Agreguesi i feed

An anonymous reader quotes a report from 9to5Google: Phone by Google wants to combat the "growing threat of impersonation scams" and protect Android users against "sophisticated, AI-powered deepfake attacks" with fake call detection. [...] Fake call detection requires that both parties are on Android and use the Phone by Google app, while Google Messages and Google Contacts also have to be installed. When a contact calls, their phone "sends a silent confirmation signal in real time to your device to verify the call is legitimate and truly coming from the contact's device." This digital handshake uses end-to-end encrypted RCS (Rich Communication Services). If you're being scammed by an impersonator, your phone will notice that the "initial confirmation signal will be missing," and ping the contact's real device to double-check. If their real device says, "I'm not making a call right now," you'll get a warning on your screen advising you to hang up immediately. This feature will be available globally on Android 12+ phones starting with Pixel devices this month. Fake call detection is enabled by default but can be turned off at any time. Google says it's "possible for other apps and device manufacturers to adopt this technology" given the RCS underpinnings. You can learn more about fake call detection in Google's blog post.

Read more of this story at Slashdot.

Not the best film ever, but in today's Hollywood landscape it's a rare breath of fresh air. Kane Parsons takes the internet meme concept he started on YouTube and actually makes a feature-length film that's doing great at the box office.

The mood is great. That unsettling stillness of these generic liminal spaces. For something that builds a feeling / mood, the flick would benefit from a butcher in the editing room. I'd probably still not give it the extra star, but this really isn't the kind of movie that needs the extra 20 minutes.

Biggest entertainment was definitely watching my son freak out in the third act. :)

★★★★☆

libdex 1.2 is still in pre-alpha phase but it is also far enough along that it is worth talking about the direction: libdex is growing from a library of future and fiber helpers into a more complete concurrency toolkit.

The most important 1.2 theme is that applications can now describe not just what work should happen concurrently, but how that work should be bounded and owned. DexLimiter lets a workload run with a fixed concurrency budget, with dex_limiter_run() handling the common fiber case by acquiring a permit before work starts and releasing it after the fiber completes. For larger workflows, DexTaskGroup gives related futures a structured scope that can be closed, awaited, or cancelled as one unit.

That combination makes cleanup much easier to reason about when a workflow has many moving pieces. A loader can start many subtasks, keep only a useful number active at once, and return a single future representing the whole operation. If the window closes, the project changes, or the operation times out, the group gives the application one place to cleanly shut the work down.

static DexFuture * load_many_files (GPtrArray *files) { g_autoptr(DexTaskGroup) group = dex_task_group_new (0); g_autoptr(DexLimiter) limiter = dex_limiter_new (8); for (guint i = 0; i < files->len; i++) { GFile *file = g_ptr_array_index (files, i); dex_task_group_add (group, dex_limiter_run (limiter, NULL, 0, load_one_file, g_object_ref (file), g_object_unref)); } return dex_future_with_timeout_seconds (dex_task_group_close (group), 10); }

There is also a new DexThreadPool for the cases that are not naturally fiber-shaped. Fibers and schedulers are still the right fit for cooperative async work, but many applications need to integrate blocking libraries, database clients, filesystem helpers, or other foreign code. A fixed pool of reusable OS threads, dex_thread_pool_submit(), and asynchronous dex_thread_pool_close() give that integration story a bounded queue and an explicit shutdown path.

Deadlines are another practical piece of the same story. The new timeout wrappers, including dex_future_with_timeout_seconds() and dex_future_with_deadline(), turn time limits into ordinary future composition. Instead of open-coded timeout state spread across an application, a future can resolve normally, reject normally, or reject with DEX_ERROR_TIMED_OUT when the deadline wins.

On the I/O side, 1.2 continues filling in the operations that make responsiveness easier to preserve. dex_aio_open() and dex_aio_close() matter because even operations that look small can stall when they touch the kernel, storage, or network-backed filesystems. Keeping those calls in libdex’s file-descriptor AIO model makes it easier to keep them off the UI thread, using io_uring where it is available and the fallback AIO backend elsewhere.

The broader GIO coverage is intentionally less surprising, but still important. More app launching, GFile, stream, socket, resolver, proxy, TLS, DTLS, permission, subprocess, and Unix-facing APIs now have future-first wrappers. That is the kind of coverage people should expect from libdex over time: not every wrapper needs a release headline, but each one reduces the pressure to leave the future model for common GNOME application work.

This first blog post marks the opening of the internationalization blog! The i18n team will use it to share news and projects on the current plans. Don’t forget to subscribe!

The i18n team has seen some changes recently, at the beginning of 2026 and we thought it was necessary to publicly announce this change and introduce ourselves a bit.

Before all, we want to greet and deeply thank all internationalization coordinators that participated in the project so far and made GNOME what is is now. We are a global software community of volunteers, leading the free software ecosystem and are accessible in many languages. With this, we cover almost everyone on Earth. Thank you very much Andre, Alexandre, Claude, Daniel, Gábor, Gil, Mario, Piotr, Petr, Kjartan and all the others. Without you this wouldn’t have been possible.

What is internationalization?

Internationalization, or i18n for short, is the act of ensuring software or documentation can be used in other languages, countries, and cultures. This means designing and developing applications in a way that removes barriers to localization, making it possible to adapt them without requiring significant engineering changes.

In practice, this involves separating user-facing text from the source code, so it can be translated easily, and ensuring that the software correctly handles different character sets and writing systems, including right-to-left scripts. It also means being mindful of cultural conventions such as date and time formats, number formatting, currencies, and units of measurement.

Internationalization goes beyond text. It includes accommodating differences in sorting rules (collation), keyboard input methods, plural forms, and even layout considerations, as translated text can vary significantly in length. Developers must also ensure that their software supports Unicode and uses libraries or frameworks that simplify handling these variations.

For the GNOME community, internationalization is a collaborative effort between developers, designers, and translators. By preparing software properly, the i18n team enables localization contributors to focus on producing high-quality translations, ensuring that GNOME is accessible and welcoming to users all around the world.

A new team

The team has reborn with new faces: Anders Jonsson, Rafael Fontenelle and Guillaume Bernard, respectively coordinators of the Swedish, Brazilian Portuguese and French team. Let’s introduce ourselves a bit…

Rafael (@rafaelff) is coordinator of the GNOME Brazilian Portuguese Team for more than 13 years after a short but intense period of contribution as translator. Besides GNOME, he contributes to the translation of Python Docs, R language, Fedora, TranslationProject (GNU projects, etc.) and others. Also maintains some packages in Arch Linux’s AUR.

Anders (@ajonsson) is coordinator of the GNOME Swedish Team for over 10 years, translator in the Swedish branch of the Translation Project, and a member of the GIMP Team with a focus on internationalization questions and testing.

Guillaume (@gbernard) is coordinator of the GNOME French Team since this year after 14 years of contributions, first as a translator, reviewer and after a few years, he has been involved in submitting team’s translations. He is the maintainer of GNOME Damnes Lies, our translation platform since 2020. He took this responsibility after years of dedication from Claude. Thank you again for this mentorship!

Tony Isaac shares a report from NPR: A United Airlines flight traveling from Newark, New Jersey, to Palma de Mallorca, Spain, was forced to make a U-turn and return to Newark after more than four hours in the air due to a security concern. According to passenger reports and air traffic control audio, the disruption was caused by a personal Bluetooth speaker -- reportedly belonging to a teenager -- that had been named "BOMB." Upon returning to Newark, passengers were evacuated so that security details could inspect the entire aircraft and cargo area. The flight was ultimately cleared, reboarded, and arrived at its destination in Spain approximately nine and a half hours behind schedule. Multiple posts on social media from self-identified passengers indicate that the problem was a Bluetooth device on board the plane. One post referenced in-flight announcements with "lots of comments like 'this little joke is ruining it for everyone.'" Audio from air traffic control sheds a little more light on the situation: "There's a security detail out there, someone had a Bluetooth speaker and they named it a certain four-letter word," another voice responded. "So they have to inspect the whole aircraft including the cargo area [and] passengers have to evacuate."

Read more of this story at Slashdot.

Version:next-20260601 (linux-next) Released:2026-06-01

Aikido Security says more than 30 official @redhat-cloud-services npm packages were compromised with a credential-stealing worm called "Miasma," a variant resembling the open-sourced Mini Shai-Hulud supply-chain malware. "The packages were published via GitHub Actions OIDC, indicating the CI/CD pipeline was compromised rather than an npm token," the report says. "If you have installed any affected package versions since June 1, 2026, treat all CI secrets, cloud credentials, SSH keys, and npm tokens as compromised and rotate them immediately." From the report: Each compromised package declares a preinstall script in its package.json that executes node index.js automatically on every npm install, before any application code runs and before the developer has any indication something is wrong. The index.js file is 4.2 MB payload hidden behind multiple layers of obfuscation. As with previous Mini Shai-Hulud attacks, the payload performs a broad credential sweep across cloud providers, CI/CD environments, and developer tooling. On the CI side it targets GitHub Actions secrets including GITHUB_TOKEN and ACTIONS_RUNTIME_TOKEN. For cloud credentials it collects AWS access keys and session tokens, GCP application default credentials and service account key files, and Azure service principal credentials and managed identity tokens. It also sweeps for HashiCorp Vault tokens, Kubernetes service account tokens and kubeconfig files, npm and PyPI publish tokens, SSH private keys, Docker registry credentials, GPG keys, and any .env files it can find across the filesystem.

Read more of this story at Slashdot.

Dell has introduced a redesigned $699 XPS 13 aimed squarely at Apple's budget MacBook Neo, offering a premium aluminum design, touch display, backlit keyboard, Wi-Fi 7, 512GB of base storage, and various other configuration options. Dell's machine costs more than Apple's entry model but tries to justify the difference with lighter weight, better display specs, and upgrade paths Apple doesn't offer. "The XPS 13 begins at $699 -- students can purchase it for $599 -- while the MacBook Neo costs $599 and drops to $499 for education buyers," notes Bloomberg. From the report: Dell's product allows for more configuration, with up to 32GB of memory compared with the Neo's nonupgradeable 8GB of unified memory. Its display can also produce a wider spectrum of colors and supports refresh rates up to 120 hertz, while Apple reserves its best screens for the pricier MacBook Pro line. The inclusion of a backlit keyboard should allow for easier typing in dark conditions. Dell has also tossed in other nice-to-have upgrades over the Neo like more robust Wi-Fi 7 wireless networking. As for battery life, Dell is touting "up to 17 hours of streaming" versus a comparable 16 hours on the Neo. Still, the XPS comes with compromises of its own: Unlike the Neo, there's no built-in headphone jack, which means owners will need to rely on its quad-speaker audio system, use Bluetooth earbuds or plug a headphone adapter into one of the two USB-C ports. You can learn more via Dell.com.

Read more of this story at Slashdot.

Version:7.0.11 (stable) Released:2026-06-01 Source:linux-7.0.11.tar.xz PGP Signature:linux-7.0.11.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-7.0.11

Version:6.18.34 (longterm) Released:2026-06-01 Source:linux-6.18.34.tar.xz PGP Signature:linux-6.18.34.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.18.34

Version:6.12.92 (longterm) Released:2026-06-01 Source:linux-6.12.92.tar.xz PGP Signature:linux-6.12.92.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.12.92

Version:6.6.142 (longterm) Released:2026-06-01 Source:linux-6.6.142.tar.xz PGP Signature:linux-6.6.142.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.6.142

Version:6.1.175 (longterm) Released:2026-06-01 Source:linux-6.1.175.tar.xz PGP Signature:linux-6.1.175.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.1.175

Version:5.15.209 (longterm) Released:2026-06-01 Source:linux-5.15.209.tar.xz PGP Signature:linux-5.15.209.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.15.209

Version:5.10.258 (longterm) Released:2026-06-01 Source:linux-5.10.258.tar.xz PGP Signature:linux-5.10.258.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.10.258

An anonymous reader quotes a report from Ars Technica: Authorities in the Netherlands said they dismantled a botnet that comprised more than 17 million devices and were managed by 200 servers in a joint operation by the police and the National Cyber Security Center. The action, announced Thursday, came about after a security researcher reported the sprawling network to authorities. The host infrastructure was located in the Netherlands. "The police then seized several botnet servers from a hosting provider for investigation," the NCSC said. "The botnet was taken offline by the provider because it was used for criminal purposes." According to a report Thursday by the NL Times, the botnet was linked to ASOCKS, a Russia-based company that provides residential proxy services. These services cater to people and organizations who want to obscure their locations or identities by proxying their Internet traffic through third-party devices. Proxy services are often used for illicit or unethical purposes such as performing DDoS attacks, running botnet command-and-control servers, operating phishing operations, and scraping website content. [...] It's unclear how the 17 million devices controlled by the botnet taken down by the Dutch police came to be that way.

Read more of this story at Slashdot.

"The company best known for powering the AI boom is coming for the PC," reports Axios. Nvidia's CEO unveiled a new ARM-based "N1X processor made alongside Microsoft," reports CNBC, that "will be incorporated into a new RTX Spark superchip, debuting in the fall on a fresh line of Windows PCs from Microsoft, Dell, HP, ASUS, Lenovo and MSI." More details from Engadget: It was only a matter of time before NVIDIA released a powerful system-on-a-chip (SOC) to take on AMD's Ryzen AI Max and Qualcomm's latest Snapdragon X2 chips. At Computex today, NVIDIA unveiled the RTX Spark, a "superchip" meant to give both laptops and small desktops fast AI and graphics performance... The company says it offers 1 petaflop of AI computing power, and that it has 6,144 Blackwell RTX cores and 20 Mediatek Arm CPU cores. NVIDIA claims it's similar to the RTX 5070 laptop GPU but with much lower power draw. RTX Spark also has an NPU that's fast enough to be part of Microsoft's Copilot+ initiative, which requires a 40 TOPS NPU, but NVIDIA says it's mainly touting the tensor cores as part of the chip's Blackwell GPU for AI performance. RTX Spark's GPU can directly draw on the chip's large pool of unified memory, which can span from 16GB to 128GB, and the chip itself can use anywhere from single-digit wattage up to 80W... NVIDIA CEO Jensen Huang positions RTX Spark as a complete reinvention of the PC, eventually turning them more into devices meant for AI agents than manual human input... NVIDIA has been working together with Microsoft for "several years" while designing the RTX Spark, according to NVIDIA representatives... In a blog post provided to media, Microsoft head of Windows and devices, Pavan Davuluri, noted that the company optimized Windows 11's workload profile scheduling for the RTX Spark. "Whether you're checking your email or running an agent locally to debug code, the Windows scheduler on RTX Spark will ensure you get the best performance and efficiency out of your CPU," he wrote.

Read more of this story at Slashdot.

Amazon's "Subscribe & Save" program — for recurring purchasees — has triggered a new lawsuit, reports Oregon Live. "The lawsuit contends that after luring in customers with 'artificially low prices,' the world's biggest online retailer jacked up the prices in the months after their first shipments arrived." In some cases, the lawsuit claims that customers were paying more for the exact same items through the Subscribe & Save program than they would be if they bought the items from other sellers on the site. That was true even when the up to 15% discount that the subscription program offers was calculated into the final purchase price, according to the suit. The Seattle law firm that filed the May 15 lawsuit says that Amazon's business practices amount to "deceptive," "misleading" and "bait and switch tactics." The firm is seeking class-action status in U.S. District Court for western Washington, a move that could potentially draw tens of millions of Amazon customers from across the U.S. into the litigation... [The suit says the plaintiffs' first order of espresso coffee grounds was $16.60.] When their order auto-renewed a few months later, the price had gone up to $17.04. A few months later, it rose to $21.25. Then in October 2024, the price increased to $28.69 — about $12 more than the Hermans had paid at the beginning of their subscription, according to the lawsuit. [The discount can be as little as 5% or up to 15%, Amazon told Oregon Live in a statement, noting customers do receive an email showing "applicable savings" before the orders ship. But...] The suit says Amazon gave the Hermans little notice to cancel the order or to shop around because it notified them of the latest price increase in an email at 8:54 p.m. — the same night it processed their order and charged them. The suit says if the Hermans had been given the time to shop around for a better price, they would have found that another Amazon seller was charging $25.90 — or $2.79 less — for the identical item. Amazon's "Subscribe & Save Terms & Conditions" page tells customers that it "may change the price for a Subscribe & Save subscription at any time for any reason...." The analytical group Consumer Intelligence Research Partners says about 25% of U.S. Amazon customers are enrolled in the Subscribe & Save program. Oregon Live got Amazon's response, which suggested their program saves customers time and money "through convenient, flexible, and recurring deliveries". (So when customers saw "Subscribe and Save", they were perhaps supposed to intuit the word save referred in part to... time-saving?) The plaintiffs' lawyer argues instead that "When you sign up for something that is called 'Subscribe & Save,' you'd expect that you're saving by subscribing. But that's not actually what's happening in many cases."

Read more of this story at Slashdot.

Each release of Debian has a shiny new theme, which is visible on the boot screen, the login screen and, most prominently, on the desktop wallpaper. Debian plans to release Trixie, the next release, next year. As ever, we need your help in creating its theme! You have the opportunity to design a theme that will inspire thousands of people while working in their Debian systems.

For the most up to date details, please refer to the wiki.

We would also like to take this opportunity to thank Juliette Taka Belin for doing the Emerald theme for bookworm.

The deadlines for submissions is: 2024-09-19

The artwork is usually picked based on which themes look the most:

• ''Debian'': admittedly not the most defined concept, since everyone has their own take on what Debian means to them.
• ''plausible to integrate without patching core software'': as much as we love some of the insanely hot looking themes, some would require heavy GTK+ theming and patching GDM/GNOME.
• ''clean / well designed'': without becoming something that gets annoying to look at a year down the road. Examples of good themes include Joy, Lines, Softwaves and futurePrototype.

If you'd like more information or details, please post to the Debian Desktop mailing list.

The following contributors got their Debian Developer accounts in the last two months:

• Patrick Winnertz (winnie)
• Fabian Gruenbichler (fabiang)

The following contributors were added as Debian Maintainers in the last two months:

• Juri Grabowski
• Tobias Heider
• Jean Charles Delépine
• Guilherme Puida Moreira
• Antoine Le Gonidec
• Arthur Barbosa Diniz

Congratulations!