Ubuntu-based Linux Mint includes HexChat software by default "to offer a way for users of the distro to talk to, ask questions, and get support from other users," according to the Linux blog OMG Ubuntu.

But in February HexChat's developer announced its final release... That got devs thinking. As is, IRC isn't user-friendly. It's a kind of an arcane magic involving strange commands. Its onboarding is obtuse. And the protocol doesn't natively support things like media sharing (screenshots are useful when troubleshooting), clickable links, or other modern "niceties". And yet, IRC is a fast, established, open, and versatile protocol... It's free and immediate (no sign-up required to use it) which makes it ideal for 'when you need it' use.

So work has begun on a new dedicated "chat room" app to replace HexChat, called Jargonaut. Linux Mint's goal is not to build a fully-featured IRC client, or even an IRC client at all. Jargonaut is a chat app that just happens to use IRC as its underlying chat protocol. Users won't need to know what IRC is nor learn its syntax, as Jargonaut isn't going to respond to standard IRC commands... When the app is opened Linux Mint's official support channels are there, ready to engage with. A real-time support chat app built on IRC — with additional bells:

"[Jargonaut] will support pastebin/imgur via DND, uploading your system specifications, troubleshooting and many features which have nothing to do with IRC," says Linux Mint lead Clement Lefebvre in the distro's latest monthly update. "HexChat was a great IRC client which helped us make a relatively good support chat room. We're hoping Jargonaut will help us make this chat room even better and much easier to use."
"Like most of Linux Mint's home-grown XApps the new app is hosted on Github," the article points out, "which is where you should go t to check in on Jargonaut's current status, check out the code and compile it, or contribute to its development with your own fair hands."

The article also argues that IRC "isn't as trendy as Discord or Telegram, but it is a free, open standard that no single entity controls, is relatively low-bandwidth, interoperable, and efficient."

Mexico is waiting for the United States to provide evidence that shows imported genetically modified corn is safe for human consumption. "In a written submission to a panel of the United States-Mexico-Canada Agreement, Mexico, the top buyer of U.S. corn, argued that science proves GM corn and the herbicide glyphosate are harmful to human health and its native varieties, and that its decree to ban GM corn for human consumption is within its right," reports Reuters. From the report: [Deputy Agriculture Secretary Victor Suarez] said the onus is now on the United States to show GM corn is not harming Mexico's population, which consumes a higher amount of corn than many countries through daily diet staples like nixtamalized dough and tortilla. The United States "argues that the decisions in Mexico are not based on science and that their decisions are," Suarez told Reuters in an interview. "But we still haven't seen the science of the United States or the companies. We are looking forward to that study with great pleasure."

A spokesman for the U.S. Department of Agriculture said Mexico's approach to biotechnology runs counter to "decades' worth of evidence demonstrating its safety." A senior official for the U.S. Trade Representative said, "Scientific authorities, including in Mexico, have consistently found biotech products like corn to be safe over a period of decades." [...] Mexico's written response cited studies it said showed links between GM corn consumption and glyphosate exposure to liver inflammation in people and impacts to immune response in animals, saying it considers the risk to human health "extremely serious."

The United States in August requested a dispute settlement panel under the USMCA over Mexico's decree to ban GM corn for human consumption, specifically in the use of making flour for tortillas. The decree allows the use of GM yellow corn in animal feed, which accounts for the majority of Mexico's nearly $5.9 billion worth of U.S. corn imports annually. Washington argues Mexico's decree banning imports of GM corn used for tortillas is not based on science and violates its commitments under the USMCA, which has been in place since 2020. "There is no impact on trade," Suarez said of Mexico's decree. "The value and volume of exports of GM corn to Mexico has increased."

Mexico's decree also calls for the gradual substitution of GM corn, a point of contention highlighted by U.S. officials. In its written response, Mexico argued that no specific time frame has been established and therefore it has had no trade impact. "It is a strategic goal, like the United States would like to have energy sovereignty and energy self-sufficiency," Suarez said. The United States is expected to issue a rebuttal to Mexico's response.

The European Union has confirmed it's looking into Apple's decision to close Epic Games' developer account -- citing three separate regulations that may apply. From a report: Yesterday the Fortnite maker revealed Apple had terminated the account, apparently reversing a decision to approve the developer account last month. Epic had planned to launch its own app store, the Epic Games Stores, on iOS in Europe, as well as Fortnight on Apple's platform. And it accused Apple of breaching the bloc's Digital Markets Act (DMA) by killing its developer account.

Responding to the development, a European Commission spokesperson told TechCrunch it has "requested further explanations on this from Apple under the DMA." The pan-EU regulation applies on Apple from midnight Brussels' time today. The spokesperson also said the EU is evaluating whether Apple's actions raise compliance "doubts" with regard to two other regulations -- the Digital Services Act (DSA) and the platform-to-business regulation (P2B) -- given what they described as "the links between the developer program membership and the App Store as designated VLOP" (very large online platform).

An anonymous reader quotes a report from TechCrunch: A technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users' access to their Facebook, Google and TikTok accounts. The Asian technology and internet company YX International manufactures cellular networking equipment and provides SMS text message routing services. SMS routing helps to get time-critical text messages to their proper destination across various regional cell networks and providers, such as a user receiving an SMS security code or link for logging in to online services. YX International claims to send 5 million SMS text messages daily. But the technology company left one of its internal databases exposed to the internet without a password, allowing anyone to access the sensitive data inside using only a web browser, just with knowledge of the database's public IP address.

Anurag Sen, a good-faith security researcher and expert in discovering sensitive but inadvertently exposed datasets leaking to the internet, found the database. Sen said it was not apparent who the database belonged to, nor who to report the leak to, so Sen shared details of the exposed database with TechCrunch to help identify its owner and report the security lapse. Sen told TechCrunch that the exposed database included the contents of text messages sent to users, including one-time passcodes and password reset links for some of the world's largest tech and online companies, including Facebook and WhatsApp, Google, TikTok, and others. The database had monthly logs dating back to July 2023 and was growing in size by the minute. In the exposed database, TechCrunch found sets of internal email addresses and corresponding passwords associated with YX International, and alerted the company to the spilling database. The database went offline a short time later.

Wikipedia has downgraded tech website CNET's reliability rating following extensive discussions among its editors regarding the impact of AI-generated content on the site's trustworthiness. "The decision reflects concerns over the reliability of articles found on the tech news outlet after it began publishing AI-generated stories in 2022," adds Ars Technica. Futurism first reported the news. From the report: Wikipedia maintains a page called "Reliable sources/Perennial sources" that includes a chart featuring news publications and their reliability ratings as viewed from Wikipedia's perspective. Shortly after the CNET news broke in January 2023, Wikipedia editors began a discussion thread on the Reliable Sources project page about the publication. "CNET, usually regarded as an ordinary tech RS [reliable source], has started experimentally running AI-generated articles, which are riddled with errors," wrote a Wikipedia editor named David Gerard. "So far the experiment is not going down well, as it shouldn't. I haven't found any yet, but any of these articles that make it into a Wikipedia article need to be removed." After other editors agreed in the discussion, they began the process of downgrading CNET's reliability rating.

As of this writing, Wikipedia's Perennial Sources list currently features three entries for CNET broken into three time periods: (1) before October 2020, when Wikipedia considered CNET a "generally reliable" source; (2) between October 2020 and present, when Wikipedia notes that the site was acquired by Red Ventures in October 2020, "leading to a deterioration in editorial standards" and saying there is no consensus about reliability; and (3) between November 2022 and January 2023, when Wikipedia considers CNET "generally unreliable" because the site began using an AI tool "to rapidly generate articles riddled with factual inaccuracies and affiliate links."

Futurism reports that the issue with CNET's AI-generated content also sparked a broader debate within the Wikipedia community about the reliability of sources owned by Red Ventures, such as Bankrate and CreditCards.com. Those sites published AI-generated content around the same period of time as CNET. The editors also criticized Red Ventures for not being forthcoming about where and how AI was being implemented, further eroding trust in the company's publications. This lack of transparency was a key factor in the decision to downgrade CNET's reliability rating. A CNET spokesperson said in a statement: "CNET is the world's largest provider of unbiased tech-focused news and advice. We have been trusted for nearly 30 years because of our rigorous editorial and product review standards. It is important to clarify that CNET is not actively using AI to create new content. While we have no specific plans to restart, any future initiatives would follow our public AI policy."

Hackers targeting individuals in the cryptocurrency sector are using a sophisticated phishing scheme that begins with a malicious link on Calendly. "The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call," reports Krebs on Security. "But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems." From the report: A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. "When the project team clicks the link, they encounter a region access restriction," SlowMist wrote. "At this point, the North Korean hackers coax the team into downloading and running a 'location-modifying' malicious script. Once the project team complies, their computer comes under the control of the hackers, leading to the theft of funds."

SlowMist says the North Korean phishing scams used the "Add Custom Link" feature of the Calendly meeting scheduling system on event pages to insert malicious links and initiate phishing attacks. "Since Calendly integrates well with the daily work routines of most project teams, these malicious links do not easily raise suspicion," the blog post explains. "Consequently, the project teams may inadvertently click on these malicious links, download, and execute malicious code."

SlowMist said the malware downloaded by the malicious link in their case comes from a North Korean hacking group dubbed BlueNoroff, which Kaspersky Labs says is a subgroup of the Lazarus hacking group. "A financially motivated threat actor closely connected with Lazarus that targets banks, casinos, fin-tech companies, POST software and cryptocurrency businesses, and ATMs," Kaspersky wrote of BlueNoroff in Dec. 2023.

Nintendo has filed a 41-page lawsuit against the makers of Yuzu, an open-source Nintendo Switch emulator, accusing them of "facilitating piracy at a colossal scale." Polygon reports: Yuzu is a free emulator that was released in 2018 months after the Nintendo Switch originally launched. The same folks who made Citra, a Nintendo 3DS emulator, made this one. Basically, it's a piece of software that lets people play Nintendo Switch games on Windows PC, Linux, and Android devices. (It also runs on Steam Deck, which Valve showed -- then wiped -- in a Steam Deck video clip.) Emulators aren't necessarily illegal, but pirating games to play on them is. But Nintendo said in its lawsuit that there's no way to legal way to use Yuzu.

Nintendo argued that Yuzu executes codes that "defeat" Nintendo's security measures, including decryption using "an illegally-obtained copy of prod.keys." "In other words, without Yuzu's decryption of Nintendo's encryption, unauthorized copies of games could not be played on PCs or Android devices," Nintendo wrote in the lawsuit. As to the alleged damages created by Yuzu, Nintendo pointed to the release of The Legend of Zelda: Tears of the Kingdom. Tears of the Kingdom leaked almost two weeks earlier than the game's May 12 release date. The pirated version of the game spread quickly; Nintendo said it was downloaded more than 1 million times before Tears of the Kingdom's release date. People used Yuzu to play the game; Nintendo said more than 20% of download links pointed people to Yuzu.

Though Yuzu doesn't give out pirated copies of games, Nintendo repeatedly said that most ROM sites point people toward Yuzu to play whatever games they've downloaded. Nintendo said its "expended significant resources to stop the illegal copying, marketing, sale, and distribution" of its Nintendo Switch games. It says that Yuzu earns the team $30,000 per month on its Patreon from more than 7,000 patrons. Nintendo said the company has earned at least $50,000 in paid Yuzu downloads. Nintendo said that Yuzu's Patreon doubled its paid members in the period between May 1 and May 12, when Tears of the Kingdom was released. Nintendo is asking the court to shut down the emulator, and for damages.

An anonymous reader shares a report: News publishers are worried -- with good reason -- about changes coming to Google Search. AI-generated content replacing links on some of the most valuable space on the internet, in particular, has left media types with a lot of questions, starting with "is this going to be a traffic-destroying nightmare?" The News filter disappearing from Google search results for some users this week won't help publishers sleep any easier. Google confirmed some users were not seeing the News filter as part of ongoing testing. "We're testing different ways to show filters on Search and as a result, a small subset of users were temporarily unable to access some of them," a Google spokesperson confirmed via email.

Sarah Perez reports via TechCrunch: The CEO of meditation app Insight Timer, Christopher Plowman, is frustrated. He doesn't think the teachers who leverage his app's marketplace to reach their students should have to share 30% of their income with Apple -- its commission on in-app purchases -- and for the past 12 months, Apple had also agreed. After Apple loosened its rules around in-app donations in 2022, Insight Timer took advantage of the option to adjust a digital donations feature that allowed Insight Timers' teachers to collect "tips" from their user profiles and during live events. Apple reviewed the app and approved its release on the App Store. Now the tech giant has changed its mind -- it wants to collect a commission from this content, and Insight Timer had no choice but to comply or have its iOS business shut down, Plowman says. [...]

In section 3.2.1 of Apple's App Review guidelines, the company explains that apps can route around Apple's in-app purchase if the app enables individual users to "give a monetary gift to another individual" and "100% of the funds" go to the receiver of the gift. Insight Timer capitalized on this option to allow its users to tip meditation teachers, healers, musicians, and others who use its app to teach classes on meditation, managing stress, finding happiness or spiritual enlightenment, and more. Insight Timer implemented the feature using Stripe as the payment provider on the back end, as the rule permits. Users can opt to donate funds to the teacher, but they don't have to. Insight Timer's main business is selling premium subscriptions to its app, which offer additional features, like offline listening, journaling, and unlimited access to its courses. Fifty percent of this revenue is shared with the teachers, so they don't have to rely on donations to fund their work. During the time the commission-free donations feature was live, Insight Timer's users donated roughly $100,000 per month to the app's teachers, Plowman says.

Apple appeared to have blessed this use case, as the tech giant went on to approve 47 more updates to Insight Timer's app over the course of a 12-month period. When a question arose, Insight Timer explained that these were donations -- it doesn't take a cut of that revenue -- and Apple would approve the app. Late last year, those approvals stopped. An app reviewer told Insight Timer that these donations were no longer considered monetary gifts -- they were now "digital content." That meant they were also now subject to Apple's commissions. This decision doesn't hurt Insight Timer's bottom line, as the app's main business is subscriptions. Instead, it hurts the community of teachers who generate additional funds via users' donations. Now, with Apple demanding 30% of that revenue, the teachers are getting a 30% pay cut overnight, so to speak.

Plowman says he went back and forth with Apple over this feature, trying to understand why the donations option that Apple had previously allowed -- 47 times! -- was now subject to commission. Apple compromised and said it would allow the donations' link on teachers' profiles to be subject to its commission-free rules, but all other donations -- from live events, from meditations themselves -- had to be commissioned. It wouldn't allow those links to point to the donation link on the teachers' profiles, either. "And I was like, well, what's the point of building an ice cream stand across the road if you won't let the customers cross the road to buy the ice cream?" Plowman argued. In the end, the two parties didn't reach any sort of resolution. Plowman was given until February to comply with Apple's decision, or his business would be shut out of the App Store.

Jennifer Ouellette reports via Ars Technica: Famed naturalist Charles Darwin amassed an impressive personal library over the course of his life, much of which was preserved and cataloged upon his death in 1882. But many other items were lost, including more ephemeral items like unbound volumes, pamphlets, journals, clippings, and so forth, often only vaguely referenced in Darwin's own records. For the last 18 years, the Darwin Online project has painstakingly scoured all manner of archival records to reassemble a complete catalog of Darwin's personal library virtually. The project released its complete 300-page online catalog -- consisting of 7,400 titles across 13,000 volumes, with links to electronic copies of the works -- to mark Darwin's 215th birthday on February 12.

"This unprecedentedly detailed view of Darwin's complete library allows one to appreciate more than ever that he was not an isolated figure working alone but an expert of his time building on the sophisticated science and studies and other knowledge of thousands of people," project leader John van Wyhe of the National University of Singapore said. "Indeed, the size and range of works in the library makes manifest the extraordinary extent of Darwin's research into the work of others."

From a blog post by Greg Kroah-Hartman: As was recently announced, the Linux kernel project has been accepted as a CVE Numbering Authority (CNA) for vulnerabilities found in Linux.

This is a trend, of more open source projects taking over the haphazard assignments of CVEs against their project by becoming a CNA so that no other group can assign CVEs without their involvment. Here's the curl project doing much the same thing for the same reasons. I'd like to point out the great work that the Python project has done in supporting this effort, and the OpenSSF project also encouraging it and providing documentation and help for open source projects to accomplish this. I'd also like to thank the cve.org group and board as they all made the application process very smooth for us and provided loads of help in making this all possible.

As many of you all know, I have talked a lot about CVEs in the past, and yes, I think the system overall is broken in many ways, but this change is a way for us to take more responsibility for this, and hopefully make the process better over time. It's also work that it looks like all open source projects might be mandated to do with the recent rules and laws being enacted in different parts of the world, so having this in place with the kernel will allow us to notify all sorts of different CNA-like organizations if needed in the future.
Kroah-Hartman links to his post on the kernel mailing list for "more details about how this is all going to work for the kernel." [D]ue to the layer at which the Linux kernel is in a system, almost any bug might be exploitable to compromise the security of the kernel, but the possibility of exploitation is often not evident when the bug is fixed. Because of this, the CVE assignment team are overly cautious and assign CVE numbers to any bugfix that they identify. This explains the seemingly large number of CVEs that are issued by the Linux kernel team...

No CVEs will be assigned for unfixed security issues in the Linux kernel, assignment will only happen after a fix is available as it can be properly tracked that way by the git commit id of the original fix. No CVEs will be assigned for any issue found in a version of the kernel that is not currently being actively supported by the Stable/LTS kernel team.
alanw (Slashdot reader #1,822) worries this could overwhelm the CVE infrastructure, pointing to an ongoing discussion at LWN.net.

But reached for a comment, Greg Kroah-Hartman thinks there's been a misunderstanding. He told Slashdot that the CVE group "explicitly asked for this as part of our application... so if they are comfortable with it, why is no one else?"

A paper (PDF) from researchers at the University of Cambridge, supported by voices from numerous academic institutions including OpenAI, proposes remote kill switches and lockouts as methods to mitigate risks associated with advanced AI technologies. It also recommends tracking AI chip sales globally. The Register reports: The paper highlights numerous ways policymakers might approach AI hardware regulation. Many of the suggestions -- including those designed to improve visibility and limit the sale of AI accelerators -- are already playing out at a national level. Last year US president Joe Biden put forward an executive order aimed at identifying companies developing large dual-use AI models as well as the infrastructure vendors capable of training them. If you're not familiar, "dual-use" refers to technologies that can serve double duty in civilian and military applications. More recently, the US Commerce Department proposed regulation that would require American cloud providers to implement more stringent "know-your-customer" policies to prevent persons or countries of concern from getting around export restrictions. This kind of visibility is valuable, researchers note, as it could help to avoid another arms race, like the one triggered by the missile gap controversy, where erroneous reports led to massive build up of ballistic missiles. While valuable, they warn that executing on these reporting requirements risks invading customer privacy and even lead to sensitive data being leaked.

Meanwhile, on the trade front, the Commerce Department has continued to step up restrictions, limiting the performance of accelerators sold to China. But, as we've previously reported, while these efforts have made it harder for countries like China to get their hands on American chips, they are far from perfect. To address these limitations, the researchers have proposed implementing a global registry for AI chip sales that would track them over the course of their lifecycle, even after they've left their country of origin. Such a registry, they suggest, could incorporate a unique identifier into each chip, which could help to combat smuggling of components.

At the more extreme end of the spectrum, researchers have suggested that kill switches could be baked into the silicon to prevent their use in malicious applications. [...] The academics are clearer elsewhere in their study, proposing that processor functionality could be switched off or dialed down by regulators remotely using digital licensing: "Specialized co-processors that sit on the chip could hold a cryptographically signed digital "certificate," and updates to the use-case policy could be delivered remotely via firmware updates. The authorization for the on-chip license could be periodically renewed by the regulator, while the chip producer could administer it. An expired or illegitimate license would cause the chip to not work, or reduce its performance." In theory, this could allow watchdogs to respond faster to abuses of sensitive technologies by cutting off access to chips remotely, but the authors warn that doing so isn't without risk. The implication being, if implemented incorrectly, that such a kill switch could become a target for cybercriminals to exploit.

Another proposal would require multiple parties to sign off on potentially risky AI training tasks before they can be deployed at scale. "Nuclear weapons use similar mechanisms called permissive action links," they wrote. For nuclear weapons, these security locks are designed to prevent one person from going rogue and launching a first strike. For AI however, the idea is that if an individual or company wanted to train a model over a certain threshold in the cloud, they'd first need to get authorization to do so. Though a potent tool, the researchers observe that this could backfire by preventing the development of desirable AI. The argument seems to be that while the use of nuclear weapons has a pretty clear-cut outcome, AI isn't always so black and white. But if this feels a little too dystopian for your tastes, the paper dedicates an entire section to reallocating AI resources for the betterment of society as a whole. The idea being that policymakers could come together to make AI compute more accessible to groups unlikely to use it for evil, a concept described as "allocation."

An anonymous reader quotes a report from TechCrunch: AI-generated imagery and other forms of deepfakes depicting child sexual abuse (CSA) could be criminalized in the European Union under plans to update existing legislation to keep pace with technology developments, the Commission announced today. It's also proposing to create a new criminal offense of livestreaming child sexual abuse. The possession and exchange of "pedophile manuals" would also be criminalized under the plan -- which is part of a wider package of measures the EU says is intended to boost prevention of CSA, including by increasing awareness of online risks and to make it easier for victims to report crimes and obtain support (including granting them a right to financial compensation). The proposal to update the EU's current rules in this area, which date back to 2011, also includes changes around mandatory reporting of offenses.

Back in May 2022, the Commission presented a separate piece of CSA-related draft legislation, aiming to establish a framework that could make it obligatory for digital services to use automated technologies to detect and report existing or new child sexual abuse material (CSAM) circulating on their platforms, and identify and report grooming activity targeting kids. The CSAM-scanning plan has proven to be highly controversial -- and it continues to split lawmakers in the parliament and the Council, as well as kicking up suspicions over the Commission's links with child safety tech lobbyists and raising other awkward questions for the EU's executive, over a legally questionable foray into microtargeted ads to promote the proposal. The Commission's decision to prioritize the targeting of digital messaging platforms to tackle CSA has attracted a lot of criticism that the bloc's lawmakers are focusing in the wrong area for combatting a complex societal problem -- which may have generated some pressure for it to come with follow-on proposals. (Not that the Commission is saying that, of course; it describes today's package as "complementary" to its earlier CSAM-scanning proposal.) "Fast evolving technologies are creating new possibilities for child sexual abuse online, and raises challenges for law enforcement to investigate this extremely serious and wide spread crime," said Ylva Johansson, commissioner for home affairs, in a statement. "A strong criminal law is essential and today we are taking a key step to ensure that we have effective legal tools to rescue children and bring perpetrators to justice. We are delivering on our commitments made in the EU Strategy for a more effective fight against Child sexual abuse presented in July 2020."

The final shape of the proposals will be determined by the EU's co-legislators in the Parliament and Council. "If/when there's agreement on how to amend the current directive on combating CSA, it would enter into force 20 days after its publication in the Official Journal of the EU," adds TechCrunch.

Microsoft's Visual Studio Code editor now includes a voice command that launches GitHub Copilot Chat just by saying "Hey Code."

But one Linux blog notes that the editor has suddenly stopped supporting Ubuntu 18.04 LTS — "a move causing issues for scores of developers." VS Code 1.86 (aka the 'January 2024' update) saw Microsoft bump the minimum build requirements for the text editor's popular remote dev tools to â¥glibc 2.28 — but Ubuntu 18.04 LTS uses glibc 2.27, ergo they no longer work.

While Ubuntu 18.04 is supported by Canonical until 2028 (through ESM) a major glibc upgrade is unlikely. Thus, this "breaking change" is truly breaking workflows...

It seems affected developers were caught off-guard as this (rather impactful) change was not signposted before, during, or after the VS Code update (which is installed automatically for most, and the update was pushed out to Ubuntu 18.04 machines). Indeed, most only discovered this issue after update was installed, they tried to connect to a remote server, and discovered it failed. The resulting error message does mention deprecation and links to an FAQ on the VS Code website with workarounds (i.e. downgrade).

But as one developer politely put it.... "It could have checked the libc versions and refused the update. Now, many people are screwed in the middle of their work."
The article points out an upgrade to Ubuntu 20.04 LTS will address the problem. On GitHub a Microsoft engineer posted additional options from VS Code's documentation: If you are unable to upgrade your Linux distribution, the recommended alternative is to use our web client. If you would like to use the desktop version, then you can download the VS Code release 1.85. Depending on your platform, make sure to disable updates to stay on that version.
Microsoft then locked the thread on GitHub as "too heated" and limited conversation to just collaborators.

In a related thread someone suggested installing VS Code's Flatpak, which was still on version 1.85 — and then disabling updates. But soon Microsoft had locked that thread as well as "too heated," again limiting conversation to collaborators.

The Verge reports that Threads is "booming," according to figures shared by Mark Zuckerberg on Meta's earnings call, with 130 million active users a month.

TechCrunch reports: Threads is continuing to grow, having tripled its downloads month-over-month in December, which gave it a place in the top 10 most downloaded apps for the month across both the App Store and Google Play...

Threads famously had a record-breaking launch, reaching 100 million registered users within its first five days. However, the app saw its daily downloads decline starting last September through the end of the year. But in December, Threads once again returned to growth, likely due to the push Meta had given the app by displaying promos on Facebook that featured Threads' viral posts. Today, there are an estimated 160 million Threads users, according to one tracker...

The app could also be benefiting from its move into the "fediverse" — the social network comprised of interconnected servers that communicate via the ActivityPub protocol, like Mastodon... In addition, Threads recently announced the launch of an endpoint, allowing developers of third-party apps and websites to use a dynamic URL to refill text into the Threads composer. For example, there's now a website where anyone can generate Threads share links and profile badges. Marketing tool provider Shareaholic also just launched Threads Share buttons for websites, including both desktop and mobile sites. This flurry of activity around Threads is helping to move the app up in the chart rankings, though some inorganic boosts from Meta itself are likely also responsible for the jump in downloads, given the size.

Google has removed links to page caches from its search results page, the company's search liaison Danny Sullivan has confirmed. From a report: "It was meant for helping people access pages when way back, you often couldn't depend on a page loading," Sullivan wrote on X. "These days, things have greatly improved. So, it was decided to retire it."

The cache feature historically let you view a webpage as Google sees it, which is useful for a variety of different reasons beyond just being able to see a page that's struggling to load. SEO professionals could use it to debug their sites or even keep tabs on competitors, and it can also be an enormously helpful news gathering tool, giving reporters the ability to see exactly what information a company has added (or removed) from a website, and a way to see details that people or companies might be trying to scrub from the web. Or, if a site is blocked in your region, Google's cache can work as a great alternative to a VPN.

SpaceX revealed that it's delivering over 42 petabytes of data for customers per day, according to engineer Travis Brashears. "We're passing over terabits per second [of data] every day across 9,000 lasers," Brashears said today at SPIE Photonics West, an event in San Francisco focused on the latest advancements in optics and light. "We actually serve over lasers all of our users on Starlink at a given time in like a two-hour window." PCMag reports: Although Starlink uses radio waves to beam high-speed internet to customers, SpaceX has also been outfitting the company's satellites with a "laser link" system to help drive down latency and improve the system's global coverage. The lasers, which can sustain a 100Gbps connection per link, are especially crucial to helping the satellites fetch data when no SpaceX ground station is near, like over the ocean or Antarctic. Instead, the satellite can transmit the data to and from another Starlink satellite in Earth's orbit, forming a mesh network in space.

Tuesday's talk from Brashears revealed the laser system is quite robust, even as the equipment is flying onboard thousands of Starlink satellites constantly circling the Earth. Despite the technical challenges, the company has achieved a laser "link uptime" at over 99%. The satellites are constantly forming laser links, resulting in about 266,141 "laser acquisitions" per day, according to Brashears' presentation. But in some cases, the links can also be maintained for weeks at a time, and even reach transmission rates at up to 200Gbps.

Brashears also said Starlink's laser system was able to connect two satellites over 5,400 kilometers (3,355 miles) apart. The link was so long "it cut down through the atmosphere, all the way down to 30 kilometers above the surface of the Earth," he said, before the connection broke. "Another really fun fact is that we held a link all the way down to 122 kilometers while we were de-orbiting a satellite," he said. "And we were able to downstream the video." During his presentation, Brashears also showed a slide depicting how the laser system can deliver data to a Starlink dish in Antarctica through about seven different paths. "We can dynamically change those routes within milliseconds. So as long as we have some path to the ground [station], you're going to have 99.99% uptime. That's why it's important to get as many nodes up there as possible," he added.

David Pierce reports via The Verge: A few minutes ago, I opened the new Arc Search app and typed, "What happened in the Chiefs game?" That game, the AFC Championship, had just wrapped up. Normally, I'd Google it, click on a few links, and read about the game that way. But in Arc Search, I typed the query and tapped the "Browse for me" button instead. Arc Search, the new iOS app from The Browser Company, which has been working on a browser called Arc for the last few years, went to work. It scoured the web -- reading six pages, it told me, from Twitter to The Guardian to USA Today -- and returned a bunch of information a few seconds later. I got the headline: Chiefs win. I got the final score, the key play, a "notable event" that also just said the Chiefs won, a note about Travis Kelce and Taylor Swift, a bunch of related links, and some more bullet points about the game.

Basically, instead of returning a bunch of search queries about the Chiefs game, Arc Search built me a webpage about it. And somewhere in there is The Browser Company's big idea about the future of web browsers -- that a browser, a search engine, an AI chatbot, and a website aren't different things. They're all just parts of an internet information finder, and they might as well exist inside the same app. [...] But from a pure product perspective, this feels closer to the way AI search should work than anything I've tried. Products like Copilot and Perplexity AI are cool, but they're fundamentally just chatbots with web access. Arc Search imagines something else entirely: AI that explores websites by building you a new one every time you ask.

The 2023 Hugo Awards for science fiction hosted in China sparked controversy by excluding several authors without explanation, raising censorship concerns. Works removed included RF Kuang's bestseller "Babel," an episode of "The Sandman," and author Xiran Jay Zhao. The prestigious Hugo Awards are voted on by science fiction fans and marked the first time the annual World Science Fiction Convention (Worldcon) was held in China. With no reasons given for the exclusions, revealed only when nomination statistics were posted, questions emerged whether there had been interference or censorship in the process from Chinese authorities. The removed works included Kuang's speculative fiction novel "Babel," which recently won fiction book of the year in the British book awards.

Bruce66423 shares a report: Recently released documents showed that several works or authors -- some with links to China -- had been excluded from the ballot despite receiving enough nominations to be included on their respective shortlists. The excluded nominees include Kuang and Zhao, authors who were born in China but are now based in the west. Concerns have been raised that the authors were targeted for political reasons, connected to the fact that the ruling Chinese Communist party exerts a tight control on all cultural events that take place inside its borders.

[...] Episode six of The Sandman, which is based on a comic book written by Neil Gaiman, was excluded from the best dramatic presentation category, despite receiving enough nominations to be on the final ballot. Gaiman has publicly criticised the Chinese authorities for imprisoning writers. [...] Writing on Facebook, Gaiman said: "Until now, one of the things that's always been refreshing about the Hugos has been the transparency and clarity of the process ... This is obfuscatory, and without some clarity it means that whatever has gone wrong here is unfixable, or may be unfixable in ways that don't damage the respect the Hugos have earned over the last 70 years."

Apple has updated its long-standing App Store guidelines, giving developers the option to let users make in-app purchases for iOS apps outside of its App Store. But the changes still haven't won over one of the company's longtime critics. From a report: Under the new rules, app developers can provide customers with links to third-party purchase options for their apps, but they must still pay Apple fees of either 12% or 27%. Spotify, one of Apple's biggest critics, isn't a fan of the changes. In a statement, the music streaming service slammed the new rules. "Once again, Apple has demonstrated that they will stop at nothing to protect the profits they exact on the backs of developers and consumers under their app store monopoly," the company said in a statement. "Their latest move in the US -- imposing a 27% fee for transactions made outside of an app on a developer's website -- is outrageous and flies in the face of the court's efforts to enable greater competition and user choice." Tech columnist John Gruber, writing at DaringFireball: Maybe the cynics are right! Let's just concede that they are, and that Apple will only make decisions here that benefit its bottom line. My argument remains that Apple should not be pursuing this plan for complying with the anti-steering injunction by collecting commissions from web sales that initiate in-app. Whatever revenue Apple would lose to non-commissioned web sales (for non-games) is not worth the hit they are taking to the company's brand and reputationâ--âthis move reeks of greed and avariceâ--ânor the increased ire and scrutiny of regulators and legislators on the "anti-Big-Tech" hunt.

Apple should have been looking for ways to lessen regulatory and legislative pressure over the past few years, and in today's climate that's more true than ever. But instead, their stance has seemingly been "Bring it on." Confrontational, not conciliatory, conceding not an inch. Rather than take a sure win with most of what they could want, Apple is seemingly hell-bent on trying to keep everything. To win in chess all you need is to capture your opponent's king. Apple seemingly wants to capture every last piece on the boardâ--âeven while playing in a tournament where the referees (regulators) are known to look askance at blatant poor sportsmanship (greed).

Apple's calculus should be to balance its natural desire to book large amounts of revenue from the App Store with policies that to some degree placate, rather than antagonize, regulators and legislators. No matter what the sport, no matter what the letter of the rulebook says, it's never a good idea to piss off the refs.