Cloud providers like the security of running things in virtual machines "at scale" — even though VMs "are not known for having fast cold starts or a small footprint..." noted Microsoft's Open Source blog last November. So Microsoft's Azure Core Upstream team built an open source Rust library called Hyperlight "to execute functions as fast as possible while isolating those functions within a VM."

But that was just the beginning... Then, we showed how to run Rust functions really, really fast, followed by using C to [securely] run Javascript. In February 2025, the Cloud Native Computing Foundation (CNCF) voted to onboard Hyperlight into their Sandbox program [for early-stage projects].

[This week] we're announcing the release of Hyperlight Wasm: a Hyperlight virtual machine "micro-guest" that can run wasm component workloads written in many programming languages...

Traditional virtual machines do a lot of work to be able to run programs. Not only do they have to load an entire operating system, they also boot up the virtual devices that the operating system depends on. Hyperlight is fast because it doesn't do that work; all it exposes to its VM guests is a linear slice of memory and a CPU. No virtual devices. No operating system. But this speed comes at the cost of compatibility. Chances are that your current production application expects a Linux operating system running on the x86-64 architecture (hardware), not a bare linear slice of memory...

[B]uilding Hyperlight with a WebAssembly runtime — wasmtime — enables any programming language to execute in a protected Hyperlight micro-VM without any prior knowledge of Hyperlight at all. As far as program authors are concerned, they're just compiling for the wasm32-wasip2 target... Executing workloads in the Hyperlight Wasm guest isn't just possible for compiled languages like C, Go, and Rust, but also for interpreted languages like Python, JavaScript, and C#. The trick here, much like with containers, is to also include a language runtime as part of the image... Programming languages, runtimes, application platforms, and cloud providers are all starting to offer rich experiences for WebAssembly out of the box. If we do things right, you will never need to think about whether your application is running inside of a Hyperlight Micro-VM in Azure. You may never know your workload is executing in a Hyperlight Micro VM. And that's a good thing.
While a traditional virtual-device-based VM takes about 125 milliseconds to load, "When the Hyperlight VMM creates a new VM, all it needs do to is create a new slice of memory and load the VM guest, which in turn loads the wasm workload. This takes about 1-2 milliseconds today, and work is happening to bring that number to be less than 1 millisecond in the future."

And there's also double security due to Wasmtime's software-defined runtime sandbox within Hyperlight's larger VM...

Automotive historian Dan Albert loves the "adorable tiny truck" he's driving. It's one of the small Japan-made "kei" pickups and minivans that "make up about a third of car sales in Japan." Americans can legally import older models for less than $10,000, and getting 40 miles per gallon they're "Cheap to buy and run... rugged, practical, no-frills machines — exactly what the American-built pickup truck used to be."

But unfortunately, kei buyers face "bureaucratic roadblocks that states like Massachusetts have erected to keep kei cars and trucks out of the hands of U.S. drivers." Several state departments of motor vehicles (DMVs) have balked at registering the imported machines, saying that they're too unsafe for American streets. Owners have responded with a righteous mix of good humor, lobbying and lawsuits... Kei trucks do not meet the Federal Motor Vehicle Safety Standards, or FMVSS — the highly specific rules US-market new cars must meet. But since 1988, the Imported Vehicle Safety Compliance Act has exempted vehicles that are at least 25 years old from these crash safety standards, allowing drivers to bring over vintage European and Asian market models...

Getting insurance coverage was the next barrier, as the company that had long been underwriting the Albert family's fleet also rejected me, forcing me to seek out a specialty "collector car" insurer. (I did eventually get regular coverage....) Maine, Rhode Island, New York, Pennsylvania, Georgia, Virginia, and Michigan also tightened their rules on registering small Japanese imports in recent years. The culprit, according to the auto enthusiast press, was the American Association of Motor Vehicle Administrators, the trade organization that serves as the lobbying and policy arm of DMVs across North America. Much of AAMVA's work involves integrating the databases of the 69 US and Canadian motor vehicle jurisdictions who are its members, so that a car stolen in one state can't be titled in another... The kei truck's regulatory troubles can be traced to a 2011 AAMVA report, "Best Practices Regarding Registration and Titling of Mini-Trucks," which called for outright bans and encouraged DMVs to lobby state legislatures to outlaw keis entirely.

The Insurance Institute of Highway Safety concurred, telling AAMVA that its recommendation did not go far enough: The IIHS said that keis should join the class of conveyances that the U.S. government calls Low Speed Vehicles, which are mechanically limited to 25 miles per hour or less and should be used only for short local trips on low-speed-limit roads because they can't protect occupants in the event of a collision with a regular vehicle... [But] By 2008, Japan's kei trucks did feature crumple zones and driver airbags in compliance with that country's safety standards...

Despite its name, the Imported Vehicle Safety Compliance Act that lets older cars into the US from overseas isn't really about safety: Car industry lobbyists secured passage of the law to protect dealer profits. Newer keis — which are banned — are safer and cleaner than the 25-year-old ones that can be imported now. (Battery-powered keis debuted in 2009.) But even mine has an airbag, front crumple zone, seatbelt pretensioners, and anti-lock brakes.
The article notes that kie fans have "a distinctly libertarian streak... Some owners I've talked to report forging titles, setting up shell companies in Montana and finding other means of skirting DMV rules."

Thanks to long-time Slashdot reader schwit1 for sharing the article.

In 1999 Slashdot reader Jeremie announced "a new project I recently started to create a complete open-source platform for Instant Messaging with transparent communication to other IM systems (ICQ, AIM, etc)." It was the first release of the eXtensible Messaging and Presence Protocol, and by 2008 Slashdot was asking if XMPP was "the next big thing." Facebook even supported it for third-party chat clients until 2015.

And here in 2025, the chair of the nonprofit XMPP Standards Foundation is long-time Slashdot reader ralphm, who is now issuing this call to action at XMPP.org: The European Digital Markets Act (DMA) is designed to break down walled gardens and enforce messaging interoperability. As a designated gatekeeper, Meta—controlling WhatsApp and Messenger—must comply. However, its current proposal falls short, risking further entrenchment of its dominance rather than fostering genuine competition. [..]

A Call to Action

The XMPP Standards Foundation urges Meta to adopt XMPP for messaging interoperability. It is ready to collaborate, continue to evolve the protocol to meet modern needs, and ensure true compliance with the DMA. Let's build an open, competitive messaging ecosystem—one that benefits both users and service providers.

It's time for real interoperability. Let's make it happen.

The Washington Post reports that after months of polar darkness, the extent of sea ice blanketing the Arctic this winter "fell to the lowest level on record, researchers announced this week... the smallest maximum extent in the 47-year satellite record, according to the National Snow and Ice Data Center.

"Since then, the ice has already begun to melt again." "Sea ice is acting like the old canary in the coal mine," Dartmouth University geophysicist Don Perovich said. "It's saying loud and clear that warming is occurring...."

In the summer, when the sun's radiation shines down on the Arctic for 24 hours a day, the ice acts as a shield, reflecting more than half of the light that hits it back into space.... With so little sea ice in the Arctic this year, more sunlight will be able to reach the open ocean, which absorbs more than 90 percent of the radiation that hits it. This will further warm the region, accelerating ice melt and exposing even more water to the light. This feedback loop helps explain the rapid warming of the Arctic, and it is expected to lead to a complete lack of summer sea ice in the region within decades, [said explained Melinda Webster, a sea ice scientist at the University of Washington]. The consequences would be dire for seals, polar bears and other wildlife, which depend on a stable sea ice platform to birth their young and hunt for food. It would also expose miles of coastline to pounding ocean waves, accelerating the erosion that threatens to tip some communities into the sea.

But the effects will also be felt in places far from the poles, Perovich said. Studies suggest that a complete loss of Arctic sea ice would raise global temperatures as much as adding a trillion tons of carbon dioxide to the atmosphere. Changes in the Arctic could also affect the jet stream, the river of winds that flows through the upper atmosphere, contributing to more extreme weather around the globe.

"What happens in the Arctic doesn't stay in the Arctic," Perovich said.
Earlier this year sea ice also fell 30% below the amount typical in the Antarctic prior to 2010, the researchers report. The total amount of sea ice on earth has now reached an all-time low, declining by more than a million square miles (2.5 million square kilometers) below the pre-2010 average.

"Altogether, Earth is missing an area of sea ice large enough to cover the entire continental United States east of the Mississippi."

An anonymous reader shared this report from BleepingComputer: Three security bypasses have been discovered in Ubuntu Linux's unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components. The issues allow local unprivileged users to create user namespaces with full administrative capabilities and impact Ubuntu versions 23.10, where unprivileged user namespaces restrictions are enabled, and 24.04 which has them active by default...

Ubuntu added AppArmor-based restrictions in version 23.10 and enabled them by default in 24.04 to limit the risk of namespace misuse. Researchers at cloud security and compliance company Qualys found that these restrictions can be bypassed in three different ways... The researchers note that these bypasses are dangerous when combined with kernel-related vulnerabilities, and they are not enough to obtain complete control of the system... Qualys notified the Ubuntu security team of their findings on January 15 and agreed to a coordinated release. However, the busybox bypass was discovered independently by vulnerability researcher Roddux, who published the details on March 21.

Canonical, the organization behind Ubuntu Linux, has acknowledged Qualys' findings and confirmed to BleepingComputer that they are developing improvements to the AppArmor protections. A spokesperson told us that they are not treating these findings as vulnerabilities per se but as limitations of a defense-in-depth mechanism. Hence, protections will be released according to standard release schedules and not as urgent security fixes.
Canonical shared hardening steps that administrators should consider in a bulletin published on their official "Ubuntu Discourse" discussion forum.

A new study warns that toxic Martian dust contains fine particles and harmful substances like silica and metals that pose serious health risks to astronauts, making missions to Mars more dangerous than previously thought. The Guardian reports: During Apollo missions to the moon, astronauts suffered from exposure to lunar dust. It clung to spacesuits and seeped into the lunar landers, causing coughing, runny eyes and irritated throats. Studies showed that chronic health effects would result from prolonged exposure. Martian dust isn't as sharp and abrasive as lunar dust, but it does have the same tendency to stick to everything, and the fine particles (about 4% the width of a human hair) can penetrate deep into lungs and enter the bloodstream. Toxic substances in the dust include silica, gypsum and various metals.

"A mission to Mars does not have the luxury of rapid return to Earth for treatment," the researchers write in the journal GeoHealth. And the 40-minute communication delay will limit the usefulness of remote medical support from Earth. Instead, the researchers stress that limiting exposure to dust is essential, requiring air filters, self-cleaning space suits and electrostatic repulsion devices, for example.

A breach of legacy Cerner servers at Oracle Health exposed patient data from multiple U.S. hospitals and healthcare organizations, with threat actors using compromised customer credentials to steal the data before it had been migrated to Oracle Cloud. Despite confirming the breach privately, Oracle Health has yet to publicly acknowledge the incident. BleepingComputer reports: Oracle Health, formerly known as Cerner, is a healthcare software-as-a-service (SaaS) company offering Electronic Health Records (EHR) and business operations systems to hospitals and healthcare organizations. After being acquired by Oracle in 2022, Cerner was merged into Oracle Health, with its systems migrated to Oracle Cloud. In a notice sent to impacted customers and seen by BleepingComputer, Oracle Health said it became aware of a breach of legacy Cerner data migration servers on February 20, 2025.

"We are writing to inform you that, on or around February 20, 2025, we became aware of a cybersecurity event involving unauthorized access to some amount of your Cerner data that was on an old legacy server not yet migrated to the Oracle Cloud," reads a notification sent to impacted Oracle Health customers. Oracle says that the threat actor used compromised customer credentials to breach the servers sometime after January 22, 2025, and copied data to a remote server. This stolen data "may" have included patient information from electronic health records. However, multiple sources told BleepingComputer that it was confirmed that patient data was stolen during the attack.

Oracle Health is also telling hospitals that they will not notify patients directly and that it is their responsibility to determine if the stolen data violates HIPAA laws and whether they are required to send notifications. However, the company says they will help identify impacted individuals and provide templates to help with notifications.

An anonymous reader shares a report: New data recently released by the Environmental Protection Agency indicate that more than 158 million people across the U.S. have drinking water contaminated by toxic "forever chemicals," scientifically known as perfluoroalkyl and polyfluoroalkyl substances (PFAS).

"Drinking water is a major source of PFAS exposure. The sheer number of contaminated sites shows that these chemicals are likely present in most of the U.S. water supply," said David Andrews, deputy director of investigations and a senior scientist at the Environmental Working Group (EWG), a nonprofit advocacy organization, in a recent press release.

An anonymous reader shares a report: A former director of data science at the UK prime minister's office has told MPs that people working with data in government are not typically technical and would be unlikely to get a similar job in the private sector.

In a hearing designed to illuminate the challenges facing the Department for Science, Innovation and Technology (DSIT) as it strives to become the digital centre for government, MPs quizzed Laura Gilbert, head of AI for Government, at the Ellison Institute and former director of data science at 10 Downing Street, the prime ministers' office.

Members of the House of Common's Science, Innovation and Technology Committee wanted to know about the performance of the Government Digital Service, which in January was moved from the Cabinet Office to DSIT and merged with Central Digital and Data Office (CDDO), the Incubator for AI (i.AI). Gilbert, a particle physicist who has worked in a number of tech industry roles, said one of the challenges was understanding the level of tech skills in the civil service in central government.

The College Board, described as a $2 billion nonprofit, functions as the primary gatekeeper for academic success within American higher education, according to an analysis by Bloomberg. The organization significantly shapes university admissions by controlling not only who gains entry to college but also influencing what students know upon arrival.

This central role in managing and defining higher education admissions positions the Board uniquely. The story adds: The College Board writes the curriculum for 40 AP courses, administers and grades the exams, oversees the PSAT and SAT, and offers a variety of free and paid resources to help prepare for the courses and tests. Many students will wind up paying the company north of $1,000 over the course of their high school career. "If the same people can create the content and create the tests, that's a really great business model where you've got the whole public secondary education system wrapped up in one little company," says Jon Boeckenstedt, the vice provost of enrollment management at Oregon State University and a prominent critic of the College Board.

Housing so many parts of the high school experience under one roof has made the New York-based organization immensely wealthy, with more than $1 billion in annual revenue -- on which it pays no taxes as a 501(c)(3) nonprofit. But mere money isn't the biggest source of the College Board's might. Twelve decades after its creation, it's now the closest thing the fragmented American educational system has to a central governing body, with a huge amount of authority over what students are expected to know when they get to college. Higher education is arguably the most important driver of social mobility, as well as the most powerful force in selecting which members of the next generation will set the political and cultural agenda. By controlling who gets in and what they know when they get there, the College Board has become the chief gatekeeper of academic success in America.

An anonymous reader shares a report: Staff at the Federal Trade Commission have been instructed to no longer refer to the agency as "independent" in complaints, according to an email obtained by The Verge.

A Nature survey has found that three-quarters of responding U.S. scientists are considering leaving the nation following disruptions to science under the Trump administration.

Out of 1,608 respondents, 75.3% said they were contemplating leaving the country. Scientists cited concerns over research funding and the general treatment of science as contributing factors for their reasoning. Europe and Canada were mentioned as potential destinations for those looking for opportunities abroad.

theodp writes: "As I prepared for a White House meeting last fall on the nation's electricity needs," begins Microsoft President Brad Smith in The Country Needs More Electricity --And More Electricians, a Fox Business op-ed. "I met with the leaders at Microsoft who are building our AI infrastructure across the country. During our discussion, I asked them to identify the single biggest challenge for data center expansion in the U.S. I expected they would mention slow permitting, delays in bringing more power online or supply chain constraints -- all significant challenges. But instead, they highlighted a national shortage of people. Electricians, to be precise."

Much as Smith has done in the past as he declared crisis-level shortages of Computer Science, cybersecurity, and AI talent, he's calling for the nation's politicians and educators to step up to the plate and deliver students trained to address the data center expansion plans of Microsoft and Big Tech.

"How many new electricians must the U.S. recruit and train over the next decade?" Smith asks. "Probably half a million. [...] The good news is that these are good jobs. The bad news is that we don't have a national strategy to recruit and train the people to fill these jobs. Given the Trump administration's commitment to supporting American workers, American jobs and American innovation, we believe that recruiting and training more electricians should rise to its list of priorities. There are several ways to address this issue, and they deserve consideration. For example, we need to do more as a nation to revitalize the industrial arts and shop classes in American high schools. [...] This should be a priority for local school boards, state governors and appropriate federal support. [..] We must also adopt a broad perspective on where new technology is taking us. The tech sector is most often focused on computer and data science -- people who code. But the future will also be built in critical ways by a new generation of engineers, electricians, plumbers, pipefitters, iron workers, carpenters and other skilled trades.

So, is 'Learn to Wire' the new 'Learn to Code'?

Columbia University has suspended the student who created an AI tool designed to help job candidates cheat on technical coding interviews, according to disciplinary documents seen by Business Insider. Chungin "Roy" Lee received a yearlong suspension for "publishing unauthorized documents" from a disciplinary hearing about his product, Interview Coder, not for creating the tool itself. Lee had signed a form agreeing not to disclose his disciplinary record or post hearing materials online.

Interview Coder, which sells for $60 monthly, is on track to generate $2 million in annual revenue, Lee said. The university initially placed him on probation after finding him responsible for "facilitation of academic dishonesty." Lee had already submitted paperwork for a leave of absence before his suspension. He told BI he plans to move to San Francisco, which "was my plan all along."

The Metropolitan Police has confirmed its first permanent installation of live facial recognition (LFR) cameras is coming this summer and the location will be the South London suburb of Croydon. From a report: The two cameras will be installed in the city center in an effort to combat crime and will be attached to buildings and lamp posts on North End and London Road. According to the police they will only be turned on when officers are in the area and in a position to make an arrest if a criminal is spotted. The installation follows a two-year trial in the area where police vans fitted with the camera have been patrolling the streets matching passersby to its database of suspects or criminals, leading to hundreds of arrests. The Met claims the system can alert them in seconds if a wanted wrong'un is spotted, and if the person gets the all-clear, the image of their face will be deleted.

sciencehabit quotes a report from Science.org: Whales sing, orcas squeal, and sea turtles croak. But sharks are more the strong, silent type. Now, researchers report the first evidence that sharks make sounds, too, described today in Royal Society Open Science. The animals may be making the sounds -- a series of clicking noises -- by snapping their flat rows of teeth, which are blunt for crushing prey. The sharks can hear mostly low-frequency noise, and the clicks they emit are higher pitched, which suggests they are not for communicating with other rigs. It's possible they are a defensive tactic. Marine mammals that eat rigs, such as leopard seals, can hear in the frequency range of the rig clicks, but the researchers question whether a few clicks would deter an attack. The sounds might be part of their response to being startled, the team says.

According to the Financial Times, Fidelity Investments is in advanced stages of developing its own stablecoin. Binance reports: The Boston-based financial services giant plans for the token to serve as a form of digital cash, according to the report, which cites two people close to the matter. The token would form part of company's strategy to enter the tokenized government bonds market. Stablecoins are a cryptocurrency whose value is pegged to a real-world asset such as the U.S. dollar or gold. They provide a convenient way for crypto traders to preserve their fiat value without having to cash out of the market.

The news emerges just days after Fidelity filed paperwork to register a blockchain-based version of its U.S. dollar money market fund. The company seeks to register an "OnChain" share class of its Treasury Digital Fund (FYHXX), which holds cash and U.S. Treasury securities and is available only to Fidelity's hedge fund and institutional clients. A Fidelity stablecoin could fill the role of cash in this fund. The report comes a day after World Liberty Financial, a crypto venture backed by Donald Trump and his family, launched a U.S. dollar-pegged stablecoin called USD1.

Fortune reports that over 4 million Gen Zers are currently not in education, employment, or training (NEET), with experts blaming a broken educational system and "worthless degrees" for failing to deliver on promises of career readiness. From the report: While some Gen Zers may fall into this category because they are taking care of a family member, many have become frozen out of the increasingly tough job market where white-collar jobs are becoming seemingly out of reach. In the U.S., this translates to an estimated over 4.3 million young people not in school or work. Across the pond in the U.K., the situation is also only getting worse, with the number of NEET young people rising by over 100,000 in the last year alone.

A British podcaster went so far as to call the situation a "catastrophe" -- and cast a broad-stroke blame on the education system. "In many cases, young people have been sent off to universities for worthless degrees which have produced nothing for them at all," the political commentator, journalist and author, Peter Hitchens slammed colleges last week. "And they would be much better off if they apprenticed to plumbers or electricians, they would be able to look forward to a much more abundant and satisfying life." With millions of Gen Zers waking up each day feeling left behind, there needs to be a "wake-up call" that includes educational and workplace partners stepping up, Jeff Bulanda, vice president at Jobs for the Future, tells Fortune.

The U.S. has added 80 entities to its export blacklist to prevent China from acquiring advanced American chips for military development, including AI, quantum tech, and hypersonic weapons. The Verge reports: More than 50 of the new entities added to the list are based in China, with others located in Iran, Taiwan, Pakistan, South Africa, and the United Arab Emirates. BIS says the restrictions have been applied to entities that acted "contrary to US national security and foreign policy," and are intended to hinder China's ability to develop high-performance computing capabilities, quantum technologies, advanced artificial intelligence, and hypersonic weapons.

Six of the newly blacklisted entities are subsidiaries of Inspur Group -- China's leading cloud computing service provider and a major customer for US chip makers such as Nvidia, AMD, and Intel -- which BIS alleges had contributed to projects developing supercomputers for the Chinese military. The Beijing Academy of Artificial Intelligence is another addition to the list, which has criticized its inclusion. "American technology should never be used against the American people," said Jeffrey Kessler, Under Secretary of Commerce for Industry and Security. "BIS is sending a clear, resounding message that the Trump administration will work tirelessly to safeguard our national security by preventing U.S. technologies and goods from being misused for high performance computing, hypersonic missiles, military aircraft training, and UAVs that threaten our national security."

An anonymous reader shares a report: After years of decline, the number of applications to the country's two-year MBA programs rebounded in 2024 -- rising 19%, according to a survey by the Graduate Management Admission Council. The pandemic saw a blossoming of new ways to deliver an MBA, but tradition has reasserted itself: The biggest growth last year was in conventional two-year and part-time programs.

As in recent years, the great majority of student demand came from overseas, but applications from the US rose as well. While the two-year class graduating this spring included record levels of international students at many institutions, most of the top 20 schools as ranked by Bloomberg Businessweek welcomed classes last fall with a reduced international presence. Given the Trump administration's hostility to immigration, the graduating class of 2025 could prove to be the high-water mark for international MBA students in the US for at least the near future.