Feed aggregator

Linux 6.19-rc2 Adding Support For CRKD Guitar Controllers  Phoronix

5 Chromebook Myths You Need To Stop Believing  SlashGear

Linux 6.19 Lands Fix For Seagate Barracuda HDD Taking Down The SATA Bus  Phoronix

Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released  Help Net Security

Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released  Help Net Security

Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released  Help Net Security

Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released  Help Net Security

Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released  Help Net Security

Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released  Help Net Security

America's unemployment rate for tech jobs rose to 4% in November, and "has been steadily rising since May," reports the Washington Post (citing data from the IT training/certifications company CompTIA). Between October and November, the number of technology workers across different industries fell 134,000, while the number of people working in the tech industry declined by more than 6,800. Tech job postings were also down by more than 31,800, the report found, citing data from the Bureau of Labor Statistics and California-based market intelligence firm Lightcast. "The data is pretty definitive that the tech industry is struggling," said Mark Zandi, Moody's chief economist. "There's a jobs recession in the industry, and it feels like that's going to continue given the slide in postings...." The unemployment rate in the tech industry still sits below the national rate, which in November hit 4.6 percent, the highest since 2021. However, that gap has been narrowing, with tech unemployment rising faster in recent months than is the case nationally.... Employers are largely in "wait and see" mode when it comes to hiring given the current uncertainties surrounding the economy and impact of AI, so they're likely to delay backfilling, Herbert said, citing CompTIA's surveys of chief information officers. But Justin Wolfers, professor of public policy and economics at the University of Michigan, said uncertainty is likely to continue in the foreseeable future. "I'm feeling substantially more pessimistic," Wolfers said, recalling that Federal Reserve Chair Jerome H. Powell recently suggested that federal job numbers may be overstated. "That's pretty grim." Technology companies have announced more than 141,000 job cuts so far this year, representing a 17 percent increase from the same period last year, according to outplacement firm Challenger, Gray & Christmas. At the same time Big Tech companies like Google, Microsoft, Meta and Amazon have announced plans to invest up to $375 billion in AI infrastructure this year. "AI is quickly becoming a requirement, with 41 percent of all active job postings representing AI roles or requiring AI skills, according to CompTIA's analysis," the article points out. Economist Zandi tells the Post that "If you have AI skills, there seems to be jobs. But if you don't, I think it's going to feel like you've been hit by a dump truck."

Read more of this story at Slashdot.

Linux Apps Without Distro Lock-In? Explore This Lesser Known Snap and Flatpak Alternative  It's FOSS

The team authoring the Rust 2025 Vision Doc interviewed Rust developers to find out what they liked about the language — and have now issued three recommendations "to help Rust continue to scale across domains and usage levels." — Enumerate and describe Rust's design goals and integrate them into our processes, helping to ensure they are observed by future language designers and the broader ecosystem. — Double down on extensibility, introducing the ability for crates to influence the develop experience and the compilation pipeline. — Help users to navigate the crates.io ecosystem and enable smoother interop The real "empowering magic" of Rust arises from achieving a number of different attributes all at once — reliability, efficiency, low-level control, supportiveness, and so forth. It would be valuable to have a canonical list of those values that we could collectively refer to as a community and that we could use when evaluating RFCs or other proposed designs... We recommend creating an RFC that defines the goals we are shooting for as we work on Rust... One insight from our research is that we don't need to define which values are "most important". We've seen that for Rust to truly work, it must achieveallthe factors at once... We recommenddoubling down on extensibilityas a core strategy. Rust's extensibility — traits, macros, operator overloading — has been key to its versatility. But that extensibility is currently concentrated in certain areas: the type system and early-stage proc macros. We should expand it to coversupportive interfaces(better diagnostics and guidance from crates) andcompilation workflow(letting crates integrate at more stages of the build process)... Doubling down on extensibility will not only make current Rust easier to use, it will enable and support Rust's use in new domains. Safety Critical applications in particular require a host of custom lints and tooling to support the associated standards. Compiler extensibility allows Rust to support those niche needs in a more general way. We recommend finding ways to help users navigate the crates.io ecosystem... [F]inding which crates to use presents a real obstacle when people are getting started. The Rust org maintains a carefully neutral stance, which is good, but also means that people don't have anywhere to go for advice on a good "starter set" crates... Part of the solution is enabling better interop between libraries.

Read more of this story at Slashdot.

jdSystemMonitor: More Than Your Regular System Monitor on Linux  It's FOSS

Disney runs quite a few properties including disneyplus.com, hulu.com, espn.com, abc.com, and a bunch of obviously Disney sites like shopdisney.com, disneyworld.disney.go.com, and disneycruise.disney.go.com. They have a centralized authentication system so all of these sites can use the same email address and password to log in.

It has a couple major problems though:

1. It isn’t obvious that the login is shared. They share a logo when logging in, but its not obvious to users that these sites share the same credentials. I wouldn’t expect that espn.com uses the same login as hulu.com and I know that Disney owns both of them! Also, password managers aren’t aware that the logins are tied together, so when you log in to one site and your password doesn’t work because you don’t realize they are shared, you end up resetting it. And then it broke your password for another site that you didn’t realize was connected
2. Users can’t verify that a site is legitimate. It would be trivial for an attacker to create a fake Disney site and mimic the Disney login system to capture passwords. I actually noticed this because my wife was logging into a site for Disney gift cards and I seriously throught it was a scam

Disney should implement a shared login that uses a common login site (like login.disney.com) so that users can know that it is a legitimate Disney site. This fixes the issues above. Users can know that they trust login.disney.com. Password managers will use the same credentials. And it will be more difficult for attackers to mimic a site if users know that login.disney.com is the only legitimate place to log in

The post Disney is Doing Cross-Site Authentication All Wrong appeared first on Brandon Checketts.

Archive.org now has a page with "the raw analog waveform and the reconstructed digital tape image (analog.tap), read at the Computer History Museum's Shustek Research Archives on 19 December 2025 by Al Kossow using a modified tape reader and analyzed with Len Shustek's readtape tool." A Berlin-based retrocomputing enthusiast has created a page with the contents of the tape ready for bootstrapping, "including a tar file of the filesystem," and instructions on dumping an RK05 disk image from tape to disk (and what to do next). Research professor Rob Ricci at the University of Utah's school of computing posted pictures and video of the tape-reading process, along with several updates. ("So far some of our folks think they have found Hunt The Wumpus and the C code for a Snobol interpreter.") University researcher Mike Hibler noted the code predates the famous comment "You are not expected to understand this" — and found part of the C compiler with a copyright of 1972. The version of Unix recovered seems to have some (but not all) of the commands that later appeared in Unix v5, according to discussion on social media. "UNIX wasn't versioned as we know it today," explains University of Utah PhD student Thalia Archibald, who researched early Unix history (including the tape) and also worked on its upload. "In the early days, when you wanted to cut a tape, you'd ask Ken if it was a good day — whether the system was relatively bug-free — and copy off the research machine... I've been saying It's probably V5 minus a tiny bit, which turned out to be quite true."

Read more of this story at Slashdot.

GotaTun Open-Source Rust WireGuard Implementation Announced By Mullvad  Phoronix

One developer tells MIT Technology Review that AI tools weaken the coding instincts he used to have. And beyond that, "It's just not fun sitting there with my work being done for me." But is AI making coders faster? "After speaking to more than 30 developers, technology executives, analysts, and researchers, MIT Technology Review found that the picture is not as straightforward as it might seem..." For some developers on the front lines, initial enthusiasm is waning as they bump up against the technology's limitations. And as a growing body of research suggests that the claimed productivity gains may be illusory, some are questioning whether the emperor is wearing any clothes.... Data from the developer analytics firm GitClear shows that most engineers are producing roughly 10% more durable code — code that isn't deleted or rewritten within weeks — since 2022, likely thanks to AI. But that gain has come with sharp declines in several measures of code quality. Stack Overflow's survey also found trust and positive sentiment toward AI tools falling significantly for the first time. And most provocatively, a July study by the nonprofit research organization Model Evaluation & Threat Research (METR) showed that while experienced developers believed AI made them 20% faster, objective tests showed they were actually 19% slower... Developers interviewed by MIT Technology Review generally agree on where AI tools excel: producing "boilerplate code" (reusable chunks of code repeated in multiple places with little modification), writing tests, fixing bugs, and explaining unfamiliar code to new developers. Several noted that AI helps overcome the "blank page problem" by offering an imperfect first stab to get a developer's creative juices flowing. It can also let nontechnical colleagues quickly prototype software features, easing the load on already overworked engineers. These tasks can be tedious, and developers are typically glad to hand them off. But they represent only a small part of an experienced engineer's workload. For the more complex problems where engineers really earn their bread, many developers told MIT Technology Review, the tools face significant hurdles... The models also just get things wrong. Like all LLMs, coding models are prone to "hallucinating" — it's an issue built into how they work. But because the code they output looks so polished, errors can be difficult to detect, says James Liu, director of software engineering at the advertising technology company Mediaocean. Put all these flaws together, and using these tools can feel a lot like pulling a lever on a one-armed bandit. "Some projects you get a 20x improvement in terms of speed or efficiency," says Liu. "On other things, it just falls flat on its face, and you spend all this time trying to coax it into granting you the wish that you wanted and it's just not going to..." There are also more specific security concerns, she says. Researchers have discovered a worrying class of hallucinations where models reference nonexistent software packages in their code. Attackers can exploit this by creating packages with those names that harbor vulnerabilities, which the model or developer may then unwittingly incorporate into software. Other key points from the article: LLMs can only hold limited amounts of information in context windows, so "they struggle to parse large code bases and are prone to forgetting what they're doing on longer tasks." "While an LLM-generated response to a problem may work in isolation, software is made up of hundreds of interconnected modules. If these aren't built with consideration for other parts of the software, it can quickly lead to a tangled, inconsistent code base that's hard for humans to parse and, more important, to maintain." "Accumulating technical debt is inevitable in most projects, but AI tools make it much easier for time-pressured engineers to cut corners, says GitClear's Harding. And GitClear's data suggests this is happening at scale..." "As models improve, the code they produce is becoming increasingly verbose and complex, says Tariq Shaukat, CEO of Sonar, which makes tools for checking code quality. This is driving down the number of obvious bugs and security vulnerabilities, he says, but at the cost of increasing the number of 'code smells' — harder-to-pinpoint flaws that lead to maintenance problems and technical debt." Yet the article cites a recent Stanford University study that found employment among software developers aged 22 to 25 dropped nearly 20% between 2022 and 2025, "coinciding with the rise of AI-powered coding tools." The story is part of MIT Technology Review's new Hype Correction series of articles about AI.

Read more of this story at Slashdot.

Linux Mint 22.3 Beta Released, This is What’s New  OMG! Ubuntu

Linux Mint 22.3 Beta Released, This is What’s New  OMG! Ubuntu

Linux Mint 22.3 Beta Released, This is What’s New  OMG! Ubuntu