Last October Slashdot reported on René Rebe's discovery of a random illegal instruction speculation bug on AMD Ryzen 7000-series and Epyc Zen 4 CPUs — which Rebe discussed on his YouTube channel.

But this week's YouTube episode had a different ending, reports Tom's Hardware... Two days ago, tech streamer and host of Code Therapy René Rebe was streaming one of many T2 Linux (his own custom distribution) development sessions from his office in Germany when he abruptly had to remove his microphone and walk off camera due to the arrival of police officers. The officers subsequently cuffed him and took him to the station for an hour of questioning, a span of time during which the stream continued to run until he made it back...

[T]he police seemingly have no idea who did it and acted based on a tip sent with an email. Finding the perpetrators could take a while, and options will be fairly limited if they don't also live in Germany.
Rebe has been contributing to Linux "since as early as 1998," according to the article, "and started his own T2 SD3 Embedded Linux distribution in 2004, as well." (And he's also a contributor to many other major open source projects.)

The article points out that Linux and other communities "are compelled by little-to-no profit motive, so in essence, René has been providing unpaid software development for the greater good for the past two decades."

In 2015 Amazon purchased chip designer Annapurna Labs, remembers IEEE Spectrum, "and proceeded to design CPUs, AI accelerators, servers, and data centers as a vertically-integrated operation."

The article argues that while AMD, Nvidia, and other big-name processor companies may also want to control the full stack (purchasing server, software, and interconnect companies) — Amazon Web Services "got there ahead of most of the competition." (IEEE Spectrum interviews Ali Saidi, technical lead for the AWS Graviton series of CPUs, and Rami Sinno, director of engineering at Annapurna Labs, on "the advantage of vertically-integrated design — and Amazon-scale...") Sinno: I was working at Arm, and I was looking for the next adventure, looking at where the industry is heading and what I want my legacy to be. I looked at two things: One is vertically integrated companies, because this is where most of the innovation is — the interesting stuff is happening when you control the full hardware and software stack and deliver directly to customers.

And the second thing is, I realized that machine learning, AI in general, is going to be very, very big. I didn't know exactly which direction it was going to take, but I knew that there is something that is going to be generational, and I wanted to be part of that. I already had that experience prior when I was part of the group that was building the chips that go into the Blackberries; that was a fundamental shift in the industry. That feeling was incredible, to be part of something so big, so fundamental. And I thought, "Okay, I have another chance to be part of something fundamental."

[...] At the end of the day, our responsibility is to deliver complete servers in the data center directly for our customers. And if you think from that perspective, you'll be able to optimize and innovate across the full stack. It might not be at the transistor level or at the substrate level or at the board level. It could be something completely different. It could be purely software. And having that knowledge, having that visibility, will allow the engineers to be significantly more productive and delivery to the customer significantly faster. We're not going to bang our head against the wall to optimize the transistor where three lines of code downstream will solve these problems, right...?

We've had very good luck with recent college grads. Recent college grads, especially the past couple of years, have been absolutely phenomenal. I'm very, very pleased with the way that the education system is graduating the engineers and the computer scientists that are interested in the type of jobs that we have for them.
It's an interesting glimpse into the unique world of designing chips at Amazon.

Graviton technical lead Saidi: I've been here about seven and a half years. When I joined AWS, I joined a secret project at the time. I was told: "We're going to build some Arm servers. Tell no one...

"In chip design, there are many different competing optimization points. You have all of these conflicting requirements, you have cost, you have scheduling, you've got power consumption, you've got size, what DRAM technologies are available and when you're going to intersect them... It ends up being this fun, multifaceted optimization problem to figure out what's the best thing that you can build in a timeframe. And you need to get it right."

An anonymous reader shared this report from DevClass: A report from developer-focused analyst Redmonk finds "there does not seem to be a clear link between moving from an open source to proprietary license and increasing the company's value."

Senior analyst Rachel Stevens studied the question of whether the companies that changed from open source to proprietary licenses have since reported better financial positions. In particular, she looked at MongoDB, which changed from AGPL (GNU Affero General Public License) to its SSPL (Server Side Public License) in 2018; Elastic Co, which changed from Apache 2 to SSPL or Elastic License in early 2021; HashiCorp, which changed from MPL (Mozilla Public License 2.0) a year ago, and Confluent, which checked from Apache 2 to its own Confluent Community License in 2018.

The report is too recent to take account of Elastic's reversion to AGPL; and the financial impact of that is of course yet to be known, though it is perhaps unlikely that the switch back would have been made if the company considered it detrimental to its finances. Rather, Elastic's latest licensing change reinforces the view that proprietary licenses are not necessarily more profitable... All the companies studied increased their revenue after their license change, Stevens said, but added that the rate of change was similar to that before the change...

MongoDB stated in 2018 that "once an open source project becomes interesting or popular, it becomes too easy for the cloud vendors to capture all the value and give nothing back to the community." Six years later, it remains the case that the large cloud vendors are highly profitable, but that these companies who changed their license are not. In February this year, Bruce Perens, creator of the 1998 Open Source Definition, described open source as "a great corporate welfare program" and not at all what he had intended...

The new Redmonk report suggests that such license manoeuvres are neither fatal nor beneficial to the finances of the companies involved — though there are so many caveats that it is impossible to draw firm conclusions.
The report's final sentence concludes that "there does not seem to be a clear link between moving from an open source to proprietary license and increasing the company's value."

"New malicious software packages tied to the North Korean Lazarus Group were observed posing as a Python coding skills test for developers seeking a new job at Capital One, but were tracked to GitHub projects with embedded malware," reports SC magazine: Researchers at ReversingLabs explained in a September 10 blog post that the scheme was a follow-on to the VMConnect campaign that they first identified in August 2023 in which developers were lured into downloading malicious code via fake job interviews.
More details from The Hacker News These packages, for their part, have been published directly on public repositories like npm and PyPI, or hosted on GitHub repositories under their control. ReversingLabs said it identified malicious code embedded within modified versions of legitimate PyPI libraries such as pyperclip and pyrebase... It's implemented in the form of a Base64-encoded string that obscures a downloader function, which establishes contact with a command-and-control server in order to execute commands received as a response.

In one instance of the coding assignment identified by the software supply chain firm, the threat actors sought to create a false sense of urgency by requiring job seekers to build a Python project shared in the form of a ZIP file within five minutes and find and fix a coding flaw in the next 15 minutes. This makes it "more likely that he or she would execute the package without performing any type of security or even source code review first," Zanki said, adding "that ensures the malicious actors behind this campaign that the embedded malware would be executed on the developer's system."
Tom's Hardware reports that "The capacity for exploitation at that point is pretty much unlimited, due to the flexibility of Python and how it interacts with the underlying OS. This is a good time to refer to PEP 668 which enforces virtual environments for non-system wide Python installs."

More from The Hacker News Some of the aforementioned tests claimed to be a technical interview for financial institutions like Capital One and Rookery Capital Limited, underscoring how the threat actors are impersonating legitimate companies in the sector to pull off the operation. It's currently not clear how widespread these campaigns are, although prospective targets are scouted and contacted using LinkedIn, as recently also highlighted by Google-owned Mandiant.

Samba is "a free software re-implementation of the SMB networking protocol," according to Wikipedia. And now the Samba project "has secured significant funding (€688,800.00) from the German Sovereign Tech Fund to advance the project," writes Jeremy Allison — Sam (who is Slashdot reader #8,157 — and also a long standing member of Samba's core team): The investment was successfully applied for by [information security service provider] SerNet. Over the next 18 months, Samba developers from SerNet will tackle 17 key development subprojects aimed at enhancing Samba's security, scalability, and functionality.

The Sovereign Tech Fund is a German federal government funding program that supports the development, improvement, and maintenance of open digital infrastructure. Their goal is to sustainably strengthen the open source ecosystem.

The project's focus is on areas like SMB3 Transparent Failover, SMB3 UNIX extensions, SMB-Direct, Performance and modern security protocols such as SMB over QUIC. These improvements are designed to ensure that Samba remains a robust and secure solution for organizations that rely on a sovereign IT infrastructure. Development work began as early as September the 1st and is expected to be completed by the end of February 2026 for all sub-projects.

All development will be done in the open following the existing Samba development process. First gitlab CI pipelines have already been running and gitlab MRs will appear soon!
Back in 2000, Jeremy Allison answered questions from Slashdot readers about Samba.

Allison is now a board member at both the GNOME Foundation and the Software Freedom Conservancy, a distinguished engineer at Rocky Linux creator CIQ, and a long-time free software advocate.

OpenAI's latest models have "meaningfully" increased the risk that AI will be misused to create biological weapons [non-paywalled link], the company has acknowledged. From a report: The San Francisco-based company announced its new models, known as o1, on Thursday, touting their new abilities to reason, solve hard maths problems and answer scientific research questions. OpenAI's system card, a tool to explain how the AI operates, said the new models had a "medium risk" for issues related to chemical, biological, radiological and nuclear (CBRN) weapons -- the highest risk that OpenAI has ever given for its models. The company said it meant that the technology has "meaningfully improved" the ability of experts to create bioweapons. AI software with more advanced capabilities, such as the ability to perform step-by-step reasoning, pose an increased risk of misuse in the hands of bad actors, according to experts.

Can AI kill the enterprise software app industry that's led by companies such as Salesforce and Workday? The Information: That's the trillion-dollar question at the heart of recent comments from the CEO of Klarna, Sebastian Siemiatkowski, who's made a name for himself -- and drawn some skepticism too -- as a chief cheerleader of OpenAI's software. In the latest example from a couple of weeks ago, Siemiatkowski told investors in his buy now, pay later firm that it's shutting down a lot of the enterprise software apps it uses, including some run by the above-mentioned CRM and HR firms, because it can replicate them with AI. SeekingAlpha picked up those comments, which went viral in recent days.

The idea behind the comments is the following: Conversational AI can understand natural-language commands and be ordered to write software code, so companies can cheaply and quickly build customized apps that do most of the things that traditional enterprise apps can do, especially if most of what those apps do is manage corporate data. Siemiatkowski expanded on the comments in a Wednesday X post, saying he wasn't looking to primarily save money on software license fees "even though that is nice upside."

The tax agency again delays a vital software upgrade, at the cost of billions. WSJ's Editorial Board: Taxpayers endure drudgery to file on time each year, but the tax collectors seem less concerned with deadlines. A new Internal Revenue Service database, more than a decade in the making, will be delayed another year. And its cost is billions of dollars and climbing. The IRS told the press this week that it won't replace its Individual Master File until the 2026 tax year, at the earliest. That falls short of Commissioner Danny Werfel's goal of launching a new system in time for 2025 taxes, and the delay could mean another year of grief for countless taxpayers. The file is the digital silo in which more than 154 million tax files are held, and keeping it up-to-date helps to enable speedy, accurate refunds.

The code that powers the database was written in the 1960s by IBM engineers at the same time their colleagues worked on the Apollo program. The system runs on a nearly extinct computer language known as Cobol, and though it retains its basic functionality, maintaining it requires bespoke service. By 2018 the IRS had only 17 remaining developers considered to be experts on the system. The agency has sought and failed to overhaul or replace the database since the 1980s. It spent $4 billion over 14 years to devise upgrades, but it canceled that effort in 2000 "without receiving expected benefits," according to the Government Accountability Office.

The costs continue to mount. IRS spending on operating and maintaining its IT systems has risen 35% in the past four years, to $2.7 billion last year from $2 billion in 2019. These costs will "likely continue to increase until a majority of legacy systems are decommissioned," according to a report last month by the agency's inspector general. Each year major upgrades are pushed back adds a larger sum to the final tab. The IRS usually pleads poverty as an excuse for failing to stay up-to-date. Yet Congress gave the agency billions of extra dollars through the Inflation Reduction Act to fund a speedy database overhaul. Since 2022 it has spent $1.3 billion beyond its ordinary budget to modernize its business systems. Taxpayers will have to wait at least another year to see if that investment has paid off.

The FDA on Thursday approved the first hearing aid software for Apple's latest AirPods Pro earbuds. According to Apple, the feature will be pushed to eligible devices through a software update in the coming weeks. The Washington Post reports: The move, which comes two years after the FDA first approved over-the-counter hearing aids, could help more Americans with hearing loss start getting help, the FDA said in a statement. The feature works by amplifying some sounds, such as voices, while minimizing others, such as ambient noise. Users can take a hearing test in the Apple Health app, and their AirPods will adjust sound level automatically based on the results. The feature is only available on the AirPods Pro 2, which cost $249.

The FDA says it tested Apple's hearing aid feature in a clinical study with 118 subjects who believed they had mild or moderate hearing loss. The study found that people who set up their AirPods using Apple's hearing test noticed similar benefits as people who had a professional set up the earbuds. Over-the-counter hearing aids are best for people with mild to moderate hearing loss, audiologists say, many of whom don't seek treatment. [...] However, consumer earbuds aren't a good solution for people with severe hearing loss, experts maintain, and most over-the-counter hearing devices will still require a trip to the audiologist for some fine tuning.

An anonymous reader quotes a report from Ars Technica: One of the things enterprise storage and destruction company Iron Mountain does is handle the archiving of the media industry's vaults. What it has been seeing lately should be a wake-up call: roughly one-fifth of the hard disk drives dating to the 1990s it was sent are entirely unreadable. Music industry publication Mix spoke with the people in charge of backing up the entertainment industry. The resulting tale is part explainer on how music is so complicated to archive now, part warning about everyone's data stored on spinning disks. "In our line of work, if we discover an inherent problem with a format, it makes sense to let everybody know," Robert Koszela, global director for studio growth and strategic initiatives at Iron Mountain, told Mix. "It may sound like a sales pitch, but it's not; it's a call for action."

Hard drives gained popularity over spooled magnetic tape as digital audio workstations, mixing and editing software, and the perceived downsides of tape, including deterioration from substrate separation and fire. But hard drives present their own archival problems. Standard hard drives were also not designed for long-term archival use. You can almost never decouple the magnetic disks from the reading hardware inside, so that if either fails, the whole drive dies. There are also general computer storage issues, including the separation of samples and finished tracks, or proprietary file formats requiring archival versions of software. Still, Iron Mountain tells Mix that "If the disk platters spin and aren't damaged," it can access the content.

But "if it spins" is becoming a big question mark. Musicians and studios now digging into their archives to remaster tracks often find that drives, even when stored at industry-standard temperature and humidity, have failed in some way, with no partial recovery option available. "It's so sad to see a project come into the studio, a hard drive in a brand-new case with the wrapper and the tags from wherever they bought it still in there," Koszela says. "Next to it is a case with the safety drive in it. Everything's in order. And both of them are bricks." "Optical media rots, magnetic media rots and loses magnetic charge, bearings seize, flash storage loses charge, etc.," writes Hacker News user abracadaniel in a discussion post about the article. "Entropy wins, sometimes much faster than you'd expect."

Android Authority's Mishaal Rahman reports: There are many reasons why you may want to sideload apps on your Android phone, but there are also good reasons why developers would want to block sideloading. A sideloaded app won't contribute to the developer's Play Store metrics, for one, but it also prevents the developer from curating which devices can use their app. Improperly sideloaded apps can also crash due to missing assets or code, or they might be missing certain features because you installed the wrong version for your device. Whatever the reason may be, developers who want to stop you from sideloading their apps now have an easier way to do so thanks to the Play Integrity API.

The Google Play Integrity API is an interface that helps developers "check that interactions and server requests are coming from [their] genuine app binary running on a genuine Android device." It looks for evidence that the app has been tampered with, that the app is running in an "untrustworthy" software environment, that the device has Google Play Protect enabled, and more. If you've heard of or dealt with SafetyNet Attestation before on a rooted phone, then you're probably already familiar with Play Integrity, even if not by that name. Play Integrity is the successor to SafetyNet Attestation, only it comes with even more features for developers.

As is the case with SafetyNet Attestation, developers call the Play Integrity API at any point in their app, receive what's called an integrity verdict, and then decide what they want to do from there. Some apps call the Play Integrity API when they launch and block access entirely depending on what the verdict is, while others only call the API when you're about to perform a sensitive action, so they can warn you that you shouldn't proceed. The Play Integrity API makes it easy for apps to offload the determination of whether the device and its software environment are "genuine," and with the latest update to the API, apps can now easily determine whether the person who installed them is "genuine" as well. "As Google continues to bolster Play Integrity's detection mechanisms and add new features, it's going to become harder and harder for power users to justify rooting Android," concludes Rahman. "At the same time, regular users will be better protected from potentially risky and fraudulent interactions, so it's clear that Play Integrity will continue to be adopted by more and more apps."

Nvidia is banking on its software expertise and broad GPU ecosystem to stay ahead in the fiercely competitive AI chip market, CEO Jensen Huang said in an interview with Goldman Sachs Wednesday. Huang pointed to NVIDIA's large base of installed GPUs and their software compatibility as key strengths.

Huang highlighted three key elements of Nvidia's competitive moat: a large installed base of GPUs across multiple platforms, the ability to enhance hardware with software like domain-specific libraries, and expertise in building rack-level systems. The CEO said Nvidia's chip design prowess, noting the company has developed seven different chips for its upcoming Blackwell platform.

These comments come as Nvidia faces increasing competition from rivals. Addressing supply chain concerns, Huang said NVIDIA has sufficient in-house intellectual property to shift manufacturing if necessary without significant disruption. The company plans to begin shipping Blackwell-based products in the fourth quarter of fiscal 2025, with volume production ramping up in fiscal 2026, according to Huang.

From the note that Goldman Sachs sent to its clients: 1) Accelerated Computing: Mr. Huang highlighted his long-held view that Moore's Law was no longer delivering the rate of innovation it had in the past and, as such, was driving computation inflation in Data Centers. Further, he noted that the densification and acceleration of the $1 trillion data center infrastructure installed base alone would drive growth over the next 10 years, as it would deliver material performance improvement and/or cost savings.

2) Customer ROI: Mr. Huang noted that we have hit the end of transistor scaling that enabled better utilization rates and cost reductions in the previous virtualization and cloud computing cycles. He explained that, while using a GPU to augment a CPU will drive an increase in cost in absolute terms (~2x) in the case of Spark (distributed processing system and analytics engine for big data), the net cost benefit could be as large as ~10x for an application like Spark given the speed up of ~20x. From a revenue generation perspective, Mr. Huang shared that hyperscale customers can generate $5 in rental revenue for every $1 spent on Nvidia's infrastructure, given sustained strength in the demand for accelerated computing.

Oracle missed the tech industry's move to cloud computing last decade and ended up an also-ran. Now the AI boom has given it another shot. WSJ: The 47-year-old company that made its name on relational database software has emerged as an attractive cloud-computing provider for AI developers such as OpenAI, sending its long-stagnant stock to new heights. Oracle shares are up 34% since January, well outpacing the Nasdaq's 14% rise and those of bigger competitors Microsoft, Amazon.com and Google.

It is a surprising revitalization for a company many in the tech industry had dismissed as a dinosaur of a bygone, precloud era. Oracle appears to be successfully making a case to investors that it has become a strong fourth-place player in a cloud market surging thanks to AI. Its lateness to the game may have played to its advantage, as a number of its 162 data centers were built in recent years and are designed for the development of AI models, known as training.

In addition, Oracle isn't developing its own large AI models that compete with potential clients. The company is considered such a neutral and unthreatening player that it now has partnerships with Microsoft, Google and Amazon, all of which let Oracle's databases run in their clouds. Microsoft is also running its Bing AI chatbot on Oracle's servers.

An anonymous reader quotes a report from the New York Times: For years, Google has faced complaints about how it dominates the online advertising market. Many of the concerns stem from the internet giant's suite of software known as Google Ad Manager, which websites around the world use to sell ads on their sites. The technology conducts split-second auctions to place ads each time a user loads a page. The dominance of that technology has landed Google in federal court. On Monday, Judge Leonie Brinkema of the U.S. District Court for the Eastern District of Virginia will preside over the start of a trial in which the Department of Justice accuses the company of abusing control of its ad technology and violating antitrust law (Warning: source may be paywalled; alternative source).

It would be Google's second antitrust trial in less than a year. In August, a federal judge ruled in a separate case that Google had illegally maintained a monopoly in online search, a major victory for the Justice Department. The new trial is the latest salvo by federal antitrust regulators against Big Tech, testing a century-old competition law against companies that have reshaped the way people shop, communicate and consume information. Federal regulators have also filed antitrust lawsuits against Apple,Amazon and Meta, which owns Facebook, Instagram and WhatsApp, saying those companies have also abused their power. Google's vice president for regulatory affairs, Lee-Anne Mulholland, said in a blog post on Sunday that the Justice Department was "picking winners and losers in a highly competitive industry."

"With the cost of ads going down and the number of ads sold going up, the market is working," she said. "The DOJ's case risks inefficiencies and higher prices -- the last thing that America's economy or our small businesses need right now."

Apple says AirPods Pro 2 will receive a software feature "soon" that will turn the wireless earbuds into "clinical-grade" hearing aids. "This includes a hearing protection mode being enabled by default, offering passive noise cancellation in loud environments," adds 9to5Mac. From the report: Firstly, users can take a clinically-validated hearing test. The hearing test uses your AirPods and iPhone, and can be conducted by a user in under five times. The result of your hearing test can be viewed securely in the Health app. If hearing loss is detected, the hearing aid mode is then available to use. The AirPods will make it easier to hear sounds from the world around you. A custom hearing profile is automatically applied when listening to audio, like music or podcasts.

The hearing aid feature is currently making its way through the FDA and other regulatory bodies. Apple said the functionality will be available in more than 100 countries. The feature will be enabled through a free software update coming later this year to AirPods Pro 2.

A month before its planned delivery after years of delay and cost growth, RTX's $7.6 billion ground network to control GPS satellites is still marred by problems that may further stall its acceptance by the US Space Force, congressional auditors said Monday. From a report: RTX's system of 17 ground stations for current and improved GPS satellites was supposed to be ready by October, when it would undergo a series of intense Space Force tests to assess whether it can be declared operational by December 2025. The system continues to draw the ire of lawmakers because it's running more than seven years late in a development phase that's about 73% costlier than initial projections.

Two rounds of testing by the company have been "marked by significant challenges that drove delays to the program's schedule," the Government Accountability Office said Monday in a broad review of the US military's GPS program, including improvements intended to block jamming by adversaries.

The Next Generation Operational Control System, known as OCX, is intended to provide improvements, including access to more secure, jam-resistant software for the military's use of the GPS navigation system, which is also depended on by civilians worldwide. "The program faces challenges from product deficiencies" that "create a risk of further delay," the Pentagon's Defense Contract Management Agency told the GAO, adding that it expects RTX at the earliest to deliver OCX by December.

U.S. Justice Department officials "are turning to the 3D-printing industry to help stop the proliferation of tiny pieces of plastic transforming weapons into illegal homemade machine guns," reports the Associated Press: "Law enforcement cannot do this alone," [U.S. Deputy Attorney General Lisa Monaco said Friday] during a gathering in Washington of federal law enforcement officials, members of the 3D-printing industry and academia. "We need to engage software developers, technology experts and leaders in the 3-D-printing industry to identify solutions in this fight...."

Guns with conversion devices have been used in several mass shootings, including one that left four dead at a sweet sixteen party in Alabama last year... Monaco on Friday also announced several other efforts designed to crack down on the devices, including a national training initiative for law enforcement and prosecutors.

The deputy attorney general is also launching a committee designed to help spot trends and gather intelligence.

"If you're plugged into KDE social media, you probably see a lot of requests for donations..." writes KDE developer Nate Graham on his personal blog. But "We know that the fraction of people who subscribe to these channels is small, so there's a huge number of people who may not even know they can donate to KDE, let alone that donations are critically important to its continued existence..." From 6.2 onwards, Plasma itself will show a system notification asking for a donation once per year, in December. The idea here is to get the message that KDE really does need your financial help in front of more eyeballs — especially eyeballs not currently looking at KDE's public-facing promotion efforts... [W]e tried our best to minimize the annoying-ness factor: It's small and unobtrusive, and no matter what you do with it (click any button, close it, etc) it'll go away until next year. It's implemented as a KDE Daemon (KDED) module, which allows users and distributors to permanently disable it if they like. You can also disable just the popup on System Settings' Notifications page, accessible from the configure button in the notification's header.

Ultimately the decision to do this came down to the following factors:

— We looked at FOSS peers like Thunderbird and Wikipedia which have similar things (and in Wikipedia's case, the message is vastly more intrusive and naggy). In both cases, it didn't drive everyone away and instead instead resulted in a massive increase in donations that the projects have been able to use to employ lots of people.

- KDE really needs something like this to help our finances grow sustainably in line with our userbase and adoption by vendors and distributors.
The blog post also answers the question: what are you going to do with all that money? This is a question the KDE e.V. board of directors as a whole would need to answer, and any decision on it will be made collectively. But as one of the five members on that board, I can tell you my personal answer and the one that as your representative, I'd advocate for. It's basically the platform I ran on two years ago: extend an offer of full-time employment to our current people, and hire even more! I want us to end up with paid QA people and distro developers, and even more software engineers. I want us to fund the creation of a next-generation KDE OS we can offer directly to institutions looking to switch to Linux, and a hardware certification program to go along with it. I want us to to extend our promotional activities and outreach to other major distros and vendors and pitch our software to them directly. I want to see Ubuntu, Red Hat Enterprise Linux, and SUSE Linux Enterprise Desktop ship Plasma by default. I want us to use this money to take over the world — with freedom, empowerment, and kindness.

These have been dreams for a long time, and throughout KDE we've been slowly moving towards them over the years. With a lot more money, we can turbocharge the pace! If that stuff sounds good, you can start with a donation today.
A reaction from GamingOnLinux: I think it is fair for KDE to expose that they need funding and asking that from inside the UI would not hurt for a software that delivered so much for free (as in freedom and as in "gratis").
Linux magazine points out that other new features for 6.2 "include the ability to block apps from inhibiting sleep mode, a new 'fill' mode for wallpaper, an overhauled System Settings Accessibility page, and the usual slew of bug fixes."

Wired interviews America's foreign policy chief, Secretary of State Antony Blinken, about U.S. digital polices, starting with a new "cybersecurity bureau" created in 2022 (which Wired previously reported includes "a crash course in cybersecurity, telecommunications, privacy, surveillance, and other digital issues.") Look, what I've seen since coming back to the State Department three and a half years ago is that everything happening in the technological world and in cyberspace is increasingly central to our foreign policy. There's almost a perfect storm that's come together over the last few years, several major developments that have really brought this to the forefront of what we're doing and what we need to do. First, we have a new generation of foundational technologies that are literally changing the world all at the same time — whether it's AI, quantum, microelectronics, biotech, telecommunications. They're having a profound impact, and increasingly they're converging and feeding off of each other.

Second, we're seeing that the line between the digital and physical worlds is evaporating, erasing. We have cars, ports, hospitals that are, in effect, huge data centers. They're big vulnerabilities. At the same time, we have increasingly rare materials that are critical to technology and fragile supply chains. In each of these areas, the State Department is taking action. We have to look at everything in terms of "stacks" — the hardware, the software, the talent, and the norms, the rules, the standards by which this technology is used.

Besides setting up an entire new Bureau of Cyberspace and Digital Policy — and the bureaus are really the building blocks in our department — we've now trained more than 200 cybersecurity and digital officers, people who are genuinely expert. Every one of our embassies around the world will have at least one person who is truly fluent in tech and digital policy. My goal is to make sure that across the entire department we have basic literacy — ideally fluency — and even, eventually, mastery. All of this to make sure that, as I said, this department is fit for purpose across the entire information and digital space.
Wired notes it was Blinken's Department that discovered China's 2023 breach of Microsoft systems. And on the emerging issue of AI, Blinken cites "incredible work done by the White House to develop basic principles with the foundational companies." The voluntary commitments that they made, the State Department has worked to internationalize those commitments. We have a G7 code of conduct — the leading democratic economies in the world — all agreeing to basic principles with a focus on safety. We managed to get the very first resolution ever on artificial intelligence through the United Nations General Assembly — 192 countries also signing up to basic principles on safety and a focus on using AI to advance sustainable development goals on things like health, education, climate. We also have more than 50 countries that have signed on to basic principles on the responsible military use of AI. The goal here is not to have a world that is bifurcated in any way. It's to try to bring everyone together.

Digital rights activists want device manufacturers to disclose a "guaranteed minimum support time" for devices — and federal regulations ensuring a product's core functionality will work even after its software updates stop.

Influential groups including Consumer Reports, EFF, the Software Freedom Conservancy, iFixit, and U.S. Pirg have now signed a letter to the head of America's Consumer Protection bureau (at the Federal Trade Commision), reports The Register: In an eight-page letter to the Commission (FTC), the activists mentioned the Google/Levis collaboration on a denim jacket that contained sensors enabling it to control an Android device through a special app. When the app was discontinued in 2023, the jacket lost that functionality. The letter also mentions the "Car Thing," an automotive infotainment device created by Spotify, which bricked the device fewer than two years after launch and didn't offer a refund...

Environmental groups and computer repair shops also signed the letter... "Consumers need a clear standard for what to expect when purchasing a connected device," stated Justin Brookman, director of technology policy at Consumer Reports and a former policy director of the FTC's Office of Technology, Research, and Investigation. "Too often, consumers are left with devices that stop functioning because companies decide to end support without little to no warning. This leaves people stranded with devices they once relied on, unable to access features or updates...."

Brookman told The Register that he believes this is the first such policy request to the FTC that asks the agency to help consumers with this dilemma. "I'm not aware of a previous effort from public interest groups to get the FTC to take action on this issue — it's still a relatively new issue with no clear established norms," he wrote in an email. "But it has certainly become an issue" that comes up more and more with device makers as they change their rules about product updates and usage.
"Both switching features to a subscription and 'bricking' a connected device purchased by a consumer in many cases are unfair and deceptive practices," the groups write, arguing that the practices "infringe on a consumer's right to own the products they buy." They're requesting clear "guidance" for manufacturers from the U.S. government. The FTC has a number of tools at its disposal to help establish standards for IoT device support. While a formal rulemaking is one possibility, the FTC also has the ability to issue more informal guidance, such as its Endorsement Guides12 and Dot Com Disclosures.13 We believe the agency should set norms...
The groups are also urging the FTC to:

• Encourage tools and methods that enable reuse if software support ends.

• Conduct an educational program to encourage manufacturers to build longevity into the design of their products.

• Protect "adversarial interoperability"... when a competitor or third-party creates a reuse or modification tool [that] adds to or converts the old device.

Thanks to long-time Slashdot reader Z00L00K for sharing the article.