11 Jul 2026
Slashdot
How the FSF Sysadmins are Blocking Botnets with reaction
For nearly two years the Free Software Foundation has been fighting web crawlers (including many aggressively scraping training data for AI models). A botnet controlling about five million IPs hit one system for six months in 2025. Their systems administrator wrote this week that they view these as distributed denial-of-service attacks. How are they fighting back? We noticed patterns in the scrapers that were abnormal, which gave us material for writing regular expressions. Searching for the regular expression then gave us a large lists of IP addresses. Looking up the origin of those IP addresses revealed that some of the crawlers were using botnets of residential IP addresses to scrape faster and avoid detection. We looked for what kinds of botnets might be generating the kind of traffic that we were seeing, and one that we suspected was called the "Vo1d" botnet, comprised of smart TVs running some sort of compromised app... We got confirmation that at least some of the botnet traffic hitting GNU Savannah was originating through the Vo1d/Popa botnet. We placed our regular expressions in fail2ban, and found that we were hitting the maximum rules that could be added to UFW firewall rules on our systems which showed degradation around 65,000 rules... We learned about ipset and configured fail2ban to add IP addresses that it found to IP sets. Using ipset, we kept building larger IP sets and did not find instability with as large as five million rules... We eventually found a promising project on Framasoft's forge Framagit called reaction written by ppom... After we ran into scaling issues with our initial implementation, we developed a much faster implementation where the reaction shutdown process would export the IP sets to disk and the reaction startup process would restore the IP sets. This allowed us to have nearly instantaneous restarts of the service to apply new rules. We published both of our configurations upstream to reaction's wiki so that everyone can benefit from it. reaction's getting started documentation now leads to the method that we proposed... Many sysadmins know about fail2ban, but not enough people know about reaction. I am very grateful to ppom for the help they have provided and for the tremendous project they have released to the world with reaction. We have implemented other defenses as well, but reaction is doing the majority of the automated work keeping our sites online.
Read more of this story at Slashdot.
11 Jul 2026 9:47pm GMT
DuckDuckGo's Browser Now Blocks Most YouTube Ads
Nerds.xyz reports: DuckDuckGo just gave its browser a feature that a lot of people have been waiting for. The privacy-focused browser can now block most video ads on YouTube, letting users watch videos without sitting through the pre-roll and mid-roll interruptions that have become part of everyday life on the platform. The feature is already enabled by default for iPhone, Windows, and Mac users running the latest version of the browser. Android users can turn it on manually... with DuckDuckGo planning to enable it by default in a future update... To make it work, DuckDuckGo relies on the same community-maintained filter lists used by uBlock Origin, along with some of its own compatibility rules. The company says you might notice a bit of extra buffering before a video starts, but once playback begins, most ads should be gone. Slashdot reader BrianFagioli argues that the feature raises questions about how creators are compensated when ad revenue is bypassed.
Read more of this story at Slashdot.
11 Jul 2026 8:47pm GMT
Orbital Datacenter Plans Need an Environmental Review, FCC Told
Environmental groups want America's FCC "to slam the brakes on orbital datacenters," writes The Register. They're arguing for an environmental impact assessment for what could be 1 million satellites: Earthjustice, acting on behalf of DarkSky International, Environment America, and Public Employees for Environmental Responsibility (PEER), filed a petition this week... The filing doesn't target any single company. Instead, it asks the regulator to put the entire emerging orbital datacenter sector on hold while it assesses the cumulative effects of proposals from SpaceX, Starcloud, Blue Origin, Cowboy Space, and any similar applications that follow. According to the petition, those proposals collectively seek "well over a million datacenter satellites" in low Earth orbit.... " increasing the existing volume of satellites in low-earth orbit by multiple orders of magnitude." The groups argue that the FCC is trying to apply licensing rules written for much smaller satellite constellations to an entirely new class of infrastructure. "If ever a situation warranted a Programmatic Environmental Impact Statement [PEIS], it is this one," the petition says. It argues that a single review would allow the agency to examine "the risks, alternatives, needs, costs, and impacts of this sudden transformation of Earth's exosphere" before deciding whether any of the projects are in the public interest. The petition raises concerns about rocket launch emissions, pollutants released as satellites burn up during atmospheric reentry, depletion of the ozone layer, orbital debris, light pollution, impacts on wildlife, and interference with astronomy. It also argues that the combined effects of these constellations cannot be understood by evaluating applications one at a time.... "It is difficult to imagine a better example of multiple projects presenting essentially identical impacts and risks that compound synergistically and cumulatively than the present proposals..." The petition argues that the FCC's current approach, which generally treats satellite licenses as categorically excluded from detailed environmental review, is no longer fit for proposals measured not in dozens or thousands of spacecraft but in hundreds of thousands and, potentially, millions. If the FCC agrees, orbital datacenter operators will have a mountain of paperwork to clear before sending their hardware skyward.
Read more of this story at Slashdot.
11 Jul 2026 7:34pm GMT
Ars Technica
A Jupiter-size planet that escaped its star's death
It's unclear how the planet avoided its star's bloated red giant stage.
11 Jul 2026 12:00pm GMT
Overhaul of public lands grazing regulations seeks to cut public involvement
For the first time since 1995, the Bureau of Land Management is rewriting its grazing regulations.
11 Jul 2026 11:11am GMT
10 Jul 2026
Ars Technica
Quantum error correction can constantly recalibrate a processor
Reinforcement learning uses error information to adjust control algorithms.
10 Jul 2026 11:02pm GMT
OSnews
Apple sues OpenAI for theft of “trade secrets”
Apple sued OpenAI on Friday, alleging the AI company has stolen the iPhone maker's trade secrets to develop its own yet-to-be-unveiled AI gadgets. In the suit, filed in the District Court of Northern California, Apple accuses OpenAI of trade secret misappropriation and breach of contract. ↫ Lisa Eadicicco and Hadas Gold at CNN I find this about as interesting and watching artificial grass grow, but with the common wisdom being that Apple is behind on "AI", it was honestly only a matter of time before the lawsuits came. After all, that's usually what companies who can't win in the market do. At the very least this will give corporate tech news websites a whole slew of new material. I just hope they both implode. We'd all be better off for it.
10 Jul 2026 10:16pm GMT
Redox gets GTK3, Tcl
Redox did the develop cools stuff thing again for a month, so we've got progress to talk about. This past month, GTK3 has been ported to Redox, as well as the Tcl programming language. Support for per-window fractional scaling has been added to Orbital, Redox' desktop environment, but it's still relatively limited for now. There's also new USB gamepad support, which already works in quite a few emulators, as well as details about how Redox intends to improve its support for running in a virtual environment over the coming 12 months, an effort sponsored by NLnet. Of course, there's also the usual bugfixes and updates to various drivers, the kernel, Relibc, and more.
10 Jul 2026 10:05pm GMT
Understanding Windows monthly updates: Servicing explained
Windows has a fairly complex update ecosystem, so every now and then, the company feels like it needs to publish clarifications and explainers so people can keep up with what's going on. Most individuals and organizations regularly deploy monthly security updates, released on the second Tuesday of each month. Windows also provides optional non-security preview updates, which give IT teams and early adopters an opportunity to validate upcoming fixes before they're included in the next monthly security update. This guide explains the purpose of each update type, when updates are released, and how they fit into the modern Windows servicing model. ↫ Chris Morrissey at the Windows IT Pro Blog It's easy to make fun of Microsoft and Windows for just how complex and obtuse the update ecosystem really is, but in all honestly it's kind of understandable. Windows is a sprawling platform used by so many different people, companies, and organisations, under so many different circumstances and in so many different environments, it makes sense that Microsoft wants to address the multitude of needs that arise from that complexity. And so we end up not only with a dizzying array of update types and a long corpus of mystic terminology, but also a long list of complex different management tools to deploy said updates. And then there's the various preview channels making everything even more complex. I'm definitely not smart, qualified, or experienced enough to come up with a better solution, but I do think choosing better names for the various update types, and perhaps a centralised settings panel inside Windows that gave users a better idea of what each type of update actually does, would go a long way to improving clarity. During my month with Windows 11, I also found it deeply frustrating just how little information Microsoft provides about each of the updates Windows is installing. As a user, I was expected to copy/paste the KB number and then hope that would lead me to useful information, while it would be much more convenient if such information was available right then and there inside Windows Update. If you can't reduce complexity, you should try to improve transparency.
10 Jul 2026 9:55pm GMT
01 Jun 2026
Planet Arch Linux
Today is my first day at JetBrains
Good morning from JetBrains Berlin office!
01 Jun 2026 12:00am GMT
11 May 2026
Planet Arch Linux
Ratty: A terminal emulator with inline 3D graphics
Just trying to answer one simple question: What if the terminal was 3D?
11 May 2026 12:00am GMT
18 Apr 2026
Planet Arch Linux
Break the loop, move to Berlin
Break the pattern today or the loop will repeat tomorrow.
18 Apr 2026 12:00am GMT