SoylentNews

hubie writes:

'Popa' Botnet Linked to Publicly-Traded Israeli Firm:

For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple security firms concluded that the Popa botnet is linked to NetNut, a "residential proxy" provider operated by the publicly-traded Israeli firm Alarum Technologies Ltd [NASDAQ: ALAR].

Popa is a massive botnet, but by all accounts it is unlike traditional botnets that enlist compromised systems in destructive activities, such as coordinating huge distributed denial-of-service attacks. Rather, Popa appears designed with a singular purpose: Implementing a persistent communications layer capable of registering a device, maintaining long-lived encrypted connections, and opening communication tunnels on demand.

Experts say Popa is a plugin component associated with the Vo1d botnet, a large-scale malware campaign targeting unofficial Android-based TV boxes. These devices, which are marketed under thousands of brand names and model numbers and broadly available for purchase at top e-commerce destinations, all advertise the ability to stream hundreds of subscription video services for an up front one-time fee.

But as the FBI and security industry experts have warned repeatedly, these streaming boxes typically bundle or come pre-installed with software that turns the user's TV into a "residential proxy" — allowing anyone to route their Internet traffic through that device for as long as it remains plugged into a wall socket and connected to a local network. More concerning, some of these proxy networks do little to stop malicious customers from communicating with and even compromising systems on the local network of the unsuspecting device owner.

[...] Ninjatech is a company founded by Moishi Kramer, whose LinkedIn profile says he is vice president of research and development at NetNut. That resume credits Kramer for helping NetNut to build from the "ground up," "designing the architecture," and "scaling the NetNut" before the company was acquired by Alarum Technologies. A self-created listing at the job board F6S references Kramer as the sole owner of the Ninjatech domain (a screen capture of it is pictured below).

[...] "I didn't register the June 2025 domains you mention, and I don't know who did," he continued. "I have no control over, or visibility into, that infrastructure. I can only tell you it isn't operated by me or by NetNut."

But in a separate Popa research report released today, the proxy-tracking company Synthient said a recent analysis of the Popa SDK revealed outbound traffic clearly associated with NetNut.

"The research team assesses with high confidence that devices running Popa forward traffic from Netnut clients," Synthient wrote. "This proves without a shadow of a doubt that Popa actively continues to be used by NetNut as part of their proxy pool."

Alarum Technologies, NetNut's Tel Aviv-based parent company, said the reports by Synthient and Qurium contained "demonstrably inaccurate assertions and flawed deductions rather than verified facts." Alarum shared a statement saying they reject the basic characterization of the SDKs and technologies discussed in the reports as a "botnet."

"The SDKs at issue are designed to facilitate bandwidth-sharing functionality and do not transform user devices into malware-controlled systems or otherwise compromise the devices on which they operate," the statement reads. "Netnut operates a commercial proxy network and maintains policies, procedures, and technological measures designed to promote lawful and responsible use of its services."

Alarum said NetNut places "significant emphasis on appropriate notice and consent mechanisms, conducts customer due diligence, monitors for potential misuse, and takes steps intended to detect and mitigate suspicious or unauthorized activity."

[...] "What especially makes Popa dangerous is just how widely used NetNut is for reselling and sharing," Formosa said, explaining that many other proxy services simply resell NetNut proxies rather than building out their own far-flung proxy networks. "So these Popa IPs appear in tons of different services all over the ecosystem, which makes it one of the most problematic and dangerous proxy botnets on the market currently."

Formosa said the Popa botnet averages between 1.5 million to 2.5 million distinct IP addresses each day, relying on between 250 and 300 Internet addresses that are used to direct its activities.

Arthur T Knackerbracket writes:

https://www.tomshardware.com/tech-industry/semiconductors/semianalysis-opens-its-own-chip-teardown-lab

A 36nm pitch is what Panther Lake ships with, but the 18A process on the whole supports a 32nm minimum metal pitch. With Panter Lake, Intel opted to relax the pitch because routing power through the back of the wafer — via PowerVia — clears the front-side metal stack for signal wiring.

Each of those workarounds obviously adds complexity and cost, with N+3’s ceiling ultimately showing a huge trade-off. The Kirin 9030 Pro's prime core runs at 2.75 GHz and lands near Arm's 2021-era Cortex-X2 per clock, leaving the chip roughly level with Android flagships from three years ago and behind current parts from Apple, Qualcomm, MediaTek, and Samsung. Huawei’s roadmap does say that it’s targeting 5 GHz by 2031, but, as SemiAnalysis notes, that’s “far beyond what planar scaling alone could deliver.”

The company is taking aim at the Ottawa-based TechInsights, which is backed by private equity and held by the likes of Oakley Capital and CVC Growth. SemiAnalysis claims its rival is up for sale and has underinvested in equipment as a result, though that hasn’t been officially confirmed. The teardown also found the Kirin 9030 Pro carrying Samsung LPDDR5X memory, with 16 GB variants turning up DRAM from Chinese maker CXMT as well.

Original Submission

An Anonymous Coward writes:

Bruce Schneier wrote an opinion piece in response to the ban on the latest Anthropic AI models Fable and Mythos (with a lot of links for further reading). In it, he argues that banning particular models really does not help the problem, and provides some interesting analogies about how they work. Schneier's thoughts are that the best option forward is to create a public AI model.

Fable requires much less expertise and detailed prompting from the human user. You can give it a difficult goal and it will figure out novel and unexpected ways to satisfy it, finding loopholes in whatever constraints you or the system have imposed on it.

"Relentlessly proactive" is how AI researcher Simon Willison described it. Another descriptor might be "creative." Experienced AI developers have had that combination of creativity and proactivity since last year, but Fable puts it within easy reach of everyone.

In the hands of someone with a legitimate problem that needs solving, that can be an incredibly useful capability. But in the hands of someone who wants to do harm, it can be equally dangerous. AIs don't have a moral compass in the same way that people do. They are agents of the wants and desires of the people who prompt them.

That points to the real problem with relentlessly proactive AI. In language, wants and desires are always underspecified. If I ask you to get me some coffee, you would probably pour me a cup from the coffeepot, or buy one from a nearby coffee shop.

You couldn't buy me a pound of raw beans, or a coffee plantation. You wouldn't order a cup of coffee for delivery next month. You wouldn't find a nearby person, rip a cup of coffee out of their hands, and bring it to me. I wouldn't have to specify any of the million limitations to my request; you would just know.

Original Submission

Arthur T Knackerbracket writes:

https://www.theregister.com/public-sector/2026/06/16/nhs-palantir-claims-face-scrutiny-after-data-suggests-uneven-results/5256198

Nearly a third of NHS trusts using Palantir's health data platform are performing fewer patient procedures than before it went live, according to figures analyzed by campaign group Foxglove.

The research – based on a series of Freedom of Information (FOI) requests – also found that a single body, Chelsea and Westminster Hospital NHS Foundation Trust, accounted for 84 percent of the fall in outpatient waiting lists, while 16 trusts use the tool provided by the US firm.

Palantir won the £330 million contract to provide the NHS Federated Data Platform (FDP), which the UK government said was vital to improving NHS productivity and recovering from the long waiting lists for elective care caused by the COVID-19 pandemic.

Palantir's journey with the NHS began with a £1 award in 2020, which later led to a total of £60 million in contracts awarded without competition during the pandemic.

NHS England, which awarded the contracts, said that as of June, 139 trusts used the FDP, with 137 reporting benefits. An Inpatients Care Co-ordination Solution (CCS) tool based on the platform had resulted in 111,589 additional patients undergoing procedures in operating theatres, it said.

However, data obtained by tech rights campaign group Foxglove found that 41 NHS trusts are using Inpatient CCS, the module for helping hospitals manage operation scheduling, but 13 of them – or about 30 percent – report having carried out fewer operations overall since using the tool.

Staffing shortages, more complex cases, or pressure on hospital bed capacity might explain the fall.

Foxglove said it was the first time that data from individual trusts using FDP had been made publicly available.

The FOI response also shows that, for the Outpatient CCS, a single trust accounted for the vast majority of the benefits. According to NHS figures, Chelsea and Westminster Hospital NHS Foundation Trust accounted for 183,061 of the patients removed from the outpatient waiting list, compared with the total of 217,846.

Foxglove head of strategy Tim Squirrell said: "We now know that the big claim the FDP is delivering more operations for hospitals across the NHS is covering up a much less positive reality – a third of the trusts using the FDP's operations scheduling tool, Inpatient CCS, are actually delivering fewer operations than before they started using Palantir's kit.

"Palantir can't have it both ways. If it expects us to believe that the FDP is responsible for improvements in some hospitals, it must also accept that things are getting worse as a result of its tools in others.

Arthur T Knackerbracket writes:

https://www.theregister.com/cyber-crime/2026/06/17/cyberattack-sees-crops-kept-in-the-ground/5256321

A cyberattack on Australia's second-largest sugar producer has forced farmers to keep crops in the ground, and looks like denting their incomes.

Mackay Sugar, based in the Australian state of Queensland, processes sugar cane farmed in nearby districts. The company disclosed a cyberattack on June 10 and limited operations while it dealt with the fallout. 

Some operations remain restricted, but the company said on Monday that it managed to perform some manual crushing at its Farleigh Mill site, working with sugar cane that was harvested before the attack.

"Significant progress has been made over the weekend in restoring the systems that support cane supply, harvesting, and mill operations," Mackay Sugar said in a statement.

"Steam trials are now underway, and subject to final validation activities, some harvesting is expected to recommence this week in preparation for the staged restart of crushing operations later this week."

While the company is optimistic it can resume crushing, it's advised growers not to harvest their crops for the time being.

That edict works for Mackay Sugar because sugar producers need to process crops within 48 hours of harvest. Doing so preserves high sugar content and overall yield. Delaying the processing for any longer after harvesting could result in sucrose converting to simple sugars, unwanted fermentation, and lower yields. 

But late harvesting can reduce the quality of cane, reducing the price they earn for their crops. Interrupted harvesting also impacts the railways used to move cane from farms to mills.

Mackay Sugar acknowledged the impact its downtime could have on growers and other partners, and committed to restoring systems safely.

"We are communicating directly and regularly with our employees, growers, and key partners," it said. "We recognise the impact this incident is having on our growers, and we are doing everything we can to support them and to safely resume full operations as soon as possible.

"We take our responsibility to protect our systems, operations, and information very seriously. We apologise for any disruption this incident has caused and will continue to provide updates as we continue our investigation."

Arthur T Knackerbracket writes:

https://www.theregister.com/software/2026/06/15/red-hat-gives-ubuntu-a-bootc-up-the-backside-at-canonical-shindig/5255608

At Ubuntu Summit 26.04, Red Hat Principal Software Engineer Joseph Marrero Corchado presented a talk called Bootc: Use your container knowledge and infrastructure to build and deploy your Ubuntu hosts. Although Ubuntu is very strong in the desktop Linux space, in large corporate server environments, Ubuntu is just another distro among many. This can be a good thing: it is just another Linux distro, and that means that it's perfectly possible to deploy and manage it using existing FOSS tooling.

Marrero introduced himself by saying that he works at Red Hat, but personally runs Ubuntu – and has been doing so for long enough that he has some original media from Canonical's ShipIt program, which the company discontinued in 2011.

While we were surpised to see a Red Hat engineer presenting a talk at the summit, it's not unprecedented. System76's Pop!_OS distro is based on Ubuntu, but it overlaps with other distros as well. It has its own desktop and eschews Snap for Flatpak – and yet, at the previous Summit, System76 boss Carl Richell presented a talk about it. The year before, the Academy Software Foundation's talk started by telling us that Rocky Linux strongly dominated the SFX industry.

Our plan here isn't to recap the entire talk. It's up on YouTube now [video not reviewed --Ed], and if this is the sort of thing that sounds interesting, it's probably a good use of 42 minutes of your time.

We've mentioned the bootc toolchain a few times on The Register. Back in April 2024, we reported that Fedora 40's immutable editions were being rebuilt as bootable containers. Two years and four more Fedora releases later, the toolchain is getting more mature, as we covered in April with Fedora 44, and we linked to Quentin Joly's explainer, Bootc and OSTree: Modernizing Linux System Deployment, which is still one of the best we've read.

Now bootc has graduated to the point of being a CNCF incubator project. The new project website has a slightly better explanation:

The tools for creating and managing OCI containers are familiar to many sysadmins now, and the idea of bootc is to make it possible to manage complete OS images, either for VMs or for bare metal, using the same tooling.

Marrero explained bootc by saying that it lets you perform OS installations and upgrades with OCI containers, which lets you define and ship your customized images of the Ubuntu OS as OCI container images. This allows transactional in-place updates, with rollback.

owl writes:

https://moultano.wordpress.com/2026/06/19/where-to-find-the-colors-your-screen-cant-show-you/

There are colors that I want to show you, but I can't. They exist in the real world. You probably saw some of them today, but I can't show them to you on a screen. A digital photograph can't capture them, and your screen can't display them. No game you've ever played has contained them. Unless you have specialized equipment, they are entirely absent from the digital world.

Most of them are cyans. On screens we live a life starved of cyans. It is shocking when you see one in person. They seem unfamiliar and intense in an otherworldly way. I want you to experience that, but again, I can't show them to you. Instead, I have to show you how to find them in the real world.

Original Submission

Arthur T Knackerbracket writes:

Crew sheltered in SpaceX Dragon as aging Zvezda segment's cracks continue to test orbital nerve:

Russia's space agency Roscosmos intended to cut into part of the International Space Station (ISS) to determine the extent of leaks in the aging structure, according to a space agency source.

The Register was told that discussions involved a handsaw . Other reports have suggested cosmonauts planned to deploy a drill.

Whatever tool was involved, the plan made NASA sufficiently alarmed that the agency sent its astronauts scurrying into the relative safety of a SpaceX Dragon capsule docked at the ISS. Neither NASA nor Roscosmos has commented officially.

Russia's plan was to use the tool to learn more about the extent of the crack. NASA said: "This revised approach involved cutting a bracket to access better an area identified as a possible leak source for further inspection, using a method that could have resulted in elevated risk to the structure in the area."

However, this could have created unpredictable loads on other cracks. Eventually, the plan was called off in favor of more measurements and data gathering.

The SpaceX Crew-12 astronauts and NASA astronaut Chris Williams were forced to shelter in the Crew Dragon spacecraft earlier in June following a sharp increase in the rate of air leakage from the orbiting outpost. The offending area is the Zvezda service module's transfer tunnel, known by the Russian abbreviation PrK.

While more epoxy patches might address the problem in the short term, the fact that additional cracks have appeared suggests issues Zvezda has wider problems. That's not unexpected given the age of the craft, some parts of which date to the 1980s when it was a backup for the Mir space station. Russia launched Zvezda in 2000, so it's now endured decades of stress.

Arthur T Knackerbracket writes:

SearchLeak exploit shows why the industry's approach to LLM security fails over and over:

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the researchers who discovered the vulnerability and reported it to Microsoft revealed how their proof-of-concept exploit could retrieve 2FA codes and other sensitive data from emails accessible to Copilot.

Microsoft and other LLM providers have been unable to prevent their products from complying with malicious requests to reveal data. The root cause: AI bots are unable to distinguish between instructions provided by users and those snuck into third-party content the models are summarizing, drafting responses to, or using to perform other actions on behalf of the user. With no way to secure this crucial boundary, Microsoft and its peers are left to erect complicated and ad hoc guardrails designed to rein in the consequences of this incurable gullibility.

One guardrail built into Copilot and most other LLMs prevents them from submitting web forms, sending emails, and taking similar actions that can be used to exfiltrate data from the user. To work around this, LLM hackers turned to markup language, which, among other things, allows users to add formatting elements such as headings, lists, and links to text without the need for HTML tags. Another workaround is to wrap sensitive data inside HTML tags such as <img> and <form>. In either case, a web request showing the data hits the attacker's web server, where the secret information is captured in logs.

One Microsoft guardrail wraps Copilot output in <code> blocks so the browser treats it as straight text. Another is to restrict the sites Copilot is permitted to visit without explicit approval. While Copilot has blanket permission to send requests to Microsoft domains, guardrails restrict requests to untrusted sites.

Security firm Varonis devised an exploit chain that was able to catapult over these guardrails. The first element was what the researchers call a Parameter-to-Prompt Injection. The parameter in this case is the q in a URL, which is used to flag a query that has been included. The Parameter-to-Prompt Injection is a close relative of the prompt injection. The difference is that the malicious command is located in the query parameter, rather than in an email or other piece of untrusted content.

pTamok writes:

Typesetting, or the craft of mechanically or algorithmically placing characters on a page so they are pleasing to the beholder, is an interesting craft. It is related to calligraphy, which is the art or craft of manually (handwriting) placing characters on a page so they are pleasing to the beholder.

Typesetting Arabic script has its own peculiar challenges: the script is written from right to left; it is only cursive; some letter-forms vary according to whether they start a word, are in its body, or terminate the word; and justification is achieved by varying the width of portions of the letters in words, not by varying the spaces between words.

Modern operating systems, are in general, very bad at rendering Arabic script well.

This blog goes into a deep dive of the history of Arabic typesetting, and modern challenges.

Vita Nouva: An interactive introduction to the terrific experience of rendering Arabic typography and its technical debt

Quoting with some slight rewording and editing:

The rules for laying out classical Arabic script were written down by Ibn Muqla, Abbasid vizier and chief calligrapher, who served three caliphs in succession and was imprisoned by two of them; the third had his right hand amputated on a charge of treasonous correspondence, and Ibn Muqla then kept writing for the next several months by lashing a reed pen to the stump of his wrist, and was rewarded for what he wrote by having his tongue cut out, and died in prison around the year 940.

The system he wrote down outlasted everybody who hurt him by a thousand years. It is called al-khaṭṭ al-mansūb, the proportional script; every letterform measured in rhombic dots of the reed nib, every curve a defined arc of a defined circle, the alif a fixed number of dots high and anything else derived from the alif. Within that system the elongation is a drawn stroke with its own rules, which letter pairs accept it, how the curve swells and tapers, how many elongations a line may carry, where they may sit. The scribes also justified by choosing different shapes, because most letters have alternate forms of different widths, and a skilled hand selects among them as the margin approaches. In this tradition, you justify by reshaping the letters, not by spacing the words.

The tradition Ibn Muqla started did not stay with him; it was refined, in writing, by named human beings over the following six hundred years. Ibn al-Bawwāb in Baghdad, around the year 1022, smoothed out the proportions and produced the manuscript that defined Naskh for the rest of the millennium; a single Qurʾān in his hand survives in the Chester Beatty Library in Dublin, and you can date the Persian, Ottoman, and Mamluk traditions by how closely they follow it.

Print and the Arabic script met badly, and that meeting set the pattern for almost everything since: when the machine cannot do the script, simplify the script, ship it, and call it progress.

Arthur T Knackerbracket writes:

https://www.theregister.com/science/2026/06/15/nasa-management-wants-a-word-and-wont-say-why/5255702

We've all seen it: an unexpected management meeting that turns up in your calendar. It could mean HR wants a quiet and perhaps terminal word, or, in the case of NASA, something altogether different.

During a chat with Space.com, NASA astronaut Bob Hines explained that the meeting was engineered to ensure all five Artemis III astronauts would be in the same room together and introduced face-to-face.

The process space NASA uses to select astronauts has long been shrouded in mystery. The first American man in space, Alan Shepard, recalled in Light This Candle that his assignment to the Mercury 7 – the first batch of NASA astronauts – came from a caller who said, "We'd like you to join us. Are you still willing to volunteer?"

Shepard later learned he would be the first American man in space during a meeting with fellow astronauts Gus Grissom and John Glenn, plus the Director of the Space Task Group, Bob Gilruth. Gilruth said, "Alan Shepard will make the first suborbital flight." Several factors went into that decision, including the seven Mercury astronauts rating their peers.

In his memoir, Riding Rockets, Space Shuttle astronaut Mike Mullane recalled receiving a summons, along with four crewmates, to the office of then Director of Flight Operations, George Abbey.

In that meeting, Abbey  apparently asked: "We've been looking at the mission manifest, and think it's time to assign some more crews. I was wondering if you would be interested in STS-41D?"

The whys and wherefores were unimportant. The astronauts were just delighted to get an assignment.

These days, an unannounced management meeting with invitees a person might not normally see on a request is apparently how things are done. How those invitees are picked, however, remains a little opaque.

An Anonymous Coward writes:

https://techcrunch.com/2026/06/13/the-fbi-built-its-own-replica-small-town-to-simulate-real-world-cyberattacks/

The Federal Bureau of Investigation is pulling back the curtain on a 22,000 square-foot replica town on its Huntsville, Alabama campus that it built to train law enforcement in simulating and investigating real-world cyberattacks.

The aim is to teach investigators in a secure environment beyond the classroom by getting hands-on with some of the latest consumer and enterprise technologies, many of which are frequently targeted by malicious hackers. The numbers put the training into context. The FBI's 2025 Internet Crime Report, drawing on more than one million complaints, logged a record $20.9 billion in U.S. cybercrime losses, a 26% jump over the prior year, with ransomware ranked the top ongoing threat to critical infrastructure.

Dubbed the Kinetic Cyber Range, the FBI's small purpose-built town opened in February 2025 and features fully furnished houses, a hotel, a gas station and grocery mart, a courthouse, a hospital, and a power company — complete with roads and traffic lights — designed to mimic a real U.S. community. Since opening, says the agency, the facility has trained more than 1,400 students, including FBI personnel and partners from other federal and local agencies.

Each part of the town is wired with functioning devices and systems that behave as they would in a real community or business, while preventing any simulated attacks from spilling out of the facility.

The range also includes a data center with more than 200 physical servers — some running Windows, some Linux — reflecting the corporate environments investigators are likely to encounter when responding to a breach or executing a search warrant. "They're cold, they're cramped, they're noisy, they're dark, they're miserable," Dave Beachboard, the range's program manager, explains in the FBI's write-up about the training environment.

The replica town also allows the FBI to simulate ransomware attacks and their real-world consequences, including the high-pressure decisions that investigators must make when responding to incidents that could cause harm to people, such as hospital systems going dark.

The Kinetic Cyber Range also helps to train U.S. investigators in digital forensics, which police use to crack the cybersecurity defenses of encrypted modern devices to extract data from devices, often for the purposes of building a criminal investigation. The tools used for this are controversial as they work by exploiting vulnerabilities that are never disclosed to the device maker, such as Apple or Google, to defeat the protections those companies build in for their users.

Original Submission

Arthur T Knackerbracket writes:

Transferring genes across species doesn't just happen in microbes:

Last week, we looked at a new study of the origin of complex cells, one that showed that our ancestors' genomes were pieced together from bits and pieces of multiple species. It put a spotlight on a phenomenon called horizontal gene transfer, in which a gene from one species is incorporated into the genome of a distantly related species. The frequency of horizontal gene transfer means that, in addition to the neatly branching trees that relate species by common descent, there are small threads connecting distant branches of the tree of life.

It's easy to see why horizontal gene transfer would be common among microbes. They often live in complex communities that are likely awash in the DNA of dead and damaged cells. Plus, bacteria and archaea lack a membrane between their DNA and the rest of the cell, making it easier for environmental DNA to find its way to the genome.

However, a new study this week shows that horizontal gene transfers are remarkably common even in multicellular animals. And it does so by examining the genomes of multiple cockroach species, which have had bits of bacterial DNA for millions of years.

Neither bacteria nor archaea keep their DNA in a structure like the nucleus. As a result, any DNA that finds its way inside the cell has the potential to become intermingled with the genome and be incorporated permanently. That permanent incorporation is often aided by the DNA damage repair enzymes, which sometimes "fix" damage by inserting any DNA they come across in a cell.

Another reason horizontal gene transfer is a big factor among microbes is that they lack dedicated germ cells. If foreign DNA gets incorporated into the genome of any cell, it will be inherited by any descendants of that cell. In contrast, in multicellular animals, any foreign DNA incorporated into the genome of a liver cell will not be inherited by anything. So, you not only have to get the foreign DNA into the nucleus, but it also needs to get into the nucleus of the right cell.

Arthur T Knackerbracket writes:

The rocket's breakup likely generated 100 to 150 new pieces of space junk:

The upper stage from a commercial Chinese rocket that launched last week has broken apart in space, spreading debris in a heavily trafficked part of low-Earth orbit home to the International Space Station and a significant portion of SpaceX's Starlink broadband network.

The breakup occurred shortly after the Zhuque-2E rocket reached orbit on June 9 with two satellites providing direct-to-cell communications, perhaps around the time the upper stage was expected to perform a disposal burn. The US Space Force confirmed the breakup event in a post on space-track.org, a website used by the military to distribute orbit data to the public.

"The tracked pieces are being incorporated into routine conjunction assessment to support spaceflight safety," the Space Force wrote in an advisory. "There are currently no threats to human spaceflight. Analysis is ongoing."

So far, the Space Force has not added any of the debris fragments to the official catalog of human-made space objects. Darren McKnight, a senior technical fellow at the orbital intelligence company LeoLabs, told Ars the fragmentation event likely generated 100 to 150 pieces of debris.

In one piece, the second stage of the Zhuque-2E rocket, made by a Chinese company called LandSpace, measured between 25 and 30 feet (about 8 meters) long and 11 feet (3.35 meters) in diameter. The main body of the rocket's upper stage is now orbiting between 208 miles and 263 miles (335-by-424 kilometers) at an inclination of 54.5 degrees to the equator.

The uppermost part of this orbit crosses the orbit of the International Space Station, but aerodynamic drag will quickly pull all the debris fragments below the ISS. The debris could pose a greater threat to hundreds of Starlink satellites, particularly those providing direct-to-device connectivity and newly launched satellites, which fly at lower altitudes than the bulk of the Starlink constellation.

Linux 7.1 is Here to End the Intel 486 CPU Era - and Do Some Serious Legacy Clean Up

Arthur T Knackerbracket writes:

https://www.zdnet.com/article/say-goodbye-to-486-processors-linux-7-1-lands/

On his way to Mumbai for the Open Source Summit India, Linus Torvalds announced the latest Linux kernel: 7.1. This new version comes with a brand‑new in‑kernel, Microsoft's New Technology File System (NTFS) implementation, Intel's Flexible Return and Event Delivery (FRED) enabled by default, and a purge of aging code and hardware support, including the end of the road for 486 support. 

The new kernel arrives just months after Linux 7.0 debuted with major networking and filesystem changes. Version 7.1 continues the trend of tightening Linux's hardware focus while improving performance and security.

The headline change for most people in Linux 7.1 is its new native NTFS driver. Many Linux users, whether they like it or not, must deal with Microsoft file systems, and that's where this driver comes in. It replaces both the old, dusty NTFS‑3G FUSE driver in many setups and the Paragon‑contributed NTFS3 kernel driver that has had a bumpy history with data‑corruption reports. Indeed, Torvalds himself calls this new driver an "NTFS resurrection."

The new code is built on Linux's contemporary filesystem infrastructure, using iomap and folios instead of older buffer_head‑centric paths. The new and improved NTFS support was designed from the outset for robust read‑write support, better error handling, and more predictable behavior under heavy parallel I/O.

According to the new NTFS developer, Namjae Jeon, while the new NTFS driver shows only modest single‑threaded write gains, its improvements are far more impressive when multiple threads pound on the same NTFS volume. There, multi‑threaded writes can be 35–110% faster than earlier drivers, while mounting a 4TB NTFS volume is reported to be roughly four times faster. 

For users who regularly shuttle data between Windows and Linux via external drives or dual‑boot setups, this change should make NTFS feel much more like a first‑class citizen on Linux desktops and laptops.

On the CPU side, Linux 7.1 flips the switch on Intel's FRED, enabling it by default on supported Intel platforms. FRED is a new hardware mechanism for handling entries and exits in privileged modes, such as interrupts, exceptions, and system calls. FRED's goal is to simplify control‑flow transitions and reduce the reliance on legacy entry stacks that have grown increasingly complex and insecure over the years.

By moving to FRED, the kernel gets a cleaner separation between user and kernel control flows. This approach not only shrinks some overhead in high‑frequency event handling but also promises a tighter security story around those transitions. 

For now, the benefits will mostly be felt on recent Intel client and server hardware. However, as more vendors select similar mechanisms, 7.1's work positions Linux to take advantage of future architectural features in the space.

Linux 7.1 also brings a series of security improvements. This work starts with support for Intel's Linear Address Space Separation (LASS). LASS constrains how code can access different regions of the linear address space, making certain classes of memory‑corruption and control‑flow attacks harder to exploit by enforcing stronger separation between code and data regions. In tandem with FRED, LASS underlines an architectural shift toward hardening the boundary between userland and kernel, as well as between different types of in‑kernel objects.

Under the hood, the crypto subsystem gets a rework that enables more optimizations by default, which should pay off everywhere encryption and hashing are hot paths: TLS stacks, VPNs, encrypted filesystems, and distributed storage.

On the CPU front, there is further enablement for AMD's upcoming Zen 6 processors, with new IDs, errata workarounds, and tuning hooks landing in 7.1, ensuring the kernel is ready for the next generation of EPYC and Ryzen parts when they hit the market.

While 7.1 delivers clear wins for modern systems, it is also unambiguous about where Linux is no longer willing to go. This release continues the process of ripping out support for Intel's 486‑class processors and other early x86 variants. Kernel maintainers have been telegraphing for some time. Mainstream distributions had long since moved their baselines to at least i586 or x86‑64. To my knowledge, no major Linux distro currently supports 486 processors. 

Beyond CPUs, the codebase sheds over 140,000 lines of legacy code. This includes a grab bag of obsolete network and PCMCIA drivers, as well as the removal of Baikal CPU support. The rationale is two‑fold: Reduce the attack surface exposed by ancient, barely tested code paths, and ease long‑term maintenance by freeing developers from the need to preserve behaviors for hardware that has vanished from production. Retro‑computing enthusiasts will still be able to run older kernels, but the line between "supported" and "museum piece" is getting sharper.

At first glance, Linux 7.1 is just a point release, but its mix of a new NTFS driver, FRED and LASS enablement, aggressive legacy cleanup, and continued hardware support will be important for both desktops and data centers. 

For everyday users, the most obvious impact will likely be smoother, safer interaction with NTFS‑formatted drives. For operators and OEMs, the story is more about security posture, platform support, and getting ready for the next wave of Intel and AMD silicon.