News

How confident are we about the safety of commercial space tourism? Long-time Slashdot reader theodp writes: It's one thing for Microsoft to boast that they dare to use Outlook instead of Gmail. But it took a whole other level of commitment for Jeff Bezos to join his brother Mark aboard Blue Origin's first passenger-carrying mission in July 2021. So, while Bezos is unhesitant about sending himself and other celebrities and loved ones into space aboard Blue Origin, how confident are you about the current state of space travel safety? If offered a free ride into space from Bezos's Blue Origin, or one of the other options like Virgin Galactic, Axiom Space, or Boeing's Starliner, would you accept or decline it? Share your own thoughts and answers in the comments. Would you accept a free ride into space?

Read more of this story at Slashdot.

Can a new 3D-printing technique shorten 3D printing times to just seconds? A team of researchers in Europe has modified Tomographic Volumetric Additive Manufacturing, which can "create entire objects in one shot by shining light patterns into liquid resin," according to the 3D Printing Industry blog. (The liquid resin then solidifies when the light intensity is high enough...) While this approach can fabricate support-free, micro-scale parts within tens of seconds, it is "highly inefficient." This is because under 1% of the encoded light reaches the resin vial. Conventional TVAM can also lead to unwanted distortions and poor resolution due to light blurring and projection artifacts. To address these limitations, the researchers developed HoloVAM, a new technique that uses a 3D hologram instead of conventional volumetric light projections. This approach reportedly boosts light efficiency by 20 times, resulting in faster and more accurate 3D printing. According to their paper, published in Nature Communications, HoloVAM successfully fabricated several millimeter-scale objects in under 60 seconds with fine details as small as 31 micrometers... They believe this new approach offers value for medical bioprinting applications, thanks to HoloVAM's use of "self-healing beams." These can generate and retain their shape when passing through materials, which is particularly valuable when 3D printing with cell-laden bio-resins and hydrogels. Thanks to Slashdot reader BizarreVR for sharing the news.

Read more of this story at Slashdot.

Petawatt lasers have already allowed scientists to "manipulate materials in new ways, emulate the conditions inside planets, and even split atoms," reports Science magazine. "Now, accelerator physicists have matched that feat, producing petawatt pulses of electrons that could also have spectacular applications..." Described in a paper published Thursday in Physical Review Letters, the electron pulses last one-quadrillionth of a second but carry 100 kiloamps of current. "It's a supercool experiment," says Sergei Nagaitsev, an accelerator physicist at Brookhaven National Laboratory who was not involved in the work. Richard D'Arcy, a plasma accelerator physicist at the University of Oxford, adds, "It's not just an experimental demonstration of something interesting, it's a steppingstone on the way to megaamp beams." If achievable, those even more powerful beams might begin to perform extraordinary feats such as ripping particles out of empty space, he says... [A]mped-up lasers would open the way to, for example, probing chemical processes as they happen, says Sergei Nagaitsev [an accelerator physicist at Brookhaven National Laboratory who was not involved in the experiment]. "These are the easy pickings." An ultraintense electron pulse could also be used to generate plasmas like those seen in astrophysics, such as the jets of matter and radiation that shoot out of certain stellar explosions at near-light-speed. Researchers need only fire the electron beam into the right target. "This is a fantastic relativistic drill," Ferrario says. "The interaction of this with matter could be very interesting." Superintense electron bunches might someday even probe the nature of empty space. They produce a hugely intense electric field, so if one of them were to collide with an ultraintense laser pulse, which also contains a huge electric field, it would expose space to an incredibly strong electrical polarization, D'Arcy notes. If that field is strong enough, it should begin to rip particle-antiparticle pairs out of the vacuum, a phenomenon predicted by quantum physics but never observed. "You can access areas of particle physics that are inaccessible elsewhere," Darcy says. Thanks to Slashdot reader sciencehabit for sharing the article.

Read more of this story at Slashdot.

A malicious PyPi package effectively turned its users' systems "into an illicit network for facilitating bulk music downloads," writes The Hacker News. Though the package has been removed from PyPI, researchers at security platform Socket.dev say it enabled "coordinated, unauthorized music downloads from Deezer — a popular streaming service founded in France in 2007." Although automslc, which has been downloaded over 100,000 times, purports to offer music automation and metadata retrieval, it covertly bypasses Deezer's access restrictions... The package is designed to log into Deezer, harvest track metadata, request full-length streaming URLs, and download complete audio files in clear violation of Deezer's API terms... [I]t orchestrates a distributed piracy operation by leveraging both user-supplied and hardcoded Deezer credentials to create sessions with Deezer's API. This approach enables full access to track metadata and the decryption tokens required to generate full-length track URLs. Additionally, the package routinely communicates with a remote server... to update download statuses and submit metadata, thereby centralizing control and allowing the threat actor to monitor and coordinate the distributed downloading operation. In doing so, automslc exposes critical track details — including Deezer IDs, International Standard Recording Codes, track titles, and internal tokens like MD5_ORIGIN (a hash used in generating decryption URLs) — which, when collected en masse, can be used to reassemble full track URLs and facilitate unauthorized downloads... Even if a user pays for access to the service, the content is licensed, not owned. The automslc package circumvents licensing restrictions by enabling downloads and potential redistribution, which is outside the bounds of fair use... "The malicious package was initially published in 2019, and its popularity (over 100,000 downloads) indicates wide distribution..."

Read more of this story at Slashdot.

Watch the "Blue Ghost" lunar lander attempt its moon landing. The actual landing is scheduled to happen at 3:34 a.m. Eastern time, according to CNN, while "The first images from the mission should be delivered about a half hour after..." Success is not guaranteed... [B]roadly speaking, about half of all lunar landing attempts have ended in failure. Jason Kim, Firefly's CEO, told CNN in December that his company's experience building rockets has given him a high degree of confidence in Blue Ghost's propulsion systems. "We're using (reaction control system) thrusters that we've built, developed in-house, that are designed by the same people that design our rocket engines. That reduces risk," Kim said. "All that gives us high confidence when we have people that do rocket engines really, really well — some of the best in the world." But the New York Times notes that Blue Ghost, built by Austin, Texas-based Firefly Aerospace, is just one of three robotic spacecraft "in space right now that are aiming to set down on the moon's surface." Blue Ghost has performed nearly perfectly. For the first 25 days, it circled Earth as the company turned on and checked the spacecraft's systems. It then fired its engine on a four-day journey toward the moon, entering orbit on February 13. The spacecraft's cameras have recorded close-up views of the moon's cratered surface... On the same SpaceX Falcon 9 rocket that launched Blue Ghost to orbit was Resilience, a lunar lander built by Ispace of Japan. The two missions are separate, but Ispace, seeking a cheaper ride to space, had asked SpaceX for a rideshare, that is, hitching a ride as a secondary payload... Although Resilience launched at the same time as Blue Ghost, it is taking a longer, more fuel-efficient route to the moon and is expected to enter orbit around the moon in early May. The third lunar lander heading to the moon is Athena (from Intuitive Machines), which launched Thursday on a SpaceX Falcon 9 rocket, "marking the first time humanity has had three lunar landers en route to the Moon at the same time," according to a statement from the company. Space.com notes that "To date, just one private spacecraft has ever landed successfully on the moon — Intuitive Machines' Odysseus, which did so in February 2024." Athena launched with several other spacecraft last night, including Odin, a scouting probe built by the asteroid-mining company Astroforge, and NASA's water-hunting Lunar Trailblazer. Lunar Trailblazer is also moon-bound, though it's headed for orbit rather than the surface...

Read more of this story at Slashdot.

Adafruit managing director Phillip Torrone (also long-time Slashdot reader ptorrone) shared an interesting blog post. They'd spotted a Reddit post "detailing how someone took a 27-year-old visual basic EXE file, fed it to Claude 3.7, and watched as it reverse-engineered the program and rewrote it in Python." It was an old Visual Basic 4 program they had written in 1997. Running a VB4 exe in 2024 can be a real yak-shaving compatibility nightmare, chasing down outdated DLLs and messy workarounds. So! OP decided to upload the exe to Claude 3.7 with this request: "Can you tell me how to get this file running? It'd be nice to convert it to Python."> Claude 3.7 analyzed the binary, extracted the VB 'tokens' (VB is not a fully-machine-code-compiled language which makes this task a lot easier than something from C/C++), identified UI elements, and even extracted sound files. Then, it generated a complete Python equivalent using Pygame. According to the author, the code worked on the first try and the entire process took less than five minutes... Torrone speculates on what this might mean. "Old business applications and games could be modernized without needing the original source code... Tools like Claude might make decompilation and software archaeology a lot easier: proprietary binaries from dead platforms could get a new life in open-source too." And maybe Archive.org could even add an LLM "to do this on the fly!"

Read more of this story at Slashdot.

NBC News reports that Utah could make history as America's first state to ban fluoride in public water systems — even though major medical associations supporting water fluoridation: If signed into law [by the governor], HB0081 would prevent any individual or political subdivision from adding fluoride "to water in or intended for public water systems..." A report published recently in JAMA Pediatrics found a statistically significant association between higher fluoride exposure and lower children's IQ scores — but the researchers did not suggest that fluoride should be removed from drinking water. According to the report's authors, most of the 74 studies they reviewed were low-quality and done in countries other than the United States, such as China, where fluoride levels tend to be much higher, the researchers noted. An Australian study published last year found no link between early childhood exposure to fluoride and negative cognitive neurodevelopment. Researchers actually found a slightly higher IQ in kids who consistently drank fluoridated water. The levels in Australia are consistent with U.S. recommendations. Major public health groups, including the American Academy of Pediatrics, the American Dental Association and the CDC — which says drinking fluoridated water keeps teeth strong and reduces cavities — support adding fluoride to water. The article notes that since 2010 over 150 U.S. towns or counties have voted to keep fluoride out of public water systems or to stop adding it to their water (according to the anti-fluoride group "Fluoride Action Network"). But this week the American Dental Association (representing 159,000 members) urged Utah's governor not to become " the only state to end this preventive health practice that has been in place for over three quarters of a century." Thanks to Slashdot reader fjo3 for sharing the news.

Read more of this story at Slashdot.

"Tens of thousands of users were unable to access various Microsoft programs on Saturday afternoon," reports CNBC: "We're investigating an issue in which users may be unable to access Outlook features and services," Microsoft 365 Status, the official Microsoft account for 365 service incidents, said in a post on X... The number of reports that services such as Microsoft Outlook, Microsoft Exchange, Microsoft Teams, Microsoft 365 and Microsoft Azure were down spiked after 3:30 p.m. ET. More than 37,000 individuals reported an Outlook outage and roughly 24,000 reported an outage in the tech company's 365 service, according to Downdetector, while roughly 150 users reported their Teams accounts were down. One hour ago Microsoft posted on X.com that "We've identified a potential cause of impact and have reverted the suspected code to alleviate impact. We're monitoring telemetry to confirm recovery..." Minutes later they added that "Our telemetry indicates that a majority of impacted services are recovering following our change. We'll keep monitoring until impact has been resolved for all services." And the official status page for Microsoft Office says "We've confirmed that reverting the impacting service update has returned the service to a healthy state. We've entered a period of extended monitoring to ensure that the service remains stable, and to address any outstanding impact to other Microsoft 365 services."

Read more of this story at Slashdot.

Long-time Slashdot reader MojoKid writes: AMD took the wraps of its next gen RDNA 4 consumer graphics architecture Friday, which was designed to enhance efficiency over the previous generation, while also optimizing performance for today's more taxing ray-traced gaming and AI workloads. RDNA 4 features next generation Ray Tracing engines, dedicated hardware for AI and ML workloads, better bandwidth utilization, and multimedia improvements for both gaming and content creation. AMD's 3rd generation Ray Accelerators in RDNA offer 2x the peak throughput of RDNA 3 and add support for a new feature called Oriented Bounding Boxes, that results in more efficient GPU utilization. 3rd Generation Matrix Accelerators are also present, which offer improved performance, along with support for 8-bit float data types, with structured sparsity. The first cards featuring RDNA 4, the Radeon RX 9070 and 9070 XT go on sale next week, with very competitive MSRPs below $600, and are expected to do battle with NVIDIA's GeForce RTX 5070-class GPUs The article calls it "a significant step forward" for AMD, adding that next week is "going to be very busy around here. NVIDIA is launching the final, previously announced member of the RTX 50 series and AMD will unleash the 9070 and 9070 XT."

Read more of this story at Slashdot.

"We need a license to allow us to make some of the basic functionality of Firefox possible," Mozilla explained Wednesday in a clarification a recent Terms of Use update. "Without it, we couldn't use information typed into Firefox, for example. It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice." But Friday they went further, and revised those new Terms of Use "to more clearly reflect the limited scope of how Mozilla interacts with user data," according to a Mozilla blog post. More details from the Verge: The particular language that drew criticism was: "When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox." That language has been removed. Now, the language in the terms says: "You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content...." Friday's post additionally provides some context about why the company has "stepped away from making blanket claims that 'We never sell your data.'" Mozilla says that "in some places, the LEGAL definition of 'sale of data' is broad and evolving," and that "the competing interpretations of do-not-sell requirements does leave many businesses uncertain about their exact obligations and whether or not they're considered to be 'selling data.'" Mozilla says that "there are a number of places where we collect and share some data with our partners" so that Firefox can be "commercially viable," but it adds that it spells those out in its privacy notice and works to strip data of potentially identifying information or share it in aggregate.

Read more of this story at Slashdot.

Hidden layers of rock below the surface of Mars "strongly suggest" the presence of an ancient ocean, according to an international team of scientists including researchers at Penn State. From the university's announcement: The new research offers the clearest evidence yet that the planet once contained a significant body of water and a more habitable environment for life, according to Benjamin Cardenas, assistant professor of geology at Penn State and co-author on the study. "We're finding places on Mars that used to look like ancient beaches and ancient river deltas," Cardenas said. "We found evidence for wind, waves, no shortage of sand — a proper, vacation-style beach." The Zhurong rover landed on Mars in 2021 in an area known as Utopia Planitia and sent back data on the geology of its surroundings in search of signs of ancient water or ice. Unlike other rovers, it came equipped with rover-penetrating radar, which allowed it to explore the planet's subsurface, using both low and high-frequency radar to penetrate the Martian soil and identify buried rock formations. By studying the underground sedimentary deposits, scientists are able to piece together a more complete picture of the red planet's history, Cardenas explained. When the team reviewed radar data, it revealed a similar layered structure to beaches on Earth: formations called "foreshore deposits" that slope downwards towards oceans and form when sediments are carried by tides and waves into a large body of water. "This stood out to us immediately because it suggests there were waves, which means there was a dynamic interface of air and water," Cardenas said. "When we look back at where the earliest life on Earth developed, it was in the interaction between oceans and land, so this is painting a picture of ancient habitable environments, capable of harboring conditions friendly toward microbial life." When the team compared the Martian data with radar images of coastal deposits on Earth, they found striking similarities, Cardenas said. The dip angles observed on Mars fell right within the range of those seen in coastal sedimentary deposits on Earth... The study also provided new information on the evolution of the Martian environment, suggesting that a life-friendly warm and wet period spanned potentially tens of millions of years. Mars "was evolving," Cardenas says in the announcement. "Rivers were flowing, sediment was moving, and land was being built and eroded. "This type of sedimentary geology can tell us what the landscape looked like, how they evolved, and, importantly, help us identify where we would want to look for past life." CNN notes that the research was published Monday in the journal Proceedings of the National Academy of Sciences.

Read more of this story at Slashdot.

Active since 1995, the Comprehensive Perl Archive Network (or CPAN) hosts 221,742 Perl modules written by 14,548 authors. This week they announced that the CPAN Security Group "was authorized by the CVE Program as a CVE Numbering Authority (CNA)" to assign and manage CVE vulnerability identifications for Perl and CPAN Modules. "This is great news!" posted Linux kernel maintainer Greg Kroah-Hartman on social media, saying the announcement came "Just in time for my talk about this very topic in a few weeks about how all open source projects should be doing this" at the Linux Foundation Member Summit in Napa, California. And Curl creator Daniel Stenberg posted "I'm with Greg Kroah-Hartman on this: all Open Source projects should become CNAs. Or team up with others to do it." (Also posting "Agreed" to the suggestion was Seth Larson, the Python Software Foundation's security developer-in-residence involved in their successful effort to become a CNA in 2023.) 444 CNAs have now partnered with the CVE Program, according to their official web site. The announcement from PerlMonks.org: Years ago, a few people decided during the Perl Toolchain Summit (PTS) that it would be a good idea to join forces, ideas and knowledge and start a group to monitor vulnerabilities in the complete Perl ecosystem from core to the smallest CPAN release. The goal was to follow legislation and CVE reports, and help authors in taking actions on not being vulnerable anymore. That group has grown stable over the past years and is now known as CPANSec. The group has several focus areas, and one of them is channeling CVE vulnerability issues. In that specific goal, a milestone has been reached: CPANSec has just been authorized as a CVE Numbering Authority (CNA) for Perl and modules on CPAN

Read more of this story at Slashdot.

San Francisco-based biotech startup Loyal says a drug it developed to increase dogs' lifespan "has passed a significant milestone on the way to regulatory approval," reports the Washington Post: The Food and Drug Administration certified the daily pill as having a "reasonable expectation of effectiveness" at extending senior dogs' lifespans. The regulator's Center for Veterinary Medicine still has to certify that the drug is safe and that Loyal can manufacture it at scale before vets can prescribe the pill to dogs 10 years or older that weigh 14 pounds or more. Loyal's CEO, Celine Halioua, estimates that the process should be complete by the end of 2025 and called the FDA's initial recognition "a key step" to extending dogs' lives... In the past decade, a subculture of tech entrepreneurship has focused on helping people stave off death, hawking custom-made dietary supplements and $2,500 full-body MRIs and investing in the development of antiaging drugs, among many other efforts. According to data firm Pitchbook, about $900 million in venture capital has been poured into antiaging and longevity start-ups in the past 12 months. Loyal has raised more than $150 million in venture funding since its 2019 founding to develop lifespan-extending drugs initially focused on canines. Launching veterinary drugs is in some ways easier than winning approval for human treatments. Because dogs and humans have evolved alongside one another, Halioua hopes to eventually apply her findings about pets to help prolong their owners' lives. "If we can successfully delay the onset and severity of age-related diseases in dogs, it's extremely compelling evidence that it will also do that in humans," Halioua said. The biological processes of aging unfold faster in dogs because they live such short lives, she said, helping researchers and entrepreneurs probe how they work. "Loyal's pill is a result of research into how to mimic the life-extending benefit of caloric restriction without the appetite suppression," according to the article, "and without the need for an owner to restrict their dog's food. "The drug aims to improve a dog's metabolic fitness, or the body's ability to convert nutrients into energy and regulate hormones, which declines in humans and canines with age..."

Read more of this story at Slashdot.

Magnus Carlsen "announced this week that he is auctioning off the Italian luxury brand jeans that started a dress code dispute at December's World Rapid and Blitz Chess Championships," reports the Associated Press. ("Condition: Pre-owned," says the listing on eBay, where by Friday night bidding on the charitable auction was up to $14,100.) But Carlsen drew more attention on The Joe Rogan Experience last week — partly by saying "I have no chance against my phone." (Although he'd also described beating a fan's computer program, according to Firstpost, by playing "some kind of anti-computer chess, where I just closed up the position as much as possible and gave it as few possibilities as possible to out-calculate me.") Carlsen admitted that he rarely plays against chess engines due to their overwhelming strength, but acknowledged their value as training tools. "I rarely play against engines at all because they just make me feel so stupid and useless. So, I think of them more as a tool than anything else." And this led Carlsen to add "If I started cheating, you would never know," reports Indian Express: It's not just a throwaway line about cheating either. On a two-hour-long podcast, where he touches on mostly everything under the sun, Carlsen fixates on cheating in chess. He also details how a player of his calibre would need very little to cheat in chess. "I would just get a move here and there (from an aide). Or maybe if I am playing in a tournament I just find a system where I get somebody to signal to me when there's a critical moment: a certain moment where a certain move is much better than the others. That's really all I would need to go from being the best to being practically unbeatable. There's so little you need in chess (to cheat). It really is a scary situation," Carlsen said before pointing out how in 2010 the captain of the French chess team was helping a teammate decide his next move at the Olympiad just by standing in specific spots around the table... "If you're not cheating in a dumb way, there rarely is going to be a smoking gun. And without that smoking gun it is going to be really hard to catch people," Carlsen admits on the podcast... "As long as there are monetary incentives for people to cheat, there will be cheating in chess," says Carlsen on the podcast. The article adds that Carlsen does not believe Hans Niemann used anal beads to cheat — and that he thinks Niemann has become a much better chess player since the incident. But... "Top level chess has been based on trust a lot. I don't trust Niemann. Other top players still don't trust him and he doesn't trust me," says Carlsen. "There is still something off about him now. We played an over-the-board tournament in Paris last year where there was increased security and he didn't play at nearly the same level there."

Read more of this story at Slashdot.

"Tesla is taking steps to launch a ride-sharing service that could compete directly with Uber, Lyft and Waymo," reports Axios, noting that Tesla "has filed for a transportation charter-party carrier permit from the California Public Utilities Commission, Bloomberg reported Thursday." "That classification means Tesla would own and control the fleet of vehicles," Bloomberg reported... "In its communications with California officials, Tesla discussed driver's license information and drug-testing coordination, suggesting the company intends to use human drivers, at least initially," Bloomberg reported. The company is seeking the same type of permit that Waymo uses to run its robotaxi business.Uber is gearing up to begin offering autonomous vehicle services in partnership with Waymo in Austin and Atlanta later this year. The article also adds that Musk "told investors in January that 'I'm confident that we will release unsupervised FSD in California this year,' referring to the company's Full Self-Driving system." But "Tesla has yet to apply for a permit to operate driverless vehicles..." notes the EV blog Electrek, adding "This is just a step for Tesla to test ride-hailing services ahead of autonomy." Reuters also points out that "Earlier in October, Tesla revealed the Cybercab, a robotaxi concept that had no steering wheel or control pedals... He has said the Cybercab will go into production in 2026 and will also be available for customers to buy for less than $30,000."

Read more of this story at Slashdot.

Memory safety bugs are "eroding trust in technology and costing billions," argues a new post on Google's security blog — adding that "traditional approaches, like code auditing, fuzzing, and exploit mitigations — while helpful — haven't been enough to stem the tide." So the blog post calls for a "common framework" for "defining specific, measurable criteria for achieving different levels of memory safety assurance." The hope is this gives policy makers "the technical foundation to craft effective policy initiatives and incentives promoting memory safety" leading to "a market in which vendors are incentivized to invest in memory safety." ("Customers will be empowered to recognize, demand, and reward safety.") In January the same Google security researchers helped co-write an article noting there are now strong memory-safety "research technologies" that are sufficiently mature: memory-safe languages (including "safer language subsets like Safe Buffers for C++"), mathematically rigorous formal verification, software compartmentalization, and hardware and software protections. (With hardware protections including things like ARM's Memory Tagging Extension and the (Capability Hardware Enhanced RISC Instructions, or "CHERI", architecture.) Google's security researchers are now calling for "a blueprint for a memory-safe future" — though Importantly, the idea is "defining the desired outcomes rather than locking ourselves into specific technologies." Their blog post this week again urges a practical/actionable framework that's commonly understood, but one that supports different approaches (and allowing tailoring to specific needs) while enabling objective assessment: At Google, we're not just advocating for standardization and a memory-safe future, we're actively working to build it. We are collaborating with industry and academic partners to develop potential standards, and our joint authorship of the recent CACM call-to-action marks an important first step in this process... This commitment is also reflected in our internal efforts. We are prioritizing memory-safe languages, and have already seen significant reductions in vulnerabilities by adopting languages like Rust in combination with existing, wide-spread usage of Java, Kotlin, and Go where performance constraints permit. We recognize that a complete transition to those languages will take time. That's why we're also investing in techniques to improve the safety of our existing C++ codebase by design, such as deploying hardened libc++. This effort isn't about picking winners or dictating solutions. It's about creating a level playing field, empowering informed decision-making, and driving a virtuous cycle of security improvement... The journey towards memory safety requires a collective commitment to standardization. We need to build a future where memory safety is not an afterthought but a foundational principle, a future where the next generation inherits a digital world that is secure by design. The security researchers' post calls for "a collective commitment" to eliminate memory-safety bugs, "anchored on secure-by-design practices..." One of the blog post's subheadings? "Let's build a memory-safe future together." And they're urging changes "not just for ourselves but for the generations that follow."

Read more of this story at Slashdot.

New submitter TronNerd82 writes: Linuxiac reports that the 6th alpha release of the COSMIC desktop environment has been released. The new alpha release includes zooming, desktop icon management, some new scaling options, and improved accessibility features. Also included in the release are a number of bug fixes. These include, but are not limited to: - Fixing a crash issue in Steam, and fixing certain issues for Radeon RX GPUs - Fixing a bug that prevented icons from appearing in screenshots - Adding a layer of polish to the COSMIC Files application by adding folder size metadata and preventing crashes Also of note are a number of memory usage reductions across the board. COSMIC Alpha 6 also replaces the default font, changing from Fira Sans to Open Sans, with Noto Sans Mono as the default monospace font. Additional changes can be found in System76's official announcement.

Read more of this story at Slashdot.

Chinese scientists are developing a lightweight Mars drone capable of both rolling on the ground and flying using contra-rotating coaxial rotors. Space.com reports: The air-ground dual-purpose unmanned aerial vehicle (UAV) weighs only 10.6 ounces (300 grams), equivalent to the weight of an apple. The development team is at the School of Astronautics (SoA) of the Harbin Institute of Technology. Seen as showing promising potential in future Mars science work, the UAV can take off at any time, traverse obstacles, and boasts superb endurance, reports state-owned China Central Television (CCTV). "On the ground, it mainly rolls by shifting its center of gravity," said Zhu Yimin, a Ph.D candidate at SoA. "In the air, it relies on a pair of contra-rotating coaxial rotors, controlled by a steering engine to adjust the forward direction, to control torque and force, ultimately achieving stable flight," Zhu told CCTV. The UAV work entails multiple models of air-ground dual-mode robots with different configurations, CCTV reports. These robots move by rolling close to the ground, which reduces energy consumption, and can achieve a flight endurance time of more than six times that of traditional drones of the same size. According to Zhang Lixian, a professor within the SoA, the hope is that the aerial vehicle can show off its long endurance and observational abilities on Mars. "Our second goal is for such machines to be suitable for construction in many underground spaces and for exploring unknown underground spaces. We also need robotic means for inspection and environmental detection. We have now materialized all these functions," said Zhang. A video of the drone can be found here.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Amnesty International on Friday said it determined that a zero-day exploit sold by controversial exploit vendor Cellebrite was used to compromise the phone of a Serbian student who had been critical of that country's government. [...] The chain exploited a series of vulnerabilities in device drivers the Linux kernel uses to support USB hardware. "This new case provides further evidence that the authorities in Serbia have continued their campaign of surveillance of civil society in the aftermath of our report, despite widespread calls for reform, from both inside Serbia and beyond, as well as an investigation into the misuse of its product, announced by Cellebrite," authors of the report wrote. Amnesty International first discovered evidence of the attack chain last year while investigating a separate incident outside of Serbia involving the same Android lockscreen bypass. [...] The report said that one of the vulnerabilities, tracked as CVE-2024-53104, was patched earlier this month with the release of the February 2025 Android Security Bulletin. Two other vulnerabilities -- CVE-2024-53197 and CVE-2024-50302 -- have been patched upstream in the Linux kernel but have not yet been incorporated into Android. Forensic traces identified in Amnesty International's analysis of the compromised phone showed that the Serbian authorities tried to install an unknown application after the device had been unlocked. The report authors said the installation of apps on Cellebrite-compromised devices was consistent with earlier cases the group has uncovered in which spyware tracked as NoviSpy spyware were installed. As part of the attack, the USB port of the targeted phone was connected to various peripherals during the initial stages. In later stages, the peripherals repeatedly connected to the phone so they could "disclose kernel memory and groom kernel memory as part of the exploitation." The people analyzing the phone said the peripherals were likely special-purpose devices that emulated video or sound devices connecting to the targeted device. The 23-year-old student who owned the phone regularly participates in the ongoing student protests in Belgrade. Any Android users who have yet to install the February patch batch should do so as soon as possible.

Read more of this story at Slashdot.

Alphabet's X division has developed a silicon photonic chip for its Taara project, which transmits internet via laser beams instead of fiber optic cables. The system delivers 20Gbps through "light bridges" that establish line-of-sight connections between transceiver units. The second-generation technology miniaturizes previous mechanical components -- including gimbals, mirrors, and lenses -- into solid-state circuitry the size of a fingernail. This chip enables a single laser transmitter to potentially pair with multiple receptors, significantly reducing costs from the current ~$30,000 per bridge setup. Taara has already demonstrated real-world viability by connecting Brazzaville and Kinshasa across the Congo River, providing the latter with five-fold cheaper internet access, and supplementing bandwidth at Coachella 2024. Project leader Mahesh Krishnaswamy claims Taara can deliver "10, if not 100 times more bandwidth" than Starlink in dense areas. X's Astro Teller suggests this technology could form the foundation for 7G networks as radio frequency bands become increasingly congested. Taara will soon "graduate" from X and seek external funding, with Alphabet maintaining a significant stake. Further reading: Official blog post.

Read more of this story at Slashdot.