HP

How a Retrocomputing Enthusiast Got a 30-Year-Old Clamshell Computer Online (youtube.com) 18

It had a 4.8-inch display. Introduced in 1991, Hewlett-Packard's (DOS-based) HP 95LX Palmtop PC — a collaboration with Lotus — was finally discontinued back in 2003.

But one found its way to long-time Slashdot reader Shayde (who in November repaired a 48-year-old handheld videogame console from Mattel). "I really wanted to get this HP95LX talking to the internet at large," they told Slashdot, " but network stacks for DOS in 1991 were pretty limited, and this machine didn't even have the hardware for a network connection.

"It did have a serial port though — a flat 4-pin custom interface. I did a bunch of research and learned how to custom-build an RS-232 hookup for this port, and using an external Wifi module, got it online — and talking to the retrocomputing BBS!"

There's a video documenting the whole experience. (Along the way he uses 20-gauge hook-up wire from Amazon, a zip tie, solder cups, and an internet modem (the WiFi232 Hayes modem emulator). The whole thing is powered by two AA batteries — it has 512K of memory, and about half a meg of storage. My favorite technical detail?

"Conveniently, the HP 95 [Palmtop PC] uses the exact same pinout as the HP 48GX handheld graphing calculator. So looking up on the Internet, we can determine what pins we need to map from the HP unit over to what would be a DB25 serial port..."
Power

Scientists Build a Nuclear-Diamond Battery That Could Power Devices for Thousands of Years (livescience.com) 89

The world's first nuclear-powered battery — a diamond with an embedded radioactive isotope — could power small devices for thousands of years, according to scientists at the UK's University of Bristol.

Long-time Slashdot reader fahrbot-bot shared this report from LiveScience: The diamond battery harvests fast-moving electrons excited by radiation, similar to how solar power uses photovoltaic cells to convert photons into electricity, the scientists said.

Scientists from the same university first demonstrated a prototype diamond battery — which used nickel-63 as the radioactive source — in 2017. In the new project, the team developed a battery made of carbon-14 radioactive isotopes embedded in manufactured diamonds. The researchers chose carbon-14 as the source material because it emits short-range radiation, which is quickly absorbed by any solid material — meaning there are no concerns about harm from the radiation. Although carbon-14 would be dangerous to ingest or touch with bare hands, the diamond that holds it prevents any short-range radiation from escaping. "Diamond is the hardest substance known to man; there is literally nothing we could use that could offer more protection," Neil Fox, a professor of materials for energy at the University of Bristol, said in the statement...

A single nuclear-diamond battery containing 0.04 ounce (1 gram) of carbon-14 could deliver 15 joules of electricity per day. For comparison, a standard alkaline AA battery, which weighs about 0.7 ounces (20 grams), has an energy-storage rating of 700 joules per gram. It delivers more power than the nuclear-diamond battery would in the short term, but it would be exhausted within 24 hours. By contrast, the half-life of carbon-14 is 5,730 years, which means the battery would take that long to be depleted to 50% power....

[A] spacecraft powered by a carbon-14 diamond battery would reach Alpha Centauri — our nearest stellar neighbor, which is about 4.4 light-years from Earth — long before its power were significantly depleted.

The battery has no moving parts, according to the article. It "requires no maintenance, nor does it have any carbon emissions."
Japan

Japan Sees Nuclear as Cheapest Baseload Power Source in 2040 (financialpost.com) 72

Nuclear power is forecast to be the cheapest baseload electricity source in Japan in 2040, highlighting the government's desire to restart the nation's idled reactors. From a report: The cost of constructing and operating a new nuclear power plant for 2040 is estimated at 12.5 yen ($0.08) per kilowatt-hour, according to documents released from a trade ministry panel meeting on Monday. This cost assumes reactors will be used for 40 years at a 70% operational rate. The meeting was held to discuss the so-called levelized cost of electricity for each power asset, the document said.

A previous study published in 2021 saw LNG-fired power plants as the cheapest power source in 2030. However, the latest analysis includes a cost to reduce emissions, while fuel prices are also higher. Intermittent renewable sources, like large-scale and residential solar, were priced lower than nuclear for 2040, the most recent report showed. However, when including the total system cost, including deployment of batteries, nuclear is cheaper than solar in some scenarios.

Japan is currently in the process of revising its national energy strategy, which will dictate its power mix targets beyond 2030. The government has doubled down on nuclear as a way to curb dependence on pricey fossil fuels. The analysis released Monday also estimated LCOE of ammonia and hydrogen co-fired electricity, as well as pairing carbon capture and storage with LNG and coal power plants -- technologies that the Japanese government is considering for its long-term energy transition. Co-firing with hydrogen boosted the cost of an LNG plant by about 6% for deployment in 2040, while CCS didn't meaningfully change the price.

IT

Framework Unveils $39 Storage Expansion Module (theverge.com) 6

Framework has announced a $39 Dual M.2 Adapter for its Laptop 16, enabling users to add two additional M.2 slots to the laptop's expansion bay. The new component allows for up to 26TB of total storage when combined with the laptop's existing SSD slots, supporting various M.2 form factors with PCIe 4.0 connectivity.

The company also replaced the Laptop 16's liquid metal cooling system with Honeywell PTM7958 thermal paste to address performance concerns. Framework will provide the new thermal solution to existing customers upon request. The adapter marks Framework's first modular expansion component for the Laptop 16 since its launch, complementing the optional Radeon RX 7700S graphics card offering.
Transportation

Waymo Robotaxis Pass Emergency Vehicle Review. But One Got Stuck in a Roundabout (techcrunch.com) 36

An anonymous reader shared this report from The Verge: Waymo's driverless vehicles can detect emergency vehicles, know how to respond to hand signals for traffic cops, and can be disabled manually when something goes wrong, according to an independent review of the company's first responder protocols. As such, the Alphabet company's first responder protocols passed an independent review conducted by Tüv Süd, a German tech inspection company. The firm's assessment found that Waymo's First Responder Program "meets industry standards" for responding to emergency situations, which is in line with the best practices set out in the Society of Automotive Engineers (SAE)...

Waymo is staking out the position that it goes beyond what's required to prove that its vehicles are trustworthy... The company has also publicly released its own guide for first responders who are responding to incidents involving autonomous vehicles. The 32-page document includes a toll free number for getting in touch with remote operators, a visual guide for disabling the vehicle's autonomous mode, and instructions for how to disconnect the high-voltage battery. Waymo also hosts training sessions for police and fire officials in the cities in which it operates. The company says it has trained 15,000 first responders from over 75 agencies.

Gizmodo notes that Waymo's self-driving cars are already live for paying customers in San Francisco, Los Angeles, and Austin, "with deployment in Miami coming soon." But Waymo's self-driving cars still attract some mockery online, reports TechCrunch: A video is circulating on social media showing a Waymo robotaxi going round and round on a roundabout — as if it is stuck in a loop. A Waymo spokesperson told TechCrunch there were no passengers onboard the vehicle in the video and said the company has already addressed the issue by deploying a software update to its fleet.
Power

Utilities Are Trying Enormous 'Flow' Batteries Big Enough to Oust Coal Power Plants (yahoo.com) 143

To help replace power plants, Japan's northernmost island, Hokkaido, "is turning to a new generation of batteries designed to stockpile massive amounts of energy," reports the Washington Post.

"The Hokkaido Electric Power Network (HEPCO Network) is deploying flow batteries, an emerging kind of battery that stores energy in hulking tanks of metallic liquid." [F]low batteries are making their debut in big real-world projects. Sumitomo Electric, the company that built the Hokkaido plant, has also built flow batteries in Taiwan, Belgium, Australia, Morocco and California. Hokkaido's flow battery farm was the biggest in the world when it opened in April 2022 — a record that lasted just a month before China built one that is eight times bigger and can deliver as much energy as an average U.S. natural gas plant. "It looks like flow batteries are finally about to take off with interest from China," said Michael Taylor, an energy analyst at the International Renewable Energy Agency, an international group that studies and promotes green energy. "When China starts to get comfortable with a technology and sees it working, then they will very quickly scale their manufacturing base if they think they can drive down the costs, which they usually can...."

Lithium-ion batteries are perfect for smartphones because they're lightweight and fit in small spaces, even if they don't last long and have to be replaced frequently. Utilities have a different set of priorities: They need to store millions of times more energy, and they have much more room to work with. "If you think about utility-scale stationary applications, maybe you don't need lithium-ion batteries. You can use another one that is cheaper and can provide the services that you want like, for example, vanadium flow batteries," said Francisco Boshell, a researcher at the International Renewable Energy Agency...

Flow batteries are designed to tap giant tanks that can store a lot of energy for a long time. To boost their storage capacity, all you have to do is build a bigger tank and add more vanadium. That's a big advantage: By contrast, there's no easy way to adjust the storage capacity of a lithium-ion battery — if you want more storage, you have to build a whole new battery... One major barrier to building more of these battery farms is finding enough vanadium. Three-quarters of the world's supply comes as a by-product from 10 steel mills in China and Russia, according to Kara Rodby [a battery analyst at the investment firm Volta Energy Technologies] who got her PhD at the Massachusetts Institute of Technology studying the design and market for flow batteries. Australia, South Africa and the United States also produce vanadium, but in much smaller quantities. Mines that have been proposed could boost supply. And some flow battery start-ups are trying to sidestep the vanadium problem entirely by using different materials that are easier to buy.

The other hurdle is their up-front cost. Vanadium flow batteries are at least twice as expensive to build as lithium-ion batteries, Rodby said, and banks are hesitant to lend money to fund an unfamiliar technology. But experts say flow batteries can be cheaper in the long run because they're easier to maintain and last longer. A lithium-ion battery might have to be replaced after 10 years, but Rodby says flow batteries can last much longer. "There really is no finite lifetime for a flow battery in the way there is for lithium-ion," Rodby said.

Here's an interesting statistic from the article. "Over the next six years, utilities will have to build 35 times as many batteries as there are today to soak up all extra renewable energy that will come online, according to the International Energy Agency."
Security

Hacker In Snowflake Extortions May Be a US Soldier (krebsonsecurity.com) 20

An anonymous reader quotes a report from KrebsOnSecurity: Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect -- a prolific hacker known as Kiberphant0m -- remains at large and continues to publicly extort victims. However, this person's identity may not remain a secret for long: A careful review of Kiberphant0m's daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier who is or was recently stationed in South Korea.

Kiberphant0m's identities on cybercrime forums and on Telegram and Discord chat channels have been selling data stolen from customers of the cloud data storage company Snowflake. At the end of 2023, malicious hackers discovered that many companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with nothing more than a username and password (no multi-factor authentication required). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories for some of the world's largest corporations. Among those was AT&T, which disclosed in July that cybercriminals had stolen personal information, phone and text message records for roughly 110 million people. Wired.com reported in July that AT&T paid a hacker $370,000 to delete stolen phone records.

On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States, which has since indicted him on 20 criminal counts connected to the Snowflake breaches. Another suspect in the Snowflake hacks, John Erin Binns, is an American who is currently incarcerated in Turkey. Investigators say Moucka, who went by the handles Judische and Waifu, had tasked Kiberphant0m with selling data stolen from Snowflake customers who refused to pay a ransom to have their information deleted. Immediately after news broke of Moucka's arrest, Kiberphant0m was clearly furious, and posted on the hacker community BreachForums what they claimed were the AT&T call logs for President-elect Donald J. Trump and for Vice President Kamala Harris. [...] Also on Nov. 5, Kiberphant0m offered call logs stolen from Verizon's push-to-talk (PTT) customers -- mainly U.S. government agencies and emergency first responders.
Kiberphant0m denies being in the U.S. Army and said all these clues were "a lengthy ruse designed to create a fictitious persona," reports Krebs.

"I literally can't get caught," Kiberphant0m said, declining an invitation to explain why. "I don't even live in the USA Mr. Krebs." A mind map illustrates some of the connections between and among Kiberphant0m's apparent alter egos.
SuSE

SUSE Unveils Major Rebranding, New Data-Protecting AI Platform (zdnet.com) 12

An anonymous reader quotes a report from ZDNet, written by Steven Vaughan-Nichols: At KubeCon North America, SUSE announced a significant rebranding effort, several new product offerings, and the launch of SUSE AI, a secure platform for deploying and running generative AI (gen AI) applications. SUSE has renamed its entire portfolio to make product names more descriptive and customer-friendly. Notable changes include:

- Rancher, SUSE's Kubernetes offering, is now SUSE Rancher.
- Liberty Linux, the company's Red Hat Enterprise Linux (RHEL)/CentOS clone and support offering, becomes SUSE Multi Linux Support.
- Harvester is rebranded as SUSE Virtualization
- Longhorn is now SUSE Storage.

[...] Also, like everyone else, SUSE now has an AI offering: SUSE AI. This isn't an AI chatbot, like Red Hat's Lightspeed AI tool. No, it's a secure platform for deploying and running gen AI applications. This new offering addresses key challenges faced by enterprises as they move from AI experimentation to deployment, particularly in areas of security and compliance.
These are SUSE AI's top features, as highlighted by Vaughan-Nichols:

1. Security by Design: SUSE AI provides security and certifications at the software infrastructure level, along with zero-trust security tools, templates, and compliance playbooks.
2. Multifaceted Trust: The platform ensures that generated data is correct and private customer and IP data remain secure. It supports deployment across various environments, including on-premise, hybrid, cloud, and air-gapped setups.
3. Choice and Flexibility: SUSE AI allows customers to select and deploy their preferred AI components and LLMs.
4. Simplified Operations: The platform provides simplified cluster operations, persistent storage, and easy access to pre-configured shared tools and services.
IT

QNAP NAS Users Locked Out After Firmware Update Snafu (theregister.com) 46

A firmware update has left QNAP network-attached storage device owners unable to access their systems, with standard reset procedures failing to resolve the issue.

The problematic update, QTS 5.2.2.2950 build 20241114, was released last week before being partially withdrawn, according to user reports on QNAP's community forums. QNAP, the Taiwan-based storage manufacturer, has not specified which models are affected by the faulty firmware.
Power

Solar Glut: Half of California's Solar Power Sometimes Goes to Waste, Research Shows (latimes.com) 192

Some days more than half of California's available solar power goes to waste, according to research from the California Institute for Energy and Environment. "In the last 12 months, California's solar farms have curtailed production of more than 3 million megawatt hours of solar energy," according to a data analysis by the Los Angeles Times — enough to power 518,000 California homes for a year.

And it was curtailed "either on the orders of the state's grid operator or because prices had plummeted because of the glut. The waste would have been even larger if California had not paid utilities in other states to take the excess solar energy, documents from the state's grid operator show." That means green energy paid for by California electricity customers is sent away, lowering bills for residents of other states. Arizona's largest public utility reaped $69 million in savings last year by buying from the market California created to get rid of its excess solar power. The utility returned that money to its customers as a credit on their bills. Also reaping profits are electricity traders, including banks and hedge funds. The increasing oversupply of solar power has created a situation where energy traders can buy the excess at prices so low they become negative, said energy consultant Gary Ackerman, the former executive director of the Western Power Trading Forum. That means the solar plant is paying the traders to take it. "This is all being underwritten by California ratepayers," Ackerman said...

The solar glut also means higher electricity bills for Californians, since they are effectively paying to generate the power but not using it. California's electric rates are roughly twice the nation's average, with only Hawaii having higher rates. Rates at Southern California Edison and Pacific Gas & Electric increased by 51% over the last three years. "Ratepayers aren't getting the energy they've paid for," said Ron Miller, an energy industry consultant in Denver. He calculates that the retail value of the solar energy thrown away in a year would be more than $1 billion.

Gov. Gavin Newsom's advisors and those who manage the state's electric grid say they are working to reduce the curtailments, including by building more industrial-scale battery storage facilities that soak up the excess solar power during the day and then release it at night. Officials in the governor's office declined to be interviewed, but issued a statement saying the curtailments are often because of congestion on transmission lines, rather than a statewide oversupply of power. The state has been spending heavily to upgrade transmission lines to ease the congestion. "It's also important to have extra energy resources available that can help the state during periods of extreme weather and historic heatwaves when demand is particularly high, which have happened the past few years," the statement said...

The commercial solar industry contends that the expansion of storage capacity to bank solar power will eventually eliminate the glut.

Crime

Is There New Evidence in the D.B. Cooper Case? (cowboystatedaily.com) 63

On November 24th, 1971 — 53 years ago today — a mysterious man jumped out of an airplane clutching $200,000 in ransom money. (He'd extorted it from the airline by claiming he had a bomb, and it's still "the only unsolved case of air piracy in the history of commercial aviation," according to Wikipedia.) Will modern technology finally let us solve the case — or just turn it into a miniseries on Netflix? And have online researchers finally discovered the definitive clue?

The FBI vetted more than 800 suspects, according to the Wyoming news site Cowboy State Daily, but in 2016 announced they were suspending their active investigation.

So it's newsworthy that the FBI now appears to be investigating new evidence, according to an amateur D.B. Cooper researcher on YouTube: the discovery of what's believed to be D.B. Cooper's uniquely-modified parachute: Retired pilot, skydiver and YouTuber, Dan Gryder told Cowboy State Daily that he may have found the missing link after uncovering the modified military surplus bailout rig he believes was used by D.B. Cooper in the heist. It belonged to Richard Floyd McCoy II, and was carefully stored in his deceased mother's storage stash until very recently... McCoy's children, Chanté and Richard III, or "Rick," agree with Gryder that they believe their father was D.B. Cooper, a secret that shrouded the family but wasn't overtly discussed. For years, they said, the family stayed mum out of fear of implicating their mother, Karen, whom they believe was complicit in both hijackings. Upon her death in 2020, they broke their silence to Gryder after being contacted by him off and on for years.

Gryder, who has been researching the case for more than 20 years, documented his investigation in a lengthy two-part series on his YouTube channel, "Probable Cause," in 2021 and 2022, where he connects the dots and shows actual footage of him finding the parachute in an outbuilding on the McCoy family property in North Carolina in July 2022. On Monday, Gryder released a third video, "D.B. Cooper: Deep FBI Update," where he announced the FBI's new and very recent efforts in his discoveries. After watching his first two videos, Gryder said FBI agents contacted Rick and Gryder to see the parachute. It was the first investigative move by the agency since issuing the 2016 public statement, declaring the case closed pending new evidence. Gryder and Rick McCoy traveled to Richmond, Virginia, in September 2023, where they met with FBI agents, who took the harness and parachute into evidence along with a skydiving logbook found by Chanté that aligned with the timeline for both hijackings, providing another vital piece in the puzzle, Gryder said....

During the meeting, Gryder said the agents called it a first step. If the evidence proved fruitless, they would have promptly returned the skydiving rig, he said, but that didn't happen. Instead, an FBI agent called Rick a month later to ask to search the family property in Cove City, North Carolina, which McCoy's mother owned and where Gryder had found the parachute and canopy... [Gryder says he watched] at least seven vehicles descend on the property with more than a dozen agents who scoured the property for about four hours... Rick said he has provided a DNA sample and was told by the FBI agents that the next step might be exhuming his father's body, but no formal terms and conditions for that process have been established thus far, he said.

A retired commercial airline pilot who was present in the Virginia FBI meeting said "It was clear they were taking it seriously" — noting it was the FBI who'd requested that meeting. The article cites two FBI agents who'd earlier already believed D.B. Cooper was McCoy. And the article points out that the FBI "has never ruled McCoy out, stating in a 2006 statement that he was 'still a favorite suspect among many.'"

A second article notes that Gryder supports the FBI's recent request to exhume McCoy's body. As he sees it, "The existing DNA marker comparisons studied so far only validate the need for this final extreme step and should close the mystery once and for all."

And the article adds that McCoy's children are "eager for closure and hope that the FBI finds the evidence agents need to close the D.B. Cooper case once and for all."
Data Storage

SilverStone's Retro Beige PC Case Turns April Fools' Joke into Actual Product (techspot.com) 33

Slashdot reader jjslash shared this report from TechSpot: The SilverStone FLP01 made quite the impression when it was shared on X for April Fools' Day 2023. Loosely modeled after popular desktops from yesteryear like the NEC PC-9800 series, the chassis features dual 5.25-inch faux floppy bays that could stand to look a bit more realistic. Notably, the covers flip open to reveal access to a more modern (yet still legacy) optical drive and front I/O ports.

Modern-looking fan grills can be found on either side of the desktop, serving as yet another hint that the chassis is not as old at it appears on first glance. The grills look to be removable, and probably hold washable dust filters. Like early desktops, the system doubles as a stand for your monitor. The use of a green power LED up front helps round out the retro look; a red LED is used as a storage activity indicator.

Education

School Did Nothing Wrong When It Punished Student For Using AI, Court Rules 129

An anonymous reader quotes a report from Ars Technica: A federal court yesterday ruled against parents who sued a Massachusetts school district for punishing their son who used an artificial intelligence tool to complete an assignment. Dale and Jennifer Harris sued Hingham High School officials and the School Committee and sought a preliminary injunction requiring the school to change their son's grade and expunge the incident from his disciplinary record before he needs to submit college applications. The parents argued that there was no rule against using AI in the student handbook, but school officials said the student violated multiple policies.

The Harris' motion for an injunction was rejected in an order (PDF) issued yesterday from US District Court for the District of Massachusetts. US Magistrate Judge Paul Levenson found that school officials "have the better of the argument on both the facts and the law."

"On the facts, there is nothing in the preliminary factual record to suggest that HHS officials were hasty in concluding that RNH [the Harris' son, referred to by his initials] had cheated," Levenson wrote. "Nor were the consequences Defendants imposed so heavy-handed as to exceed Defendants' considerable discretion in such matters." "On the evidence currently before the Court, I detect no wrongdoing by Defendants," Levenson also wrote.
"The manner in which RNH used Grammarly -- wholesale copying and pasting of language directly into the draft script that he submitted -- powerfully supports Defendants' conclusion that RNH knew that he was using AI in an impermissible fashion," Levenson wrote. While "the emergence of generative AI may present some nuanced challenges for educators, the issue here is not particularly nuanced, as there is no discernible pedagogical purpose in prompting Grammarly (or any other AI tool) to generate a script, regurgitating the output without citation, and claiming it as one's own work," the order said.

Levenson concluded with a quote from a 1988 Supreme Court ruling that said the education of youth "is primarily the responsibility of parents, teachers, and state and local school officials, and not of federal judges." According to Levenson, "This case well illustrates the good sense in that division of labor. The public interest here weighs in favor of Defendants."
Google

US Regulators Seek To Break Up Google, Forcing Chrome Sale (apnews.com) 144

In a 23-page document (PDF) filed late Wednesday, U.S. regulators asked a federal judge to break up Google after a court found the tech giant of maintaining an abusive monopoly through its dominant search engine. As punishment, the DOJ calls for a sale of Google's Chrome browser and restrictions to prevent Android from favoring its own search engine. The Associated Press reports: Although regulators stopped short of demanding Google sell Android too, they asserted the judge should make it clear the company could still be required to divest its smartphone operating system if its oversight committee continues to see evidence of misconduct. [...] The Washington, D.C. court hearings on Google's punishment are scheduled to begin in April and Mehta is aiming to issue his final decision before Labor Day. If [U.S. District Judge Amit Mehta] embraces the government's recommendations, Google would be forced to sell its 16-year-old Chrome browser within six months of the final ruling. But the company certainly would appeal any punishment, potentially prolonging a legal tussle that has dragged on for more than four years.

Besides seeking a Chrome spinoff and a corralling of the Android software, the Justice Department wants the judge to ban Google from forging multibillion-dollar deals to lock in its dominant search engine as the default option on Apple's iPhone and other devices. It would also ban Google from favoring its own services, such as YouTube or its recently-launched artificial intelligence platform, Gemini. Regulators also want Google to license the search index data it collects from people's queries to its rivals, giving them a better chance at competing with the tech giant. On the commercial side of its search engine, Google would be required to provide more transparency into how it sets the prices that advertisers pay to be listed near the top of some targeted search results. The measures, if they are ordered, threaten to upend a business expected to generate more than $300 billion in revenue this year.
"The playing field is not level because of Google's conduct, and Google's quality reflects the ill-gotten gains of an advantage illegally acquired," the Justice Department asserted in its recommendations. "The remedy must close this gap and deprive Google of these advantages."
Hardware

Framework Laptops Get Modular Makeover With RISC-V Main Board (theregister.com) 48

An anonymous reader quotes a report from The Register: Framework CEO Nirav Patel had one of the bravest tech demos that we've seen at a conference yet -- modifying a Framework Laptop from x86 to RISC-V live on stage. In the five-minute duration of one of the Ubuntu Summit's Lightning Talks, he opened up a Framework machine, removed its motherboard, installed a RISC-V-powered replacement, reconnected it, and closed the machine up again. All while presenting the talk live, and pretty much without hesitation, deviation, or repetition. It was an impressive performance, and you can watch it yourself at the 8:56:30 mark in the video recording.

Now DeepComputing is taking orders for the DC-ROMA board, at least to those in its early access program. The new main board is powered by a StarFive JH7110 System-on-Chip. (Note: there are two tabs on the page, for both the JH7110 and JH7100, and we can't link directly to the latter.) CNX Software has more details about the SoC. Although the SoC has six CPU cores, two are dedicated processors, making it a quad-core 64-bit device. The four general-purpose cores are 64-bit and run at up to 1.5 GHz. It supports 8 GB of RAM and eMMC storage. [...]

In our opinion, RISC-V is not yet competitive with Arm in performance. However, this is a real, usable, general-purpose computer, based on an open instruction set. That's no mean feat, and it's got more than enough performance for less demanding work. It's also the first third-party main board for the Framework hardware, which is another welcome achievement. The company has now delivered several new generations of hardware, including a 16-inch model, and continues to upgrade its machines' specs.

Bitcoin

Five-Year Prison Sentence for Man who Stole 120,000 Bitcoin from Bitfinex in 2016 (apnews.com) 25

More than 120,000 bitcoin were stolen in a 2016 breach of Bitfinex. Seven years later the perpetrator pleaded guilty.

And Thursday he was sentenced to a five-year prison term, reports the Associated Press: Ilya Lichtenstein masterminded one of the largest-ever thefts from a virtual currency exchange before he and his wife, Heather Rhiannon Morgan, carried out an elaborate scheme to liquidate the stolen funds, according to federal prosecutors... "Over half a decade, the defendant engaged in what IRS agents described as the most complicated money laundering techniques they had seen to date," prosecutors wrote... The couple successfully laundered about 21 percent of the funds stolen from Bitfinex. The laundered money was worth at least $14 million at 2016 prices. Its value would have exceeded $1 billion at the time of their 2022 arrest.

Authorities seized the remaining funds, collectively valued at over $6 billion at current prices... An attorney for Bitfinex said the hack "devastated" its finances and its reputation with its customers, with the stolen funds accounting for approximately 36% of the company's assets at the time of theft. "Bitfinex had to take unprecedented and immediate action to ensure that any losses from the Hack would ultimately be borne by Bitfinex and its shareholders alone, not its customers," the lawyer, Barry Berke, wrote in a letter to the judge.

A prosecutor said Lichtenstein immediately began cooperating with federal authorities after his arrest, helping them with other cybercrime investigations. Over 96% of the stolen funds have been recovered, with help from Lichtenstein, according to defense attorney Samson Enzer. The "vast bulk" of the stolen money was never spent, the lawyer said.

Lichtenstein also "pleaded with the judge to spare his wife from prison, blaming himself for her involvement," according to the article. His wife — a rap artist who records under the name Razzlekhan — will be sentenced Monday, but has pleaded guilty to the same charge, and prosecutors are recommending an 18-month sentence.
Programming

OpenMP 6.0 Released (phoronix.com) 11

Phoronix's Michael Larabel reports: The OpenMP Architecture Review Board announced from SC24 that OpenMP 6.0 is now available as a major upgrade to the OpenMP specification for multi-process programming within C / C++ / Fortran. A big emphasis on OpenMP 6.0 is making it easier for developers to embrace. OpenMP 6.0 aims to make it easier to support parallel programming in new applications, easier to adapt to new use-cases, and more fine-grained developer control.

OpenMP 6.0 simplifies task programming with support for task execution by free-agent threads, allowing for recording of task graphs for efficient replay, and other improvements. OpenMP 6.0 also brings support for array syntax applications, better control over memory allocations and accessibility, easier writing of asynchronous data transfers, and other improvements for enhanced device support / offloading. There is also easier programming of loop transformations, support for induction, support for C23 / Fortran 2023 / C++23, grater user control of storage resources and memory spaces, and other improvements.

The Courts

Apple Faces UK 'iCloud Monopoly' Compensation Claim Worth $3.8 Billion (techcrunch.com) 73

An anonymous reader quotes a report from TechCrunch: U.K. consumer rights group 'Which?' is filing a legal claim against Apple under competition law on behalf of some 40 million users of iCloud, its cloud storage service. The collective proceeding lawsuit, which is seeking 3 billion pounds in compensation damages (around $3.8 billion at current exchange rates), alleges that Apple has broken competition rules by giving its own cloud storage service preferential treatment and effectively locking people into paying for iCloud at "rip-off" prices. "iOS has a monopoly and is in control of Apple's operating systems and it is incumbent on Apple not to use that dominance to gain an unfair advantage in related markets, like the cloud storage market. But that is exactly what has happened," Which wrote in a press release announcing filing the claim with the U.K.'s Competition Appeal Tribunal (CAT).

The lawsuit accuses Apple of encouraging users of its devices to sign up to iCloud for photo storage and other data storage needs, while simultaneously making it difficult for consumers to use alternative storage providers -- including by not allowing them to store or back-up all of their phone's data with a third-party provider. "iOS users then have to pay for the service once photos, notes, messages and other data go over the free 5GB limit," Which noted. The suit also accuses Apple of overcharging U.K. consumers for iCloud subscriptions owing to the lack of competition. "Apple raised the price of iCloud for UK consumers by between 20% and 29% across its storage tiers in 2023," it wrote, saying it's seeking damages for all affected Apple customers -- and estimating that individual consumers could be owed an average of 70 pounds (around $90), depending on how long they've been paying Apple for iCloud services.
"Anyone who has 'obtained' iCloud services, including non-paying users, over the nine-year timeframe since the Consumer Rights Act came into force on October 1st, 2015," will be included in the claim. U.K.-based consumers will have to opt-out if they do not want to be included. "Consumers who live outside the U.K. and believe they are eligible to be included must actively opt-in to join the action," adds TechCrunch.
Music

Spotify's Car Thing, Due For Bricking, Is Getting an Open Source Second Life (arstechnica.com) 15

If you have Spotify's soon-to-be-bricked Car Thing, there are a few ways you can give it a new lease on life. YouTuber Dammit Jeff has showcased modifications to Car Thing that makes the device useful as a desktop music controller, customizable shortcut tool, or a simple digital clock. Ars Technica's Kevin Purdy reports: Spotify had previously posted the code for its uboot and kernel to GitHub, under the very unassuming name "spsgsb" and with no announcement (as discovered by Josh Hendrickson). Jeff has one idea why the streaming giant might not have made much noise about it: "The truth is, this thing isn't really great at running anything." It has half a gigabyte of memory, 4GB of internal storage, and a "really crappy processor" (Amlogic S905D2 SoC) and is mostly good for controlling music.

How do you get in? The SoC has a built-in USB "burning mode," allowing for a connected computer, running the right toolkit, to open up root access and overwrite its firmware. Jeff has quite a few issues getting connected (check his video description for some guidance), but it's "drag and drop" once you're in. Jeff runs through a few of the most popular options for a repurposed Car Thing:

- DeskThing, which largely makes Spotify desk-friendly, but adds a tiny app store for weather (including Jeff's own WeatherWave), clocks, and alternate music controls
- GlanceThing, which keeps the music controls but also provides some Stream-Deck-like app-launching shortcuts for your main computer.
- Nocturne, currently invite-only, is a wholly redesigned Spotify interface that restores all its Spotify functionality.

Security

D-Link Won't Fix Critical Flaw Affecting 60,000 Older NAS Devices 87

D-Link confirmed no fix will be issued for the over 60,000 D-Link NAS devices that are vulnerable to a critical command injection flaw (CVE-2024-10914), allowing unauthenticated attackers to execute arbitrary commands through unsanitized HTTP requests. The networking company advises users to retire or isolate the affected devices from public internet access. BleepingComputer reports: The flaw impacts multiple models of D-Link network-attached storage (NAS) devices that are commonly used by small businesses: DNS-320 Version 1.00; DNS-320LW Version 1.01.0914.2012; DNS-325 Version 1.01, Version 1.02; and DNS-340L Version 1.08. [...] A search that Netsecfish conducted on the FOFA platform returned 61,147 results at 41,097 unique IP addresses for D-Link devices vulnerable to CVE-2024-10914.

In a security bulletin today, D-Link has confirmed that a fix for CVE-2024-10914 is not coming and the vendor recommends that users retire vulnerable products. If that is not possible at the moment, users should at least isolate them from the public internet or place them under stricter access conditions. The same researcher discovered in April this year an arbitrary command injection and hardcoded backdoor flaw, tracked as CVE-2024-3273, impacting mostly the same D-Link NAS models as the latest flaw.

Slashdot Top Deals