Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All/All+Images) (Single Column)

LinuxSecurity - Security Advisories







LWN.net

  • [$] Large folios, swap, and FS-Cache
    David Howells wanted to discuss swap handling in light of multi-page foliosin a combined storage, filesystem, and memory-management session atthe 2024 Linux Storage,Filesystem, Memory Management, and BPF Summit. Swapping has always beendone with a one-to-one mapping of memory pages to swap slots, he said, butswapping multi-page folios breaks that assumption. He wondered if it wouldmake sense to use filesystem techniques to track swapped-out folios.


  • [$] Lessons from the death and rebirth of Thunderbird
    Ryan Sipes told the audience during his keynote atGUADEC 2024 in Denver, Colorado that the Thunderbird mail client "probably shouldn't still be alive". Thunderbird, however, is not onlyalive—it is arguably in better shape than everbefore. According to Sipes, the project's turnaround is a result ofgovernance, storytelling, and learning to be comfortable asking usersfor money. He would also like it quite a bit if Linux distributions stoppedturning off telemetry.


  • Let's Encrypt plans to drop support for OCSP.
    Let's Encrypt hasannouncedthat it intends to end support "as soon as possible" for the Online Certificate Status Protocol (OCSP) over privacy concerns. OCSP was developed as alighter-weight alternative toCertificate Revocation Lists (CRLs) that did not involve downloadingthe entire CRL in order to check whether a certificate was valid. Let's Encrypt will continuesupporting OCSP as long as it is a requirement for Microsoft'sTrusted Root Program, but hopes to discontinue it soon:
    We plan to end support for OCSP primarily because it represents a considerable risk to privacy on the Internet. When someone visits a website using a browser or other software that checks for certificate revocation via OCSP, the Certificate Authority (CA) operating the OCSP responder immediately becomes aware of which website is being visited from that visitor's particular IP address. Even when a CA intentionally does not retain this information, as is the case with Let's Encrypt, CAs could be legally compelled to collect it. CRLs do not have this issue.
    People using Let's Encrypt as their CA should, for the most part, not need to change their setups.All modern browsers support CRLs, so end-users shouldn't notice an impact either.


  • Security updates for Wednesday
    Security updates have been issued by Fedora (ghostscript and xmedcon), Gentoo (Dmidecode, ExifTool, and Freenet), Red Hat (containernetworking-plugins, cups, edk2, httpd, httpd:2.4, kernel, kernel-rt, krb5, libreoffice, libuv, libvirt, linux-firmware, nghttp2, nodejs, openssh, python3, runc, thunderbird, and tpm2-tss), Slackware (aaa_glibc, bind, and mozilla), SUSE (postgresql14, python-sentry-sdk, and shadow), and Ubuntu (activemq, bind9, haproxy, nova, provd, python-zipp, squid, squid3, and tomcat).


  • [$] Imitation, not artificial, intelligence
    Simon Willison, co-creator of the popular Django web framework for Python,gave a keynote presentation at PyCon 2024 on a topic that isunrelated to that work: large language models (LLMs).The topic grew out of some other work that he is doing on Datasette, which is a Python-based"tool for exploring and publishing data". The talk was a lookbeyond the hype to try to discover what useful things you can actually dotoday using these models. Unsurprisingly, there were somecautionary notes from Willison, as well.


  • Improvements to the PSF Grants program
    The Python Software Foundation (PSF) board has announcedimprovements to its grants program that have been enacted as aresponse to "concerns and frustrations" with the program:
    The PSF Board takes the open letter from the pan-African delegationseriously, and we began to draft a plan to address everything in theletter. We also set up improved two-way communications so that we cancontinue the conversation with the community. The writers of the openletter have now met several times with members of the PSF board. Weare thankful for their insight and guidance on how we can worktogether and be thoroughly and consistently supportive of thepan-African Python community.
    So far the PSF has set up officehours to improve communications, publisheda retrospective on the DjangoCon Africa review, and put out a transparencyreport on grants from the past two years. The PSF board has alsovoted to "use the same criteria for all grant requests, no mattertheir country of origin".


  • Zuckerberg: Open Source AI Is the Path Forward
    Mark Zuckerberg has postedan article announcing some new releases of the Llama large languagemodel and going on at length about why open-source models are important:
    AI has more potential than any other modern technology to increase human productivity, creativity, and quality of life – and to accelerate economic growth while unlocking progress in medical and scientific research. Open source will ensure that more people around the world have access to the benefits and opportunities of AI, that power isn't concentrated in the hands of a small number of companies, and that the technology can be deployed more evenly and safely across society.
    There is an ongoing debate about the safety of open source AI models, and my view is that open source AI will be safer than the alternatives. I think governments will conclude it's in their interest to support open source because it will make the world more prosperous and safer.
    Of course, whether Llama is truly open source is debatable at best, but itis more open than many of the alternatives.


  • [$] A look inside the BPF verifier
    LWN has covered BPFsince its initial introduction to Linux, usually through the lens of the newestdevelopments; this can make it hard to view the whole picture. BPF providesa way to extend a running kernel, without having to recompile and reboot.It does this in a safe way, so that malicious BPFprograms cannot crash a running kernel, thanks to the BPF verifier. So how doesthe verifier actually work, what are its limits, and how has it changed sincethe early days of BPF?


  • GNU C Library 2.40 released
    Version 2.40 of the GNU CLibrary has been released. Changes include partial support for the ISO C23standard, a new tunable for the testing of setuid programs, improved 64-bitArm vector support, and a handful of security fixes. See the release notesfor details.


  • Security updates for Tuesday
    Security updates have been issued by Fedora (gtk3 and jpegxl), Red Hat (kpatch-patch and thunderbird), SUSE (apache2, git, gnome-shell, java-11-openjdk, java-21-openjdk, kernel, kernel-firmware, kernel-firmware-nvidia-gspx-G06, libgit2, mozilla-nss, nodejs20, python-Django, and python312), and Ubuntu (linux-aws, linux-aws, linux-aws-5.4, linux-iot, linux-aws-5.15, pymongo, and ruby-rack).


  • [$] "Opt-in" metrics planned for Fedora Workstation 42
    Red Hat, through members of the FedoraWorkstation Working Group, has taken anotherswing at persuading the Fedora Project to allow metrics related tothe real-world use of the Workstation edition to be collected. The firstproposal, aimed for Fedora 40, was withdrawn to be reworkedbased on feedback. This time around, the proponents have shifted fromasking for opt-out telemetry to opt-in metrics, with more detail aboutwhat would be collected and the policies that would govern data collection. Thechange seems to be on its way to approval by the Fedora EngineeringSteering Council (FESCo) and is set to take effect forFedora 42.


  • Security updates for Monday
    Security updates have been issued by Fedora (botan2, chromium, ffmpeg, fluent-bit, gtk3, httpd, suricata, tcpreplay, and thunderbird), Mageia (apache, chromium-browser-stable, libfm & libfm-qt, and thunderbird), Oracle (firefox, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk, kernel, libndp, qt5-qtbase, ruby, skopeo, thunderbird, and virt:ol and virt-devel:rhel), Red Hat (containernetworking-plugins, firefox, libndp, qt5-qtbase, and thunderbird), SUSE (caddy, chromium, emacs, global, mockito, snakeyaml, testng, and opera), and Ubuntu (thunderbird).


  • NGI project may lose funding
    The Next Generation Internet(NGI) project, an initiative of the EU's European Commission (EC),provides funding in the form of grants for a wide variety ofopen-source software,includingRedox,Briar,SourceHut, and many more.But the NGI project is not among those that would be funded under the current draft budget for 2025,as The Register reports. More than 60 organizations have signed on to an open letter asking theEC to reconsider:
    We find this transformation incomprehensible, moreover when NGI has proven efficient and economical to support free software as a whole, from the smallest to the most established initiatives. This ecosystem diversity backs the strength of European technological innovation, and maintaining the NGI initiative to provide structural support to software projects at the heart of worldwide innovation is key to enforce the sovereignty of a European infrastructure.Contrary to common perception, technical innovations often originate from European rather than North American programming communities, and are mostly initiated by small-scaled organizations.


  • [$] A new major version of NumPy
    The NumPy project released version 2.0.0 onJune 16, the first major release of the widelyused Python-based numeric-computing library since 2006. The release has been planned for sometime, as an opportunity to clean up NumPy's API. As with most NumPy updates,there are performance improvements to several individual functions. There are only a few newfeatures, but several backward-incompatible changes, including a change toNumPy's numeric-promotion rules. Changes to the Python API require relatively minor changes toPython code using the library, but the changes to the C API may be moredifficult to adapt to. Inboth cases, the officialmigration guide describes what needs to be adapted to the new version.


  • [$] Restricting execution of scripts — the third approach
    The kernel will not consent to execute just any file that happens to besitting in a filesystem; there are formalities, such as the checking ofexecute permission and consulting security policies, to get through first.On some systems, security policies have been established to limit executionto specifically approved programs. But there are files that are notexecuted directly by the kernel; these include scripts fed to languageinterpreters like Python, Perl, or a shell. An attacker who is able to getan interpreter to execute a file may be able to bypass a system's securitypolicies. Mickaël Salaün has been working on closing this hole for years;the latestattempt takes the form of a new flag to the execveat()system call.



LXer Linux News













  • My 30-Day Experiment With Native Linux Games
    Ever since my Windows-equipped gaming PC broke down, not due to Windoze, but due to a blown power supply unit (PSU), I have been gaming on my Ubuntu-equipped laptop for the past few weeks.


  • Top 5 Firefox features for tab maximalists
    I am a tab maximalist. On any given day, you can find me with 50+ tabs open across multiple windows on Firefox. Having this many tabs open can seem chaotic, but rest assured there is a method to the madness.







  • 8 Best Free and Open Source Linux Student Information Systems
    To provide an insight into the quality of software available, we have compiled a list of 8 free and open source student information systems. Hopefully there will be something of interest for any educational establishment that needs to manage student data.


Linux Insider"LinuxInsider"












Slashdot

  • US Urges Vigilance By Tech Startups, VC Firms on Foreign Funds
    The US is warning homegrown tech startups and venture capital firms that some foreign investments may be fronts for hostile nations seeking data and technology for their governments or to undermine American businesses. From a report: Several US intelligence agencies are spotlighting the concern in a joint bulletin Wednesday to small businesses, trade associations and others associated with the venture capital community, according to the National Counterintelligence and Security Center. "Unfortunately our adversaries continue to exploit early-stage investments in US startups to take their sensitive data," said Michael Casey, director of the NCSC. "These actions threaten US economic and national security and can directly lead to the failure of these companies." Washington has ramped up scrutiny of investments related to countries it considers adversaries, most notably China, as advanced technologies with breakthrough commercial potential, such as artificial intelligence, can also be used to enhance military or espionage capabilities. [...] Small tech companies and venture capitalists "are not in a position to assess the national security implications of their investments," said Mark Montgomery, former executive director of the Cyberspace Solarium Commission, which was assigned to develop a US cybersecurity strategy. "There are way too many examples where what appears to be, at best, potentially only dual-use or non-military-use technology is quickly twisted and used as a national security tool."


    Read more of this story at Slashdot.


  • Wealthy Western Countries Lead in Global Oil and Gas Expansion
    A surge in new oil and gas production in 2024 threatens to unleash nearly 12 billion tonnes of planet-heating emissions, with the world's wealthiest countries -- such as the US and the UK -- leading a stampede of fossil fuel expansion in spite of their climate commitments, new data reveals. From a report: The new oil and gas field licences forecast to be awarded across the world this year are on track to generate the highest level of emissions since those issued in 2018, as heatwaves, wildfires, drought and floods cause death and destruction globally, according to analysis of industry data by the International Institute for Sustainable Development (IISD). The 11.9bn tonnes of greenhouse gas emissions -- which is roughly the same as China's annual carbon pollution -- resulting over their lifetime from all current and upcoming oil and gas fields forecast to be licensed by the end of 2024 would be greater than the past four years combined. The projection includes licences awarded as of June 2024, as well as the oil and gas blocks open for bidding, under evaluation or planned. Meanwhile, fossil fuel firms are ploughing more money into developing new oil and gas sites than at any time since the 2015 Paris climate deal, when the world's governments agreed to take steps to cut emissions and curb global heating. The world's wealthiest countries are economically best placed -- and obliged under the Paris accords -- to lead the transition away from fossil fuels to cleaner energy sources. But these high-capacity countries with a low economic dependence on fossil fuels are spearheading the latest drilling frenzy despite dwindling easy-to-reach reserves, handing out 825 new licences in 2023, the largest number since records began.


    Read more of this story at Slashdot.


  • AI Adoption Creeps as Enterprises Wrestle With Costs and Use Cases
    Global enterprises are grappling with the complexities of AI adoption, according to hundreds of top industry executives at a recent private software conference hosted by UBS. UBS adds: We heard:1. The data points from a private GPU cloud infrastructure provider were a very bullish readthrough to GPU demand, Microsoft's AI infra capabilities and the ramp of enterprise/software demand for training and inference compute.2. One F500 customer was at 1% Office Copilot roll-out, moving to perhaps 2% in a year as they a) fine-tune internal best practices and b) negotiate to get Microsoft much lower on price.3. One private flagged "copilot chaos," with customers having to choose between AI copilots from seemingly every tech firm (we wonder if this creates pricing pressure and/or an evaluation slowdown).4. Popular use cases are AI apps for internal, domain-specific tasks (simple workflow automation).5. Little evidence of AI resulting in customer headcount cuts, but headcount reduction with 3rd-party managed services providers and (India-based) SI firms.


    Read more of this story at Slashdot.


  • Mark Zuckerberg Imagines Content Creators Making AI Clones of Themselves
    An anonymous reader quotes a report from TechCrunch: Content creators are busy people. Most spend more than 20 hours a week creating new content for their respective corners of the web. That doesn't leave much time for audience engagement. But Mark Zuckerberg, Meta's CEO, thinks that AI could solve this problem. In an interview with internet personality Rowan Cheung, Zuckerberg laid out his vision for a future in which creators have their own bots, of sorts, that capture their personalities and "business objectives." Creators will offload some community outreach to these bots to free up time for other, presumably more important tasks, Zuckerberg says. "I think there's going to be a huge unlock where basically every creator can pull in all their information from social media and train these systems to reflect their values and their objectives and what they're trying to do, and then people can can interact with that," Zuckerberg said. "It'll be almost like this artistic artifact that creators create that people can kind of interact with in different ways." [...] It's tough to imagine creators putting trust in the hands of flawed AI bots to interact with their fans. In the interview, Zuckerberg acknowledges that Meta has to "mitigate some of the concerns" around its use of generative AI and win users' trust over the long term. This is especially true as some of Meta's AI training practices are actively driving creators away from its platforms.


    Read more of this story at Slashdot.


  • Digital Tax Talks In G20 Spotlight As US Tariff Threat Looms
    Negotiations on a global tax deal have extended beyond the June 30 deadline, with countries now looking to the G20 finance leaders meeting for progress. "The stakes in the negotiations are high," reports Reuters. "A failure to reach agreement on final terms could prompt several countries to reinstate their taxes on U.S. tech giants and risk punitive duties on billions of dollars in exports to the U.S." Some countries, like Canada, have already implemented their own digital services tax. Reuters reports: The so-called "Pillar 1" arrangement, part of a 2021 global two-part tax deal, aims to replace unilateral digital services taxes (DSTs) on U.S. tech giants including Alphabet's Google, Amazon.com and Apple through a new mechanism to share taxing rights on a broader, global group of companies. Standstill agreements under which Washington has suspended threatened trade retaliation against seven countries -- Austria, Britain, France, India, Italy, Spain and Turkey -- expired on June 30, but the U.S. has not taken steps to impose tariffs. Discussions on the matter are continuing. An Italian government source said that European countries were seeking assurances that the U.S. tariffs on some $2 billion worth of annual imports from French Champagne to Italian handbags and optical lenses remained frozen while the talks continue, including at the G20 meeting in Rio de Janeiro. A European Union document prepared for the G20 meeting lists finalizing the international tax deal as a "top priority." It said the G20 should urge countries and jurisdictions participating in the tax deal "to finalize discussions on all aspects of Pillar 1, with a view to signing the Multilateral Convention (MLC) by summer end and ratifying it as soon as possible." "Treasury continues to oppose all tax measures that discriminate against U.S. businesses," a U.S. Treasury spokesperson said in response to Canada's move. "We encourage all countries to finalize the work on the Pillar 1 agreement. We are in active discussions on next steps related to the existing DST joint statements."


    Read more of this story at Slashdot.


  • Sunday Was the Hottest Day Ever Recorded On Earth, Scientists Say
    On Sunday, global temperatures reached their highest levels in recorded history (source may be paywalled; alternative source), with a daily average of 17.09 degrees Celsius (62.76 degrees Fahrenheit). "The historic day comes on the heels of 13 straight months of unprecedented temperatures and the hottest year scientists have ever seen," adds the Washington Post, citing preliminary data from the Copernicus Climate Change Service. From the report: Though Sunday was only slightly warmer than the world's previous hottest day, Copernicus researchers noted, it was extraordinarily hotter than anything that came before. Before July 2023, Earth's daily average temperature record -- set in August 2016 -- was 16.8 degrees Celsius (62.24 degrees Fahrenheit). But in the past year, the global has exceeded that old record on 57 days. Scientists have been tracking global temperatures only for the past few centuries. Yet there is good reason to believe that Sunday was the hottest day on Earth since the start of the last Ice Age more than 100,000 years ago. Research from paleoclimate scientists -- who use tree rings, ice cores, lake sediments and other ancient material to understand past environments -- suggests that recent heat would have been all but impossible over the last stretch of geologic time. "We are in truly uncharted territory," Copernicus director Carlo Buontempo said in a statement. "And as the climate keeps warming, we are bound to see records being broken in future months and years. What is truly staggering is how large the difference is between the temperature of the last 13 months and the previous temperature records."


    Read more of this story at Slashdot.


  • DHS Has a DoS Robot To Disable Internet of Things 'Booby Traps' Inside Homes
    An anonymous reader quotes a report from 404 Media's Jason Koebler: The Department of Homeland Security bought a dog-like robot that it has modified with an "antenna array" that gives law enforcement the ability to overload people's home networks in an attempt to disable any internet of things devices they have, according to the transcript of a speech given by a DHS official at a border security conference for cops obtained by 404 Media. The DHS has also built an "Internet of Things" house to train officers on how to raid homes that suspects may have "booby trapped" using smart home devices, the official said. The robot, called "NEO," is a modified version of the "Quadruped Unmanned Ground Vehicle (Q-UGV) sold to law enforcement by a company called Ghost Robotics. Benjamine Huffman, the director of DHS's Federal Law Enforcement Training Centers (FLETC), told police at the 2024 Border Security Expo in Texas that DHS is increasingly worried about criminals setting "booby traps" with internet of things and smart home devices, and that NEO allows DHS to remotely disable the home networks of a home or building law enforcement is raiding. The Border Security Expo is open only to law enforcement and defense contractors. A transcript of Huffman's speech was obtained by the Electronic Frontier Foundation's Dave Maass using a Freedom of Information Act request and was shared with 404 Media. [...] The robot is a modified version of Ghost Robotics' Vision 60 Q-UGV, which the company says it has sold to "25+ National Security Customers" and which is marketed to both law enforcement and the military. "Our goal is to make our Q-UGVs an indispensable tool and continuously push the limits to improve its ability to walk, run, crawl, climb, and eventually swim in complex environments," the company notes on its website. "Ultimately, our robot is made to keep our warfighters, workers, and K9s out of harm's way." "NEO can enter a potentially dangerous environment to provide video and audio feedback to the officers before entry and allow them to communicate with those in that environment," Huffman said, according to the transcript. "NEO carries an onboard computer and antenna array that will allow officers the ability to create a 'denial-of-service' (DoS) event to disable 'Internet of Things' devices that could potentially cause harm while entry is made."


    Read more of this story at Slashdot.


  • Hackers Leak Documents From Pentagon IT Services Provider Leidos
    According to Bloomberg, hackers have leaked internal documents stolen from Leidos Holdings, one of the largest IT services providers of the U.S. government. Reuters reports: The company recently became aware of the issue and believes the documents were taken during a previously reported breach of a Diligent Corp. system it used, the report said, adding that Leidos is investigating it. The Virginia-based company, which counts the U.S. Department of Defense as its primary customer, used the Diligent system to host information gathered in internal investigations, the report added, citing a filing from June 2023. A spokesperson for Diligent said the issue seems to be related to an incident from 2022, affecting its subsidiary Steele Compliance Solutions. The company notified impacted customers and had taken corrective action to contain the incident in November 2022.


    Read more of this story at Slashdot.


  • Alphabet To Invest Another $5 Billion Into Waymo
    During Alphabet's second-quarter earnings call today, Alphabet CFO Ruth Porat announced the organization will spend an additional $5 billion on its self-driving subsidiary, Waymo. "This new round of funding, which is consistent with recent annual investment levels, will enable Waymo to continue to build the world's leading autonomous driving technology company," said Porat. TechCrunch reports: Porat noted that Google will focus on improving overall efficiencies in its "other bets" segment, which includes innovative projects that are distinct from the tech giant's core search and advertising business. Other companies in this segment are Verily, Calico, Google Ventures and drone company Wing. "Waymo is an important example of this, with its technical leadership coupled with progress on operational performance," Porat continued. The executive noted that parent company Alphabet's 10-Q form, which has yet to be filed, will have more details.


    Read more of this story at Slashdot.


  • Indie Game Publisher Humble Games Reportedly Lays Off All Staff
    Humble Games, the indie game publisher behind the popular pay-what-you-want "Humble Game Bundle," has laid off its entire staff of 36 people. However, the company says it is not shutting down and Humble Bundle will not be impacted. Instead, the job cuts are part of a restructuring of operations. GameSpot reports: In a statement shared with GameSpot, Humble Games confirmed that Humble Bundle will have "no impact on its operations. Additionally, ongoing and upcoming games from Humble Games will still move ahead and be published by the company. Humble Games is the publisher of many notable indie games, including Stray Gods, Bo: Path of the Teal Lotus, Chinatown Detective Agency, Ikenfell, Unpacking, Slay the Spire, and Midnight Fight Express, just to name a few. Humble Games is the separate publishing arm of digital storefront Humble Bundle. Both companies are owned by IGN Entertainment, but operate as a separate entities. Earlier this year, IGN Entertainment also bought video game websites Eurogamer, Rock Paper Shotgun, VG247, GamesIndustry.biz, and Dicebreaker from Gamer Network.


    Read more of this story at Slashdot.


  • The Kremlin Jails the Father of Russia's Internet
    An anonymous reader quotes a report from the Center for European Policy Analysis (CEPA): Alexey Soldatov, a Russian Internet pioneer and a founder of the first Internet provider in the country, has been sentenced by a court to two years in a labor colony on charges of "abuse of power." Soldatov, 72, had been detained by a court in Moscow. He is terminally ill. Very few in Russia believe in the government charges against a man widely known as a Father of the Russian Internet -- and who is less well known as the father of Andrei Soldatov, one of this article's authors. Soldatov was accused of abuse of power when managing a pool of IP-addresses by an organization he had no position at. This legal absurdity was enough to see him imprisoned even though the court knew of Soldatov's illness, which meant the court had no legal right to pass a custodial sentence. His family believes that the decision is essentially a death sentence. The article details Soldatov's history and his pivotal role in creating the Relcom network, which connected Soviet research centers and established the Soviet Union's first link to the global internet in 1990. During the 1991 KGB coup attempt, Relcom remained operational, highlighting its role in bypassing traditional media control and connecting people both within the Soviet Union and globally.


    Read more of this story at Slashdot.


  • House Committee Calls On CrowdStrike CEO To Testify On Global Outage
    According to the Washington Post (paywalled), the House Homeland Security Committee has called on the CrowdStrike CEO to testify over the major outage that brought flights, hospital procedures, and broadcasters to a halt on Friday. The outage was caused by a defective software update from the company that primarily affected computers runnings Windows, resulting in system crashes and "blue screen of death" errors. From the report: Republican leaders of the House Homeland Security Committee demanded that CrowdStrike CEO George Kurtz commit by Wednesday to appearing on Capitol Hill to explain how the outages occurred and what "mitigation steps" the company is taking to prevent future episodes. [...] Reps. Mark Green (R-Tenn.) and Andrew R. Garbarino (R-N.Y.), chairs of the Homeland Security Committee and its cybersecurity subcommittee, respectively, wrote in their letter that the outages "must serve as a broader warning about the national security risks associated with network dependency. Protecting our critical infrastructure requires us to learn from this incident and ensure that it does not happen again," the lawmakers wrote. CrowdStrike spokesperson Kirsten Speas said in an emailed statement Monday that the company is "actively in contact" with the relevant congressional committees and that "engagement timelines may be disclosed at Members' discretion," but declined to say whether Kurtz will testify. The committee is one of several looking into the incident, with members of the House Oversight Committee and House Energy and Commerce Committee separately requesting briefings from CrowdStrike. But the effort by Homeland Security Committee leaders marks the first time the company is being publicly summoned to testify about its role in the disruptions. CrowdStrike has risen to prominence as a major security provider partly by identifying malicious online campaigns by foreign actors, but the outages have heightened concern in Washington that international adversaries could look to exploit future incidents. "Malicious cyber actors backed by nation-states, such as China and Russia, are watching our response to this incident closely," Green and Garbarino wrote. The outages, which disrupted agencies at the federal and state level, are also raising questions about how much businesses and government officials alike have come to rely on Microsoft products for their daily operations.


    Read more of this story at Slashdot.


  • Switzerland Now Requires All Government Software To Be Open Source
    Switzerland has enacted the "Federal Law on the Use of Electronic Means for the Fulfillment of Government Tasks" (EMBAG), mandating open-source software (OSS) in the public sector to enhance transparency, security, and efficiency. "This new law requires all public bodies to disclose the source code of software developed by or for them unless third-party rights or security concerns prevent it," writes ZDNet's Steven Vaughan-Nichols. "This 'public money, public code' approach aims to enhance government operations' transparency, security, and efficiency." From the report: Making this move wasn't easy. It began in 2011 when the Swiss Federal Supreme Court published its court application, Open Justitia, under an OSS license. The proprietary legal software company Weblaw wasn't happy about this. There were heated political and legal fights for more than a decade. Finally, the EMBAG was passed in 2023. Now, the law not only allows the release of OSS by the Swiss government or its contractors, but also requires the code to be released under an open-source license "unless the rights of third parties or security-related reasons would exclude or restrict this." Professor Dr. Matthias Sturmer, head of the Institute for Public Sector Transformation at the Bern University of Applied Sciences, led the fight for this law. He hailed it as "a great opportunity for government, the IT industry, and society." Sturmer believes everyone will benefit from this regulation, as it reduces vendor lock-in for the public sector, allows companies to expand their digital business solutions, and potentially leads to reduced IT costs and improved services for taxpayers. In addition to mandating OSS, the EMBAG also requires the release of non-personal and non-security-sensitive government data as Open Government Data (OGD). This dual "open by default" approach marks a significant paradigm shift towards greater openness and practical reuse of software and data. Implementing the EMBAG is expected to serve as a model for other countries considering similar measures. It aims to promote digital sovereignty and encourage innovation and collaboration within the public sector. The Swiss Federal Statistical Office (BFS) is leading the law's implementation, but the organizational and financial aspects of the OSS releases still need to be clarified.


    Read more of this story at Slashdot.


  • EU To Investigate Delivery Hero, Glovo Over Food Delivery Cartel Concerns
    An anonymous reader quotes a report from TechCrunch: The European Commission announced a formal investigation into Berlin-based food delivery giant Delivery Hero and its Spanish subsidiary, Glovo, on Tuesday, citing cartel concerns. The Commission will launch an in-depth probe into agreements between the online delivery firms to establish whether any anticompetitive activity has taken place. "The Commission is concerned that, before the takeover, Delivery Hero and Glovo may have allocated geographic markets and shared commercially sensitive information (e.g., on commercial strategies, prices, capacity, costs, product characteristics)," the Commission wrote in a press release. "The Commission is also concerned that the companies may have agreed not to poach each other's employees. These practices could have been facilitated by Delivery Hero's minority share in Glovo." The move follows unannounced raids conducted on the two companies' local offices in July 2022 and November 2023. From July 2018, Delivery Hero held a minority share in Glovo -- going on to acquire sole control in July 2022, per the Commission, which noted that this is the first investigation it has undertaken into anti-competitive agreements "that may have occurred in the context of a minority shareholding by one operator in a competitor." [...] Earlier this month, the German delivery giant warned investors it could ultimately face an antitrust fine of up to 400 million euros over the EU antitrust issue.


    Read more of this story at Slashdot.


  • China Is Getting Secretive About Its Supercomputers
    For decades, American and Chinese scientists collaborated on supercomputers. But Chinese scientists have become more secretive as the U.S. has tried to hinder China's technological progress, and they have stopped participating altogether in a prominent international supercomputing forum. From a report: The withdrawal marked the end of an era and created a divide that Western scientists say will slow the development of AI and other technologies as countries pursue separate projects. The new secrecy also makes it harder for the U.S. government to answer a question it deems essential to national security: Does the U.S. or China have faster supercomputers? Some academics have taken it upon themselves to hunt for clues about China's supercomputing progress, scrutinizing research papers and cornering Chinese peers at conferences. Supercomputers have become central to the U.S.-China technological Cold War because the country with the faster supercomputers can also hold an advantage in developing nuclear weapons and other military technology. "If the other guy can use a supercomputer to simulate and develop a fighter jet or weapon 20% or even 1% better than yours in terms of range, speed and accuracy, it's going to target you first, and then it's checkmate," said Jimmy Goodrich, a senior adviser for technology analysis at Rand, a think tank. The forum that China recently stopped participating in is called the Top500, which ranks the world's 500 fastest supercomputers. While the latest ranking, released in June, says the world's three fastest computers are in the U.S., the reality is probably different.


    Read more of this story at Slashdot.


The Register


  • Oak Ridge casts nets in search of Frontier supercomputer's heir
    US national lab expects Discovery to deliver 'three to five times more computational throughput'
    Oak Ridge National Laboratory (ORNL) has issued a request for proposals (RFP) for a successor to the Frontier supercomputer, just a couple of years after the world's first exascale system came online.…


  • Data pilfered from Pentagon IT supplier Leidos
    With numerous US government agency customers, any leak could be serious
    Updated Internal documents stolen from Leidos Holdings, an IT services provider contracted with the Department of Defense and other US government agencies, have been leaked.…


  • CrowdStrike fiasco highlights growing Sino-Russian tech independence
    China is playing a long game, which could pay off on an enormous scale
    Analysis Some of the common arguments for moving away from proprietary operating systems are about increasing personal (or corporate) freedom and decreasing expenditure, but there are bigger things at stake.…




  • Tim Peake joins Axiom Space as an astronaut advisor
    A new mission: Securing funding for Brits in orbit
    Former European Space Agency astronaut Tim Peake has joined Axiom Space's astronaut team as a strategic advisor supporting a potential all-UK human spaceflight mission.…




  • 'Data embassies' promise bubbles of digital sovereignty, but India just cooled on the idea
    Scratch the surface and they look more like a sales pitch – or a soft power play
    Embassies are bubbles of sovereignty that local authorities cannot freely enter and in which certain communications are privileged – an arrangement that is generally agreed as essential to facilitate international relations. And now the same protections are being suggested as needed to create a "data embassy" – datacenters that local authorities can't access and in which nations can store info and run software on foreign shores.…


  • Forget security – Google's reCAPTCHA v2 is exploiting users for profit
    Web puzzles don't protect against bots, but humans have spent 819 million unpaid hours solving them
    Updated Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue it's harvesting information while extracting human labor worth billions.…









  • FTC sticks a probe into 'surveillance pricing' Big Biz uses to gouge us all
    Ever had to shop in incognito mode to avoid paying more? This one's for you
    The US Federal Trade Commission (FTC) has launched an investigation into "surveillance pricing," a phenomenon likely familiar to anyone who's had to buy something in an incognito browser window to avoid paying a premium. …






  • Alphabet's reported $23B bet on Wiz fizzles out
    Cybersecurity outfit to go its own way to IPO and $1B ARR
    On the day of Alphabet's Q2 earnings call, cybersecurity firm Wiz has walked from a $23 billion takeover bid by Google's parent company.…


  • Failure to follow proper procedures caused US-wide AT&T outage, FCC says
    America's second largest wireless carrier taking steps to prevent a repeat of 12-hour downtime in February
    An AT&T cellular outage lasting more than 12 hours that prevented subscribers from accessing services including 911 was caused by misconfigured hardware and a failure to follow standard procedures when deploying.…


  • Now as many as 10,000 SAP jobs to be hit by restructure
    Revenue and underlying profit please markets in Q2 as German software giant retains focus on costs
    SAP has expanded the number of jobs affected by its restructuring program by up to 20 percent after generating higher revenue but lower operating profit in the most recent full quarter.…



  • Arch-based CachyOS promises speed but trips over its laces
    Strictly for performance fiends with ultra-modern kit who want a distro to match
    Hands-on CachyOS is a performance-optimized rebuild of Arch Linux, with a simpler installer and dozens of desktops and options to tweak. Stable reliability, not so much.…




  • FrostyGoop malware shut off heat to 600 Ukraine apartment buildings
    First nasty to exploit Modbus to screw with operational tech devices
    A previously unseen malware, dubbed FrostyGoop, able to disrupt industrial processes was used in a cyberattack against a district energy company in Ukraine last northern winter, resulting in two days without heat for hundreds of people during sub-zero temperatures.…


  • How to maintain code for a century: Just add Rust
    Proprietary code goes unpublished – but no FOSS package ever dies
    Opinion One of the delicious promises of open source software is eternal life. In literature from Gilgamesh on, this has been a classic trap for the careless and greedy, but this is FOSS so it must be true. No package ever dies. Proprietary code goes unpublished: if its host company dies, it probably dies with it the moment the servers are wiped.…



  • Hong Kong becomes major hub for shipping banned tech to Iran, Russia
    Government doesn't seem to mind – and business is into it, claims report
    Hong Kong's government and local businesses undermine sanctions by deliberately facilitating the transfer of restricted and sensitive technology to naughty regimes, according to a report released on Monday by the nonprofit Committee for Freedom in Hong Kong Foundation.…




  • Indonesia blocks 2.5 million pieces of gambling content, minister says it's not enough
    Wagering boomed – and so did the quantity of money heading offshore
    Indonesia has an online gambling problem. Despite having blocked access to wagering content over 2.5 million times last year, the nation’s Ministry of Communications and Information (KomInfo), believes it can only break the habit with further blocks and assistance from the private sector.…


  • Google's plan to drop third-party cookies in Chrome crumbles
    Ad giant promises to protect privacy, as critics say surveillance continues
    Google no longer intends to drop support for third-party cookies – the online identifiers used by the ad industry to track people and target them with ads based on their online activities.…



  • Global cops power down world's 'most prolific' DDoS dealership
    One arrest was made weeks ago but no word on the suspect's identity yet
    A DDoS-for-hire site described by the UK's National Crime Agency (NCA) as the world's most prolific operator in the field is out-of-action following a law enforcement sting dubbed Operation Power Off.…


  • Meta's mass layoff severance agreements illegal, says judge
    You can't offer a better deal in exchange for silence, argues NLRB
    Separation agreements Meta gave to employees during mass 2022 layoffs are illegal, a US judge has decided, and the reasoning could have implications far beyond Zuckercorp.…


  • What does Google Gemini do with your data? Well, it's complicated...
    Big misconception is that data ingestion is occurring, we're told
    Google, after facing accusations about its AI model ingesting private files, says Gemini can read and summarize this type of sensitive data in real time – but only with Workspace users' express permission. …


  • Nvidia said to be prepping Blackwell GPUs for Chinese market
    But will they ship before the Biden administration tightens export controls?
    Comment US trade restrictions on the sale of AI accelerators to China haven't detered Nvidia from bringing its latest Blackwell architecture to the Middle Kingdom.…




  • Engineers fix ESA's Gaia observatory from 1.5M kilometers away
    And you thought rolling back a borked update on a server down the hall was hard?
    The European Space Agency (ESA) has shared the story of how engineers brought a mission back from the brink after a micrometeoroid strike, an equipment failure, and an impressive solar storm.…







Linux.com











Phoronix


  • AMD Reveals More Zen 5 CPU Core Details
    As a follow-up to last week9s AMD Zen 5 overview with the Ryzen 9000 series and Ryzen AI 300 series, today the embargo has lifted on some additional Zen 5 CPU core details.


  • F2FS, exFAT & Btrfs File-System Changes In Linux 6.11
    While not as notable as the nice EXT4 performance optimization making it into Linux 6.11 or features like XFS real-time FITRIM and self-healing Bcachefs on read I/O errors, the Bcachefs, F2FS, and Btrfs file-systems saw smaller updates for the Linux 6.11 kernel cycle...


  • Linux 6.11 Upstream Now Defaults To A Better SATA Link Power Management Policy
    It's not too often that the ATA pull request for a new Linux kernel merge window has much worth mentioning. With Linux 6.11 there is a change to the kernel defaults worth noting over the default SATA link power management policy. In this case most Linux distributions have been setting a better default themselves and is now a case of the upstream kernel defaults catching up...





  • Intel9s Mesa Driver Upstreaming For Xe2 Support Appears Mostly Done
    Ahead of launch for new discrete/integrated graphics backed by open-source Linux drivers, it can often be difficult to ascertain the level of support pre-launch given the complexity of today's GPUs, we are past the days of long monolithic patch series for new hardware enablement, and also not knowing about what features may be added for the next-generation hardware. But if latest Mesa developer comments hold, it looks like for Intel Xe2 graphics the open-source Vulkan driver at least has "most" of the code now in place...


  • Intel Xe2/Battlemage & AMD RDNA4 Lead The Graphics Driver Changes In Linux 6.11
    DRM subsystem lead maintainer David Airlie recently submitted the DRM-Next pull request for merging into Linux 6.11. All of that Direct Rendering Manager (DRM) feature code has landed for the many kernel graphics/display driver updates along with changes to the few AI accelerator "accel" drivers also part of the tree. As usual, the Intel Xe/i915 and AMD AMDGPU/AMDKFD kernel drivers see a bulk of the upstream open-source graphics improvements...






  • Linux 6.11 Begins Upstreaming Support For KEBA CP500 System FPGA
    Greg Kroah-Hartman described the char/misc pull request for the Linux 6.11 merge window as having "just loads of new drivers and updates." Among the new drivers is beginning to enable support for the KEBA CP500 as the latest FPGA seeing upstream kernel support...


  • OpenBSD Now Supports VA-API Video Acceleration
    The BSDs unfortunately continue to lag behind Linux in their GPU driver support. The latest example of this is OpenBSD only days ago seeing initial support for the Video Acceleration API (VA-API) merged for GPU-accelerated video playback on that BSD platform...


  • LoongArch Enables More Kernel Features With Linux 6.11
    The LoongArch CPU architecture changes were submitted and subsequently merged on Monday for the ongoing Linux 6.11 merge window. With the new kernel these Chinese processors support more kernel features for this MIPS-derived and RISC-V-inspired architecture...


  • X.Org Testing Ground Expands Its Scope To Illumos/OpenIndiana
    Coming just a day after posting a big set of patches for improving VRR display support under the X.Org Server, Enrico Weigelt today announced the release of the X.Org Testing Ground v0.0.4 software that now supports OpenIndiana / Illumos (OpenSolaris) in addition to its Linux and BSD platform support...



  • Pop!_OS 24.04 Alpha With COSMIC Desktop Planned For 8 August
    We have been eagerly awaiting the end of July for the planned alpha release of System76's Rust-written COSMIC desktop. For those awaiting COSMIC in the form of a new Pop!_OS development release, that at least will be coming in early August...









  • Kalray Updates Patches For Their Linux Kernel Port To The KV3-1 "Coolidge" SoC
    Way back at the start of 2023, French fabless semiconductor company Kalray posted Linux kernel patches for a "KVX" Linux kernel port to get Linux up and running on their MPPA3-80 "Coolidge" DPU SoC with the KV3-1 CPU architecture. A year and a half later this work still is outside the Linux kernel but finally a third iteration of the KVX Linux kernel port has been posted for review...




  • XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer
    Back in March were a set of patches to the Linux kernel's XZ embedded compression implementation with the project having switched from public domain to the BSD Zero Clause License along with other changes to update that in-tree code. Since then the notorious XZ backdoor situation was discovered in the upstream XZ project. With those major issues behind, Lasse Collin today sent out an updated set of patches for updating the in-tree XZ code for the Linux kernel...



  • AWS Graviton4 96-Core Performance vs. AMD EPYC & Intel Xeon CPUs
    Last week I published some initial benchmarks of the Amazon/AWS Graviton4 processors now available within the EC2 cloud using the new "R8g" instances. That initial comparison was a 64 vCPU comparison of Graviton4 against AMD EPYC and Intel Xeon 64 vCPU AWS instances. In today9s article is a look at the 96-core Graviton4 bare metal performance using the "r8g.metal-24xl" AWS instance type. The Graviton4 r8g.metal-24xl performance was then compared in today9s article against various bare metal AMD EPYC, Ampere Altra Max, and Intel Xeon processors in the lab at Phoronix.



Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

  • The Google Pixel Buds A-Series drop to $69
    Amazon Prime Day 2024 might be behind us but the deals keep coming and they don't stop coming. Folks with a Google Pixel or other Android device who are in the market for a set of budget-friendly earbuds may be interested in a discount on the Pixel Buds A-Series (they're compatible with iPhones too, but the integration won't be as deep on iOS products). These earbuds were already decent value at $99, and now they've dropped to an even more attractive price of $69.

    We gave the Pixel Buds A-Series a score of 84 in our 2021 review. They don't support wireless charging or have onboard controls, but otherwise we felt that they deliver excellent value for money (even more so now thanks to the current discount).



    The sound quality is pretty darned decent and the buds can reduce background noise while you're on calls. You'll get up to five hours of listening time and 2.5 hours of talk time before you'll need to return the earbuds to the case, Google says. You'll seemingly get up to 24 hours of total listening time before you have to charge the case. Thanks to quick charging, you'll be able to add three hours of listening time after plugging in the case for just 15 minutes. While there's an adaptive sound function for automatically adjusting the volume, there's no true active noise cancellation here.

    If you'd like something a more premium option, you can go with the Pixel Buds Pro instead. Those have dropped to $140, which is $60 off. However, they dropped to $120 during Prime Day.

    Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.
    This article originally appeared on Engadget at https://www.engadget.com/the-google-pixel-buds-a-series-drop-to-69-145630793.html?src=rss


  • Our favorite budget webcam is on sale for only $48 right now
    Whether you've just started a remote job or want to try your hand at creating videos, a solid webcam is essential for presentation. Fortunately, our favorite budget webcam is even more affordable right now, thanks to a 20 percent discount. The Anker PowerConf C200 2K Webcam for PC is down to $48 from $60 — a record low. 

    We named Anker's C200 model our top budget webcam because it offers so many of the same perks as its more expensive competitors. To set it up, you only need to plug it in, either to the computer or your docking station. It offers up to 2K resolution, which gives you an extra boost, but you can lower it to 1080p, 720p or even 360p. It also automatically has a 95-degree lens opening but can shrink to 78 or 65 degrees. Plus, you can get AnkerWork software to edit things like brightness and sharpness.



    Anker's C200 webcam also offers dual stereo mics that capture your words clearly, so you don't have to worry about being misinterpreted on your next call. Then there's the fact that if you twist its frame the lens will physically shutter. The only real issue we had with this webcam is that it's a bit harder to change the angle of than other options, often requiring two hands. 

    Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.
    This article originally appeared on Engadget at https://www.engadget.com/our-favorite-budget-webcam-is-on-sale-for-only-48-right-now-141146554.html?src=rss


  • Google is updating the Play Store with AI-powered app reviews and curated spaces
    Google just announced a suite of updates to the Play Store in an attempt to make it more fun to use. This is part of a larger move by the company to turn its online marketplace into "an end-to-end experience that’s more than a store.” You read that right. They want us to hang out on Google Play.

    Here’s what the company has planned. The update brings AI-generated review summaries that pull from user reviews to develop a consensus. You’ve likely already encountered this type of thing on Facebook and while using Google search. The company first announced this feature at this year’s I/O event.

    This AI-adjacent approach will also apply to auto-generated FAQs about each app that are powered by Gemini models. Additionally, there will be AI-generated highlights that offer a quick summarization of a particular app. Google showed off a still image of this for a photo editing app in which the highlights included the number of filters and layouts available, in addition to tools and sharing options. This AI approach will also let users quickly compare apps in similar categories.

    Google’s also rolling out shared spaces on the Play Store. These aren’t communities or mini social networks, like Reddit or something, but rather splash pages for various topics of interest. The company started this project with a pilot involving cricket. The shared space gave users in India the ability to “explore all their cricket content from across various channels in one, convenient spot.” This included relevant videos, around 100 curated cricket-related apps and some simple user polls. The next curated space will be about Japanese manga. There has been no word as to when this feature will expand into multiple categories available to global users.

    The entire “shopping for a new game to play” experience is also getting an upgrade, focused primarily on discovery. Google promises “enriched game details” pages, complete with YouTube videos from developers and clearly-marked promotions, which reminds me of Steam. This even extends to the post-purchase experience, as return users will see updated developer notes and a section for tips and tricks. The program is in early access and currently only available to English language users. There are also some new games coming to Google’s oft-overlooked Play Pass, like Asphalt Legends Unite and Candy Crush Saga, and a feature that lets users play multiple games at once on PC. 

    Finally, there’s some personalization stuff in this update. The new Collections feature provides custom categories based on previously-purchased apps. This means that each Google Play homescreen will be different for each user, offering an easy way to continue binging a show or finishing a video game.

    Many of these upgrades begin rolling out today, though some are still in the early access stage. Others, like the shared spaces feature, still have some kinks to work out.
    This article originally appeared on Engadget at https://www.engadget.com/google-is-updating-the-play-store-with-ai-powered-app-reviews-and-curated-spaces-130036843.html?src=rss


  • New PS5 update makes it easier to join multiplayer games
    Anyone with a PlayStation 5 should now have a smoother option for connecting with other gamers. Sony has officially rolled out a system software update, allowing you to create shareable links inviting others to a multiplayer game. The company first announced the feature in early May.

    The new PS5 update works by providing you with a link in the app that can be shared with anyone, even if you aren9t friends on the Playstation Network. A QR code pops up alongside the link, though Sony warns you might have to update a few of your games for the new feature to work. One of the best things about this tool is the invite isn9t immediately time-sensitive, so the link will still drop the recipient into your game 10 or 30 minutes from when its sent as long as you9re still playing. If you send the link on Discord, a widget should appear to say if people are still playing or have dropped off. 

    Alongside the new share method is another update that lets you open Game Help action cards through Voice Command. All you need to do is say "Show Game Help," and it should pop up. However, Voice Command (Preview) is currently available only in English for gamers in the US and UK with PlayStation Network accounts. 
    This article originally appeared on Engadget at https://www.engadget.com/new-ps5-update-makes-it-easier-to-join-multiplayer-games-123730301.html?src=rss


  • CrowdStrike blames bug that caused worldwide outage on faulty testing software
    CrowdStrike has blamed faulty testing software for a buggy update that crashed 8.5 million Windows machines around the world, it wrote in an post incident review (PIR). "Due to a bug in the Content Validator, one of the two [updates] passed validation despite containing problematic data," the company said. It promised a series of new measures to avoid a repeat of the problem.

    The massive BSOD (blue screen of death) outage impacted multiple companies worldwide including airlines, broadcasters, the London Stock Exchange and many others. The problem forced Windows machines into a boot loop, with technicians requiring local access to machines to recover (Apple and Linux machines weren9t affected). Many companies, like Delta Airlines, are still recovering. 

    To prevent DDoS and other types of attacks, CrowdStrike has a tool called the Falcon Sensor. It ships with content that functions at the kernel level (called Sensor Content) that uses a "Template Type" to define how it defends against threats. If something new comes along, it ships "Rapid Response Content" in the form of "Template Instances."

    A Template Type for a new sensor was released on March 5, 2024 and performed as expected. However, on July 19, two new Template Instances were released and one (just 40KB in size) passed validation despite having "problematic data," CrowdStrike said. "When received by the sensor and loaded into the Content Interpreter, [this] resulted in an out-of-bounds memory read triggering an exception. This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash (BSOD)."

    To prevent a repeat of the incident, CrowdStrike promised to take several measures. First is more thorough testing of Rapid Response content, including local developer testing, content update and rollback testing, stress testing, stability testing and more. It9s also adding validation checks and enhancing error handing.

    Furthermore, the company will start using a staggered deployment strategy for Rapid Response Content to avoid a repeat of the global outage. It9ll also provide customers greater control over the delivery of such content and provide release notes for updates. 

    However, some analysts and engineers think the company should have put such measures in place from the get-go. "CrowdStrike must have been aware that these updates are interpreted by the drivers and could lead to problems," engineer Florian Roth posted on X. "They should have implemented a staggered deployment strategy for Rapid Response Content from the start."
    This article originally appeared on Engadget at https://www.engadget.com/crowdstrike-blames-bug-that-caused-worldwide-outage-on-faulty-testing-software-120057494.html?src=rss



  • The best smartphones to buy in 2024
    You might have an idea of which smartphone you want to buy next. But there are more options than ever before that are solid — plenty of companies are making stellar handsets nowadays, at similar prices, all with comparable feature sets. That said, the choice isn’t always cut-and-dry. If you know you want an iPhone, your decision-making process is a bit easier. If you’re an Android person, you have even more options to choose from and more questions to answer before you spend any money. At Engadget, we review phones regularly and have tested dozens over the years; so far for 2024, our top picks remain the same as they were last year, with Apple's iPhone 15 Pro and Google's Pixel 8 handsets sitting at the top of the list. Whether you’ve had your eye on them, one of Samsung's new Galaxy S24 phones or another device, we’re here to help you decide which is the best phone to buy this year.
    Android or iOS?
    When you're searching for the best smartphone, it becomes clear that each OS has its pros and cons. Apple’s tight-knit ecosystem makes it super easy to share data between iPhones, iPads and Macs or seamlessly hand-off phone calls or music from one device to another. At the same time, you’re effectively locked in, as services like Apple Messages aren’t available on other platforms.

    As for Android, there’s a much wider range of handsets from companies like Google, Samsung, Sony and more. However, Android phones don’t enjoy that same length of software support and often have lower trade-in values. In short, there’s no wrong answer. However, you will want to consider how your phone will fit in with the rest of your devices. So unless you’re really fed up with one OS and willing to learn another, it probably doesn’t make a lot of sense to switch from an iPhone to an Android phone (or vice versa) – especially if everyone else in your household is using the same platform.
    Cameras
    Since your cell phone often pulls double duty as your primary camera, figuring out what kind of photo tools you want is key. Nowadays, practically every mobile phone can take a great picture in bright light. But if you want a long optical zoom, you’ll probably have to upgrade to a more expensive device.
    Cherlynn Low / Engadget
    Mid-range phones often only have two rear cameras (a primary wide-angle lens and a secondary ultra-wide camera) and can sometimes struggle in low-light situations. Each phone maker also has various features that might be a better fit for your style, with Apple offering four different color presets on the latest iPhones, while Google’s Pixel 8 comes with neat tools like dedicated long exposure and Action Pan modes.
    Will you get mmWave 5G or Wi-Fi 7?
    The good news is that in 2024, most phones have at least Wi-Fi 6 or Wi-Fi 6e and support for some kind of 5G connectivity. However, if you want the fastest wireless speeds possible, it’s going to cost you a little extra. For example, on certain networks, mmWave 5G offers up to gigabit download speeds, less latency and better bandwidth. But mmWave 5G also requires more sophisticated (and pricier) modems, which means support for it is often missing on less expensive devices, even those like the unlocked version of the Pixel 8.

    On the bright side, mmWave 5G isn’t as widely available as other versions of 5G, so depending on where you live and what network you’re on, you may not be missing out on much right now if you buy a phone that doesn’t support it. It’s a similar situation for Wi-Fi 7, which is available on some high-end handsets like the Galaxy S24, but harder to find on cheaper devices. Wi-Fi 7 also requires you to have a compatible router, so unless you know you need it or have a specific use case in mind, the lack of support for mmWave 5G or Wi-Fi 7 shouldn’t be a dealbreaker when looking for a new phone.
    Other features to consider
    Because not everyone agrees on what makes the best phone, you should think about any other specs that might be extra important for you. Mobile gamers will almost certainly appreciate the 120Hz refresh rates you get on phones like the Samsung Galaxy S23 or the Apple iPhone 15 Pro. Alternatively, if long battery life is important, you’ll probably want to go with a larger iPhone or an Android phone with a battery that’s between 4,000 and 5,000 mAh in size. Meanwhile, if you find yourself juggling a lot of devices, it can be really nice to have a phone that supports reverse wireless charging, which on Samsung phones even lets you recharge the company’s Galaxy Watches.














    Other smartphones we've tested Samsung Galaxy S24 Ultra
    For its latest super-premium phone, Samsung gave the S24 Ultra a more durable titanium frame, faster performance thanks to a Snapdragon 8 Gen 3 chip and a much longer battery life. The company also tweaked its longest telephoto lens with a 5x optical zoom so it's more usable in a wider range of situations. But the biggest upgrade is a new full suite of AI tools, which includes the ability to proofread texts, edit images and transcribe recordings. And when you tack on the best display available on a phone today and a built-in stylus, you have a very compelling flagship handset. Unfortunately, starting at $1,300, the S24 Ultra is a bit too expensive to recommend to anyone without deep pockets.
    OnePlus 12
    While the OnePlus 12 wasn’t able to unseat the latest Pixel, it’s worth mentioning because it offers powerful specs for the money. It features a speedy Snapdragon 8 Gen 3 chip, a big and bright 6.8-inch, 120Hz OLED screen and the best battery life we’ve seen on any phone to date. OnePlus also brought back support for wireless charging for the first time in several generations, along with a good (but not great) IP65 rating for dust and water resistance. And even though its huge camera module looks a bit ungainly, its photos are surprisingly sharp. But the best thing is that, with a starting price of $800, the OnePlus 12 costs $200 less than a Pixel 8 Pro or a similarly specced S24+.
    FAQs How do I know which smartphone is the best for me?
    While choosing the best smartphone can be challenging, it mostly comes down to how you plan on using the device. All of the best phones available now get the basics right — you’ll be able to make calls, text and access the internet without many hiccups. If your smartphone is your most used gadget, you may want to consider paying for a device on the higher end of the price spectrum. That will get you better overall performance, higher-quality cameras and a phone that will last for many years. If you don’t use your phone for everything, you may be able to compromise on performance and extra perks and spend less on a still-capable handset.
    How much is a smartphone?
    Smartphones range in price from $300 to over $1,500. The best budget phones available now will usually compromise on overall performance, design, camera prowess and extra features to keep costs down. On the flip side, the most expensive phones will have powerful processors, triple-camera arrays and even flip or fold designs. Most people will find a phone that fits their needs somewhere in the middle of that wide price range — we’ve found that most of the best smartphones available right now cost between $500 and $1,000.
    What can you do on a smartphone?
    Smartphones are essentially small, portable computers that let you do things like check email, browse social media, follow map directions, make contactless payments and more. This is all on top of the basics like making phone calls and texting, which we’ve come to expect in all modern cell phones. Smartphones have also mostly replaced compact cameras thanks to their high-quality, built-in shooters, and the fact that most smartphones today as just as portable, if not more so, as compact cameras.
    How long do smartphones last?
    Smartphones can last years and people are holding on to their phones longer now than ever before. Software updates and battery life are two of the biggest factors that can affect phone longevity. Apple promises five years worth of software updates for its latest iPhones, and Google promises the same for its Pixel phones. Samsung phones will get four years worth of Android updates from the time they launch. As for charging speeds and battery life, your phone can deteriorate over time as you use and recharge your phone on a regular basis.
    This article originally appeared on Engadget at https://www.engadget.com/best-smartphones-140004900.html?src=rss


  • Humble Games reportedly lays off its entire staff
    Humble Games has reportedly laid off all 36 of its staff. Former employees posted about the layoffs on social media. Humble Games is owned by media conglomerate Ziff Davis, which counts IGN, Eurogamer and GamesIndustry.biz among its gaming portfolio. Humble Games confirmed in a LinkedIn post that there had been a "restructure" at the company, but did not reveal the number of jobs lost.

    A PR rep for Humble Games also confirmed to Engadget that the company would not be shutting its doors as a result of today's restructuring. He added that both ongoing and upcoming projects would continue to be supported and published by the studio.

    The layoffs at Humble Bundle are the latest in a sweep across the gaming business. Last year saw a shocking number of cuts across studios of all sizes, and the trend has sadly continued into 2024.

    "The games industry is volatile, it's been inundated by people who only want exponential growth at the expense of making great games with great teams," Emilee Kieffer, a former lead quality assurance analyst with Humble Games, wrote on LinkedIn following the layoffs.
    Well friends, me and the entirety of Humble Games was laid off this morning

    If you need senior/lead QA at your game studio HI HELLO I DON'T HAVE A JOB ANYMOOOORE! pic.twitter.com/giAPAiTDsx
    — 🎃Emil-EEK!🎃 (@Emilee3D) July 23, 2024
    The indie publisher helped bring almost 50 video games to market, including notable hits such as Slay the Spire, Unpacking, Wandersong and Coral Island. Humble Games also had several upcoming games slated for release, such as Never Alone 2, a second delve into mythology and stories from the indigenous Iñupiat people in Alaska. 

    "This decision was not made lightly; it involved much deliberation and careful thought, with the goal of ensuring the stability and support of our developers and ongoing projects," Humble's statement said. 

    This business is a separate operation from the charity storefront Humble Bundle, which is also part of Ziff Davis but does not appear to be impacted by today's news. We've reached out to Ziff Davis and Humble Games for more information and will update if we hear back.

    Update, July 23, 2024, 5:35 ET: Article has been updated to include a response from Humble Games' PR team.
    This article originally appeared on Engadget at https://www.engadget.com/humble-games-reportedly-lays-off-its-entire-staff-201923446.html?src=rss


  • Netflix hires former Epic Games exec as new President of Games
    Netflix has landed a notable new leader for its rapidly-expanding gaming endeavors. Variety reported that the streaming company has hired Alain Tascan as its new president of games. Before joining Netflix, Tascan was executive vice president for game development at a little studio you may have heard of called Epic Games. In that role, he oversaw the first-party development for some of the company's hugely successful titles, such as Fortnite, Lego Fortnite, Rocket League and Fall Guys.

    The company is also recruiting talent on the creative side. Since launching the games project in 2021, Netflix has acquired notable indie studios Night School, Boss Fight, Next Games and Spry Fox, and has brought a large number of acclaimed indie games to mobile. In its second quarter earnings call, Netflix execs revealed that it has more than 80 games currently in development, which would nearly double its current library of about 100 titles. 

    Many of these new projects are interactive fiction based on Netflix shows and movies, with the goal of giving fans new ways to engage with their favorite titles. "I think our opportunity here to serve super fandom with games is really fun and remarkable," Co-CEO Ted Sarandos said during the call. We also learned that a multiplayer Squid Game project will be coming to Netflix Games later this year.

    Although Netflix is making a sizable investment into this games division, people haven't been flocking to their titles yet. In 2022, the library had about 1.7 million daily users and its games had been downloaded 23.3 million times.
    This article originally appeared on Engadget at https://www.engadget.com/netflix-hires-former-epic-games-exec-as-new-president-of-games-212614285.html?src=rss


  • The Cybertruck is coming to Fortnite and Rocket League because we're being punished
    Video games are supposed to provide us an escape from the grinding and anger produced on an average day. Now one of the real world’s most contentious aggravations has slithered its way into The Cybertruck add-ons are part of a new “Summer Road Trip99 promotion bundle for Fortnite and Rocket League. Both bundles come with a vehicle that looks like a door stop and special body decals such as “Baja Off-Road,” “CyberCamo,” “MatteBlack,” “Stainless Steel” and “OMG Cybertruck,” which recreates the window that Elon Musk broke while trying to prove the strength of the Cybertruck’s windows. Did they also include the sticky accelerator?
    Psyonix/Tesla
    Presumably, the OMG stands for “Oh my God! (Can’t I go one day without seeing that ego on wheels we call the) Cybertruck?" The Baja Off-Road skin paired with the douchey Cybertruck in particular just screams, “I wear a lot of Ed Hardy!”

    We have… some questions. Will the rain in Fortnite cause widespread rusting of the chassis? Will the Rocket League ball dent the “shatterproof” window like a metal ball famously did way back in 2019? Will players be able to finish a whole game if there’s another recall alert? If you really must, you can find out in both games now.
    This article originally appeared on Engadget at https://www.engadget.com/the-cybertruck-is-coming-to-fortnite-and-rocket-league-because-were-being-punished-210309356.html?src=rss


  • A Call of Duty game is coming to Xbox Game Pass, just not one anyone wants
    Microsoft has been taking a lot of hits over its Xbox Game Pass price hike and the overall lackluster offering of games. So to make up for it, they are offering a Call of Duty game for the first time on its virtual buffet. Unfortunately, it’s Call of Duty: Modern Warfare III, one of the lowest rated games in the series.

    Calling the reviews for Modern Warfare III “mixed” would be generous. IGN’s Simon Cardy said its single-player campaign was “shallow,” “dull” and “the worst Call of Duty single-player campaign I’ve played.” Jump Dash Roll’s Derek Johnson wrote that its main campaign is “genuinely not worth playing” and its signature Zombies mode “isn’t quite as atrociously terrible as its single-player but that doesn’t mean it’s anything resembling something fun.”

    Modern Warfare III won’t be the only Call of Duty game available for Xbox Game Pass subscribers. Xbox Game Pass will provide day one access to Call of Duty: Black Ops 6 in October. Of course, we don’t know how good the game will be but one imagines it9ll garner a bit more favor from critics compared to Modern Warfare III.
    This article originally appeared on Engadget at https://www.engadget.com/a-call-of-duty-game-is-coming-to-xbox-game-pass-just-not-one-anyone-wants-175255224.html?src=rss


  • Russia-linked hackers cut heat to 600 Ukrainian apartment buildings in the dead of winter, researchers say
    Cybersecurity company Dragos has flagged malware that can attack industrial control systems (ICS), tricking them into malicious behavior like turning off the heat and hot water in the middle of winter. TechCrunch reports that’s precisely what the malware, dubbed FrostyGoop, did this January in Lviv, Ukraine, when residents in over 600 apartment buildings lost heat for two days amid freezing temperatures.

    Dragos says FrostyGoop is only the ninth known malware designed to target industrial controllers. It’s also the first to specifically set its sights on Modbus, a widely deployed communications protocol invented in 1979. Modbus is frequently used in industrial environments like the one in Ukraine that FrostyGoop attacked in January.

    Ukraine’s Cyber Security Situation Center (CSSC), the nation’s government agency tasked with digital safety, shared information about the attack with Dragos after discovering the malware in April of this year, months after the attack. The malicious code, written in Golang (The Go programming language designed by Google), directly interacts with industrial control systems over an open internet port (502).

    The attackers likely gained access to Lviv’s industrial network in April 2023. Dragos says they did so by “exploiting an undetermined vulnerability in an externally facing Mikrotik router.” They then installed a remote access tool that voided the need to install the malware locally, which helped it avoid detection.

    The attackers downgraded the controller firmware to a version lacking monitoring capabilities, helping to cover their tracks. Instead of trying to take down the systems altogether, the hackers caused the controllers to report inaccurate measurements — resulting in the loss of heat in the middle of a deep freeze.

    Dragos has a longstanding policy of neutrality in cyberattacks, preferring to focus on education without assigning blame. However, it noted that the adversaries opened secure connections (using layer two tunneling protocol) to Moscow-based IP addresses.

    “I think it’s very much a psychological effort here, facilitated through cyber means when kinetic perhaps here wasn’t the best choice,” Dragos researcher Mark “Magpie” Graham told TechCrunch. Lviv is in the western part of Ukraine, which would be much more difficult for Russia to hit than eastern cities.

    Dragos warns that, given how ubiquitous the Modbus protocol is in industrial environments, FrostyGoop could be used to disrupt similar systems worldwide. The security company recommends continuous monitoring, noting that FrostyGoop evaded virus detection, underscoring the need for network monitoring to flag future threats before they strike. Specifically, Dragos advises ICS operators to use the SANS 5 Critical Controls for World-Class OT Cybersecurity, a security framework for operational environments.
    This article originally appeared on Engadget at https://www.engadget.com/russia-linked-hackers-cut-heat-to-600-ukrainian-apartment-buildings-in-the-dead-of-winter-researchers-say-171414527.html?src=rss


  • US and European antitrust regulators agree to do their jobs when it comes to AI
    Regulators in the US and Europe have laid out the "shared principles" they plan to adhere to in order to "protect competition and consumers" when it comes to artificial intelligence. "Guided by our respective laws, we will work to ensure effective competition and the fair and honest treatment of consumers and businesses," the Department of Justice, Federal Trade Commission, European Commission and the UK9s Competition and Markets Authority (CMA) said.

    "Technological inflection points can introduce new means of competing, catalyzing opportunity, innovation and growth," the agencies said in a joint statement. "Accordingly, we must work to ensure the public reaps the full benefits of these moments."

    The regulators pinpointed fair dealing (i.e. making sure major players in the sector avoid exclusionary tactics), interoperability and choice as the three principles for protecting competition in the AI space. They based these factors on their experience working in related markets.

    The agencies also laid out some potential risks to competition, such as deals between major players in the market. They said that while arrangements between companies in the sector (which are already widespread) may not impact competition in some cases, in others "these partnerships and investments could be used by major firms to undermine or co opt competitive threats and steer market outcomes in their favor at the expense of the public."

    Other risks to competition flagged in the statement include the entrenching or extension of market power in AI-related markets as well as the "concentrated control of key inputs." The agencies define the latter as a small number of companies potentially having an outsized influence over the AI space due to the control and supply of "specialized chips, substantial compute, data at scale and specialist technical expertise."

    In addition, the CMA, DOJ and FTC say they9ll be on the lookout for threats that AI might pose to consumers. The statement notes that it9s important for consumers to be kept in the loop about how AI factors into the products and services they buy or use. "Firms that deceptively or unfairly use consumer data to train their models can undermine people’s privacy, security, and autonomy," the statement reads. "Firms that use business customers’ data to train their models could also expose competitively sensitive information."

    These are all fairly generalized statements about the agencies9 common approach to fostering competition in the AI space, but given that they all operate under different laws, it would be difficult for the statement to go into the specifics of how they9ll regulate. At the very least, the statement should serve as a reminder to companies working in the generative AI space that regulators are keeping a close eye on things, even amid rapidly accelerating advancements in the sector.
    This article originally appeared on Engadget at https://www.engadget.com/us-and-european-antitrust-regulators-agree-to-do-their-jobs-when-it-comes-to-ai-163820780.html?src=rss



  • A Google Nest Wi-Fi 6E three-pack is back on sale for $285
    So much relies on Wi-Fi — your TV, music, games, smart home devices, possibly even your alarm clock — which makes dead zones productivity killers. One of our favorite ways to remedy weak or spotty coverage is with Google's Nest Wi-Fi Pro 6E and right now, a three pack is down to $285. That's a 29 percent discount and matches the sale price it hit last week for Prime Day. This isn't an all-time low, but it's just $5 more than the record. 



    We named the Nest Wi-Fi Pro the best for novice users in our guide to mesh Wi-Fi systems and it earned an 87 in our full review. Our reviewer, Daniel Cooper, called Google's 6E system "more approachable than the rest," though he notes that it's can't beat the competition on speed. 

    The smooth rounded shape is a little more decor-friendly than some more industrial-looking routers and was the first Nest router to harness WiFi 6/6E. That's great if you're looking to upgrade to the newer Wi-Fi standard, but keep in mind that these aren't backwards compatible with any pre-6E Nest routers. 

    As for speed, it's plenty fast enough for streaming movies and browsing the web and the coverage is impressive. To help with performance, it dynamically shunts traffic around the available space, including using the 6GHz band as backhaul. That frees up a lot of space in 2.4 and 5GHz bands, which is what most devices use. So unless you have a ton of devices that are Wi-Fi 6E-enabled, that feature should help. Still, if speed is your main concern, you might be better off with our pick for power users

    Overall, Dan appreicated that this was one of the cheapest WiFi 6E systems on the market, with a particularly easy-to-use app that made set up fairly foolproof. And if you're already using other Nest or Google-compatible smart home equipment, you'll appreciate the integration with the Google Home app. 

    Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.
    This article originally appeared on Engadget at https://www.engadget.com/a-google-nest-wi-fi-6e-three-pack-is-back-on-sale-for-285-153232698.html?src=rss


  • Meta AI is now available in Spanish, Portugese, French and more
    Meta AI launched in September 2023 using the Llama 2 learning language model. Nearly a year later, Meta has announced a new round of features for its AI assistant and a fresh LLM to support it: Llama 3.1. 

    These updates include an expansion of who can access Meta AI. Thanks to the addition of Argentina, Chile, Colombia, Ecuador, Mexico, Peru and Cameroon, the assistant is now available in 22 countries. It9s also accessible in new languages: French, German, Hindi, Hindi-Romanized Script, Italian, Portuguese, and Spanish. However, some of the new features are location or language-specific for the time being. 

    Meta is rolling out a beta tool called "Imagine me" throughout the US. It allows for prompts such as "Imagine me surfing" or "Imagine me as a surrealist painting," and the AI assistant will create it using a photo of the individual. Meta is also adding new ways to tinker with an image, such as removing, changing or editing its content. This feature allows for creating an image, such as a duck, with the "Imagine me" tool and then instructing Meta AI to "Change the duck to a cat." Next month there will also be an "Edit with AI" button for further fine-tuning of images. The company is also rolling out the ability to create an image with Meta AI in a feed, comment, story or message across Facebook, Instagram, WhatsApp and Messenger. It should roll out this week, though just in English for now.

    Then there9s the launch of Llama 3.1 405B — Meta9s new open-source AI model. You can use it on WhatsApp or meta.ai for tasks such as answering math problems and coding. Meta claims it will update its AI technology every two weeks and that new features and languages are on the way. 
    This article originally appeared on Engadget at https://www.engadget.com/meta-ai-is-now-available-in-spanish-portugese-french-and-more-150051715.html?src=rss


  • Llama 3.1 is Meta's latest salvo in the battle for AI dominance
    Meta on Tuesday announced the release of Llama 3.1, the latest version of its large language model that the company claims now rivals competitors from OpenAI and Anthropic. The new model comes just three months after Meta launched Llama 3 by integrating it into Meta AI, a chatbot that now lives in Facebook, Messenger, Instagram and WhatsApp and also powers the company's smart glasses. In the interim, OpenAI and Anthropic already released new versions of their own AI models, a sign that Silicon Valley’s AI arms race isn’t slowing down any time soon.

    Meta said that the new model, called Llama 3.1 405B, is the first openly available model that can compete against rivals in general knowledge, math skills and translating across multiple languages. The model was trained on more than 16,000 NVIDIA H100 GPUs, currently the fastest available chips that cost roughly $25,000 each, and can beat rivals on over 150 benchmarks, Meta claimed.

    The “405B” stands for 405 billion parameters, which are internal variables that an AI model uses to reason and make decisions. The higher the number of parameters an AI model has, the smarter we perceive it to be. OpenAI’s GPT-4 model, by comparison, reportedly has roughly 1.5 trillion parameters, although the company has not disclosed the number so far. In addition, Meta also released upgraded versions of existing Llama models that contain 70 billion and 8 billion parameters each, claiming that the newer versions had stronger reasoning abilities among other things.

    Developers can download Llama 3.1 from its official website, while regular users can play with it through Meta AI in WhatsApp or on meta.ai, the company’s website for its chatbot. “Llama 405B’s improved reasoning capabilities make it possible for Meta AI to understand and answer your more complex questions, especially on the topics of math and coding,” Meta’s blog post states. “You can get help on your math homework with step-by-step explanations and feedback, write code faster with debugging support and optimization.” (Editor’s note: Engadget will pit Llama 3.1 against the New York Times Spelling Bee and report back to you). For now, Meta AI on Facebook, Messenger and Instagram are still restricted to the smaller version of Llama 3.1 that uses 70 billion parameters.

    Unlike OpenAI, Google, Microsoft and Anthropic that keep their AI models proprietary, Meta’s AI models are open source, which means that anyone can modify and use them for free without sharing personal data with Meta. In a letter published on Tuesday, Meta CEO Mark Zuckerberg argued that an open source approach to AI development will ensure wider access to the technology’s benefits, prevent the concentration of power among a few big companies, and enable safer AI deployment across society. By open sourcing the company’s largest language model to date, Meta aims to make Llama the “industry standard” for anyone to develop AI-powered apps and services with, Zuckerberg wrote.

    Open sourcing AI models and adding them to its existing products already used by billions of people could allow Meta to compete more effectively with OpenAI whose ChatGPT and DALL-E chatbots ignited an AI explosion when they launched in 2022. And it could also boost engagement — Meta announced today that users would soon be able to add AI-generated images directly into feeds, stories, comments and messages across Facebook, Messenger, WhatsApp and Instagram.

    In his letter, Zuckerberg also criticized Apple and its closed ecosystem, arguing that the iPhone maker’s restrictive and arbitrary policies had constrained what Meta could build on its platforms. “[It’s] clear that Meta and many other companies would be freed up to build much better services for people if we could build the best versions of our producers and competitors were not able to constrain what we could build,” he wrote.
    This article originally appeared on Engadget at https://www.engadget.com/llama-31-is-metas-latest-salvo-in-the-battle-for-ai-dominance-150042924.html?src=rss


  • Meta's AI assistant is coming to Quest headsets in the US and Canada
    Meta9s AI-powered assistant have been accessible on the Ray-Ban smart glasses for quite some time, but the company will only start rolling it out to its Quest headsets next month. The assistant will still be in experimental mode, however, and it9s availability will be limited to users in the US and Canada. Meta has revealed the update alongside its announcements for the Llama 3.1 and the new Meta AI capabilities

    Users who get access to the assistant in August will be able to put its hands-free controls to the test. The company said Meta AI is replacing the current technology used for Voice Commands on Quest, so it will be the one controlling the headset whenever people use voice for navigation and the one answering their questions if they ask for information. They can ask the assistant for restaurant recommendations for an upcoming trip, as an example, or ask it for the weather those days, as well as suggestions on how to dress for it. 

    They will also be able to use the "Meta AI with Vision" feature, which will let them ask the assistant for information on what they9re seeing, while using Passthrough on the Quest. Passthrough lets users see their environment through a video feed while watching or doing something else on their headsets. A user can, for instance, ask the assistant to look at what9s inside the fridge and suggest what they can cook, or ask for tips on what kind of top would go with a skirt they9re holding up, all while watching a YouTube video.
    This article originally appeared on Engadget at https://www.engadget.com/metas-ai-assistant-is-coming-to-quest-headsets-in-the-us-and-canada-150033530.html?src=rss


  • GM shelves the autonomous Cruise Origin shuttle van
    General Motors is putting the autonomous Cruise Origin shuttle van on ice. The company said that the embattled Cruise, of which GM is the majority owner, will now focus on making the next-gen Chevy Bolt. The automaker debut in Japan in 2026.

    In October, the California Department of Motor Vehicles suspended Cruise's driverless vehicle permits over safety issues. Earlier that month, a pedestrian in San Francisco was dragged 20 feet by a Cruise vehicle and pinned under it after a hit-and-run by another car pushed her into the robotaxi's path. Cruise later paused all driverless operations before temporarily halting production in November.

    According to CNBC, former Cruise CEO Kyle Vogt at one point told staff that hundreds of pre-commercial Origin vehicles had been built. The company has resumed robotaxi operations in Phoenix, Houston and Dallas with human operators on board and is carrying out tests in Dubai. However, it hasn't recommenced operations in San Francisco. It's still under investigation for the October incident there.

    Shelving the Origin is not a decision that GM and Cruise would have come to lightly. In GM's second quarter earnings report, the automaker noted that it incurred around $583 million of Cruise restructuring costs. It said these resulted "from Cruise voluntarily pausing its driverless, supervised and manual [autonomous vehicle] operations in the US and the indefinite delay of the Cruise Origin."

    On the plus side, resuming work on the Bolt (which will presumably use GM's Ultium battery tech the next time around) could be a boon for GM's bottom line. As of 2023, the Bolt EV and EUV accounted for most of GM's electric vehicle sales. It planned to make around 70,000 of them last year before ceasing production.
    This article originally appeared on Engadget at https://www.engadget.com/gm-shelves-the-autonomous-cruise-origin-shuttle-van-144256801.html?src=rss


  • Fujifilm GFX 100 II: The king of medium-format mirrorless cameras
    You can's say Fujifilm is boring. It stuck to APS-C sensors instead of going full-frame like everyone else, while releasing cool and weird models like the X100 VI. That strategy has been refreshing in a conservative industry and undeniably successful.

    It also went big by introducing its first medium-format camera seven years ago, the GFX50S. After eight models, they’ve proven to be popular among pro portrait and scenic photographers, a market Fujifilm never really had before. Each has become increasingly more sophisticated, with better image quality, faster shooting speeds and improved video.

    Now that the company’s flagship $7,500 100-megapixel GFX 100 II, has been out for awhile and had several firmware updates, I was keen to test the new AF speeds and more. So I went to London to try it out alongside two pro photographer friends who are thinking of buying one.
    Body
    The original GFX 100 is a gigantic camera, weighing over three pounds with the viewfinder. The GFX 100 II is more manageable at 2.27 pounds, the same as Panasonic’s full-frame S1. Photographers are still likely to be carrying a heavy bag, though, as medium-format GFX lenses are generally bigger and heavier than full-frame glass.

    The GFX 100 II also feels more like a full-frame camera than an old-school top-down viewfinder medium format model. It has an updated, modern control layout, with a pair of control dials, a mode dial, a joystick, 14 buttons and a movie/photo switch.

    The rear display tilts up, down and to the side, but doesn’t flip out — not a huge deal, as this will never be a vlogging camera. It shines where it counts, though, with a high 2.36 million dot resolution and enough brightness to use in sunlight. The viewfinder, meanwhile, is one of the best on any camera, with an extremely sharp 9.36-million dot resolution and 100 percent magnification.

    It’s easy to handle, thanks to the well-placed controls and large grip. The top display, which stays on even when the camera is switched off, shows all the main settings at a glance. I’m not a huge fan of Fujifilm’s overly complicated menu system, but it’s fine once you get used to it.

    As with other recent high-end cameras, you get both an SD UHS II card slot and a much faster CFexpress B option. The latter is required for fast burst shooting, as I’ll discuss soon. Battery life is solid, with up to 540 shots on a charge, or about an hour of 8K or 4K 60p recording.
    PerformanceSteve Dent for Engadget
    The GFX 100 II is the fastest medium-format camera to date. You can fire bursts at up to 8 fps with the mechanical shutter enabled and capture about 300 lossless RAW frames before the buffer fills. That’s about 36GB of data, so it requires a fast CFexpress card.

    Autofocus wasn’t a strong point on the GFX, but it’s a big step up on this model. The majority of shots in our burst testing were in focus, though it becomes less accurate when the subject is close to the camera. This isn’t a sports camera, obviously, but it still has the best AF I’ve seen on any medium format camera.

    Face and eye detection have also improved, usually locking onto the eye and not, say the eyebrow as the older model did. Fujifilm also introduced AI subject detection from recent models, so it now has settings for animals, birds, automobiles, motorcycles, bikes, airplanes and trains.
    Nathanael Charpentier for Engadget
    The GFX 100 II has a new 5-axis stabilization system with up to eight stops of shake reduction, compared to 5.5 stops before. This is useful for portraits and scenics, letting you shoot down to a quarter second or slower and blur water or people, while keeping the background sharp.

    Rolling shutter was pretty abysmal on the original model, and isn’t a lot better here. If you’re taking street photos and want to remain silent, it’s fine if the subject doesn’t move much. For anything else, use the mechanical shutter to avoid some bad skewing.
    Image quality
    Image quality is this camera’s forte. Naturally, photos are pin sharp thanks to the 102-megapixel sensor. And with 16 bits of color depth in RAW mode, dynamic range is outstanding, right up there with Sony and Nikon. All of that makes it ideal for portraits and landscapes, on top of tasks that benefit from high-resolution, like art preservation.

    The GFX 100 II now goes down to ISO 80 instead of 100 to further boost dynamic range. All of that allows photographers to get creative with RAW photos, or tease detail out of highlights and shadows.

    It’s not bad at high ISOs either, thanks to the sensor’s backside illumination and dual-gain design. There’s very little noise visible at ISO 6400, and photos are usable up to ISO 12800 if exposure is correct.

    The medium format sensor offers incredibly shallow depth of field if you need that for portrait shooting. Combined with a fast lens like the 80 mm f/1.7, it allows for incredible bokeh and subject separation.

    For those who prefer to use JPEGs straight out of the camera, it delivers color-accurate images with the perfect amount of in-camera sharpening. That’s ideal for previews or for folks who want to use Fujifilm’s impressive film simulation modes. For the GFX 100 II, Fujifilm introduced a new one called Reala Ace that’s based directly on one of its old negative films. With a punchy, saturated and slightly nostalgic feel, it has become one of my new favorites.

    There is one quality issue — the GFX 100 II drops from 16- to effectively less than 14-bits when shooting 8fps bursts in order to reduce throughput. That in itself isn’t a huge problem, but Fujifilm has been cagey about how it markets this, which has rubbed a lot of pro photographers the wrong way.
    VideoSteve Dent for Engadget
    I’m starting to sound like a broken record, but the X100 II is also Fuji’s best medium format camera for video. It has a host of new modes, most notably 8K. It also offers 6K, 4K/60p and 1080p at 240fps. All those formats can be captured in 12-bit ProRes, along with 10-bit H.265 formats. You also get access to Fujifilm’s excellent F-Log2 capture that boosts dynamic range.

    There are some considerable compromises, though. 8K is captured with a 1.53 times crop, reducing the effective sensor size to less than full frame — which negates one of the main medium-format advantages: shallow depth of field. Other resolutions use the full sensor width, but pixel binning reduces sharpness.

    Rolling shutter is also an issue at 8K, so be sure not to move the camera much at that resolution. It’s less bothersome at 4K resolutions, likely due to the pixel binning.

    All that aside, video from the GFX100 II has a different quality than I’ve seen from most mirrorless cameras. The larger sensor makes it cinematic, especially with some of Fujifilm’s prime lenses. And the 8K video is extremely sharp when downsampled to 4K in DaVinci Resolve.

    Realistically though, video is more of a nice-to-have feature for occasional use, as the majority of buyers will certainly be using it for photography.
    Wrap-upNathanael Charpentier for Engadget
    The $7,500 GFX100 II is an impressive medium format camera with improvements in every area compared to the previous model. More importantly, what did my pro photographer friends think and will they buy one? “What’s most noticeable is the evolution of the autofocus compared to the GFX100,” said Nathanael Charpentier. “In our studio we usually work with Sony, and the GFX100 II autofocus is still far from Sony’s level, but it’s a big improvement.

    “It’s not a sports camera, it doesn’t have super-fast burst speeds. It’s more for studio portrait work. For certain types of ‘reportage’ like candid wedding shoots, if we really need the extra dynamic range offered by a medium-format camera, I could see using it.” At this point, they’re not planning on buying one due to the high price (and the fact that they just laid down 6,000 euros for an A9 III), but it’s high on their list of future equipment purchases.

    Its main competitor is the $8,200 Hasselblad X2D 100C, which has perhaps slightly better color science and image quality — while also bringing a certain prestige with the Hasselblad name. However, the GFX100 II is superior in most other ways, including speeds, autofocus and video. If you really need to nail autofocus in busy or difficult situations, though, full-frame is still best: Sony’s 45-megapixel $6,500 A1 or Nikon’s $3,800 Z8 or $5,500 Z9 (both 45MP as well) are better choices.
    This article originally appeared on Engadget at https://www.engadget.com/fujifilm-gfx-100-ii-the-king-of-medium-format-mirrorless-cameras-143009929.html?src=rss


  • It's your last chance for a $300 Amazon gift card when you pre-order the Samsung Galaxy Z Fold 6
    The new Samsung Galaxy devices drop tomorrow which means today is your last chance to take advantage of pre-order promotions. One of the best deals we've seen comes from Amazon, which is offering a $300 gift card to anyone who pre-orders the Samsung Galaxy Z Fold 6. The bundle is available for $1,900 thanks to a six percent discount on the 512GB model (originally $2,020). You can pick it up in Silver, Navy or Pink.

    Samsung announced the Galaxy Z Fold 6 earlier this month, and we've had the chance to test it out. We gave it an 86 in our review due to welcome features like native stylus support and an even lighter chassis. It also uses the Snapdragon 8 Gen 3 chip and has a larger vapor chamber, so there's basically no lag, and it's less likely to overheat. The screen is brighter, with a colorful display, and the device lasted over 20 hours during our video rundown test on the main screen and 25 hours and 19 minutes on the exterior screen.



    If you're in the market for something cheaper, check out the Samsung Galaxy Z Flip 6 — a smaller device with some of the same perks. The smartphone is also available for pre-order, with the 512GB model and a $200 Amazon gift card on sale for $1,100. The 512GB Samsung Galaxy Z Flip 6 starts at $1,220 on its own (though both Amazon and Samsung are running pre-order sales on just the phone). Like the Galaxy Z Fold 6, it comes out tomorrow so today is the last day to snag a pre-order deal. 

    Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.
    This article originally appeared on Engadget at https://www.engadget.com/its-your-last-chance-for-a-300-amazon-gift-card-when-you-pre-order-the-samsung-galaxy-z-fold-6-141053944.html?src=rss


  • Intel has finally figured out its long-standing desktop CPU instability issues
    The first reports of instability issues with the 13th-gen Intel desktop CPUs started popping up in late 2022, mere months after the models came out. Those issues persisted, and over time, users reported dealing with unexpected and sudden crashes on PCs equipped with the company9s 14th-gen CPUs, as well. Now, Intel has announced that it finally found the reason why its 13th and 14th-gen desktop processors have been causing crashes and giving out on users, and it promises to roll out a fix by next month. 

    In its announcement, Intel said that based on extensive analysis of the processors that had been returned to the company, it has determined that elevated operating voltage was causing the instability issues. Apparently, it9s because a microcode algorithm — microcodes, or machine codes, are sets of hardware-level instructions — has been sending incorrect voltage requests to the processor. 

    Intel has now promised to release a microcode patch to address the "root cause of exposure to elevated voltages." The patch is still being validated to ensure that it can address all "scenarios of instability reported to Intel," but the company is aiming to roll it out by mid-August. 

    As post on X by Sebastian Castellanos in February put the problem in the spotlight. Castellanos wrote that there was a "worrying trend" of 13th and 14th-gen Intel CPUs having stability issues with Unreal Engine 4 and 5 games, such as Fortnite and Hogwarts Legacy. He also noticed that the issue seems to affect mostly higher-end models and linked to a discussion on Steam Community. The user that wrote the post on Steam wanted to issue a warning to those experiencing "out of video memory trying to allocate a rendering resource" errors that it was their CPU that was faulty. They also linked to several Reddit threads with people experiencing the same problem and who had determined that their issue lied with their Intel CPUs. 

    More recently, the indie studio Alderon Games published a post about "encountering significant problems with Intel CPU stability" while developing its multiplayer dinosaur survival game Path of Titans. Its founder, Matthew Cassells, said the studio found that the issue affected end customers, dedicated game servers, developers9 computers, game server providers and even benchmarking tools that use Intel9s 13th and 14th-gen CPUs. Cassells added that even the CPUs that initially work well deteriorate and eventually fail, based on the company9s observations. "The failure rate we have observed from our own testing is nearly 100 percent," the studio9s post reads, "indicating it9s only a matter of time before affected CPUs fail."
    This article originally appeared on Engadget at https://www.engadget.com/intel-has-finally-figured-out-its-long-standing-desktop-cpu-instability-issues-130042083.html?src=rss


  • Adobe's Photoshop can now generate AI images via prompts like Dall-E or Midjourney
    Adobe has widely released a new and potentially contentious feature: text-to-image generation for Photoshop powered by Firefly, first teased in April. As with LLMs like Dall-E and Midjourney, you can use it to create an image from scratch by typing a description into Photoshop9s updated generative AI tool. 

    I tried it with the text "Dramatic low angle view of a steamship from the 1800s in a storm with large waves and lightning" in multiple styles (anime, watercolor, sketch, realistic) and got decent results. The usual AI art caveats apply though, particularly with weird details if you look closely. But it certainly created useable results and you have the benefit of already being inside Photoshop to fix any errors. 
    Adobe Firefly AI-generated image
    Previously, Photoshop9s Generative Fill feature only let you add, extend or remove specific parts of an image. Now, you can create images from scratch, then tweak them later. "This really speeds up time to creation," Adobe9s Erin Boyce told Engadget in April. "The idea of getting something from your mind to the canvas has never been easier." 

    The feature is powered by Firefly Image 3 model, something at the heart of a recent artist backlash against Adobe. Creators were incensed by language in Adobe9s recent ToS (terms of service), interpreting it to mean that Adobe could freely use their work to train the company9s generative AI models. 

    In its latest post, however, Adobe stated that it has a "commitment to creator friendly AI" which means "never training on customer content." It promised to take a creator-friendly approach as part of its AI ethics principles of accountability, responsibility and transparency.
    Adobe
    Along with image generation, Adobe introduced an "Enhance Detail" feature in Photoshop9s Generative Fill. For Illustrator, it introduced Generative Shape Fill to add detailed vectors in a designer9s unique style (above), Enhanced Text to Pattern (creating customized vector patterns in the artists style) and Style Reference. It also added a Mockup tool to create "high-quality visual prototypes of art on objects like product packaging," enhanced selection capabilities and more.
    This article originally appeared on Engadget at https://www.engadget.com/adobes-photoshop-can-now-generate-ai-images-via-prompts-like-dall-e-or-mid-journey-130018181.html?src=rss


  • Prime Video gets a much-needed UI overhaul with a new content bar and AI recommendations
    For all its stacked selection of original content, like rivals like Netflix. That changes today as Amazon begins rolling out a new Prime Video UI that, in the company’s words, brings “clarity and simplicity back to streaming.”

    The Prime Video redesign starts with a streamlined navigation bar that should make it easier to find your way around. To the left, the bar includes the general categories Home, Movies, TV Shows, Sports and Live TV. Immediately to the right, the nav bar continues with a dedicated tab for content bundled with your Prime membership, followed by sections for add-on subscriptions like Max, Paramount+, Crunchyroll and others. There’s a separate section to add new subscriptions — from Amazon’s more than 100 options — straight from the bar.

    Meanwhile, a new “hero rotator” below the bar drills down to highlight content available within each selected bar section. It looks similar to rival services, which doesn’t sound like a big deal on paper but should be a welcome change for anyone who’s ever futzed around with the confusing old Prime Video UI.
    Amazon
    Unsurprisingly, Amazon is adding personalized AI-generated recommendations (“Made for you”) when navigating the bar’s Movies and TV Shows sections. Using the company’s Bedrock AI model, the machine learning recommendations will offer content tips based on your watch history and preferences.

    AI will also power new show and movie synopses. Amazon says the change will make browsing their blurbs faster, preventing you from having to scroll around to learn more about a given piece of content.

    Finally, Amazon says the UI has new animations, snappier page transitions and zoom effects to make the experience more “frictionless.” On living room devices, video content will auto-play on the hero rotator as you browse around (much like Netflix and other competitors). If you head to the Live TV tab, recommended stations will also play on their own, continuing until you pick something to give your full attention.

    The UI update begins rolling out on Tuesday. You can read more in Amazon’s announcement post.
    This article originally appeared on Engadget at https://www.engadget.com/prime-video-gets-a-much-needed-ui-overhaul-with-a-new-content-bar-and-ai-recommendations-120019397.html?src=rss


  • The Morning After: Condé Nast is the latest media company to accuse AI search engine Perplexity of plagiarism
    Condé Nast, the media giant that owns The New Yorker, Vogue and Wired, has sent a cease-and-desist letter to AI-powered search startup Perplexity, according to The Information. The letter, sent on Monday, demanded Perplexity stop using content from Condé Nast publications in its AI-generated responses and accused the startup of plagiarism. It comes a month after Forbes took similar action.

    Condé Nast CEO Roger Lynch has warned “many” media companies could face financial ruin in the time it would take for litigation against generative AI companies to conclude. Lynch has called upon Congress to take “immediate action.”

    — Mat Smith
    The biggest stories you might have missed
    ThermoWorks’ new wireless meat probe uses radio wavesA more reliable connection than Bluetooth.
    Right in the middle of BBQ season, ThermoWorks, makers of the Thermapen, is upgrading its wireless meat probe. The RFX Meat uses radio technology rather than Bluetooth to transmit data. The company explains its “patent-pending sub-GHz RFX wireless technology” provides a more reliable connection with up to 2,132 feet of direct line of sight range. When placed inside a grill or smoker, it should work at up to 659 feet of range, ThermoWorks says. The $159 RFX Meat starter kit is available for pre-order. Shipping starts September 10, so, arguably, not quite in time for BBQ season.

    Google isn’t killing third-party cookies in Chrome after allThe advertising industry can heave a sigh of relief.
    Google won’t kill third-party cookies in Chrome after all, the company said on Monday in a blog. Instead, it’ll introduce a new experience in the browser that will allow users to make informed choices about their web browsing preferences. Killing cookies, Google said, would hurt online publishers and advertisers.

    Over the past few years, multiple delays and regulatory hurdles have hit Google’s plans to eliminate third-party cookies. Initially, the company wanted to phase out these cookies by the end of 2022 but pushed the deadline to late 2024 and then to early 2025 because of various challenges and feedback from stakeholders, including advertisers, publishers and regulatory bodies, like the UK’s Competition and Markets Authority (CMA).

    The company says it will now focus on giving users more control over their browsing data, including additional privacy controls, like IP Protection in Chrome’s Incognito mode, and ongoing improvements to Privacy Sandbox APIs.

    The Google Pixel 8a is on sale for $449The best cheap Android phone.Engadget
    Google’s Pixel 8a is the best Android phone for less than $500, and now it’s even cheaper than usual, making it the best Android phone for less than $450. Like past A-series devices (usually the best cheap Android phones in their time), it takes most of the headline features from last year’s flagship Pixel phone — the Pixel 8, in this case — and puts them in a slightly cheaper design. You still get a bright and vivid OLED display with a smooth 120Hz refresh rate and superb camera performance.

    Continue reading.
    This article originally appeared on Engadget at https://www.engadget.com/the-morning-after-conde-nast-is-the-latest-media-company-to-accuse-ai-search-engine-perplexity-of-plagiarism-111559877.html?src=rss


  • iRobot’s newest cleaning machine is the first to wash and dry its mopping pad for you
    iRobot unveiled its most advanced and expensive robot vacuum yet on Tuesday. The (deep breath) Roomba Combo 10 Max Robot + AutoWash Dock automatically washes and dries the mopping pad, something you had to do manually on all its previous combo vacs. But at $1,399, many customers will want to wait several generations for the feature to trickle down to models that don’t cost nearly the equivalent of a MacBook Pro.

    Cleaning robots exist to automate tasks that are a pain for us, and the Roomba Combo 10 Max Robot expands on that. iRobot says the dock, which contains “premium antimicrobial materials,” can empty its dirt into an enclosed bag, refill the mopping solution tank and clean itself after each pad wash. You can manually run self-cleaning, and its companion app will remind you when it’s time for standard maintenance or a deeper cleaning.

    The robot can store dirt and debris for up to 60 days before emptying, and the mopping pad and self-cleaning tank hold up to seven days of water. At least in theory, the Combo 10 Max leaves less work for the user than any other Roomba before it.
    iRobot
    iRobot says the new Roomba can seamlessly transition from vacuuming carpet to mopping floors, automatically boosting its suction power when it detects carpets. It can then move back and forth with consistent pressure and deeper scrubbing when it senses that it’s time to mop.

    The combo vacuum is designed to retract its entire mopping system when it reaches carpet, “lifting its mop pad to the top of the robot to keep even high-pile carpets fresh and dry.” Meanwhile, it can vacuum and mop simultaneously on hard floors.

    While other Roomba models have been able to sense particularly messy areas, the Combo 10 Max adds a camera to “visually pinpoint dirt on the floor.” The company claims this allows it to recognize the dirtiest spots up to eight times more frequently, making multiple passes on those areas more efficiently.

    Like other models, the robot cleaner can map your home, but iRobot says it can do so seven times faster than other models while automatically labeling each room type. Its software can even use past cleaning information to predict each room’s cleanliness, proceeding accordingly.
    iRobot
    The robot works with Alexa, Siri and Google Assistant, and iRobot expects it to be Matter-enabled by the end of 2024. That should cover just about every type of smart home. Of course, it includes the company’s memorably branded Pet Owner Official Promise (P.O.O.P.). It provides a free device replacement if the robot accidentally plows through pet waste and ruins your day.

    The Roomba Combo 10 Max is available for pre-order today on iRobot’s website in the US and Canada. (It’s also available to reserve in Europe and will launch there in “the coming months.”) However, as marvelous as the technological cleaning wonders sound, its $1,399 cost of admission prices it out of everything but the most well-heeled homes.




    This article originally appeared on Engadget at https://www.engadget.com/irobots-newest-cleaning-machine-is-the-first-to-wash-and-dry-its-mopping-pad-for-you-110100150.html?src=rss


  • The best foldable phones for 2024
    Folding smartphones have come a long way since the original Samsung Galaxy Fold came out in 2019. They’re smaller, more durable and, even if they aren’t exactly the most budget-friendly phones, they’re more affordable now, too. Whereas you may not have considered a foldable phone as your daily driver five years ago, they’re much more viable options today — and you have many more to choose from. If you’ve been toying with the idea of switching to a folding phone, or you’re ready to upgrade the foldable you already have, we at Engadget can help with your decision-making process. We've spent hundreds of hours and many days testing and reviewing the best foldable phones on the market right now — here's everything you need to know before picking one up.

    Note: For this guide, we’re focusing on devices that are widely available in North America and Europe. That’s because while there are even more options for people who live in Asia (especially China), they are often difficult to buy from abroad and may not support your local carriers.

    Editor's Note (July 2024): We're in the process of reviewing Samsung's latest foldables, including the Galaxy Z Flip 6. We'll update this list accordingly as our reviews are complete.
    How we test foldable smartphones
    When evaluating foldables, we consider the same general criteria as we do when we’re judging the best smartphones. Devices need to have good battery life (at least a full day’s use), bright displays (peaks of at least 1,000 nits), sharp cameras and responsive performance. That said, foldable phones come in different shapes (and sizes); there are varying designs that may appeal to different types of people.

    For those who prefer more compact and stylish devices, flip-style foldables resemble old-school namesakes but with flexible interior displays (typically six to seven inches diagonally) and smaller exterior screens. Alternatively, for power users and people who want to maximize mobile productivity, there are larger book-style foldables (with seven to eight-inch main displays) that can transform from a candy bar-style phone to essentially a small tablet when opened.
    Are foldable phones worth it? A note on durability
    Aside from their displays, the biggest difference between foldable phones and more traditional handsets is durability. That’s because while some models like the Pixel Fold and Samsung’s Galaxy Z line offer IPX8 water resistance (which is good for submersions of up to five feet for 30 minutes), their flexible screens – which are largely made from plastic – present some unique challenges.

    Most foldables come with factory-installed screen protectors. However, unlike regular phones, users are instructed not to remove them without assistance from approved service centers. Thankfully, Samsung does offer one free screen protector replacement for its foldables, while Google charges between $29 and $129 depending on the warranty status of your device. That said, while we can’t do long-term testing for every foldable phone on the market, after personally using the Galaxy Z Fold 3 and Galaxy Z Fold 4 each for a year, I’ve found that Samsung’s pre-installed screen protector tends to start bubbling nine to 12 months after purchase. So you’ll probably want to factor in that your foldable may need some sort of servicing after about a year unless you plan on removing the screen protector entirely (which is possible, but goes against most manufacturers' instructions).

    Furthermore, foldable phone owners need to be mindful about keeping sharp objects away from their flexible displays, as rocks, keys or even pressing down very hard with a fingernail can leave permanent marks. In the event that you need to get a flexible screen serviced, you’re potentially facing a much higher repair bill when compared to a typical phone (up to $500 or more depending on the model and the severity of the damage). In short, while the ruggedness of foldable phones has improved a lot, they're still more delicate than traditional handsets, which is something you need to account for.














    This article originally appeared on Engadget at https://www.engadget.com/best-foldable-phones-160030013.html?src=rss


  • The best smartwatches for 2024
    The best smartwatches offer a whole host of features like the ability to make and take calls, pay for your groceries, track your health and fitness and connect you to useful apps like Spotify. Some even have built-in GPS so you can untether yourself from your smartphone while working out. But with so many smartwatches to choose from, it can be hard to find the best watch for your needs. There are lots of factors to consider, like durability, long battery life and other specs that we’ll go into more detail below. What’s important, however, is that you choose the best smartwatch for you. But if you prefer a simpler device, you can check out our buying guide to the best fitness trackers.

    Editor's Note (July 2024): We're in the process of testing Samsung's latest Galaxy Watches and we'll update this guide once our reviews are complete.
    Table of contents
    Best smartwatches?

    Stylish smartwatches: Fossil and more?

    Factors to consider before buying a smartwatch?

    Other smartwatches our experts tested?
    Best smartwatches









    Stylish smartwatches: Fossil and more Fossil
    Yes, there are still companies out there trying to make “fashionable” hybrid smartwatches. Back when wearables were novel and generally ugly, brands like Fossil, Michael Kors and Skagen found their niche in stylish smartwatches that took cues from analog timepieces. You also have the option to pick up a “hybrid” smartwatch from companies like Withings and Garmin – these devices look like classic wrist watches but incorporate some limited functionality like activity tracking and heart rate monitoring. They remain good options if you prefer that look, but thankfully, wearables made by Apple, Samsung, Fitbit and others have gotten much more attractive over the past few years.

    Ultimately, the only thing you can’t change after you buy a smartwatch is its case design. If you’re not into the Apple Watch’s squared-off corners, all of Samsung’s smartwatches have round cases that look a little more like a traditional watch. Most wearables are offered in a choice of colors and you can pay extra for premium materials like stainless steel for extra durability. Once you decide on a case, your band options are endless – there are dozens of first- and third-party watch straps available for most major smartwatches, and for both larger and smaller wrists, allowing you to change up your look whenever you please.
    Factors to consider before buying a smartwatch Compatibility
    Apple Watches only work with iPhones, while Wear OS devices play nice with both iOS and Android phones. Smartwatches made by Samsung, Garmin, Fitbit and others are also compatible with Android and iOS, but you’ll need to install a companion app on your smartphone.

    The smartwatch OS will also dictate the type and number of third-party apps you’ll have access to. Many of these aren’t useful, though, making this factor a fairly minor one in the grand scheme of things.
    Price
    The best smartwatches generally cost between $300 and $400. Compared to budget smartwatches, which cost between $100 and $250, these pricier devices have advanced operating systems, communications, music and fitness features. They also often include perks like onboard GPS tracking, music storage and NFC, AMOLED displays, and long battery life, things that budget devices generally don’t have.

    Some companies make specialized fitness watches: Those can easily run north of $500, and we’d only recommend them to serious athletes. Luxury smartwatches from brands like TAG Heuer and Hublot can also reach sky-high prices, but we wouldn’t endorse any of them. These devices can cost more than $1,000, and you’re usually paying for little more than a brand name and some needlessly exotic selection of build materials.
    Battery life
    Battery life remains one of our biggest complaints about smartwatches, but there’s hope as of late. You can expect two full days from Apple Watches and most Wear OS devices. Watches using the Snapdragon Wear 3100 processor support extended battery modes that promise up to five days of battery life on a charge — if you’re willing to shut off most features aside from, you know, displaying the time. Other models can last five to seven days, but they usually have fewer features and lower-quality displays. Meanwhile, some fitness watches can last weeks on a single charge. If long battery life is a priority for you, it’s worth checking out the watch’s specs beforehand to see what the manufacturer estimates.
    Communication
    Any smartwatch worth considering delivers call, text and app notifications to your wrist. Call and text alerts are self explanatory, but if those mean a lot to you, consider a watch with LTE. They’re more expensive than their WiFi-only counterparts, but cellular connectivity allows the smartwatch to take and receive phone calls, and do the same with text messages, without your device nearby. As far as app alerts go, getting them delivered to your wrist will let you glance down to the watch face and see if you absolutely need to check your phone right now.
    Fitness tracking
    Activity tracking is a big reason why people turn to smartwatches. An all-purpose timepiece should function as a fitness tracker, logging your steps, calories and workouts, and most of today’s wearables have a heart rate monitor as well.

    Many smartwatches' fitness features include a built-in GPS, which is useful for tracking distance for runs and bike rides. Swimmers will want something water resistant, and thankfully most all-purpose devices now can withstand at least a dunk in the pool. Some smartwatches from companies like Garmin are more fitness focused than others and tend to offer more advanced features like heart-rate-variance tracking, recovery time estimation, onboard maps and more.

    Health tracking on smartwatches has also seen advances over the years. Both Apple and Fitbit devices can estimate blood oxygen levels and measure ECGs. But the more affordable the smartwatch, the less likely it is that it has these kinds of advanced health tracking features; if collecting those kinds of wellness metrics is important to you, you’ll have to pay for the privilege.
    Music
    Your watch can not only track your morning runs but also play music while you’re exercising. Many smartwatches let you save your music locally, so you can connect wireless earbuds via Bluetooth and listen to tunes without bringing your phone. Those that don’t have onboard storage for music usually have on-watch music controls, so you can control playback without whipping out your phone. And if your watch has LTE, local saving isn’t required — you’ll be able to stream music directly from the watch to your paired earbuds.
    Displays
    Most wearables have touchscreens and we recommend getting one that has a full-color touchscreen. Some flagships like the Apple Watch have LTPO displays, which stands for low-temperature polycrystalline oxide. These panels have faster response times and are more power efficient, resulting in a smoother experience when one interacts with the touchscreen and, in some cases, longer battery lives.

    You won’t see significant gains with the latter, though, because the extra battery essentially gets used up when these devices have always-on displays, as most flagship wearables do today. Some smartwatches have this feature on by default while others let you enable it via tweaked settings. This smart feature allows you to glance down at your watch to check the time, health stats or any other information you’ve set it to show on its watchface without lifting your wrist. This will no doubt affect your device’s battery life, but thankfully most always-on modes dim the display’s brightness so it’s not running at its peak unnecessarily. Cheaper devices won’t have this feature; instead, their touchscreens will automatically turn off to conserve battery life and you’ll have to intentionally check your watch to turn on the display again.
    NFC
    Many new smartwatches have NFC, letting you pay for things without your wallet using contactless payments. After saving your credit or debit card information, you can hold your smartwatch up to an NFC reader to pay for a cup of coffee on your way home from a run. Keep in mind that different watches use different payment systems: Apple Watches use Apple Pay, Wear OS devices use Google Pay, Samsung devices use Samsung Pay and so forth.

    Apple Pay is one of the most popular NFC payment systems, with support for multiple banks and credit cards in 72 different countries, while Samsung and Google Pay work in fewer regions. It’s also important to note that both NFC payment support varies by device as well for both Samsung and Google’s systems.
    Other smartwatches our experts tested Apple Watch Ultra 2
    The Apple Watch Ultra 2 is probably overkill for most people, but it has a ton of extra features like extra waterproofing to track diving, an even more accurate GPS and the biggest battery of any Apple Watch to date. Apple designed it for the most rugged among us, but for your average person, it likely has more features than they'd ever need. If you’re particularly clumsy, however, its high level of durability could be a great reason to consider the Apple Watch Ultra 2.
    Apple Watch SE
    The Apple Watch SE is less feature-rich than the flagship model, but it will probably suffice for most people. We actually regard the Watch SE as the best smartwatch option for first-time buyers, or people on stricter budgets. You’ll get all the core Apple Watch features as well as things like fall and crash detection, noise monitoring and Emergency SOS, but you’ll have to do without more advanced hardware perks like an always-on display, a blood oxygen sensor, an ECG monitor and a skin temperature sensor.
    Google Pixel Watch 2
    Google made many noteworthy improvements in the Pixel Watch 2. Unlike the first iteration of the smartwatch, the Pixel Watch 2 is actually a solid contender when positioned next to the likes of the Apple Watch and Samsung's Galaxy Watch. In our review, we praised its excellent heart rate measurements and health insights, plus it has stress management tools that excel over similar features provided by its competitors. However, software quirks and confusing data representations prevent it from earning a spot on our top picks list.
    Garmin Forerunner 745
    Garmin watches in general can be great options for the most active among us. The Garmin Forerunner 745 is an excellent GPS running watch for serious athletes or those who prize battery life above all else. When we tested it, we found it to provide accurate distance tracking, a killer 16-hour battery life with GPS turned on (up to seven days without it) and support for onboard music storage and Garmin Pay.
    This article originally appeared on Engadget at https://www.engadget.com/best-smartwatches-153013118.html?src=rss


  • Google isn’t killing third-party cookies in Chrome after all
    Google won’t kill third-party cookies in Chrome after all, the company said on Monday. Instead, it will introduce a new experience in the browser that will allow users to make informed choices about their web browsing preferences, Google announced in a blog post. Killing cookies, Google said, would adversely impact online publishers and advertisers. This announcement marks a significant shift from Google9s previous plans to phase out third-party cookies by early 2025.

    “[We] are proposing an updated approach that elevates user choice,” wrote Anthony Chavez, vice president of Google’s Privacy Sandbox initiative. “Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time. We9re discussing this new path with regulators, and will engage with the industry as we roll this out.”

    Google will now focus on giving users more control over their browsing data, Chavez wrote. This includes additional privacy controls like IP Protection in Chrome9s Incognito mode and ongoing improvements to Privacy Sandbox APIs.

    Google’s decision provides a reprieve for advertisers and publishers who rely on cookies to target ads and measure performance. Over the past few years, the company’s plans to eliminate third-party cookies have been riding on a rollercoaster of delays and regulatory hurdles. Initially, Google aimed to phase out these cookies by the end of 2022, but the deadline was pushed to late 2024 and then to early 2025 due to various challenges and feedback from stakeholders, including advertisers, publishers, and regulatory bodies like the UK9s Competition and Markets Authority (CMA).

    In January 2024, Google began rolling out a new feature called Tracking Protection, which restricts third-party cookies by default for 1% of Chrome users globally. This move was perceived as the first step towards killing cookies completely. However, concerns and criticism about the readiness and effectiveness of Google9s Privacy Sandbox, a collection of APIs designed to replace third-party cookies, prompted further delays.

    The CMA and other regulatory bodies have expressed concerns about Google9s Privacy Sandbox, fearing it might limit competition and give Google an unfair advantage in the digital advertising market. These concerns have led to extended review periods and additional scrutiny, complicating Google9s timeline for phasing out third-party cookies. Shortly after Google’s Monday announcement, the CMA said that it was “considering the impact” of Google’s change of direction.
    This article originally appeared on Engadget at https://www.engadget.com/google-isnt-killing-third-party-cookies-in-chrome-after-all-202031863.html?src=rss


  • Condé Nast has reportedly accused AI search startup Perplexity of plagiarism
    Condé Nast, the media conglomerate that owns publications such as The New Yorker, Vogue and Wired, has sent a cease-and-desist letter to AI-powered search startup Perplexity, according to The Information. The letter, which was sent on Monday, demands that Perplexity stop using content from Condé Nast publications in its AI-generated responses and accused the startup of plagiarism. 

    The move makes Condé Nast the latest in a growing list of publishers taking a stand against the unauthorized use of their content by AI companies, and comes a month after similar action taken by Forbes. Perplexity and Condé Nast did not immediately respond to a request for comment from Engadget.

    Perplexity, a San Francisco-based startup, is valued at $3 billion and backed by high-profile investors including the Jeff Bezos family fund and NVIDIA, has recently come under scrutiny for not respecting copyright and ripping off content to feed its AI-generated responses. The controversy surrounding the company extends beyond copyright concerns.

    A recent investigation from Wired reveled that the startup’s web crawlers do not respect robots.txt, a type of file that website owners can use to block bots from scraping their content. Last month, Amazon Web Services reportedly launched an investigation to determine whether the startup broke its rules around web scraping. Shortly after, a report from Reuters showed that Perplexity was just one of the many AI companies ignoring robots.txt. 

    This practice has sparked concerns about the ethical and legal implications of AI development and its impact on content creators and publishers. In response, Perplexity executives have talked about starting a revenue-sharing program with publishers, although it is still unclear what its terms will be.

    Condé Nast CEO Roger Lynch has warned that “many” media companies could face financial ruin by the time it would take for litigation against generative AI companies to conclude. Lynch has called upon Congress to take “immediate action” by asking AI companies to compensate publishers for the use of their content and striking licensing deals in the future. Earlier this month, three senators introduced the COPIED Act, a bill that aims to protect journalists, artists and songwriters from AI companies using their content to train AI models.
    This article originally appeared on Engadget at https://www.engadget.com/conde-nast-has-reportedly-accused-ai-search-startup-perplexity-of-plagiarism-191639677.html?src=rss


  • ThermoWorks' RFX Meat wireless probe uses radio waves instead of Bluetooth to monitor food on the grill
    Wireless food probes are some the best grilling gear for keeping tabs on meat and other items while cooking. You don't have to dodge cords when you're flipping a steak or trying to wrap a brisket. Several companies make these, Traeger-owned Meater being one example, but existing products rely solely on Bluetooth and have ambient temperature sensors that may not be the most accurate. ThermoWorks, the company that's known for its Thermapen instant-read thermometers, has officially announced its take on the wireless meat probe: the RFX Meat

    Like ThermoWorks' more robust grill and smoker temperature-tracking devices, the RFX Meat uses radio technology to transmit data rather than Bluetooth. The company explains that its "patent-pending sub-GHz RFX wireless technology" provides a more reliable connection with up to 2,132 feet of direct line of sight range. When placed inside a grill or smoker, ThermoWorks promises up to 659 feet of range. Similar to the competition, the RFX Meat has four internal sensors that provide an accurate measure of food temps with 0.9-degree accuracy between 14 and 212 degrees Fahrenheit. This probe is also IP69K rated, so it's safe to use for deep frying and sous vide. Plus, it can withstand temperatures of up 1,000 degrees Fahrenheit, which makes it well-suited for high-heat searing, and you can stick in in the dishwasher when you're done. 

    Since the RFX Meat utilizes radio frequency and not Bluetooth, you'll need a RFX Gateway receiver to use it. This small device sends cooking data to ThermoWorks Cloud when it's connected to WiFi, or it can be used offline with your phone via Bluetooth. Either way, you get timely updates on your phone to keep tabs on meat and other foods. And when the RFX Gateway is connected to WiFi, you can monitor what's on the grill or smoker from anywhere. The RFX Gateway is also capable of handling readings for up to 70 RFX Meat probes at once. 
    ThermoWorks
    Most of these wireless probes come with a charging dock that doubles as a Bluetooth transmitter. RFX Meat resides in one of these (minus the Bluetooth), and ThermoWorks says you can get over 50 hours of use with a 10-minute charge. The dock uses a single AAA battery which should be enough for over 175 full charges, according to the company. 

    One thing the RFX Meat doesn't have is a built-in ambient temperature sensor. Meater's products, for example, have one situated at the far end of its wireless probes. But, ThermoWorks argues this component doesn't provide accurate readings. Due to the fact that it's close to cold meat at the start or in an evaporative cooling zone around food, a built-in ambient temperature sensor can't accurately keep tabs on the grill, according to the company. So, ThermoWorks devised a solution that uses a wired Pro-Series Air Probe from its other products that plugs into the RFX Gateway. Since this probe is only monitoring grill or smoker temps and can be placed out of the way, it's not as essential that it be wireless. 

    The RFX Meat starter kit is available for preorder today for $159. That price includes the RFX Meat probe, the RFX Gateway and a Pro-Series Air Probe. The same bundle with four RFX Meat probes is $349 and individual probes are $89. You can also purchase the RFX Gateway for $79, which comes with a Pro-Series Air Probe. ThermoWorks says it will start shipping the grilling devices on September 10th. 




    This article originally appeared on Engadget at https://www.engadget.com/thermoworks-rfx-meat-wireless-probe-uses-radio-waves-instead-of-bluetooth-to-monitor-food-on-the-grill-183446728.html?src=rss


  • Warner Bros. has bought the developer behind its MultiVersus brawler
    Warner Bros. just announced the acquisition of Player First Games, the developer behind the popular free-to-play platform fighter MultiVersus. This makes a whole lot of sense as the hit Smash Bros-esque brawler pulls its entire roster from WB properties. The game includes characters like Batman, Bugs Bunny, Agent Smith from The Matrix and, of course, both Rick and Morty.

    It doesn’t look like much will change with regard to the day-to-day workings of Player First Games. Co-founders Tony Huynh and Chris White will still lead the company, though the pair will report to Carlos Barbosa, Vice President and Studio Head of Warner Bros. Games.

    Huynh says the team is excited about the acquisition and that it should “be great for MultiVersus overall.” There has been no announcement as to what comes next for the fighting game. However, Player First regularly drops new characters into the roster, so this will likely continue. I for one would like to beat up Tom and Jerry as Tony Soprano. Make it happen WB.

    MultiVersus is available now on just about every platform out there, including PS5, PS4, Xbox One, Xbox Series X/S and PC. Even better? There’s crossplay between platforms. The game isn’t available for the Nintendo Switch just yet, but maybe that’ll change whenever the Switch 2 makes its grand entrance.
    This article originally appeared on Engadget at https://www.engadget.com/warner-bros-has-bought-the-developer-behind-its-multiversus-brawler-180355445.html?src=rss


  • EU officials say Meta may be violating consumer laws with paid 'ad-free' plan
    The European Commission really isn9t happy about a Meta business model that gives users in the EU, European Economic Area and Switzerland the generous choice of continuing to use Facebook and Instagram with targeted ads without paying anything, or signing up for a monthly subscription that9s said to offer an ad-free experience.

    Officials from the Consumer Protection Cooperation (CPC) Network — a group of national authorities that enforce EU consumer protection laws — have suggested that Meta may be violating consumer legislation with the "pay or consent" approach. The Commission, which is the European Union9s executive arm, coordinated the group9s action against Meta.

    The CPC Network sent Meta a letter laying out numerous ways in which it believes the company may be violating consumer laws. The company has until September 1 to reply and propose solutions to officials9 concerns. If CPC officials find that Meta doesn9t take appropriate steps to solve the problems, they could take enforcement actions against the company, which may include sanctions.

    CPC authorities have suggested that Meta is misleading users by describing its platforms as free to use if they opt not to pay for a subscription, when Meta in fact monetizes their personal data by displaying targeted ads. They further say that Meta is "confusing users" by requiring them to access different areas of the privacy policy and terms of service to see how their data is being used for personalized ads.

    Officials have also taken aim at Meta9s "imprecise terms and language" that suggest subscribers will not see ads at all, even though those still might be displayed "when engaging with content shared via Facebook or Instagram by other members of the platform." Furthermore, they claim Meta is pressuring users who have long used Facebook and Instagram without forking over any payment "to make an immediate choice, without giving them a pre-warning, sufficient time and a real opportunity to assess how that choice might affect their contractual relationship with Meta, by not letting them access their accounts before making their choice."

    Meta introduced its "pay or consent" options last year in an attempt to comply with the EU9s data protection laws while maintaining its advertising model. CPC officials say they are concerned that "many consumers might have been exposed to undue pressure to choose rapidly" between consenting to data collection or paying a monthly fee, "fearing that they would instantly lose access to their accounts and their network of contacts."

    This action is separate from other investigations the EU is carrying out against Meta over the "pay or consent" model. Earlier this month, the EU said Meta had potentially breached the Digital Markets Act with this approach. If found guilty, Meta could be on the hook for a fine of up to 10 percent of its global annual revenue.

    In addition, the Commission requested more information from the company in March about the "pay or consent" model under the Digital Services Act, another law the bloc designed to keep the power of major tech companies in check. Not only that, consumer rights groups have filed complaints arguing that the approach violates the EU9s General Data Protection Regulation.
    This article originally appeared on Engadget at https://www.engadget.com/eu-officials-say-meta-may-be-violating-consumer-laws-with-paid-ad-free-plan-175834177.html?src=rss


  • Apple accused of underreporting suspected CSAM on its platforms
    E2EE as well, and that service reported nearly 1.4 million cases of suspected CSAM to NCMEC in 2023.

    “There is a concerning discrepancy between the number of UK child abuse image crimes taking place on Apple’s services and the almost negligible number of global reports of abuse content they make to authorities,” Richard Collard, the NSPCC9s head of child safety online policy, said. “Apple is clearly behind many of their peers in tackling child sexual abuse when all tech firms should be investing in safety and preparing for the roll out of the Online Safety Act in the UK.”

    In 2021, Apple announced plans to deploy a system that would scan images before they were uploaded to iCloud and compare them against a database of known CSAM images from NCMEC and other organizations. But following a backlash from privacy and digital rights advocates, Apple delayed the rollout of its CSAM detection tools before ultimately killing the project in 2022.

    Apple declined to comment on the NSPCC9s accusation, instead pointing The Guardian to a statement it made when it shelved the CSAM scanning plan. Apple said it opted for a different strategy that “prioritizes the security and privacy of [its] users.” The company told Wired in August 2022 that "children can be protected without companies combing through personal data." 
    This article originally appeared on Engadget at https://www.engadget.com/apple-accused-of-underreporting-suspected-csam-on-its-platforms-153637726.html?src=rss


  • iRobot's Roomba Combo Essential robot vacuum and mop is on sale for $200
    The iRobot Roomba Combo Essential vacuum and mop hybrid robot is on sale for just $200. That’s a discount of $75 and one of the best prices we’ve seen on this particular model. This version just came out back in April, so a sale this significant (outside of Prime Day) comes as something of a surprise.

    This is squarely a budget-friendly entry in the company’s lineup of robot vacuums, but it’s certainly no slouch. As the name suggests, it can handle both vacuuming and mopping duties, which is always nice. The company says this model actually outperforms the popular Roomba 600 Series, with 20 times more suction power.



    It boasts a similar smart navigation algorithm as other iRobot vacuums and offers a robust battery life of 120 minutes. That’s certainly long enough to both vacuum and mop an entire home, with time left over to chase the cats around. Like most of the company’s vacuums, there’s an affiliated app that lets people customize various settings and set up cleaning schedules.

    There’s one major downside, though this is true of most robovacs in this price range. There’s no dedicated waste bin so you’ll have to stay on top of emptying and cleaning the vacuum yourself. I own a budget-friendly robot vacuum and have never found this to be a huge deal. The emptying process takes under a minute, though you do have to do it after every cleaning session.

    Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.
    This article originally appeared on Engadget at https://www.engadget.com/irobots-roomba-combo-essential-robot-vacuum-and-mop-is-on-sale-for-200-151836301.html?src=rss


  • The Google Pixel 8a is on sale for a low of $449
    We called Google's Pixel 8a the best Android phone for less than $500 upon its release in May, and now it's even cheaper than usual. The handset is down to $449 at Amazon, Target, Best Buy and the Google Store, which is a $50 drop. Though we've technically seen the phone go for less, those deals have required you to trade in an older device or tie yourself to a specific carrier. Another pre-order deal threw in a $100 gift card, but only if you bought the phone at full price. This newest deal, though, marks the largest cash discount we've seen for the unlocked model. 



    This price applies to the base version of the phone, which includes 128GB of storage space. If you need more room, the 256GB model is also $50 off at $509. Again, that's the lowest price we've seen for the unlocked variant. Both of these deals have been available for about a week now, but they still represent good value if you've been waiting for a price drop. 

    Engadget's Sam Rutherford gave the Pixel 8a a score of 90 in his review. Like past A-series devices, it takes most of the headline features from last year's flagship Pixel phone — the Pixel 8 in this case — and puts them in a slightly cheaper design. You still get a bright and vivid OLED display with a smooth 120Hz refresh rate, superb camera performance and enough battery life for a typical day. It runs on the same Tensor G3 chip and 8GB of RAM, which means it can get warm under heavy load but can handle virtually any task. The stock software is just as clean, and Google promises the same seven years of OS and security updates. The handful of actually useful AI features from the standard Pixel 8 are here as well, including a Magic Eraser tool that lets you remove unwanted objects from photos. 

    If you can afford to step up to the Pixel 8, you still should. That device is a few months older but offers faster wired and wireless charging speeds, thinner bezels and slightly better photo quality, particularly in darker settings and with zoomed-in shots. It has a glass back rather than one made from matte plastic, plus its screen is a tiny bit bigger (6.2 inches versus 6.1 inches). It's currently on sale for $549 for a 128GB model or $609 for a256GB one. If you really want to save the extra $100, though, the Pixel 8a isn't far behind. And if money is no object, keep in mind that Google has already confirmed that new Pixel 9 devices will arrive next month

    Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.
    This article originally appeared on Engadget at https://www.engadget.com/the-google-pixel-8a-is-on-sale-for-a-low-of-449-145943989.html?src=rss



  • CrowdStrike outage aftershocks cause Delta to cancel over 1,000 more flights
    The CrowdStrike outage that started late on Thursday is still causing havoc as Delta was forced to scrap an additional 1,250 flights yesterday on top of the 3,500 already cancelled, affected 8.5 million Windows devices, causing many to go into a boot loop that could only be recovered by technicians with direct access to machines. The problem turned out to be a faulty sensor designed to detect malicious activity that "triggered a logic error that resulted in an operating system crash," according to CrowdStrike.

    Delta was the worst hit of any US airline, and United Airlines was a distant second with about 266 (9 percent) of flights cancelled on Sunday. 

    At first, United and Delta told stranded travelers that they wouldn9t cover bills since the CrowdStrike crash was out of their control. However, US Transportation Secretary Pete Buttigieg later stepped in and said that he considered the situation self-inflicted, so carriers would need to cover food, transportation and lodging costs for any delays longer than three hours as required by law. 

    CrowdStrike said today that a "significant" number of devices are back online and the company is reportedly close to rolling out an automatic fix to the issue. Also heavily impacted by the outage are healthcare and other public services in the US and UK, with the NHS warning patients that "there may still be some delays." 
    This article originally appeared on Engadget at https://www.engadget.com/crowdstrike-outage-aftershocks-cause-delta-to-cancel-over-1000-more-flights-120025978.html?src=rss


  • The 6 best Mint alternatives to replace the budgeting app that shut down
    It's been a few months since Intuit shut down the popular budgeting app Mint. I was a Mint user for many years; millions of other users like me enjoyed how easily Mint allowed us to track all accounts in one place and monitor credit scores. I also used it regularly to help me track spending, set goals like pay my mortgage down faster and with general money management.

    Ahead of Mint’s demise, I gave Credit Karma, Intuit’s other financial app, a try but found it to be a poor Mint alternative. So I set out to find a true replacement in another budgeting app. The following guide lays out my experience testing some of the most popular Mint replacement apps available today. If you’re also on the hunt for a budgeting app to replace Mint, we hope these details can help you decide which of the best budgeting apps out there could meet your needs in this post-Mint world.
    Best Mint alternatives in 2024




    No pun intended, but what I like about Quicken Simplifi is its simplicity. Whereas other budgeting apps try to distinguish themselves with dark themes and customizable emoji, Simplifi has a clean user interface, with a landing page that you just keep scrolling through to get a detailed overview of all your stats. These include your top-line balances; net worth; recent spending; upcoming recurring payments; a snapshot of your spending plan; top spending categories; achievements; and any watchlists you’ve set up. You can also set up savings goals elsewhere in the app. I also appreciate how it offers neat, almost playful visualizations without ever looking cluttered. I felt at home in the mobile and web dashboards after a day or so, which is faster than I adapted to some competing services (I’m looking at you, YNAB and Monarch).

    Getting set up with Simplifi was mostly painless. I was particularly impressed at how easily it connected to Fidelity; not all budget trackers do, for whatever reason. This is also one of the only services I tested that gives you the option of inviting a spouse or financial advisor to co-manage your account. One thing I would add to my initial assessment of the app, having used it for a few months now: I wish Simplifi offered Zillow integration for easily tracking your home value (or at least a rough estimate of it). Various competitors including Monarch Money and Copilot Money work with Zillow, so clearly there's a Zillow API available for use. As it stands, Simplifi users must add real estate manually like any other asset.
    Dana Wollman / Engadget
    In practice, Simplifi miscategorized some of my expenses, but nothing out of the ordinary compared to any of these budget trackers. As you’re reviewing transactions, you can also mark if you’re expecting a refund, which is a unique feature among the services I tested. Simplifi also estimated my regular income better than some other apps I tested. Most of all, I appreciated the option of being able to categorize some, but not all, purchases from a merchant as recurring. For instance, I can add my two Amazon subscribe-and-saves as recurring payments, without having to create a broad-strokes rule for every Amazon purchase.

    The budgeting feature is also self-explanatory. Just check that your regular income is accurate and be sure to set up recurring payments, making note of which are bills and which are subscriptions. This is important because Simplifi shows you your total take-home income as well as an “income after bills” figure. That number includes, well, bills but not discretionary subscriptions. From there, you can add spending targets by category in the “planned spending” bucket. Planned spending can also include one-time expenditures, not just monthly budgets. When you create a budget, Simplifi will suggest a number based on a six-month average.

    Not dealbreakers, but two things to keep in mind as you get started: Simplifi is notable in that you can’t set up an account through Apple or Google. There is also no option for a free trial, though Quicken promises a “30-day money back guarantee.”



    Monarch Money grew on me. My first impression of the budgeting app, which was founded by a former Mint product manager, was that it's more difficult to use than others on this list, including Simplifi, NerdWallet and Copilot. And it is. Editing expense categories, adding recurring transactions and creating rules, for example, is a little more complicated than it needs to be, especially in the mobile app. (My advice: Use the web app for fine-tuning details.) Monarch also didn’t get my income right; I had to edit it.

    Once you’re set up, though, Monarch offers an impressive level of granularity. In the budgets section, you can see a bona fide balance sheet showing budgets and actuals for each category. You'll also find a forecast, for the year or by month. And recurring expenses can be set not just by merchant, but other parameters as well. For instance, while most Amazon purchases might be marked as “shopping,” those for the amounts of $54.18 or $34.18 are definitely baby supplies, and can be automatically marked as such each time, not to mention programmed as recurring payments. Weirdly, though, there’s no way to mark certain recurring payments as bills, specifically.
    Dana Wollman / Engadget
    Not long after I first published this story in December 2023, Monarch introduced a detailed reporting section where you can create on-demand graphs based on things like accounts, categories and tags. That feature is available just on the web version of the app for now. As part of this same update, Monarch added support for an aggregator that makes it possible to automatically update the value of your car. This, combined with the existing Zillow integration for tracking your home value, makes it easy to quickly add a non-liquid asset like a vehicle or real estate, and have it show up in your net worth graph.

    The mobile app is mostly self-explanatory. The main dashboard shows your net worth; your four most recent transactions; a month-over-month spending comparison; income month-to-date; upcoming bills; an investments snapshot; a list of any goals you’ve set; and, finally, a link to your month-in-review. That month-in-review is more detailed than most, delving into cash flow; top income and expense categories; cash flow trends; changes to your net worth, assets and liabilities; plus asset and liability breakdowns. In February 2024, Monarch expanded on the net worth graph, so that if you click on the Accounts tab you can see how your net worth changed over different periods of time, including one month, three months, six months, a year or all time.

    On the main screen, you’ll also find tabs for accounts, transactions, cash flow, budget and recurring. Like many of the other apps featured here, Monarch can auto-detect recurring expenses and income, even if it gets the category wrong. (They all do to an extent.) Expense categories are marked by emoji, which you can customize if you’re so inclined.

    Monarch Money uses a combination of networks to connect with banks, including Plaid, MX and Finicity, a competing network owned by Mastercard. (I have a quick explainer on Plaid, the industry standard in this space, toward the end of this guide.) As part of an update in late December, Monarch has also made it easier to connect through those other two networks, if for some reason Plaid fails. Similar to NerdWallet, I found myself completing two-factor authentication every time I wanted to get past the Plaid screen to add another account. Notably, Monarch is the only other app I tested that allows you to grant access to someone else in your family — likely a spouse or financial advisor. Monarch also has a Chrome extension for importing from Mint, though really this is just a shortcut for downloading a CSV file, which you’ll have to do regardless of where you choose to take your Mint data.

    Additionally, Monarch just added the ability to track Apple Card, Apple Cash, and Savings accounts, thanks to new functionality brought with the iOS 17.4 update. It's not the only one either; currently, Copilot and YNAB have also added similar functionality that will be available to anyone with the latest versions of their respective apps on a device running iOS 17.4. Instead of manually uploading statements, the new functionality allows apps like Monarch's to automatically pull in transactions and balance history. That should make it easier to account for spending on Apple cards and accounts throughout the month.

    Monarch also recently launched investment transactions in beta. It also says bill tracking and an overhauled goals system are coming soon. Monarch hasn't provided a timeline for that last one, except to say that the improved goals feature is coming in early 2024.



    Copilot Money might be the best-looking budgeting app I tested. It also has the distinction of being exclusive to iOS and Macs — at least for now. Andres Ugarte, the company’s CEO, has publicly promised that Android and web apps are coming in 2024 (more likely the second half of the year, Ugarte tells me). But until it follows through, I can’t recommend Copilot for most people with so many good competitors out there.
    Copilot Money for Web and Android!

    Thanks to the support from our users, and the overwhelming positive reception we're seeing from folks migrating from Mint, we can now say that we'll be building @copilotmoney for Web and Android with a goal to launch in 2024.

    We'll continue to…
    — Andres Ugarte (@chuga) November 15, 2023
    There are other features that Copilot is missing, which I’ll get into. But it is promising, and one to keep an eye on. It’s just a fast, efficient, well designed app, and Android users will be in for a treat when they’ll finally be able to download it. It makes good use of colors, emoji and graphs to help you understand at a glance how you’re doing on everything from your budgets to your investment performance to your credit card debt over time. In particular, Copilot does a better job than almost any other app of visualizing your recurring monthly expenses.

    Behind those punchy colors and cutesy emoji, though, is some sophisticated performance. Copilot’s AI-powered “Intelligence” gets smarter as you go at categorizing your expenses. (You can also add your own categories, complete with your choice of emoji.) It’s not perfect. Copilot miscategorized some purchases (they all do), but it makes it easier to edit than most. On top of that, the internal search feature is very fast; it starts whittling down results in your transaction history as soon as you begin typing.
    Dana Wollman / Engadget
    Copilot is also unique in offering Amazon and Venmo integrations, allowing you to see transaction details. With Amazon, this requires just signing into your Amazon account via an in-app browser. For Venmo, you have to set up fwd@copilot.money as a forwarding address and then create a filter, wherein emails from venmo@venmo.com are automatically forwarded to fwd@copilot.money. Like Monarch Money, you can also add any property you own and track its value through Zillow, which is integrated with the app.

    While the app is heavily automated, I still appreciate that Copilot marks new transactions for review. It’s a good way to both weed out fraudulent charges, and also be somewhat intentional about your spending habits.

    Like Monarch Money, Copilot updated its app to make it easier to connect to banks through networks other than Plaid. As part of the same update, Copilot said it has improved its connections to both American Express and Fidelity which, again, can be a bugbear for some budget tracking apps. In an even more recent update, Copilot added a Mint import option, which other budgeting apps have begun to offer as well.

    Because the app is relatively new (it launched in early 2020), the company is still catching up to the competition on some table-stakes features. Ugarte told me that his team is almost done building out a detailed cash flow section, which could launch before the end of 2023, but more likely in early 2024. On its website, Copilot also promises a raft of AI-powered features that build on its current “Intelligence” platform, the one that powers its smart expense categorization. These include “smart financial goals,” natural language search, a chat interface, forecasting and benchmarking. That benchmarking, Ugarte tells me, is meant to give people a sense of how they’re doing compared to other Copilot users, on both spending and investment performance. Most of these features should arrive in the new year.

    Copilot does a couple interesting things for new customers that distinguish it from the competition. There’s a “demo mode” that feels like a game simulator; no need to add your own accounts. The company is also offering two free months with RIPMINT — a more generous introductory offer than most. When it finally does come time to pony up, the $7.92 monthly plan is cheaper than some competing apps, although the $95-a-year-option is in the same ballpark.





    You may know NerdWallet as a site that offers a mix of personal finance news, explainers and guides. I see it often when I google a financial term I don’t know and sure enough, it’s one of the sites I’m most likely to click on. As it happens, NerdWallet also has the distinction of offering one of the only free budgeting apps I tested. In fact, there is no paid version; nothing is locked behind a paywall. The main catch: There are ads everywhere. To be fair, the free version of Mint was like this, too.

    Even with the inescapable credit card offers, NerdWallet has a clean, easy-to-understand user interface, which includes both a web and a mobile app. The key metrics that it highlights most prominently are your cash flow, net worth and credit score. (Of note, although Mint itself offered credit score monitoring, most of its rivals do not.) I particularly enjoyed the weekly insights, which delve into things like where you spent the most money or how much you paid in fees — and how that compares to the previous month. Because this is NerdWallet, an encyclopedia of financial info, you get some particularly specific category options when setting up your accounts (think: a Roth or non-Roth IRA).
    Dana Wollman / Engadget
    As a budgeting app, NerdWallet is more than serviceable, if a bit basic. Like other apps I tested, you can set up recurring bills. Importantly, it follows the popular 50/30/20 budgeting rule, which has you putting 50% of your budget toward things you need, 30% toward things you want, and the remaining 20% into savings or debt repayments. If this works for you, great — just know that you can’t customize your budget to the same degree as some competing apps. You can’t currently create custom spending categories, though a note inside the dashboard section of the app says “you’ll be able to customize them in the future.” You also can’t move items from the wants column to “needs” or vice versa but “In the future, you'll be able to move specific transactions to actively manage what falls into each group.” A NerdWallet spokesperson declined to provide an ETA, though.

    Lastly, it’s worth noting that NerdWallet had one of the most onerous setup processes of any app I tested. I don’t think this is a dealbreaker, as you’ll only have to do it once and, hopefully, you aren’t setting up six or seven apps in tandem as I was. What made NerdWallet’s onboarding especially tedious is that every time I wanted to add an account, I had to go through a two-factor authentication process to even get past the Plaid splash screen, and that’s not including the 2FA I had set up at each of my banks. This is a security policy on NerdWallet’s end, not Plaid’s, a Plaid spokesperson says.

    Precisely because NerdWallet is one of the only budget trackers to offer credit score monitoring, it also needs more of your personal info during setup, including your birthday, address, phone number and the last four digits of your social security number. It’s the same with Credit Karma, which also does credit score monitoring.

    Related to the setup process, I found that NerdWallet was less adept than other apps at automatically detecting my regular income. In my case, it counted a large one-time wire transfer as income, at which point my only other option was to enter my income manually (which is slightly annoying because I would have needed my pay stub handy to double-check my take-home pay).



    YNAB is, by its own admission, “different from anything you’ve tried before.” The app, whose name is short for You Need a Budget, promotes a so-called zero-based budgeting system, which forces you to assign a purpose for every dollar you earn. A frequently used analogy is to put each dollar in an envelope; you can always move money from one envelope to another in a pinch. These envelopes can include rent and utilities, along with unforeseen expenses like holiday gifts and the inevitable car repair. The idea is that if you budget a certain amount for the unknowns each month, they won’t feel like they’re sneaking up on you.

    Importantly, YNAB is only concerned with the money you have in your accounts now. The app does not ask you to provide your take-home income or set up recurring income payments (although there is a way to do this). The money you will make later in the month through your salaried job is not relevant, because YNAB does not engage in forecasting.

    The app is harder to learn than any other here, and it requires more ongoing effort from the user. And YNAB knows that. Inside both the mobile and web apps are links to videos and other tutorials. Although I never quite got comfortable with the user interface, I did come to appreciate YNAB’s insistence on intentionality. Forcing users to draft a new budget each month and to review each transaction is not necessarily a bad thing. As YNAB says on its website, “Sure, you’ve got pie charts showing that you spent an obscene amount of money in restaurants — but you’ve still spent an obscene amount of money in restaurants.” I can see this approach being useful for people who don’t tend to have a lot of cash in reserve at a given time, or who have spending habits they want to correct (to riff off of YNAB’s own example, ordering Seamless four times a week).

    My colleague Valentina Palladino, knowing I was working on this guide, penned a respectful rebuttal, explaining why she’s been using YNAB for years. Perhaps, like her, you have major savings goals you want to achieve, whether it’s paying for a wedding or buying a house. I suggest you give her column a read. For me, though, YNAB’s approach feels like overkill.



    PocketGuard is one of the only reputable free budget trackers I found in my research. Just know it’s far more restricted at the free tier than NerdWallet or Mint. In my testing, I was prompted to pay after I attempted to link more than two bank accounts. So much for free, unless you keep things simple with one cash account and one credit card. When it comes time to upgrade to PocketGuard Plus, you have three options: pay $7.99 a month, $34.99 a year or $79.99 for a one-time lifetime license. That lifetime option is actually one of the few unique selling points for me: I’m sure some people will appreciate paying once and never having to, uh, budget for it again.

    From the main screen, you’ll see tabs for accounts, insights, transactions and the “Plan,” which is where you see recurring payments stacked on top of what looks like a budget. The main overview screen shows you your net worth, total assets and debts; net income and total spending for the month; upcoming bills; a handy reminder of when your next paycheck lands; any debt payoff plan you have; and any goals.
    Dana Wollman / Engadget
    Like some other apps, including Quicken Simplifi, PocketGuard promotes an “after bills” approach, where you enter all of your recurring bills, and then PocketGuard shows you what’s left, and that’s what you’re supposed to be budgeting: your disposable income. Obviously, other apps have a different philosophy: take into account all of your post-tax income and use it to pay the bills, purchase things you want and maybe even save a little. But in PocketGuard, it’s the “in your pocket” number that’s most prominent. To PocketGuard’s credit, it does a good job visualizing which bills are upcoming and which ones you’ve already paid.

    PocketGuard has also publicly committed to adding some popular features in early 2024. These include rollover budgeting in January 2024, categorization rules in February and shared household access in March.
    Dana Wollman / Engadget
    Although PocketGuard’s UI is easy enough to understand, it lacks polish. The “accounts” tab is a little busy, and doesn’t show totals for categories like cash or investments. Seemingly small details like weirdly phrased or punctuated copy occasionally make the app feel janky. More than once, it prompted me to update the app when no updates were available. The web version, meanwhile, feels like the mobile app blown up to a larger format and doesn’t take advantage of the extra screen real estate.

    Of note, although PocketGuard does work with Plaid, its primary bank-connecting platform is actually Finicity. Setting up my accounts through Finicity was mostly a straightforward process. I did encounter one hiccup: Finicity would not connect to my SoFi account. I was able to do it through Plaid, but PocketGuard doesn’t make it easy to access Plaid in the app. The only way, as far as I can tell, is to knowingly search for the name of a bank that isn’t available through Finicity, at which point you get the option to try Plaid instead. Like I said: the experience can be janky.
    What is Plaid and how does it work?
    Each of the apps I tested uses the same underlying network, called Plaid, to pull in financial data, so it’s worth explaining in its own section what it is and how it works. Plaid was founded as a fintech startup in 2013 and is today the industry standard in connecting banks with third-party apps. Plaid works with over 12,000 financial institutions across the US, Canada and Europe. Additionally, more than 8,000 third-party apps and services rely on Plaid, the company claims.

    To be clear, you don’t need a dedicated Plaid app to use it; the technology is baked into a wide array of apps, including the budget trackers I tested for this guide. Once you find the “add an account” option in whichever one you’re using, you’ll see a menu of commonly used banks. There’s also a search field you can use to look yours up directly. Once you find yours, you’ll be prompted to enter your login credentials. If you have two-factor authentication set up, you’ll need to enter a one-time passcode as well.

    As the middleman, Plaid is a passthrough for information that may include your account balances, transaction history, account type and routing or account number. Plaid uses encryption, and says it has a policy of not selling or renting customer data to other companies. However, I would not be doing my job if I didn’t note that in 2022 Plaid was forced to pay $58 million to consumers in a class action suit for collecting “more financial data than was needed.” As part of the settlement, Plaid was compelled to change some of its business practices.

    In a statement provided to Engadget, a Plaid spokesperson said the company continues to deny the allegations underpinning the lawsuit and that “the crux of the non-financial terms in the settlement are focused on us accelerating workstreams already underway related to giving people more transparency into Plaid’s role in connecting their accounts, and ensuring that our workstreams around data minimization remain on track.”
    My top Mint alternative picks: Quicken Simplifi and Copilot Money
    To conclude, you might be wondering what app I decided on for myself after all of this research. The answer is actually two apps: Quicken Simplifi, my overall top pick, and Copilot Money. For now, I am actively using both apps and still deciding, long-term, which I feel more comfortable with. I tend to prefer Copilot's fast, colorful user interface, but as I explained above, it's too lacking in table-stakes features for me to go so far as to name it the best overall option.
    How to import your financial data from the Mint app
    Mint users should consider getting their data ready to migrate to their new budgeting app of choice soon. Unfortunately, importing data from Mint is not as easy as entering your credentials from inside your new app and hitting “import.” In fact, any app that advertises the ability to port over your stats from Mint is just going to have you upload a CSV file of transactions and other data.

    To download a CSV file from Mint, do the following:

    Sign into Mint.com and hit Transactions in the menu on the left side of the screen.

    Select an account, or all accounts.

    Scroll down and look for “export [number] transactions” in smaller print.

    Your CSV file should begin downloading.

    Note: Downloading on a per-account basis might seem more annoying, but could help you get set up on the other side, if the app you’re using has you importing transactions one-for-one into their corresponding accounts.
    How we tested Mint alternatives
    Before I dove into the world of budgeting apps, I had to do some research. To find a list of apps to test, I consulted trusty ol’ Google (and even trustier Reddit); read reviews of popular apps on the App Store; and also asked friends and colleagues what budget tracking apps they might be using. Some of the apps I found were free, just like Mint. These, of course, show loads of ads (excuse me, “offers”) to stay in business. But most of the available apps require paid subscriptions, with prices typically topping out around $100 a year, or $15 a month. (Spoiler: My top pick is cheaper than that.)

    Since this guide is meant to help Mint users find a permanent replacement, any services I chose to test needed to do several things: import all of your account data into one place; offer budgeting tools; and track your spending, net worth and credit score. Except where noted, all of these apps are available for iOS, Android and on the web.

    Once I had my shortlist of six apps, I got to work setting them up. For the sake of thoroughly testing these apps (and remember, I really was looking for a Mint alternative myself), I made a point of adding every account to every budgeting app, no matter how small or immaterial the balance. What ensued was a veritable Groundhog Day of two-factor authentication. Just hours of entering passwords and one-time passcodes, for the same banks half a dozen times over. Hopefully, you only have to do this once.
    What about Rocket Money?
    Rocket Money is another free financial app that tracks spending and supports things like balance alerts and account linking. If you pay for the premium tier, the service can also help you cancel unwanted subscriptions. We did not test it for this guide, but we'll consider it in future updates.
    This article originally appeared on Engadget at https://www.engadget.com/the-best-budgeting-apps-to-replace-mint-143047346.html?src=rss


  • Echoes of the Emergent, a hauntingly beautiful Playdate exclusive, sold me on visual novels
    Somehow in all these years, I’ve never gotten into visual novels, despite being a person who loves both reading and video games. The idea has always intrigued me in some way, but I’ve never really felt compelled to actually pick one up. That changed when I first saw the announcement for Echoes of the Emergent a few months ago. Described as “a personal journey through a shattered post-apocalyptic world,” all it took was a glimpse of Echoes of the Emergent’s gritty aesthetic and melancholic atmosphere to get me to preorder it. And now that I’ve finally gotten around to playing (reading? experiencing?) it, I’m kind of blown away.

    Echoes of the Emergent is a Playdate-exclusive title from RNG Party Games, the same team that made Bloom. It opens with its main character, Ayumi, on a tense scavenging trip to find any food she can in a ruined city. She’s alone, afraid and increasingly concerned about her dwindling resources. As the story progresses, it bounces between Ayumi’s bleak new reality and flashbacks to a time when things were normal. Her panicked efforts to stay alive, to keep going, are interwoven with memories of her family and friends — some of them happy, some painful. And there’s a cat.
    RNG Party Games
    The narrative is illustrated with haunting backgrounds of Ayumi’s dilapidated surroundings, and these move ever so slightly to create a really unsettling effect. If you press the down arrow on the D-pad, you can collapse the text box to get a full view of the backgrounds. It takes a few hours to get through the entire story, but it’s definitely worth carving out some time for. You can save your place by pressing ‘B’ to pull up the menu.

    Echoes of the Emergent is the kind of experience that will stick with you for a little while even after it’s over. It’s available on the Playdate Catalog for $8, but you can also get it — and its captivating soundtrack — on itch.io.
    This article originally appeared on Engadget at https://www.engadget.com/echoes-of-the-emergent-a-hauntingly-beautiful-playdate-exclusive-sold-me-on-visual-novels-222033336.html?src=rss


  • Boeing and NASA engineers have wrapped up ground tests on the Starliner thruster
    Engineers from Boeing and NASA have spent much of the last month running ground tests on a Starliner Reaction Control System (RCS) thruster to get a better idea of what went wrong during the active Starliner’s flight in early June, and they finally wrapped up this past week. In its latest update, the date of astronauts Butch Wilmore and Suni Williams’ return is still uncertain — NASA and Boeing said only that they’ll be making the trip “in the coming weeks.”

    In the tests at the White Sands Test Facility in New Mexico, the teams simulated the conditions from Starliner’s recent flight, putting the control system thruster “through one of the most stressing launch-to-docking firing sequences with over 1,000 pulses to simulate CFT [Crew Flight Test] conditions,” according to Boeing. They also tested undocking and deorbit burn scenarios, which Starliner will experience on its way home. After collecting terabytes of data from those tests, the teams ran additional, more aggressive tests to “see if we could more closely simulate the higher thermal conditions the thrusters experienced in-flight,” said Dan Niedermaier, Boeing’s engineer for the thruster testing.

    The engineers are in the process of doing “engine tear downs and inspections” NASA’s Commercial Crew Program manager, Steve Stich, said on Thursday. Following their analyses, NASA says there will be an Agency Flight Test Readiness Review to determine whether Starliner is in good shape to bring the astronauts back. NASA and Boeing said they will release more information in a conference in the coming days.
    This article originally appeared on Engadget at https://www.engadget.com/boeing-and-nasa-engineers-have-wrapped-up-ground-tests-on-the-starliner-thruster-180027494.html?src=rss


  • NASA’s Curiosity rover accidentally uncovered pure sulfur crystals on Mars
    NASA scientists say pure sulfur has been found on Mars for the first time after the Curiosity rover inadvertently uncovered a cluster of yellow crystals when it drove over a rock. And it looks like the area is filled with it. It’s an unexpected discovery — while minerals containing sulfur have been observed on the Red Planet, elemental sulfur on its own has never been seen there before. “It forms in only a narrow range of conditions that scientists haven’t associated with the history of this location,” according to NASA.

    Curiosity cracked open the rock on May 30 while driving in a region known as the Gediz Vallis channel, where similar rocks were seen all around. The channel is thought to have been carved by water and debris flows long ago. “Finding a field of stones made of pure sulfur is like finding an oasis in the desert,” said Ashwin Vasavada, Curiosity’s project scientist. “It shouldn’t be there, so now we have to explain it. Discovering strange and unexpected things is what makes planetary exploration so exciting.” 
    NASA/JPL-Caltech/MSSS
    After spotting the yellow crystals, the team later used a camera on Curiosity’s robotic arm to take a closer look. The rover then took a sample from a different rock nearby, as the pieces of the rock it had smashed were too brittle for drilling. Curiosity is equipped with instruments that allow it to analyze the composition of rocks and soil, and NASA says its Alpha Particle X-Ray Spectrometer (APXS) confirmed it had found elemental sulfur.
    This article originally appeared on Engadget at https://www.engadget.com/nasas-curiosity-rover-accidentally-uncovered-pure-sulfur-crystals-on-mars-211340580.html?src=rss


  • Outage caused by CrowdStrike’s disastrous update affected 8.5 million devices
    The global outage caused by a faulty update from cybersecurity provider CrowdStrike on Friday affected some 8.5 million Windows devices, Microsoft said in a blog post. The update triggered a blue screen of death, bringing systems used by hospitals, airlines, banks and other major services temporarily to a standstill. Only machines running Windows were affected.

    While the issue was mostly resolved by Friday afternoon, Microsoft and CrowdStrike are still dealing with the fallout. In the blog post on Saturday, Microsoft’s VP of Enterprise and OS Security, David Weston, wrote that the company is working with CrowdStrike to “develop a scalable solution that will help Microsoft’s Azure infrastructure accelerate a fix for CrowdStrike’s faulty update.” Microsoft has also called in help from Amazon Web Services (AWS) and Google Cloud Platform (GCP).

    CrowdStrike said in its own blog post on Saturday that the update — a sensor configuration update — “was designed to target newly observed, malicious named pipes being used by common C2 frameworks in cyberattacks.” Unfortunately, for devices running Windows 7.11 and above that use CrowdStrike’s Falcon sensor, it instead “triggered a logic error that resulted in an operating system crash.” The total number of devices affected worked out to be “less than one percent of all Windows machines,” according to Weston.
    This article originally appeared on Engadget at https://www.engadget.com/outage-caused-by-crowdstrikes-disastrous-update-affected-85-million-devices-192703245.html?src=rss


  • .45 PARABELLUM BLOODHOUND is a cyberpunk RPG by the developer of VA-11 HALL-A
    Sukeban Games is working on what it describes as a "cyberpunk active time action" game with a battle system that9s similar to Parasite Eve. In a blog post, Chris of Sukeban has officially announced .45 PARABELLUM BLOODHOUND, featuring a mercenary named Reila Mikazuchi as its protagonist. Enemies can attack you from anywhere while you9re exploring environments in the game, and you9ll have to dodge and wait for an action bar to fill before you can launch a counterattack. The action bar fills at a speed based on your character and weapon stats, so the stronger you get, the faster you can fight back. 

    While the announcement doesn9t have a in-depth explanation of the game9s plot, Chris describes its story as follows: "You play as Reila Mikazuchi; a washed out mercenary whose glory days are long gone. In a last attempt at grabbing life by the horns she decides to go back to the life, only to realize the real enemy isn’t in front of her gun."

    The indie developer is planning to make seven chapters for the game, and five are already done and playable. It has yet to announce a release date, though, so as not to repeat its "N1RV ANN-A situation." Sukeban is the developer behind the cyberpunk bartending "booze-em-up" game VA-11 HALL-A, which is set in a post-dystopian world with a corporate-controlled society. 

    VA-11 HALL-A was wildly successful for an indie title, and Sukeban announced a sequel called N1RV ANN-A: Cyberpunk Bartender Action back in 2018 after it hit 200,000 copies sold. The developer hasn9t released N1RV ANN-A yet despite announcing a 2020 launch date, and it doesn9t look like we9re seeing it anytime soon. Chris said .45 PARABELLUM BLOODHOUND is "significantly ahead in development" and that the developer is dedicating its "full attention to it for the foreseeable future."

    Sukeban has also released the first trailer for .45 PARABELLUM BLOODHOUND, and you can watch it below.


    This article originally appeared on Engadget at https://www.engadget.com/45-parabellum-bloodhound-is-a-cyberpunk-rpg-by-the-developer-of-va-11-hall-a-180043556.html?src=rss


  • The workers at Bethesda Game Studios have fully unionized
    The workers at Bethesda Game Studios have joined the Communications Workers of America (CWA), and they say they9re the first Microsoft video game studio to form a wall-to-wall union. A total of 241 workers have either signed an authorization card or have indicated that they wanted to join a union through an online portal. The "wall-to-wall" nature of their organization means the CWA will be representing workers across job descriptions and divisions — and not just one type — including artists, engineers, programmers and designers. Bethesda is the developer behind Elder Scrolls and Fallout games.

    Microsoft has already recognized the union, so workers at the studio9s Maryland office have officially joined CWA Locals 2108, while those in its Texas office have become members of CWA Locals 6215. "We are so excited to announce our union at Bethesda Game Studio and join the movement sweeping across the video game industry," Mandi Parker, Bethesda Senior System Designer, said. "It is clear that every worker can benefit from bringing democracy into the workplace and securing a protected voice on the job. We’re thrilled to get down to brass tacks and win a fair contract, proving that our unity is a source of real power to positively shape our working conditions, our lives, and the company as a whole."

    Bethesda9s workers join the growing number of unionized personnel in video games. In January 2023, quality assurance workers at ZeniMax Studios, the parent company of Bethesda, banded together to form what was then the largest union in the industry with 300 members. It lost the distinction as the largest union in video games when 600 quality assurance workers at Activision, which is also owned by Microsoft, joined the CWA this year. 
    This article originally appeared on Engadget at https://www.engadget.com/the-workers-at-bethesda-game-studios-have-fully-unionized-163024914.html?src=rss


  • Rivian opens its first Charging Outpost, a crunchy not-gas station near Yosemite
    Rivian just opened its first EV charging rest stop 24 miles outside of Yosemite National Park, complete with bathrooms, a lounge with a small library, a water refill station, free coffee and (not free) “make your own” trail mix. Only Rivian owners will be able to make use of the five DC fast chargers at the Rivian Yosemite Charging Outpost, but the other amenities are open to anyone.

    The Charging Outpost is located in Groveland, California near the park’s west entrance and takes the place of an abandoned gas station. The shop area will be open from 7AM to 7PM, while the bathrooms and chargers will be available 24/7. It’s the first time Rivian has ventured into this kind of infrastructure, building on its growing network of regular charging sites — several of which are situated near Yosemite. The EV maker has 58 Waypoint charging sites, which support any electric vehicle that uses the standard J1772 plug, around the Yosemite Valley, and a Rivian-only Adventure charging site near the park’s east entrance.

    Rivian says it has plans for more Charging Outposts “around national parks and other high-traffic areas across the country.” The first such building was designed with the intention of keeping waste to a minimum, and its retaining wall was made using materials from the old parking lot and sidewalk. It’s fitted with solar panels and has a passive cooling design that’s meant to reduce the need for AC or heating.

    Beyond Charging Outposts, Rivian plans to eventually have over 3,500 of its Adventure Network DC fast chargers available in 600 sites across the US and Canada, on top of roughly 10,000 Level 2 chargers that will be open to the public.
    This article originally appeared on Engadget at https://www.engadget.com/rivian-opens-its-first-charging-outpost-a-crunchy-not-gas-station-near-yosemite-152039298.html?src=rss


  • 'Kunitsu-Gami: Path of the Goddess' review: Demonic delights
    Rhythm is everything in Kunitsu-Gami: Path of the Goddess. On a micro scale, the maiden Yoshiro dances through the game with graceful, measured movements, her steps cleansing the black defilement that has consumed her mountain and its people. In combat, Yoshiro’s protector, Soh, directs their sword in nimble arcs, landing attacks and parries based on timing and flow. On a grand scale, Kunitsu-Gami employs a soothing cadence of frenzied combat and peaceful base building. Soh’s abilities grow into a powerful crescendo as they guide Yoshiro down the mountain, her body deteriorating with each encounter.

    Amid these crashing waves of tension and tranquility, Kunitsu-Gami also balances beauty and hellish terror with supreme skill. The slopes of Mt. Kafuku are lush, but its plants, animals and people are slathered in caustic pools of defilement, oil-slick and sticky. Yoshiro and Soh wear layers of delicate fabrics and glinting metallic jewelry, their movements mesmerizing. The demons that have taken over the mountain are vile — eyeless and bulging with toxic pus, many of them armed with sharp claws and gaping maws. The creature designs in Kunitsu-Gami are body-horrific and each beast is uniquely, grotesquely gorgeous.
    Capcom
    Kunitsu-Gami finds harmony in its dichotomies. The game’s core loop involves a day-night cycle: During the day, players carve a path for Yoshiro to cleanse a settlement, meanwhile collecting crystals, repairing defenses and freeing villagers from cocoons of defilement. At night, creatures called Seethe pour out of the Torii gates, and Soh must defend Yoshiro with the help of the rescued villagers. Protecting Yoshiro and completing her ritual reverts each region to its pre-defilement form, creating a base where Soh can upgrade their units and abilities.

    The game blends real-time combat with tower-defense mechanics, and all of it takes place in a zoomed-out third-person view with a fully adjustable camera anchored to Soh’s body. It’s an effective approach, inviting players to mess around with perspective and investigate every detour in the environment, purging defilement as they go.

    There are 17 bases to cleanse on the mountain plus 10 boss stages. Defeating a big bad in a challenge stage unlocks a new warrior type for Soh to deploy, including healer, sorcerer, ninja, spearman, cannoneer, marksman, and an aesthetic that can slow down enemies. As night falls on a base battle, the game9s music grows louder and more discordant, signaling the imminent Seethe invasion. Players assign roles to villagers using the crystals they’ve collected during the day, and then place their fighters around Yoshiro on the map. Each battle involves a different number of units — there are even fights that Soh has to complete on their own, and others where they’re incapacitated, leaving combat to the villagers entirely. The variety built into these encounters is refreshing.

    Combat requires preparation and constant attention, as the Seethe attack Yoshiro from multiple sides with a variety of moves, including aerial slashes, suicide bombs and bulbous projectiles that explode in toxic pools. It’s often essential to reposition units mid-battle, and thankfully, time freezes during these tactical moments.
    Capcom
    Soh mainly attacks with their sword in a smooth, rhythmic form that feels fantastic to control. Attacks are simple — on the DualSense, it’s square for smaller strikes and triangle for a large hit. Pressing square before triangle lines up elaborate sequences where Soh twists and swings their body before landing a series of big blows, and their positioning is completely controllable the entire time. This makes combat feel like one elongated dance, the input perfectly predicting Soh’s on-screen movements. Soh’s abilities evolve steadily with every victory and base repair, eventually adding a ranged bow, an extra form of swordplay, stronger attacks, multiple special moves and other upgrades to their kit.

    Mandatory boss levels appear after some settlements are successfully cleansed, offering massive fights against gloriously gross creatures. I had to replay most of these bosses at least once, adjusting my unit types and positions according to each demon’s unique attack style and vulnerabilities. The enemies are all giant and covered in intricate, iridescent designs, but they’re otherwise distinct: There’s a skittering centipede that rushes in for rapid hits, a literal cherry tree with stabbing tentacle roots, a vicious floating sorcerer orbited by a ring of rocky spikes, and a juicy larval beast that moves like a petulant toddler and spews lethal sludge. That last one is called Notsugo and it’s my favorite because it’s so disgustingly adorable.
    Capcom
    After a fight in a settlement or boss stage, there’s time to take a breath and fix up some bases. The bases trail down the side of Mt. Kafuku in the stage-selection screen following a successful purge — once the defilement is cleared from a settlement, players still have to make it habitable by assigning villagers to fix broken buildings and platforms. Repairs take a few in-game days to complete and they unlock extra resources. It’s easy, tranquil work. This mechanic provides a soft place to land after a big battle, where players can strategize, upgrade their skills, pet a Shiba Inu or let a deer scream at them. I recommend repairing bases as quickly and thoroughly as possible: Not only does this net necessary resources at the proper pace, but it prevents an uncomfortable base-repair backlog from forming. By mid-game, I generally had three or four bases on the go at all times, and that was with immediate, maxed-out repairs.

    The bases are also home to some of the most beautiful aspects of the game. Yoshiro sets up a tent in each base where players manage upgrades, and it also contains plates to share food with her. The dessert menu fills up first, offering a variety of mochi treats and crystalline sweets in a fabulous photorealistic viewing mode. I don’t know what it is, but I could stare at hyper-detailed video game food all day. Kunitsu-Gami understands this urge and caters to it.
    Capcom
    Additionally, the tent contains scrolls featuring traditional, woodcut-style art pieces relating to completed stages, and the bases have collectable ema plaques that showcase detailed, rotatable 3D images of the demons and villagers players encounter. These are sensational touches that not only expand the game’s lore, but shine a brilliant light on Japanese history and culture.

    Kunitsu-Gami: Path of the Goddess is perfectly balanced, lovingly crafted, and metal as hell. It’s filled with foreboding demons and intense combat, but it’s also a peaceful experience that invites players to slow down and recognize the beauty around them — even when it’s in the form of a giant, oozing monster. Especially then.

    Kunitsu-Gami: Path of the Goddess is available now on PC, PS4, PS5, Xbox One, Xbox Series X/S and Game Pass. It9s developed and published by Capcom.
    This article originally appeared on Engadget at https://www.engadget.com/kunitsu-gami-path-of-the-goddess-review-demonic-delights-150004066.html?src=rss


  • What to read this weekend: The Light Eaters, Paranoid Gardens and I Was a Teenage Slasher
    Recent releases in fiction, nonfiction and comics that caught our attention.
    I Was a Teenage Slasher by Stephen Graham Jones
    Stephen Graham Jones is something of an expert on slashers. The author has tackled the genre in a slew of his novels (most notably in the Indian Lake Trilogy, with its slasher-movie-obsessed main character) and has an ongoing column in Fangoria dedicated to its impact, so it’s not really a surprise to see he’s churned out another entry for the canon. But this time around, we’re getting a different perspective: the slasher’s point of view.

    I Was a Teenage Slasher is the fictional memoir of Tolly Driver, who in 1989 reluctantly became Lamesa, Texas’ very own Michael Meyers at the age of 17 — a transformation that’s seemingly driven by powers beyond Tolly’s control. It takes the classic slasher formula and injects a whole lot of heart.
    The Light Eaters by Zoë Schlanger
    The Light Eaters: How the Unseen World of Plant Intelligence Offers a New Understanding of Life on Earth was released in the spring, but it just popped onto my radar and I was immediately drawn in by both the premise and Schlanger’s easy-to-digest writing style. The Light Eaters explores the long-debated concept of plant “intelligence” through conversations with scientists and deep dives into the complex processes that underlie plants’ survival.

    There’s a fair amount of anthropomorphizing, but The Light Eaters provides a really fascinating glimpse into the inner workings of plants that’s accessible to non-scientists and at the very least could inspire you to look at the natural world a little differently.
    Paranoid Gardens by Gerard Way, Shaun Simon, Chris Weston
    The digital first issue of Paranoid Gardens, a new six-issue series from Gerard Way and Shaun Simon, dropped this week and it’s wonderfully bizarre. We’re introduced right away to Loo, a nurse with memory loss and a tragic (but as yet unexplained) backstory who works at a care facility for aliens and paranormal beings. And it’s not just the patients that are out of the ordinary — there’s something unusual about the building itself, too. Drama quickly unfolds, and Loo “must fight her way through corrupt staff members, powerful theme park cults, and her own personal demons and trauma” to understand her role in all of it “and discover what secrets the gardens hold.”

    Paranoid Gardens is written by Way (yes, of My Chemical Romance fame but also The Umbrella Academy) and Simon (The True Lives of the Fabulous Killjoys, written with Way), and features art by Chris Weston, colors by Dave Stewart and letters by Nate Piekos.
    This article originally appeared on Engadget at https://www.engadget.com/what-to-read-this-week-the-light-eaters-paranoid-gardens-and-i-was-a-teenage-slasher-133012961.html?src=rss


  • X is working on a way to block links in replies
    X is developing a new feature that could help address spam posts on its website. According to Nima Owji, an independent app researcher who9s unearthed several unreleased X features in the past, the platform formerly known as Twitter is working on the ability to disable links in replies. Based on the image Owji posted, users will be able to tick a box for the option if they don9t want people to be able to respond with a link to their posts.
    X is working on the ability to let you disable links in the replies of your posts! pic.twitter.com/dddP0a8l5w
    — Nima Owji (@nima_owji) July 19, 2024
    Christopher Stanley, the Senior Director for Security Engineering at X, confirmed the feature9s existence in a response to a post about it. "My team built this," Stanley wrote in his reply. In addition to keeping spam bots away, the feature could also prevent real human users from promoting their websites in other people9s posts. However, it can also prevent users from posting links to legitimate sources in case they9re trying to debunk false information and prevent fake news from spreading further. 

    Owji previously found that X was experimenting with an in-app currency that9s meant to help creators earn money from the platform. Several months after rampant impersonation on the website, he found that it was working on new ID verification features, as well. He also discovered that the company was looking to compete with LinkedIn by offering job listings to verified organizations. 
    This article originally appeared on Engadget at https://www.engadget.com/x-is-working-on-a-way-to-block-links-in-replies-110033673.html?src=rss


  • Police arrest a teenage boy in connection with the MGM Resorts ransomware attack
    A teenage boy may be responsible for a ransomware attack that shut down MGM Resorts in Las Vegas last year. The West Midlands Police Department in England confirmed that they arrested an unidentified 17-year-old on Thursday from the town of Walsall who allegedly shut down the resort and casino on the Las Vegas strip last year.

    The teenager was arrested on suspicion of blackmail and violating the UK’s Computer Misuse Act. He was released on bail, according to a statement from the police department.

    Police officials tracked the teenage suspect as part of a joint investigation with the UK’s National Crime Agency and the FBI. The police department said they recovered evidence at the teenager’s address including “a number of digital devices which will undergo forensic examination.”

    The statement also said the teenager was part of a “global cyber online crime group” but did not specify which group. The ALPHV/BlackCat ransomware group announced their responsibility for the MGM Resorts cyber outage. The attack happened on Sep. 12, 2023 allegedly with a simple 10 minute phone call to a Help desk employee using information obtained from LinkedIn. The group has also claimed responsibility for a similar ransomware attack on the beauty brand Esteé Lauder.

    "All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk," the organization wrote in a post on X.

    MGM Resorts’ system shutdown lasted for nine days and created a massive outage across all of its casinos on the Las Vegas Strip. News later surfaced that other casinos like Caesars were also targeted by a different group but chose to pay the hackers tens of millions of dollars to prevent private company data from being released.
    This article originally appeared on Engadget at https://www.engadget.com/police-arrest-a-teenage-boy-in-connection-with-the-mgm-resorts-ransomware-attack-223906246.html?src=rss


OSnews

  • New Samsung phones block sideloading by default
    The assault on a users freedom to install whatever they want on what is supposed to be their phone continues. This time, its Samsung adding an additional blocker to users installing applications from outside the Play Store and its own mostly useless Galaxy Store. Technically, Android already blocks sideloading by default at an operating system level. The permission that’s needed to silently install new apps without prompting the user, INSTALL_PACKAGES, can only be granted to preinstalled app stores like the Google Play Store, and it’s granted automatically to apps that request it. The permission that most third-party app stores end up using, REQUEST_INSTALL_PACKAGES, has to be granted explicitly by the user. Even then, Android will prompt the user every time an app with this permission tries to install a new app. Samsung’s Auto Blocker feature takes things a bit further. The feature, first introduced in One UI 6.0, fully blocks the installation of apps from unauthorized sources, even if those sources were granted the REQUEST_INSTALL_PACKAGES permission. ↫ Mishaal Rahman Im not entirely sure why Samsung felt the need to add an additional, Samsung-specific blocking mechanism, but at least for now, you can turn it off in the Settings application. This means that in order to install an application from outside of the Play Store and the Galaxy Store on brand new Samsung phones  the ones shipping with OneUI 6.1.1  you need to both give the regular Android permission to do so, but also turn off this nag feature. Having two variants of every application on your Samsung phone wasnt enough, apparently.


  • Google wont be deprecating third-party cookies from Chrome after all
    This story just never ever ends. After delays, changes in plans, more delays, we now have more changed plans. After years of stalling, Google has now announced it is, in fact, not going to deprecate third-party cookies in Chrome by default. In light of this, we are proposing an updated approach that elevates user choice. Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time. Were discussing this new path with regulators, and will engage with the industry as we roll this out. ↫ Anthony Chavez Google remains unclear about what, exactly, users will be able to choose between. The consensus seems to be that users will be able to choose between retaining third-party cookies and turning them off, but thats based on a statement by the British Competition and Market Authority, and not on a statement from Google itself. It seems reasonable to assume the CMA knows what its talking about, but with a company like Google you never know whats going to happen tomorrow, let alone a few months from now. While both Safari and Firefox have already made this move ages ago, its taking Google and Chrome a lot longer to deal with this issue, because Google needs to find different ways of tracking you that are not using third-party cookies. Googles own testing with Privacy Sandbox, Chromes sarcastically-named alternative to third-party cookies, shows that it seems to perform reasonable well, which should definitely raise some alarm bells about just how private it really is. Regardless, I doubt this saga will be over any time soon.


  • No, Southwest Airlines is not still using Windows 3.1
    A story thats been persistently making the rounds since the CrowdStrike event is that while several airline companies were affected in one way or another, Southwest Airlines escaped the mayhem because they were still using windows 3.1. Its a great story that fits the current zeitgeist about technology and its role in society, underlining that what is claimed to be technological progress is nothing but trouble, and that its better to stick with the old. At the same time, anybody who dislikes Southwest Airlines can point and laugh at the bumbling idiots working there for still using Windows 3.1. Its like a perfect storm of technology news click and ragebait. Too bad the whole story is nonsense. But how could that be? Its widely reported by reputable news websites all over the world, shared on social media like a strain of the common cold, and nobody seems to question it or doubt the veracity of the story. It seems that Southwest Airlines running on an operating system from 1992 is a perfectly believable story to just about everyone, so nobody is questioning it or wondering if its actually true. Well, I did, and no, its not true. Lets start with the actual source of the claim that Southwest Airlines was unaffected by CrowdStrike because theyre still using Windows 3.11 for large parts of their primary systems. This claim is easily traced back to its origin  a tweet by someone called Artem Russakovskii, stating that the reason Southwest is not affected is because they still run on Windows 3.1!. This tweet formed the basis for virtually all of the stories, but it contains no sources, no links, no background information, nothing. It was literally just this one line. It turned out be a troll tweet. A reply to the tweet by Russakovskii a day later made that very lear: To be clear, I was trolling last night, but it turned out to be true. Some Southwest systems apparently do run Windows 3.1. lol.! However, that linked article doesnt cite any sources either, so were right back where we started. After quite a bit of digging  that is, clicking a few links and like 3 minutes of searching online  following the various reference and links back to their sources, I managed to find where all these stories actually come from to arrive at the root claim that spawned all these other claims. Its from an article by The Dallas Morning News, titled What’s the problem with Southwest Airlines scheduling system?! At the end of last year, Southwest Airlines scheduling system had a major meltdown, leading to a lot of cancelled flights and stranded travelers just around the Christmas holidays. Of course, the media wanted to know what caused it, and thats where this The Dallas Morning News article comes from. In it, we find the paragraphs that started the story that Southwest Airlines is still using Windows 3.1 (and Windows 95!): Southwest uses internally built and maintained systems called SkySolver and Crew Web Access for pilots and flight attendants. They can sign on to those systems to pick flights and then make changes when flights are canceled or delayed or when there is an illness. “Southwest has generated systems internally themselves instead of using more standard programs that others have used,” Montgomery said. “Some systems even look historic like they were designed on Windows 95.” SkySolver and Crew Web Access are both available as mobile apps, but those systems often break down during even mild weather events, and employees end up making phone calls to Southwest’s crew scheduling help desk to find better routes. During periods of heavy operational trouble, the system gets bogged down with too much demand. ↫ Kyle Arnold at The Dallas Morning News Thats it. Thats where all these stories can trace their origin to. These few paragraphs do not say that Southwest is still using ancient Windows versions; it just states that the systems they developed internally, SkySolver and Crew Web Access, look historic like they were designed on Windows 95!. The fact that they are also available as mobile applications should further make it clear that no, these applications are not running on Windows 3.1 or Windows 95. Southwest pilots and cabin crews are definitely not carrying around pocket laptops from the 90s. These paragraphs were then misread, misunderstood, and mangled in a game of social media and bad reporting telephone, and here we are. The fact that nobody seems to have taken the time to click through a few links to find the supposed source of these claims, instead focusing on cashing in on the clicks and rage these stories would illicit, is a rather damning indictment of the state of online (tech) media. Many of the websites reporting on these stories are part of giant media conglomerates, have a massive number of paid staff, and theyre being outdone by a dude in the Arctic with a small Patreon, minimal journalism training, and some common sense. This story wasnt hard to debunk  a few clicks and a few minutes of online searching is all it took. Ask yourself  why do these massive news websites not even perform the bare minimum?


  • A brief history of Dell UNIX
    “Dell UNIX? I didn’t know there was such a thing.” A couple of weeks ago I had my new XO with me for breakfast at a nearby bakery café.`Other patrons were`drawn to seeing an XO for the first time, including a Linux person from Dell. I mentioned Dell UNIX and we talked a little about the people who had worked on Dell UNIX. He expressed surprise that mention of Dell UNIX evokes the above quote so often and pointed out that Emacs source still has #ifdef for Dell UNIX. Quick Googling doesn’t reveal useful history of Dell UNIX, so here’s my version, a summary of the three major development releases. ↫ Charles H. Sauer I sure had never heard of Dell UNIX, and despite the original version of the linked article being very, very old  2008  theres a few updates from 2020 and 2021 that add links to the files and instructions needed to install, set up, and run Dell UNIX in a virtual machine; 86Box or VirtualBox specifically. What was Dell UNIX? in the late 80s, Dell started a the Olympic project, an effort to create a completely new architecture spanning desktops, workstations, and servers, some of which would be using multiple processors. When searching for an operating system for this project, the only real option was UNIX, and as such, the Olympic team set out to developer a UNIX variant. The first version was based on System V Release 3.2, used Motif and the X Window System, a DOS virtual machine to run, well, DOS applications called Merge, and compatibility with Microsoft Xenix. It might seem strange to us today, but Microsofts Xenix was incredibly popular at the time, and compatibility with it was a big deal. The Olympic project turned out to be too ambitious on the hardware front so it got cancelled, but the Dell UNIX project continued to be developed. The next release, Dell System V Release 4, was a massive release, and included a full X Window System desktop environment called X.desktop, an office suite, e-mail software, and a lot more. It also contained something Windows wouldnt be getting for quite a few years to come: automatic configuration of device drivers. This was apparently so successful, it reduced the number of support calls during the first 90 days of availability by 90% compared to the previous release. Dell SVR4 finally seemed like real UNIX on a PC. We were justifiably proud of the quality and comprehensiveness, especially considering that our team was so much smaller than those of our perceived competitors at ISC, SCO and Sun(!). The reviewers were impressed. Reportedly, Dell SVR4 was chosen by Intel as their reference implementation in their test labs, chosen by Oracle as their reference Intel UNIX implementation, and used by AT8T USL for in house projects requiring high reliability, in preference to their own ports of SVR4.0. (One count showed Dell had resolved about 1800 problems in the AT8T source.) I was astonished one morning in the winter of 1991-92 when Ed Zander, at the time president of SunSoft, and three other SunSoft executives arrived at my office, requesting Dell help with their plans to put Solaris on X86. ↫ Charles H. Sauer Sadly, this would also prove to be the last release of Dell UNIX. After a few more point release, the brass at Dell had realised that Dell UNIX, intended to sell Dell hardware, was mostly being sold to people running it on non-Dell hardware, and after a short internal struggle, the entire project was cancelled since it was costing them more than it was earning them. As I noted, the article contains the files and instructions needed to run Dell UNIX today, on a virtual machine. Im definitely going to try that out once I have some time, if only to take a peek at that X.desktop, because that looks absolutely stunning for its time.


  • OpenBSD workstation for the people
    This is an attempt at building an OpenBSD desktop than could be used by newcomers or by people that don’t care about tinkering with computers and just want a working daily driver for general tasks. Somebody will obviously need to know a bit of UNIX but we’ll try to limit it to the minimum. ↫ Joel Carnat An excellent, to-the-point, no-nonsense guide about turning a default OpenBSD installation into a desktop operating system running Xfce. You definitely dont need intimate, arcane knowledge of OpenBSD to follow along with this one.


  • OpenBSD gets hardware accelerated video decoding/encoding
    Only yesterday, I mentioned one of the main reasons I decided to switch back to Fedora from OpenBSD were performance issues  and one of them was definitely the lack of hardware acceleration for video decoding/encoding. The lack of such technology means that decoding/encoding video is done using the processor, which is far less efficient than letting your GPU do it  which results in performance issues like stuttering and tearing, as well as a drastic reduction in battery life. Well, thats changed now. Thanks to the work of, well, many, a major commit has added hardware accelerated video decoding/encoding to OpenBSD. Hardware accelerated video decode/encode (VA-API) support is beginning to land in #OpenBSD -current. libva has been integrated into xenocara with the Intel userland drivers in the ports tree. AMD requires Mesa support, hence the inclusion in base. A number of ports will be adjusted to enable VA-API support over time, as they are tested. ↫ Bryan Steele This is great news, and a major improvement for OpenBSD and the community. Apparently, performance in Firefox is excellent, and with simply watching video on YouTube being something a lot of people do with their computers  especially laptops  anyone using OpenBSD is going to benefit immensely from this work.


  • 1989 networking: NetWare 386
    NetWare 386 or 3.0 was a very limited release, with very few copies sold before it was superseded by newer versions. As such, it was considered lost to time, since it was only sold to large corporations  for a massive almost 8000 dollar price tag  who obviously didnt care about software preservation. There are no original disks left, but a recent warez! release has made the software available once again. As always, pirates save the day.


  • Managing Classic Mac OS resources in ResEdit
    The Macintosh was intended to be different in many ways. One of them was its file system, which was designed for each file to consist of two forks, one a regular data fork as in normal file systems, the other a structured database of resources, the resource fork. Resources came to be used to store a lot of standard structured data, such as the specifications for and contents of alerts and dialogs, menus, collections of text strings, keyboard definitions and layouts, icons, windows, fonts, and chunks of code to be used by apps. You could extend the types of resource supported by means of a template, itself stored as a resource, so developers could define new resource types appropriate to their own apps. ↫ Howard Oakley And using ResEdit, a tool developed by Apple, you could manipulate the various resources to your hearts content. I never used the classic Mac OS when it was current, and only play with it as a retro platform every now and then, so I ever used ResEdit when it was the cool thing to do. Looking back, though, and learning more about it, it seems like just another awesome capability that Apple lost along the way towards modern Apple. Perhaps I should load up on my old Macs and see with my own eyes what I can do with ResEdit.


  • Google URL Shortener links will no longer be available
    In 2018, we announced the deprecation and transition of Google URL Shortener because of the changes we’ve seen in how people find content on the internet, and the number of new popular URL shortening services that emerged in that time. This meant that we no longer accepted new URLs to shorten but that we would continue serving existing URLs. Today, the time has come to turn off the serving portion of Google URL Shortener. Please read on below to understand more about how this will impact you if you’re using Google URL Shortener. ↫ Sumit Chandel and Eldhose Mathokkil Babu It should cost Google nothing to keep this running for as long as Google exists, and yet, this, too, has to be killed off and buried in the Google Graveyard. Well be running into non-resolving Google URL Shortener links for decades to come, both on large, popular websites a well as on obscure forums and small websites. Youll find a solution to some obscure problem a decade from now, but the links you need will be useless, and youll rightfully curse Google for being so utterly petty. Relying on anything Google that isnt directly serving its main business  ads  is a recipe for disaster, and will cause headaches down the line. Things like Gmail, YouTube, and Android are most likely fine, but anything consumer-focused is really a lottery.


  • Why I like NetBSD, or why portability matters
    All that to say, I find that NetBSDs philosophy aligns with mine. The OS is small and cozy, and compared to many minimal Linux distributions, I found it faster to setup. Supported hardware is automatically picked up, for my Thinkpad T480s almost everything (except the trackpad issue I solved above) worked out of the box, and it comes with a minimal window manager and display manager to get you started. It is simple and minimal but with sane defaults. It is a hackable system that teaches you a ton. What more could you want? ↫ Marc Coquand I spent quite some time using OpenBSD earlier this year, and I absolutely, positively loved it. I cant quite put into words just how nice OpenBSD felt, how graspable the configuration files and commands were, how good and detailed the documentation, and how welcoming and warm the community was over on Mastodon, with even well-known OpenBSD developers taking time out of their day to help me out with dumb newbie questions. The only reason I eventually went back to Fedora on my workstation was performance. OpenBSD as a desktop operating system has some performance issues, from a slow file system to user interface stutter to problematic Firefox performance, that really started to grind my gears while trying to get work done. Some of these issues stem from OpenBSD not being primarily focused on desktop use, and some of them simply stem from lack of manpower or popularity. Regardless, nobody in the OpenBSD community was at all surprised or offended by me going back to Fedora. NetBSD seems to share a lot of the same qualities as OpenBSD, but, as the linked article notes, with a focus on different things. Like I said yesterday, Im looking to building and testing a system entirely focused on tiled terminal emulators and TUI applications, and Ive been pondering if OpenBSD or NetBSD would be a perfect starting point for that experiment.


  • Introduction to NanoBSD
    This document provides information about the NanoBSD tools, which can be used to create FreeBSD system images for embedded applications, suitable for use on a USB key, memory card or other mass storage media. It can be used to build specialized install images, designed for easy installation and maintenance of systems commonly called computer appliances!. Computer appliances have their hardware and software bundled in the product, which means all applications are pre-installed. The appliance is plugged into an existing network and can begin working (almost) immediately. ↫ FreeBSD documentation Some of the primary features of NanoBSD are exactly what youd expect out of a tool like this, such as the system being entirely read-only at runtime, so you dont have to worry about shutdowns or data loss, and of course, the entire creation process of NanoBSD images using a simple shell script with any arbitrary set of requirements. For the rest, it remains a FreeBSD system, so ports and packages work just as youd expect, and assuming your specific settings for the NanoBSD image didnt remove it, anything that works in FreeBSD, works in a NanoBSD image, too. The documentation is, as is often the case in the BSD world, excellent, and very easy to follow, even for someone not at all specialised in things like this. Reading through it, Im pretty sure even I could create a customised NanoBSD image and run it, since it very much looks like youre just creating a custom installation script, adding just the things you need. I dont have a use for something like this, but Im not sure how well-known NanoBSD is, and I feel like theres definitely some among you who would appreciate this.


  • CrowdStrike issue is causing massive computer outages worldwide
    Well, this sure is something to wake up to: a massive worldwide outage of computer systems due to a problem with CrowdStrike software. Payment systems, airlines, hospitals, governments, TV stations  pretty much anything or anyone using computers could be dealing with bluescreens, bootloops, and similar issues today. Open-heart surgeries had to be stopped mid-surgery, planes cant take off, people cant board trains, shoppers cant pay for their groceries, and much, much more, all over the world. The problem is caused by CrowdStrike, a sort-of enterprise AV/monitoring software that uses a Windows NT kernel driver to monitor everything people do on corporate machines and logs it for0 Security purposes, I guess? Ive never worked in a corporate setting so I have no experience with software like this. From what I hear, software like this is deeply loathed by workers the world over, as it gets in the way and slows systems down. And, as can happen with a kernel driver, a bug can cause massive worldwide outages which is costing people billions in damages and may even have killed people. There is a workaround, posted by CrowdStrike: This is a solution for individually fixing affected machines, but Ive seen responses like great, how do I apply this to 70k endpoints?!, indicating that this may not be a practical solution for many affected customers. Then theres the issue that this may require a BitLocker password, which not everyone has on hand either. To add insult to injury, CrowdStrikes advisory about the issue is locked behind a login wall. A shitshow all around. Do note that while the focus is on Windows, Linux machines can run CrowdStrike software too, and Ive heard from Linux kernel engineers who happen to also administer large numbers of Linux servers that theyre seeing a huge spike in Linux kernel panics0 Caused by CrowdStrike, which is installed on a lot more Linux servers than you might think. So while Windows is currently the focus of the story, the problems are far more widespread than just Windows. Im sure were going to see some major consequences here, and my  misplaced, Im sure  hope is that this will make people think twice about one, using these invasive anti-worker monitoring tools, and two, employing kernel drivers for this nonsense.


  • NVIDIA transitions fully towards open-source GPU Linux kernel modules
    Its a bit of a Linux news day today  it happens  but this one is good news we can all be happy about. After earning a bad reputation for mishandling its Linux graphics drivers for years, almost decades, NVIDIA has been turning the ship around these past two years, and today they made a major announcement: from here on out, the open source NVIDIA kernel modules will be the default for all recent NVIDIA cards. We’re now at a point where transitioning fully to the open-source GPU kernel modules is the right move, and we’re making that change in the upcoming R560 driver release. ↫ Rob Armstrong, Kevin Mittman and Fred Oh There are some caveats regarding which generations, exactly, should be using the open source modules for optimal performance. For NVIDIAs most cutting edge generations, Grace Hopper and Blackwell, you actually must use the open source modules, since the proprietary ones are not even supported. For GPUs from the Turing, Ampere, Ada Lovelace, or Hopper architectures, NVIDIA recommends the open source modules, but the proprietary ones are compatible as well. Anything older than that is restricted to the proprietary modules, as theyre not supported by the open source modules. This is a huge milestone, and NVIDIA becoming a better team player in the Linux world is a big deal for those of us with NVIDIA GPUs  its already paying dividend in vastly improved Wayland support, which up until very recently was a huge problem. Do note, though, that this only covers the kernel module; the userspace parts of the NVIDIA driver are still closed-source, and theres no indication thats going to change.


  • Linux patch to disable Snapdragon X Elite GPU by default
    Not too long ago it seemed like Linux support for the new ARM laptops running the Snapdragon X Pro and Elite processors was going to be pretty good  Qualcomm seemed to really be stepping up its game, and detailed in a blog post exactly what they were doing to make Linux a first-tier operating system on their new, fancy laptop chips. Now that the devices are in peoples hand, though, it seems all is not so rosy in this new Qualcomm garden. A recent Linux kernel DeviceTree patch outright disables the GPU on the Snapdragon X Elite, and the issue is, as usual, vendor nonsense, as it needs something called a ZAP shader to be useful. The ZAP shader is needed as by default the GPU will power on in a specialized secure! mode and needs to be zapped out of it. With OEM key signing of the GPU ZAP shader it sounds like the Snapdragon X laptop GPU support will be even messier than typically encountered for laptop graphics. ↫ Michael Larabel This is exactly the kind of nonsense you dont want to be dealing with, whether youre a user, developer, or OEM, so I hope this gets sorted out sooner rather than later. Qualcomms commitments and blog posts about ensuring Linux is a first-tier platform are meaningless if the company cant even get the GPU to work properly. These enablement problems shouldve been handled well before the devices entered circulation, so this is very disheartening to see. So, for now, hold off on X Elite laptops if youre a Linux user.


  • Ly: a TUI display manager
    Ly is a lightweight TUI (ncurses-like) display manager for Linux and BSD. ↫ Ly GitHub page Thats it. Thats the description. Ive been wanting to take a stab at running a full CLI/TUI environment for a while, see just how far I can get in my computing life (excluding games) running nothing but a few tiled terminal emulators running various TUI apps for email, Mastodon, browsing, and so on. Im not sure Id be particularly happy with it  Im a GUI user through and through  but lately Ive seen quite a few really capable and just pleasantly usable TUI applications come by, and theyve made me wonder. Itd make a great article too.


  • Unified kernel image
    UKIs can run on UEFI systems and simplify the distribution of small kernel images. For example, they simplify network booting with iPXE. UKIs make rootfs and kernels composable, making it possible to derive a rootfs for multiple kernel versions with one file for each pair. A Unified Kernel Image (UKI) is a combination of a UEFI boot stub program, a Linux kernel image, an initramfs, and further resources in a single UEFI PE file (device tree, cpu µcode, splash screen, secure boot sig/key, 0). This file can either be directly invoked by the UEFI firmware or through a boot loader. ↫ Hugues If youre still a bit unfamiliar with unified kernel images, this post contains a ton of detailed practical information. Unified kernel images might become a staple for forward-looking Linux distributions, and I know for a fact that my distribution of choice, Fedora, has been working on it for a while now. The goal is to eventually simplify the boot process as a whole, and make better, more optimal use of the advanced capabilities UEFI gives us over the old, limited, 1980s BIOS model. Like I said a few posts ago, I really dont want to be using traditional bootloaders anymore. UEFI is explicitly designed to just boot operating systems on its own, and modern PCs just dont need bootloaders anymore. Theyre points of failure users shouldnt be dealing with anymore in 2024, and Im glad to see the Linux world is seriously moving towards negating the need for their existence.



Linux Journal News

  • New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux

    Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.

    Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.

    Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 

    Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.

    Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.

    Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.

    By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
    Windows


  • Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities

    The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 

    As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.

    In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 

    After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.

    The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.

    At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.

    The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
    Security


  • Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges

    The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.

    A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.

    This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 

    The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.

    On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.

    In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
    kernel


  • Linux Celebrates 32 Years with the Release of 6.6-rc2 Version

    Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.

    The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.

    Here is what Linus Torvalds had to say in today's announcement:
    Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds


  • Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction

    Want to interact with ChatGPT from your Linux desktop without using a web browser?

    Bavarder, a new app, allows you to do just that.

    Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.

    With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.

    During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.

    At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.

    As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!

    Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
    ChatGPT AI


  • LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite

    Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.

    Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.

    LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.

    You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.

    All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.

    In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.

    Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.

    The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
    LibreOffice


  • Raspberry Pi OS Debuts New Version Featuring Linux Kernel 6.1, Improved Performance, and App Updates

    Today, the Raspberry Pi Foundation unveiled a fresh edition of their official Raspberry Pi OS distribution tailored for Raspberry Pi computers, featuring component updates, bug fixes, and several performance enhancements.

    The most significant alteration in the Raspberry Pi OS 2023-05-03 release is the transition from the long-term supported Linux 5.15 LTS kernel to the long-term supported Linux 6.1 LTS kernel. This shift is expected to boost the performance of Raspberry Pi devices.

    Indeed, current Raspberry Pi OS users, like myself, were already utilizing the Linux 6.1 LTS kernel when executing the rpi-update command via a terminal emulator. However, Linux 6.1 LTS is now the standard kernel in new Raspberry Pi OS images, available for download from the official website for those planning to install it on their Raspberry Pi computer.

    Various applications have received updates in this new Raspberry Pi OS version. The most notable is Chromium 113, the default browser for Raspberry Pi OS. In addition to incorporating the latest security patches, Chromium 113 introduces WebGPU support by default, potentially enhancing the performance of web apps and overall browsing experience.

    Other updates include Raspberry Pi Imager 1.7.4, RealVNC Viewer 7.0.1.48981, RealVNC Server 7.0.1.49073, Mathematica 13.2.1, and Matlab 23.1.0. Another intriguing update is the revised VLC hardware acceleration patch, designed to enhance video playback performance.

    The libcamera and libcamera-apps elements have also been updated to refine IMX296 sensor tuning, enhance audio resampling and encoding management using the libav library, boost the performance of Qt preview window rendering, optimize thumbnail rendering, support 16-bit Bayer in the DNG writer, manage generalized statistics, and rectify an overflow problem that caused inaccurate calculations in the AGC algorithm.

    The picamera2 library has also been updated, incorporating an MJPEG server example that utilizes the hardware MJPEG encoder, an example showcasing a preview from two cameras within a single Qt app, the capacity for the H.264 encoder to accept frame time intervals for SPS headers, promote the correct profile/level, and support constant quality parameters, as well as introduce new Exif DateTime and DateTimeOriginal tags.

    Several bugs were addressed, including an occasional segfault in the CPU temperature plugin, an X11 server crash when altering screen orientation, X11 server DPMS malfunctions, and the addition of new language translations.
    kernel


  • Debian 11.7 Released: Seventh ISO Update Brings Enhanced Security and Bug Fixes to "Bullseye" Operating System Series

    The Debian Project has unveiled the release and widespread availability of Debian 11.7, serving as the seventh ISO update to the current Debian GNU/Linux 11 "Bullseye" operating system series.

    Arriving approximately four and a half months after Debian 11.6, Debian 11.7 delivers updated installation media for those seeking to install the Debian GNU/Linux 11 "Bullseye" operating system series on new computers. This ensures that users won't need to download numerous updates from repositories following installation.

    Debian 11.7 incorporates all security and software updates from December 17th, 2022, the release date of Debian GNU/Linux 11.6, up until today. In total, Debian 11.7 consists of 102 security updates and various bug fixes for 92 packages.

    For more information on these security updates and bug fixes, consult the release announcement. The Debian Project emphasizes that this Debian Bullseye point release does not represent a new version of Debian GNU/Linux 11 but merely updates certain included packages.

    The Debian 11.7 installation images can be downloaded from the Debian website or via this direct link for 64-bit (amd64), 32-bit (i386), PowerPC 64-bit Little Endian (ppc64el), IBM System z (s390x), MIPS 64-bit Little Endian (mips64el), MIPS 32-bit Little Endian (mipsel), MIPS, Armel, ARMhf, and AArch64 (arm64) hardware architectures.

    Debian 11.7 live images, pre-installed with the KDE Plasma, GNOME, Xfce, LXQt, LXDE, Cinnamon, and MATE desktop environments, can also be downloaded from the aforementioned link, but only for 64-bit and 32-bit systems.

    Current Debian GNU/Linux 11 "Bullseye" users do not need to download these new ISO images to maintain up-to-date installations. Instead, they should regularly execute the sudo apt update && sudo apt full-upgrade commands in a terminal emulator.
    Debian


  • What’s New in Debian 11 “Bullseye”?
    Image
    Debian is a preferred choice of millions of Linux users for some of the most popular and powerful operating systems, like Ubuntu and its derivatives are based on Debian.
    Debian 11has finally been released, finally, after a long development work of two years. Bullseye – that’s the name given to this latest Debian Linux distro. So what are the updates and upgrades? In this article, let’s check out what’s new in Debian 11.
    Debian 11’s ArchitectureDebian supports a good range of hardware architectures. 
    Supported Architectures
    ARM EABI (armel) ARMv7 (EABI hard-float ABI and armhf) 64-bit ARM (arm64) 32-bit PC (i386) 64-bit PC (amd64) Little-endian MIPS (mipsel) 64-bit little-endian PowerPC 64-bit little-endian MIPS IBM System z (s390x)Not Supported Hardware
    Old MIPS 32-bit CPUsLinux Kernel InformationDebian 11 supports the Linux Kernel 5.10 LTS. Debian 10 Buster, the earlier version to Debian 11, used Linux Kernel 4.19 while released. A newer kernel means a new set of bug fixes, new hardware support, and improved performance.
    This is the perfect kernel for Debian bullseye considering the Debian lifecycle.   
    Supports exFATexFAT is the shortened form of the Extensible File Allocation Table. It’s a filesystem used for flash memory, such as SD cards and USB flash drives.
    Now Debian 11 provides support for the exFAT. For mounting the exFAT filesystem, you don’t need the filesystem-in-userspace implementation provided by the exfat-fuse package additionally anymore. Thanks to kernel 5.10! exFAT comes in handy with it. Tools for checking and creating an exFAT are given in the exfatprogs package.
    Bauhaus Movement Inspired Theme & WallpaperDebian features cool wallpapers and a default theme for each of the major releases. Debian 11’s theme is inspired by the Bauhaus movement. Bauhaus means “building house” and it was an art and design movement from 20th century Germany. The Bauhaus movement revolved around abstract, geometric style featuring little emotion or sentiments. 
    Its modern aesthetic still is immensely influential for designers, architects, and artists. You can see this theme all through Debian 11 whether it’s the installer, login window, or the Grub menu.
    Newer Desktop Environment VersionsDebian 11 offers newer desktop environment versions. Desktop flavors you get here are, KDE Plasma 5.20, GNOME 3.38, LXDE 11, LXQt 0.16, Xfce 4.16, and MATE 1.24. Debian prefers stability and it’s quite clear from the desktop environments. You might not get the latest cutting-edge distributions like Fedora or Arch/Manjaro.
    Updated PackagesDebian 11 consists of more than 11,294 new packages out of 59,551 packages. It also reduced over 9,519 “obsolete” packages and removed 42,821 that were updated. A total of 5,434 packages remained as they were.
    A good number of software applications and package updates are included in Debian bullseye, such as Apache 2.4.48, Calligra 3.2, Emacs 27.1, LibreOffice 7.0, Inkscape 1.0.2, Linux kernel 5.10 series, Perl 5.32, PHP 7.4, Vim 8.2, PostgreSQL 13, and the list goes on. All these ready-to-use software packages are built with over 30,000 source packages.
    With this huge selection of packages and wide architecture support, Debian has always stayed committed to its aim of being The Universal Operating System.
    Improved Printer and Scanner FeaturesDebian 11 presents a new ipp-usb package. It is built with a vendor-neutral IPP-over-USB protocol that is supported by many latest printers. So, many modern-day printers will be supported now by Debian. And you won’t need the drivers for that.
    SANE driverless backend lets you use scanners without any trouble.
    EndnotesWant to try Debian Bullseye? Get it from here. You can also check “bullseye” with Live Images without installing it on your PC. This will load and run the entire OS in read-only mode. These live images are available for the i386 and amd64 architectures in the form of USB sticks, DVDs, and netboot setups. Debian Live has a standard image. So you can try a basic Debian without any GUIs.
    And that’s the ending of this article. Hope you find our Debian 11 guide helpful.
    #Linux Debian News


  • Nvidia Linux drivers causing random hard crashes and now a major security risk still not fixed after 5+ months
    Image The recent fiasco with Nvidia trying to block Hardware Unboxed from future GPU review samples for the content of their review is one example of how they choose to play this game. This hatred is not only shared by reviewers, but also developers and especially Linux users.
    The infamous Torvalds videos still traverse the web today as Nvidia conjures up another evil plan to suck up more of your money and market share. This is not just one off shoot case; oh how much I wish it was. I just want my computer to work.
    If anyone has used Sway-WM with an Nvidia GPU I’m sure they would remember the –my-next-gpu-wont-be-nvidia option.
    These are a few examples of many.
    The Nvidia Linux drivers have never been good but whatever has been happening at Nvidia for the past decade has to stop today. The topic in question today is this bug: [https://forums.developer.nvidia.com/t/bug-report-455-23-04-kernel-panic-due-to-null-pointer-dereference]
    This bug causes hard irrecoverable crashes from driver 440+. This issue is still happening 5+ months later with no end in sight. At first users could work around this by using an older DKMS driver along with a LTS kernel. However today this is no longer possible. Many distributions of Linux are now dropping the old kernels. DKMS cannot build. The users are now FORCED with this “choice”:
    {Use an older driver and risk security implications} or {“use” the new drivers that cause random irrecoverable crashes.}
    This issue is only going to get more and more prevalent as the kernel is a core dependency by definition. This is just another example of the implications of an unsafe older kernel causing issue for users: https://archlinux.org/news/moving-to-zstandard-images-by-default-on-mkinitcpio/
    If you use Linux or care about the implications of a GPU monopoly, consider AMD. Nvidia is already rearing its ugly head and AMD is actually putting up a fight this year.
    #Linux NVIDIA News


Linux Magazine News (path: lmi_news)





  • Linux Mint 22 Stable Delayed
    If you're anxious about getting your hands on the stable release of Linux Mint 22, it looks as if you're going to have to wait a bit longer.














  • KDE Releases Plasma 6.0.5
    The latest release of the Plasma desktop has arrived with several improvements and the usual bug fixes.



  • Endless OS 6 Now Available
    After more than a year since the last update, the latest release of Endless OS is now available for general usage.


Page last modified on November 17, 2022, at 06:39 PM