fidzu : computers

An anonymous Slashdot reader writes: ClickFix attacks are ramping up. These attacks have users copy and paste a string to something that can execute a command line - like the Windows Run dialog, or a shell prompt. But MacRumors reports that macOS 26.4 Tahoe (updated earlier this week) introduces a new feature to its Terminal app where it will detect ClickFix attempts and stop them by prompting the user if they really wanted to run those commands. According to MacRumors, the warning readers "Possible malware, Paste blocked." "Your Mac has not been harmed. Scammers often encourage pasting text into Terminal to try and harm your Mac or compromise your privacy...." There is also a "Paste Anyway" option if users still wish to proceed.

Read more of this story at Slashdot.

29 Mar 2026 1:34am GMT

It's FOSS interviewed a software engineer whose long-running open source contributions include Python code for the Arch Linux installer and maintaining packages for NixOS. But "a recent change he made to systemd has pushed him into the spotlight" after he'd added the optional birthDate field for systemd's user database. Critics saw it not merely as a technical addition, but as a symbolic capitulation to government overreach. A crack in the philosophical foundation of freedom that Linux is built on. What followed went far beyond civil disagreement. Dylan revealed that he faced harassment, doxxing, death threats, and a flood of hate mail. He was forced to disable issues and pull request tabs across his GitHub repositories... Q: Should FOSS projects adapt to laws they fundamentally disagree with? Because these kinds of laws are certainly in conflict with what a lot of Linux users believe in. A. Unfortunately, in a lot of cases, the answer is yes - at least for any distribution with corporate backing. The small independent distributions are much more flexible to refuse as a protest. If we ignore regulations entirely, we risk Linux being something that companies are not willing to contribute to, and Linux may be shipped on less hardware. I'm talking about things like Valve and System76 (despite them very vocally hating these laws). That does not help us; it just lowers the quality of software contributions due to less investment in the platform and makes Linux less accessible to the average person. We need Linux and other free operating systems to remain a viable alternative to closed systems. Q. Do you think regulations like these will reshape desktop Linux in the next 5-10 years where we might have "compliant Linux" and "Freedom-first Linux"? A. Unfortunately, yes, to some degree this is likely. I imagine the split will be mostly along the lines of independent distributions and those with corporate backing. We're already seeing it as far as which distributions plan on implementing some sort of age verification and which ones are not, and that sucks. I'd rather nobody have to deal with this mess at all, but this is the reality of things now. As I said in the previous response, the corporate-backed distributions really have no choice in the matter. Companies are notoriously risk-adverse, but something like Artix or Devuan? Those are small and independent enough where the individual maintainers may be willing to take on more risk. I was actually thinking about what this would look like if we added it to [Linux system installer] Calamares and chatting about that with the maintainers before that thread got brigaded by bad actors posting personal information and throwing around insults. I completely support the freedom for the distro maintainers to choose their risk tolerance. If the distribution is based out of Ireland or something (like Linux Mint) without these silly laws in the jurisdiction the developer operates in, I think that we should leave it up to them to make a choice here. They think the installer should have a date picker with a flag to disable it, and "We can even default it to off, and corporate distributions using Calamares or those not willing to take the risk could flip it on if they need to. That way if maintainers of the distributions do not wish to collect the birth date, they won't have to, and no forking is required to patch it out."

Read more of this story at Slashdot.

28 Mar 2026 10:34pm GMT

"IBM says its quantum computer can now simulate real magnetic materials and match actual lab experiment results," writes Slashdot reader BrianFagioli, "which is something people have been waiting years to see." Instead of just theoretical output, the system reproduced neutron scattering data from a known material, meaning it lines up with real world physics. It still relies on a mix of quantum and classical computing and this is a narrow use case for now, but it is one of the first times quantum hardware has produced results that scientists can directly validate against experiments, which makes it a lot more interesting than the usual hype. Classical computers "are not great at modeling quantum systems," according to this article at Nerds.xyz. "The math gets messy fast, and scientists end up relying on approximations... Quantum computers are supposed to solve that problem..." If this direction continues, it could start to matter in areas like superconductors, battery tech, and even drug development. Those are the kinds of problems where better simulations can actually lead to better outcomes, not just nicer charts in a research paper. "I am extremely excited about what this means for science," said study co-author Allen Scheie from the Los Alamos National Laboratory. In an announcement from IBM, Scheie calls this "the most impressive match I've seen between experimental data and qubit simulation, and it definitely raises the bar for what can be expected from quantum computers."

Read more of this story at Slashdot.

28 Mar 2026 9:34pm GMT

Breathing capacity could have compensated for lower atmospheric oxygen.

28 Mar 2026 12:30pm GMT

A quantum experiment shows that we can formally test if the order of events matters.

28 Mar 2026 12:00pm GMT

Specially equipped nets can help save some species, while allowing fisherman to still catch others.

28 Mar 2026 11:15am GMT

This guide describes how you can install a Plan 9 network on an OpenBSD machine (it will probably work on any unix machine though). The authentication service (called "authsrv" on Plan 9) is provided by a unix version: authsrv9. The file service is provided by a program called "u9fs". It comes with Plan 9. Both run from inetd. The (diskless) cpu server is provided by running qemu, booted from only a floppy (so without local storage). Finally, the terminal is provided by the program drawterm. The nice thing about this approach is that you can use all your familiar unix tools to get started with Plan 9 (e.g. you can edit the Plan 9 files with your favorite unix editor). I'm assuming you have read at least something about Plan 9, for example the introduction paper Plan 9 from Bell Labs. ↫ Mechiel Lukkien If you're running OpenBSD, you're already doing something better than everyone else, and if you want to ascend to the next level, this is a great place to start. Of course, the final level, where you leave your earthly roots behind and become a being of pure enlightened energy, is running Plan 9 on real hardware as the universe intended, but let's not put the cart before the horse. One day, all of humanity will just be an endless collection of interconnected cosmic Plan 9 servers, more plentiful than the stars in the known universe.

27 Mar 2026 7:40pm GMT

Towards the end of 2024, Dennis Biesma decided to check out ChatGPT. The Amsterdam-based IT consultant had just ended a contract early. "I had some time, so I thought: let's have a look at this new technology everyone is talking about," he says. "Very quickly, I became fascinated." Biesma has asked himself why he was vulnerable to what came next. He was nearing 50. His adult daughter had left home, his wife went out to work and, in his field, the shift since Covid to working from home had left him feeling "a little isolated". He smoked a bit of cannabis some evenings to "chill", but had done so for years with no ill effects. He had never experienced a mental illness. Yet within months of downloading ChatGPT, Biesma had sunk €100,000 (about £83,000) into a business startup based on a delusion, been hospitalised three times and tried to kill himself. ↫ Anna Moore at The Guardian These stories are absolutely heart-wrenching, and it doesn't just happen to people who have had a history of mental illness or other things you might associate with priming someone for "falling for" an "AI" chatbot. Just a few years in, and it's already clear that these tools pose a real danger to a group of people of indeterminate size, and proper research into the causes is absolutely warranted and needed. On top of that, if there's any evidence of wrongdoing from the companies behind these chatbots - intentionally making them more addictive, luring people in, ignoring established dangers, covering up addiction cases, etc. - lawsuits and regulation are definitely in order. Only yesterday, Facebook and Google lost a landmark trial in the US, ruling the companies intentionally made social media as addictive as possible, thereby destroying a person's life in the process. Countless similar lawsuits are underway all over the world, and I have a feeling that in a few years to decades, we'll look at unregulated, rampant social media the same way we look at tobacco now. Perhaps "AI" chatbots will join their ranks, too.

27 Mar 2026 7:30pm GMT

Today, we're excited to announce a significant step forward in our ongoing commitment to Windows security and system reliability: the removal of trust for all kernel drivers signed by the deprecated cross-signed root program. This update will help protect our customers by ensuring that only kernel drivers that the Windows Hardware Compatibility Program (WHCP) have passed and been signed can be loaded by default. To raise the bar for platform security, Microsoft will maintain an explicit allow list of reputable drivers signed by the cross-signed program. The allow list ensures a secure and compatible experience for a limited number of widely used, and reputable cross-signed drivers. This new kernel trust policy applies to systems running Windows 11 24H2, Windows 11 25H2, Windows 11 26H1, and Windows Server 2025 in the April 2026 Windows update. All future versions of Windows 11 and Windows Server will enforce the new kernel trust policy. ↫ Peter Waxman at the Windows IT Pro Blog The cross-signed root program was discontinued in 2021, and ran since the early 2000s, so I think it's fair to no longer automatically assume such possibly old and outdated drivers are still to be trusted.

27 Mar 2026 7:18pm GMT

On Friday, July 18th, 2025, the Arch Linux team was notified that three AUR packages had been uploaded that contained malware. A few maintainers including myself took care of deleting these packages, removing all traces of the malicious code, and protecting against future malicious uploads.

30 Jan 2026 12:00am GMT

While starting this post I realized I have been maintaining personal infrastructure for over a decade! Most of the things I've self-hosted is been for personal uses. Email server, a blog, an IRC server, image hosting, RSS reader and so on. All of these things has all been a bit all over the place and never properly streamlined. Some has been in containers, some has just been flat files with a nginx service in front and some has been a random installed Debian package from somewhere I just forgot.

19 Jan 2026 12:00am GMT

In the recent blog post on the work funded by Sovereign Tech Fund (STF), we provided an overview of the "File Hierarchy for the Verification of OS Artifacts" (VOA) and the voa project as its reference implementation. VOA is a generic framework for verifying any kind of distribution artifacts (i.e. files) using arbitrary signature verification technologies. The voa CLI ⌨️ The voa project offers the voa(1) command line interface (CLI) which makes use of the voa(5) configuration file format for technology backends. It is recommended to read the respective man pages to get …

11 Jan 2026 12:00am GMT