News

The following vulnerabilities have been discovered in the WebKitGTK web engine:

CVE-2025-13947

Janet Black discovered that a website may be able to exfiltrate sensitive system information.

CVE-2025-43421

Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash.

CVE-2025-43458

Phil Beauvoir discovered that processing maliciously crafted web content may lead to an unexpected process crash.

CVE-2025-66287

Stanislav Fort discovered that processing maliciously crafted web content may lead to an unexpected process crash.

https://security-tracker.debian.org/tracker/DSA-6074-1

America's Energy Department runs a research lab in Idaho — and this week announced successful results from a ground-breaking experiment. "This is the first time in history that chloride-based molten salt fuel has been produced for a fast reactor," says Bill Phillips, the lab's technical lead for salt synthesis. He calls it "a major milestone for American innovation and a clear signal of our national commitment to advanced nuclear energy." Unlike traditional reactors that use solid fuel rods and water as a coolant, most molten salt reactors rely on liquid fuel — a mixture of salts containing fissile material. This design allows for higher operating temperatures, better fuel efficiency, and enhanced safety. It also opens the door to new applications, including compact nuclear systems for ships and remote installations. "The Molten Chloride Fast Reactor represents a paradigm shift in the nuclear fuel cycle, and the Molten Chloride Reactor Experiment (MCRE) will directly inform the commercialization of that reactor," said Jeff Latkowski, senior vice president of TerraPower and program director for the Molten Chloride Fast Reactor. "Working with world-leading organizations such as INL to successfully synthesize this unique new fuel demonstrates how real progress in Gen IV nuclear is being made together." "The implications for the maritime industry are significant," said Don Wood, senior technical advisor for MCRE. "Molten salt reactors could provide ships with highly efficient, low-maintenance nuclear power, reducing emissions and enabling long-range, uninterrupted travel. The technology could spark the rise of a new nuclear sector — one that is mobile, scalable and globally transformative. More details from America's Energy Department: MCRE will require a total of 72 to 75 batches of fuel salt to go critical, making it the largest fuel production effort at INL since the operations of Experimental Breeder Reactor-II more than 30 years ago. The full-scale demonstration of the new fuel salt synthesis line for MCRE was made possible by a breakthrough in 2024. After years of testing, the team found the right recipe to convert 95 percent of uranium metal feedstock into 18 kilograms of uranium chloride fuel salt in only a few hours — a process that previously took more than a week to complete... After delivering the first batch of fuel salt this fall, the team anticipates delivering four additional batches by March of 2026. MCRE is anticipated to run in 2028 for approximately six months at INL in the Laboratory for Operation and Testing (LOTUS) in the United States test bed. "With the first batch of fuel salt successfully created at INL, researchers will now conduct testing to better understand the physics of the process, with a goal of moving the process to a commercial scale over the next decade," says Cowboy State Daily. Thanks to long-time Slashdot reader schwit1 for sharing the article.

Read more of this story at Slashdot.

What triggered that Airbus emergency software recall? The BBC reports that Airbus's initial investigation into an aircraft's sudden drop in altitude linked it "to a malfunction in one of the aircraft's computers that controls moving parts on the aircraft's wings and tail." But that malfunction "seems to have been triggered by cosmic radiation bombarding the Earth on the day of the flight..." The BBC believes radiation from space "could become a growing problem as ever more microchips run our lives." What Airbus says occurred on that JetBlue flight from Cancun to New Jersey was a phenomenon called a single-event upset, or bit flip. As the BBC has previously reported, these computer errors occur when high-speed subatomic particles from outer space, such as protons, smash into atoms in our planet's atmosphere. This can cause a cascade of particles to rain down through our atmosphere, like throwing marbles across a table. In rare cases, those fast-moving neutrons can strike computer electronics and disrupt tiny bits of data stored in the computer's memory, switching that bit — often represented as a 0 or 1 — from one state to another. "That can cause your electronics to behave in ways you weren't expecting," says Matthew Owens, professor of space physics at the University of Reading in the UK. Satellites are particularly affected by this phenomenon, he says. "For space hardware we see this quite frequently." This is because the neutron flux — a measure of neutron radiation — rises the higher up in the atmosphere you go, increasing the chance of a strike hitting sensitive parts of the computer equipment on board. Aircraft are more vulnerable to this problem than computer equipment on the ground, although bit flips do occur at ground level, too. The increasing reliance of computers in fly-by-wire systems in aircraft, which use electronics rather than mechanical systems to control the plane in the air, also mean the risk posed by bit flips when they do occur is higher... Airbus told the BBC that it tested multiple scenarios when attempting to determine what happened to the 30 October 2025 JetBlue flight. In this case also, the company ruled out various possibilities except that of a bit flip. It is hard to attribute the incident to this for sure, however, because careering neutrons leave no trace of their activity behind, says Owens... [Airbus's software update] works by inducing "rapid refreshing of the corrupted parameter so it has no time to have effect on the flight controls", Airbus says. This is, in essence, a way of continually sanitising computer data on these aircraft to try and ensure that any errors don't end up actually impacting a flight... As computer chips have become smaller, they have also become more vulnerable to bit flips because the energy required to corrupt tiny packets of data has got lower over time. Plus, more and more microchips are being loaded into products and vehicles, potentially increasing the chance that a bit flip could cause havoc. If nothing else, the JetBlue incident will focus minds across many industries on the risk posed to our modern, microchip-dependent lives from cosmic radiation that originates far beyond our planet. Airbus said their analysis revealed "intense solar radiation" could corrupt data "critical to the functioning of flight control." But that explanation "has left some space weather scientists scratching their heads," adds the BBC. Space.com explains: Solar radiation levels on Oct. 30 were unremarkable and nowhere near levels that could affect aircraft electronics, Clive Dyer, a space weather and radiation expert at University of Surrey in the U.K., told Space.com. Instead, Dyer, who has studied effects of solar radiation on aircraft electronics for decades, thinks the onboard computer of the affected jet could have been struck by a cosmic ray, a stream of high-energy particles from a distant star explosion that may have travelled millions of years before reaching Earth. "[Cosmic rays] can interact with modern microelectronics and change the state of a circuit," Dyer said. "They can cause a simple bit flip, like a 0 to 1 or 1 to 0. They can mess up information and make things go wrong. But they can cause hardware failures too, when they induce a current in an electronic device and burn it out."

Read more of this story at Slashdot.

An anonymous reader shared this report from Autoblog: Imagine walking out to your car, pressing the start button, and getting absolutely nothing. No crank, no lights on the dash, nothing. That's exactly what happened to hundreds of Porsche owners in Russia last week. The issue is with the Vehicle Tracking System, a satellite-based security system that's supposed to protect against theft. Instead, it turned these Porsches into driveway ornaments. The issue was first reported at the end of November, with owners reporting identical symptoms of their cars refusing to start or shutting down soon after ignition. Russia's largest dealership group, Rolf, confirmed that the problem stems from a complete loss of satellite connectivity to the VTS. When it loses its connection, it interprets the outage as a potential theft attempt and automatically activates the engine immobilizer. The issue affects all models and engine types, meaning any Porsche equipped with the system could potentially disable itself without warning. The malfunction impacts Porsche models dating back to 2013 that have the factory VTS installed... When the VTS connection drops, the anti-theft protocol kicks in, cutting fuel delivery and locking down the engine completely.

Read more of this story at Slashdot.

Nuclear engineer Lonnie Johnson worked on NASA's Galileo mission, has more than 140 patents, and invented the Super Soaker water gun. But now he's working on "a potential key to unlock a huge power source that's rarely utilized today," reports the Atlanta Journal-Constitution. [Alternate URL here.] Waste heat... The Johnson Thermo-Electrochemical Converter, or JTEC, has few moving parts, no combustion and no exhaust. All the work to generate electricity is done by hydrogen, the most abundant element in the universe. Inside the device, pressurized hydrogen gas is separated by a thin, filmlike membrane, with low pressure gas on one side and high pressure gas on the other. The difference in pressure in this "stack" is what drives the hydrogen to compress and expand, creating electricity as it circulates. And unlike a fuel cell, it does not need to be refueled with more hydrogen. All that's needed to keep the process going and electricity flowing is a heat source. As it turns out, there are enormous amounts of energy vented or otherwise lost from industrial facilities like power plants, factories, breweries and more. Between 20% and 50% of all energy used for industrial processes is dumped into the atmosphere and lost as waste heat, according to the U.S. Department of Energy. The JTEC works with high temperatures, but the device's ability to generate electricity efficiently from low-grade heat sources is what company executives are most excited about. Inside JTEC's headquarters, engineers show off a demonstration unit that can power lights and a sound system with water that's roughly 200 degrees Fahrenheit — below the boiling point and barely warm enough to brew a cup of tea, said Julian Bell, JTEC's vice president of engineering. Comas Haynes, a research engineer at the Georgia Tech Research Institute specializing in thermal and hydrogen system designs, agrees the company could "hit a sweet spot" if it can capitalize on lower temperature heat... For Johnson, the potential application he's most excited about lies beneath our feet. Geothermal energy exists naturally in rocks and water beneath the Earth's surface at various depths. Tapping into that resource through abandoned oil and gas wells — a well-known access point for underground heat — offers another opportunity. "You don't need batteries and you can draw power when you need it from just about anywhere," Johnson said. Right now, the company is building its first commercial JTEC unit, which is set to be deployed early next year. Mike McQuary, JTEC's CEO and the former president of the pioneering internet service provider MindSpring, said he couldn't reveal the customer, but said it's a "major Southeast utility company." "Crossing that bridge where you have commercial customers that believe in it and will pay for it is important," McQuary said... On top of some initial seed money, the company brought in $30 million in a Series A funding in 2022 — money that allowed the company to move to its Lee + White headquarters and hire more than 30 engineers. McQuary said it expects to begin another round of fundraising soon. "Johnson, meanwhile, hasn't stopped working on new inventions," the article points out. "He continues to refine the design for his solid-state battery..."

Read more of this story at Slashdot.

Phys.org republishes this article from The Conversation: On average, managers spend 23 hours a week in meetings. Much of what happens in them is considered to be of low value, or even entirely counterproductive. The paradox is that bad meetings generate even more meetings... in an attempt to repair the damage caused by previous ones... A 2015 handbook laid the groundwork for the nascent field of "Meeting Science". Among other things, the research revealed that the real issue may not be the number of meetings, but rather how they are designed, the lack of clarity about their purpose, and the inequalities they (often unconsciously) reinforce... Faced with what we call meeting madness, the solution is not to eliminate meetings altogether, but to design them better. It begins with a simple but often forgotten question: why are we meeting...? The goal should not be to have fewer meetings, but better ones. Meetings that respect everyone's time and energy. Meetings that give a voice to all. Meetings that build connection. Slashdot reader ShimoNoSeki shares an obligatory XKCD comic...

Read more of this story at Slashdot.

Friday six European Union countries "asked the European Commission to water down an effective ban on the sale of internal combustion engine cars slated for 2035," reports Reuters The countries have asked the EU Commission to allow the sale of hybrid cars or vehicles powered by other, existing or future, technologies "that could contribute to the goal of reducing emissions" beyond 2035, a joint letter seen by Reuters showed on Friday. The letter was signed by the prime ministers of Bulgaria, the Czech Republic, Hungary, Italy, Poland and Slovakia. They also asked for low-carbon and renewable fuels to be included in the plan to reduce the carbon emissions from transportation... Since they adopted a regulation that all new vehicles from 2035 should have zero emissions in March 2023, EU countries are now having second thoughts. Back then, the outlook for battery electric vehicles was positive, but carmakers' efforts have later collided with the reality of lower-than-expected demand and fierce competition from China. Car and Drive reports that Chancellor Friedrich Merz of Germany also "wants to allow exceptions for plug-in hybrids, extended-range EVs, and 'highly efficient' combustion vehicles beyond the current 2035 deadline." They cite a report in Automotive News. The European Commission hasn't made any official changes yet, but mounting pressure suggests that a revised plan could be coming soon.... Apostolos Tzitzikostas, the European Commissioner for Sustainable Transport and Tourism, was cited by the German paper Handelsblatt as saying that the EU "will take all technological advances into account when reassessing fleet emission limits, including combustion engines running on e-fuels and biofuels." And these renewable products will apparently be key pieces of the puzzle. BMW uses a vegetable-oil-derived fuel called HVO 100 in its diesel products throughout Europe. The plant-oil-based fuel reportedly reduces tailpipe emissions by 90 percent compared with traditional diesel. For its part, Porsche has been working on producing synthetic fuel at a plant in Chile since 2022. The European Commission is set to meet on December 10. At that time, the body is expected to assemble a package of proposals to help out the struggling European automotive industry, though the actual announcement may be pushed to a later date. Thanks to long-time Slashdot reader sinij for sharing the article.

Read more of this story at Slashdot.

AI is the second-largest major at M.I.T. after computer science, reports the New York Times. (Alternate URL here.) Though that includes students interested in applying AI in biology and health care — it's just the beginning: This semester, more than 3,000 students enrolled in a new college of artificial intelligence and cybersecurity at the University of South Florida in Tampa. At the University of California, San Diego, 150 first-year students signed up for a new A.I. major. And the State University of New York at Buffalo created a stand-alone "department of A.I. and society," which is offering new interdisciplinary degrees in fields like "A.I. and policy analysis...." [I]nterest in understanding, using and learning how to build A.I. technologies is soaring, and schools are racing to meet rising student and industry demand. Over the last two years, dozens of U.S. universities and colleges have announced new A.I. departments, majors, minors, courses, interdisciplinary concentrations and other programs. "This is so cool to me to have the opportunity to be at the forefront of this," one 18-year-old told the New York Times. Their article points out 62% of America's computing programs reported drops in undergraduate enrollment this fall, according to a report in October from the Computing Research Association. "One reason for the dip: student employment concerns." Thanks to long-time Slashdot reader theodp for sharing the article.

Read more of this story at Slashdot.

UPDATE (12/7): The New York Times clarifies today that the damage at Chernobyl hasn't led to a rise in radiation levels: "If there was to be some event inside the shelter that would release radioactive materials into the space inside the New Safe Confinement, because this facility is no longer sealed to the outside environment, there's the potential for radiation to come out," said Shaun Burnie, a senior nuclear specialist at Greenpeace who has monitored nuclear power plants in Ukraine since 2022 and last visited Chernobyl on October 31. "I have to say I don't think that's a particularly serious issue at the moment, because they're not actively decommissioning the actual sarcophagus." The I.A.E.A. also said there was no permanent damage to the shield's load-bearing structures or monitoring systems. A spokesman for the agency, Fredrik Dahl, said in a text message on Sunday that radiation levels were similar to what they were before the drone hit. But "A structure designed to prevent radioactive leakage at the defunct Chernobyl nuclear plant in Ukraine is no longer operational," Politico reported Saturday, "after Russian drones targeted it earlier this year, the U.N.'s nuclear watchdog has found." [T]he large steel structure "lost its primary safety functions, including the confinement capability" when its outer cladding was set ablaze after being struck by Russian drones, according to a new report by the International Atomic Energy Agency. Beyond that, there was "no permanent damage to its load-bearing structures or monitoring systems," it said. "Limited temporary repairs have been carried out on the roof, but timely and comprehensive restoration remains essential to prevent further degradation and ensure long-term nuclear safety," IAEA Director General Rafael Mariano Grossi said in astatement. The Guardian has pictures of the protective shield — incuding the damage from the drone strike. The shield is the world's largest movable land structure, reports CNN: The IAEA, which has a permanent presence at the site, will "continue to do everything it can to support efforts to fully restore nuclear safety and security," Grossi said.... Built in 2010 and completed in 2019, it was designed to last 100 years and has played a crucial role in securing the site. The project cost €2.1 billion and was funded by contributions from more than 45 donor countries and organizations through the Chernobyl Shelter Fund, according to the European Bank for Reconstruction and Development, which in 2019 hailed the venture as "the largest international collaboration ever in the field of nuclear safety."

Read more of this story at Slashdot.

A hardware security response from ChatGPT ended with "Shop for home and groceries. Connect Target." But "There are no live tests for ads" on ChatGPT, insists Nick Turley, OpenAI's head of ChatGPT. Posting on X.com, he said "any screenshots you've seen are either not real or not ads." Engadget reports The OpenAI exec's explanation comes after another post from former xAI employee Benjamin De Kraker on X that has gained traction, which featured a screenshot showing an option to shop at Target within a ChatGPT conversation. OpenAI's Daniel McAuley responded to the post, arguing that it's not an ad but rather an example of app integration that the company announced in October. [To which De Kraker responded "when brands inject themselves into an unrelated chat and encourage the user to go shopping at their store, that's an ad. The more you pretend this isn't an ad because you guys gave it a different name, the less users like or trust you."] However, the company's chief research officer, Mark Chen, also replied on X that they "fell short" in this case, adding that "anything that feels like an ad needs to be handled with care." "We've turned off this kind of suggestion while we improve the model's precision," Chen wrote on X. "We're also looking at better controls so you can dial this down or off if you don't find it helpful."

Read more of this story at Slashdot.

It runs locally, a free/open source home automation platform connecting all your devices together, regardless of brand. And GitHub's senior developer calls it "one of the most active, culturally important, and technically demanding open source ecosystems on the planet," with tens of thousands of contributors and millions of installations. That's confirmed by this year's "Octoverse" developer survey... Home Assistant was one of the fastest-growing open source projects by contributors, ranking alongside AI infrastructure giants like vLLM, Ollama, and Transformers. It also appeared in the top projects attracting first-time contributors, sitting beside massive developer platforms such as VS Code... Home Assistant is now running in more than 2 million households, orchestrating everything from thermostats and door locks to motion sensors and lighting. All on users' own hardware, not the cloud. The contributor base behind that growth is just as remarkable: 21,000 contributors in a single year... At its core, Home Assistant's problem is combinatorial explosion. The platform supports "hundreds, thousands of devices... over 3,000 brands," as [maintainer Franck Nijhof] notes. Each one behaves differently, and the only way to normalize them is to build a general-purpose abstraction layer that can survive vendor churn, bad APIs, and inconsistent firmware. Instead of treating devices as isolated objects behind cloud accounts, everything is represented locally as entities with states and events. A garage door is not just a vendor-specific API; it's a structured device that exposes capabilities to the automation engine. A thermostat is not a cloud endpoint; it's a sensor/actuator pair with metadata that can be reasoned about. That consistency is why people can build wildly advanced automations. Frenck describes one particularly inventive example: "Some people install weight sensors into their couches so they actually know if you're sitting down or standing up again. You're watching a movie, you stand up, and it will pause and then turn on the lights a bit brighter so you can actually see when you get your drink. You get back, sit down, the lights dim, and the movie continues." A system that can orchestrate these interactions is fundamentally a distributed event-driven runtime for physical spaces. Home Assistant may look like a dashboard, but under the hood it behaves more like a real-time OS for the home... The local-first architecture means Home Assistant can run on hardware as small as a Raspberry Pi but must handle workloads that commercial systems offload to the cloud: device discovery, event dispatch, state persistence, automation scheduling, voice pipeline inference (if local), real-time sensor reading, integration updates, and security constraints. This architecture forces optimizations few consumer systems attempt. "If any of this were offloaded to a vendor cloud, the system would be easier to build," the article points out. "But Home Assistant's philosophy reverses the paradigm: the home is the data center..." As Nijhof says of other vendor solutions, "It's crazy that we need the internet nowadays to change your thermostat."

Read more of this story at Slashdot.

"People in their teens and early 20s are increasingly turning to old school tech," reports the BBC, "in a bid to unplug from the online world." Amazon UK told BBC Scotland News that retro-themed products surged in popularity during its Black Friday event, with portable vinyl turntables, Tamagotchis and disposable cameras among their best sellers. Retailers Currys and John Lewis also said they had seen retro gadgets making a comeback with sales of radios, instant cameras and alarm clocks showing big jumps. While some people scroll endlessly through Netflix in search of their next watch, 17-year-old Declan prefers the more traditional approach of having a DVD in his hands. He grew up surrounded by his gran's collection and later bought his own after visiting a shop with a friend. "The main selling point for me is the cases," he says. Streaming services like Netflix and Disney+ dominate the market but Declan says he values ownership. "It's nice to have something you own instead of paying for subscriptions all the time," he says. "If I lost access to streaming tomorrow, I'd still have my favourite movies ready to watch." He admits DVDs are a "dying way of watching movies" but that makes them cheaper. "I think they're just cool, there's something authentic about having DVDs," he says. "These things are generations old, it's nice to have them available." The BBC also writes that one 21-year-old likes the "deliberate artistry" of traditional-camera photography — and the nostalgic experience of using one. They interview a 20-year-old who says vinyl records have a "more authentic sound" — and he appreciates having the physical disc and jacket art. And one 21-year-old even tracked down the handheld PlayStation Portable he'd used as a kid...

Read more of this story at Slashdot.

Why does Netflix want to buy Warner Bros, asks the chief film critic at the long-running motion-picture magazine Variety. "It is hard, at this moment, to resist the suspicion that the ultimate reason... is to eliminate the competition." [Warner Bros. is] one of the only companies that's keeping movies as we've known them alive... Some people think movies are going the way of the horse-and-buggy. A company like Warner Bros. has been the tangible proof that they're not. Ted Sarandos, the co-CEO of Netflix, has a different agenda. He has been unabashed about declaring that the era of movies seen in movie theaters is an antiquated concept. This is what he believes — which is fine. I think a more crucial point is that this is what he wants. The Netflix business strategy isn't simply about being the most successful streaming company. It's about changing the way people watch movies; it's about replacing what we used to call moviegoing with streaming. (You could still call it moviegoing, only now you're just going into your living room.) It in no way demonizes Sarandos — he'd probably take it as a compliment — to say that there's a world-domination aspect to the Netflix grand strategy. Sarandos's vision is to have the entire planet wired, with everyone watching movies and shows at home. There's a school of thought that sees this an advance, a step forward in civilization. "Remember the days when we used to have to go out to a movie theater? How funny! Now you can just pop up a movie — no trailers! — with the click of a remote...." Once he owns Warner Bros., will Sarandos keep using the studio to make movies that enjoy powerful runs in theaters the way Sinners and Weapons and One Battle After Another did? In the statement he made to investors and media today, Sarandos said, "I'd say right now, you should count on everything that is planned on going to the theater through Warner Bros. will continue to go to the theaters through Warner Bros." He added, "But our primary goal is to bring first-run movies to our members, because that's what they're looking for." Not exactly a ringing declaration of loyalty to the religion of cinema. And given Sarandos's track record, there is no reason to believe that he will suddenly change his spots. A letter sent to Congress by a group of anonymous Hollywood producers, who voiced "grave concerns" about Netflix buying Warner Bros., stated, "They have no incentive to support theatrical exhibition, and they have every incentive to kill it." If that happens, though, I have no doubt that Sarandos will be smart enough to do it gradually. Warner Bros. films will probably be released in a "normal" fashion...for a while. Maybe a year or two. But five years from now? There is good reason to believe that by then, a "Warner Bros. movie," even a DC comic-book extravaganza, would be a streaming-only release, or maybe a two-weeks-in-theaters release, all as a more general way of trying to shorten the theatrical window, which could be devastating to the movie business. Do we know all this to be true? No, but the indicators are somewhat overpowering. (He's been explicit about the windows...) An anonymous group of "concerned feature film producers" sent an open letter to Congress warning Netflix would "effectively hold a noose around the theatrical marketplace," reports Variety. And CNN also got this quote from Cinema United, a trade association that represents more than 30,000 movie screens in the United States. "Netflix's stated business model does not support theatrical exhibition," Cinema United President/CEO Michael O'Leary said in a statement. "In fact, it is the opposite."

Read more of this story at Slashdot.

FreeBSD 15.0-RELEASE arrived this week, notes this report from The Register, which calls it the latest release "of the Unix world's leading alternative to Linux." As well as numerous bug fixes and upgrades to many of its components, the major changes in this version are reductions in the number of platforms the OS supports, and in how it's built and how its component software is packaged. FreeBSD 15 has significantly reduced support for 32-bit platforms. Compared to FreeBSD 14 in 2023, there are no longer builds for x86-32, POWER, or ARM-v6. As the release notes put it: "The venerable 32-bit hardware platforms i386, armv6, and 32-bit powerpc have been retired. 32-bit application support lives on via the 32-bit compatibility mode in their respective 64-bit platforms. The armv7 platform remains as the last supported 32-bit platform. We thank them for their service." Now FreeBSD supports five CPU architectures — two Tier-1 platforms, x86-64 and AArch64, and three Tier-2 platforms, armv7 and up, powerpc64le, and riscv64. Arguably, it's time. AMD's first 64-bit chips started shipping 22 years ago. Intel launched the original x86 chip, the 8086 in 1978. These days, 64-bit is nearly as old as the entire Intel 80x86 platform was when the 64-bit versions first appeared. In comparison, a few months ago, Debian 13 also dropped its x86-32 edition — six years after Canonical launched its first x86-64-only distro, Ubuntu 19.10. Another significant change is that this is the first version built under the new pkgbase system, although it's still experimental and optional for now. If you opt for a pkgbase installation, then the core OS itself is installed from multiple separate software packages, meaning that the whole system can be updated using the package manager. Over in the Linux world, this is the norm, but Linux is a very different beast... The plan is that by FreeBSD 16, scheduled for December 2027, the restructure will be complete, the old distribution sets will be removed, and the current freebsd-update command and its associated infrastructure can be turned off. Another significant change is reproducible builds, a milestone the project reached in late October. This change is part of a multi-project initiative toward ensuring deterministic compilation: to be able to demonstrate that a certain set of source files and compilation directives is guaranteed to produce identical binaries, as a countermeasure against compromised code. A handy side-effect is that building the whole OS, including installation media images, no longer needs root access. There are of course other new features. Lots of drivers and subsystems have been updated, and this release has better power management, including suspend and resume. There's improved wireless networking, with support for more Wi-Fi chipsets and faster wireless standards, plus updated graphics drivers... The release announcement calls out the inclusion of OpenZFS 2.4.0-rc4, OpenSSL 3.5.4, and OpenSSH 10.0 p2, and notes the inclusion of some new quantum-resistant encryption systems... In general, we found FreeBSD 15 easier and less complicated to work with than either of the previous major releases. It should be easier on servers too. The new OCI container support in FreeBSD 14.2, which we wrote about a year ago, is more mature now. FreeBSD has its own version of Podman, and you can run Linux containers on FreeBSD. This means you can use Docker commands and tools, which are familiar to many more developers than FreeBSD's native Jail system. "FreeBSD has its own place in servers and the public cloud, but it's getting easier to run it as a desktop OS as well," the article concludes. "It can run all the main Linux desktops, including GNOME on Wayland." "There's no systemd here, and never will be — and no Flatpak or Snap either, for that matter.

Read more of this story at Slashdot.

"Homebrew, the package manager for macOS and Linux, just got a handy new feature in the latest v5.0.4 update," reports How-To Geek. Brewfile install scripts "are now more like a one-stop shop for installing software, as Flatpaks are now supported alongside Brew packages, Mac App Store Apps, and other packages." For those times when you need to install many software packages at once, like when setting up a new PC or virtual machine, you can create a Brewfile with a list of packages and run it with the 'brew bundle' command. However, the Brewfile isn't limited to just Homebrew packages. You can also use it to install Mac App Store apps, graphical apps through Casks, Visual Studio Code extensions, and Go language packages. Starting with this week's Homebrew v5.0.4 release, Flatpaks are now supported in Brewfiles as well... This turns Homebrew into a fantastic setup tool for macOS, Linux, and Windows Subsystem for Linux (WSL) environments. You can have one script with all your preferred software, and use 'if' statements with platform variables and existing file checks for added portability.

Read more of this story at Slashdot.

Today America's college professors "struggle to accommodate the many students with an official disability designation," reports the Atlantic, "which may entitle them to extra time, a distraction-free environment, or the use of otherwise-prohibited technology." Their staff writer argues these accommodations "have become another way for the most privileged students to press their advantage." [Over the past decade and a half] the share of students at selective universities who qualify for accommodations — often, extra time on tests — has grown at a breathtaking pace. At the University of Chicago, the number has more than tripled over the past eight years; at UC Berkeley, it has nearly quintupled over the past 15 years. The increase is driven by more young people getting diagnosed with conditions such as ADHD, anxiety, and depression, and by universities making the process of getting accommodations easier. The change has occurred disproportionately at the most prestigious and expensive institutions. At Brown and Harvard, more than 20 percent of undergraduates are registered as disabled. At Amherst, that figure is 34 percent. Not all of those students receive accommodations, but researchers told me that most do. The schools that enroll the most academically successful students, in other words, also have the largest share of students with a disability that could prevent them from succeeding academically. "You hear 'students with disabilities' and it's not kids in wheelchairs," one professor at a selective university, who requested anonymity because he doesn't have tenure, told me. "It's just not. It's rich kids getting extra time on tests...." Recently, mental-health issues have joined ADHD as a primary driver of the accommodations boom. Over the past decade, the number of young people diagnosed with depression or anxiety has exploded. L. Scott Lissner, the ADA coordinator at Ohio State University, told me that 36 percent of the students registered with OSU's disability office have accommodations for mental-health issues, making them the largest group of students his office serves. Many receive testing accommodations, extensions on take-home assignments, or permission to miss class. Students at Carnegie Mellon University whose severe anxiety makes concentration difficult might get extra time on tests or permission to record class sessions, Catherine Samuel, the school's director of disability resources, told me. Students with social-anxiety disorder can get a note so the professor doesn't call on them without warning... Some students get approved for housing accommodations, including single rooms and emotional-support animals. Other accommodations risk putting the needs of one student over the experience of their peers. One administrator told me that a student at a public college in California had permission to bring their mother to class. This became a problem, because the mom turned out to be an enthusiastic class participant. Professors told me that the most common — and most contentious — accommodation is the granting of extra time on exams... Several of the college students I spoke with for this story said they knew someone who had obtained a dubious diagnosis... The surge itself is undeniable. Soon, some schools may have more students receiving accommodations than not, a scenario that would have seemed absurd just a decade ago. Already, at one law school, 45 percent of students receive academic accommodations. Paul Graham Fisher, a Stanford professor who served as co-chair of the university's disability task force, told me, "I have had conversations with people in the Stanford administration. They've talked about at what point can we say no? What if it hits 50 or 60 percent? At what point do you just say 'We can't do this'?" This year, 38 percent of Stanford undergraduates are registered as having a disability; in the fall quarter, 24 percent of undergraduates were receiving academic or housing accommodations.

Read more of this story at Slashdot.

Wired published an article by California-based writer/programmer Sheon Han arguing that Ruby "is not a serious programming language." Han believes that the world of programming has "moved on", and "everything Ruby does, another language now does better, leaving it without a distinct niche. Ruby is easy on the eyes. Its syntax is simple, free of semicolons or brackets. More so even thanPython — a language known for its readability — Ruby reads almost like plain English... Ruby, you might've guessed, is dynamically typed. Python and JavaScript are too, but over the years, those communities have developed sophisticated tools to make them behave more responsibly. None of Ruby's current solutions are on par with those. It's far too conducive to what programmers call "footguns," features that make it all too easy to shoot yourself in the foot. Critically, Ruby's performance profile consistently ranks near the bottom (read: slowest) among major languages. You may remember Twitter's infamous "fail whale," the error screen with a whale lifted by birds that appeared whenever the service went down. You could say that Ruby was largely to blame. Twitter's collapse during the 2010 World Cup served as a wake-up call, and the company resolved to migrate its backend to Scala, a more robust language. The move paid off: By the 2014 World Cup, Twitter handled a record 32 million tweets during the final match without an outage. Its new Scala-based backend could process up to 100 times faster than Ruby. In the 2010s, a wave of companies replaced much of their Ruby infrastructure, and when legacy Ruby code remained, new services were written in higher-performance languages. You may wonderwhy people are still using Ruby in 2025. It survives because of its parasitic relationship with Ruby on Rails, the web framework that enabled Ruby's widespread adoption and continues to anchor its relevance.... Rails was the framework of choice for a new generation of startups. The main code bases of Airbnb, GitHub, Twitter, Shopify, and Stripe were built on it. He points out on Stack Overflow's annual developer survey, Ruby has slipped from a top-10 technology in 2013 to #18 this year — "behind evenAssembly" — calling Ruby "a kind of professional comfort object, sustained by the inertia of legacy code bases and the loyalty of those who first imprinted upon it." But the article drew some criticism on X.com. ("You should do your next piece about how Vim isn't a serious editor and continue building your career around nerd sniping developers.") Other reactions... "Maybe WIRED is just not a serious medium..." "FWIW — Ruby powered Shopify through another Black Friday / Cyber Monday — breaking last year's record." "Maybe you should have taken a look at TypeScript..." Wired's subheading argues that Ruby "survives on affection, not utility. Let's move on." Are they right? Share your own thoughts and experiences in the comments. Is Ruby still a 'serious' programming language?

Read more of this story at Slashdot.

Jolla is "trying again with a new crowd-funded smartphone," reports Phoronix: Finnish company Jolla started out 14 years ago where Nokia left off with MeeGo and developed Sailfish OS as a new Linux smartphone platform. Jolla released their first smartphone in 2013 after crowdfunding but ultimately the Sailfish OS focus the past number of years now has been offering their software stack for use on other smartphone devices [including some Sony Xperia smartphones and OnePlus/Samsung/ Google/ Xiaomi devices]. This new Jolla Phone's pre-order voucher page says the phone will only produced if 2,000 units are ordered before January 4. (But in just a few days they've already received 1,721 pre-orders — all discounted to 499€ from a normal price between 599 and 699 €). Estimate delivery is the first half of 2026. "The new Jolla Phone is powered by a high-performing Mediatek 5G SoC," reports 9to5Linux, "and features 12GB RAM, 256GB storage that can be expanded to up to 2TB with a microSDXC card, a 6.36-inch FullHD AMOLED display with ~390ppi, 20:9 aspect ratio, and Gorilla Glass, and a user-replaceable 5,500mAh battery." The Linux phone also features 4G/5G support with dual nano-SIM and a global roaming modem configuration, Wi-Fi 6 wireless, Bluetooth 5.4, NFC, 50MP Wide and 13MP Ultrawide main cameras, front front-facing wide-lens selfie camera, fingerprint reader on the power key, a user-changeable back cover, and an RGB indication LED. On top of that, the new Jolla Phone promises a user-configurable physical Privacy Switch that lets you turn off the microphone, Bluetooth, Android apps, or whatever you wish. The device will be available in three colors, including Snow White, Kaamos Black, and The Orange. All the specs of the new Jolla Phone were voted on by Sailfish OS community members over the past few months. Honouring the original Jolla Phone form factor and design, the new model ships with Sailfish OS (with support for Android apps), a Linux-based European alternative to dominating mobile operating systems that promises a minimum of 5 years of support, no tracking, no calling home, and no hidden analytics... The device will be manufactured and sold in Europe, but Jolla says that it will design the cellular band configuration to enable global travelling as much as possible, including e.g. roaming in the U.S. carrier networks. The initial sales markets are the EU, the UK, Switzerland, and Norway.

Read more of this story at Slashdot.

Washington Post columnist Dana Milbank calls himself "a highly creative hypochondriac" — who just paid for an expensive MRI scan to locate abnormal spots as tiny as 2 millimeters. He discusses the pros and cons of its "diffusion-weighted imaging" technology combined with the pattern recognition of AI, which theoretically "has the potential to save our lives by revealing budding cancers, silent aneurysms and other hidden would-be killers before they become deadly. " But the scans cost $2,500 a pop and insurance won't pay. Worse, for every cancer these MRIs find, they produce a slightly greater number of false positives that require a biopsy, with the potential for infection and bleeding and emotional distress. Even when the scans don't produce a false positive, they almost always come up with some vague and disconcerting abnormality.... Will we feel better after viewing our insides? Or will we become anxious about things we hadn't even thought to worry about? Part of living has always been in the mystery, in not knowing what tomorrow will bring. Now, because of sophisticated imaging, genome sequencing and other revolutionary screening tools, we can have predictability, or at least the illusion of it. But do we want that? The American College of Radiology says we do not. Its still-current 2023 statement says there is not "sufficient evidence" to recommend full-body screening, cautioning that the scan could lead to needless testing and expense. But David Larson, chair of ACR's Commission on Quality and Safety, told me that could change as more data comes in. "When people ask me, 'Would you recommend it?' I would say it depends on your tolerance for ambiguity," he said, giving the example of somebody found to have a borderline aortic aneurysm who is advised to wait and monitor it. If "that won't keep you up at night, then I wouldn't necessarily recommend against it...." About 1 in 20 gets that dreaded call. A study Prenuvo presented earlier this year of 1,011 participants found that 4.9 percent of scans required a follow-up biopsy. Of those, 2.2 percent were actually cancer, and the other 2.7 percent were false positives. Of the 22 cancers the scans caught, 86 percent of patients had no specific symptoms. But if finding something truly awful is rare, finding something abnormal is almost guaranteed. [Vikash Modi, Prenuvo's senior medical director of preventative medicine] said only 1 in 20 scans come back completely clean. The vast majority of patients wind up in the ambiguous realm where something may look suspicious but doesn't require urgent follow-up. He opted for the cheaper $1,000 torso scan, which the senior medical director calls "our bread-and-butter area," since 17 of the 22 cancers detected in one Prenuvo study were in that area and is where they often find cancers that wouldn't be discovered until they were incurable like "that scary pancreatic stuff...." Milbank's scan found 12 "abnormalities" included "a 2.5 mm pulmonary nodule in the right lower lobe" and "a 4.6 mm intraductal papillary mucinous neoplasm in the pancreatic tail" — but with 10 abnormalities labeled "minor" (and six being musculoskeletal wear-and-tear problems "I already knew about from the usual aches and pains".) Even the two "moderate" findings didn't sound that grim when I read on. The "indeterminant lesion" in my lung requires no follow-up, while the thing in my pancreas is "low-risk."... The "most interesting" finding was the pancreatic cyst, because, at this size and location, there's a 3 percent chance it will become cancerous in the next five years. But if annual follow-up scans of my pancreas (covered by insurance) show it's getting bigger, the cyst can be removed before it becomes cancer. For me, this made the MRI worthwhile. Sure, there was a 97 percent likelihood the cyst never would develop into a problem even if I hadn't learned about it. But now, with minimal inconvenience, I can eliminate that 3 percent risk of getting pancreatic cancer, the most lethal of major malignancies.

Read more of this story at Slashdot.

"First the penny. Next, paper checks?" asks CNN: When the U.S. Mint stopped making pennies last month for the first time in 238 years, it drew a lot of attention. But there have been quiet moves to stop using paper checks as well. The government stopped sending out most paper checks to recipients as of the end of September, part of an effort to fully modernize federal benefits payments. And on Thursday the Federal Reserve put out a notice that suggested it is considering — but only considering — the "winding down" of checking services it now provides for banks. The central bank's statement said that as an alternative to winding down those services, it is mulling more investment in its check processing services, but noted that would come at a higher cost. But it is also considering not making any such investments, in order to keep costs roughly unchanged. That would lead to reduced reliability of those services going forward. "Over time, check use has steadily declined, digital payment methods have grown in availability and use, and check fraud has risen," said the notice from the Fed. "Also, the Reserve Banks will need to make substantial investments in their check infrastructure to continue providing the same level of check services going forward." A report from the Federal Reserve Bank of Atlanta in June found that as of last year, more than 90% of surveyed consumers said they prefer to use something other than a check for paying bills, and just 6% paid by check. That's a sharp drop from the 18% of bills paid by checks as recently as 2017. Consumers also reported they view checks as second-worst for convenience and speed of payment, ahead of only money orders. And they're ranked as the least secure form of any payment other than cash. But even if it's true that options such as direct deposit, automatic bill paying and electronic payment systems such as Venmo, PayPal and Zelle have all reduced the need for traditional checks, paper checks are still an important part of the payment system. They make up about 5% of transactions and represent 21% of the value of all those payments, according to a statement from Michelle Bowman, the Fed's vice chair for supervision, who dissented from the Fed's Thursday statement.

Read more of this story at Slashdot.