Feed aggregator

Microsoft has instituted a new "globally consistent" performance improvement process. According to internal documents, employees flagged as underperformers now face two options: enter a performance improvement plan with "clear expectations and a timeline for improvement" or accept a "Global Voluntary Separation Agreement" worth 16 weeks' pay. Affected employees have five days to decide, and those choosing the improvement plan forfeit the severance option. The program, announced in an email from new Chief People Officer Amy Coleman, operates year-round to "address performance issues, while offering employees choice."

Read more of this story at Slashdot.

BrianFagioli writes: ARMO, the company behind Kubescape, has uncovered what could be one of the biggest blind spots in Linux security today. The company has released a working rootkit called "Curing" that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught by many of the detection solutions currently on the market. At the heart of the issue is the heavy reliance on monitoring system calls, which has become the go-to method for many cybersecurity vendors. The problem? Attackers can completely sidestep these monitored calls by leaning on io_uring instead. This clever method could let bad actors quietly make network connections or tamper with files without triggering the usual alarms.

Read more of this story at Slashdot.

BrianFagioli writes: ARMO, the company behind Kubescape, has uncovered what could be one of the biggest blind spots in Linux security today. The company has released a working rootkit called "Curing" that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught by many of the detection solutions currently on the market. At the heart of the issue is the heavy reliance on monitoring system calls, which has become the go-to method for many cybersecurity vendors. The problem? Attackers can completely sidestep these monitored calls by leaning on io_uring instead. This clever method could let bad actors quietly make network connections or tamper with files without triggering the usual alarms.

Read more of this story at Slashdot.

Frostrail from the devs of Barotrauma 'eager' to support Linux with a 'tentative yes'  GamingOnLinux

Frostrail from the devs of Barotrauma 'eager' to support Linux with a 'tentative yes'  GamingOnLinux

Frostrail from the devs of Barotrauma 'eager' to support Linux with a 'tentative yes'  GamingOnLinux

An anonymous reader quotes a report from the Washington Post: Oil and gas companies are facing hundreds of lawsuits around the world testing whether they can be held responsible for their role in causing climate change. Now, two scientists say they've built a tool that can calculate how much damage each company's planet-warming pollution has caused -- and how much money they could be forced to pay if they're successfully sued. Collectively, greenhouse emissions from 111 fossil fuel companies caused the world $28 trillion in damage from extreme heat from 1991 to 2020, according to a paper published Wednesday in Nature. The new analysis could fuel an emerging legal fight.The authors, Dartmouth associate professor Justin Mankin and Chris Callahan, a postdoctoral researcher at Stanford University, say their model can determine a specific company's share of responsibility over any time period. [...] Callahan and Mankin's work combines all of these steps -- estimating a company's historical emissions, figuring out how much those emissions contributed to climate change and calculating how much economic damage climate change has caused -- into one "end-to-end" model that links one polluter's emissions to a dollar amount of economic damage from extreme heat. By their calculation, Saudi Aramco is on the hook for $2.05 trillion in economic losses from extreme heat from 1991 to 2020. Russia's Gazprom is responsible for $2 trillion, Chevron for $1.98 trillion, ExxonMobil for $1.91 trillion and BP for $1.45 trillion. Industry groups and companies tend to object to the methodologies of attribution science. They could seek to contest the assumptions that went into each step of Mankin and Callahan's model. Indeed, every step in that process introduces some room for error, and stringing together all of those steps compounds the uncertainty in the model, according to Delta Merner, lead scientist at theScience Hub for Climate Litigation, which connects scientists and lawyers bringing climate lawsuits. She also mentioned that the researchers relied on a commonly used but simplified climate model known as the Finite Amplitude Impulse Response (FAIR) model. "It is robust for the purpose of what the study is doing," Merner said, "but these models do make assumptions about climate sensitivity, about carbon cycle behavior, energy balance, and all of the simplifications in there do introduce some uncertainty." The exact dollar figures in the paper aren't intended as gospel. But outside scientists said Mankin and Callahan use well-established, peer-reviewed datasets and climate models for every step in their process, and they are transparent about the uncertainty in the numbers.

Read more of this story at Slashdot.

Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools  The Hacker News

Linux 6.15 Fixes A Performance Issue For Extremely Heavy Read-Only Workloads  Phoronix

Linux systems vulnerable to a new rootkit invisible to security solutions  Cybernews

Linux 'io_uring' security blindspot allows stealthy rootkit attacks  BleepingComputer

Linux 'io_uring' security blindspot allows stealthy rootkit attacks  BleepingComputer

Linux 'io_uring' security blindspot allows stealthy rootkit attacks  BleepingComputer

Hackers can now bypass Linux security thanks to terrifying new Curing rootkit  BetaNews

9 Linux Gaming Myths That Just Won't Die  How-To Geek

I'm a Linux power user, and this distro made me rethink what an operating system can be  ZDNET

New Patches Get Linux Booting On The Snapdragon X1-Powered Dell Inspiron 14 Plus  Phoronix

To celebrate the Hubble Space Telescope's 35th anniversary in orbit, NASA and ESA released a series of new, out-out-of-this-world images spanning planets, nebulae, and galaxies. From a press release: Hubble today is at the peak of its scientific return thanks to the dedication, perseverance and skills of engineers, scientists and mission operators. Astronaut shuttle crews gallantly chased and rendezvoused with Hubble on five servicing missions from 1993 to 2009. The astronauts, including ESA astronauts on two of the servicing missions, upgraded Hubble's cameras, computers and other support systems. By extending Hubble's operational life the telescope has made nearly 1.7 million observations, looking at approximately 55,000 astronomical targets. Hubble discoveries have resulted in over 22,000 papers and over 1.3 million citations as of February 2025. All the data collected by Hubble is archived and currently adds up to over 400 terabytes. The demand for observing time remains very high with 6:1 oversubscriptions, making it one of the most in-demand observatories today. Hubble's long operational life has allowed astronomers to see astronomical changes spanning over three decades: seasonal variability on the planets in our solar system, black hole jets traveling at nearly the speed of light, stellar convulsions, asteroid collisions, expanding supernova bubbles, and much more.

Read more of this story at Slashdot.

Raspberry Pi HEVC Decoder Linux Driver Updated For Mainline Kernel Attempt  Phoronix

PCIe Controller Support For The Apple M2 Pro Coming To The Mainline Linux Kernel  Phoronix