SlashdotNews for nerds, stuff that matters
May 17th 2026, 15:34 by EditorDavid
Long-time Slashdot reader internet-redstar shares an interestging response to "the recent wave of Linux kernel privilege escalation vulnerabilities like 'Copy Fail' and 'Dirty Frag'": Belgian Linux sysadmin and Tesla Hacker "Jasper Nuyens" got tired of the idea of manually blacklisting dozens or even hundreds of obscure kernel modules across large fleets of Linux systems in the near future. So he wrote ModuleJail, a GPLv3 shell script that scans a running Linux system and automatically blacklists currently unused kernel modules, reducing kernel attack surface without requiring a reboot. The idea is simple: many modern Linux privilege escalation bugs target obscure or rarely used kernel functionality that is still enabled by default on servers that do not actually need it. ModuleJail works across major distributions including Debian, Ubuntu, RHEL, Fedora, AlmaLinux and Arch Linux, generating 1 modprobe blacklist rules file while preserving commonly-used modules. Nuyens argues that the increasing speed of AI-assisted vulnerability discovery will likely turn kernel hardening and attack surface reduction into a much bigger operational priority for sysadmins over the next few weeks and months.
 
Read more of this story at Slashdot.
May 17th 2026, 14:34 by EditorDavid
Are statistical programmers coalescing around a handful of popular languages? That's the question asked by the CEO of software assessment site TIOBE, which every month estimates the popularity of programming languages based on their frequency in search results: This month, the programming language R matched its all-time high by reaching position #8 in the TIOBE index once again. This is not a coincidence. The statistical programming language market is clearly undergoing a major consolidation. The biggest winners are Python and R, while many long-established alternatives continue to lose momentum. The era in which the statistical computing landscape was fragmented across many niche languages and platforms appears to be coming to an end. Several established players are steadily declining: — MATLAB is close to dropping out of the TIOBE top 20. — SAS is about to leave the top 30 for the first time since the TIOBE index began. — Wolfram/Mathematica remains well below its historical peak and is losing further ground. — SPSS dropped out of the top 100 last month.... Elsewhere in the index, Java and C++ swapped positions this month. Java gained momentum following the successful release of Java 26. Another notable riser is Zig, which is approaching the TIOBE top 30 for the first time. Zig's growing popularity appears to be driven by its rare combination of low-level performance, straightforward tooling, and relative ease of use compared to traditional systems programming languages. Their estimate for the most popular programming languages in May: PythonCJavaC++C#JavaScriptVisual BasicRSQLDelphi/Object Pascal The five next most popular languages on their rankings are Fortran, Scratch, Perl, PHP, and then Rust at #15. Rust is up for positions from May of 2025 — while Go has dropped to #16, seven ranks lower than its May 2025 position of #7.
Read more of this story at Slashdot.
May 17th 2026, 11:34 by EditorDavid
xAI has launched Grok Build, "a coding agent of its own to serve as competitor to its rivals' products, such as Anthropic's Claude Code," reports Engadget: As Bloomberg notes, xAI has been trying to catch up to its rival companies like Anthropic and OpenAI. Elon Musk, the company's founder and CEO, previously admitted that it has fallen behind its competitors when it comes to coding. A couple of months ago, Musk said he was rebuilding xAI "from the foundations up" after several co-founders had left the company. One of the company's executives reportedly told staffers to work on getting Grok to match Claude's performance across various tasks. More details from PCMag: Grok Build is currently available in beta to those with a SuperGrok Heavy subscription, which starts at $300 per month. Just download it from the xAI website and log in. It's described as "a powerful new coding agent and CLI for professional software engineering and complex coding work." In its early version, xAI is seeking feedback and looking to fix any bugs... Only a few features have been highlighted, including a plan mode that lets you review, edit, and approve a plan before execution, and support for existing plug-ins and workflows.
Read more of this story at Slashdot.
May 17th 2026, 07:34 by EditorDavid
Computer Weekly reports on "the long-awaited reform of Britain's outdated Computer Misuse Act of 1990 — which has hamstrung the work of the nation's cyber security professionals and researchers for years." The Computer Misuse Act was passed 35 years ago in response to a high-profile hacking incident involving no less than the King's father, the late Duke of Edinburgh. It defined the offence of unauthorised access to a computer — which has been used successfully in countless cyber crime prosecutions over the years. However, as the cyber security landscape has developed into its current form, this language has become increasingly vague and for some years now, a growing number of bona fide security professionals have been arguing that it potentially criminalises their work because from time to time, they may need to gain covert access to IT systems in the course of legitimate research. Speaking to Computer Weekly in 2025, Belfast-based security consultant Simon Whittaker described how the police showed up at his front door after his research was erroneously implicated in the infamous WannaCry incident of 2017... Sabeen Malik, vice-president for global government affairs and public policy at Rapid7, added: "As AI-driven vulnerability discovery scales, defenders need to run automated scanning, agentic red-teaming, and large-scale vuln research at machine speed — activities the 1990 Computer Misuse Act's broad unauthorised-access provisions were never designed to accommodate, leaving UK researchers exposed to criminal risk for work their adversaries face no equivalent friction performing." The reforms are part of a new bill that's "enhancing the powers available to law enforcement and the security services," according to the article. It points out that the U.K. government also intends "to create a Cyber Crime Risk Order that can be applied to control the behaviour of cyber criminals, and new abilities to search people believed to be concealing evidence on behalf of suspected offenders." It's all part of a proposed bill "designed to make the UK a harder target for hostile foreign states and other dangerous groups to attack."
Read more of this story at Slashdot.
May 16th 2026, 19:34 by EditorDavid
"Most of the plastic waste in California is about to lose the recycling symbol," writes the Washington Post's "climate coach." The "chasing arrows" symbol, created in 1970 by a college student inspired by the burgeoning environmental movement, has been stamped indiscriminately on plastic bottles, clamshell takeout containers, chip bags and more for decades. The majority of the items emblazoned with the mark have been virtually impossible to recycle for most people. California lawmakers say they want to end the charade: Under what's known as the Truth in Recycling law, plastics cannot use the symbol if they aren't collected by curbside programs serving 60% of Californians and sorted by facilities serving 60% of the state's recycling programs (with some additional requirements). If the law goes into effect as scheduled on October 4, more than half of the types of plastic packaging and products sold in the state can no longer carry the chasing arrows logo. That will affect plastic films, foam, PVC and mixed plastics... Food and packaging groups have sued the state of California, calling the law a form of censorship whose vague restrictions violate the First Amendment and due process rights.... Advocates of the law counter that corporations deliberately misled the public by turning the recycling symbol into a marketing device that masks the fact that only a small fraction of plastic packaging is ultimately recycled... The mark was originally intended to informwaste processors what polymers a plastic item was made from. But the public reasonably assumed anything stamped with the symbol was recyclable. Millions of tons of worthless plastic trash have since poured into recycling facilities unable to process it.... States are now taking action. Seven have passed laws shifting the cost of recycling onto packaging makers. Oregon and Washington have lifted requirements that plastic containers carry the chasing arrows symbol. The article notes that Norway already recovers 97% of beverage bottles, while Slovakia recycles 60% of plastic packaging. "But the U.S. only recovers about a third of its PET and HDPE bottles, and just 13% of plastic packaging, according to U.S. Plastics Pact, an industry-led forum. "It won't be easy for the U.S. to reach higher levels of recycling: The necessary infrastructure and incentives are chronically underfunded, no federal mandate exists for minimum-recycled-content that would create demand and a mix of mostly unrecyclable hydrocarbons still dominates the waste stream."
Read more of this story at Slashdot.
You are receiving this email because you subscribed to this feed at blogtrottr.com. By using Blogtrottr, you agree to our terms. If you no longer wish to receive these emails, you can unsubscribe from this feed, edit this subscription, or manage all your subscriptions. |
Comments
Post a Comment