"Lansweeper's scans of its customers' networks found an awful lot of Linux boxes facing imminent end of life," reports the Register, "with no direct upgrade path." Belgian corporate network scanner vendor Lansweeper periodically collates some of the statistics collected by its users and publishes the results... This year's report says that while a third of its users' Linux machines run Ubuntu, second place goes to CentOS Linux [with 26.05%].

Back in 2020, Red Hat brought CentOS Linux 8's end of life forward from 2029 to the end of 2021. CentOS Linux 9 was canceled, CentOS Linux 8 is dead and gone, leaving only CentOS Linux 7. As we reported in May, CentOS 7's end of life is very close now — the end of June. After this month, no more updates.

Of course, Red Hat will be happy to help you migrate to RHEL. It offers a free tool to switch boxes' package source, but RHEL 7 hits what Red Hat terms "the end of its maintenance support 2 phase" on the same day. RHEL 7 isn't EOL, but you'll need to pay extra for "Extended Lifecycle Support (ELS)" to keep security fixes coming. Lansweeper seems confident this will happen: "Assuming most of the CentOS devices will migrate over to RHEL, we can expect RHEL to comfortably take over first place from Ubuntu soon."
RHEL was already on 20% of the machines scanned by Lansweeper (with Rocky Linux at 1.5%). But the Register argues that instead of switching to RHEL, "the freeloaders running CentOS Linux might well migrate to one of the RHELatives instead. CIQ publishes guidance on how to migrate to Rocky Linux, and will help if you buy its CIQ Bridge service. AlmaLinux has more than that with its ELevate tool to perform in-place version upgrades, as we described back in 2022.

"Or, of course, you could just reinstall with Debian, and run anything you can't immediately reprovision in a free RHEL container image."

The Marubo people, an isolated Indigenous tribe in the Amazon, have gained high-speed internet access through Elon Musk's Starlink service, drastically altering their traditional way of life. While the internet has brought significant benefits like improved communication and emergency response, it has also introduced challenges such as social media addiction, exposure to inappropriate content, and cultural erosion. The New York Times reports: After only nine months with Starlink, the Marubo are already grappling with the same challenges that have racked American households for years: teenagers glued to phones; group chats full of gossip; addictive social networks; online strangers; violent video games; scams; misinformation; and minors watching pornography. Modern society has dealt with these issues over decades as the internet continued its relentless march. The Marubo and other Indigenous tribes, who have resisted modernity for generations, are now confronting the internet's potential and peril all at once, while debating what it will mean for their identity and culture.

The internet was an immediate sensation. "It changed the routine so much that it was detrimental," [admitted one Marubo leader, Enoque Marubo]. "In the village, if you don't hunt, fish and plant, you don't eat." Leaders realized they needed limits. The internet would be switched on for only two hours in the morning, five hours in the evening, and all day Sunday. During those windows, many Marubo are crouched over or reclined in hammocks on their phones. They spend lots of time on WhatsApp. There, leaders coordinate between villages and alert the authorities to health issues and environmental destruction. Marubo teachers share lessons with students in different villages. And everyone is in much closer contact with faraway family and friends. To Enoque, the biggest benefit has been in emergencies. A venomous snake bite can require swift rescue by helicopter. Before the internet, the Marubo used amateur radio, relaying a message between several villages to reach the authorities. The internet made such calls instantaneous. "It's already saved lives," he said.

In April, seven months after Starlink's arrival, more than 200 Marubo gathered in a village for meetings. Enoque brought a projector to show a video about bringing Starlink to the villages. As proceedings began, some leaders in the back of the audience spoke up. The internet should be turned off for the meetings, they said. "I don't want people posting in the groups, taking my words out of context," another said. During the meetings, teenagers swiped through Kwai, a Chinese-owned social network. Young boys watched videos of the Brazilian soccer star Neymar Jr. And two 15-year-old girls said they chatted with strangers on Instagram. One said she now dreamed of traveling the world, while the other wants to be a dentist in Sao Paulo. This new window to the outside world had left many in the tribe feeling torn. "Some young people maintain our traditions," said TamaSay Marubo, 42, the tribe's first woman leader. "Others just want to spend the whole afternoon on their phones."

An anonymous reader shares a report: A Chinese research team says it has uncovered a significant security flaw in processor design that could have a wide impact on China's booming domestic chip industry. China was relying on the structure of the world's largest open-source CPU architecture to build their own CPUs and bypass the US chip ban, and was paying attention to any weaknesses, they said. The issue was found in RISC-V, an open-source standard used in advanced chips and semiconductors. Compared with mainstream CPU structures -- such as X86 used by Intel and AMD --RISC-V offers free access and can be modified without restriction.

The flaw allows attackers to bypass the security protections of modern processors and operating systems without administrative rights, leading to the potential theft of protected sensitive information and breaches of personal privacy. The vulnerability was confirmed by the team of Professor Hu Wei at Northwestern Polytechnical University (NPU), a major defence research institute in Shaanxi province. The researchers are experienced in hardware design security, vulnerability detection and cryptographic application safety. It was first reported by the National Computer Network Emergency Response Technical Team/Coordination Centre of China (CNCERT) on April 24, and NPU gave further details in an official announcement on May 24.

An anonymous reader quotes a report from The Guardian: Young people with internet addiction experience changes in their brain chemistry which could lead to more addictive behaviors, research suggests. The study, published in PLOS Mental Health, reviewed previous research using functional magnetic resonance imaging (fMRI) to examine how regions of the brain interact in people with internet addiction.

They found that the effects were evident throughout multiple neural networks in the brains of young people, and that there was increased activity in parts of the brain when participants were resting. At the same time, there was an overall decrease in the functional connectivity in parts of the brain involved in active thinking, which is the executive control network of the brain responsible for memory and decision-making. The research found that these changes resulted in addictive behaviors and tendencies in adolescents, as well as behavioral changes linked to mental health, development, intellectual ability and physical coordination. "Adolescence is a crucial developmental stage during which people go through significant changes in their biology, cognition and personalities," said Max Chang, the study's lead author and an MSc student at the UCL Great Ormond Street Institute of Child Health (GOS ICH). "As a result, the brain is particularly vulnerable to internet addiction-related urges during this time, such as compulsive internet usage, cravings towards usage of the mouse or keyboard and consuming media. The findings from our study show that this can lead to potentially negative behavioral and developmental changes that could impact the lives of adolescents. For example, they may struggle to maintain relationships and social activities, lie about online activity and experience irregular eating and disrupted sleep."

Chang said he hopes the findings allow early signs of internet addiction to be treated effectively. "Clinicians could potentially prescribe treatment to aim at certain brain regions or suggest psychotherapy or family therapy targeting key symptoms of internet addiction," said Chang. "Importantly, parental education on internet addiction is another possible avenue of prevention from a public health standpoint. Parents who are aware of the early signs and onset of internet addiction will more effectively handle screen time, impulsivity, and minimize the risk factors surrounding internet addiction."

TorrentFreak's Ernesto Van der Sar recalls the rise and fall of Napster, the file-sharing empire that kickstarted a global piracy frenzy 25 years ago. Here's an excerpt from his report: At the end of the nineties, technology and the Internet were a playground for young engineers and 'hackers'. Some of them regularly gathered in the w00w00 IRC chatroom on the EFnet network. This tech-think-tank had many notable members, including WhatsApp founder Jan Koum and Shawn Fanning, who logged on with the nickname Napster. In 1998, 17-year-old Fanning shared an idea with the group. 'Napster' wanted to create a network of computers that could share files with each other. More specifically, a central music database that everyone in the world could access.

This idea never left the mind of the young developer. Fanning stopped going to school and flanked by his friend Sean Parker, devoted the following months to making his vision a reality. That moment came on June 1, 1999, when the first public release of Napster was released online. Soon after, the software went viral. Napster was quickly embraced by millions of users, who saw the software as something magical. It was a gateway for musical exploration, one that dwarfed even the largest record stores in town. And all for free. It sounds mundane today, but some equated it to pure technological sorcery. For many top players in the music industry, Napster's sorcery was pure witchcraft. At the time, manufacturing CDs with high profit margins felt like printing money and Napster's appearance threatened to ruin the party. [...]

At the start of 2001, Napster's user base reached a peak of more than 26.4 million worldwide. Yet, despite huge growth and backing from investors, the small file-sharing empire couldn't overcome the legal challenges. The RIAA lawsuit resulted in an injunction from the Ninth Circuit Court, which ordered the network to shut down. This happened during July 2001, little more than two years after Napster launched. By September that year, the case had been settled for millions of dollars. While the Napster craze was over, file-sharing had mesmerized the masses and the genie was out of the bottle. Grokster, KaZaa, Morpheus, LimeWire, and many others popped up and provided sharing alternatives, for as long as they lasted. Meanwhile, BitTorrent was also knocking on the door. "Napster paved the way for Apple's iTunes store, to serve the demand that was clearly there," notes Ernesto. "This music streaming landscape was largely pioneered by a Napster 'fan' from Sweden, Daniel Ek."

"Like many others, Ek was fascinated by the 'all you can play' experience offered by file-sharing software, and that planted the seeds for the music streaming startup Spotify, where he still serves as CEO today. In fact, Spotify itself used file-sharing technology under the hood to ensure swift playback."

"The US Cybersecurity and Infrastructure Security Agency has added a critical security bug in Linux to its list of vulnerabilities known to be actively exploited in the wild," reported Ars Technica on Friday.

"The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges." It's the result of a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated. Use-after-free vulnerabilities can result in remote code or privilege escalation. The vulnerability, which affects Linux kernel versions 5.14 through 6.6, resides in the NF_tables, a kernel component enabling the Netfilter, which in turn facilitates a variety of network operations... It was patched in January, but as the CISA advisory indicates, some production systems have yet to install it. At the time this Ars post went live, there were no known details about the active exploitation.

A deep-dive write-up of the vulnerability reveals that these exploits provide "a very powerful double-free primitive when the correct code paths are hit." Double-free vulnerabilities are a subclass of use-after-free errors...

Journalist Steven Brill has written a new book called The Death of Truth. Its subtitle? "How Social Media and the Internet Gave Snake Oil Salesmen and Demagogues the Weapons They Needed to Destroy Trust and Polarize the World-And What We Can Do."

An excerpt published by Wired points out that last year around the world, $300 billion was spent on "programmatic advertising", and $130 billion was spent in the United States alone in 2022. The problem? For over a decade there's been "brand safety" technology, the article points out — but "what artificial intelligence could not do was spot most forms of disinformation and misinformation..."

The end result... In 2019, other than the government of Vladimir Putin, Warren Buffett was the biggest funder of Sputnik News, the Russian disinformation website controlled by the Kremlin... Geico, the giant American insurance company and subsidiary of Buffett's Berkshire Hathaway, was the leading advertiser on the American version of Sputnik News' global website network... No one at Geico or its advertising agency had any idea its ads would appear on Sputnik, let alone what anti-American content would be displayed alongside the ads. How could they? Which person or army of people at Geico or its agency could have read 44,000 websites?

Geico's ads had been placed through a programmatic advertising system that was invented in the late 1990s as the internet developed. It exploded beginning in the mid 2000s and is now the overwhelmingly dominant advertising medium. Programmatic algorithms, not people, decide where to place most of the ads we now see on websites, social media platforms, mobile devices, streaming television, and increasingly hear on podcasts... If Geico's advertising campaign were typical of programmatic campaigns for broad-based consumer products and services, each of its ads would have been placed on an average of 44,000 websites, according to a study done for the leading trade association of big-brand advertisers.

Geico is hardly the only rock-solid American brand to be funding the Russians. During the same period that the insurance company's ads appeared on Sputnik News, 196 other programmatic advertisers bought ads on the website, including Best Buy, E-Trade, and Progressive insurance. Sputnik News' sister propaganda outlet, RT.com (it was once called Russia Today until someone in Moscow decided to camouflage its parentage), raked in ad revenue from Walmart, Amazon, PayPal, and Kroger, among others... Almost all advertising online — and even much of it on television (through streaming TV), or on podcasts, radio, mobile devices, and electronic billboards — is now done programmatically, which means the machine, not a planner, makes those placement decisions. Unless the advertiser uses special tools, such as what are called exclusion or inclusion lists, the publishers and content around which the ad appears, and which the ad is financing, are no longer part of the decision.
"What I kept hearing as the professionals explained it to me was that the process is like a stock exchange, except that the buyer doesn't know what stock he is buying... the advertiser and its ad agency have no idea where among thousands of websites its ad will appear."

This week the Washington Post reported that Americans "are more hesitant to buy EVs now than they were a year ago, according to a March Gallup poll, which found that just 44 percent of American adults say they'd consider buying an EV in the future, down from 55 percent last year. High prices and charging worries consistently rank as the biggest roadblocks for electric vehicles," they write, noting the concerns coincide with a slowdown in electric car and truck sales, while hybrids are increasing their market share.

But something else happened this week. The chair of California's Air Resource Board and the chair of the state's Energy Commission teamed up for an op-ed piece arguing that "despite negative hype," electric cars are their state's future: When California's electric vehicle sales dipped at the end of last year, critics predicted the start of a new downward trend that would doom the industry and the state's broader effort to clean up the transportation sector, the single largest source of greenhouse gases and air pollution. But the latest numbers show that's not the case. Californians purchased 108,372 new zero-emission vehicles in the first three months of 2024 — nearly 7,000 more than the same time last year and the highest-ever first-quarter sales.

Today, one in four new cars sold in the Golden State is electric, up from just 8% in 2020...

California is now home to 56 manufacturers of zero-emission vehicles and related products, making our state a hub for cutting-edge automotive technology. Soon even raw materials will be sourced in-state, paving the way for domestic battery production...

Challenges persist, and chief among them is the need for more widely available charging options. Many more charging stations need to be built as fast as possible to keep up with EV adoption. To address this, California is investing $4 billion over six years to rapidly build out the EV refueling network, on top of billions in investment by utilities. Equally essential is improved reliability of the EV charging network. Too many drivers today encounter faulty charging stations, which is why the California Energy Commission is developing the strongest charging reliability standards in the country and will require companies to be transparent with the public about their performance.
They also point out that California "now boasts more EV chargers in the state than gasoline nozzles."

And that it's become the first U.S. state whose best-selling car is electric.

An anonymous reader quotes an op-ed from The Globe and Mail, written by Kate Robertson and Ron Deibert. Robertson is a senior research associate and Deibert is director at the University of Toronto's Citizen Lab. From the piece: A federal cybersecurity bill, slated to advance through Parliament soon, contains secretive, encryption-breaking powers that the government has been loath to talk about. And they threaten the online security of everyone in Canada. Bill C-26 empowers government officials to secretly order telecommunications companies to install backdoors inside encrypted elements in Canada's networks. This could include requiring telcos to alter the 5G encryption standards that protect mobile communications to facilitate government surveillance. The government's decision to push the proposed law forward without amending it to remove this encryption-breaking capability has set off alarm bells that these new powers are a feature, not a bug.

There are already many insecurities in today's networks, reaching down to the infrastructure layers of communication technology. The Signalling System No. 7, developed in 1975 to route phone calls, has become a major source of insecurity for cellphones. In 2017, the CBC demonstrated how hackers only needed a Canadian MP's cell number to intercept his movements, text messages and phone calls. Little has changed since: A 2023 Citizen Lab report details pervasive vulnerabilities at the heart of the world's mobile networks. So it makes no sense that the Canadian government would itself seek the ability to create more holes, rather than patching them. Yet it is pushing for potential new powers that would infect next-generation cybersecurity tools with old diseases.

It's not as if the government wasn't warned. Citizen Lab researchers presented the 2023 report's findings in parliamentary hearings on Bill C-26, and leaders and experts in civil society and in Canada's telecommunications industry warned that the bill must be narrowed to prevent its broad powers to compel technical changes from being used to compromise the "confidentiality, integrity, or availability" of telecommunication services. And yet, while government MPs maintained that their intent is not to expand surveillance capabilities, MPs pushed the bill out of committee without this critical amendment last month. In doing so, the government has set itself up to be the sole arbiter of when, and on what conditions, Canadians deserve security for their most confidential communications -- personal, business, religious, or otherwise. The new powers would only make people in Canada more vulnerable to malicious threats to the privacy and security of all network users, including Canada's most senior officials. [...] "Now, more than ever, there is no such thing as a safe backdoor," the authors write in closing. "A shortcut that provides a narrow advantage for the few at the expense of us all is no way to secure our complex digital ecosystem."

"Against this threat landscape, a pivot is crucial. Canada needs cybersecurity laws that explicitly recognize that uncompromised encryption is the backbone of cybersecurity, and it must be mandated and protected by all means possible."

An anonymous reader quotes a report from KrebsOnSecurity: The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later.

From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as "proxies" that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe -- but predominantly in the United States. 911 built its proxy network mainly by offering "free" virtual private networking (VPN) services. 911's VPN performed largely as advertised for the user -- allowing them to surf the web anonymously -- but it also quietly turned the user's computer into a traffic relay for paying 911 S5 customers. 911 S5's reliability and extremely low prices quickly made it one of the most popular services among denizens of the cybercrime underground, and the service became almost shorthand for connecting to that "last mile" of cybercrime. Namely, the ability to route one's malicious traffic through a computer that is geographically close to the consumer whose stolen credit card is about to be used, or whose bank account is about to be emptied.

In July 2022, KrebsOnSecurity published a deep dive into 911 S5, which found the people operating this business had a history of encouraging the installation of their proxy malware by any means available. That included paying affiliates to distribute their proxy software by secretly bundling it with other software. That story named Yunhe Wang from Beijing as the apparent owner or manager of the 911 S5 proxy service. In today's Treasury action, Mr. Wang was named as the primary administrator of the botnet that powered 911 S5. Update, May 29, 12:26 p.m. ET: The U.S. Department of Justice (DOJ) just announced they have arrested Wang in connection with the 911 S5 botnet. The DOJ says 911 S5 customers have stolen billions of dollars from financial institutions, credit card issuers, and federal lending programs. [...] The third man sanctioned is Yanni Zheng, a Chinese national the U.S. Treasury says acted as an attorney for Wang and his firm -- Spicy Code Company Limited -- and helped to launder proceeds from the business into real estate holdings. Spicy Code Company was also sanctioned, as well as Wang-controlled properties Tulip Biz Pattaya Group Company Limited, and Lily Suites Company Limited. "911 S5 customers allegedly targeted certain pandemic relief programs," a DOJ statement on the arrest reads. "For example, the United States estimates that 560,000 fraudulent unemployment insurance claims originated from compromised IP addresses, resulting in a confirmed fraudulent loss exceeding $5.9 billion. Additionally, in evaluating suspected fraud loss to the Economic Injury Disaster Loan (EIDL) program, the United States estimates that more than 47,000 EIDL applications originated from IP addresses compromised by 911 S5. Millions of dollars more were similarly identified by financial institutions in the United States as loss originating from IP addresses compromised by 911 S5."

"Jingping Liu assisted Yunhe Wang by laundering criminally derived proceeds through bank accounts held in her name that were then utilized to purchase luxury real estate properties for Yunhe Wang," the document continues. "These individuals leveraged their malicious botnet technology to compromise personal devices, enabling cybercriminals to fraudulently secure economic assistance intended for those in need and to terrorize our citizens with bomb threats."

The Biden administration on Tuesday laid out for the first time [PDF] a set of broad government guidelines around the use of carbon offsets in an attempt to shore up confidence in a method for tackling global warming that has faced growing criticism. From a report: Companies and individuals spent $1.7 billion last year voluntarily buying carbon offsets, which are intended to cancel out the climate effects of activities like air travel by funding projects elsewhere, such as the planting of trees, that remove carbon dioxide from the atmosphere, but that wouldn't have happened without the extra money.

Yet a growing number of studies and reports have found that many carbon offsets simply don't work. Some offsets help fund wind or solar projects that likely would have been built anyway. And it's often extremely difficult to measure the effectiveness of offsets intended to protect forests. As a result, some scientists and researchers have argued that carbon offsets are irredeemably flawed and should be abandoned altogether. Instead, they say, companies should just focus on directly cutting their own emissions.

The Biden administration is now weighing in on this debate, saying that offsets can sometimes be an important tool for helping businesses and others reduce their emissions, as long as there are guardrails in place. The new federal guidelines are an attempt to define "high-integrity" offsets as those that deliver real and quantifiable emissions reductions that wouldn't have otherwise taken place. [...] The new federal guidelines also urge businesses to focus first on reducing emissions within their own supply chains as much as possible before buying carbon offsets. Some companies have complained that it is too difficult to control their sprawling network of outside suppliers and that they should be allowed to use carbon offsets to tackle pollution associated with, for instance, the cement or steel they use.

PayPal hopes to boost its growth by starting an ad network [non-paywalled link] juiced with something it already owns: data on its millions of users. From a report: The digital payments company plans to build an ad sales business around the reams of data it generates from tracking the purchases as well as the broader spending behaviors of millions of consumers who use its services, which include the more socially-enabled Venmo app. PayPal has hired Mark Grether, who formerly led Uber's advertising business, to lead the effort as senior vice president and general manager of its newly-created PayPal Ads division. In his new role, he will be responsible for developing new ad formats, overseeing sales and hiring staff to fill out the division, he said.

PayPal in January introduced Advanced Offers, its first ad product, which uses AI and the company's data to help merchants target PayPal users with discounts and other personalized promotions. Advanced Offers only charges advertisers when consumers make a purchase. Online marketplaces eBay and Zazzle have begun testing it, according to a PayPal spokesman. But PayPal now aims to sell ads not only to its own customers, but to so-called non-endemic advertisers, or those that don't sell products or services through PayPal. Those companies might use PayPal data to target consumers with ads that could be displayed elsewhere, for instance, on other websites or connected TV sets.

A hacker group called RansomHub said it was behind the cyberattack that hit the Christie's website just days before its marquee spring sales began, forcing the auction house to resort to alternatives to online bidding. From a report: In a post on the dark web on Monday, the group claimed that it had gained access to sensitive information about the world's wealthiest art collectors, posting only a few examples of names and birthdays. It was not immediately possible to verify RansomHub's claims, but several cybersecurity experts said they were a known ransomware operation and that the claim was plausible. Nor was it clear if the hackers had gained access to more sensitive information, including financial data and client addresses. The group said it would release the data, posting a countdown timer that would reach zero by the end of May.

At Christie's, a spokesman said in a statement, "Our investigations determined there was unauthorized access by a third party to parts of Christie's network." The spokesman, Edward Lewine, said that the investigations "also determined that the group behind the incident took some limited amount of personal data relating to some of our clients." He added, "There is no evidence that any financial or transactional records were compromised." Hackers said that Christie's failed to pay a ransom when one was demanded.

This week the Washington Post noted that just last year nearly 1.2 million more electric vehicles were sold in America, "accounting for over 7 percent of total new car sales and a new national record." But "data show that EV sales are far outpacing growth in the U.S. charging network... In 2016, there were seven electric cars for each public charging point; today, there's more than 20 electric cars per charger."

The article points out that 80% of America's EV's are just charging at home, according to the U.S. Energy Department. (Which seems to leave one public charger for every four EVs that don't charge at home.) And the article notes several other important caveats: Experts say that there is no "magic number" for the best ratio of EVs on the road to public chargers. "It absolutely depends on the local landscape," said Peter Slowik, U.S. passenger vehicles lead for the International Council on Clean Transportation. Globally, there is about 1 public charger for every 11 EVs, according to the International Energy Agency. But in countries where there are more single-family homes and garages, the ratio could be lower....

In a way, the United States' slow charging build-out could be a benefit in the long-term: Many automakers have now promised to switch to Tesla's charging connector in the next few years, which could help put most cars on the same system.

Not everyone agrees there is a delay. Slowik says that his team's research shows that the United States is on-track for building out the charging needed over the next eight years. An increase in the number of EVs per public charger is a natural part of the adoption process, he argues, that will subside with more sales and as more chargers come online.
Still, the article argues if Americans continue buying electric cars, public chargers will be essential "to support long road trips, help apartment-dwellers go electric and alleviate overnight pressure on electricity grids."

Today U.S. Transportation Secretary Pete Buttigieg reiterated America's commitment to having a national network of 500,000 charges by 2030, saying the country is at "the absolute very, very beginning stages of the construction to come."

"While general-purpose languages like Python, C++, and Java remain popular in AI development," writes VentureBeat, "the resurgence of AI-first languages signifies a recognition that AI's unique demands require specialized languages tailored to the domain's specific needs... designed from the ground up to address the specific needs of AI development." Bend, created by Higher Order Company, aims to provide a flexible and intuitive programming model for AI, with features like automatic differentiation and seamless integration with popular AI frameworks. Mojo, developed by Modular AI, focuses on high performance, scalability, and ease of use for building and deploying AI applications. Swift for TensorFlow, an extension of the Swift programming language, combines the high-level syntax and ease of use of Swift with the power of TensorFlow's machine learning capabilities...

At the heart of Mojo's design is its focus on seamless integration with AI hardware, such as GPUs running CUDA and other accelerators. Mojo enables developers to harness the full potential of specialized AI hardware without getting bogged down in low-level details. One of Mojo's key advantages is its interoperability with the existing Python ecosystem. Unlike languages like Rust, Zig or Nim, which can have steep learning curves, Mojo allows developers to write code that seamlessly integrates with Python libraries and frameworks. Developers can continue to use their favorite Python tools and packages while benefiting from Mojo's performance enhancements... It supports static typing, which can help catch errors early in development and enable more efficient compilation... Mojo also incorporates an ownership system and borrow checker similar to Rust, ensuring memory safety and preventing common programming errors. Additionally, Mojo offers memory management with pointers, giving developers fine-grained control over memory allocation and deallocation...

Mojo is conceptually lower-level than some other emerging AI languages like Bend, which compiles modern high-level language features to native multithreading on Apple Silicon or NVIDIA GPUs. Mojo offers fine-grained control over parallelism, making it particularly well-suited for hand-coding modern neural network accelerations. By providing developers with direct control over the mapping of computations onto the hardware, Mojo enables the creation of highly optimized AI implementations.

According to Mojo's creator, Modular, the language has already garnered an impressive user base of over 175,000 developers and 50,000 organizations since it was made generally available last August. Despite its impressive performance and potential, Mojo's adoption might have stalled initially due to its proprietary status. However, Modular recently decided to open-source Mojo's core components under a customized version of the Apache 2 license. This move will likely accelerate Mojo's adoption and foster a more vibrant ecosystem of collaboration and innovation, similar to how open source has been a key factor in the success of languages like Python.

Developers can now explore Mojo's inner workings, contribute to its development, and learn from its implementation. This collaborative approach will likely lead to faster bug fixes, performance improvements and the addition of new features, ultimately making Mojo more versatile and powerful.
The article also notes other languages "trying to become the go-to choice for AI development" by providing high-performance execution on parallel hardware. Unlike low-level beasts like CUDA and Metal, Bend feels more like Python and Haskell, offering fast object allocations, higher-order functions with full closure support, unrestricted recursion and even continuations. It runs on massively parallel hardware like GPUs, delivering near-linear speedup based on core count with zero explicit parallel annotations — no thread spawning, no locks, mutexes or atomics. Powered by the HVM2 runtime, Bend exploits parallelism wherever it can, making it the Swiss Army knife for AI — a tool for every occasion...

The resurgence of AI-focused programming languages like Mojo, Bend, Swift for TensorFlow, JAX and others marks the beginning of a new era in AI development. As the demand for more efficient, expressive, and hardware-optimized tools grows, we expect to see a proliferation of languages and frameworks that cater specifically to the unique needs of AI. These languages will leverage modern programming paradigms, strong type systems, and deep integration with specialized hardware to enable developers to build more sophisticated AI applications with unprecedented performance. The rise of AI-focused languages will likely spur a new wave of innovation in the interplay between AI, language design and hardware development. As language designers work closely with AI researchers and hardware vendors to optimize performance and expressiveness, we will likely see the emergence of novel architectures and accelerators designed with these languages and AI workloads in mind. This close relationship between AI, language, and hardware will be crucial in unlocking the full potential of artificial intelligence, enabling breakthroughs in fields like autonomous systems, natural language processing, computer vision, and more.

The future of AI development and computing itself are being reshaped by the languages and tools we create today.
In 2017 Modular AI's founder Chris Lattner (creator of the Swift and LLVM) answered questions from Slashdot readers.

Malaysia Airlines Flight 370 vanished in 2014 — and efforts continue to find it. In 2018 a UK-based video producer claimed to have discovered the crashed aircraft on Google Maps — but Newsweek pointed out the same wreckage "is visible in imagery dating back to January 1, 2004 — more than a decade before MH370 disappeared."

Marine robotics company Ocean Infinity also failed to find the aircraft after a five-month search in 2018 — but has returned to the headlines this March, writes the Independent, "claiming that they have scientific evidence" for the flight's final resting place. (The company's CEO says the last six years they've been "innovating with technology and robotics to further advance our ocean search capabilities.")

And this week Indian Express reported that researchers from the UK's Cardiff University investigating the mystery "have come up with a novel plan to unravel it — sea explosions."

More from the Economic Times: Scientists have said that airplanes crashing over oceans create unique acoustic signatures that can travel more than 3,000km through water. These acoustic signatures can be recorded by a network of 11 hydroacoustic stations worldwide that are dotted along the seabed. Researchers at Cardiff University have said that a series of controlled underwater explosions or air gunfire along the 7th arc [where the plane last communicated] can be done to see whether they can isolate a more precise location for MH370.
More details from NDTV: "[W]ithin the time frame and location suggested by the official search, only a single, relatively weak signal was identified,'' Dr Kadri said... ''Similar exercises were performed in the search and rescue mission for the ARA San Juan, a submarine that vanished off the coast of Argentina in 2017. This shows us that it is relatively straightforward and feasible and could provide a means to determine the signal's relevance to MH370, prior to resuming with another extensive search. If found to be related, this would significantly narrow down, almost pinpoint, the aircraft's location,'' Dr Kadri added...

Despite the largest search in aviation history, the plane has never been found.
An announcement from Cardiff University adds that "The experiments would also help develop the use of hydroacoustic technology as a tool for authorities to draw upon when narrowing down potential crash locations for airplanes in the future."

Roughly 160,000 U.S.-based amateur radio enthusiasts belong to the American Radio Relay League, a nonprofit with 100 full-time and part-time staff members.

Nine days ago it announced "that it suffered a cyberattack that disrupted its network and systems," reports BleepingComputer, "including various online services hosted by the organization." "We are in the process of responding to a serious incident involving access to our network and headquarters-based systems. Several services, such as Logbook of The World and the ARRL Learning Center, are affected," explained ARRL in a press release... [T]he ARRL took steps to allay members' concerns about the security of their data, confirming that they do not store credit card information or collect social security numbers.

However, the organization confirmed that its member database contains some private information, including names, addresses, and call signs. While they do not specifically state email addresses are stored in the database, one is required to become a member of the organization.
"The ARRL has not specifically said that its member database has been accessed by hackers," Security Week points out, "but its statement suggests it's possible."

The site adds that it has also "reached out to ARRL to find out if this was a ransomware attack and whether the attackers made any ransom demand."

Thanks to Slashdot reader AzWa Snowbird for sharing the news.

Minnesota this week eliminated two laws that made it harder for cities and towns to build their own broadband networks. From a report: The state-imposed restrictions were repealed in an omnibus commerce policy bill signed on Tuesday by Gov. Tim Walz, a Democrat. Minnesota was previously one of about 20 states that imposed significant restrictions on municipal broadband. The number can differ depending on who's counting because of disagreements over what counts as a significant restriction. But the list has gotten smaller in recent years because states including Arkansas, Colorado, and Washington repealed laws that hindered municipal broadband. The Minnesota bill enacted this week struck down a requirement that municipal telecommunications networks be approved in an election with 65 percent of the vote. The law is over a century old, the Institute for Local Self-Reliance's Community Broadband Network Initiative wrote yesterday.

fjo3 quotes a report from Reuters: SpaceX on Wednesday launched an inaugural batch of operational spy satellites it built as part of a new U.S. intelligence network designed to significantly upgrade the country's space-based surveillance powers, the first deployment of several more planned this year. The spy network was revealed in a pair of Reuters reports earlier this year showing SpaceX is building hundreds of satellites for the U.S. National Reconnaissance Office, an intelligence agency, for a vast system in orbit capable of rapidly spotting ground targets almost anywhere in the world.

SpaceX's Falcon 9 rocket lifted off from the Vandenberg Space Force Base in Southern California at 4 a.m. EDT on Wednesday, carrying into space what the NRO said was the "first launch of the NRO's proliferated systems featuring responsive collection and rapid data delivery." "Approximately half a dozen launches supporting NRO's proliferated architecture are planned for 2024, with additional launches expected through 2028," the agency said, without naming the number of satellites deployed.

An anonymous reader quotes a report from NPR: Hospital staff are forced to write notes by hand and deliver orders for tests and prescriptions in person in the ongoing fallout from a recent ransomware attack at the national health system Ascension. Ascension is one of the largest health systems in the United States, with some 140 hospitals located across 19 states and D.C. A spokesperson said in a statement that "unusual activity" was first detected on multiple technology network systems Ascension uses on Wednesday, May 8. Later, representatives confirmed that some of Ascension's electronic health records systems had been affected, along with systems used "to order certain tests, procedures and medications."

Some phone capabilities have also been offline, and patients have been unable to access portals used to view medical records and get in touch with their doctors. Due to these interruptions, hospital staff had to shift to "manual and paper based" processes. "Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible," an Ascension spokesperson said in a May 8 statement. Kris Fuentes, who works in the neonatal intensive care unit at Ascension Seton Medical Center in Austin, said she remembers when paper charting was the norm. But after so many years of relying on digital systems, she said her hospital wasn't ready to make such an abrupt shift. "It's kind of like we went back 20 years, but not even with the tools we had then," Fuentes said. "Our workflow has just been really unorganized, chaotic and at times, scary."

Fuentes said orders for medication, labs and imaging are being handwritten and then distributed by hand to various departments, whereas typically these requests are quickly accessed via computer. A lack of safety checks with these backup methods has introduced errors, she said, and every task is taking longer to complete. "Medications are taking longer to get to patients, lab results are taking longer to get back," she said. "Doctors need the lab results, often, to decide the next treatment plan, but if there's a delay in access to the labs, there's a delay in access to the care that they order." As of Tuesday, Ascension still had no timeline for when the issues might be resolved, and reported that it continued to work with "industry-leading cybersecurity experts" to investigate the ransomware attack and restore affected systems. The FBI and Cybersecurity and Infrastructure Security Agency are also involved in the investigation. "While Ascension facilities remain open, a health system representative said on May 9 that in some cases, emergency patients were being triaged to different hospitals, and some non-emergent appointments and procedures were postponed," reports NPR. "Certain Ascension pharmacies are not operational, and patients are being asked to bring in prescription bottles or numbers."

"Individuals who are enrolled in Ascension health insurance plans are being directed to mail in monthly payments while the electronic payment system is down."