Open Source

Open Source Initiative Announces Alliance with Nonprofit Certifications Group (lpi.org) 5

When it comes to professional certifications, the long-running nonprofit Linux Professional Institute boasts they've issued 250,000, making them the world's largest Linux/Open Source certification body. And last week they announced a "strategic alliance" with the Open Source Initiative (OSI), which will now be "participating in development and maintenance of these programs."

The announcement points out that the Open Source Initiative already has many distinct responsibilities. Besides creating the Open Source Definition — and certifying that Open Source licenses meet the requirements of Open Source software — the OSI's mission is to "encourage the growth of Open Source communities around the world," which includes "educational and outreach efforts to spread Open Source principles."

So the ultimate goal is "strengthening Linux and Open Source communities," according to the announcement, by "nurturing the growth of more highly skilled professionals," with the OSI encouraging more people to get certifications for employers. The Open Source movement "has never been in greater need of educated professionals," says OSI executive director Stefano Maffulli, "to drive the next leap forward in Open Source understanding, innovation, and adoption... "This partnership with LPI is one in a series of initiatives that will increase accessibility to the certifications and community participation that Open Source needs to thrive."

And the LPI's executive director says it's their group's mission "to promote the use of open source by supporting the people who work with it. A closer relationship with OSI makes a valuable contribution to this effort."

The move "reaffirms the commitment of LPI and OSI to enhance the adoption of Linux and Open Source technology," according to the announcement.
Piracy

US Court Orders LibGen To Pay $30 Million To Publishers, Issues Broad Injunction 27

A New York federal court has ordered (PDF) the operators of shadow library LibGen to pay $30 million in copyright damages to publishers. The default judgment also comes with a broad injunction that affects third-party services including domain registries, browser extensions, CDN providers, IPFS gateways, advertisers, and more. These parties must restrict access to the pirate site. An anonymous reader quotes a report from TorrentFreak: Yesterday, U.S. District Court Judge Colleen McMahon granted the default judgment without any changes. The anonymous LibGen defendants are responsible for willful copyright infringement and their activities should be stopped. "Plaintiffs have been irreparably harmed as a result of Defendants' unlawful conduct and will continue to be irreparably harmed should Defendants be allowed to continue operating the Libgen Sites," the order reads. The order requires the defendants to pay the maximum statutory damages of $150,000 per work, a total of $30 million, for which they are jointly and severally liable. While this is a win on paper, it's unlikely that the publishers will get paid by the LibGen operators, who remain anonymous.

To address this concern, the publishers' motion didn't merely ask for $30 million in damages, they also demanded a broad injunction. Granted by the court yesterday, the injunction requires third-party services such as advertising networks, payment processors, hosting providers, CDN services, and IPFS gateways to restrict access to the site. [...] The injunction further targets "browser extensions" and "other tools" that are used to provide direct access to the LibGen Sites. While site blocking by residential Internet providers is mentioned in reference to other countries, ISP blocking is not part of the injunction itself. In addition to the broad measures outlined above, the order further requires domain name registrars and registries to disable or suspend all active LibGen domains, or alternatively, transfer them to the publishers. This includes Libgen.is, the most used domain name with 16 million monthly visits, as well as Libgen.rs, Libgen.li and many others.

At the moment, it's unclear how actively managed the LibGen site is, as it has shown signs of decay in recent years. However, when faced with domain seizures, sites typically respond by registering new domains. The publishers are aware of this risk. Therefore, they asked the court to cover future domain names too. The court signed off on this request, which means that newly registered domain names can be taken over as well; at least in theory. [...] All in all, the default judgment isn't just a monetary win, on paper, it's also one of the broadest anti-piracy injunctions we've seen from a U.S. court.
The Internet

45 Years Ago CompuServe Connected the World Before the World Wide Web (wosu.org) 118

Tony Isaac shares a report from WOSU Public Media: Silicon Valley has the reputation of being the birthplace of our hyper-connected Internet age, the hub of companies such as Apple, Google and Facebook. However, a pioneering company here in central Ohio is responsible for developing and popularizing many of the technologies we take for granted today. A listener submitted a question to WOSU's Curious Cbus series wanting to know more about the legacy of CompuServe and what it meant to go online before the Internet. That legacy was recently commemorated by the Ohio History Connection when they installed a historical marker in Upper Arlington -- near the corner of Arlington Center and Henderson roads -- where the company located its computer center and corporate building in 1973. The plaque explains that CompuServe was "the first major online information service provider," and that its subscribers were among the first to have access to email, online newspapers and magazines and the ability to share and download files. CompuServe, founded in 1969 in Ohio as a subsidiary of Golden United Life Insurance, began as a computer time-sharing service for businesses. In 1979, it launched an online service for consumers, partnering with RadioShack since they "were key in reaching early computer users."

Acquired by H&R Block in 1980, CompuServe became a leader in digital innovations like email, online newspapers, and chat forums, with The Columbus Dispatch becoming the first online newspaper. "... it turned out that what was most popular is not reading reliable news sources, but just shooting the breeze with your friends or arguing with strangers over politics," said former tech journalist and early Compuserve user Dylan Tweney.

Despite competing with Prodigy and AOL through the 1990s, CompuServe struggled with the rise of the internet. AOL acquired the company in 1997, but CompuServe remains a digital pioneer for fostering online communities. "For a lot of people, CompuServe was a connection to the world and their first introduction to the idea that their computer could be more than a computer," said Tweney. "It was a communications device, an information device."
Firefox

Zen Browser: a New Firefox-based Alternative to Chromium Browsers (zen-browser.app) 80

First released on July 11th, the Firefox-based Zen browser is "taking a different approach to the user interface," according to the blog It's FOSS.

The Register says the project "reminds us strongly of Arc, a radical Chromium-based web browser... to modernize the standard web browser UI by revising some fundamental assumptions." [Arc] removes the URL bar from front and center, gets rid of the simple flat list of tabs, and so on. Zen is trying to do some similar things, but in a slightly more moderate way — and it's doing it on the basis of Mozilla's Firefox codebase... Instead of the tired old horizontal tab bar you'll see in both Firefox and Chrome, Zen implements its own tab bar... By default, this tab bar is narrow and just shows page icons — but there are some extra controls at the bottom of the sidebar, one of which expands the sidebar to show page titles too. For us, it worked better than Vivaldi's fancier sidebar.
The article concludes it's "a new effort to modernize web browsing by bringing tiling, workspaces, and so on — and it's blissfully free of Google code." One Reddit comment swooned over Zen's "extraordinary" implementation of a distraction-free "Compact Mode" (hiding things like the sidebar and top bar). And It's Foss described it as a "tranquil," browser, "written using CSS, C++, JavaScript, and a few other programming languages, with a community of over 30 people contributing to it." The layout of the interface felt quite clean to me; there were handy buttons on the top to control the webpage, manage extensions, and a menu with additional options... The split-view functionality allows you to open up two different tabs on the same screen, allowing for easy multitasking when working across different webpages... I split two tabs, but in my testing, I could split over 10+ tabs... If you have a larger monitor, then you are in for a treat...

The Zen Sidebar feature... can run web apps alongside any open tabs. This can be helpful in situations where you need to quickly access a service like a note-taking app, Wikipedia, Telegram, and others.

On the customization side of things, you will find that Zen Browser supports everything that Firefox does, be it the settings, adding new extensions/themes/plugins, etc.

The Register points out it's easy to give it a try. "Being based on Firefox means that as well as running existing extensions, it can connect to Mozilla's Sync service and pick up not just your bookmarks, but also your tabs from other instances."

And beyond all that, "There's just something satisfying about switching browsers every now and again..." argues the tech site Pocket-Lint: Zen Browser's vertical tabs layout is superb and feels much better than anything available in standard Firefox. [Firefox recently offered vertical tabs and a new sidebar experience in Nightly/Firefox Labs 131.] The tab bar can be set to automatically hide and show up whenever you hover near it, and it also contains quick access buttons to bookmarks, settings, and browsing history. The tab bar also contains a profile switcher...

One of the greatest parts of the Zen Browser is the community that has popped up around it. At its heart, Zen Browser is a community-driven project... Zen Browser themes are aesthetic and functional tweaks to the UI. While there aren't a ton available right now, the ones that are show a lot of promise for the browser's future... I've personally gotten great use out of the Super URL Bar theme, which makes your URL bar expand and become the focus of your screen while typing in it... There's a lot you can do to make Zen Browser feel nearly exactly like what you want it to feel like.

The "Business Standard calls it "an open-source alternative to Chromium-based browsers," adding "Where Zen truly shines is it offers a range of customisation, tab management, and workspace management..." Their theme store offers a range of options, including modifications to the bookmark toolbar, a floating URL bar, private mode theming, and removal of browser padding. In addition to these, users can also choose from custom colour schemes and built-in theming options... The Sidebar is another neat feature which allows you to open tabs in a smaller, smartphone-sized window. You can view websites in mobile layout by using this panel.
It's "focused on being always at the latest version of Firefox," according to its official site, noting that Firefox is known for its security features. But then, "We also have additional security features like https only built into Zen Browser to help keep you safe online." And it also promises automated Releases "to ensure security."

It's FOSS adds that you can get Zen Browser for Linux, Windows, and macOS from its official website (adding "They also offer it on the Flathub store for further accessibility on Linux.")

And its source code is available on GitHub.
AI

Project Analyzing Human Language Usage Shuts Down Because 'Generative AI Has Polluted the Data' (404media.co) 93

The creator of an open source project that scraped the internet to determine the ever-changing popularity of different words in human language usage says that they are sunsetting the project because generative AI spam has poisoned the internet to a level where the project no longer has any utility. 404 Media: Wordfreq is a program that tracked the ever-changing ways people used more than 40 different languages by analyzing millions of sources across Wikipedia, movie and TV subtitles, news articles, books, websites, Twitter, and Reddit. The system could be used to analyze changing language habits as slang and popular culture changed and language evolved, and was a resource for academics who study such things. In a note on the project's GitHub, creator Robyn Speer wrote that the project "will not be updated anymore."

"Generative AI has polluted the data," she wrote. "I don't think anyone has reliable information about post-2021 language usage by humans." She said that open web scraping was an important part of the project's data sources and "now the web at large is full of slop generated by large language models, written by no one to communicate nothing. Including this slop in the data skews the word frequencies." While there has always been spam on the internet and in the datasets that Wordfreq used, "it was manageable and often identifiable. Large language models generate text that masquerades as real language with intention behind it, even though there is none, and their output crops up everywhere," she wrote.

AI

'Dead Internet Theory' Comes To Life With New AI-Powered Social Media App 66

A conspiracy theory known as "Dead Internet Theory" has gained traction in recent years, positing that most online social activity is artificial and designed to manipulate users. This theory has grown alongside the rise of large language models like ChatGPT. On Monday, software developer Michael Sayman launched SocialAI, an app that seems to embody aspects of this theory. ArsTechnica: SocialAI's 28-year-old creator, Michael Sayman, previously served as a product lead at Google, and he also bounced between Facebook, Roblox, and Twitter over the years. In an announcement post on X, Sayman wrote about how he had dreamed of creating the service for years, but the tech was not yet ready. He sees it as a tool that can help lonely or rejected people.

"SocialAI is designed to help people feel heard, and to give them a space for reflection, support, and feedback that acts like a close-knit community," wrote Sayman. "It's a response to all those times I've felt isolated, or like I needed a sounding board but didn't have one. I know this app won't solve all of life's problems, but I hope it can be a small tool for others to reflect, to grow, and to feel seen." As The Verge reports in an excellent rundown of the example interactions, SocialAI lets users choose the types of AI followers they want, including categories like "supporters," "nerds," and "skeptics." These AI chatbots then respond to user posts with brief comments and reactions on almost any topic, including nonsensical "Lorem ipsum" text.
Television

TCL Accused of Selling Quantum Dot TVs Without Actual Quantum Dots (arstechnica.com) 48

An anonymous reader quotes a report from Ars Technica, written by Scharon Harding: TCL has come under scrutiny this month after testing that claimed to examine three TCL TVs marketed as quantum dot TVs reportedly showed no trace of quantum dots. [...] Earlier this month, South Korean IT news publication ETNews published a report on testing that seemingly showed three TCL quantum dot TVs, marketed as QD TVs, as not having quantum dots present. Hansol Chemical, a Seoul-headquartered chemicals company, commissioned the testing. SGS, a Geneva-headquartered testing and certification company, and Intertek, a London-headquartered testing and certification company, performed the tests. The models examined were TCL's C755, said to be a quantum dot Mini LED TV, the C655, a purported quantum dot LED (QLED) TV, and the C655 Pro, another QLED. None of those models are sold in the US, but TCL sells various Mini LED and LED TVs in the US that claim to use quantum dots. According to a Google translation, ETNews reported: "According to industry sources on the 5th, the results of tests commissioned by Hansol Chemical to global testing and certification agencies SGS and Intertek showed that indium... and cadmium... were not detected in three TCL QD TV models. Indium and cadmium are essential materials that cannot be omitted in QD implementation." The testing was supposed to detect cadmium if present at a minimum concentration of 0.5 mg per 1 kg, while indium was tested at a minimum detection standard of 2 mg/kg or 5 mg/kg, depending on the testing lab. [...]

In response to the results from SGS and Intertek, a TCL representative told ETNews and The Korea Times that TCL is "manufacturing TV sets with QD films supplied by three companies" and that "the amount of quantum dots... in the film may vary depending on the supplier, but it is certain that cadmium is included." TCL also published testing results on May 10 commissioned by Guangdong Region Advanced Materials, one of TCL's quantum dot film suppliers. Interestingly, SGS, one of the companies that found that TCL's TVs lacked quantum dots, performed the tests. This time, SGS detected the presence of cadmium in the TV films at a concentration of 4 mg/kg (an image of the results can be seen via ETNews here). TCL also said that it "confirmed the fluorescent characteristics of QD," per Google's translation, and provided a spectrogram purportedly depicting the presence of quantum dots in its TVs' quantum dot films. [...]

TCL obviously has reason to try to push results that show the presence of cadmium. However, some analysts and publications have pointed out that Hansol could have reason to push results claiming the opposite. As mentioned above, Hansol is in the chemical manufacturing and distribution business. It notably does not sell to TCL but does have a customer in TCL rival Samsung. Taking a step back further, Hansol is headquartered in Seoul and is considered a chaebol. TV giants Samsung and LG are also chaebols, and the South Korean government has reported interest in Samsung and LG continuing to be the world's biggest TV companies—titles that are increasingly challenged by Chinese brands. It has previously been reported that the South Korean government urged Samsung and LG to meet with each other to help ensure their leadership. The talks resulted in a partnership between the two companies reportedly centered on counteracting high prices that Samsung was facing for TV components sold by Chinese companies. With this background in mind, Hansol could be viewed as a biased party when it sought testing for TCL quantum dot TVs.
"I'm really puzzled by Hansol's results," said Eric Virey, principal displays analyst at Yole Intelligence. "I have a very hard time believing that TCL would go through the troubles of making ... 'fake' QD films without QDs: this would cost almost as much as making a real QD films but without the performance benefits."

Ars Technica concludes: "As previously stated, it's possible that TCL is indeed using quantum dots but is using them in a small amount alongside phosphor. If true, the performance may not be as high as it would be with other designs, but it would also mean that TCL's quantum dot TVs aren't bogus. As it stands, the situation could benefit from more, preferably third-party, testing..."
Electronic Frontier Foundation

EFF Decries 'Brazen Land-Grab' Attempt on 900 MHz 'Commons' Frequency Used By Amateur Radio (eff.org) 145

An EFF article calls out a "brazen attempt to privatize" a wireless frequency band (900 MHz) which America's FCC's left " as a commons for all... for use by amateur radio operators, unlicensed consumer devices, and industrial, scientific, and medical equipment." The spectrum has also become "a hotbed for new technologies and community-driven projects. Millions of consumer devices also rely on the range, including baby monitors, cordless phones, IoT devices, garage door openers." But NextNav would rather claim these frequencies, fence them off, and lease them out to mobile service providers. This is just another land-grab by a corporate rent-seeker dressed up as innovation. EFF and hundreds of others have called on the FCC to decisively reject this proposal and protect the open spectrum as a commons that serves all.

NextNav [which sells a geolocation service] wants the FCC to reconfigure the 902-928 MHz band to grant them exclusive rights to the majority of the spectrum... This proposal would not only give NextNav their own lane, but expanded operating region, increased broadcasting power, and more leeway for radio interference emanating from their portions of the band. All of this points to more power for NextNav at everyone else's expense.

This land-grab is purportedly to implement a Positioning, Navigation and Timing (PNT) network to serve as a US-specific backup of the Global Positioning System(GPS). This plan raises red flags off the bat. Dropping the "global" from GPS makes it far less useful for any alleged national security purposes, especially as it is likely susceptible to the same jamming and spoofing attacks as GPS. NextNav itself admits there is also little commercial demand for PNT. GPS works, is free, and is widely supported by manufacturers. If Nextnav has a grand plan to implement a new and improved standard, it was left out of their FCC proposal. What NextNav did include however is its intent to resell their exclusive bandwidth access to mobile 5G networks. This isn't about national security or innovation; it's about a rent-seeker monopolizing access to a public resource. If NextNav truly believes in their GPS backup vision, they should look to parts of the spectrum already allocated for 5G.

The open sections of the 900 MHz spectrum are vital for technologies that foster experimentation and grassroots innovation. Amateur radio operators, developers of new IoT devices, and small-scale operators rely on this band. One such project is Meshtastic, a decentralized communication tool that allows users to send messages across a network without a central server. This new approach to networking offers resilient communication that can endure emergencies where current networks fail. This is the type of innovation that actually addresses crises raised by Nextnav, and it's happening in the part of the spectrum allocated for unlicensed devices while empowering communities instead of a powerful intermediary. Yet, this proposal threatens to crush such grassroots projects, leaving them without a commons in which they can grow and improve.

This isn't just about a set of frequencies. We need an ecosystem which fosters grassroots collaboration, experimentation, and knowledge building. Not only do these commons empower communities, they avoid a technology monoculture unable to adapt to new threats and changing needs as technology progresses. Invention belongs to the public, not just to those with the deepest pockets. The FCC should ensure it remains that way.

NextNav's proposal is a direct threat to innovation, public safety, and community empowerment. While FCC comments on the proposal have closed, replies remain open to the public until September 20th. The FCC must reject this corporate land-grab and uphold the integrity of the 900 MHz band as a commons.

Crime

Linux Developer Swatted and Handcuffed During Live Video Stream (tomshardware.com) 99

Last October Slashdot reported on René Rebe's discovery of a random illegal instruction speculation bug on AMD Ryzen 7000-series and Epyc Zen 4 CPUs — which Rebe discussed on his YouTube channel.

But this week's YouTube episode had a different ending, reports Tom's Hardware... Two days ago, tech streamer and host of Code Therapy René Rebe was streaming one of many T2 Linux (his own custom distribution) development sessions from his office in Germany when he abruptly had to remove his microphone and walk off camera due to the arrival of police officers. The officers subsequently cuffed him and took him to the station for an hour of questioning, a span of time during which the stream continued to run until he made it back...

[T]he police seemingly have no idea who did it and acted based on a tip sent with an email. Finding the perpetrators could take a while, and options will be fairly limited if they don't also live in Germany.

Rebe has been contributing to Linux "since as early as 1998," according to the article, "and started his own T2 SD3 Embedded Linux distribution in 2004, as well." (And he's also a contributor to many other major open source projects.)

The article points out that Linux and other communities "are compelled by little-to-no profit motive, so in essence, René has been providing unpaid software development for the greater good for the past two decades."
Networking

'Samba' Networking Protocol Project Gets Big Funding from the German Sovereign Tech Fund (samba.plus) 33

Samba is "a free software re-implementation of the SMB networking protocol," according to Wikipedia. And now the Samba project "has secured significant funding (€688,800.00) from the German Sovereign Tech Fund to advance the project," writes Jeremy Allison — Sam (who is Slashdot reader #8,157 — and also a long standing member of Samba's core team): The investment was successfully applied for by [information security service provider] SerNet. Over the next 18 months, Samba developers from SerNet will tackle 17 key development subprojects aimed at enhancing Samba's security, scalability, and functionality.

The Sovereign Tech Fund is a German federal government funding program that supports the development, improvement, and maintenance of open digital infrastructure. Their goal is to sustainably strengthen the open source ecosystem.

The project's focus is on areas like SMB3 Transparent Failover, SMB3 UNIX extensions, SMB-Direct, Performance and modern security protocols such as SMB over QUIC. These improvements are designed to ensure that Samba remains a robust and secure solution for organizations that rely on a sovereign IT infrastructure. Development work began as early as September the 1st and is expected to be completed by the end of February 2026 for all sub-projects.

All development will be done in the open following the existing Samba development process. First gitlab CI pipelines have already been running and gitlab MRs will appear soon!

Back in 2000, Jeremy Allison answered questions from Slashdot readers about Samba.

Allison is now a board member at both the GNOME Foundation and the Software Freedom Conservancy, a distinguished engineer at Rocky Linux creator CIQ, and a long-time free software advocate.
Be

Haiku (Originally 'OpenBeOS') Releases Long Awaited R1/Beta5 (haiku-os.org) 32

An anonymous Slashdot reader writes: Haiku (the MIT-licensed operating system, inspired by BeOS) has released its fifth beta for Haiku R1.

Some new features include improved UI color management, improved dark mode coloring, Tracker improvements, TUN/TAP support for VPN connections, TCP throughput improvements, performance optimizations, UFS2 (BSD's filesystem) read-only support, new FAT filesystem driver, improved hardware support, improved POSIX compliance, improved performance, and more.

Slashdot has been covering the fate of the BeOS since 2000 (as well as the short-lived derivative project ZETA — and Haiku).

And now "With a history of over two decades and previously known as OpenBeOS, today's Haiku is pushing forward..." writes the site NotebookCheck: Haiku is a spiritual successor to BeOS, with a focus on a clean and user-friendly design paired with low system requirements. The minimum system requirements are still an Intel Pentium II/AMD Athlon CPU or better, at least 384 MB RAM, an 800x600 screen, and at least 3GB storage. It works on both 32-bit and 64-bit x86 PCs, and the 32-bit version can run many unmodified BeOS applications. It might be the best desktop open-source operating system not based on Linux or Unix... It works well in a virtual machine like VirtualBox or UTM.
Supercomputing

As Quantum Computing Threats Loom, Microsoft Updates Its Core Crypto Library (arstechnica.com) 33

An anonymous reader quotes a report from Ars Technica: Microsoft has updated a key cryptographic library with two new encryption algorithms designed to withstand attacks from quantum computers. The updates were made last week to SymCrypt, a core cryptographic code library for handing cryptographic functions in Windows and Linux. The library, started in 2006, provides operations and algorithms developers can use to safely implement secure encryption, decryption, signing, verification, hashing, and key exchange in the apps they create. The library supports federal certification requirements for cryptographic modules used in some governmental environments. Despite the name, SymCrypt supports both symmetric and asymmetric algorithms. It's the main cryptographic library Microsoft uses in products and services including Azure, Microsoft 365, all supported versions of Windows, Azure Stack HCI, and Azure Linux. The library provides cryptographic security used in email security, cloud storage, web browsing, remote access, and device management. Microsoft documented the update in a post on Monday. The updates are the first steps in implementing a massive overhaul of encryption protocols that incorporate a new set of algorithms that aren't vulnerable to attacks from quantum computers. [...]

The first new algorithm Microsoft added to SymCrypt is called ML-KEM. Previously known as CRYSTALS-Kyber, ML-KEM is one of three post-quantum standards formalized last month by the National Institute of Standards and Technology (NIST). The KEM in the new name is short for key encapsulation. KEMs can be used by two parties to negotiate a shared secret over a public channel. Shared secrets generated by a KEM can then be used with symmetric-key cryptographic operations, which aren't vulnerable to Shor's algorithm when the keys are of a sufficient size. [...] The other algorithm added to SymCrypt is the NIST-recommended XMSS. Short for eXtended Merkle Signature Scheme, it's based on "stateful hash-based signature schemes." These algorithms are useful in very specific contexts such as firmware signing, but are not suitable for more general uses. Monday's post said Microsoft will add additional post-quantum algorithms to SymCrypt in the coming months. They are ML-DSA, a lattice-based digital signature scheme, previously called Dilithium, and SLH-DSA, a stateless hash-based signature scheme previously called SPHINCS+. Both became NIST standards last month and are formally referred to as FIPS 204 and FIPS 205.
In Monday's post, Microsoft Principal Product Manager Lead Aabha Thipsay wrote: "PQC algorithms offer a promising solution for the future of cryptography, but they also come with some trade-offs. For example, these typically require larger key sizes, longer computation times, and more bandwidth than classical algorithms. Therefore, implementing PQC in real-world applications requires careful optimization and integration with existing systems and standards."
KDE

KDE Developer: Why Plasma 6.2 Includes a Once-a-Year Popup for Donations (pointieststick.com) 46

"If you're plugged into KDE social media, you probably see a lot of requests for donations..." writes KDE developer Nate Graham on his personal blog. But "We know that the fraction of people who subscribe to these channels is small, so there's a huge number of people who may not even know they can donate to KDE, let alone that donations are critically important to its continued existence..." From 6.2 onwards, Plasma itself will show a system notification asking for a donation once per year, in December. The idea here is to get the message that KDE really does need your financial help in front of more eyeballs — especially eyeballs not currently looking at KDE's public-facing promotion efforts... [W]e tried our best to minimize the annoying-ness factor: It's small and unobtrusive, and no matter what you do with it (click any button, close it, etc) it'll go away until next year. It's implemented as a KDE Daemon (KDED) module, which allows users and distributors to permanently disable it if they like. You can also disable just the popup on System Settings' Notifications page, accessible from the configure button in the notification's header.

Ultimately the decision to do this came down to the following factors:

— We looked at FOSS peers like Thunderbird and Wikipedia which have similar things (and in Wikipedia's case, the message is vastly more intrusive and naggy). In both cases, it didn't drive everyone away and instead instead resulted in a massive increase in donations that the projects have been able to use to employ lots of people.

- KDE really needs something like this to help our finances grow sustainably in line with our userbase and adoption by vendors and distributors.

The blog post also answers the question: what are you going to do with all that money? This is a question the KDE e.V. board of directors as a whole would need to answer, and any decision on it will be made collectively. But as one of the five members on that board, I can tell you my personal answer and the one that as your representative, I'd advocate for. It's basically the platform I ran on two years ago: extend an offer of full-time employment to our current people, and hire even more! I want us to end up with paid QA people and distro developers, and even more software engineers. I want us to fund the creation of a next-generation KDE OS we can offer directly to institutions looking to switch to Linux, and a hardware certification program to go along with it. I want us to to extend our promotional activities and outreach to other major distros and vendors and pitch our software to them directly. I want to see Ubuntu, Red Hat Enterprise Linux, and SUSE Linux Enterprise Desktop ship Plasma by default. I want us to use this money to take over the world — with freedom, empowerment, and kindness.

These have been dreams for a long time, and throughout KDE we've been slowly moving towards them over the years. With a lot more money, we can turbocharge the pace! If that stuff sounds good, you can start with a donation today.

A reaction from GamingOnLinux: I think it is fair for KDE to expose that they need funding and asking that from inside the UI would not hurt for a software that delivered so much for free (as in freedom and as in "gratis").
Linux magazine points out that other new features for 6.2 "include the ability to block apps from inhibiting sleep mode, a new 'fill' mode for wallpaper, an overhauled System Settings Accessibility page, and the usual slew of bug fixes."
Education

MIT CS Professor Tests AI's Impact on Educating Programmers (acm.org) 84

Long-time Slashdot reader theodp writes: "The Impact of AI on Computer Science Education" recounts an experiment Eric Klopfer conducted in his undergrad CS class at MIT. He divided the class into three groups and gave them a programming task to solve in the Fortran language, which none of them knew. Reminiscent of how The Three Little Pigs used straw, sticks, and bricks to build their houses with very different results, Klopfer allowed one group to use ChatGPT to solve the problem, while the second group was told to use Meta's Code Llama LLM, and the third group could only use Google. The group that used ChatGPT, predictably, solved the problem quickest, while it took the second group longer to solve it. It took the group using Google even longer, because they had to break the task down into components.

Then, the students were tested on how they solved the problem from memory, and the tables turned. The ChatGPT group "remembered nothing, and they all failed," recalled Klopfer. Meanwhile, half of the Code Llama group passed the test. The group that used Google? Every student passed.

"This is an important educational lesson," said Klopfer. "Working hard and struggling is actually an important way of learning. When you're given an answer, you're not struggling and you're not learning. And when you get more of a complex problem, it's tedious to go back to the beginning of a large language model and troubleshoot it and integrate it." In contrast, breaking the problem into components allows you to use an LLM to work on small aspects, as opposed to trying to use the model for an entire project, he says. "These skills, of how to break down the problem, are critical to learn."

Apple

Apple Announces 'Find My' For South Korea (appleinsider.com) 8

Apple announced it is planning to bring its Find My service to South Korea in early 2025. Originally released in 2010, the Find My service has been unavailable in South Korea, making it the last country without access to Apple's tracking feature. AppleInsider reports: In July 2024, complaints from users in South Korea reached a point where they were finally petitioning the government to allow Apple's Find My feature to work. Any iPhone made for sale in South Korea had Find My permanently disabled, so it wouldn't work even when the owner was in a different country. Now in a statement on its Korean website, Apple has announced that it plans to bring Find My to the country shortly.

"Apple plans to introduce the 'Find My' network in Korea in the spring of 2025," says a brief statement (in translation). "Users in Korea will soon be able to use the Find My app to find their Apple devices and personal belongings with their personal information protected, and check the location of friends and family." [...] According to the user petition submitted to the National Assembly Petition website of South Korea, Apple has said that Find My is disabled "because of internal policy."

Movies

The Search For the Face Behind Mavis Beacon Teaches Typing (wired.com) 56

An anonymous reader quotes a report from Wired: Jazmin Jones knowswhat she did. "If you're online, there's this idea of trolling," Jones, the director behindSeeking Mavis Beacon, said during a recent panel for her new documentary. "For this project, some things we're taking incredibly seriously ... and other things we're trolling. We're trolling this idea of a detective because we're also, like,ACAB." Her trolling, though, was for a good reason. Jones and fellow filmmaker Olivia Mckayla Ross did it in hopes of finding the woman behind Mavis Beacon Teaches Typing. The popular teaching tool was released in 1987 by The Software Toolworks, a video game and software company based in California that produced educational chess, reading, and math games. Mavis, essentially the "mascot" of the game, is a Black woman donned in professional clothes and a slicked-back bun. Though Mavis Beacon was not an actual person, Jones and Ross say that she is one of the first examples of Black representation they witnessed in tech. Seeking Mavis Beacon, which opened in New York City on August 30 and is rolling out to other cities in September, is their attempt to uncover the story behind the face, which appeared on the tool's packaging and later as part of its interface.

The film shows the duo setting up a detective room, conversing over FaceTime, running up to people on the street, and even tracking down a relative connected to the ever-elusive Mavis. But the journey of their search turned up a different question they didn't initially expect: What are the impacts of sexism, racism, privacy, and exploitation in a world where you can present yourself any way you want to? Using shots from computer screens, deep dives through archival footage, and sit-down interviews, the noir-style documentary reveals that Mavis Beacon is actually Renee L'Esperance, a Black model from Haiti who was paid $500 for her likeness with no royalties, despite the program selling millions of copies. [...]

In a world where anyone can create images of folks of any race, gender, or sexual orientation without having to fully compensate the real people who inspired them, Jones and Ross are working to preserve not only the data behind Mavis Beacon but also the humanity behind the software. On the panel, hosted by Black Girls in Media, Ross stated that the film's social media has a form where users of Mavis Beacon can share what the game has meant to them, for archival purposes. "On some level, Olivia and I are trolling ideas of worlds that we never felt safe in or protected by," Jones said during the panel. "And in other ways, we are honoring this legacy of cyber feminism, historians, and care workers that we are very seriously indebted to."
You can watch the trailer for "Seeking Mavis Beacon" on YouTube.
The Courts

Shrinkwrap 'Contract' Found At Costco On... Collagen Peptides (mastodon.social) 74

Slashdot covered shrinkwrap licenses on software back in 2000 and 2002. But now ewhac (Slashdot reader #5,844) writes: The user Wraithe on the Mastodon network is reporting that a bottle of Vital Proteins(TM) collagen peptides purchased at Costco came with a shrinkwrap contract. Collagen peptides are often used as an anti-aging nutritional supplement. The top of the Vital Proteins bottle has a pull-to-open seal. Printed on the seal is the following: "Read This: By opening and using this product, you agree to be bound by our Terms and Conditions, fully set forth at vitalproteins.com/tc, which includes a mandatory arbitration agreement. If you do not agree to be bound, please return this product immediately."

So-called "shrinkwrap contracts" have been the subject of controversy and derision for decades since their first widespread appearance in the 1970's, attempting to alter the terms of sale after the fact, impose unethical and onerous restrictions on the purchaser, and absolving the vendor of all liability. Most such contracts appear on items involving copyrighted works (computer software, or any item containing computer software). The alleged "validity" of such contracts supposedly proceeds from the (alleged) need that the item requires a copyright license from the vendor to use (because the right to use/read/listen/view/execute is somehow not concomitant with purchase), and that the shrinkwrap contract furnishes such license.

The application of such a contract to a good where copyright has no scope, however, is something new. The alleged contract itself governs consumers' use of, "the VitalProteins.com website and any other applications, content, products, and services (collectively, the "Service")...," contains the usual we're-not-responsible-for-anything indemnification paragraph, and unilaterally removes your right to seek redress in court of law and imposes binding arbitration involving any disputes that may arise between the consumer and the company. Indeed, the arbitration clause is the first numbered section in the alleged contract.

The same contract has been spotted by numerous others — including someone who posted about it on Reddit two years ago. ("When I opened it, encountered a vacuum seal with the following 'READ THIS: by opening and using this product, you agree to...'") But the same verbiage still appears in online listings today for the product from Albertsons, Walgreens, and CVS.

Shrinkwrap contracts. They're not just for software any more...
Open Source

How Do You Define 'Open Source AI'? (arstechnica.com) 37

An anonymous reader quotes a report from Ars Technica: The Open Source Initiative (OSI) recently unveiled its latest draft definition for "open source AI," aiming to clarify the ambiguous use of the term in the fast-moving field. The move comes as some companies like Meta release trained AI language model weights and code with usage restrictions while using the "open source" label. This has sparked intense debates among free-software advocates about what truly constitutes "open source" in the context of AI. For instance, Meta's Llama 3 model, while freely available, doesn't meet the traditional open source criteria as defined by the OSI for software because it imposes license restrictions on usage due to company size or what type of content is produced with the model. The AI image generator Flux is another "open" model that is not truly open source. Because of this type of ambiguity, we've typically described AI models that include code or weights with restrictions or lack accompanying training data with alternative terms like "open-weights" or "source-available."

To address the issue formally, the OSI -- which is well-known for its advocacy for open software standards -- has assembled a group of about 70 participants, including researchers, lawyers, policymakers, and activists. Representatives from major tech companies like Meta, Google, and Amazon also joined the effort. The group's current draft (version 0.0.9) definition of open source AI emphasizes "four fundamental freedoms" reminiscent of those defining free software: giving users of the AI system permission to use it for any purpose without permission, study how it works, modify it for any purpose, and share with or without modifications. [...] OSI's project timeline indicates that a stable version of the "open source AI" definition is expected to be announced in October at the All Things Open 2024 event in Raleigh, North Carolina.

Science

A Revolutionary Quantum Compass Could Soon Make GPS-Free Navigation a Reality (scitechdaily.com) 73

America's Department of Energy has three R&D labs, according to Wikipedia, one of which is Sandia National Labs. And that New Mexico-based lab has just announced that "A milestone in quantum sensing is drawing closer, promising exquisitely accurate, GPS-free navigation." with research into "a motion sensor so precise it could minimize the nation's reliance on global positioning satellites." Until recently, such a sensor — a thousand times more sensitive than today's navigation-grade devices — would have filled a moving truck. But advancements are dramatically shrinking the size and cost of this technology. For the first time, researchers from Sandia National Laboratories have used silicon photonic microchip components to perform a quantum sensing technique called atom interferometry, an ultra-precise way of measuring acceleration. It is the latest milestone toward developing a kind of quantum compass for navigation when GPS signals are unavailable. The team published its findings and introduced a new high-performance silicon photonic modulator — a device that controls light on a microchip — as the cover story in the journal Science Advances... The new modulator is the centerpiece of a laser system on a microchip. Rugged enough to handle heavy vibrations, it would replace a conventional laser system typically the size of a refrigerator...

Besides size, cost has been a major obstacle to deploying quantum navigation devices. Every atom interferometer needs a laser system, and laser systems need modulators. "Just one full-size single-sideband modulator, a commercially available one, is more than $10,000," said Sandia scientist Jongmin Lee. Miniaturizing bulky, expensive components into silicon photonic chips helps drive down these costs. "We can make hundreds of modulators on a single 8-inch wafer and even more on a 12-inch wafer," Kodigala said. And since they can be manufactured using the same process as virtually all computer chips, "This sophisticated four-channel component, including additional custom features, can be mass-produced at a much lower cost compared to today's commercial alternatives, enabling the production of quantum inertial measurement units at a reduced cost," Lee said.

As the technology gets closer to field deployment, the team is exploring other uses beyond navigation. Researchers are investigating whether it could help locate underground cavities and resources by detecting the tiny changes these make to Earth's gravitational force. They also see potential for the optical components they invented, including the modulator, in LIDAR, quantum computing, and optical communications.

Thanks to Slashdot reader schwit1 for sharing the news.
Crime

ARRL Pays $1 Million Ransom To Decrypt Their Systems After Attack (bleepingcomputer.com) 95

The nonprofit American Radio Relay League — founded in 1914 — has approximately 161,000 members, according to Wikipedia (with over 7,000 members outside the U.S.)

But sometime in early May its systems network was compromised, "by threat actors using information they had purchased on the dark web," the nonprofit announced this week. The attackers accessed the ARRL's on-site systems — as well as most of its cloud-based systems — using "a wide variety of payloads affecting everything from desktops and laptops to Windows-based and Linux-based servers." Despite the wide variety of target configurations, the threat actors seemed to have a payload that would host and execute encryption or deletion of network-based IT assets, as well as launch demands for a ransom payment, for every system... The FBI categorized the attack as "unique" as they had not seen this level of sophistication among the many other attacks, they have experience with.

Within 3 hours a crisis management team had been constructed of ARRL management, an outside vendor with extensive resources and experience in the ransomware recovery space, attorneys experienced with managing the legal aspects of the attack including interfacing with the authorities, and our insurance carrier. The authorities were contacted immediately as was the ARRL President... [R]ansom demands were dramatically weakened by the fact that they did not have access to any compromising data. It was also clear that they believed ARRL had extensive insurance coverage that would cover a multi-million-dollar ransom payment. After days of tense negotiation and brinkmanship, ARRL agreed to pay a $1 million ransom. That payment, along with the cost of restoration, has been largely covered by our insurance policy...

Today, most systems have been restored or are waiting for interfaces to come back online to interconnect them. While we have been in restoration mode, we have also been working to simplify the infrastructure to the extent possible. We anticipate that it may take another month or two to complete restoration under the new infrastructure guidelines and new standards.

ARRL's called the attack "extensive", "sophisticated", "highly coordinated" and "an act of organized crime". And tlhIngan (Slashdot reader #30335) shared this detail from BleepingComputer.

"While the organization has not yet linked the attack to a specific ransomware operation, sources told BleepingComputer that the Embargo ransomware gang was behind the breach."

Slashdot Top Deals