Sorry, you need to enable JavaScript to visit this website.

Nobody's favorite operating system is now available for inspection

In partnership with IBM, Microsoft has released the source code for MS-DOS 4.0, more than 35 years since the operating system made a muted appearance ahead of Windows 3.x.…

A now-abandoned USB worm that backdoors connected devices has continued to self-replicate for years since its creators lost control of it and remains active on thousands, possibly millions, of machines, researchers said Thursday. ArsTechnica: The worm -- which first came to light in a 2023 post published by security firm Sophos -- became active in 2019 when a variant of malware known as PlugX added functionality that allowed it to infect USB drives automatically. In turn, those drives would infect any new machine they connected to, a capability that allowed the malware to spread without requiring any end-user interaction. Researchers who have tracked PlugX since at least 2008 have said that the malware has origins in China and has been used by various groups tied to the country's Ministry of State Security. For reasons that aren't clear, the worm creator abandoned the one and only IP address that was designated as its command-and-control channel. With no one controlling the infected machines anymore, the PlugX worm was effectively dead, or at least one might have presumed so. The worm, it turns out, has continued to live on in an undetermined number of machines that possibly reaches into the millions, researchers from security firm Sekoia reported. The researchers purchased the IP address and connected their own server infrastructure to "sinkhole" traffic connecting to it, meaning intercepting the traffic to prevent it from being used maliciously. Since then, their server continues to receive PlugX traffic from 90,000 to 100,000 unique IP addresses every day.

Read more of this story at Slashdot.

One Chinese national arrested in Chicago while another suspect thought to be abroad

Two Chinese nationals were this week accused by the US of attempting to illegally export chipmaking kit to a company back home, in another twist in the tech wars between the two nations.…

Captchas that aim to distinguish humans from nefarious bots are demanding more brain power. WSJ: The companies and cybersecurity experts who design Captchas have been doing all they can to stay one step ahead of the bad actors figuring out how to crack them. A cottage industry of third-party Captcha-solving firms -- essentially, humans hired to solve the puzzles all day -- has emerged. More alarmingly, so has technology that can automatically solve the more rudimentary tests, such as identifying photos of motorcycles and reading distorted text. "Software has gotten really good at labeling photos," said Kevin Gosschalk, the founder and CEO of Arkose Labs, which designs what it calls "fraud and abuse prevention solutions," including Captchas. "So now enters a new era of Captcha -- logic based." That shift explains why Captchas have started to both annoy and perplex. Users no longer have to simply identify things. They need to identify things and do something with that information -- move a puzzle piece, rotate an object, find the specter of a number hidden in a roomscape. Compounding this bewilderment is the addition to the mix of generative AI images, which creates new objects difficult for robots to identify but baffles humans who just want to log in. "Things are going to get even stranger, to be honest, because now you have to do something that's nonsensical," Gosschalk said. "Otherwise, large multimodal models will be able to understand."

Read more of this story at Slashdot.

Ouch!

Millions of Kaiser Permanente patients' data was likely handed over to Google, Microsoft Bing, X/Twitter, and other third-parties, according to the American healthcare giant.…

The GNOME Foundation, a non-profit organization supporting the GNOME desktop environment, has been operating at a deficit for several years, depleting its financial reserves. Robert McQueen, the foundation's president, has announced plans to increase fundraising efforts in a new blog post. McQueen adds: As you may be aware, the GNOME Foundation has operated at a deficit (nonprofit speak for a loss -- ie spending more than we've been raising each year) for over three years, essentially running the Foundation on reserves from some substantial donations received 4-5 years ago. The Foundation has a reserves policy which specifies a minimum amount of money we have to keep in our accounts. This is so that if there is a significant interruption to our usual income, we can preserve our core operations while we work on new funding sources. We've now "hit the buffers" of this reserves policy, meaning the Board can't approve any more deficit budgets -- to keep spending at the same level we must increase our income.

Read more of this story at Slashdot.

Cloud giant directs users to pack their bags for DropBox, gives them a year to get affairs in order

Updated  Amazon is killing its WorkDocs document sharing and content collaboration service, notifying users that sign-ups are no longer available and giving them a year to migrate any data stored.…

U.S. authorities consider DJI a security threat. Congress is weighing legislation to ban it [non-paywalled link], prompting a lobbying campaign from the company, which dominates the commercial and consumer drone markets. The New York Times: DJI is on a Defense Department list of Chinese military companies whose products the U.S. armed forces will be prohibited from purchasing in the future. As part of the defense budget that Congress passed for this year, other federal agencies and programs are likely to be prohibited from purchasing DJI drones as well. The drones -- though not designed or authorized for combat use -- have also become ubiquitous in Russia's war against Ukraine. The Treasury and Commerce Departments have penalized DJI over the use of its drones for spying on Uyghur Muslims who are held in camps by Chinese officials in the Xinjiang region. Researchers have found that Beijing could potentially exploit vulnerabilities in an app that controls the drone to gain access to large amounts of personal information, although a U.S. official said there are currently no known vulnerabilities that have not been patched. Now Congress is weighing legislation that could kill much of DJI's commercial business in the United States by putting it on a Federal Communications Commission roster blocking it from running on the country's communications infrastructure. The bill, which has bipartisan support, has been met with a muscular lobbying campaign by DJI. The company is hoping that Americans like Mr. Nordfors who use its products will help persuade lawmakers that the United States has nothing to fear -- and much to gain -- by keeping DJI drones flying. "DJI presents an unacceptable national security risk, and it is past time that drones made by Communist China are removed from America," Representative Elise Stefanik, Republican of New York and one of the bill's primary sponsors, said in an emailed statement this month.

Read more of this story at Slashdot.

Getting their hands on AI memory one Huawei or another...

A group of Chinese semiconductor firms including Huawei are reportedly looking to get domestic production of high bandwidth memory (HBM) up and running by 2026.…

Some Android-powered TVs can expose the contents of users' email inboxes if an attacker has physical access to the TV. Google initially told the office of Senator Ron Wyden that the issue, which is a quirk of how software is installed on these TVs, was expected behavior, but after being contacted by 404 Media, Google now says it is addressing the issue. From the report: The attack is an edge case but one that still highlights how the use of Google accounts, even on products that aren't necessarily designed for browsing user data, can expose information in unusual ways, including TVs in businesses or ones that have been resold or given away. "My office is mid-way through a review of the privacy practices of streaming TV technology providers. As part of that inquiry, my staff discovered an alarming video in which a YouTuber demonstrated how with 15 minutes of unsupervised access to an Android TV set top box, a criminal could get access to private emails of the Gmail user who set up the TV," Senator Ron Wyden told 404 Media in a statement.

Read more of this story at Slashdot.

Analysts brand deal a 'nail in the coffin' for UK tech investment

Private equity investor Thoma Bravo has successfully completed a second acquisition attempt of UK-based cybersecurity company Darktrace in a $5.3 billion deal.…

Europe is less hard-working, less ambitious, more regulated and more risk-averse than the US, according to the boss of Norway's giant oil fund, with the gap between the two continents only getting wider. FT: Nicolai Tangen, chief executive of the $1.6tn fund, told the Financial Times it was "worrisome" that American companies were outpacing their European rivals [non paywalled link] on innovation and technology, leading to vast outperformance of US shares in the past decade. "There's a mindset issue in terms of acceptance of mistakes and risks. You go bust in America, you get another chance. In Europe, you're dead," he said, adding that there was also a difference in "the general level of ambition. We are not very ambitious. I should be careful about talking about work-life balance, but the Americans just work harder." His views are significant as the oil fund is one of the largest single investors in the world, owning on average 1.5 per cent of every listed company globally and 2.5 per cent of every European equity. Its US holdings have increased in the past decade while its European ones have declined. US shares account for almost half of all its equities compared with 32 per cent in 2013. The leading European country -- the UK -- represented 15 per cent of its equity portfolio a decade ago but just 6 per cent last year.

Read more of this story at Slashdot.

Given a two year old bug against Mesa around slow initialization/start-up time for GTK4 on Intel graphics, prolific Zink developer Mike Blumenkrantz recently took to optimizing Zink's start-up time for this generic OpenGL-on-Vulkan driver implementation...

Tutao, known for the encrypted email service Tuta Mail, has filed a Digital Markets Act (DMA) complaint to the EU over an alleged de-ranking in Google Search. From a report: Google Search rankings are all too familiar to search engine optimization (SEO) specialists charged with ensuring web pages rise to the top of search results. In the case of Tutao's products -- Tuta Mail and Tuta Calendar -- all was going well until the beginning of March 2024, when the company claims tuta.com was abruptly de-ranked in Google Search. Rather than being displayed as a search result of thousands of keywords, the count dropped to the hundreds, the developer alleges. Matthias Pfau, co-founder of Tuta Mail, said: "This reduction in Google Search took us by surprise as we did not change anything on our website during that time. We tried to reach out to Google about this issue, but were met with radio silence." Google denies the claims. It told The Reg: "Search ranking updates absolutely do not aim to preference Google products, or any other particular website. The email provider in question is easily accessible globally on Search. We appreciate the feedback and will look into how we can ensure Search continues to return the most helpful, relevant results." Tuta Mail's Pfau claims a change in results mean that when a user searches for "encrypted email," Tuta's products no longer show up. However, he went on to allege that if you search for "Tuta" or "Tutanota," the company appears in the results.

Read more of this story at Slashdot.

Yes, they are harder to solder, but there's way more potential

Feature  The Z80 has a long series of successor models – some compatible and some not. There are multiple options for hobbyist computer builders.…

An anonymous reader shares a report: With Windows 11 24H2 all geared up to have AI-intensive applications, Microsoft has added a code that will warn you if your PC does not meet the hardware requirements, according to code dug up by Twitter/X sleuth Albacore. The warning will be displayed as a watermark so you know that you cannot use certain AI-powered built-in apps because of an unsupported CPU.

Read more of this story at Slashdot.

404 Media: Apple has removed a number of AI image generation apps from the App Store after 404 Media found these apps advertised the ability to create nonconsensual nude images, a sign that app store operators are starting to take more action against these types of apps. Overall, Apple removed three apps from the App Store, but only after we provided the company with links to the specific apps and their related ads, indicating the company was not able to find the apps that violated its policy itself. Apple's action comes after we reported on Monday that Instagram advertises nonconsensual AI nude apps. By browsing Meta's Ad Library, which archives ads on its platform, when they ran, on what platforms, and who paid for them, we were able to find ads for five different apps, each with dozens of ads. Two of the ads were for web-based services, and three were for apps on the Apple App Store. Meta deleted the ads when we flagged them. Apple did not initially respond to a request for comment on that story, but reached out to me after it was published asking for more information. On Tuesday, Apple told us it removed the three apps on its App Store.

Read more of this story at Slashdot.

Tuta cries foul, Chocolate Factory denies service unreachable

Tutao, known for the encrypted email service Tuta Mail, has filed a Digital Markets Act (DMA) complaint to the EU over an alleged de-ranking in Google Search.…

After several years of the GNOME Foundation running at a deficit (loss), the GNOME Foundation is going to be driving a push for greater fundraising...

Doing business in Beijing? 'You need to do a what-if scenario'

interview  It didn't seem America's divest-or-ban bill for TikTok was going to make it into law when we last spoke with former White House chief information officer Theresa Payton – but law it now is. …