Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Delta Air Lines Faces Class-Action Lawsuit Over CrowdStrike Software Outage

2025-05-08
Delta Air Lines Faces Class-Action Lawsuit Over CrowdStrike Software Outage

A 2024 CrowdStrike software failure caused widespread flight cancellations and delays for Delta Air Lines, resulting in significant passenger losses. Despite Delta claiming reliance on Microsoft software and rejecting assistance from both CrowdStrike and Microsoft, a judge allowed a class-action lawsuit to proceed on claims of breach of contract (failure to refund) and violation of the Montreal Convention. Passengers allege Delta failed to adequately disclose its refund policy and attempted to waive legal liability through partial reimbursements. This ruling marks a significant step forward for passengers seeking airline accountability.

Read more
(www.theregister.com)
Tech software failure

Pentagon Overhauls Software Procurement: Security First

2025-05-07
Pentagon Overhauls Software Procurement: Security First

The US Department of Defense (DoD) is overhauling its outdated software procurement systems, prioritizing security. CIO Katie Arrington launched the Software Fast Track (SWFT) initiative to reform software acquisition, testing, and authorization. SWFT addresses slow processes, lack of supply chain visibility, and concerns over open-source software security. It will define cybersecurity and supply chain risk management requirements, leveraging AI for secure software authorization. The DoD aims to finalize the SWFT framework and implementation plan within 90 days, ensuring rapid delivery of secure, high-quality software to enhance military capabilities. However, recent cyberattacks and leaks highlight the DoD's own security vulnerabilities, raising questions about the initiative's effectiveness.

Read more
(www.theregister.com)
Tech DoD Software Procurement

Trump's Budget Proposal Slams CISA with $491M Cut, Accusing it of Censorship

2025-05-06
Trump's Budget Proposal Slams CISA with $491M Cut, Accusing it of Censorship

President Trump's proposed 2026 budget includes a $491 million (17%) cut to the Cybersecurity and Infrastructure Security Agency (CISA), framing it as a purge of the so-called "censorship industrial complex." The White House accuses CISA of prioritizing combating misinformation over protecting critical systems. While CISA faces significant cuts, the overall Department of Homeland Security budget receives a substantial boost for increased deportations and border wall construction. The TSA and FEMA also face budget reductions. This proposal, however, requires Congressional approval and is expected to face strong opposition.

Read more
(www.theregister.com)
Tech Budget Cuts

Oregon State University's Open Source Lab Faces Funding Crisis

2025-05-06
Oregon State University's Open Source Lab Faces Funding Crisis

Oregon State University's (OSU) Open Source Lab (OSL), a 22-year-old project, is facing a critical funding shortage, jeopardizing its future. The OSL hosts numerous open-source projects worldwide, having played a crucial role in supporting projects like Gentoo, Drupal, and the Mozilla Foundation. The funding shortfall stems from federal budget cuts, with OSU's president expressing concern. The OSL is seeking $250,000 to stay afloat, and the open-source community has voiced strong support, with many beneficiaries highlighting its significance.

Read more
(www.theregister.com)
Development

ODF at 20: Open Document Format's Two-Decade Battle Against Microsoft

2025-05-06
ODF at 20: Open Document Format's Two-Decade Battle Against Microsoft

Twenty years ago, the Open Document Format (ODF) became a standard, aiming to break Microsoft Office's dominance. While ODF gained traction with some governments and organizations, including the UK government, the European Commission, and even NATO (which mandated its use), it failed to significantly dent Microsoft's market share. Proponents argue ODF is more than a technical specification; it symbolizes freedom of choice and interoperability. Yet, most users stick with Microsoft's default formats. This two-decade struggle reflects the ongoing tension between open standards and commercial strategies.

Read more
(www.theregister.com)
Tech Open Document

Linux io_uring: A Blind Spot for Antivirus?

2025-05-04
Linux io_uring: A Blind Spot for Antivirus?

Security firm ARMO has revealed a vulnerability in Linux's io_uring interface, allowing malware to bypass detection by some antivirus and endpoint protection tools. io_uring enables applications to perform I/O operations without traditional system calls, evading syscall-based monitoring. ARMO's proof-of-concept, Curing, successfully evaded detection by Falco, Tetragon, and Microsoft Defender in default configurations. This vulnerability potentially affects tens of thousands of Linux servers. While vendors acknowledge the issue and work on fixes, Google has already disabled or restricted io_uring in ChromeOS and Android after significant bug bounty payouts related to io_uring flaws.

Read more
(www.theregister.com)
Tech antivirus

Arizona Woman Pleads Guilty in $17M North Korea-Linked Tech Scam

2025-05-01
Arizona Woman Pleads Guilty in $17M North Korea-Linked Tech Scam

An Arizona woman pleaded guilty to participating in a North Korea-linked scheme that netted over $17 million. She operated a 'laptop farm' from her home, providing US IP addresses to overseas IT workers posing as American citizens. These workers, using stolen identities of over 70 US nationals, obtained remote IT jobs at numerous Fortune 500 companies. The funds were laundered and sent to North Korea, potentially funding weapons programs. Over 300 US companies were victimized in this sophisticated cybercrime operation.

Read more
(www.theregister.com)
Tech data theft

Microsoft Doubles Down on Europe Amidst Geopolitical Uncertainty

2025-05-01
Microsoft Doubles Down on Europe Amidst Geopolitical Uncertainty

Responding to growing concerns about data sovereignty and US-EU trade tensions, Microsoft unveiled a five-point plan to bolster its European presence and reassure customers. This includes a 40% increase in European datacenter capacity over the next two years, a European board of directors composed solely of European nationals, and a commitment to defend European customer data in court if necessary. The plan also emphasizes enhanced cybersecurity measures and support for open-source development within Europe. This strategic move aims to mitigate risks associated with US data legislation and maintain Microsoft's market share in Europe.

Read more
(www.theregister.com)
Tech European Datacenters Data Sovereignty

North Korean Hackers Masquerading as Job Applicants

2025-05-01
North Korean Hackers Masquerading as Job Applicants

CrowdStrike and the FBI report that North Korean hackers are infiltrating US companies by posing as job applicants to steal intellectual property and deploy malware. They use AI to generate fake resumes and cleverly avoid questions during interviews (such as those about Kim Jong Un). They even utilize 'laptop farms' in the US to mask their IP addresses. While these hackers often excel at their jobs, companies need to increase vigilance, enhance security measures like conducting coding tests in-house, and avoid fully remote hiring to prevent such attacks.

Read more
(www.theregister.com)
Tech north korean hackers intellectual property theft

AI Chatbots' Surprisingly Minimal Impact on the Labor Market

2025-04-29
AI Chatbots' Surprisingly Minimal Impact on the Labor Market

A recent study in Denmark examining 25,000 workers across 11 occupations reveals that AI chatbots like ChatGPT have had a negligible impact on wages and employment. Despite many professions (accountants, journalists, software developers, etc.) being considered vulnerable to AI disruption, the research shows chatbot adoption hasn't significantly altered worker earnings or hours. While company investment in AI boosted tool adoption, saving users 64-90% of their time, the impact on work quality and satisfaction was mixed. AI created new tasks, offsetting some time savings; for instance, teachers now spend time detecting AI-generated cheating. Researchers attribute lower-than-expected economic gains to the fact that not all tasks are fully automatable and businesses are still figuring out how best to leverage these tools. Only a small portion of productivity gains translate into higher worker earnings. The study suggests that claims of transformative AI impact need to account for the minimal real-world economic effect seen two years after chatbot introduction.

Read more
(www.theregister.com)
Tech

DARPA's AI-Powered Push to Exponentiate Math Research

2025-04-28
DARPA's AI-Powered Push to Exponentiate Math Research

DARPA, believing mathematical advancement is too slow, launched expMath to accelerate research using AI. The project aims to create an AI 'co-author' capable of proposing and proving mathematical abstractions. While AI excels at basic math, tackling advanced concepts poses a significant hurdle. The project's success hinges on overcoming this limitation, potentially requiring approaches beyond current large language model technology and exploring alternative methods like visual or auditory input.

Read more
(www.theregister.com)
AI

Reviving DOS: A USB-Bootable Writing Machine for the 21st Century

2025-04-26
Reviving DOS: A USB-Bootable Writing Machine for the 21st Century

The sheer size and complexity of modern operating systems, even open-source ones, often evokes nostalgia for the days of DOS. A simple, lightweight OS, DOS could boot from three files and configuration was a matter of editing a couple of text files. Now, a community project offers a USB-bootable DOS experience, pre-loaded with classic writing applications like WordPerfect and Arnor Protext. This provides a distraction-free writing environment for those seeking to disconnect from the internet. While limited in functionality, it offers a surprisingly efficient and focused writing experience, harkening back to a simpler time.

Read more
(www.theregister.com)
Development Writing Tools

Microsoft's C/C++ Extension Breaks VS Code Forks, Sparks Antitrust Concerns

2025-04-24
Microsoft's C/C++ Extension Breaks VS Code Forks, Sparks Antitrust Concerns

Microsoft's recent update to its Visual Studio Code C/C++ extension has broken compatibility with derivative products like VS Codium and Cursor, prompting outrage from developers. The move is seen as anti-competitive, as Microsoft restricts its extension's use outside its own products while simultaneously promoting its own AI coding assistant, Copilot. Developers have filed complaints with the US Federal Trade Commission, alleging unfair competition through bundling Copilot, blocking rivals like Cursor, and locking users into its AI ecosystem. Cursor is reportedly transitioning to open-source alternatives.

Read more
(www.theregister.com)
Development

Trump Administration's Cybersecurity Catastrophe: The Near-Collapse of the CVE Database

2025-04-23
Trump Administration's Cybersecurity Catastrophe: The Near-Collapse of the CVE Database

This article exposes the Trump administration's devastating impact on US cybersecurity. The critical CVE vulnerability database nearly collapsed due to underfunding, a mere tip of the iceberg. Key cybersecurity officials were fired, advisory bodies dismantled, federal cybersecurity grants slashed, and responsibility even devolved to state governments, leaving the US vulnerable. This self-inflicted damage not only endangers America but also poses a global cybersecurity threat.

Read more
(www.theregister.com)
Tech CVE database

Global Scam Call Center Metastasis: A Worldwide Criminal Expansion

2025-04-23
Global Scam Call Center Metastasis: A Worldwide Criminal Expansion

The UN warns that global scam call centers are spreading like a cancer, with criminal syndicates expanding and operating worldwide. Crackdowns in East and Southeast Asia have led to operations shifting to more permissive regions, including Africa, South Asia, parts of the Pacific Islands, and even links to money laundering and recruitment in Europe and North America. These groups leverage local language skills to broaden their victim pool and drastically increase profits. The report estimates annual earnings between $27.4 billion and $36.5 billion, targeting regions with weak governance. Law enforcement actions have resulted in arrests of foreign nationals involved in fraud and cybercrime; for example, 77 suspects, including 22 Chinese nationals, were arrested in Zambia in April 2024. While reliable data is limited in South America, Asian criminal groups are expanding online fraud and gambling infrastructure and forging money laundering partnerships with local drug cartels. In Europe, Georgia and Turkey have emerged as cyberfraud hotspots. Additionally, criminal syndicates establish seemingly legitimate businesses (hotels, casinos, travel agencies) in Pacific island nations to conceal illegal online gambling, drug and human trafficking, migrant smuggling, and money laundering. The UN recommends strengthening regulatory frameworks and equipping authorities with the resources to combat these crimes.

Read more
(www.theregister.com)
Tech Scam Call Centers

Cursor AI's Support Bot Hallucinates Non-Existent Policy

2025-04-21
Cursor AI's Support Bot Hallucinates Non-Existent Policy

Cursor AI's AI support bot mistakenly informed users of a non-existent policy prohibiting logins from multiple devices. This caused user frustration, leading Cursor co-founder Michael Truell to apologize on Reddit. He admitted the response was a hallucination from their AI support bot. The issue stemmed from a recent update aimed at improving session security, causing some users' sessions to be invalidated. The problem is now fixed, and all AI-generated support replies are clearly labeled. This incident highlights the risk of AI model hallucinations and the importance of thorough testing when using AI for customer support.

Read more
(www.theregister.com)
Development AI hallucination AI support

UK Government's Secret Backdoor Demand to Apple Exposed, Raising Privacy Concerns

2025-04-21
UK Government's Secret Backdoor Demand to Apple Exposed, Raising Privacy Concerns

The UK government's attempt to secretly demand a backdoor into Apple's end-to-end encryption was thwarted when the Home Office failed to keep it secret on national security grounds. This highlights the dangers of government abuse of security mechanisms and the inappropriateness of secret courts in a democracy. The article draws parallels between the UK government's actions and the Trump administration's misuse of security clearances, arguing both demonstrate abuse of power and security mechanisms, threatening individual liberties and freedom of speech. The author calls for stronger legal oversight of state abuse of security mechanisms to address new security challenges in the digital age.

Read more
(www.theregister.com)
Tech

Classic Mac OS Gets a 21st-Century Reboot: Browsers and Game Libraries Updated

2025-04-19
Classic Mac OS Gets a 21st-Century Reboot: Browsers and Game Libraries Updated

Nineteen years after the first Intel Mac, new apps for Classic Mac OS and PowerPC Mac OS X still emerge. Recently, new internet tools have breathed life into vintage Macs. Cameron Kaiser updated the MacLynx web browser and maintains TenFourFox and Classilla. Additionally, the Mbed-TLS library has been ported to Classic Mac OS, and work is underway on porting SDL 2, potentially bringing new games to the aging OS. This showcases programmers' ongoing exploration of this older operating system.

Read more
(www.theregister.com)
Tech Classic Mac OS Web Browsers

GoDaddy Error Takes Down Zoom for Nearly Two Hours

2025-04-18
GoDaddy Error Takes Down Zoom for Nearly Two Hours

A GoDaddy error caused a nearly two-hour outage for video conferencing platform Zoom on Wednesday afternoon US time. GoDaddy Registry mistakenly blocked the zoom.us domain, disrupting Zoom's services globally. Zoom restored service at 13:55 PDT, explaining the outage resulted from a communication error between Zoom's registrar, Markmonitor, and GoDaddy Registry. The incident highlights the risks associated with domain registrars maintaining domain stability and reminds users of technical details like DNS cache flushing.

Read more
(www.theregister.com)
Tech Outage

IBM's Stealth Layoffs? RTO Mandate and India Expansion Spark Controversy

2025-04-18
IBM's Stealth Layoffs? RTO Mandate and India Expansion Spark Controversy

IBM is implementing a new return-to-office policy requiring US sales and cloud employees to work at least three days a week in the office, a move interpreted by some as a stealth layoff tactic, as senior employees may be less willing to relocate. Simultaneously, IBM is aggressively hiring in India and establishing new software labs. This coincides with the company downplaying its diversity and inclusion initiatives, potentially linked to shifting US government policies. IBM declined to comment.

Read more
(www.theregister.com)
Tech

Classic Outlook Turning into a CPU Hog: Microsoft Responds

2025-04-17
Classic Outlook Turning into a CPU Hog: Microsoft Responds

Microsoft has acknowledged that Classic Outlook is experiencing unexpectedly high CPU usage, spiking up to 30-50%, leading to increased power consumption. Users reported the issue as early as November 2024. While Microsoft claims to be investigating, the only workaround involves registry edits, a less-than-ideal solution for enterprise users. Some speculate this is a tactic to push users towards the newer Outlook client, despite its lacking features.

Read more
(www.theregister.com)
Tech CPU Usage

CVE Program Funding Cuts Threaten Global Vulnerability Management

2025-04-16
CVE Program Funding Cuts Threaten Global Vulnerability Management

US government funding for the global Common Vulnerabilities and Exposures (CVE) program, which assigns unique identifiers to software vulnerabilities, ends this week. This crucial program's termination risks disrupting global vulnerability management, potentially halting new vulnerability publication, taking the CVE website offline, and jeopardizing critical infrastructure and national security. While temporary measures are being explored, long-term solutions require industry collaboration to prevent the CVE program's collapse.

Read more
(www.theregister.com)
Tech

EU Officials to Use Burner Devices on US Trips Amid Espionage Fears

2025-04-15
EU Officials to Use Burner Devices on US Trips Amid Espionage Fears

The European Commission is providing burner laptops and phones to staff traveling to the US on official business, fueled by concerns over espionage. This reflects a chilling in US-EU relations and anxieties about US intelligence agencies. While an EU spokesperson denied issuing formal guidance on burner devices, they admitted updating travel recommendations due to increased global cybersecurity threats. This mirrors practices for trips to countries like China and Russia, highlighting heightened EU concerns about US surveillance.

Read more
(www.theregister.com)
Tech

VMware's Free ESXi Hypervisor Returns: A Strategic Pivot or a Necessary Retreat?

2025-04-14
VMware's Free ESXi Hypervisor Returns: A Strategic Pivot or a Necessary Retreat?

After Broadcom's acquisition, VMware discontinued its free ESXi hypervisor, prompting user backlash. Recently, VMware quietly reinstated the free version in vSphere Hypervisor 8.0 Update 3e. This move is interpreted as a response to competitors' free offerings and a potential strategy to boost subscription sales. The article also touches upon the limited mainstream adoption of DPUs/SmartNICs, primarily concentrated among major cloud providers.

Read more
(www.theregister.com)
Tech

Chrome 136 Finally Kills 23-Year-Old Browser History Sniffing Vulnerability

2025-04-12
Chrome 136 Finally Kills 23-Year-Old Browser History Sniffing Vulnerability

A 23-year-old vulnerability allowing websites to sniff users' browsing history through CSS :visited pseudo-class is finally being eradicated in Chrome 136. Previous attempts to mitigate the issue, which involved checking link colors to determine if a page had been visited, proved insufficient. Chrome 136 introduces a novel 'partitioning' mechanism, linking visited history to the link URL, top-level domain, and frame origin, preventing cross-site access to browsing history. This breakthrough represents a significant leap forward in browser privacy and concludes a decades-long arms race between attackers and defenders.

Read more
(www.theregister.com)
Tech

AI Code Generation's Hallucinations: A New Software Supply Chain Threat

2025-04-12
AI Code Generation's Hallucinations: A New Software Supply Chain Threat

The rise of AI-powered code generation tools is revolutionizing software development, but also introducing new risks to the software supply chain. These tools sometimes 'hallucinate' nonexistent software packages, a vulnerability attackers are exploiting. They create malicious packages and upload them to registries like PyPI or npm. When the AI 'hallucinates' the name again, installing dependencies executes the malware. Studies show around 5.2% of commercial AI suggestions are non-existent packages, compared to 21.7% for open-source models. This 'hallucination' shows a bimodal pattern: some invented names reappear consistently, others vanish. This form of typosquatting, dubbed 'slopsquatting', requires developers to carefully vet AI-generated code. The Python Software Foundation is actively working to mitigate these risks.

Read more
(www.theregister.com)
Development

Microsoft at 50: A Look Back at Peaks and Valleys

2025-04-11
Microsoft at 50: A Look Back at Peaks and Valleys

As Microsoft celebrates its 50th anniversary, The Register polled readers on the company's history. Windows Server 2000 emerged as a favorite, praised for its stability and ease of use. Conversely, Windows 8 and its successors received criticism for their user interfaces. The Nokia acquisition and subsequent Windows Phone failure were also highlighted as missteps. While achievements like the cloud pivot and Office suite were acknowledged, the overall sentiment suggests Microsoft's best days may be behind it. The company's future direction with AI remains uncertain.

Read more
(www.theregister.com)
Tech Operating Systems

Windows 11 Poised to Surpass Windows 10 This Summer: Enterprise Upgrades Drive the Shift

2025-04-04
Windows 11 Poised to Surpass Windows 10 This Summer: Enterprise Upgrades Drive the Shift

Statcounter data reveals Windows 11's market share is rapidly growing, on track to overtake Windows 10 by summer. While Windows 10 still holds a 54.2% share, Windows 11 has reached 42.69%. The primary driver is enterprise upgrades spurred by the impending October 14, 2025, end of support for most Windows 10 versions. Despite a lack of compelling new features in Windows 11, the looming deadline is forcing the migration. This mirrors the challenge faced by AI PCs, where a lack of killer apps hinders upgrades, regardless of Microsoft's Copilot promotion.

Read more
(www.theregister.com)
Tech

Microsoft Kills Off Remote Desktop App, Forcing Migration to Windows App

2025-04-04
Microsoft Kills Off Remote Desktop App, Forcing Migration to Windows App

Microsoft is ending support for its legacy Remote Desktop application on May 27th, mandating a migration to the new Windows App. While the new app offers unified access to services like Windows 365 and Azure Virtual Desktop, along with features such as customizable home screens and multi-monitor support, it also has limitations. Some proxy server environments and AD FS single sign-on are not supported, leading to user inconvenience. The move has been criticized by some as "the dumbest rebranding ever."

Read more
(www.theregister.com)
Tech

EU Plans to Backdoor Encryption by 2026: Security or Risk?

2025-04-04
EU Plans to Backdoor Encryption by 2026: Security or Risk?

The EU's new 'ProtectEU' plan aims to bolster European security, but includes a worrying proposal to backdoor encryption by 2026 or sooner. While the EU claims this is to help law enforcement access data, critics fear it could compromise Europe's cybersecurity and be exploited by other nations. Simultaneously, the EU plans to deploy quantum cryptography in critical infrastructure by 2030.

Read more
(www.theregister.com)
Tech
1 2 4 6 7 8