In an incident report today, DigiCert says it discovered that some CNAME-based validations did not include the required underscore prefix, affecting about 0.4% of their domain validations. According to CA/Browser Forum (CABF) rules, certificates with validation issues must be revoked within 24 hours, prompting DigiCert to take immediate action. DigiCert says impacted customers “have been notified.” New submitter jdastrup first shared the news, writing: Due to a mistake going back years that has recently been discovered, DigiCert is required by the CABF to revoke any certificate that used the improper Domain Control Validation (DCV) CNAME record in 24 hours. This could literally be thousands of SSL certs. This could take a lot of time and potentially cause outages worldwide starting July 30 at 19:30 UTC. Be prepared for a long night of cert renewals. DigiCert support line is completely jammed.

Read more of this story at Slashdot.

Apple Intelligence has arrived in the iOS 18.1 developer beta, bringing features like the updated Siri and Writing Tools. Here’s how to access it, plus the top new features in iOS 18 and iPadOS 18.

Human cases keep ticking up, are very likely to be underreported, and offer the virus the opportunity to learn how to spread from person to person.

Meta’s AI Studio will let users build virtual characters, with a few limitations.

No R-rated film has ever earned as much in its opening weekend, reports the Hollywood Reporter — a whopping $205 million. (The previous record was $133.7 million, set in 2016 by the original film Deadpool…)

It’s also the very first R-rated film ever released by Disney…

[Deadpool actor Ryan] Reynolds has his own theory about its success. “Disney probably doesn’t want me to frame it this way, but I’ve always thought of Deadpool & Wolverine as the first four-quadrant, R-rated film,” Reynolds tells the Hollywood Reporter. “Yes, it’s rated R, but we set out to make a movie with enough laughs, action and heart to appeal to everyone, whether you’re a comic book movie fan or not.”

There’s reason Disney and others may bristle at labeling it a four-quadrant film, which generally is reserved for movies that work equally for males and females over and under 25. Afterall, it is perhaps the most violent and bloody Deadpool movie yet. Still, here’s evidence to back up Reynolds’ theory that it’s playing to a far more broad audience than the usual Marvel Cinematic Univerese movie, even if it’s skewing male by anywhere from 60 to 63 percent. So far, 13.6 million people have bought tickets to see it, on par with last year’s Barbie, which was rated PG-13, according to Steve Buck’s leading research firm EntTelligence. That’s the most foot traffic ever for an R-rated movie….

“Once thought of as a sure-fire way to limit potential box office, the R rating, when properly applied, can be the key to unlocking massive box office, and this has proven to be the secret sauce for the Deadpool franchise,” says chief Comscore box office analyst Paul Dergarabedian. “The creative freedom afforded by the less restrictive rating has enabled filmmakers to push the envelope and, particularly in the case of Deadpool & Wolverine, can deliver the kind of edgy, intense, profanity-filled comedy action that modern audiences are fired up to see on the big screen….”

It’s also the biggest July opening of all time, the biggest opening of 2024 so far and Marvel Studios’ biggest launch since Spider-Man: No Way Home in December 2021.

ScreenRant notes that Deadpool & Wolverine has already surpassed the entire global box office for The Marvels in just three days. It’s the biggest debut for a film since James Cameron’s Avatar: The Way of the Water in December of 2022 (according to the Hollywood Reporter). And they add that though the figures haven’t been adjusted for inflation — it’s still the eighth-biggest box office opening of all time.

But at the end of the day, it’s just people enjoying a movie together. “Well, I’m not saying that other people should do this, but my 9-year-old watched the movie with me and my mom, who’s in her late 70s,” Reynolds reportedly told the New York Times, “and it was just was one of the best moments of this whole experience for me. Both of them were laughing their guts out, were feeling the emotion where I most desperately hoped people would be.”

Read more of this story at Slashdot.

Need a backpack, purse, tote, or even a new shopping bag? These are made from carpets, old sails, fishnets, and plastic bottles.

Placement, filter maintenance, and learning about your air purifier’s settings are all part of good air hygiene.

These WIRED-tested wearables reduce your reliance on a phone while keeping you connected.

Long-time Slashdot reader sandbagger writes: Have you ever wondered if it’s true you can instantly get malware? In this video, a person connects an XP instance directly to the internet with no firewall to see just how fast it gets compromised by malware, rootkits, malicious services and new user accounts. The answer — fast!

Malwarebytes eventually finds eight different viruses/Trojan horses — and a DNS changer. (One IP address leads back to the Russian federation.) Itâ(TM)s fun to watch — within just a few hours a new Windows user has even added themself. And for good measure, he also opens up Internet Explorer…

âoeWindows XP — very insecure,â they conclude at the end of the video. âoeVery easy for random software from the internet to get more privileges than you, and it is very hard to solve that.

âoeAlso, just out of curiosity I tried this on Windows 7. And even with all of the same settings, nothing happened. I let it run for 10 hours. So it seems like this may be a problem in historical Windows.â

Read more of this story at Slashdot.

“As free software activists, we ought to take the opportunity to look at the situation and see how things could have gone differently,” writes FSF campaigns manager Greg Farough:

Let’s be clear: in principle, there is nothing ethically wrong with automatic updates so long as the user has made an informed choice to receive them… Although we can understand how the situation developed, one wonders how wise it is for so many critical services around the world to hedge their bets on a single distribution of a single operating system made by a single stupefyingly predatory monopoly in Redmond, Washington. Instead, we can imagine a more horizontal structure, where this airline and this public library are using different versions of GNU/Linux, each with their own security teams and on different versions of the Linux(-libre) kernel…

As of our writing, we’ve been unable to ascertain just how much access to the Windows kernel source code Microsoft granted to CrowdStrike engineers. (For another thing, the root cause of the problem appears to have been an error in a configuration file.) But this being the free software movement, we could guarantee that all security engineers and all stakeholders could have equal access to the source code, proving the old adage that “with enough eyes, all bugs are shallow.” There is no good reason to withhold code from the public, especially code so integral to the daily functioning of so many public institutions and businesses. In a cunning PR spin, it appears that Microsoft has started blaming the incident on third-party firms’ access to kernel source and documentation. Translated out of Redmond-ese, the point they are trying to make amounts to “if only we’d been allowed to be more secretive, this wouldn’t have happened…!”

We also need to see that calling for a diversity of providers of nonfree software that are mere front ends for “cloud” software doesn’t solve the problem. Correcting it fully requires switching to free software that runs on the user’s own computer.The Free Software Foundation is often accused of being utopian, but we are well aware that moving airlines, libraries, and every other institution affected by the CrowdStrike outage to free software is a tremendous undertaking. Given free software’s distinct ethical advantage, not to mention the embarrassing damage control underway from both Microsoft and CrowdStrike, we think the move is a necessary one. The more public an institution, the more vitally it needs to be running free software.

For what it’s worth, it’s also vital to check the syntax of your configuration files. CrowdStrike engineers would do well to remember that one, next time.

Read more of this story at Slashdot.