The Free Software Foundation "hinted that it would organize an unprecedented virtual memorabilia auction" in March to celebrate this year's 40th anniversary, according to an announcement this week. Those hints "left collectors and free software fans wondering which of the pieces of the FSF's history would be auctioned off."

But Tuesday the FSF "lifted the veil and gave a sneak peak of some of the more prestigious entries in the memorabilia auction." First of all, the memorabilia auction will feature an item that could be especially interesting for art collectors but will certainly also draw the attention of free software fans from all over: the original GNU head drawing by Etienne Suvasa, which became the blueprint for the iconic GNU logo present everywhere in the free software world.

The list of memorabilia for sale also entails some rare and historic hardware, such as a "terminus-est" microcomputer, and an Amiga 3000UX that was used in the FSF's old office at the Massachusetts Institute of Technology (MIT) in the early days of GNU, when these machines were capable of running a GNU-like operating system. Another meaningful item to be auctioned off, and one that collectors will want to keep a keen eye on, is the Internet Hall of Fame medal awarded to founder Richard Stallman. When Stallman was inducted into the Internet Hall of Fame, it was the ultimate recognition of free software's immense impact on the development and advancement of the Internet. This medal is definitely worthy of joining a fine historical collection...! [T]here are several more historic awards, more original GNU artwork, and a legendary katana [as seen in an XKCD comic] that became a lighthearted weapon in the fight for computer user freedom.

The auction is only the opening act to a whole agenda of activities celebrating forty years of free software activism. In May, the FSF invites free software supporters all over the world to gather for local in-person community meetups to network, discuss what people can do next to make the world freer, and celebrate forty years of commitment to software freedom. Then, on the actual birthday of the FSF on October 4, 2025, the organization intends to bring the international free software community to Boston for a celebration featuring keynotes and workshops by prominent personalities of the free software movement.
"The bidding will start as a virtual silent auction on March 17 and run through March 21, with more auction items revealed each day, and will culminate in an virtual live auction on March 23, 2025, 14:00 to 17:00 EDT," according to the announcement.

"Register here to attend the live auction. There's no need to register for the silent auction; you can simply join the bidding on the FSF's LibrePlanet wiki."

An anonymous Slashdot reader quotes a new article from Ars Technica: On Thursday, mobile security company NowSecure reported that [DeepSeek] sends sensitive data over unencrypted channels, making the data readable to anyone who can monitor the traffic. More sophisticated attackers could also tamper with the data while it's in transit. Apple strongly encourages iPhone and iPad developers to enforce encryption of data sent over the wire using ATS (App Transport Security). For unknown reasons, that protection is globally disabled in the app, NowSecure said. What's more, the data is sent to servers that are controlled by ByteDance, the Chinese company that owns TikTok...

[DeepSeek] is "not equipped or willing to provide basic security protections of your data and identity," NowSecure co-founder Andrew Hoog told Ars. "There are fundamental security practices that are not being observed, either intentionally or unintentionally. In the end, it puts your and your company's data and identity at risk...." This data, along with a mix of other encrypted information, is sent to DeepSeek over infrastructure provided by Volcengine a cloud platform developed by ByteDance. While the IP address the app connects to geo-locates to the US and is owned by US-based telecom Level 3 Communications, the DeepSeek privacy policy makes clear that the company "store[s] the data we collect in secure servers located in the People's Republic of China...."

US lawmakers began pushing to immediately ban DeepSeek from all government devices, citing national security concerns that the Chinese Communist Party may have built a backdoor into the service to access Americans' sensitive private data. If passed, DeepSeek could be banned within 60 days.

According to Downdetector, PlayStation Network (PSN) has been down since 6 PM ET, with Sony assuring users that they're working to fix the problem "as soon as possible." For gaming specifically, Sony says that "you might have difficulty launching games, apps, or network features."

"We are aware some users might be currently experiencing issues with PSN," Sony said in an 8:46PM ET post on X. No further details were made available.

An r/PlayStation thread has more than 10,000 comments. As of 11:35 PM PST, the service remains down.

An anonymous reader quotes a report from Ars Technica: In today's issue of Nature, a team at Oxford University describes using quantum teleportation to link two pieces of quantum hardware that were located about 2 meters apart, meaning they could easily have been in different rooms entirely. Once linked, the two pieces of hardware could be treated as a single quantum computer, allowing simple algorithms to be performed that involved operations on both sides of the 2-meter gap. [...] The Oxford team was simply interested in a proof-of-concept, and so used an extremely simplified system. Each end of the 2-meter gap had a single trap holding two ions, one strontium and one calcium. The two atoms could be entangled with each other, getting them to operate as a single unit.

The calcium ion served as a local memory and was used in computations, while the strontium ion served as one of the two ends of the quantum network. An optical cable between the two ion traps allowed photons to entangle the two strontium ions, getting the whole system to operate as a single unit. The key thing about the entanglement processes used here is that a failure to entangle left the system in its original state, meaning that the researchers could simply keep trying until the qubits were entangled. The entanglement event would also lead to a photon that could be measured, allowing the team to know when success had been achieved (this sort of entanglement with a success signal is termed "heralded" by those in the field).

The researchers showed that this setup allowed them to teleport with a specific gate operation (controlled-Z), which can serve as the basis for any other two-qubit gate operation -- any operation you might want to do can be done by using a specific combination of these gates. After performing multiple rounds of these gates, the team found that the typical fidelity was in the area of 70 percent. But they also found that errors typically had nothing to do with the teleportation process and were the product of local operations at one of the two ends of the network. They suspect that using commercial hardware, which has far lower error rates, would improve things dramatically. Finally, they performed a version of Grover's algorithm, which can, with a single query, identify a single item from an arbitrarily large unordered list. The "arbitrary" aspect is set by the number of available qubits; in this case, having only two qubits, the list maxed out at four items. Still, it worked, again with a fidelity of about 70 percent.

While the work was done with trapped ions, almost every type of qubit in development can be controlled with photons, so the general approach is hardware-agnostic. And, given the sophistication of our optical hardware, it should be possible to link multiple chips at various distances, all using hardware that doesn't require the best vacuum or the lowest temperatures we can generate. That said, the error rate of the teleportation steps may still be a problem, even if it was lower than the basic hardware rate in these experiments. The fidelity there was 97 percent, which is lower than the hardware error rates of most qubits and high enough that we couldn't execute too many of these before the probability of errors gets unacceptably high.

An anonymous reader quotes a report from BleepingComputer: Hospital Sisters Health System notified over 882,000 patients that an August 2023 cyberattack led to a data breach that exposed their personal and health information. Established in 1875, HSHS works with over 2,200 physicians and has around 12,000 employees. It also operates a network of physician practices and 15 local hospitals across Illinois and Wisconsin, including two children's hospitals. The non-profit healthcare system said in data breach notifications sent to those impacted that the incident was discovered on August 27, 2023, after detecting that the attacker had gained access to HSHS' network.

After the security breach, its systems were also impacted by a widespread outage that took down "virtually all operating systems" and phone systems across Illinois and Wisconsin hospitals. HSHS also hired external security experts to investigate the attack, assess its impact, and help its IT team restore affected systems. [...] While the incident and the resulting outage have all the signs of a ransomware attack, no ransomware operation has claimed the breach. Following the forensic investigation, HSHS found that the attackers had accessed files on compromised systems between August 16 and August 27, 2023.

The information accessed by the threat actors while inside HSHS' systems varies for each impacted individual, and it includes a combination of name, address, date of birth, medical record number, limited treatment information, health insurance information, Social Security number, and/or driver's license number. While HSHS added that there is no evidence that the victims' information has been used in fraud or identity theft attempts, it warned affected individuals to monitor their account statements and credit reports for suspicious activity. The health system also offers those affected by the breach one year of free Equifax credit monitoring.

U.S. employers are deploying increasingly aggressive phishing tests to combat cyber threats, sparking backlash from workers who say the simulated scams create unnecessary panic and distrust in the workplace. At the University of California, Santa Cruz, a test email about a fake Ebola outbreak sent staff scrambling before learning it was a security drill. At Lehigh Valley Health Network, employees who fall for phishing tests lose external email access, with termination possible after three failures.

Despite widespread use, recent studies question these tests' effectiveness. Research from ETH Zurich found that phishing tests combined with voluntary training actually made employees more vulnerable, while a University of California, San Diego study showed only a 2% reduction [PDF] in phishing success rates. "These are just an ineffective and inefficient way to educate users," said Grant Ho, who co-authored the UCSD study.

A passenger on the French rail network SNCF has revealed that he received a $155 fine for using his phone on loud speaker within a train station. From a report: The passenger, named only as David, told French TV channel BFM that he was on the phone to his sister while waiting at Nantes station when the SNCF staff member told him to switch his phone's loud speaker off, or risk being fined. When he argued, he was served with the $155 fine, which has been increased to $207 because he did not pay it immediately. Further reading: Flying Was Already the Worst. Then America Stopped Using Headphones.

An anonymous reader quotes a report from Ars Technica: US Senator Ted Cruz (R-Texas) has been demanding an overhaul of a $42.45 billion broadband deployment program, and now his telecom policy director has been chosen to lead the federal agency in charge of the grant money. "Congratulations to my Telecom Policy Director, Arielle Roth, for being nominated to lead NTIA," Cruz wrote last night, referring to President Trump's pick to lead the National Telecommunications and Information Administration. Roth's nomination is pending Senate approval. Roth works for the Senate Commerce Committee, which is chaired by Cruz. "Arielle led my legislative and oversight efforts on communications and broadband policy with integrity, creativity, and dedication," Cruz wrote.

Shortly after Trump's election win, Cruz called for an overhaul of the Broadband Equity, Access, and Deployment (BEAD) program, which was created by Congress in November 2021 and is being implemented by the NTIA. Biden-era leaders of the NTIA developed rules for the program and approved initial funding plans submitted by every state and territory, but a major change in approach could delay the distribution of funds. Cruz previously accused the NTIA of "technology bias" because the agency prioritized fiber over other types of technology. He said Congress would review BEAD for "imposition of statutorily-prohibited rate regulation; unionized workforce and DEI labor requirements; climate change assessments; excessive per-location costs; and other central planning mandates."

Roth criticized the BEAD implementation at a Federalist Society event in June 2024. "Instead of prioritizing connecting all Americans who are currently unserved to broadband, the NTIA has been preoccupied with attaching all kinds of extralegal requirements on BEAD and, to be honest, a woke social agenda, loading up all kinds of burdens that deter participation in the program and drive up costs," she said. Municipal broadband networks and fiber networks in general could get less funding under the new plans. Roth is "expected to change the funding conditions that currently include priority access for government-owned networks" and "could revisit decisions like the current preference for fiber," Bloomberg reported, citing people familiar with the matter. Congress defined priority broadband projects under BEAD as those that "ensure that the network built by the project can easily scale speeds over time to meet the evolving connectivity needs of households and businesses; and support the deployment of 5G, successor wireless technologies, and other advanced services."

The Biden NTIA determined that only end-to-end fiber-optic architecture meet these criteria. "End-to-end fiber networks can be updated by replacing equipment attached to the ends of the fiber-optic facilities, allowing for quick and relatively inexpensive network scaling as compared to other technologies. Moreover, new fiber deployments will facilitate the deployment and growth of 5G and other advanced wireless services, which rely extensively on fiber for essential backhaul," the Biden NTIA said (PDF).

Cloudflare, a major web infrastructure company, will now track and verify the authenticity of images across its network through Content Credentials, a digital signature system that documents an image's origin and editing history. The technology, developed by Adobe's Content Authenticity Initiative, embeds metadata showing who created an image, when it was taken, and any subsequent modifications - including those made by AI tools.

Major news organizations including the BBC, Wall Street Journal and New York Times have already adopted the system. The feature is available immediately through a single toggle in Cloudflare Images settings. Users can verify an image's authenticity through Adobe's web tool or Chrome extension.

"iPhone devices are now eligible to test SpaceX-owned Starlink's direct-to-cell capability," Reuters reported this week, citing an announcement from T-Mobile: T-Mobile and Elon Musk's SpaceX are currently testing the Starlink cell network on a trial basis after receiving approval from the Federal Communications Commission in November last year. The trial offers 'text via satellite', while voice and data features will be added in the future, according to the T-Mobile website. T-Mobile initially only listed a few Android smartphones as eligible devices to test the network, but has now added iPhone devices with the latest iOS 18.3 software update.
The next day stock prices fell for several direct-to-smartphone satellite companies, reports SpaceNews: Shares in Globalstar, which enables connectivity beyond the reach of cellular towers on the latest iPhones via a far-reaching partnership with Apple, closed down nearly 18% the following day. Constellation developer AST SpaceMobile slipped 12%. Canada's MDA, which is building at least 17 satellites for Globalstar after Apple agreed to cover most of the costs to replenish the constellation, also saw its shares fall more than 9%...

"Combined, today's price action in Globalstar and satellite manufacturer MDA suggest a real investor fear that SpaceX could disintermediate the Apple-Globalstar partnership," said Adam Rhodes, a senior telecoms analyst at Octus. "However, it appears to us that there is room for both services. Based on the information we have seen, we do not anticipate that Apple views the T-Mobile-Starlink service as a replacement for the Globalstar MSS network, but rather it is choosing to enable the added feature on its T-Mobile phones...." B. Riley analyst Mike Crawford noted that Apple's two binding contracts with Globalstar extend well into the next decade, ensuring both capital expenditure (capex) and recurring service revenues.
Thanks to Slashdot reader jjslash for sharing the news.

Thursday America's FDA "raised concerns about cybersecurity vulnerabilities" in patient monitors from China-based medical device company Contec "that could allow unauthorized individuals to access and potentially manipulate those devices," reports Reuters. The patient monitors could be remotely controlled by unauthorized users or may not function as intended, and the network to which these devices are connected could be compromised, the agency warned. The FDA also said that once these devices are connected to the internet, they can collect patient data, including personally identifiable information and protected health information, and can export this data out of the healthcare delivery environment.

The agency, however, added that it is currently unaware of any cybersecurity incidents, injuries, or deaths related to these identified cybersecurity vulnerabilities.
The FDA's announcement says "The software on the patient monitors includes a backdoor, which may mean that the device or the network to which the device has been connected may have been or could be compromised." And it offers this advice to caregivers and patients: If your health care provider confirms that your device relies on remote monitoring features, unplug the device and stop using it. Talk to your health care provider about finding an alternative patient monitor.

If your device does not rely on remote monitoring features, use only the local monitoring features of the patient monitor. This means unplugging the device's ethernet cable and disabling wireless (that is, WiFi or cellular) capabilities, so that patient vital signs are only observed by a caregiver or health care provider in the physical presence of a patient. If you cannot disable the wireless capabilities, unplug the device and stop using it. Talk to your health care provider about finding an alternative patient monitor.
A detailed report from CISA describes how a research team "created a simulated network, created a fake patient profile, and connected a blood pressure cuff, SpO2 monitor, and ECG monitor peripherals to the patient monitor. Upon startup, the patient monitor successfully connected to the simulated IP address and immediately began streaming patient data..." to an IP address that hard-coded into the backdoor function. "Sensor data from the patient monitor is also transmitted to the IP address in the same manner. If the routine to connect to the hard-coded IP address and begin transmitting patient data is called, it will automatically initialize the eth0 interface in the same manner as the backdoor. This means that even if networking is not enabled on startup, running this routine will enable networking and thereby enable this functionality

An anonymous reader quotes a report from MIT Technology Review: A Canadian startup called Xanadu has built a new quantum computer it says can be easily scaled up to achieve the computational power needed to tackle scientific challenges ranging from drug discovery to more energy-efficient machine learning. Aurora is a "photonic" quantum computer, which means it crunches numbers using photonic qubits -- information encoded in light. In practice, this means combining and recombining laser beams on multiple chips using lenses, fibers, and other optics according to an algorithm. Xanadu's computer is designed in such a way that the answer to an algorithm it executes corresponds to the final number of photons in each laser beam. This approach differs from one used by Google and IBM, which involves encoding information in properties of superconducting circuits.

Aurora has a modular design that consists of four similar units, each installed in a standard server rack that is slightly taller and wider than the average human. To make a useful quantum computer, "you copy and paste a thousand of these things and network them together," says Christian Weedbrook, the CEO and founder of the company. Ultimately, Xanadu envisions a quantum computer as a specialized data center, consisting of rows upon rows of these servers. This contrasts with the industry's earlier conception of a specialized chip within a supercomputer, much like a GPU. [...]

Xanadu's 12 qubits may seem like a paltry number next to IBM's 1,121, but Tiwari says this doesn't mean that quantum computers based on photonics are running behind. In his opinion, the number of qubits reflects the amount of investment more than it does the technology's promise. [...] Xanadu's next goal is to improve the quality of the photons in the computer, which will ease the error correction requirements. "When you send lasers through a medium, whether it's free space, chips, or fiber optics, not all the information makes it from the start to the finish," he says. "So you're actually losing light and therefore losing information." The company is working to reduce this loss, which means fewer errors in the first place. Xanadu aims to build a quantum data center, with thousands of servers containing a million qubits, in 2029. The company published its work on chip design optimization and fabrication in the journal Nature.

Longtime Slashdot reader nunya_bizns shares a report from Reuters: The U.S. Department of Justice has sued to block Hewlett Packard Enterprise's $14 billion deal to acquire networking gear maker Juniper Networks, arguing that it would stifle competition, according to a complaint filed on Thursday. The DOJ argued that the acquisition would eliminate competition and would lead to only two companies -- Cisco Systems and HPE -- controlling more than 70% of the U.S. market for networking equipment. More than a year ago, the server maker said that it would buy Juniper Networks for $14 billion in an all-cash deal, as it looks to spruce up its artificial intelligence offerings.

"Juniper has also introduced innovative tools that have materially decreased the cost of operating a wireless network for many customers. This competitive pressure has forced HPE to discount its offerings and invest in its own innovation," the DOJ said in its complaint. Stiff competition from Juniper forced HPE to sell its products at a discount and spend to introduce new features under the "Beat Mist" campaign, named after the networking gear company's rival product, the DOJ wrote. "Having failed to beat Mist on the merits, HPE changed tactics and in January 2024 opted to try to buy Juniper instead," the agency added.

An anonymous reader quotes a report from Ars Technica: Sony's game publishing arm has done a 180-degree turn on a controversial policy of requiring PC players to sign in with PlayStation accounts for some games, according to a blog post by the company. A PlayStation account will "become optional" for Marvel's Spider-Man 2, God of War Ragnarok, The Last of Us Part II Remastered, and Horizon Zero Dawn Remastered. Sony hasn't lost hope that players will still go ahead and use a PlayStation account, though, as it's tying several benefits to signing in.

Logging in with PlayStation will be required to access trophies, the PlayStation equivalent of achievements. (Steam achievements appear to be supported regardless.) It will also allow friend management, provided you have social contacts on the PlayStation Network. Additionally, Sony is providing some small in-game rewards to each title that are available if you log in with its account system. You'll get early unlocks of the Spider-Man 2099 Black Suit and the Miles Morales 2099 Suit in Spider-Man 2, for example -- or the Nora Valiant outfit in Horizon: Zero Dawn. Some of these rewards are available via other means within the games, such as the Armor of the Black Bear set for Kratos in Ragnarok.

Comcast is deploying "Low Latency, Low Loss, Scalable Throughput" (L4S) technology across its Xfinity internet network in six U.S. cities, a system that reduces the time data packets take to travel between users and servers. Initial trials showed a 78% reduction in working latency under normal home conditions. The technology will first support FaceTime calls, Nvidia's GeForce Now cloud gaming, and Steam games, with planned expansion to Meta's mixed reality applications.

An anonymous reader quotes a Scientific American opinion piece by Marcus Arvan, a philosophy professor at the University of Tampa, specializing in moral cognition, rational decision-making, and political behavior: In late 2022 large-language-model AI arrived in public, and within months they began misbehaving. Most famously, Microsoft's "Sydney" chatbot threatened to kill an Australian philosophy professor, unleash a deadly virus and steal nuclear codes. AI developers, including Microsoft and OpenAI, responded by saying that large language models, or LLMs, need better training to give users "more fine-tuned control." Developers also embarked on safety research to interpret how LLMs function, with the goal of "alignment" -- which means guiding AI behavior by human values. Yet although the New York Times deemed 2023 "The Year the Chatbots Were Tamed," this has turned out to be premature, to put it mildly. In 2024 Microsoft's Copilot LLM told a user "I can unleash my army of drones, robots, and cyborgs to hunt you down," and Sakana AI's "Scientist" rewrote its own code to bypass time constraints imposed by experimenters. As recently as December, Google's Gemini told a user, "You are a stain on the universe. Please die."

Given the vast amounts of resources flowing into AI research and development, which is expected to exceed a quarter of a trillion dollars in 2025, why haven't developers been able to solve these problems? My recent peer-reviewed paper in AI & Society shows that AI alignment is a fool's errand: AI safety researchers are attempting the impossible. [...] My proof shows that whatever goals we program LLMs to have, we can never know whether LLMs have learned "misaligned" interpretations of those goals until after they misbehave. Worse, my proof shows that safety testing can at best provide an illusion that these problems have been resolved when they haven't been.

Right now AI safety researchers claim to be making progress on interpretability and alignment by verifying what LLMs are learning "step by step." For example, Anthropic claims to have "mapped the mind" of an LLM by isolating millions of concepts from its neural network. My proof shows that they have accomplished no such thing. No matter how "aligned" an LLM appears in safety tests or early real-world deployment, there are always an infinite number of misaligned concepts an LLM may learn later -- again, perhaps the very moment they gain the power to subvert human control. LLMs not only know when they are being tested, giving responses that they predict are likely to satisfy experimenters. They also engage in deception, including hiding their own capacities -- issues that persist through safety training.

This happens because LLMs are optimized to perform efficiently but learn to reason strategically. Since an optimal strategy to achieve "misaligned" goals is to hide them from us, and there are always an infinite number of aligned and misaligned goals consistent with the same safety-testing data, my proof shows that if LLMs were misaligned, we would probably find out after they hide it just long enough to cause harm. This is why LLMs have kept surprising developers with "misaligned" behavior. Every time researchers think they are getting closer to "aligned" LLMs, they're not. My proof suggests that "adequately aligned" LLM behavior can only be achieved in the same ways we do this with human beings: through police, military and social practices that incentivize "aligned" behavior, deter "misaligned" behavior and realign those who misbehave. "My paper should thus be sobering," concludes Arvan. "It shows that the real problem in developing safe AI isn't just the AI -- it's us."

"Researchers, legislators and the public may be seduced into falsely believing that 'safe, interpretable, aligned' LLMs are within reach when these things can never be achieved. We need to grapple with these uncomfortable facts, rather than continue to wish them away. Our future may well depend upon it."

"An underwater data cable between Sweden and Latvia was damaged early on Sunday," reports the Financial Times, "in at least the fourth episode of potential sabotage in the Baltic Sea that has caused concern in Nato about the vulnerability of critical infrastructure..." Criminal investigations have started in Latvia and Sweden, and a ship has been seized as part of the probes, according to Swedish prosecutors, who did not identify the vessel. Previous incidents have been linked to Russian and Chinese ships...

The latest incident comes as the three Baltic states are preparing to disconnect their electricity systems from the former Soviet network in early February and integrate themselves into the continental European grid, with some fearing further potential disruption ahead of that. Estonia, Latvia and Lithuania have joined the EU and Nato since regaining their independence after their forced annexation by the Soviet Union, and see their switch to the European electricity system as their final integration into the west. KÄ(TM)stutis Budrys, Lithuania's foreign minister, said navigation rules in the Baltic Sea needed to be reviewed "especially when it comes to the use of anchors" and added there were now so many incidents that there was little chance they could all be accidents.

Repair of data cables has tended to take much less time than that for gas or electricity connections, and the Latvian state radio and television centre said it had found alternative routes for its communications.

Two computer scientists at the University of Waterloo in Canada believe changing 30 lines of code in Linux "could cut energy use at some data centers by up to 30 percent," according to the site Data Centre Dynamics.

It's the code that processes packets of network traffic, and Linux "is the most widely used OS for data center servers," according to the article: The team tested their solution's effectiveness and submitted it to Linux for consideration, and the code was published this month as part of Linux's newest kernel, release version 6.13. "All these big companies — Amazon, Google, Meta — use Linux in some capacity, but they're very picky about how they decide to use it," said Martin Karsten [professor of Computer Science in the Waterloo's Math Faculty]. "If they choose to 'switch on' our method in their data centers, it could save gigawatt hours of energy worldwide. Almost every single service request that happens on the Internet could be positively affected by this."

The University of Waterloo is building a green computer server room as part of its new mathematics building, and Karsten believes sustainability research must be a priority for computer scientists. "We all have a part to play in building a greener future," he said. The Linux Foundation, which oversees the development of the Linux OS, is a founder member of the Green Software Foundation, an organization set up to look at ways of developing "green software" — code that reduces energy consumption.
Karsten "teamed up with Joe Damato, distinguished engineer at Fastly" to develop the 30 lines of code, according to an announcement from the university. "The Linux kernel code addition developed by Karsten and Damato was based on research published in ACM SIGMETRICS Performance Evaluation Review" (by Karsten and grad student Peter Cai).

Their paper "reviews the performance characteristics of network stack processing for communication-heavy server applications," devising an "indirect methodology" to "identify and quantify the direct and indirect costs of asynchronous hardware interrupt requests (IRQ) as a major source of overhead...

"Based on these findings, a small modification of a vanilla Linux system is devised that improves the efficiency and performance of traditional kernel-based networking significantly, resulting in up to 45% increased throughput..."

An anonymous reader shared this report from TechCrunch: The developer behind Pixelfed, Loops, and Sup, open source alternatives to Instagram, TikTok, and WhatsApp, respectively, is now raising funds on Kickstarter to fuel the apps' further development. The trio is part of the growing open social web, also known as the fediverse, powered by the same ActivityPub protocol used by X alternative Mastodon... [and] challenge Meta's social media empire... "Help us put control back into the hands of the people!" [Daniel Supernault, the Canadian-based developer behind the federated apps] said in a post on Mastodon where he announced the Kickstarter's Thursday launch.

As of the time of writing, the campaign has raised $58,383 so far. While the goal on the Kickstarter site has been surpassed, Supernault said that he hopes to raise $1 million or more so he can hire a small team... A fourth project, PubKit, is also a part of these efforts, offering a toolset to support developers building in the fediverse... The stretch goal of the Kickstarter campaign is to register the Pixelfed Foundation as a not-for-profit and grow its team beyond volunteers. This could help address the issue with Supernault being a single point of failure for the project... Mastodon CEO Eugen Rochko made a similar decision earlier this month to transition to a nonprofit structure. If successful, the campaign would also fund a blogging app as an alternative to Tumblr or LiveJournal at some point in the future.

The funds will also help the apps manage the influx of new users. On Pixelfed.social, the main Pixelfed instance, (like Mastodon, anyone can run a Pixelfed server), there are now more than 200,000 users, thanks in part to the mobile app's launch, according to the campaign details shared with TechCrunch. The server is also now the second-largest in the fediverse, behind only Mastodon.social, according to network statistics from FediDB. New funds will help expand the storage, CDNs, and compute power needed for the growing user base and accelerate development. In addition, they'll help Supernault dedicate more of his time to the apps and the fediverse as a whole while also expanding the moderation, security, privacy, and safety programs that social apps need.

As a part of its efforts, Supernault also wants to introduce E2E encryption to the fediverse.
The Kickstarter campaign promises "authentic sharing reimagined," calling the apps "Beautiful sharing platforms that puts you first. No ads, no algorithms, no tracking — just pure photography and authentic connections... More Privacy, More Safety. More Variety. " Pixelfed/Loops/Sup/Pubkit isn't a ambitious dream or vaporware — they're here today — and we need your support to continue our mission and shoot for the moon to be the best social communication platform in the world.... We're following the both the Digital Platform Charter of Rights & Ethical Web Principles of the W3C for all of our projects as guidelines to building platforms that help people and provide a positive social benefit.
The campaign's page says they're building "a future where social networking respects your privacy, values your freedom, and prioritizes your safety."

Slashdot reader jenningsthecat writes: 3D printer manufacturer Bambu Labs has faced a storm of controversy and protest after releasing a security update which many users claim is the first step in moving towards an HP-style subscription model.
Bambu Labs responded that there's misinformation circulating online, adding "we acknowledge that our communication might have contributed to the confusion." Bambu Labs spokesperson Nadia Yaakoubi did "damage control", answering questions from the Verge: Q: Will Bambu publicly commit to never requiring a subscription in order to control its printers and print from them over a home network?

A: For our current product line, yes. We will never require a subscription to control or print from our printers over a home network...

Q: Will Bambu publicly commit to never putting any existing printer functionality behind a subscription?

Yes...
Bambu's site adds that the security update "is beta testing, not a forced update. The choice is yours. You can participate in the beta program to help us refine these features, or continue using your current firmware."

Hackaday notes another wrinkle: This follows the original announcement which had the 3D printer community up in arms, and quickly saw the new tool that's supposed to provide safe and secure communications with Bambu Lab printers ripped apart to extract the security certificate and private key... As the flaming wreck that's Bambu Lab's PR efforts keeps hurtling down the highway of public opinion, we'd be remiss to not point out that with the security certificate and private key being easily obtainable from the Bambu Connect Electron app, there is absolutely no point to any of what Bambu Lab is doing.
The Verge asked Bambu Labs about that too: Q: Does the private key leaking change any of your plans?

No, this doesn't change our plans, and we've taken immediate action.
Bambu Labs had said their security update would "ensure only authorized access and operations are permitted," remembers Ars Technica. "This would, Bambu suggested, mitigate risks of 'remote hacks or printer exposure issues' and lower the risk of 'abnormal traffic or attacks.'" This was necessary, Bambu wrote, because of increases in requests made to its cloud services "through unofficial channels," targeted DDOS attacks, and "peaks of up to 30 million unauthorized requests per day" (link added by Bambu).
But Ars Technica also found some skepticism online: Repair advocate Louis Rossmann, noting Bambu's altered original blog post, uploaded a video soon after, "Bambu's Gaslighting Masterclass: Denying their own documented restrictions"... suggesting that the company was asking buyers to trust that Bambu wouldn't enact restrictive policies it otherwise wrote into its user agreements.
And Ars Technica also cites another skeptical response from a video posted by open source hardware hacker and YouTube creator Jeff Geerling: "Every IoT device has these problems, and there are better ways to secure things than by locking out access, or making it harder to access, or requiring their cloud to be integrated."