New submitter RealNeoMorpheus shares a Google blogpost about Fuchsia -- a new open source operating system that has been in the works for several years: Fuchsia is a long-term project to create a general-purpose, open source operating system, and today we are expanding Fuchsia's open source model to welcome contributions from the public. Fuchsia is designed to prioritize security, updatability, and performance, and is currently under active development by the Fuchsia team. We have been developing Fuchsia in the open, in our git repository for the last four years. You can browse the repository history at fuchsia.googlesource.com to see how Fuchsia has evolved over time. We are laying this foundation from the kernel up to make it easier to create long-lasting, secure products and experiences. Starting today, we are expanding Fuchsia's open source model to make it easier for the public to engage with the project. We have created new public mailing lists for project discussions, added a governance model to clarify how strategic decisions are made, and opened up the issue tracker for public contributors to see what's being worked on. As an open source effort, we welcome high-quality, well-tested contributions from all. There is now a process to become a member to submit patches, or a committer with full write access. In addition, we are also publishing a technical roadmap for Fuchsia to provide better insights for project direction and priorities. Some of the highlights of the roadmap are working on a driver framework for updating the kernel independently of the drivers, improving file systems for performance, and expanding the input pipeline for accessibility.

Read more of this story at Slashdot.

New submitter RealNeoMorpheus shares a Google blogpost about Fuchsia -- a new open source operating system that has been in the works for several years: Fuchsia is a long-term project to create a general-purpose, open source operating system, and today we are expanding Fuchsia's open source model to welcome contributions from the public. Fuchsia is designed to prioritize security, updatability, and performance, and is currently under active development by the Fuchsia team. We have been developing Fuchsia in the open, in our git repository for the last four years. You can browse the repository history at fuchsia.googlesource.com to see how Fuchsia has evolved over time. We are laying this foundation from the kernel up to make it easier to create long-lasting, secure products and experiences. Starting today, we are expanding Fuchsia's open source model to make it easier for the public to engage with the project. We have created new public mailing lists for project discussions, added a governance model to clarify how strategic decisions are made, and opened up the issue tracker for public contributors to see what's being worked on. As an open source effort, we welcome high-quality, well-tested contributions from all. There is now a process to become a member to submit patches, or a committer with full write access. In addition, we are also publishing a technical roadmap for Fuchsia to provide better insights for project direction and priorities. Some of the highlights of the roadmap are working on a driver framework for updating the kernel independently of the drivers, improving file systems for performance, and expanding the input pipeline for accessibility.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Dozens of radiology products from GE Healthcare contain a critical vulnerability that threatens the networks of hospitals and other health providers that use the devices, officials from the US government and a private security firm said on Tuesday. The devices -- used for CT scans, MRIs, X-Rays, mammograms, ultrasounds, and positron emission tomography -- use a default password to receive regular maintenance. The passwords are available to anyone who knows where on the Internet to look. A lack of proper access restrictions allows the devices to connect to malicious servers rather than only those designated by GE Healthcare. Attackers can exploit these shortcomings by abusing the maintenance protocols to access the devices. From there, the attackers can execute malicious code or view or modify patient data stored on the device or the hospital or healthcare provider servers. Aggravating matters, customers can't fix the vulnerability themselves. Instead, they must request that the GE Healthcare support team change the credentials. Customers who don't make such a request will continue to rely on the default password. Eventually, the device manufacturer will provide patches and additional information. The flaw has a CVSS severity rating of 9.8 out of 10 because of the impact of the vulnerability combined with the ease of exploiting it. Security firm CyberMDX discovered the vulnerability and privately reported it to the manufacturer in May. The US Cyber Security and Infrastructure Security Agency is advising affected healthcare providers to take mitigation steps as soon as possible. In a statement, GE Healthcare officials wrote: "We are not aware of any unauthorized access to data or incident where this potential vulnerability has been exploited in a clinical situation. We have conducted a full risk assessment and concluded that there is no patient safety concern. Maintaining the safety, quality, and security of our devices is our highest priority. We are providing on-site assistance to ensure credentials are changed properly and confirm proper configuration of the product firewall. Additionally, we are advising the facilities where these devices are located to follow network management and security best practices."

Read more of this story at Slashdot.

jowifi shares a report from NPR: One of the world's most famous aviators has died: Chuck Yeager -- best known as the first to break the sound barrier -- has died at the age of 97. Yeager started from humble beginnings in Myra, W.Va., and many people didn't really learn about him until decades after he broke the sound barrier -- all because of a book and popular 1983 movie called The Right Stuff. He accomplished the feat in a Bell X-1, a wild, high-flying rocket-propelled orange airplane that he nicknamed "Glamorous Glennis," after his first wife who died in 1990. It was a dangerous quest -- one that had killed other pilots in other planes. And the X-1 buffeted like a bucking horse as it approached the speed of sound -- Mach 1 -- about 700 miles per hour at altitude. But Yeager was more than a pilot: In several test flights before breaking the sound barrier, he studied his machine, analyzing the way it handled as it went faster and faster. He even lobbied to change one of the plane's control surfaces so that it could safely exceed Mach 1. As popularized in The Right Stuff, Yeager broke the sound barrier on Oct. 14, 1947, at Edwards Air Force Base in California. But there were no news broadcasts that day, no newspaper headlines. The aviation feat was kept secret for months. In 2011, Yeager told NPR that the lack of publicity never much mattered to him. "I was at the right place at the right time. And duty enters into it. It's not, you know, you don't do it for the -- to get your damn picture on the front page of the newspaper. You do it because it's duty. It's your job." Yeager never sought the spotlight and was always a bit gruff. After his famous flight in the X-1, he continued testing newer, faster and more dangerous aircraft. The X-1A came along six years later, and it flew at twice the speed of sound. On Dec. 12, 1953, Chuck Yeager set two more altitude and speed records in the X-1A: 74,700 feet and Mach 2.44. [...] Today, the plane Yeager first broke the sound barrier in, the X-1, hangs inside the air and space museum. [...] Chuck Yeager spent the last years of his life doing what he truly loved: flying airplanes, speaking to aviation groups and fishing for golden trout in California's Sierra Nevada mountains.

Read more of this story at Slashdot.

Well here is a surprise for those that have long used CentOS as the community-supported rebuild of Red Hat Enterprise Linux... CentOS 8 will end in 2021 and moving forward CentOS 7 will remain supported until the end of its lifecycle but CentOS Stream will be the focus as the future upstream of RHEL. From a report: For those relying on CentOS 8 to enjoy the reliability and features of Red Hat Enterprise Linux 8 but without the licensing costs, etc, that will end in 2021. At the end of 2021, CentOS 8 will no longer be maintained but CentOS 7 will stick around in a supported maintenance state until 2024. The CentOS Project will be focused moving forward just on CentOS Stream as the upstream/development branch of Red Hat Enterprise Linux. CentOS 8 users are encouraged to begin transitioning to CentOS Stream 8. The CentOS Project announced this shift in focus today via the CentOS Blog. Red Hat's announcement meanwhile is promoting the change as beneficial to CentOS Stream.

Read more of this story at Slashdot.

The U.S. Senate voted Tuesday by a 49 to 47 vote to advance the nomination of a senior Trump administration official who has helped lead an effort seeking social media regulations to a seat on the Federal Communications Commission. From a report: The Senate is set to vote later on the nomination of Nathan Simington, a Commerce Department official, after U.S. President Donald Trump repeatedly urged lawmakers to take action. If Simington is confirmed, the FCC could initially be deadlocked 2-2 between Democrats and Republicans when Democratic President-elect Joe Biden takes office next month.

Read more of this story at Slashdot.

Highly recommend yesterday's Cuomo podcast, esp the conversation between Cuomo and Fauci. Important: we need 80 percent to be vaccinated to eliminate the virus. Everyone, legal or illegal, no matter where they live. Of course, not likely, given that more than half of NYC firefighters say they will refuse the vaccine. These are people who run into burning buildings, but think the vaccine is too dangerous?

Back in the day there was a million pixel web page, they sold individual pixels, $1 a pixel. Really cynical, but I think the guy made the money, got paid for all the pixels. Anyway what made me think of this was President-elect Biden could sell seats at the virtual inauguration and use the money for a good cause. I'd like to be part of a million people participating in the inaugural, without endangering people's lives (including my own).

Google today launched an experimental app for Android that leverages AI to make communication more accessible for people with speech and motor impairments. Called Look to Speak, it tracks eye movements to let people use their eyes to select prewritten, customizable phrases and have them spoken aloud. From a report: Approximately 18.5 million people in the U.S. have a speech, voice, or language impairment. Eye gaze-tracking devices can provide a semblance of independence, but they're often not portable and tend to be expensive. The entry-level Tobii 4C eye tracker starts at $150, for instance. To address this need, speech and language therapist Richard Cave began collaborating with a small group at Google to develop Look to Speak. The app, which is available for free and compatible with Android 9.0 and above, enables users to glance left, right, or up to select what they wish to say from a phrase list. With Look to Speak, people can personalize the words and sentences on their list and adjust eye gaze sensitivity settings. Google says the app's data remains private and never leaves the phone on which it's installed.

Read more of this story at Slashdot.

Amazon.com, American Express, Daimler AG and Stripe are among those joining a new GitHub program that will let companies directly fund open-source projects and software developers that are key to their businesses. From a report: It's an expansion of GitHub's Sponsors program, which previously let individuals support software projects and the millions of developers who use the digital platform to collaborate on, share and store code. GitHub, whose parent company Microsoft will also participate in the new service announced Tuesday, expects the change to dramatically increase the number of contributions. The year-old sponsors service has already generated enough money for some developers to rely on it as full-time work, said Devon Zuegel, GitHub's director of product for the communities department.

Read more of this story at Slashdot.

The RAF has now released footage from its low-level reconnaissance flight over the giant A68a.

Despite several efforts from carriers, telecom regulators, mobile operating system developers, smartphone makers, and a global pandemic, spam calls continued to pester and scam people around the globe this year -- and they only got worse. From a report: Users worldwide received 31.3 billion spam calls between January and October this year, up from 26 billion during the same period last year, and 17.7 billion the year prior, according to Stockholm-headquartered firm Truecaller. The firm, best known for its caller ID app, estimated that an average American received 28.4 spam calls a month this year, up from 18.2 last year. As a result, And with 49.9 spam calls per user a month, up from an already alarming 45.6 figure last year, Brazil remained the worst impacted nation to spam calls, the firm said in its yearly report on the subject. The coronavirus pandemic, however, lowered the volume of spam calls users had to field in several markets, including India, which topped Truecaller's chart for the worst nation affected three years ago. The nation, the biggest market of Truecaller, dropped to the 9th position on the chart this year with 16.8 monthly spam calls per user, down from 25.6 last year.

Read more of this story at Slashdot.

Despite several efforts from carriers, telecom regulators, mobile operating system developers, smartphone makers, and a global pandemic, spam calls continued to pester and scam people around the globe this year -- and they only got worse. From a report: Users worldwide received 31.3 billion spam calls between January and October this year, up from 26 billion during the same period last year, and 17.7 billion the year prior, according to Stockholm-headquartered firm Truecaller. The firm, best known for its caller ID app, estimated that an average American received 28.4 spam calls a month this year, up from 18.2 last year. As a result, And with 49.9 spam calls per user a month, up from an already alarming 45.6 figure last year, Brazil remained the worst impacted nation to spam calls, the firm said in its yearly report on the subject. The coronavirus pandemic, however, lowered the volume of spam calls users had to field in several markets, including India, which topped Truecaller's chart for the worst nation affected three years ago. The nation, the biggest market of Truecaller, dropped to the 9th position on the chart this year with 16.8 monthly spam calls per user, down from 25.6 last year.

Read more of this story at Slashdot.

A French judge has sentenced the founder of the now-defunct BTC-e cryptocurrency exchange to five years in prison and a fine of $121,000 for laundering funds for cybercriminals, including ransomware gangs, ZDNet France reported today. From the report: Alexander Vinnik, 41, a Russian national, dodged a bigger sentence after French prosecutors failed to prove that the BTC-e founder was directly involved in the creation and the distribution of Locky, a ransomware strain that was active in 2016 and 2017. "Mr. Vinnik, the court acquitted you of the offenses relating to the cyber-attacks linked to Locky, as well as the offenses of extortion and association to criminal activities, but finds you guilty of organized money laundering," the judge said when reading the sentence. innik was trialed in Paris this fall after a long and complicated legal battle. He was initially arrested in July 2017 while vacationing in a summer resort in northern Greece. He was taken into custody by Greek police under an international warrant issued by the US for his involvement in running BTC-e, a cryptocurrency exchange that Vinnik founded in 2011, together with fellow Russian national Aleksandr Bilyuchenko. US authorities said Vinnik operated BTC-e as a front company for a money-laundering operation, knowingly receiving funds from hacks and other forms of cybercrime and helping crooks cash out stolen funds into fiat currency.

Read more of this story at Slashdot.