An anonymous reader quotes Neowin:
Google Project Zero is a security team responsible for discovering security flaws in Google’s own products as well as software developed by other vendors. Following discovery, the issues are privately reported to vendors and they are given 90 days to fix the reported problems before they are disclosed publicly…. Now, the security team has reported several flaws in CentOS’ kernel.

As detailed in the technical document here, Google Project Zero’s security researcher Jann Horn learned that kernel fixes made to stable trees are not backported to many enterprise versions of Linux. To validate this hypothesis, Horn compared the CentOS Stream 9 kernel to the stable linux-5.15.y stable tree…. As expected, it turned out that several kernel fixes have not been made deployed in older, but supported versions of CentOS Stream/RHEL. Horn further noted that for this case, Project Zero is giving a 90-day deadline to release a fix, but in the future, it may allot even stricter deadlines for missing backports….

Red Hat accepted all three bugs reported by Horn and assigned them CVE numbers. However, the company failed to fix these issues in the allotted 90-day timeline, and as such, these vulnerabilities are being made public by Google Project Zero.
Horn is urging better patch scheduling so “an attacker who wants to quickly find a nice memory corruption bug in CentOS/RHEL can’t just find such bugs in the delta between upstream stable and your kernel.”

Read more of this story at Slashdot.

400 undersea cables carry 95% of the world’s international internet traffic, reports Reuters (citing figures from Washington-based telecommunications research firm TeleGeography).

But now there’s “a growing proxy war between the United States and China over technologies that could determine who achieves economic and military dominance for decades to come.”

In February, American subsea cable company SubCom LLC began laying a $600-million cable to transport data from Asia to Europe, via Africa and the Middle East, at super-fast speeds over 12,000 miles of fiber running along the seafloor. That cable is known as South East Asia-Middle East-Western Europe 6, or SeaMeWe-6 for short. It will connect a dozen countries as it snakes its way from Singapore to France, crossing three seas and the Indian Ocean on the way. It is slated to be finished in 2025.

It was a project that slipped through China’s fingers….

The Singapore-to-France cable would have been HMN Tech’s biggest such project to date, cementing it as the world’s fastest-rising subsea cable builder, and extending the global reach of the three Chinese telecom firms that had intended to invest in it. But the U.S. government, concerned about the potential for Chinese spying on these sensitive communications cables, ran a successful campaign to flip the contract to SubCom through incentives and pressure on consortium members…. It’s one of at least six private undersea cable deals in the Asia-Pacific region over the past four years where the U.S. government either intervened to keep HMN Tech from winning that business, or forced the rerouting or abandonment of cables that would have directly linked U.S. and Chinese territories….

Justin Sherman, a fellow at the Cyber Statecraft Initiative of the Atlantic Council, a Washington-based think tank, told Reuters that undersea cables were “a surveillance gold mine” for the world’s intelligence agencies. “When we talk about U.S.-China tech competition, when we talk about espionage and the capture of data, submarine cables are involved in every aspect of those rising geopolitical tensions,” Sherman said.

Read more of this story at Slashdot.

France announced Friday it is banning the “recreational” use of TikTok, Twitter, Instagram and other apps on government employees’ phones because of concern about insufficient data security measures. Reuters reports: The French Minister for Transformation and Public Administration, Stanislas Guerini, said in a statement that ”recreational” apps aren’t secure enough to be used in state administrative services and “could present a risk for the protection of data.” The ban will be monitored by France’s cybersecurity agency. The statement did not specify which apps are banned but noted that the decision came after other governments took measures targeting TikTok.

Guerini’s office said in a message to The Associated Press that the ban also will include Twitter, Instagram, Netflix, gaming apps like Candy Crush and dating apps. Exceptions will be allowed. If an official wants to use a banned app for professional purposes, like public communication, they can request permission to do so. Case in point: Guerini posted the announcement of the ban on Twitter.

Read more of this story at Slashdot.

Huawei has reportedly completed work on electronic design automation (EDA) tools for laying out and making chips down to 14nm process nodes. The Register reports: Chinese media said the platform is one of 78 being developed by the telecoms equipment giant to replace American and European chip design toolkits that have become subject to export controls by the US and others. Huawei’s EDA platform was reportedly revealed by rotating Chairman Xu Zhijun during a meeting in February, and later confirmed by media in China. […] Huawei’s focus on EDA software for 14nm and larger chips reflects the current state of China’s semiconductor industry. State-backed foundry operator SMIC currently possesses the ability to produce 14nm chips at scale, although there have been some reports the company has had success developing a 7nm process node.

Today, the EDA market is largely controlled by three companies: California-based Synopsys and Cadence, as well as Germany’s Siemens. According to the industry watchers at TrendForce, these three companies account for roughly 75 percent of the EDA market. And this poses a problem for Chinese chipmakers and foundries, which have steadily found themselves cut off from these tools. Synopsys and Cadence’s EDA tech is already subject to several of these export controls, which were stiffened by the US Commerce Department last summer to include state-of-the-art gate-all-around (GAA) transistors. This January, the White House also reportedly stopped issuing export licenses to companies supplying the likes of Huawei.

This is particularly troublesome for Huawei, foundry operator SMIC, and memory vendor YMTC to name a few on the US Entity List, a roster of companies Uncle Sam would prefer you not to do business with. It leaves them unable to access recent and latest technologies, at the very least. So the development of a homegrown EDA platform for 14nm chips serves as insurance in case broader access to Western production platforms is cut off entirely.

Read more of this story at Slashdot.

Intel announced Friday that Gordon Moore, Intel’s co-founder, has died at the age of 94:

Moore and his longtime colleague Robert Noyce founded Intel in July 1968. Moore initially served as executive vice president until 1975, when he became president. In 1979, Moore was named chairman of the board and chief executive officer, posts he held until 1987, when he gave up the CEO position and continued as chairman. In 1997, Moore became chairman emeritus, stepping down in 2006.

During his lifetime, Moore also dedicated his focus and energy to philanthropy, particularly environmental conservation, science and patient care improvements. Along with his wife of 72 years, he established the Gordon and Betty Moore Foundation, which has donated more than $5.1 billion to charitable causes since its founding in 2000….

“Though he never aspired to be a household name, Gordon’s vision and his life’s work enabled the phenomenal innovation and technological developments that shape our everyday lives,” said foundation president Harvey Fineberg. “Yet those historic achievements are only part of his legacy. His and Betty’s generosity as philanthropists will shape the world for generations to come.”

Pat Gelsinger, Intel CEO, said, “Gordon Moore defined the technology industry through his insight and vision. He was instrumental in revealing the power of transistors, and inspired technologists and entrepreneurs across the decades. We at Intel remain inspired by Moore’s Law and intend to pursue it until the periodic table is exhausted….”

Prior to establishing Intel, Moore and Noyce participated in the founding of Fairchild Semiconductor, where they played central roles in the first commercial production of diffused silicon transistors and later the world’s first commercially viable integrated circuits. The two had previously worked together under William Shockley, the co-inventor of the transistor and founder of Shockley Semiconductor, which was the first semiconductor company established in what would become Silicon Valley.

Read more of this story at Slashdot.

HBO’s adaptation of the beloved video game isn’t just a retread of <em>The Walking Dead</em>. The post ‘The Last of Us’ Is a Zombie Story With Heart appeared first on WIRED.

The Writers Guild of America has proposed allowing artificial intelligence to write scripts, as long as it does not affect writers’ credits or residuals. Variety reports: The guild had previously indicated that it would propose regulating the use of AI in the writing process, which has recently surfaced as a concern for writers who fear losing out on jobs. But contrary to some expectations, the guild is not proposing an outright ban on the use of AI technology. Instead, the proposal would allow a writer to use ChatGPT to help write a script without having to share writing credit or divide residuals. Or, a studio executive could hand the writer an AI-generated script to rewrite or polish and the writer would still be considered the first writer on the project.

In effect, the proposal would treat AI as a tool — like Final Draft or a pencil — rather than as a writer. It appears to be intended to allow writers to benefit from the technology without getting dragged into credit arbitrations with software manufacturers. The proposal does not address the scenario in which an AI program writes a script entirely on its own, without help from a person. The guild’s proposal was discussed in the first bargaining session on Monday with the Alliance of Motion Picture and Television Producers. Three sources confirmed the proposal. It’s not yet clear whether the AMPTP, which represents the studios, will be receptive to the idea. The WGA proposal states simply that AI-generated material will not be considered “literary material” or “source material.” Those terms are key for assigning writing credits, which in turn have a big impact on residual compensation.

“Literary material” is a fundamental term in the WGA’s minimum basic agreement — it is what a “writer” produces (including stories, treatments, screenplays, dialogue, sketches, etc.). If an AI program cannot produce “literary material,” then it cannot be considered a “writer” on a project. “Source material” refers to things like novels, plays and magazine articles, on which a screenplay may be based. If a screenplay is based on source material, then it is not considered an “original screenplay.” The writer may also get only a “screenplay by” credit, rather than a “written by” credit. A “written by” credit entitles the writer to the full residual for the project, while a “screenplay by” credit gets 75%. By declaring that ChatGPT cannot write “source material,” the guild would be saying that a writer could adapt an AI-written short story and still get full “written by” credit.

Read more of this story at Slashdot.

Land reclamation is nothing new, but during this century there has been a significant rise in the creation of artificial land by humans, with a recent study showing that developers have added more than 2,500 sq km — an area equivalent to the size of Luxembourg — to coastlines since 2000. The Guardian reports: Using satellite imagery, Dhritiraj Sengupta, from the University of Southampton, and his colleagues analysed land changes in 135 large cities. Their results, published in the journal Earth’s Future, show that much of the recent land reclamation has occurred in the global south, with China, Indonesia and the United Arab Emirates leading the way. Shanghai alone has added about 350 sq km of land. Most of the projects were driven by port expansion, a need for urban space and industrialization, while a small handful were “prestige” projects such as the palm tree-shaped islands of Dubai.

Read more of this story at Slashdot.

Utah’s governor has signed two bills that could upend how teens in the state are able to use social media apps. Engadget reports: Under the new laws, companies like Meta, Snap and TikTok would be required to get parents permission before teens could create accounts on their platforms. The laws also require curfew, parental controls and age verification features. The laws could dramatically change how social platforms handle the accounts of their youngest users. In addition to the parental consent and age verification features, the laws also bar companies “from using a design or feature that causes a minor to have an addiction to the company’s social media platform.” For now, it’s not clear how Utah officials intend to enforce the laws or how they will apply to teenagers’ existing social media accounts. Both laws are scheduled to take effect next March.

Read more of this story at Slashdot.

“9to5Linux.com reports that the GNOME 44 desktop environment is officially released and gives a detailed look at the major new features and improvements,” writes Slashdot reader prisoninmate. From the report: Code-named “Kuala Lumpur” in recognition of the work done by the organizers of GNOME.Asia Summit 2022 conference, GNOME 44 introduces a GTK4 port of the Epihaphy (GNOME Web) web browser, a file chooser grid view for apps that use the standard GTK file chooser, as well as support for adding a WireGuard VPN directly from the Network panel. GNOME 44 continues to improve the Quick Settings feature introduced in GNOME 43 by implementing a submenu to the Bluetooth button to more easily and quickly connect or disconnect peripherals, adding descriptions to buttons to easily see their status, and implementing a new feature called Background Apps via a new background monitoring service in XDG portals 1.16.0.” A full list of changes are available in the official release notes. The GNOME project also published a launch video on YouTube.

Read more of this story at Slashdot.