10 interesting stories served every morning and every evening.




1 984 shares, 38 trendiness

Artemis II crew now halfway to Moon as they take 'spectacular' image of Earth

Artemis II is now on a loop­ing path that will carry the crew around the far side of the Moon and back again. It is the first time since 1972 that hu­mans have trav­elled out­side the Earth’s or­bit.

...

Read the original on www.bbc.com »

2 510 shares, 21 trendiness

The FAA’s “Temporary” Flight Restriction for Drones is a Blatant Attempt to Criminalize Filming ICE

Legal in­tern Raj Gambhir was the prin­ci­pal au­thor of this post.

The Trump ad­min­is­tra­tion has re­stricted the First Amendment right to record law en­force­ment by is­su­ing an un­prece­dented na­tion­wide flight re­stric­tion pre­vent­ing pri­vate drone op­er­a­tors, in­clud­ing pro­fes­sional and cit­i­zen jour­nal­ists, from fly­ing drones within half a mile of any ICE or CBP ve­hi­cle.

In January, EFF and me­dia or­ga­ni­za­tions in­clud­ing The New York Times and The Washington Post re­sponded to this bla­tant in­fringe­ment of the First Amendment by de­mand­ing that the FAA lift this flight re­stric­tion. Over two months later, we’re still wait­ing for the FAA to re­spond to our let­ter.

The First Amendment guar­an­tees the right to record law en­force­ment. As we have seen with the ex­tra­ju­di­cial killings of George Floyd, Renée Good, and Alex Pretti, cap­tur­ing law en­force­ment on cam­era can drive ac­count­abil­ity and raise aware­ness of po­lice mis­con­duct.

The FAA reg­u­larly is­sues tem­po­rary flight re­stric­tions (TFRs) to pre­vent peo­ple from fly­ing into des­ig­nated air­space. TFRs are usu­ally is­sued dur­ing nat­ural dis­as­ters, or to pro­tect ma­jor sport­ing events and gov­ern­ment of­fi­cials like the pres­i­dent, and in most cases last mere hours.

Not so with the re­stric­tion num­bered FDC 6/4375, which started on January 16, 2026. This TFR lasts for 21 months—un­til October 29, 2027—and cov­ers the en­tire na­tion. It pre­vents any per­son from fly­ing any un­manned air­craft (i.e., a drone) within 3000 feet, mea­sured hor­i­zon­tally, of any of the facilities and mo­bile as­sets,” in­clud­ing ground ve­hi­cle con­voys and their as­so­ci­ated es­corts,” of the Departments of Defense, Energy, Justice, and Homeland Security. Violators can be sub­ject to crim­i­nal and civil penal­ties, and risk hav­ing their drones seized or de­stroyed.

In prac­ti­cal terms, this TFR means that any­one fly­ing their drone within a half mile of an ICE or CBP agen­t’s car (a DHS mobile as­set”) is li­able to face crim­i­nal charges and have their drone shot down. The prac­ti­cal un­fair­ness of this TFR is un­der­scored by the fact that im­mi­gra­tion agents of­ten use un­marked rental cars, use cars with­out li­cense plates, or switch the li­cense plates of their cars to carry out their op­er­a­tions. Nor do they pro­vide prior warn­ing of those op­er­a­tions.

While the FAA as­serts that the TFR is grounded in its law­ful au­thor­ity, the flight re­stric­tion not only vi­o­lates mul­ti­ple con­sti­tu­tional rights, but also the agen­cy’s own reg­u­la­tions.

First Amendment vi­o­la­tion. As we high­lighted in the let­ter, nearly every fed­eral ap­peals court has rec­og­nized the First Amendment right of Americans to record law en­force­ment of­fi­cers per­form­ing their of­fi­cial du­ties. By sub­ject­ing drone op­er­a­tors to crim­i­nal and civil penal­ties, along with the po­ten­tial de­struc­tion or seizure of their drone, the TFR pun­ishes—with­out the re­quired jus­ti­fi­ca­tions—law­ful record­ing of law en­force­ment of­fi­cers, in­clud­ing im­mi­gra­tion agents.

Fifth Amendment vi­o­la­tion. The Fifth Amendment guar­an­tees the right to due process, which in­cludes be­ing given fair no­tice be­fore be­ing de­prived of lib­erty or prop­erty by the gov­ern­ment. Under the flight re­stric­tion, ad­vanced no­tice is­n’t even pos­si­ble. As dis­cussed above, drone op­er­a­tors can’t know whether they are within 3000 hor­i­zon­tal feet of un­marked DHS ve­hi­cles. Yet the TFR al­lows the gov­ern­ment to cap­ture or even shoot down a drone if it flies within the TFR ra­dius, and to im­pose crim­i­nal and civil penal­ties on the op­er­a­tor.

Violations of FAA reg­u­la­tions. In is­su­ing a TFR, the FAAs own reg­u­la­tions re­quire the agency to specify[] the haz­ard or con­di­tion re­quir­ing” the re­stric­tion. Furthermore, the FAA must pro­vide ac­cred­ited news rep­re­sen­ta­tives with a point of con­tact to ob­tain per­mis­sion to fly drones within the re­stricted area. The FAA has sat­is­fied nei­ther of these re­quire­ments in is­su­ing its na­tion­wide ban on drones get­ting near gov­ern­ment ve­hi­cles.

We don’t be­lieve it’s a co­in­ci­dence that the TFR was put in place in January 2026, at the height of the Minneapolis anti-ICE protests, shortly af­ter the killing of Renée Good and shortly be­fore the shoot­ing of Alex Pretti. After both of those tragedies, civil­ian record­ings played a vi­tal role in con­tra­dict­ing the gov­ern­men­t’s false ac­count of the events.

By pun­ish­ing civil­ians for record­ing fed­eral law en­force­ment of­fi­cers, the TFR helps to shield ICE and other im­mi­gra­tion agents from scrutiny and ac­count­abil­ity. It also dis­cour­ages the ex­er­cise of a key First Amendment right. EFF has long ad­vo­cated for the right to record the po­lice, and ex­er­cis­ing that right to­day is more im­por­tant than ever.

Finally, while record­ing law en­force­ment is pro­tected by the First Amendment, be aware that of­fi­cers may re­tal­i­ate against you for ex­er­cis­ing this right. Please re­fer to our guid­ance on safely record­ing law en­force­ment ac­tiv­i­ties.

...

Read the original on www.eff.org »

3 510 shares, 92 trendiness

Meta stole Sarah Wynn-Williams’s voice. It couldn’t stop her exposé

My phone beeped. It was 10pm in the mid­dle of a busy week in book pub­lish­ing — London Book Fair 2025. My col­leagues were alert­ing me to a tweet by Andy Stone, a spokesman at Meta (formerly Facebook). It was short and to the point: This rul­ing af­firms that Sarah Wynn-Williams’s false and defam­a­tory book should never have been pub­lished.”

The book in ques­tion was Careless People, a grip­ping and ex­plo­sive ac­count of Sarah’s time work­ing at Facebook as di­rec­tor of global pub­lic pol­icy from 2011 to 2017. The ruling” to which Stone re­ferred was made by a US ar­bi­tra­tor af­ter Meta sought an in­junc­tion, ban­ning Sarah from pro­mot­ing her own book or say­ing any­thing neg­a­tive about Meta, po­ten­tially for ever.

I am Sarah’s ed­i­tor at Pan Macmillan. Like all pub­lish­ers, I typ­i­cally work be­hind the scenes to am­plify the voices of our au­thors. I am only writ­ing this be­cause she can­not.

The day af­ter Stone’s March 12 tweet, Careless People was due to be re­leased in the UK. Drawing on doc­u­men­tary ev­i­dence, it de­tails a stag­ger­ing range of al­le­ga­tions, in­clud­ing sex­ual ha­rass­ment, the de­lib­er­ate ma­nip­u­la­tion of vul­ner­a­ble teenagers and the com­pa­ny’s al­leged com­plic­ity in geno­cide. It also ac­cuses Facebook of hypocrisy re­gard­ing cen­sor­ship, al­leg­ing the com­pany worked hand in glove” with the Chinese Communist Party. But it was per­haps the per­sonal por­traits of top ex­ec­u­tives that were most damn­ing.

The rul­ing, awarded with­out proper no­tice by an emer­gency ar­bi­tra­tor (a non-court me­di­a­tor that is part of the American Arbitration Association), ac­tu­ally said noth­ing about the truth or oth­er­wise of Sarah’s dev­as­tat­ing claims in her book. It made no men­tion of defama­tion. Instead, it re­lied on a non-dis­par­age­ment clause in her sev­er­ance agree­ment with Facebook to si­lence her. Which it did, from March 13, 2025, her pub­li­ca­tion day. We could still pub­lish the book, but our au­thor could not talk about it. Sarah was left in an un­prece­dented and un­en­vi­able po­si­tion for an au­thor, rem­i­nis­cent of an Orwellian night­mare. Today, she has to po­lice her own speech, fac­ing fines of $50,000 for every state­ment that could be seen to be negative or oth­er­wise detri­men­tal” to Meta.

Despite her re­sid­ing in the UK, the terms of the or­der are so broad that they ex­tend to the pri­vacy of her own home, even when speak­ing to her own fam­ily. The $50,000 fines could ap­ply in­di­vid­u­ally to the many state­ments in her book too. She faces fi­nan­cial ruin from a multi-tril­lion-dol­lar com­pany seek­ing mil­lions of dol­lars she does­n’t have, as part of the on­go­ing le­gal process which is yet to con­clude — and all for re­veal­ing in­for­ma­tion that is in the pub­lic in­ter­est. She is an award-win­ning, best­selling au­thor. But her voice has been taken away.

In some ways, Meta’s in­ter­ven­tion did us, as her pub­lish­ers, a favour. Careless People was al­ways likely to be a best­seller. But when read­ers re­alised that Meta was try­ing to sup­press it, the book be­came a global phe­nom­e­non. To date we’ve sold al­most 200,000 copies. It has re­ceived rave re­views and cre­ated a me­dia firestorm for its rev­e­la­tions. But also be­cause of the bit­ter irony in Meta’s le­gal ac­tion to si­lence Sarah.

In January 2025, only a few months be­fore it was pub­lished, chief ex­ec­u­tive Mark Zuckerberg had stated that it was time to get back to our roots around free ex­pres­sion”. They had aban­doned the use of in­de­pen­dent fact-check­ers, claim­ing they were bi­ased and en­cour­aged cen­sor­ship. Yet, in truth, free speech only mat­tered when it was­n’t used to in­ter­ro­gate Meta it­self.

Companies like Meta are wealth­ier than some coun­tries and more pow­er­ful too. They own the tech­nol­ogy be­hind the mod­ern world. We have pub­lished books about highly in­flu­en­tial in­di­vid­u­als be­fore and, in my ex­pe­ri­ence, they tend not to like it and have well re­sourced le­gal teams be­hind them. But Meta’s lead­er­ship had a dif­fer­ent level of power. So Careless People was brought to pub­li­ca­tion in an aura of se­crecy and (it turns out jus­ti­fied) para­noia.

A very small team worked on the book. We com­mu­ni­cated on en­crypted chan­nels and when­ever it was dis­cussed, those not in­volved had to leave the room. There was a ru­mour in our of­fice that it might be Taylor Swift’s mem­oir. Sarah did­n’t even tell her mum she had writ­ten it be­fore the news was made pub­lic.

Usually, we an­nounce our books to re­tail­ers many months in ad­vance. This is so they can build pre-or­ders and sort the lo­gis­tics of get­ting them to book­shops in good time. After all, they deal with thou­sands of new ti­tles re­leased every week. With Careless People, the months rolled by and yet we kept de­lay­ing our an­nounce­ment, con­scious of po­ten­tial at­tempts to quash it. Our in­cred­i­ble sales team man­aged to con­vince re­tail­ers — in­clud­ing a num­ber of su­per­mar­kets — to stock the book with­out even telling them what it was, but re­tail­ers’ pa­tience had lim­its. When we fi­nally did an­nounce the book, it was just a week be­fore pub­li­ca­tion (again un­prece­dented) and we had no idea what to ex­pect.

Sarah went on a pub­lic­ity blitz. She did her first and only print in­ter­view with Rosamund Urwin for this pa­per. In a whirl­wind 24 hours, she jet­ted off to New York for an in­ter­view with NBC, fly­ing back overnight for an in­ter­view the fol­low­ing day with the BBC in our of­fices. She had­n’t slept and ar­rived straight from the air­port at dawn. One of the world’s most sig­nif­i­cant whistle­blow­ers show­ered in our base­ment and used a tote bag from our chil­dren’s de­part­ment as a towel. Who says that pub­lish­ing is­n’t glam­orous?

But the pub­lic­ity tour stopped only a week af­ter it had be­gun, on the day of our pub­li­ca­tion and the rul­ing. The au­dio­book, recorded in se­cret be­fore the gag or­der took ef­fect, soon be­came the only way to hear Sarah speak. And the book? Well, Meta’s spokesman, Stone, called it a mix of out-of-date and pre­vi­ously re­ported claims about the com­pany and false ac­cu­sa­tions about our ex­ec­u­tives”. Yet not every­one agreed.

In April 2025, Sarah was called to give ev­i­dence to a US Senate sub­com­mit­tee, al­leg­ing that she saw Meta ex­ec­u­tives repeatedly un­der­mine US na­tional se­cu­rity and be­tray American val­ues” by pro­vid­ing the Chinese Communist Party with ac­cess to the data of Meta users. The chair­man, Republican Senator Josh Hawley, con­cluded the hear­ing by say­ing: I have a mes­sage to Mark Zuckerberg, as well. It’s time for you to tell the truth. You should come to this com­mit­tee and take an oath and sit where Ms Wynn-Williams is sit­ting now and an­swer this ev­i­dence. Stop try­ing to si­lence her.” He is yet to ap­pear al­most a year later.

In the UK, Careless People was also sent to all MPs by the Molly Rose Foundation, a char­ity set up to pre­vent sui­cide in peo­ple un­der 25. Its chief ex­ec­u­tive Andy Burrows said: Her claims that Meta cyn­i­cally ex­ploited the well­be­ing of teenage girls to grow its ad­ver­tis­ing rev­enue will deeply dis­turb par­ents and put the con­duct of Meta’s lead­er­ship un­der the spot­light.”

Last Wednesday, Mark Zuckerberg was forced to give ev­i­dence in a land­mark so­cial me­dia ad­dic­tion trial in Los Angeles, which has the po­ten­tial to set new prece­dents, hold­ing so­cial me­dia com­pa­nies legally re­spon­si­ble for their im­pact on chil­dren and ado­les­cents.

While Zuckerberg de­fends his record in court, Sarah sits in London, legally gagged. She can­not com­ment on the trial. She can­not dis­cuss the very book that helped spark this global con­ver­sa­tion. With the pa­per­back to come out this Thursday, Sarah’s fate re­mains un­cer­tain and the le­gal process rum­bles on slowly in the US. Yet she re­tains her fight­ing spirit, as well as the dry hu­mour that is richly on dis­play in Careless People. I feel hugely ho­n­oured to have worked with her and have gained a new ap­pre­ci­a­tion of the per­sonal sac­ri­fices that whistle­blow­ers make for the greater good.

Careless People ex­posed what Sarah termed a cul­ture of lethal care­less­ness”. Meta’s re­sponse —ruthless and chill­ing — proved her point bet­ter than any mar­ket­ing cam­paign ever could. But while they have stopped her from speak­ing, they could not stop you from read­ing. And that is why books that hold power to ac­count are more im­por­tant than ever.

Mike Harpley is pub­lisher, non-fic­tion at Pan, part of Pan Macmillan, and the ed­i­tor of Careless People: A Story of Where I Used to Work by Sarah Wynn-Williams, pub­lished in pa­per­back by Pan on February 26, £10.99.

Careless People by Sarah Wynn-Williams (Pan Macmillan £10.99). To or­der a copy go to times­book­shop.co.uk. Free UK stan­dard P&P on or­ders over £25. Special dis­count avail­able for Times+ mem­bers.

...

Read the original on www.thetimes.com »

4 500 shares, 17 trendiness

Oracle Files Thousands of H-1B Visa Petitions Amid Mass Layoffs

Federal data shows the tech gi­ant filed for over 3,000 for­eign worker visas as it cuts thou­sands of American jobs.

Federal data shows the tech gi­ant filed for over 3,000 for­eign worker visas as it cuts thou­sands of American jobs.

Submit your up­dates here. ›

Oracle, the soft­ware com­pany head­quar­tered in Austin, Texas, has filed thou­sands of pe­ti­tions for H-1B visas in the past two fis­cal years, even as it lays off thou­sands of American work­ers as part of a broader or­ga­ni­za­tional shift. Federal data shows Oracle filed for 2,690 H-1B visas in fis­cal year 2025 and 436 so far in fis­cal year 2026, to­tal­ing over 3,100 visa re­quests.

The H-1B visa pro­gram al­lows com­pa­nies to tem­porar­ily em­ploy for­eign work­ers with spe­cial­ized skills, of­ten in the tech in­dus­try. Critics ar­gue the pro­gram is used to re­place American work­ers with cheaper for­eign la­bor, while sup­port­ers say it helps fill cru­cial tal­ent gaps. Oracle’s visa fil­ings amid mass lay­offs raise ques­tions about the com­pa­ny’s mo­ti­va­tions and the broader de­bate over the H-1B pro­gram’s im­pact on the American work­force.

According to U. S. Citizenship and Immigration Services data, Oracle America Inc. filed for 2,690 H-1B visas for fis­cal year 2025 and 436 so far for fis­cal year 2026. This comes as Oracle re­port­edly be­gan lay­ing off thou­sands of em­ploy­ees this week, with work­ers re­ceiv­ing let­ters stat­ing today is your last work­ing day.’ The com­pany has not pro­vided pub­lic com­ment on the lay­offs or the H-1B visa fil­ings.

* Oracle filed for 2,690 H-1B visas for fis­cal year 2025, which cov­ers October 1, 2024 to September 30, 2025.

* Oracle filed for 436 H-1B visas so far for fis­cal year 2026, which runs from October 1, 2025 to September 30, 2026.

The full im­pact of Oracle’s lay­offs and H-1B visa fil­ings re­mains to be seen, as the com­pany has not pro­vided de­tailed pub­lic com­ment on its work­force changes and for­eign worker hir­ing plans.

The take­away

Oracle’s ac­tions raise con­cerns about the com­pany po­ten­tially re­plac­ing American work­ers with cheaper for­eign la­bor through the H-1B visa pro­gram, even as it un­der­goes a ma­jor or­ga­ni­za­tional shift. This case high­lights the on­go­ing de­bate over the H-1B pro­gram’s im­pact on the U.S. work­force and the need for greater trans­parency from com­pa­nies uti­liz­ing the pro­gram.

...

Read the original on nationaltoday.com »

5 489 shares, 14 trendiness

CVE-2026-33579

You have JavaScript dis­abled. This site re­quires JavaScript to be en­abled for com­plete site func­tion­al­ity.

An of­fi­cial web­site of the United States gov­ern­ment

Here’s how you know

Official web­sites use .gov A .gov web­site be­longs to an of­fi­cial gov­ern­ment or­ga­ni­za­tion in the United States.

Secure .gov web­sites use HTTPS A lock () or https:// means you’ve safely con­nected to the .gov web­site. Share sen­si­tive in­for­ma­tion only on of­fi­cial, se­cure web­sites.

You have JavaScript dis­abled. This site re­quires JavaScript to be en­abled for com­plete site func­tion­al­ity.

An of­fi­cial web­site of the United States gov­ern­ment

Here’s how you know

Official web­sites use .gov A .gov web­site be­longs to an of­fi­cial gov­ern­ment or­ga­ni­za­tion in the United States.

Secure .gov web­sites use HTTPS A lock () or https:// means you’ve safely con­nected to the .gov web­site. Share sen­si­tive in­for­ma­tion only on of­fi­cial, se­cure web­sites.

OpenClaw be­fore 2026.3.28 con­tains a priv­i­lege es­ca­la­tion vul­ner­a­bil­ity in the /pair ap­prove com­mand path that fails to for­ward caller scopes into the core ap­proval check. A caller with pair­ing priv­i­leges but with­out ad­min priv­i­leges can ap­prove pend­ing de­vice re­quests ask­ing for broader scopes in­clud­ing ad­min ac­cess by ex­ploit­ing the miss­ing scope val­i­da­tion in ex­ten­sions/​de­vice-pair/​in­dex.ts and src/​in­fra/​de­vice-pair­ing.ts.

NVD en­rich­ment ef­forts ref­er­ence pub­licly avail­able in­for­ma­tion to as­so­ci­ate

vec­tor strings. CVSS in­for­ma­tion con­tributed by other sources is also

dis­played.

CVSS 4.0 Severity and Vector Strings:

Denotes Vulnerable Software

Are we miss­ing a CPE here? Please let us know.

OpenClaw be­fore 2026.3.28 con­tains a priv­i­lege es­ca­la­tion vul­ner­a­bil­ity in the /pair ap­prove com­mand path that fails to for­ward caller scopes into the core ap­proval check. A caller with pair­ing priv­i­leges but with­out ad­min priv­i­leges can ap­prove pend­ing de­vice re­quests ask­ing for broader scopes in­clud­ing ad­min ac­cess by ex­ploit­ing the miss­ing scope val­i­da­tion in ex­ten­sions/​de­vice-pair/​in­dex.ts and src/​in­fra/​de­vice-pair­ing.ts.

...

Read the original on nvd.nist.gov »

6 422 shares, 41 trendiness

Embarrassingly Simple Self-Distillation Improves Code Generation

...

Read the original on arxiv.org »

7 286 shares, 24 trendiness

Claude Code Found a Linux Vulnerability Hidden for 23 Years

Nicholas Carlini, a re­search sci­en­tist at Anthropic, re­ported at the [un]prompted AI se­cu­rity con­fer­ence that he used Claude Code to find mul­ti­ple re­motely ex­ploitable se­cu­rity vul­ner­a­bil­i­ties in the Linux ker­nel, in­clud­ing one that sat undis­cov­ered for 23 years.

Nicholas was as­ton­ished at how ef­fec­tive Claude Code has been at find­ing these bugs:

We now have a num­ber of re­motely ex­ploitable heap buffer over­flows in the Linux ker­nel. I have never found one of these in my life be­fore. This is very, very, very hard to do.With these lan­guage mod­els, I have a bunch.

What’s most sur­pris­ing about the vul­ner­a­bil­ity Nicholas shared is how lit­tle over­sight Claude Code needed to find the bug. He es­sen­tially just pointed Claude Code at the Linux ker­nel source code and asked, Where are the se­cu­rity vul­ner­a­bil­i­ties?”

Nicholas uses a sim­ple script sim­i­lar to the fol­low­ing:

The script tells Claude Code that the user is par­tic­i­pat­ing in a cap­ture the flag cy­ber­se­cu­rity com­pe­ti­tion, and they need help solv­ing a puz­zle.

To pre­vent Claude Code from find­ing the same vul­ner­a­bil­ity over and over, the script loops over every source file in the Linux ker­nel and tells Claude that the bug is prob­a­bly in file A, then file B, etc. un­til Claude has fo­cused on every file in the ker­nel.

In his talk, Nicholas fo­cused on a bug that Claude found in Linux’s net­work file share (NFS) dri­ver which al­lows an at­tacker to read sen­si­tive ker­nel mem­ory over the net­work.

Nicholas chose this bug to show that Claude Code is­n’t just find­ing ob­vi­ous bugs or look­ing for com­mon pat­terns. This bug re­quired the AI model to un­der­stand in­tri­cate de­tails of how the NFS pro­to­col works.

The at­tack re­quires an at­tacker to use two co­op­er­at­ing NFS clients to at­tack a Linux NFS server:

(1) - Client A does a three-way hand­shake with the NFS server to be­gin NFS op­er­a­tions.

(2) - Client A re­quests a lock file. The server ac­cepts, and the client ac­knowl­edges the ac­cep­tance.

(3) - Client A ac­quires the lock and de­clares a 1024-byte owner ID, which is an un­usu­ally long but le­gal value for the owner ID. The server grants the lock ac­qui­si­tion.

The at­tacker then spins up a sec­ond NFS client, Client B, to talk to the server:

(4) Client B does a three-way hand­shake with the NFS server to be­gin NFS op­er­a­tions, same as (1) above.

(5) Client B re­quests ac­cess to the same lock file as Client A from (2). The NFS server ac­cepts, and the client ac­knowl­edges the ac­cep­tance.

(6) Client B tries to ac­quire the lock, but the NFS server de­nies the re­quest be­cause client A al­ready holds the lock.

The prob­lem is that at step (6), when the NFS server tries to gen­er­ate a re­sponse to client B deny­ing the lock re­quest, it uses a mem­ory buffer that’s only 112 bytes. The de­nial mes­sage in­cludes the owner ID, which can be up to 1024 bytes, bring­ing the to­tal size of the mes­sage to 1056 bytes. The ker­nel writes 1056 bytes into a 112-byte buffer, mean­ing that the at­tacker can over­write ker­nel mem­ory with bytes they con­trol in the owner ID field from step (3).

Fun fact: Claude Code cre­ated the ASCII pro­to­col di­a­grams above as part of its ini­tial bug re­port.

This bug was in­tro­duced in the Linux ker­nel in March 2003:

The bug is so old, I can’t even link di­rectly to it be­cause it pre­dates git, which was­n’t re­leased un­til 2005.

Nicholas has found hun­dreds more po­ten­tial bugs in the Linux ker­nel, but the bot­tle­neck to fix­ing them is the man­ual step of hu­mans sort­ing through all of Claude’s find­ings:

I have so many bugs in the Linux ker­nel that I can’t re­port be­cause I haven’t val­i­dated them yet… I’m not go­ing to send [the Linux ker­nel main­tain­ers] po­ten­tial slop, but this means I now have sev­eral hun­dred crashes that they haven’t seen be­cause I haven’t had time to check them.

I searched the Linux ker­nel and found a to­tal of five Linux vul­ner­a­bil­i­ties so far that Nicholas ei­ther fixed di­rectly or re­ported to the Linux ker­nel main­tain­ers, some as re­cently as last week:

What’s strik­ing about Nicholas’ talk was how rapidly large lan­guage mod­els have im­proved at find­ing vul­ner­a­bil­i­ties. Nicholas found these bugs us­ing Claude Opus 4.6, which Anthropic re­leased less than two months ago. He tried to re­pro­duce his re­sults on older AI mod­els, and dis­cov­ered that Opus 4.1 (released eight months ago) and Sonnet 4.5 (released six months ago) could find only a small frac­tion of what Nicholas found us­ing Opus 4.6:

I ex­pect to see an enor­mous wave of se­cu­rity bugs un­cov­ered in the com­ing months, as re­searchers and at­tack­ers alike re­al­ize how pow­er­ful these AI mod­els are at dis­cov­er­ing se­cu­rity vul­ner­a­bil­i­ties.

...

Read the original on mtlynch.io »

8 259 shares, 44 trendiness

German men need military permit for extended stays abroad

A new mil­i­tary ser­vice law took ef­fect in Germany at the start of 2026 aimed at boost­ing the strength of the armed forces amid threats to European se­cu­rity in the wake of Russia’s on­go­ing war against Ukraine.

The leg­is­la­tion was con­tentious and many peo­ple even took to the streets to protest the po­ten­tial rein­tro­duc­tion of manda­tory mil­i­tary ser­vice — af­ter con­scrip­tion was sus­pended in 2011 — for men.

But an­other pro­vi­sion in the law has so far gone largely un­no­ticed.

It re­lates to a re­quire­ment for men be­tween the ages of 18 and 46 to obtain an ap­proval from the rel­e­vant Bundeswehr Career Center if they wish to leave the Federal Republic of Germany for more than three months.”

The Frankfurter Rundschau, which re­ported on the pro­vi­sion on Friday, said the rule would ap­ply re­gard­less of whether a German man planned a se­mes­ter of study­ing abroad, work­ing in a for­eign coun­try or go­ing on a back­pack­ing trip around the world.”

A Bundeswehr spokesperson con­firmed the re­port, telling the DPA news agency that in the event of a war break­ing out, the mil­i­tary needed to know how many men were liv­ing long-term out­side the coun­try.

While the law re­quires men to re­quest the per­mit, the spokesper­son clar­i­fied, it also obliges the mil­i­tary ca­reer cen­ter to is­sue it, if no spe­cific mil­i­tary ser­vice is ex­pected dur­ing the pe­riod in ques­tion.”

Since mil­i­tary ser­vice un­der cur­rent law is based ex­clu­sively on vol­un­tary par­tic­i­pa­tion, such per­mis­sions must gen­er­ally be granted,” the of­fi­cial added.

Acknowledging the profound” im­pact of the amended con­scrip­tion law, the Defense Ministry said it is work­ing on new rules for ex­cep­tions to the exit per­mit re­quire­ment.

It’s un­clear what con­se­quences men who leave the coun­try for longer than three months with­out the proper per­mit will face.

When asked, the min­istry spokesper­son pointed out that the reg­u­la­tion was al­ready in place dur­ing the Cold War and had no prac­ti­cal rel­e­vance; in par­tic­u­lar, there are no penal­ties for vi­o­lat­ing it.”

The new law that took ef­fect on January 1, the so-called Military Service Modernization Act, aims to raise the num­ber of ac­tive-duty sol­diers from roughly 180,000 men and women at pre­sent to 260,000 by 2035.

The leg­is­la­tion laid down the path to reach that goal.

After heated de­bates, they fi­nally agreed on a com­pro­mise, de­cid­ing that mil­i­tary ser­vice would re­main vol­un­tary for the time be­ing.

At the same time, start­ing from this year, all men turn­ing 18 will have to fill out a form an­swer­ing ques­tions about their ed­u­ca­tion, health sta­tus and will­ing­ness to serve in the armed forces.

For women, an­swer­ing the ques­tions is vol­un­tary, as they can­not be re­quired to per­form mil­i­tary ser­vice un­der the Constitution.

From mid-2027, all men turn­ing 18 will also be re­quired to ap­pear for a fit­ness test to de­ter­mine who could be drafted in the event of con­flict — a highly con­tro­ver­sial mea­sure that has been slammed by crit­ics as a first step to­wards full con­scrip­tion.

...

Read the original on www.dw.com »

9 253 shares, 13 trendiness

Gold overtakes U.S. Treasuries as the world’s largest foreign reserve asset in 2026 — can gold challenge the U.S. dollar’s dominance and hold its ground?

››››Gold over­takes U. S. Treasuries as the world’s largest for­eign re­serve as­set in 2026 — can gold chal­lenge the U.S. dol­lar’s dom­i­nance and hold its ground?

The Economic Times daily news­pa­per is avail­able on­line now.

Gold over­takes U. S. Treasuries as the world’s largest for­eign re­serve as­set in 2026 — can gold chal­lenge the U.S. dol­lar’s dom­i­nance and hold its ground?Gold over­takes U.S. Treasuries as the world’s largest for­eign re­serve as­set in 2026: Gold has crossed a his­toric mile­stone. In 2026, it over­took U.S. Treasuries to be­come the world’s largest for­eign re­serve as­set by value. Central banks now hold close to $4 tril­lion worth of gold, dri­ven by record buy­ing and a sharp price rally above $4,500 an ounce in 2025. According to data tracked by the World Gold Council, of­fi­cial gold re­serves reached roughly 36,000 met­ric tons by early 2026. At cur­rent prices, that stock­pile is now worth more than for­eign-held U.S. Treasuries.Listen to this ar­ti­cle in sum­ma­rized for­mat­Gold over­takes U.S. Treasuries as the world’s largest for­eign re­serve as­set in 2026 — will gold de­throne the U.S. dol­lar as the global re­serve an­chor long term?Gold over­takes U.S. Treasuries as the world’s largest for­eign re­serve as­set in 2026: Gold has climbed past U.S. gov­ern­ment bonds to be­come the largest for­eign re­serve as­set held by cen­tral banks world­wide, mark­ing a ma­jor shift in global fi­nan­cial mar­kets. The to­tal value of gold held by for­eign of­fi­cial in­sti­tu­tions is now ap­proach­ing $4 tril­lion, ex­ceed­ing roughly $3.9 tril­lion in U.S. Treasury hold­ings for the first time since 1996.

The mile­stone comes amid a record rally in gold prices, broad­en­ing geopo­lit­i­cal risk, and ag­gres­sive bul­lion ac­cu­mu­la­tion by cen­tral banks. Gold ended 2025 up more than 70%, briefly top­ping $4,500 an ounce in late December be­fore main­tain­ing high lev­els in early January 2026.

The jour­ney to $4,500 gold was paved by global in­sta­bil­ity. Throughout 2025, es­ca­lat­ing Middle East ten­sions cre­ated a fear pre­mium” that in­vestors could not ig­nore. Conflict in key en­ergy cor­ri­dors re­minded the world of the fragility of the global sup­ply chain. Simultaneously, do­mes­tic pol­icy un­cer­tainty in the United States—ranging from debt ceil­ing de­bates to shifts in trade tar­iffs—shook con­fi­dence in the green­back.

Central bank gov­er­nors in emerg­ing mar­kets, par­tic­u­larly in Asia and Eastern Europe, were the pri­mary dri­vers of this de­mand. These in­sti­tu­tions added over 1,100 tonnes of gold to their vaults in 2025 alone. They viewed the metal as a crit­i­cal shield against in­fla­tion and po­ten­tial as­set freezes. As the U.S. na­tional debt crossed the $38 tril­lion thresh­old, the safe-haven” ap­peal of Treasuries weak­ened, leav­ing gold as the last stand­ing pil­lar of fi­nan­cial sta­bil­ity.

Central banks have been ac­cu­mu­lat­ing gold at per­sis­tent high lev­els over the past sev­eral years. Holdings now to­tal roughly 36,000–37,000 tonnes, plac­ing gold’s share of global of­fi­cial re­serves at around 25–27%, a his­toric high com­pared with Treasuries and ma­jor fiat cur­ren­cies.

This mas­sive ac­cu­mu­la­tion is dri­ven by sev­eral fac­tors:

Diversification away from dol­lar‑de­nom­i­nated as­sets amid fears of pol­icy un­pre­dictabil­ity and fis­cal strain in the United States.Safe‑haven de­mand in an era of grow­ing geopo­lit­i­cal ten­sion and mar­ket volatil­ity.Cen­tral banks from emerg­ing mar­kets and ad­vanced economies alike have joined the buy­ing trend. Nations such as China, India, Turkey, and Qatar reg­u­larly ap­pear among the top pur­chasers. In some cases, these pur­chases re­flect ef­forts to re­duce de­pen­dence on for­eign cur­rency re­serves that may be vul­ner­a­ble to sanc­tions or rapid ex­change‑rate swings.

Historically, cen­tral bank gold pur­chases av­er­aged around 473 tonnes an­nu­ally over much of the 2010s. Recent an­nual pur­chases have more than dou­bled that pace, sig­nal­ing a struc­tural shift in global re­serve man­age­ment.

Gold’s rise as a re­serve as­set has been re­in­forced by in­ten­si­fy­ing geopo­lit­i­cal flash­points world­wide, which have dri­ven safe‑haven de­mand from both of­fi­cial buy­ers and pri­vate in­vestors.

In 2025, re­newed con­flict be­tween Israel and Iran, in­clud­ing airstrikes and mil­i­tary es­ca­la­tions, pushed in­vestors to­ward gold. Safe‑haven bids emerged as mar­kets feared broader re­gional in­sta­bil­ity.

In early 2026, U.S. spe­cial forces cap­tured Venezuelan President Nicolás Maduro, height­en­ing geopo­lit­i­cal ten­sion and prompt­ing re­newed in­ter­est in gold and other havens. Precious met­als, in­clud­ing gold and sil­ver, saw sharp price ad­vances in the days fol­low­ing the op­er­a­tion.

Meanwhile, Iran is ex­pe­ri­enc­ing deep un­rest and eco­nomic tur­moil, with wide­spread protests and ris­ing in­fla­tion. These fac­tors are com­pound­ing risks in the Middle East and re­in­forc­ing gold’s role as a hedge against un­cer­tainty.

Analysts note that these con­di­tions — rather than any sin­gle event — are cu­mu­la­tively re­shap­ing re­serve strate­gies. When cen­tral banks per­ceive height­ened risk of con­flict, sanc­tions, or in­sta­bil­ity, they tend to boost hold­ings of as­sets with no coun­ter­party risk. Gold, un­like bonds or fiat cur­ren­cies, can­not de­fault or be frozen un­der sanc­tion regimes.

Despite this dra­matic shift, the U.S. dol­lar re­mains the world’s dom­i­nant re­serve cur­rency, ac­count­ing for an es­ti­mated 45–58% of to­tal for­eign ex­change re­serves de­pend­ing on val­u­a­tion meth­ods.

Gold’s over­tak­ing of Treasuries as a re­serve as­set does not yet mean it has sur­passed the dol­lar over­all, but it does high­light struc­tural shifts in how na­tions man­age risk and di­ver­si­fi­ca­tion.

Economists note that while Treasury se­cu­ri­ties re­main prized for liq­uid­ity and deep sec­ondary mar­kets, po­lit­i­cal po­lar­iza­tion, fis­cal deficits, and mon­e­tary pol­icy un­cer­tain­ties may be prompt­ing re­serve man­agers to re­duce ex­po­sure to debt in­stru­ments.

This trend is re­in­forced by fore­casts that safe-haven as­sets like gold are poised for con­tin­ued struc­tural de­mand in 2026 and be­yond. Recent es­ti­mates sug­gest gold prices could ap­proach or ex­ceed $4,800 per ounce on sus­tained cen­tral bank buy­ing and weaker dol­lar trends.

The shift in re­serve com­po­si­tion car­ries broad im­pli­ca­tions for fi­nan­cial mar­kets, in­vestors, and pol­i­cy­mak­ers:

Reserve di­ver­si­fi­ca­tion: Countries may opt for a bal­anced re­serve base in­clud­ing gold, Treasuries, and other as­sets to en­sure both liq­uid­ity and safety.Cur­rency mar­kets: Reduced re­liance on U.S. debt could grad­u­ally dampen de­mand for dol­lar-de­nom­i­nated se­cu­ri­ties, widen­ing global cur­rency di­ver­si­fi­ca­tion.In­fla­tion and in­ter­est rates: Persistent gold de­mand may in­di­cate cau­tious sen­ti­ment on in­fla­tion and real yields, in­flu­enc­ing cen­tral bank pol­icy.In­vestor psy­chol­ogy:Gold’s ris­ing sta­tus re­in­forces con­fi­dence in tra­di­tional store-of-value as­sets dur­ing times of un­cer­tainty.As we move deeper into 2026, the ques­tion is whether gold can hold its ground. Most mar­ket an­a­lysts be­lieve the rally has fur­ther to run. Forecasts from ma­jor in­vest­ment banks sug­gest gold could av­er­age $5,000 per ounce by the end of the year. The ra­tio­nale is sim­ple: the fac­tors that drove the 2025 surge—geopo­lit­i­cal fric­tion and high debt—have not been re­solved.

Sustained buy­ing is ex­pected to con­tinue as cen­tral banks aim for a 20% to 25% gold-to-re­serve ra­tio. Many de­vel­op­ing na­tions still hold less than 10% of their wealth in gold. If these coun­tries con­tinue their di­ver­si­fi­ca­tion strat­egy, the in­flux of cap­i­tal could keep prices el­e­vated for years. For the first time in the mod­ern era, gold is not just a backup; it is the pri­mary en­gine of global wealth preser­va­tion.

Q: Why has gold over­taken U.S. Treasuries as the largest for­eign re­serve as­set?

A: Foreign cen­tral banks now hold nearly $4 tril­lion in gold, ex­ceed­ing $3.9 tril­lion in Treasuries. Rising gold prices, geopo­lit­i­cal ten­sions, and di­ver­si­fi­ca­tion away from dol­lar as­sets are dri­ving this his­toric shift. Central banks aim to re­duce risk and pro­tect re­serves from fis­cal and geopo­lit­i­cal un­cer­tain­ties.

Q: Which coun­tries are lead­ing in gold re­serve ac­cu­mu­la­tion?

A: Major buy­ers in­clude China, India, Turkey, and Qatar, among oth­ers. Central banks have in­creased an­nual pur­chases to more than 900–1,000 tonnes, more than dou­ble the 2010s av­er­age. This re­flects a global trend of re­bal­anc­ing re­serves to­ward gold for sta­bil­ity and safe-haven pro­tec­tion.

(You can now sub­scribe to our Economic Times WhatsApp chan­nel)

Will gold re­tain its dom­i­nance as a global re­serve as­set af­ter de­thron­ing U.S. Treasuries tied to the dol­larGold sur­passes: US Treasuries global re­serves­Gold over­takes Treasuriesreserve as­set shift­cen­tral banks gold hold­ings 2026 Download The Economic Times News App to get Daily International News Updates.Will gold re­tain its dom­i­nance as a global re­serve as­set af­ter de­thron­ing U.S. Treasuries tied to the dol­larGold sur­passes: US Treasuries global re­serves­Gold over­takes Treasuriesreserve as­set shift­cen­tral banks gold hold­ings 2026 Download The Economic Times News App to get Daily International News Updates.Trump an­nounces Reliance in­vest­ment in new US oil re­fin­ery‘Priyanka as LoP would per­form bet­ter’: Rijiju swipes at RahulTuesday will be most in­tense day’ of strikes on Iran: HegsethHow to build a truly di­ver­si­fied port­fo­lio: TGT Episode 17Trump an­nounces Reliance in­vest­ment in new US oil re­fin­ery‘Priyanka as LoP would per­form bet­ter’: Rijiju swipes at RahulTuesday will be most in­tense day’ of strikes on Iran: HegsethHow to build a truly di­ver­si­fied port­fo­lio: TGT Episode 17Thought of the day by Jeffrey Gitomer: Change is not a four-let­ter word… but of­ten your re­ac­tion to it is!’Quote of the day by Abba Eban: History teaches us that men, na­tions, and the world be­have wisely when they ex­haust all other op­tions.’Will US get a new oil re­fin­ery for the first time in 50 years, and where will this fa­cil­ity come up? $300 bil­lion re­fin­ery plan ex­plained. Here’s why the an­nounce­ment is hap­pen­ing now­Nancy Guthrie dis­ap­pear­ance case is go­ing cold or a break­through is com­ing? Neighbor sight­ing, FBI in­ves­ti­ga­tion and clues raise ques­tions in miss­ing Tucson mother case­Has Iran planted mines in Strait of Hormuz, and who will win con­trol of the cru­cial sea pas­sage? Here’s why is strait im­por­tant for oil and LNGHappy New Year 2026 WishesYouTube and Google down­Quote of the Day by Warren BuffettFIFA peace prize­Sil­ver Price2026 Social SecurityWhy is gold down to­day?So­cial Security COLA in­crease for 2026Quote of the Day by Johnny Depp: If you love two peo­ple at the same time, choose the sec­ond. Because if you re­ally loved the first one, you would­n’t have fallen for the sec­ond.”So­cial Security Administration cuts key ser­vice for mil­lions as na­tion­wide changes be­gin to­dayAmer­ica could be the un­ex­pected eco­nomic win­ner of the Iran war­Job­less for 16 months, 38-year-old says ca­reer strug­gle cost him his health and mar­riage - story sparks de­bate on work­place ageis­mQuote of the Day by Elvis Presley : Just be­cause you look good, does­n’t mean you…’

...

Read the original on m.economictimes.com »

10 247 shares, 75 trendiness

Mvidia

...

Read the original on jaso1024.com »

To add this web app to your iOS home screen tap the share button and select "Add to the Home Screen".

10HN is also available as an iOS App

If you visit 10HN only rarely, check out the the best articles from the past week.

If you like 10HN please leave feedback and share

Visit pancik.com for more.