Feed aggregator

Popular antivirus maker warns Windows 10 users to 'switch to Windows 11 immediately' (or Linux)  TweakTown

Popular antivirus maker warns Windows 10 users to 'switch to Windows 11 immediately' (or Linux)  TweakTown

Popular antivirus maker warns Windows 10 users to 'switch to Windows 11 immediately' (or Linux)  TweakTown

Popular antivirus maker warns Windows 10 users to 'switch to Windows 11 immediately' (or Linux)  TweakTown

Popular antivirus maker warns Windows 10 users to 'switch to Windows 11 immediately' (or Linux)  TweakTown

Popular antivirus maker warns Windows 10 users to 'switch to Windows 11 immediately' (or Linux)  TweakTown

Popular antivirus maker warns Windows 10 users to 'switch to Windows 11 immediately' (or Linux)  TweakTown

Popular antivirus maker warns Windows 10 users to 'switch to Windows 11 immediately' (or Linux)  TweakTown

In 2024, Americans spent 23% less on streaming subscriptions compared to 2023, driven by rising costs, streaming fatigue, and increased password-sharing restrictions. The findings have been reported in Review's annual State of Consumer Media Spending Report. TechSpot reports: Of those surveyed, 27.8 percent said they are experiencing streaming fatigue - or the feeling of being overwhelmed by the growing number of streaming apps on the market. And with the cost of goods and services at an all-time high, it's hitting folks in the wallet as well. The report additionally found that the average American has two streaming subscriptions, and watches three hours and 49 minutes of content each day. More than a quarter of subscribers - 26.5 percent - share subscriptions with others to save on cost although with recent crackdowns on password sharing, that might not be an option for much longer. As such, Reviews recommends downsizing the number of subscriptions you pay for each month or spending more time using free services if you're looking to cut down on costs in the New Year. For example, you could stagger subscriptions by signing up for a service temporarily to watch a specific show or movie and canceling when you are finished. It's also wise to keep an eye out for free trials, discounts, and limited-time streaming deals like those occasionally offered from Internet and mobile providers.

Read more of this story at Slashdot.

Cornell Tech researchers have developed a portable device called SoilScanner that uses radio frequency signals and machine learning to detect lead contamination in soil. It offers a cost-effective alternative to traditional methods of testing that "generally involves either sending samples to a lab for analysis, which relies upon harsh chemicals and can be expensive, or using a portable X-ray fluorescence device," notes Phys.org. From the report: "In recent years, especially during COVID, a lot of us got excited about having our own backyard garden, or spending more time at home," said [Rajalakshmi Nandakumar, assistant professor at the Jacobs Technion-Cornell Institute at Cornell Tech] who's also a member of the Department of Information Science in the Cornell Ann S. Bowers College of Computing and Information Science. "But if you look at instructions for how to grow tomatoes, no one actually tells you that you have to check your soil for lead," she said. "It's all about pH levels. A lot of us, even though we interact very often with soils, are totally unaware of possible lead contamination." [Yixuan Gao, a doctoral candidate in computer science] said the group was motivated by a map of lead contamination in New York City that Cheng's Urban Soils Lab (USL) had produced over the course of several years of testing for hundreds of soil samples throughout the five boroughs. The testing revealed dangerously high levels of lead in many locations, most notably in northern Brooklyn. About 45% of the soil samples tested by USL had lead levels above 400 parts per million (ppm), the previous EPA recommended screening level (revised a year ago to 200 ppm for residential soils). "This means there is a significant risk when gardening in these urban soils," Gao said. You can learn more about the device here (PDF).

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: China's commerce ministry has proposed export restrictions on some technology used to make battery components and process critical minerals lithium and gallium, a document, opens new tab issued on Thursday showed. If implemented, they would be the latest in a series of export restrictions and bans targeting critical minerals and the technology used to process them, areas in which Beijing is globally dominant. Their announcement precedes the inauguration later this month of Donald Trump for a second term during which he is expected to use tariffs and various trade restrictions against other countries, in particular China. [...] The proposed expansion and revisions of restrictions on technology used to extract and process lithium or prepare battery components could also hinder the overseas expansion plans of major Chinese battery makers, including CATL, Gotion, and EVE Energy. Some technologies to extract gallium would also be restricted. Thursday's announcement does not say when the proposed changes, which are open for public comment until Feb. 1, could come into force. Adam Webb, head of battery raw materials at consultancy Benchmark Mineral Intelligence, notes that China retains a 70% grip on the global processing of lithium into the material needed to make EV batteries. "These proposed measures would be a move to maintain this high market share and to secure lithium chemical production for China's domestic battery supply chains," he said. "Depending on the level of export restrictions imposed, this could pose challenges for Western lithium producers hoping to use Chinese technology to produce lithium chemicals."

Read more of this story at Slashdot.

According to Bloomberg (paywalled), Getty Images is exploring a merger with its rival Shutterstock. Following the news, Getty's shares were up 20.3% in afternoon trading, while shares of Shutterstock were up 7.7%. Reuters reports: The development comes at a time when Getty Images has struggled to retain customers and replace the lost customers. Its creative and editorial products, two of its largest revenue segments, declined year-over-year in 2023, according to its annual report. The decline in the popularity of stock image websites has coincided with the rise of AI tools like Midjourney and DALL-E 2, which can generate unique images quickly and cheaply. Seattle, Washington-based Getty is considering how to structure a deal that would unite two of the biggest U.S. providers of licensed visual content, the report said. [...] Deliberations are ongoing and Getty could choose not to pursue a deal, the report added.

Read more of this story at Slashdot.

Windows 11 24H2 continues to experience issues with multifunction devices using the eSCL scan protocol, despite Microsoft marking the problem as resolved. According to a Register reader, "It works on a Windows 10 machine, but not on Windows 11, unless both the computer and the scanner are on wired Ethernet." From the report: Microsoft issued a compatibility safeguard hold on USB-connected devices using the Scanner Communication Language (eSCL) protocol in November after users who installed the Windows update experienced glitches with device discovery. The issue was reported resolved by Microsoft in December. However, it seems that KB5048667 might not have fixed all the problems for Canon owners. According to our reader: "Canon support tells me that the 24H2 eSCL issue still is not fixed." We asked Microsoft about the situation, but despite telling us it was looking into the problem on Friday, December 20, the company has yet to provide any further details. Canon was more forthcoming. A spokesperson told The Register it was aware of a problem impacting devices using ScanGear MF. ScanGear MF is a scanner driver provided by Canon and allows customers to configure advanced settings for scanning. Canon does not appear to be changing its code to rectify whatever problems had been brought on by the Windows 11 update. The spokesperson said: "Microsoft is currently working on an OS amendment to resolve this and we are keeping in close contact with them. The timing for resolving this is yet to be confirmed by Microsoft, however we expect to receive the plan to fix in January 2025." Customers affected by the issue, which manifests itself with a communications error message, according to Canon's support forum, are advised to use either native Microsoft software solutions or go fully wired via USB.

Read more of this story at Slashdot.

'Silicon Valley Tea Party' where Linux users distributed Linux installation disks at Microsoft events  GIGAZINE（ギガジン）

Samsung and Google are introducing Eclipsa Audio, an open-source 3D audio standard set to debut on select YouTube videos and Samsung's 2025 TVs and soundbars. The new format "could eventually serve as a free alternative to Dolby Atmos, the dominant 3D audio format that hardware makers like Samsung pay to license for TVs and other equipment," reports The Verge. "Samsung says that similar to Atmos, this audio format supports adjusting 'audio data such as the location and intensity of sounds, along with spatial reflections' to create a 3D experience." From the report: The two companies first announced a partnership to develop spatial audio technology in 2023, initially calling it Immersive Audio Model and Formats (IAMF). At the time, Samsung spatial audio head WooHyun Nam said the format would provide "a complete open-source framework for 3D audio, from creation to delivery and playback." The IAMF spec has also been adopted by the Alliance for Open Media, a group that has been pushing for royalty-free codec support since 2015 and counts companies like Amazon, Apple, Microsoft, and Netflix -- along with Samsung and Google -- among its members. If they also add support for this audio format, it could help it catch on, although it's already taken years for their AV1 video codec to see more use. Samsung and Google are also creating a certification program with the Telecommunications Technology Association "to ensure consistent audio quality" across devices using the format, which also sounds similar to the way companies like Dolby and THX manage the labeling for their specs.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Rolling Stone: Sun pours through the lush foliage of a jungle, bleaching the pale limestone as a rotting man stands in the center of an otherwise empty arena, his yellow eyes leering from beneath a fringe of limp, blonde hair. Positioned around the edge are a hundred bodies, Orcs and Trolls and bipedal oxen shouting, demanding, the death of the dishonorable. Their voices swell into a cacophony of noise before one rings out above the rest, howling, 'Kill the cheater and you'll get 20 gold!' There is silence, and then another frenzy. As I watch, eyes fixed on the dim glow of a laptop screen, I think of the colosseum in Rome -- sweat running down the muscled arms of battle-tested gladiators, the crowd cheering for blood. This might sound like a moment pulled from a high fantasy drama made for prestige TV, but this is World of Warcraft, a now 20-year old online RPG. Instead of actors parading in front of green screens, this story's cast are streamers that occupy a virtual world. Tensions are high not because they're scripted, but because in World of Warcraft's Hardcore mode, death is permanent. Dejected, though acknowledging the transgression made, Sequisha -- the streamer who was promptly executed for cheating -- sighs, and goes back to the character select screen. He creates a new avatar; it's time to start the game all over again. Sequisha's execution and subsequent reincarnation is just one of hundreds of stories playing out everyday in World of Warcraft as streamers have flocked to the massively multiplayer online RPG (MMORPG) to play together. Through their strife, and a commitment to staying in-character via roleplay, groups like the guild OnlyFangs have turned World of Warcraft into an RPG within an RPG, playing out improvisational personal drama where the stakes are high. In Hardcore mode, World of Warcraft has become the best soap opera on the internet, all playing out across over dozens of OnlyFangs creator streams every day. The new "Classic" and "Hardcore" servers were launched in celebration of World of Warcraft's 20th anniversary, helping to reignite interest in the game and increase viewership on platforms like Twitch and YouTube. The Hardcore server, where character death is permanent, attracted top streamers, leading to the formation of guilds like OnlyFangs. After a successful first season, OnlyFangs reshuffled its roster, embracing a more immersive roleplaying approach in its second season. "What they didn't know was their experiment in World of Warcraft roleplay would inadvertently create one of the best emergent dramas on the internet," reports Rolling Stone.

Read more of this story at Slashdot.

Apparently Google thinks I’m an expert at SSH Keys, so I’m providing an update to my previous post two years ago with some slight updates.

You can tell quite a bit about other IT professionals from their Public SSH Key! I often work with others and ask for their key when granting access to a machine I control. Its a negative sign when they ask how to create one. If they provide one in the PuttyGen format, I know they’ve been asked for their key exactly once. A 2048 bit or smaller RSA key means they haven’t generated one in a long time. If they send me an ed25519 key with a comment under than their machine name, I feel confident that they know what they are doing.

For reference, a 4096-bit RSA key will be in this format:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDowuIZFbN2EWbVwK9TG+O0S85yqr7EYc8Odv76H8+K6I7prrdS23c3rIYsKl2mU0PjOKGyyRET0g/BpnU8WZtDGH0lKuRaNUT5tpKvZ1iKgshdYlS5dy25RxpiVC3LrspjmKDY/NkkflKQba2WAF3a5M4AaHxmnOMydk+edBboZhklIUPqUginLglw7CRg/ck99M9kFWPn5PiITIrpSy2y2+dt9xh6eNKI6Ax8GQ4GPHTziGrxFrPWRkyLKtYlYZr6G259E0EsDPtccO5nXR431zLSR7se0svamjhskwWhfhCEAjqEjNUyIXpT76pBX/c7zsVTBc7aY4B1onrtFIfURdJ9jduYwn/qEJem9pETli+Vwu8xOiHv0ekXWiKO9FcON6U7aYPeiTUEkSDjNTQPUEHVxpa7ilwLZa+2hLiTIFYHkgALcrWv/clNszmgifdfJ06c7pOGeEN69S08RKZR+EkiLuV+dH4chU5LWbrAj/1eiRWzHc2HGv92hvS9s/c= someuser@brandonsLaptop

And for comparison, an ed25519 key looks like this:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBLEURucCueNvq4hPRklEMHdt5tj/bSbirlC0BkXrPDI someuser@ip-172-31-74-201

You’ll notice in both of these, the first characters contain the key type. The middle section with all of the random characters contain the base-64 encoded public key. And at the end is a comment that is intended to identify the user to whom it belongs.

The ed25519 key is much shorter than an RSA keys, so if you’ve never seen one before, you might think it is less secure. But this key type is newer, and uses a totally different, more complex algorithm. Although the 256-bit ed25519 key has fewer characters, it is, for all practical purposes, as secure as the 4096-bit RSA key above. The ed25519 algorithm is more computationally complex, so it requires fewer bits for a similar level of security.

The ed25519 algorithm is based on a specific formula for an ellipse instead of prime numbers like the RSA algorithm. It has been in wide use for ~10 years, is supported by all modern software, and as such is the current standard for most professional users. Creating a key is simple with the ssh-keygen command. But before jumping to the actual command, I wanted to also explain a few other tips that I use, and think others should adopt as well.

Keys should created by individuals, not issued to groups

You should never share your private key with anybody. Ever. If a key is ever shared, you have to assume that the other party can impersonate you on any system in which it is used.

I’ve been a part of some teams which create a new server and create a new key to access that server, and share they new key with everybody who needs to accss the machine. I think this practice stems from AWS or other providers who create an SSH key for you, along with a new machine, and the user just continuing the practice. I wish they’d change that.

That’s the backwards way of thinking about it. Individuals should own their own keys. They should be private. And you can add multiple public keys to resources where multiple people need access. Again, I wish AWS and others will allow this more easily instead of allowing only a single key. You then revoke access by removing the public key, instead of having to re-issue a new key whenever the group changes. (Or worse, not changing the key at all!)

Rotating your SSH keys

You should rotate your SSH keys regularly. The thought process here is that if you have used the same key for a long time, and then your laptop with your private key gets lost, or your key compromised, every machine that you’ve been granted access to over that time is potentially at risk, because administrators are notoriously bad about revoking access. By changing out your key regularly, you limit the potential access in the case of a compromised key. Generating a new SSH key also ensures that you are using more modern algorithms and key sizes.

I like to create a new SSH key about every two years. To remind my self to do this, I embed the year I created the key within its name. My last key was created in March 2023, which I have named brandon+2023@roundsphere.com. I’m creating a new key now, at the beginning of 2025, which I’ll name with the current year. Each time I use it, I’m reminded when I created the key, and if it gets to be around 2 years, and I have some time free, I’ll create a new key. Of course I keep all of my older keys in case I need access to something I haven’t accessed for a while. My ssh-agent usually has my two most recent keys loaded. If I do need to use an older one, it is enough of a process to find and use the old one, that the first thing I’ll do is update my key as soon as I get into a system where an old key was needed.

Don’t use the default ssh-keygen comment

I also suggest that you make the SSH key comment something meaningful. If you don’t provide a comment, most ssh-keygen implementations default to your_username@you_machine name which just might be silly or meaningless. In a professional setting, it should clearly identify you. For example BrandonChecketts as a comment is better than me00101@billys2017_macbook_air. It should be meaningful both to you, and to whomever you are sharing it.

I mentioned including the creation month above, which I like to include in the comment because when sharing the public key, it subtly demonstrates that I am security conscious, have rotated it recently, and I know what I’m doing. The comment at the end of the key can be changed without affecting its functionality, so if I might change the comment depending on who I’m sharing it with. When I receive a public key from somebody else that contains a generic comment, I often change the comment to be include their name or email address so I can later remember to whom it belongs to.

Always use a passphrase

Your SSH key is just a tiny file on disk. If your machine is ever lost, stolen, or compromised in any way by an attacker, the file is pretty easy for them to copy. Without it being encrypted with a pass phrase, it is directly usable. And if someone has access to your SSH private key, they probably have access to your bash or terminal history and would know where to use it.

As such, it is important to protect your SSH private key with a decent pass phrase. To avoid typing your pass phrase over and over, use the SSH-Agent, which will remember it for your session.

Understand and use SSH-Agent Forwarding when applicable

SSH Agent Forwarding allows you to ssh into one machine, and then transparently “forward” your SSH keys to the that machine for use authenticating into a machine past it. I most often use this when authenticating to GitHub from a remote machine. Using Agent forwarding means that I don’t have to copy my SSH Private key onto the remote machine in order to authenticate to GitHub from there.

You shouldn’t, however, just blindly use SSH Agent Forwarding everywhere. If you access a compromised machine where an attacker may have access to your account or to the root account, you should NOT use agent forwarding since it is possible for them to intercept your private key. I’ve never seen this exploited, but since it is possible, you should only use SSH Agent Forwarding to systems which you trust.

The ssh-keygen Command

With all of the above context, this is the command you should use to create your ed25519 key:

ssh-keygen -t ed25519 -f ~/.ssh/your-key-filename -C "your-key-comment"

That will ask you for a pass phrase and then show you a randomart image that represents your public key when it is created. The randomart is just a visual representation of your key so that you can see it is different from others.

$ ssh-keygen -t ed25519 -f ~/.ssh/brandon+2025@roundsphere.com -C "brandon+2025@roundsphere.com" Generating public/private ed25519 key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in ~/.ssh/brandon+2025@roundsphere.com Your public key has been saved in ~/.ssh/brandon+2025@roundsphere.com.pub The key fingerprint is: SHA256:HiCF8gbV6DpBTC2rq2IMudwBc5+QuB9NqeGtc3pmqEY brandon+2025@roundsphere The key's randomart image is: +--[ED25519 256]--+ | o.o.+. | | * +.. | | o O... | |+ A *. . | |.B % . S | |=E* = . . | |=+o= . | |+==.= | |B..B | +----[SHA256]-----+ Obsessive/Compulsive Tip

This may be taking it too far, but I like to have a memorable few digits at the end of the key so that I can confirm the key got copied correctly. One of my keys ends in 7srus, so I think of it as my “7’s ‘R’ Us” key. You can do that over and over again until you find a key that you like with this one-liner:

rm newkey; rm newkey.pub; ssh-keygen -t ed25519 -f ./newkey -C "brandon+2025@roundsphere.com" -N ''; cat newkey.pub;

That creates a key without a passphrase, so you can do it over and over quickly until you find a public key that you “like”. Then protect it with a passphrase with the command

ssh-keygen -p -f newkey

And obviously, then you rename it from newkey and to newkey.pub a more meaningful name.

Replacing your public key when you use it

As you access machines, make sure to add your new key and remove old keys from your ~/.ssh/authorized_keys file. At some point, you should remove your previous key from your ssh-agent and you’ll be forced to use the old key to get in, and replace it with the new key.

Is that complete? What other tips should others know about when creating an SSH Key in 2025 and beyond?

The post SSH Key Best Practices for 2025 – Using ed25519, key rotation, and other best practices appeared first on Brandon Checketts.

The Register's Jude Karabus reports: IBM and semiconductor maker GlobalFoundries have settled all of their litigation against each other, including breach of contract, patent, and trade secret suits, the pair say. The details of the settlement are confidential. All that both companies were prepared to say in yesterday's statements was that the deal they'd agreed would resolve "all litigation matters, inclusive of breach of contract, trade secrets, and intellectual property claims between the two companies." They added that the settlement would allow the companies to "explore new opportunities for collaboration in areas of mutual interest." In 2021, IBM sued GlobalFoundries for $2.5 billion, accusing it of failing to deliver on 10nm and 7nm chip production commitments, which disrupted IBM's hardware roadmap. GlobalFoundries poaching engineers countersued in 2023, alleging IBM misused trade secrets and poached engineers to support partnerships with Intel and Rapidus, potentially compromising proprietary technologies.

Read more of this story at Slashdot.

How to Disable IPv6 on Linux  TechRepublic

Apple Intelligence now requires 7GB of free storage per device, nearly doubling the original 4GB requirement from iOS 18.1. This is a result of new AI features like Genmoji, ChatGPT in Siri, and Image Playground. With further updates expected, storage demands could rise to 10GB per device. 9to5Mac reports: Per Apple's website, Apple Intelligence now requires 7GB of free storage. The same 7GB number applies whether you're using an iPhone, iPad, or Mac. But it also, since each product does its own on-device processing, adds up for multi-device use. If you want to use AI features across all three devices (which I'd assume most of us do), that's a grand total of 21GB of free space being used by Apple Intelligence. And unfortunately, if you're tight on storage, there's no way to reduce the requirement by disabling certain features.

Read more of this story at Slashdot.