This week in Vancouver, Linux kernel developer Greg Kroah-Hartman criticized Intel's slow initial response to the Spectre and Meltdown bugs in a talk at the Open Source Summit North America. An anonymous reader quotes eWeek: Kroah-Hartman said that when Intel finally decided to tell Linux developers, the disclosure was siloed.... "Intel siloed SUSE, they siloed Red Hat, they siloed Canonical. They never told Oracle, and they wouldn't let us talk to each other." For an initial set of vulnerabilities, Kroah-Hartman said the different Linux vendors typically work together. However, in this case they ended up working on their own, and each came up with different solutions. "It really wasn't working, and a number of us kernel developers yelled at [Intel] and pleaded, and we finally got them to allow us to talk to each other the last week of December [2017]," he said. "All of our Christmas vacations were ruined. This was not good. Intel really messed up on this," Kroah-Hartman said... "The majority of the world runs Debian or they run their own kernel," Kroah-Hartman said. "Debian was not allowed to be part of the disclosure, so the majority of the world was caught with their pants down, and that's not good." To Intel's credit, Kroah-Hartman said that after Linux kernel developers complained loudly to the company in December 2017 and into January 2018, it fixed its disclosure process for future Meltdown- and Spectre-related vulnerabilities... "Intel has gotten better at this," he said. An interesting side effect of the Meltdown and Spectre vulnerabilities is that Linux and Windows developers are now working together, since both operating systems face similar risks from the CPU vulnerabilities. "Windows and Linux kernel developers now have this wonderful back channel. We're talking to each other and we're fixing bugs for each other," Kroah-Hartman said. "We are working well together. We have always wanted that."

Read more of this story at Slashdot.

"Using the newly minted Linux 4.19 feature code, fresh benchmarks were carried out looking at the performance cost of Spectre/Meltdown/Foreshadow mitigations on Intel Xeon v. AMD EPYC CPUs," writes an anonymous Slashdot reader: Workloads affected by these CPU vulnerabilities mainly deal with I/O and frequent kernel calls while CPU bound tests are still found to be minimally impacted. When toggling these mitigations on Linux 4.19, Intel Xeon CPUs were found to be 10~15% slower with the default kernel while AMD EPYC CPUs dropped to about 5% slower.

Read more of this story at Slashdot.

Were the creators of Facebook and Twitter oblivious to how social networks could be abused? "I struggle to believe that these brilliant product CEOs, who have created social media services used by millions of people worldwide, are actually naive," writes the former CEO of Reddit. "It's a lot more likely that they simply don't care." [S]ocial media companies and the leaders who run them are rewarded for focusing on reach and engagement, not for positive impact or for protecting subsets of users from harm. They're rewarded for keeping costs down, which encourages the free-for-all, anything-goes approach misnomered "free speech." If they don't need to monitor their platforms, they don't need to come up with real policies -- and avoid paying for all the people and tools required to implement them.... In the earliest days, it wasn't always obvious what these platforms were doing and what they would become -- even to insiders. But at a certain point, it became clear that money was the driving factor, and dopamine- or rage-induced interactions meant more money.... CEOs should just forget about hiding behind "naivete" and "free speech," and instead remind themselves they can take actions that will meaningfully change the direction of the future. The first step is acknowledging the problem... You've solved for increasing engagement; now it's time to make real, positive interactions a priority. The next time a CEO claims ignorance, "we must hold them accountable," the essay argues, complaining that right now there's a vacuum of leadership. So instead, "Everyone's holding hands on the road to hell."

Read more of this story at Slashdot.

The big boom in tech is never what the pundits say it will be. They generally go for the wizzy demo, but what wins is usually more cerebral and prosaic, has more to do with human potential than domination.

Like the cameras in phones. Few pundits called that. It wasn’t spacy and hard to understand. Instead cameras got smaller, better, and key thing — could communicate without tethering.

Few predicted that radio was ripe to be democratized, but that’s what we did. Not VR or AR. Imagine how much money has poured into those. New media types are the simple obvious ones.

If you’d like to run it, go to the NetNewsWire site and download the latest build.

Things to know:

• A whole bunch of important features haven’t even been started yet
• There are features not finished yet
• There are bugs
• It’s not even beta. Not even alpha!
• It still has the Evergreen app icon

If you’re upgrading from Evergreen, you can either:

• Start fresh, or
• Rename the folder ~/Library/Application Support/Evergreen to ~/Library/Application Support/NetNewsWire, or
• If you already have a NetNewsWire folder there, copy the contents of the above-mentioned Evergreen folder into that NetNewsWire folder.

Note: I’ve started a Slack group, but I don’t have a public signup form for it yet. You can email me to ask for an invitation. Just let me know if I should use an email address other than the one you used to email me. (You can find my email address at the bottom of the NetNewsWire site.)

You don’t have to be on the Slack to help. You can always contact me by whatever means, and you can post to the Issues tracker on GitHub.

Street protests have raged in Chemnitz as two migrants are arrested for the killing of a German man.

An anonymous reader quotes CNET: J.R.R. Tolkien fans can get their hands on what might be the late author's final work. The Fall of Gondolin was published August 30 by Houghton Mifflin Harcourt in the US and HarperCollins in the UK. J.R.R. Tolkien died in 1973, but since his death, his son Christopher, now 93, has edited a number of his father's works, including this one. The book tells of the founding of the Elven city of Gondolin, and is considered one of Tolkien's Lost Tales... The Fall of Gondolin follows another posthumously published Lost Tale, The Tale of Beren and Luthien, which came out in 2017. At the time, many expected that book to be J.R.R. Tolkien's final published work. Christopher Tolkien even wrote in its preface that it was "(presumptively) my last book in the long series of my father's writings." But now, Entertainment Weekly reports, Christopher Tolkien has written that "The Fall of Gondolin is indubitably the last." The book is illustrated by Alan Lee, who has illustrated numerous Tolkien books, and along with Grant Major and Dan Hennah won an Oscar for best art direction for the 2003 film, The Lord of the Rings: The Return of the King. The Washington Post includes the book's description of a "hideous mechanical army" deployed in battle against Gondolin, and summarizes the book's plot. "In short, the evil overlord Morgoth -- called Melko here -- seeks to dominate the entire world, but the hidden elvish city of Gondolin remains out of his grasp." "We are reminded that Tolkien first drafted this story while in the hospital recuperating from the Battle of the Somme."

Read more of this story at Slashdot.

Announced intention to strengthen Iran's defence capabilities also includes acquiring fighter jets and submarines.

The IRS recently ruled that under some circumstances employers can link their 401(k) matching contributions to the amount of an employee's student loan repayments -- making it easier for recent graduates to take advantage of this employer benefit. But that's one spot of good news in a sea of bad, according to one anonymous Slashdot reader: Two new articles criticize America's student loan policies (under both the Obama and Trump administrations). CNBC cites reports that within six years, more than 15% of student borrowers had officially defaulted, while 10% more had stopped making payments and another 4.8% were at least 90 days late. And for-profit colleges fared even worse, where nearly 25% of graduates defaulted, and a total of 44% faced "some form of loan distress." These trends were masked by Department of Education reports which stopped tracking repayment rates after just three years (reporting defaults rates of just 10%), according to Ben Miller, senior director for post-secondary education at the left-leaning Center for American Progress. "Official statistics present a relatively rosy picture of student debt. But looking at outcomes over more time and in greater detail shows that hundreds of thousands more borrowers from each cohort face troubles repaying."

Read more of this story at Slashdot.

With the crucial presidential elections a month away, a Brazil court's decision has dramatically changed the race.

Street protests after the killing of a German and foreigners are accused of his death.

Emails like this from Google about "violations" on my website are really disturbing, esp since I don't run any Google ads on my site. I wish they'd STFU about violations, or say what the violations are. I always can use a good laugh. Their email is a violation of my independence. Fuck off.

Russia isn't the first country to launch a floating nuclear power plant. 50 years ago America's army built a floating nuclear power plant to supply energy to the Panama Canal Zone. Even though it's now being dismantled in Texas -- a four-year job -- China has plans to build as many as 20 floating nuclear power plants. Gayle BAS quotes the Bulletin of the Atomic Scientists: Proponents say that floating nuclear plants have major advantages over land-based power plants: They have easy access to cooling water and can be quickly installed near coastal cities with rapidly growing energy demands. And unlike other types of energy that produce relatively few climate-altering emissions, nuclear power plants can run 24/7. But as with onshore nuclear reactors, the closely related issues of safety and economics could be showstoppers.

Read more of this story at Slashdot.

Yesterday we heard that the Village Voice is ending, but they are sticking around long enough to be sure their archive is accessible for historic purposes. This is much appreciated by all who value the Voice, its history, and the human knowledge it captured. As far as I know, it's the first time a news org, or even a blog, when shutting down, has put any effort into assuring the archive remains accessible. (If there are other examples, I'd like to hear about them.)

So then the question is, what kind of archive? There are two very different kinds of archives. I'll try to explain.

Imagine the difference between the ruins of ancient Rome, and a museum filled with artifacts from that time. In the actual ruin, you're standing where the great figures of Roman history stood. There's more data available to you, things a museum curator might not think to preserve. It also invokes the imagination and inspires in ways a museum can't.

And there's also great value in museums and libraries! Sometimes the things that were created are more important. So you can visit the US Capitol (a place) in Washington DC, or see the Declaration of Independence (a document) at the National Archives.

You can see the handwritten lyrics of Eleanor Rigby by Lennon and McCartney at the British Museum, but the Beatles are no longer performing the song. When the thing itself no longer exists, it's good to have the artifacts.

You want it all if you really care about the history.

As it is with the web. Most of the content of the Village Voice is probably already safely stored at archive.org. But what about the villagevoice.com domain? Don't we also want to preserve the links into the site, for ongoing web sites that point to the Voice? Or when someone reads the preserved Scripting News, if I'm able to get that done, be able to click a link to a great Voice article and not get a 404? That's analogous to preserving ancient Rome in addition to remembering its history. (BTW, some of it's already gone. Here's a post on this blog from 2004 that links to a VV article. Not found. Ouch.)

With the web we have the technical means to create a perfect archive, but without planning ahead, all we will have are the museums. And we are not doing the planning. The web, as a historic medium is far less than imperfect, it's temporary. Only present as long as someone keeps paying the bills. And there's no way to pay the bills far in advance, so the historic record has a literally no chance of surviving, given the current state of things.

The Village Voice offers a chance for us to learn how to do this right. So we can do it again, and again, until we've got a method that has a reasonable chance of working.

The armed group overran a base in the country's Borno state, military sources tell AFP.