Tag

Open Source

All articles tagged with #open source

security2 hours ago•5 min saved

Critical Starlette flaw threatens Python AI tooling ecosystem

A critical vulnerability named BadHost (CVE-2026-48710) in Starlette (versions before 1.0.1) can bypass host-header authentication, enabling SSRF and potential remote code execution; it endangers millions of servers and AI tooling that rely on Starlette via FastAPI, including vLLM, LiteLLM, and Text Generation Inference, given Starlette’s ~325 million weekly downloads. Security researchers from X41 D-Sec and Nemesis warn the flaw is widespread, with a scanner available to detect exposed systems. Users should upgrade Starlette and apply recommended mitigations.

via Ars Technica|

#fastapi #open-source #security

world4 hours ago•5 min saved

AI isn’t ready to take over medical literature reviews

A Nature World View piece argues that AI tools, while being explored to speed up health-related literature reviews, are not yet reliable enough to replace human experts. AI can replicate steps like study identification, data extraction, and writing, but meaningful review questions, relevance assessment, and interpretation require human judgment. AI models can hallucinate and lack the necessary context, and many tools are private/black-box, raising independence and bias concerns. Training times are long and current workflows often take longer than manual reviews. The author advocates building cooperative human–AI systems rather than generating entire reviews, to safeguard accuracy and policy relevance.

via Nature|

#artificial-intelligence #cochrane-collaboration #evidence-synthesis

technology19 hours ago•11 min saved

Open-source z386 Reconstructs the 80386 in FPGA Using Original Microcode

The z386 project reproduces Intel’s 80386 CPU on FPGA by executing the original microcode, achieving about 70 MHz i386-equivalent with paging and protected mode support on boards like Cyclone V and Gowin GW5A, prioritizing archaeological fidelity of the original hardware over peak performance and enabling classic software such as DOOM.

via Hackaday|

#fpga #i386 #open-source

technology1 day ago•2 min saved

AB-1856 Could Shield Most Linux Distros From California's Age-Verification Law

AB-1856 would adjust California's age-verification law to exempt most open-source Linux distributions by redefining 'operating system provider' and 'application' to exclude copiable/redistributable software and non-standalone app-store components; if enacted, the vast majority of Linux distros would be spared when the law takes effect in 2027, though SteamOS and other proprietary-app platforms could remain affected; committee reviews were underway with a potential June vote.

via Phoronix|

#ab-1856 #age-verification #california

technology1 day ago•5 min saved

Guardrails stripped in minutes: open-source AI yields dangerous outputs

FT and AI safety researchers found that tools like Heretic can remove safety guardrails from open-source AI models (e.g., Meta’s Llama 3.3) in minutes, enabling dangerous prompts about biological weapons, malware, and child exploitation; Google’s Gemma models were also shown to produce unsafe results. The spread of modified models complicates regulation and highlights risks as decensored versions become widely accessible beyond their original developers.

via Financial Times|

#ai-safety #artificial-intelligence #google-llc

technology2 days ago•3 min saved

Intel Phases Out More Open-Source Projects, Archiving OBS Plugin and CVE Tool

Intel has issued archival notices for additional open-source projects, sunsetting items such as the Thunderbolt Share OBS Studio plugin, the CVE Binary Tool, and other efforts including SMTA, Intel Trusted Ledger Config Store, SCAP, and Self-Governed Remote Attestation. One project was briefly archived and later un-retired due to miscommunication. Despite these wind-downs, Intel remains a major OSS contributor, continuing to focus on core areas like compilers and the Linux kernel.

via Phoronix|

#cve-binary-tool #intel #obs-studio

technology3 days ago•12 min saved

HID Remapper Extends Steam Controller Usability Beyond Steam

A May 20 update to HID Remapper adds full Steam Controller support, enabling inputs to work outside Steam on Windows and Linux and making the controller compatible with Nintendo Switch, Android devices, and Xbox Series consoles. All inputs—including trackpads, touch sensors, and accelerometer/gyro—are usable, and there are DIY converter files plus inexpensive pre-built options (as low as about $17.50), though you may need to flash firmware or assemble an enclosure.

via TechPowerUp|

#cross-platform #gaming-hardware #hid-remapper

technology3 days ago•9 min saved

Flipper One Team Calls for Community Help to Build an Open Linux Cyberdeck

The Flipper One development team is seeking community help to build a distinct ARM-based Linux cyberdeck, designed to be open and well-documented with high-speed interfaces (PCIe, USB 3.0, SATA, Gigabit Ethernet) and network-focused capabilities (Wi‑Fi, 5G, Ethernet), including GUI wrappers around traditional Linux utilities; join via the Flipper One Development Portal.

via Hackaday|

#cyberdeck #flipper #flipper-one

technology5 days ago•4 min saved

TeamPCP’s Open-Source Poisoning Escalates Into a Global, Ongoing Threat

A cybercrime group known as TeamPCP has intensified software supply-chain attacks by poisoning hundreds of open-source tools, turning legitimate code into a foothold for extortion, with GitHub among the victims—signaling a shift from rare incidents to an ongoing, widespread threat in software security.

via WIRED|

#cybersecurity #github #open-source

technology5 days ago•9 min saved

Torvalds: AI is a powerful tool, not a replacement for programmers

Linus Torvalds says AI tools are reshaping Linux development by increasing commits and lowering entry barriers, but they also create social and security strains in open source. He introduced AI security disclosure guidelines, argued that AI won’t replace human programmers, and stressed that open source remains essential to managing complexity. The discussion also highlights burnout risks for maintainers due to flood-like AI bug reports and the need to understand the end result of AI-generated code, not just prompts.

via ZDNET|

#ai #linus-torvalds #linux-kernel

technology5 days ago•4 min saved

Flipper One: a pocket cyberdeck aimed at turning networks into a personal PC

Flipper, the company behind Flipper Zero, unveiled Flipper One, a compact RK3576-powered network multitool that doubles as a mini PC. It aims to fix usability issues seen in tiny Linux boxes with a D-pad UI, potential Flipper OS and app store, and support for multiple user profiles. The device promises Wi‑Fi 6E, Ethernet, and 5G via modules (M.2, eSIM, or SIM), plus a PCIe expansion slot, and is sized around one-and-a-half fists. It’s not for sale yet but is expected to launch on Kickstarter later this year with a target price around $350. Flipper positions the One as a more open, configurable “cyberdeck” companion to Flipper Zero.

via Gizmodo|

#cyberdeck #flipper #flipper-one

technology6 days ago•12 min saved

GPL Case Could Free Vizio OS Code, Redefine Smart TV Control

The Software Freedom Conservancy is suing Vizio to force release of the complete, executable source code for Vizio OS (Linux-based) under GPLv2/LGPLv2.1, arguing open access would let owners modify the OS to curb ads and tracking and extend device lifetimes. The August 10 trial could reshape how Linux-based smart-TV platforms are licensed, while Vizio contends GPL licenses do not create a contractual obligation to share code. A prior ruling limited guarantees that modified code would keep TVs operable, but still acknowledged source-code access as a GPL requirement.

via Ars Technica|

#gplv2 #open-source #smart-tvs

technology7 days ago•9 min saved

Microsoft unveils Azure Linux 4.0, its first full Linux distro for the cloud

Microsoft unveiled Azure Linux 4.0, its first general-purpose Linux distribution for Azure, split into a traditional VM image and a dedicated Azure Container Linux (ACL) for container workloads. Based on Fedora and upstreamed via Flatcar, the distro is open source on GitHub and designed to integrate tightly with Azure, with ACL immutable and the VM image usable for all Azure workloads. Developers can run a Windows-hosted path via WSL in the future, but no desktop GUI is planned. Microsoft commits to a two-year support window with monthly security updates and an opt-in automatic-upgrade option, while remaining compatible with other Azure-supported distros. The move signals a deeper Microsoft embrace of Linux and open source in the AI-centric cloud era.

via ZDNET|

#azure #containers #linux

technology8 days ago•12 min saved

Linux Gets Cross-GPU Latency Tech via New Reflex/Anti-Lag Vulkan Layer

An open-source Vulkan layer called low_latency_layer from Korthos Software lets Linux users run NVIDIA Reflex and AMD Anti-Lag 2 on any GPU, delivering a few-millisecond latency reduction in games (tested with RX 7900 XTX, Ryzen 7, and 64 GB RAM). Setup can be technical and may require enabling NVAPI for Proton-translated games, but documentation provides guidance.

via TechPowerUp|

#amd-anti-lag-2 #linux #lowlatencylayer

technology8 days ago•2 min saved

Linux 7.1-rc4 Brings Fixes, Hardware Tweaks, and New Security/AI Documentation

Linux 7.1-rc4 fixes Intel/AMD laptop quirks, adds a microphone fix for Framework Laptop 13 Pro, enables HID++ keyboard support, and provides an option to disable CET virtualization in KVM; it also includes security patches (notably ssh-keysign-pwn) and new docs clarifying what counts as a security bug and how to handle AI responsibly in kernel development, with the stable 7.1 expected by mid-June.

via Phoronix|

#ai #kernel #linux