An anonymous reader quotes a report from ZDNet: For years, there's been a known security vulnerability hiding in the GNU C Library (glibc). This library, which is critical for Linux and many other operating systems and programs, had a dynamic memory management security hole that could be used for denial of service (DoS) attacks. Now, the security company, Check Point, has issued an open-source patch, which will make it much more difficult to exploit this memory allocation (malloc) problem. Check Point re-encountered this known problem when it discovered that so-called smart light bulbs could be used to hack into networks by exploiting unprotected single-linked-lists. The double-linked-list version of this problem had been fixed back in 2005 with Safe-Unlinking. But, the single-linked-list version, which is present in the memory primitive functions Fast-Bins and Thread Cache (TCache), remained vulnerable. Now, the fix is in for this problem. This new built-in security mechanism is called Safe-Linking. It protects malloc by signing its single-linked-list pointers with random numbers derived from Linux's Address Space Layout Randomization (ASLR) functionality. Combined with memory chunk alignment integrity checks, it protects the memory pointers from hijacking attempts and thus the system itself. The patch is now being integrated with the most common standard C library implementation, glibc. Safe-Linking will be released in glibc 2.32 in August 2020. It's already up and running in glibc's popular embedded counterpart: uClibc-NG.

Read more of this story at Slashdot.

Astronomers believe they may have found the first direct evidence of a new planet being born. A dense disc of dust and gas has been spotted surrounding a young star called AB Aurigae, about 520 light years away from Earth. From a report: Using the European Southern Observatory's Very Large Telescope (VLT), located in Chile, the researchers observed a spiral structure with a "twist" near the centre, which suggests a new world may be in the process of forming. The swirling disc was one of the telltale signs of the star system being born in the constellation of Auriga, the scientists said. Dr Anthony Boccaletti, who led the study from the Observatoire de Paris at the PSL University, in France, said: "Thousands of exoplanets have been identified so far, but little is known about how they form." He added: "We need to observe very young systems to really capture the moment when planets form." Until now astronomers had been unable to take clear images of young discs to see these twists.

Read more of this story at Slashdot.

All you have to do is write an article that says RSS is Dead and you'll get lots of clicks, and I'm not sure if anyone will believe you or think you're smart, but you are wrong. Those articles have been written for decades, and my friends RSS is built-in, like HTTP and HTML, DNS, SMTP, POP and all the other michegas that makes up the net. The stack never gives up anything. Also since it never was alive, how can it be dead, n'est-ce pas?

Pretty remarkable. Is the common cold a vaccine for Covid-19?

Front Page Tech host Jon Prosser this week shared several details about Apple's rumored augmented reality glasses, including an "Apple Glass" marketing name, $499 starting price, prescription lens option, and more.The marketing name will be "Apple Glass" According to Prosser, who has established a reliable track record for Apple's product roadmap in recent months, here are some other key details about the Apple Glass: The glasses will start at $499 with the option for prescription lenses at an extra cost. There will be displays in both lenses that can be interacted with using gestures. The glasses will rely on a paired iPhone, similar to the original Apple Watch. An early prototype featured LiDAR and wireless charging. Apple originally planned to unveil the glasses as a "One More Thing" surprise at its iPhone event in the fall, but restrictions on in-person gatherings could push back the announcement to a March 2021 event. Apple is targeting a late 2021 or early 2022 release.

Read more of this story at Slashdot.

Sabrent, an LA-headquartered computer vendor, has expanded its Rocket Q family of 500GB, 1TB, 2TB, and 4TB drives with a new model that offers 8 terabytes of super-fast storage in the same M.2 2280 form-factor by utilizing Micron's 3D QLC NAND technology. The company shares features of the drive below: M.2 PCIe Gen3 x 4 Interface. PCIe 3.1 Compliant / NVMe 1.3 Compliant. Power Management Support for APST / ASPM / L1.2. Supports SMART and TRIM commands. Supports ONFi 2.3, ONFi 3.0, ONFi 3.2 and ONFi 4.0 interface. Advanced Wear Leveling, Bad Block Management, and Over-Provision. No word on pricing.

Read more of this story at Slashdot.

The process to get unlicensed versions of movies, music and other content taken off the internet isn't working as intended and should be updated, the Copyright Office said in an expansive report Thursday. From a report: Updating that system would require an act of Congress, which can now look to the Copyright Office's conclusions as it considers legislating on the matter. In its report, the office found the system for notice and takedown of infringing materials is unbalanced and out of sync with Congress' intent when it established the process in the 1998 Digital Millennium Copyright Act. The DMCA includes liability protection for online companies whose users illegally upload copyrighted material if the online companies take down the material when they are notified by the rights-holder. Copyright holders have complained that this process doesn't proactively protect their intellectual property against online infringement, and the report appears to agree, concluding "Congress' original intended balance has been tilted askew."

Read more of this story at Slashdot.

Only weeks after reopening, Australia's fire-ravaged Mogo Zoo had to close again because of Covid-19.

Jack Dorsey, the chief executive of Twitter and mobile-payments firm Square, said today he is giving $5 million to Humanity Forward, a group launched by former Democratic presidential candidate Andrew Yang to build the case for a universal basic income. A report adds: The donation is part of Dorsey's Start Small LLC, a $1 billion foundation he launched last month to support global COVID-19 relief efforts. "Not only will Jack's donation directly impact tens of thousands of people in need during the current economic downturn, it will help Humanity Forward and our movement continue to make a case for Universal Basic Income (UBI) in the United States," Yang said in a statement. "We know UBI for every American is possible, and this $5 million from Start Small is going to help demonstrate what is possible for families across the country."

Read more of this story at Slashdot.

Scientists discover a new behaviour among bumblebees that tricks plants into flowering early.

Scientists call for the conservation of nature to be at the centre of the economic recovery after the coronavirus pandemic.

In a move that illustrates how swiftly the COVID-19 pandemic is reshaping the global economy, Facebook said today that it would begin allowing most of its employees to request a permanent change in their jobs to let them work remotely. From a report: The company will begin today by making most of its US job openings eligible for remote hires and begin taking applications for permanent remote work among its workforce later this year. "We're going to be the most forward-leaning company on remote work at our scale," CEO Mark Zuckerberg said in an interview with The Verge. "We need to do this in a way that's thoughtful and responsible, so we're going to do this in a measured way. But I think that it's possible that over the next five to 10 years -- maybe closer to 10 than five, but somewhere in that range -- I think we could get to about half of the company working remotely permanently." Facebook, which has more than 48,000 employees working in 70 offices worldwide, is the largest company yet to move aggressively into remote work in the wake of the pandemic.

Read more of this story at Slashdot.

Canadian e-commerce firm Shopify would keep its offices closed till 2021 and allow most employees to work remotely on a permanent basis after that, Chief Executive Officer Tobi Lutke said in a tweet on Thursday. "Office centricity is over," Lutke said here in the tweet. The company employs about 5,000 people.

Read more of this story at Slashdot.

Gatekeepers pass on ideas from people they respect and not people they don't. It's natural. I do it too. But I've been wrong a number of times this way, and then missed out on important ideas. So I try to pay attention to unusual thinking whether or not I like the person doing the talking. It can be hard to overcome judgement, but it's often worth trying.

Netflix said Thursday it will ask customers who have not watched anything on the on-demand video streaming service in a year or more if they wish to maintain their subscriptions -- and will cancel the subscription if it does not receive a confirmation. From a report: The company said it has started to notify customers who have't watched anything on the service in 12 months since they became a subscriber to check if they wish to keep their membership. The company is also reaching out to those who haven't streamed anything in the past two years, it said. "You know that sinking feeling when you realize you signed up for something but haven't used it in ages? At Netflix, the last thing we want is people paying for something they're not using," the company said.

Read more of this story at Slashdot.