Feed aggregator

Backlash intensified against Discord's age verification rollout after it briefly disclosed a UK age-verification test involving vendor Persona, contradicting earlier claims about minimal ID storage and transparency. Ars Technica explains: One of the major complaints was that Discord planned to collect more government IDs as part of its global age verification process. It shocked many that Discord would be so bold so soon after a third-party breach of a former age check partner's services recently exposed 70,000 Discord users' government IDs. Attempting to reassure users, Discord claimed that most users wouldn't have to show ID, instead relying on video selfies using AI to estimate ages, which raised separate privacy concerns. In the future, perhaps behavioral signals would override the need for age checks for most users, Discord suggested, seemingly downplaying the risk that sensitive data would be improperly stored. Discord didn't hide that it planned to continue requesting IDs for any user appealing an incorrect age assessment, and users weren't happy, since that is exactly how the prior breach happened. Responding to critics, Discord claimed that the majority of ID data was promptly deleted. Specifically, Savannah Badalich, Discord's global head of product policy, told The Verge that IDs shared during appeals "are deleted quickly -- in most cases, immediately after age confirmation." It's unsurprising then that backlash exploded after Discord posted, and then weirdly deleted, a disclaimer on an FAQ about Discord's age assurance policies that contradicted Discord's hyped short timeline for storing IDs. An archived version of the page shows the note shared this warning: "Important: If you're located in the UK, you may be part of an experiment where your information will be processed by an age-assurance vendor, Persona. The information you submit will be temporarily stored for up to 7 days, then deleted. For ID document verification, all details are blurred except your photo and date of birth, so only what's truly needed for age verification is used." Critics felt that Discord was obscuring not just how long IDs may be stored, but also the entities collecting information. Discord did not provide details on what the experiment was testing or how many users were affected, and Persona was not listed as a partner on its platform. Asked for comment, Discord told Ars that only a small number of users was included in the experiment, which ran for less than one month. That test has since concluded, Discord confirmed, and Persona is no longer an active vendor partnering with Discord. Moving forward, Discord promised to "keep our users informed as vendors are added or updated." While Discord seeks to distance itself from Persona, Rick Song, Persona's CEO [...] told Ars that all the data of verified individuals involved in Discord's test has been deleted. Ars also notes that hackers "quickly exposed a 'workaround' to avoid Persona's age checks on Discord" and "found a Persona frontend exposed to the open internet on a U.S. government authorized server." The Rage, an independent publication that covers financial surveillance, reported: "In 2,456 publicly accessible files, the code revealed the extensive surveillance Persona software performs on its users, bundled in an interface that pairs facial recognition with financial reporting -- and a parallel implementation that appears designed to serve federal agencies." While Persona does not have any government contracts, the exposed service "appears to be powered by an OpenAI chatbot," The Rage noted. Hackers warned "that OpenAI may have created an internal database for Persona identity checks that spans all OpenAI users via its internal watchlistdb," seemingly exploiting the "opportunity to go from comparing users against a single federal watchlist, to creating the watchlist of all users themselves."

Read more of this story at Slashdot.

Users say Pinterest has become flooded with AI-generated images and heavy-handed automated moderation, with artists reporting wrongful takedowns and their hand-drawn work mislabeled as "AI modified." As the company doubles down on AI features and layoffs, longtime users argue the platform's creative ecosystem is being undermined. 404 Media reports: "I feel like, increasingly, it's impossible to talk to a single human [at Pinterest]," artist and Pinterest user Tiana Oreglia told 404 Media. "Along with being filled with AI images that have been completely ruining the platform, Pinterest has implemented terrible AI moderation that the community is up in arms about. It's banning people randomly and I keep getting takedown notices for pins." [...] r/Pinterest is awash in users complaining about AI-related issues on the site. "Pinterest keeps automatically adding the 'AI modified' tag to my Pins... every time I appeal, Pinterest reviews it and removes the AI label. But then... the same thing happens again on new Pins and new artwork. So I'm stuck in this endless loop of appealing, label removed, new Pin gets tagged again," read a post on r/Pinterest. The redditor told 404 Media that this has happened three times so far and it takes between 24 to 48 hours to sort out. "I actively promote my work as 100% hand-drawn and 'no AI,'" they said. "On Etsy, I clearly position my brand around original illustration. So when a Pinterest Pin is labeled 'Hand Drawn' but simultaneously marked as 'AI modified,' it creates confusion and undermines that positioning." Artist Min Zakuga told 404 Media that they've seen a lot of their art on Pinterest get labeled as "AI modified" despite being older than image generation tech. "There is no way to take their auto-labeling off, other than going through a horribly long process where you have to prove it was not AI, which still may get rejected," she said. "Even artwork from 10-13 years ago will still be labeled by Pinterest as AI, with them knowing full well something from 10 years ago could not possibly be AI." Other users are tired of seeing a constant flood of AI-generated art in their feeds. "I can't even scroll through 100 pins without 95 out of them being some AI slop or theft, let alone very talented artists tend to be sucked down and are being unrecognized by the sheer amount of it," said another post. "I don't want to triple check my sources every single time I look at a pin, but I refuse to use any of that soulless garbage. However, Pinterest has been infested. Made obsolete."

Read more of this story at Slashdot.

Meta is pivoting Horizon Worlds away from its original VR-centric metaverse vision and toward a mobile-first strategy, "explicitly separating" its Quest VR platform from the virtual world. TechCrunch reports: By going mobile-first, Horizon Worlds is positioning itself to compete with popular platforms like Roblox and Fortnite. "We're in a strong position to deliver synchronous social games at scale, thanks to our unique ability to connect those games with billions of people on the world's biggest social networks," Samantha Ryan, Reality Labs' VP of content, said in the blog post. "You saw this strategy start to unfold in 2025, and now, it's our main focus." Ryan went on to note that Meta is still focused on VR hardware. "We have a robust roadmap of future VR headsets that will be tailored to different audience segments as the market grows and matures," Ryan wrote.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg: Shares of cybersecurity software companies tumbled Friday after Anthropic PBC introduced a new security feature into its Claude AI model. Crowdstrike Holdings was the among the biggest decliners, falling as much as 6.5%, while Cloudflare slumped more than 6%. Meanwhile, Zscaler dropped 3.5%, SailPoint shed 6.8%, and Okta declined 5.7%. The Global X Cybersecurity ETF fell as much as 3.8%, extending its losses on the year to 14%. Anthropic said the new tool will "scans codebases for security vulnerabilities and suggests targeted software patches for human review." The firm said the update is available in a limited research preview for now.

Read more of this story at Slashdot.

Goldman Sachs has launched an "S&P ex-AI" index (SPXXAI) that tracks the S&P 500 stocks not related to AI, offering investors a way to "hedge their exposure to the AI trade," reports Axios. From the report: "Excluding 'AI enablers' from the passive benchmark would eliminate the noise introduced by the AI hype," Louis Miller, head of the firm's equity custom basket desk, wrote in a note to clients about the new index. The ex-AI index is a compilation of all the stocks in the S&P 500 that are not related to AI, also referred to as old-economy stocks. It's available exclusively to Goldman customers, created in collaboration with S&P Dow Jones Indices. Taking all the AI out of the S&P doesn't leave much behind, as AI companies make up ~45% of the index, according to the note. Over the last three years, the S&P 500 is up 76%. The ex-AI index is only up 32% in that same time period.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: The English-language edition of Wikipedia is blacklisting Archive.today after the controversial archive site was used to direct a distributed denial of service (DDoS) attack against a blog. In the course of discussing whether Archive.today should be deprecated because of the DDoS, Wikipedia editors discovered that the archive site altered snapshots of webpages to insert the name of the blogger who was targeted by the DDoS. The alterations were apparently fueled by a grudge against the blogger over a post that described how the Archive.today maintainer hid their identity behind several aliases. "There is consensus to immediately deprecate archive.today, and, as soon as practicable, add it to the spam blacklist (or create an edit filter that blocks adding new links), and remove all links to it," stated an update today on Wikipedia's Archive.today discussion. "There is a strong consensus that Wikipedia should not direct its readers towards a website that hijacks users' computers to run a DDoS attack (see WP:ELNO#3). Additionally, evidence has been presented that archive.today's operators have altered the content of archived pages, rendering it unreliable." More than 695,000 links to Archive.today are distributed across 400,000 or so Wikipedia pages. The archive site, which is facing an investigation in which the FBI is trying to uncover the identity of its founder, is commonly used to bypass news paywalls. "Those in favor of maintaining the status quo rested their arguments primarily on the utility of archive.today for verifiability," said today's Wikipedia update. "However, an analysis of existing links has shown that most of its uses can be replaced. Several editors started to work out implementation details during this RfC [request for comment] and the community should figure out how to efficiently remove links to archive.today."

Read more of this story at Slashdot.

Xbox chief and Microsoft Gaming CEO Phil Spencer is leaving Microsoft after nearly 40 years at the company. "Meanwhile, Xbox President Sarah Bond, "long thought by many both inside and outside of Microsoft to be Spencer's heir apparent, has resigned," reports IGN. From the report: The new CEO of Microsoft Gaming will be Asha Sharma, currently the President of Microsoft's CoreAI product. Finally, Xbox Game Studios head Matt Booty is being promoted to Chief Content Officer and will work closely with Sharma. "I want to thank Phil for his extraordinary leadership and partnership," Microsoft CEO Satya Nadella said in an email sent to Microsoft staff. "Over 38 years at Microsoft, including 12 years leading Gaming, Phil helped transform what we do and how we do it." [...] Spencer was named Head of Xbox in March of 2014, when he was tasked with righting a ship that had made a number of product choices and policy decisions that rubbed core gamers the wrong way in the run-up to the launch of the Xbox One in Fall 2013. Long hailed by gamers as being one of their own, Spencer could frequently be found on Xbox Live, playing games regularly with fellow Xbox gamers and racking up a healthy Gamerscore. His first major move when put in charge was decoupling the Kinect 2.0 peripheral from the Xbox One package, thus immediately reducing the new console's price by $100 to $399, matching the day-one price of Sony's PlayStation 4. He spearheaded the much-heralded backwards compatibility movement within Xbox, the Xbox Game Pass service was born under his watch, and accessibility made major advances during his tenure in both hardware and software. Xbox Play Anywhere, which sought to let gamers play their Xbox games on any device, be it a PC, console, or handheld, isn't new but has been a big recent focal point. Spencer's time running Xbox will perhaps be most remembered for Microsoft's $69 billion acquisition of Activision-Blizzard-King in 2022, which took almost two years to achieve regulatory approval from various agencies around the world. But Spencer began trying to solve for Xbox's dearth of first-party games in 2018, when the first wave of studio acquisitions occurred. Prior to the Activision deal, Spencer's biggest move came with the $7.5 billion acquisition of ZeniMax, parent company of Bethesda, in 2020. The deal gave Xbox total ownership of Bethesda Game Studios and its Fallout and Elder Scrolls franchises along with id Software and its Doom and Quake IPs, among many others. Questions arose from there about whether or not that meant all of Xbox's new studios would produce games exclusively for Xbox consoles, and while some games were kept off of PlayStation platforms temporarily, many weren't and most now seem to come to PS5 eventually, if not on day one.

Read more of this story at Slashdot.

Wow! After years of hard work and countless commits, we have finally reached a huge milestone: GIMP 3.0 is officially released! I am excited as I write this and can't wait to share some incredible new features and improvements in this release. GIMP 2.10 was released in 2018, and the first development version of GIMP 3.0 came out in 2020. GIMP 3.0 released on 16/March/2025. Let us explore how to download and install GIMP 3.0, as well as the new features in this version. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post Download of the day: GIMP 3.0 is FINALLY Here! appeared first on nixCraft. 2025-03-18T03:45:26Z 2025-03-18T03:45:26Z Vivek Gite

Here is a quick list of all upgradeable packages on FreeBSD using pkg command. This is equivalent to apt list --upgradable command on my Debian or Ubuntu Linux system. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to list upgradeable packages on FreeBSD using pkg appeared first on nixCraft. 2025-03-16T20:25:39Z 2025-03-16T20:25:39Z Vivek Gite

In a move that has sparked significant discussion within the Ubuntu Linux fan-base and community, Canonical, the company behind Ubuntu, has announced its intention to explore the potential replacement of GNU Core Utilities with the Rust-based "uutils" project. They plan to introduce new changes in Ubuntu Linux 25.10, eventually changing it to Ubuntu version 26.04 LTS release in 2026 as Ubuntu is testing Rust 'uutils' to overhaul its core utilities potentially. Let us find out the pros and cons and what this means for you as an Ubuntu Linux user, IT pro, or developer. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post Ubuntu to Explore Rust-Based “uutils” as Potential GNU Core Utilities Replacement appeared first on nixCraft. 2025-03-16T12:17:36Z 2025-03-16T12:17:36Z Vivek Gite

Installing KSH (KornShell) on FreeBSD can be done with either FreeBSD ports or the pkg command. The ports collection will download the KSH source code, compile it, and install it on the system. The pkg method is easier, and it will download a pre-compiled binary package. Hence, it is recommended for all users. KornShell (KSH) has a long history, and many older Unix systems and scripts rely on it. As a result, KSH remains relevant for maintaining and supporting legacy infrastructure. Large enterprises, especially those with established Unix-based systems, continue to use KSH for scripting and system administration tasks. Some industries where KSH is still commonly used include finance and telecommunications. While Bash has become the dominant shell in many Linux distributions, KSH still holds a significant presence in Unix-like environments, particularly in legacy systems. Therefore, installing KSH and practicing with it is worthwhile if you plan to work in such environments. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to install KSH on FreeBSD appeared first on nixCraft. 2025-03-03T23:50:59Z 2025-03-03T23:50:59Z Vivek Gite

Sed is an acronym for "stream editor." A stream refers to a source or destination for bytes. In other words, sed can read its input from standard input (stdin), apply the specified edits to the stream, and automatically output the results to standard output (stdout). Sed syntax allows an input file to be specified on the command line. However, the syntax does not directly support output file specification; this can be achieved through output redirection or editing files in place while making a backup of the original copy optionally. Sed is one of the most powerful tools on Linux and Unix-like systems. Learning it is worthwhile, so in this tutorial, we will start with the sed command syntax and examples. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post Linux Sed Tutorial: Learn Text Editing with Syntax & Examples appeared first on nixCraft. 2025-03-03T09:47:07Z 2025-03-03T09:47:07Z Vivek Gite

Keeping your FreeBSD server or workstation updated is crucial for security and stability. However, after applying updates, especially kernel updates, you might wonder, "Do I need to reboot my system?" Let's simplify this process and provide a straightforward method for determining whether a reboot is necessary using the CLI, shell script, and ansible playbook. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to tell if FreeBSD needs a Reboot using kernel version check appeared first on nixCraft. 2025-02-23T22:07:23Z 2025-02-23T22:07:23Z Vivek Gite

Rsync is a opensource command-line tool in Linux, macOS, *BSD and Unix-like systems that synchronizes files and directories. It is a popular tool for sending or receiving files, making backups, or setting up mirrors. It minimizes data copied by transferring only the changed parts of files, making it faster and more bandwidth-efficient than traditional copying methods provided by tools like sftp or ftp-ssl. Rsync versions 3.3.0 and below has been found with SIX serious vulnerabilities. Attackers could exploit these to leak your data, corrupt your files, or even take over your system. There is a heap-based buffer overflow with a CVSS score of 9.8 that needs to be addressed on both the client and server sides of rsync package. Apart from that info leak via uninitialized stack contents defeats ASLR protection and rsync server can make client write files outside of destination directory using symbolic links. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post Critical Rsync Vulnerability Requires Immediate Patching on Linux and Unix systems appeared first on nixCraft. 2025-01-15T18:04:24Z 2025-01-15T18:04:24Z Vivek Gite

Multiplexing will boost your SSH connectivity or speed by reusing existing TCP connections to a remote host. This is useful when you frequently connect to the same server using SSH protocol for remote login, server management, using IT automation tools over SSH or even running hourly backups. However, sometimes your SSH command (client) will not respond or get hung up on the session when using multiplexing. Typically, this happens when your public IP changes (IPv4 to IPv6 changes when using DNS names), VPN issues, or firewall cuts connections. Hence, knowing SSH client control commands can save you time and boost your productivity when such gotchas occur. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to control the SSH multiplexing with the control commands appeared first on nixCraft. 2025-01-15T08:29:10Z 2025-01-15T08:29:10Z Vivek Gite

After years of development and testing, the ZFS raidz expansion is finally here and has been released as part of version 2.3.0. ZFS is a popular file system for Linux and FreeBSD. RAIDz is like RAID 5, which you find with hardware or Linux software raid devices. It protects your data by spreading it across multiple hard disks along with parity information. A raidz device can have single, double, or triple parity to sustain one, two, or three hard disk failures, respectively, without losing any data. Hence, expanding or adding a new HDD is a very handy feature for sysadmins in today's data-sensitive apps. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post ZFS Raidz Expansion Finally, Here in version 2.3.0 appeared first on nixCraft. 2025-01-14T09:19:20Z 2025-01-14T09:19:20Z Vivek Gite

Incus and Docker both use Linux kernel features to containerize your applications. Incus is best suited when you need system-level containers that act like traditional VMs and provide a persistent developer experience. On the other hand, Docker containers are ephemeral, i.e., temporary in nature. All files created inside Docker containers are lost when your Docker container is stopped or removed unless you stored them using volumes in different directories outside Docker. Docker is created as a disposable app deployment system. Incus containers are not typically created as disposables, and data is kept inside when they are stopped. Because of the Linux kernel support nesting feature, you can run Docker inside Incus. This page explains how to run Docker inside Incus containers. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to run Docker inside Incus containers appeared first on nixCraft. 2024-12-18T05:44:26Z 2024-12-18T05:44:26Z Vivek Gite

How do I change MySQL root password under Linux, FreeBSD, OpenBSD and UNIX-like like operating system over the ssh session? Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post MySQL Change root Password Command appeared first on nixCraft. 2024-12-09T16:19:00Z 2024-12-09T16:19:00Z Vivek Gite

Some Linux distro like Debian or specific BSD variants provide very little configuration support for mouse out of the box for Vim. Let us see how to paste in Vim using a mouse by enabling support, which is useful for new developers and sysadmin coming from Windows background. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to enable mouse to copy & paste in vim appeared first on nixCraft. 2024-11-28T13:44:35Z 2024-11-28T13:44:35Z Vivek Gite

Do you need to keep track of the network traffic (bandwidth) usage for the Network interface controller (NIC) of your Debian Linux-based cloud or bare metal server? Look no forward. Try the vnStat, a free and open-source console-based network traffic monitor that keeps a log of 5-minute intervals, hourly, daily, monthly, and yearly network traffic for the selected interface. Once installed, vnStat can be used even without root permissions on most systems. Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit The post How to install vnstat on Debian 12/11 to monitor network interface bandwidth usage appeared first on nixCraft. 2024-11-27T19:07:02Z 2024-11-27T19:07:02Z Vivek Gite