quietly started enabling them for all Windows 11 users in recent days. The spellcheck feature in Notepad is almost identical to how Word or Edge highlight misspelled words, with a red underline to clearly show mistakes.

In Communications of the ACM, long-time FreeBSD contributor Poul-Henning Kamp mocks the idea that the free and open-source software movement has "come apart" and "will end in tears and regret." Economists and others focused on money — like my bank — have had a lot of trouble figuring out the free and open source software (FOSS) phenomenon, and eventually they seem to have reached the conclusion that it just makes no sense. So, they go with the flow. Recently, very serious people in the FOSS movement have started to write long and thoughtful opinion pieces about how it has all come apart and will end in tears and regret. Allow me to disagree...
What follows is a humorous history of how the Open Source movement bested a series of ill-conceived marketing failures starting after the "utterly bad" 1980s when IBM had an "unimaginably huge monopoly" — and an era of vendor lock-in from companies trying to be the next IBM: Out of that utter market failure came Minix, (Net/Free/Open)BSD, and Linux, at a median year of approximately 1991. I can absolutely guarantee that if we had been able to buy a reasonably priced and solid Unix for our 32-bit PCs — no strings attached — nobody would be running FreeBSD or Linux today, except possibly as an obscure hobby. Bill Gates would also have had a lot less of our money...
The essay moves on to when "that dot-com thing happened, fueled by the availability of FOSS operating systems, which did a much better job than any operating system you could buy — not just for the price, but in absolute terms of performance on any given piece of hardware. Thus, out of utter market failure, the FOSS movement was born."

And ultimately, the essay ends with our present day, and the phenomenon of companies that "make a business out of FOSS or derivatives thereof..." The "F" in FOSS was never silent. In retrospect, it seems clear that open source was not so much the goal itself as a means to an end, which is freedom: freedom to fix broken things, freedom from people who thought they could clutch the source code tightly and wield our ignorance of it as a weapon to force us all to pay for and run Windows Vista. But the FOSS movement has won what it wanted, and no matter how much oldsters dream about their glorious days as young revolutionaries, it is not coming back; the frustrations and anger of IT in 2024 are entirely different from those of 1991.

One very big difference is that more people have realized that source code is a liability rather than an asset. For some, that realization came creeping along the path from young teenage FOSS activists in the late 1990s to CIOs of BigCorp today. For most of us, I expect, it was the increasingly crushing workload of maintaining legacy code bases...

Slashdot reader joshuark shared this report from Windows Central Microsoft may have opened a can of worms with recent comments made by the tech giant's CEO of AI Mustafa Suleyman. The CEO spoke with CNBC's Andrew Ross Sorkin at the Aspen Ideas Festival earlier this week. In his remarks, Suleyman claimed that all content shared on the web is available to be used for AI training unless a content producer says otherwise specifically.
The whole discussion was interesting — but this particular question was very direct. CNBC's interviewer specifically said, "There are a number of authors here... and a number of journalists as well. And it appears that a lot of the information that has been trained on over the years has come from the web — and some of it's the open web, and some of it's not, and we've heard stories about how OpenAI was turning YouTube videos into transcripts and then training on the transcripts."

The question becomes "Who is supposed to own the IP, who is supposed to get value from the IP, and whether, to put it in very blunt terms, whether the AI companies have effectively stolen the world's IP." Suleyman begins his answer — at the 14:40 mark — with "Yeah, I think — look, it's a very fair argument." SULEYMAN: "I think that with respect to content that is already on the open web, the social contract of that content since the 90s has been that it is fair use. Anyone can copy it, recreate with it, reproduce with it. That has been freeware, if you like. That's been the understanding.

"There's a separate category where a website or a publisher or a news organization had explicitly said, 'Do not scrape or crawl me for any other reason than indexing me so that other people can find that content.' That's a gray area and I think that's going to work its way through the courts."


Q: And what does that mean, when you say 'It's a gray area'?

SULEYMAN: "Well, if — so far, some people have taken that information... but that's going to get litigated, and I think that's rightly so...

"You know, look, the economics of information are about to radically change, because we're going to reduce the cost of production of knowledge to zero marginal cost. And this is just a very difficult thing for people to intuit — but in 15 or 20 years time, we will be producing new scientific cultural knowledge at almost zero marginal cost. It will be widely open sourced and available to everybody. And I think that is going to be, you know, a true inflection point in the history of our species. Because what are we, collectively, as an organism of humans, other than an intellectual production engine. We produce knowledge. Our science makes us better. And so what we really want in the world, in my opinion, are new engines that can turbocharge discovery and invention."

Windows Recall was "delayed" over concerns that storing unencrypted recordings of users' activity was a security risk.

But now Slashdot reader storagedude writes: The latest version of Microsoft's planned Windows Recall feature still contains data privacy and security vulnerabilities, according to a report by the Cyber Express.

Security researcher Kevin Beaumont — whose work started the backlash that resulted in Recall getting delayed last month — said the most recent preview version is still hackable by Alex Hagenah's "TotalRecall" method "with the smallest of tweaks."

The Windows screen recording feature could as yet be refined to fix security concerns, but some have spotted it recently in some versions of the Windows 11 24H2 release preview that will be officially released in the fall.
Cyber Express (the blog of threat intelligence vendor Cyble Inc) got this official response: Asked for comment on Beaumont's findings, a Microsoft spokesperson said the company "has not officially released Recall," and referred to the updated blog post that announced the delay, which said: "Recall will now shift from a preview experience broadly available for Copilot+ PCs on June 18, 2024, to a preview available first in the Windows Insider Program (WIP) in the coming weeks."

"Beyond that, Microsoft has nothing more to share," the spokesperson added.
Also this week, the blog Android Authority wrote that Google is planning to introduce its own "Google AI" features to Pixel 9 smartphones. They include the ability to enhance screenshots, an "Add Me" tool for group photos — and also "a feature resembling Microsoft's controversial Recall" dubbed "Pixel Screenshots." Google's take on the feature is different and more privacy-focused: instead of automatically capturing everything you're doing, it will only work on screenshots you take yourself. When you do that, the app will add a bit of extra metadata to it, like app names, web links, etc. After that, it will be processed by a local AI, presumably the new multimodal version of Gemini Nano, which will let you search for specific screenshots just by their contents, as well as ask a bot questions about them.

My take on the feature is that it's definitely a better implementation of the idea than what Microsoft created.. [B]oth of the apps ultimately serve a similar purpose and Google's implementation doesn't easily leak sensitive information...

It's worth mentioning Motorola is also working on its own version of Recall — not much is known at the moment, but it seems it will be similar to Google's implementation, with no automatic saving of everything on the screen.
The Verge describes the Pixel 9's Google AI as "like Microsoft Recall but a little less creepy."

Longtime Slashdot reader theodp writes: "If Einstein paved the way for a new era in physics," explains auction house Christie's in a promotion piece for its upcoming offering of 150+ "objects of scientific and historical importance" from the Paul G. Allen Collection (including items from the shuttered Living Computers Museum), "Mr. Allen and his collaborators ushered in a new era of computing. Starting with MS-DOS in 1981, Microsoft then went on to revolutionize personal computing with the launch of Windows in 1985."

Christie's auction and characterization of MS-DOS as an Allen and Microsoft innovation comes 30 years after the death of Gary Kildall, whose unpublished memoir, the Seattle Times reported in Kildall's July 1994 obituary, called DOS "plain and simple theft" of Kildall's CP/M OS. PC Magazine's The Rise of DOS: How Microsoft Got the IBM PC OS Contract notes that Paul Allen himself traced the genesis of MS-DOS back to a phone call Allen made to Seattle Computer Products owner Rod Brock in which Microsoft licensed Tim Paterson's CP/M-inspired QDOS (Quick and Dirty Operating System) for $10,000 plus a royalty of $15,000 for every company that licensed the software. A shrewd buy-low-sell-high business deal, yes, but hardly an Einstein-caliber breakthrough idea.

An anonymous reader shares a report: A new test version of Windows 11 is available for Windows Insiders on the Dev Channel with Build 26120.961, which rolls out a significant change: a new Windows Start menu. You'll immediately notice that Microsoft has redesigned the Microsoft user account display, moving it to the center of the Start menu as soon as you click on the username or profile picture.

This new "account manager" feature gives you quicker access to your various Microsoft accounts, such as Microsoft 365, Xbox Game Pass, and OneDrive cloud storage. To no surprise, Microsoft is using this prominent display to remind you of their own products and services. The difference to the current Windows 11 Start menu is obvious, as the following screenshot shows:

Nearly half of Americans are using third-party antivirus software and the rest are either using the default protection in their operating system -- or none at all. From a report: In all, 46 percent of almost 1,000 US citizens surveyed by the reviews site Security.org said they used third-party antivirus on their computers, with 49 percent on their PCs, 18 percent using it on their tablets, and 17 percent on their phones. Of those who solely rely on their operating system's built-in security -- such as Microsoft's Windows Defender, Apple's XProtect, and Android's Google Play -- 12 percent are planning to switch to third-party software in the next six months.

Of those who do look outside the OS, 54 percent of people pay for the security software, 43 percent choose the stripped-down free version, and worryingly, three percent aren't sure whether they pay or not. Among paying users, the most popular brands were Norton, McAfee, and Malwarebytes, while free users preferred -- in order -- McAfee, Avast, and Malwarebytes. The overwhelming reason for purchasing, cited by 84 percent of respondents, was, of course, fear of malware. The next most common reasons were privacy, at 54 percent, and worries over online shopping, at 48 percent. Fear of losing cryptocurrency stashes from wallets was at eight percent, doubled since last year's survey.

Microsoft revealed that the Russian hackers who breached its systems earlier this year stole more emails than initially reported. "We are continuing notifications to customers who corresponded with Microsoft corporate email accounts that were exfiltrated by the Midnight Blizzard threat actor, and we are providing the customers the email correspondence that was accessed by this actor," a Microsoft spokesperson told Bloomberg (paywalled). "This is increased detail for customers who have already been notified and also includes new notifications." The Register reports: We've been aware for some time that the digital Russian break-in at the Windows maker saw Kremlin spies make off with source code, executive emails, and sensitive U.S. government data. Reports last week revealed that the issue was even larger than initially believed and additional customers' data has been stolen. Along with Russia, Microsoft was also compromised by state actors from China not long ago, and that issue similarly led to the theft of emails and other data belonging to senior U.S. government officials.

Both incidents have led experts to call Microsoft a threat to U.S. national security, and president Brad Smith to issue a less-than-reassuring mea culpa to Congress. All the while, the U.S. government has actually invested more in its Microsoft kit. Bloomberg reported that emails being sent to affected Microsoft customers include a link to a secure environment where customers can visit a site to review messages Microsoft identified as having been compromised. But even that might not have been the most security-conscious way to notify folks: Several thought they were being phished.

game of Asteroids An anonymous reader shared this report from The Hill: An asteroid the size of a football stadium threaded the needle between Earth and the moon Saturday morning — the second of two astronomical near misses in three days. Near miss, in this case, is a relative term: Saturday's asteroid, 2024 MK, came within 180,000 miles of Earth. On Thursday, meanwhile, asteroid 2011 UL21 flew within 4 million miles.

But the Saturday passage of 2024 MK — which scientists discovered only two weeks ago — coincides with a sobering reminder of threats from space. Sunday is Asteroid Day, the anniversary of the 1908 explosion of a rock from space above a Russian town — the sort of danger that, astronomers warn, is always lurking as the Earth hurtles through space... In 2013, for instance, an asteroid about 62 feet across that broke apart nearly 20 miles above Siberia released 30 times as much energy as the atomic bomb that hit Hiroshima. While most of the impact energy was absorbed by the atmosphere, the detonation triggered a shock wave that blew out windows and injured more than a thousand people.
The article points out that if Saturday's asteroid had hit earth, the impact would have "the equivalent impact energy in the hundreds of megaton approaching a gigaton," Peter Brown of Canada's Western University told the Canadian Broadcasting Service. (For comparison, most hydrogen bombs are in the 50-megaton range.) Brown said "It's the sort of thing that if it hit the east coast of the U.S., you would have catastrophic effects over most of the eastern seaboard. But it's not big enough to affect the whole world."

Meanwhile, the article adds that last Thursday's asteroid — "while it was comfortably far out in space" — was the size of Mt. Everest. "At 1.5 miles in diameter, that asteroid was about a quarter the size of the asteroid that struck the earth 65 million years ago, wiping out all dinosaurs that walked, as well as the majority of life on earth." But the risk of a collision like that "is very, very low." NASA has estimated that a civilization-ending event (like the collision of an asteroid the size of Thursday's with the Earth) should only happen every few million years. And such an impact from an asteroid half a mile in diameter or bigger will be almost impossible for a very long time, according to findings published last year in The Astronomical Journal.
NASA's catalog of large and dangerous objects like 2011 UL21 is now 95 percent complete, MIT Technology Review reported.

Bloomberg and The Washington Post "claim AI power usage is dire," writes Slashdot reader NoWayNoShapeNoForm. But Ars Technica "begs to disagree with those speculations."

From Ars Technica's article: The high-profile pieces lean heavily on recent projections from Goldman Sachs and the International Energy Agency (IEA) to cast AI's "insatiable" demand for energy as an almost apocalyptic threat to our power infrastructure. The Post piece even cites anonymous "some [people]" in reporting that "some worry whether there will be enough electricity to meet [the power demands] from any source." Digging into the best available numbers and projections available, though, it's hard to see AI's current and near-future environmental impact in such a dire light... While the headline focus of both Bloomberg and The Washington Post's recent pieces is on artificial intelligence, the actual numbers and projections cited in both pieces overwhelmingly focus on the energy used by Internet "data centers" as a whole...

Bloomberg asks one source directly "why data centers were suddenly sucking up so much power" and gets back a blunt answer: "It's AI... It's 10 to 15 times the amount of electricity." Unfortunately for Bloomberg, that quote is followed almost immediately by a chart that heavily undercuts the AI alarmism. That chart shows worldwide data center energy usage growing at a remarkably steady pace from about 100 TWh in 2012 to around 350 TWh in 2024. The vast majority of that energy usage growth came before 2022, when the launch of tools like Dall-E and ChatGPT largely set off the industry's current mania for generative AI. If you squint at Bloomberg's graph, you can almost see the growth in energy usage slowing down a bit since that momentous year for generative AI.
Ars Technica first cites Dutch researcher Alex de Vries's estimate that in a few years the AI sector could use between 85 and 134 TWh of power. But another study estimated in 2018 that PC gaming already accounted for 75 TWh of electricity use per year, while "the IEA estimates crypto mining ate up 110 TWh of electricity in 2022." More to the point, de Vries' AI energy estimates are only a small fraction of the 620 to 1,050 TWh that data centers as a whole are projected to use by 2026, according to the IEA's recent report. The vast majority of all that data center power will still be going to more mundane Internet infrastructure that we all take for granted (and which is not nearly as sexy of a headline bogeyman as "AI").
The future is also hard to predict, the article concludes. "If customers don't respond to the hype by actually spending significant money on generative AI at some point, the tech-marketing machine will largely move on, as it did very recently with the metaverse and NFTs..."

It was analgous to the "Blue Screen of Death" that Windows gives for critical errors, Phoronix wrote. To enable error messages for things like a kernel panic, Linux 6.10 introduced a new panic handler infrastructure for "Direct Rendering Manager" (or DRM) drivers.

Phoronix also published a follow-up from Red Hat engineer Javier Martinez Canillas (who was involved in the new DRM Panic infrastructure). Given complaints about being too like Microsoft Windows following his recent Linux "Blue Screen of Death" showcase... Javier showed that a black screen of death is possible if so desired... After all, it's all open-source and thus can customize to your heart's content.
And now the panic handler is getting even more new features, Phoronix reported Friday: With the code in Linux 6.10 when DRM Panic is triggered, an ASCII art version of Linux's mascot, Tux the penguin, is rendered as part of the display. With Linux 6.11 it will also be able to handle displaying a monochrome image as the logo.

If ASCII art on error messages doesn't satisfy your tastes in 2024+, the DRM Panic code will be able to support a monochrome graphical logo that leverages the Linux kernel's boot-up logo support. The ASCII art penguin will still be used when no graphical logo is found or when the existing "LOGO" Kconfig option is disabled. (Those Tux logo assets being here.)

This monochrome logo support in the DRM Panic handler was sent out as part of this week's drm-misc-next pull request ahead of the Linux 6.11 merge window in July. This week's drm-misc-next material also includes TTM memory management improvements, various fixes to the smaller Direct Rendering Manager drivers, and also the previously talked about monochrome TV support for the Raspberry Pi.
Long-time Slashdot reader unixbhaskar thinks the new option "will certainly satisfy the modern people... But it is not as eye candy as people think... Moreover, it is monochrome, so certainly not resource-hungry. Plus, if all else fails, the ASCII art logo is still there to show!"

It transforms water into the fuel — one of the first fuel plants in the world to do so.

The Washington Post visits a facility in Corpus Christi, Texas using renewable energy to produce "green" hydrogen. The plant feeds water through machines that pull out its hydrogen atoms... [T]he hydrogen is chemically transformed into diesel for delivery trucks. This process could represent the biggest change in how fuel for planes, ships, trains and trucks is made since the first internal combustion engine fired up in the 19th century... Turning hydrogen into liquid fuel could help slash planet-warming pollution from heavy vehicles, cutting a key source of emissions that contribute to climate change. But to fulfill that promise, companies will have to build massive numbers of wind turbines and solar panels to power the energy-hungry process. Regulators will have to make sure hydrogen production doesn't siphon green energy that could go towards cleaning up other sources of global warming gases, such as homes or factories.

Although cars and light trucks are shifting to electric motors, other forms of transport will likely rely on some kind of liquid fuel for the foreseeable future. Batteries are too heavy for planes and too bulky for ships. Extended charging times could be an obstacle for long-haul trucks, and some rail lines may be too expensive to electrify. Together, these vehicles represent roughly half of emissions from transportation, the fourth-biggest source of greenhouse gases. To wean machines off oil, companies like Infinium, the owner of this plant, are starting to churn out hydrogen-based fuels that — in the best case — produce close to net zero emissions. They could also pave the way for a new technology, hydrogen fuel cells, to power planes, ships and trucks in the second half of this century. For now, these fuels are expensive and almost no one makes them, so the U.S. government, businesses and philanthropists including Bill Gates are investing billions of dollars to build up a hydrogen industry that could cut eventually some of the most stubborn, hard-to-remove carbon pollution.

Most scenarios for how the world could avoid the worst effects of climate change envision hydrogen cleaning up emissions in transportation, as well as in fertilizer production and steel and chemical refining. But if they're not made with dedicated renewable energy, hydrogen-based fuels could generate even more pollution than regular diesel, creating a wasteful boondoggle that sets the world back in the fight against climate change. Their potential comes down to the way plants like this produce them... Only about 40 percent of the power on the [Texas] electric grid is from renewables, with the rest coming from natural gas and coal, according to state data. That grid energy is what flows through the power line into the Infinium plant.
"One day, heavy transportation may shift to fuel cells that run on pure hydrogen and emit only water vapor from their tailpipes," the article points out. But to accommodate today's carbon-burning vehicles, Infinium produces "chemical copies of existing fuels made with crude oil" by combining captured carbon with green hydrogen.

"A truck running on diesel made from hydrogen using only renewable electricity would create 89 percent fewer greenhouse gas emissions over the course of its lifetime than a truck burning diesel made from petroleum, according to a 2022 analysis from the European nonprofit Transport & Environment."