Windows Subsystem for Linux is now automatically releasing stored memory in WSL back for use by Windows. This automatic memory reclaim support is a great addition and makes Windows behave better especially for systems with limited amounts of RAM. Without this support in memory hungry situations like with Docker it was possible for WSL2 to exhaust all of the system’s physical memory.
Windows Subsystem for Linux has also enabled DNS tunneling by default for improved network support.
Meanwhile in experimental form is support for automatic disk reclaim and a new mirrored networking mode that provides for features like IPv6 support.
For nearly two hours, Berkshire Hathaway’s Class A shares were listed as trading at just $185.10 — a price that would represent a loss of 99.97%. Berkshire closed at $627,400 on Friday.
NYSE announced it has decided to “bust,” or cancel, all “erroneous” trades for Berkshire between 9:50 am ET and 9:51 am ET at or below $603,718.30. The exchange said that ruling is not eligible for appeal and indicated it could cancel other trades.
Azure Linux 3.0 shifts from the aging Linux 5.15 kernel to the newer Linux 6.6 LTS kernel as well as significant updates to OpenSSL, systemd, Runc, and other components. Azure Linux 3.0 is also now defaulting to SELinux’s enforcing mode by default.
Yesterday, the European Union’s Copernicus Earth-monitoring service announced that we’ve now gone a full year where every single month has been the warmest version of that month since we’ve had enough instruments in place to track global temperatures.
A study from researchers at the National Energy Technology Laboratory shows the wastewater produced by Pennsylvania’s unconventional wells could contain enough lithium to meet 38 to 40 percent of current domestic consumption.
During the initial deployment of a Google Cloud VMware Engine (GCVE) Private Cloud for the customer using an internal tool, there was an inadvertent misconfiguration of the GCVE service by Google operators due to leaving a parameter blank. This had the unintended and then unknown consequence of defaulting the customer’s GCVE Private Cloud to a fixed term, with automatic deletion at the end of that period. The incident trigger and the downstream system behavior have both been corrected to ensure that this cannot happen again.
AI passes the restaurant review Turing test. We are rapidly entering an era where we won’t be able to believe anything – articles, photos, videos, voice recordings – is genuine and original. Are you prepared?
In a series of experiments for a new study, Kovács found that a panel of human testers was unable to distinguish between reviews written by humans and those written by GPT-4, the LLM powering the latest iteration of ChatGPT. In fact, they were more confident about the authenticity of AI-written reviews than they were about human-written reviews.
On Monday, OpenAI announced the formation of a new “Safety and Security Committee” to oversee risk management for its projects and operations. The announcement comes as the company says it has “recently begun” training its next frontier model, which it expects to bring the company closer to its goal of achieving artificial general intelligence (AGI), though some critics say AGI is farther off than we might think. It also comes as a reaction to two weeks of public setbacks for the company.
Together, we’ve built an integration that includes intuitive navigation and traceability between source code and binaries, CI/CD with GitHub Actions and JFrog Artifactory, and a unified view of security findings across the software supply chain. By providing full control and visibility across the entire software supply chain, we are accelerating our joint vision of making developers’ lives easier and happier.
A massive uptick in traffic to Fedora’s package mirrors is causing problems for the Linux distribution. Some five million additional systems have started putting additional strain on Fedora’s mirror resources since March and appear to be coming from Amazon’s cloud.
The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges. It’s the result of a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated. Use-after-free vulnerabilities can result in remote code or privilege escalation.
The vulnerability, which affects Linux kernel versions 5.14 through 6.6, resides in the NF_tables, a kernel component enabling the Netfilter, which in turn facilitates a variety of network operations, including packet filtering, network address [and port] translation (NA[P]T), packet logging, userspace packet queueing, and other packet mangling. It was patched in January, but as the CISA advisory indicates, some production systems have yet to install it. At the time this Ars post went live, there were no known details about the active exploitation.
Here we see the fundamental flaw of the system: “AI Overviews are built to only show information that is backed up by top web results.” The design is based on the false assumption that Google’s page-ranking algorithm favors accurate results and not SEO-gamed garbage. Google Search has been broken for some time, and now the company is relying on those gamed and spam-filled results to feed its new AI model.
Internet surveillance, and the resultant loss of privacy, is following the same trajectory. Just as certain fish populations in the world’s oceans have fallen 80 percent, from previously having fallen 80 percent, from previously having fallen 80 percent (ad infinitum), our expectations of privacy have similarly fallen precipitously. The pervasive nature of modern technology makes surveillance easier than ever before, while each successive generation of the public is accustomed to the privacy status quo of their youth. What seems normal to us in the security community is whatever was commonplace at the beginning of our careers.
Recall that in the Danish system each mortgage is backed by a matching bond. As a consequence, mortgage holders have two ways to pay a mortgage: 1) hold the mortgage and pay the monthly payments or 2) buy the matching bond and, in effect, extinguish the mortgage. The latter option is valuable because when interest rates rise, the price of mortgages fall.
…Danish sellers are able to earn a profit when they trade in their low mortgage rates for more-expensive ones, making it easier to move even when rates rise.
In all, it’s a bleak finding that bodes poorly for the collective health of Americans, who are now seeing rises in cases of measles and other vaccine-preventable illnesses. Additional surveys by the APPC in 2021, 2022, and 2023 identified a slight increase in the number of survey takers who specifically believe, falsely, that the MMR (measles, mumps, and rubella) vaccine causes autism. In 2021, 9 percent of respondents falsely indicated that MMR vaccine causes autism, responding that the statement was “definitely true” (2 percent) or “probably true” (7 percent). In 2023, 12 percent of respondents fell into those categories, 2 percent for “definitely true” and 10 percent for “probably true.”
Since the start of 2024, the US has seen a steady march of measles infections nationwide. As of May 31, the CDC has recorded 146 cases across 21 states. Of those cases, 64 were part of a large outbreak in Chicago, which was declared over on May 30.
Regulators strongly prefer that deposits stay within the regulated banking sector. The single largest reason is that they’re worried that households’ immediately accessible stored funds stay safe and accessible. A major follow-up reason, less understood by non-specialists, is that regulated banks are bound to a long list of consumer protection items on the transaction level, not the institution level. A lot of the abuse in the economy happens in $50 and $5,000 increments, rather than multi-billion dollar increments. Regulators sleep happier knowing that this abuse happens at companies with teams of operators standing. Those operators will groan and chalk a disputed transaction, instance of fraud, or glitch in the matrix up to the operational losses budget rather than sticking a user with it.
