Month: October 2022

Enlarge (credit: Raspberry Pi Foundation)

Shortages for lots of tech components, including things like DDR5 and GPUs, have eased quite a bit since the beginning of 2022, and prices have managed to go down as availability improves. But that reprieve hasn't come for hobbyists hoping to get a Raspberry Pi, which remains as hard to buy today as it was a year ago.

The most recent update on the situation comes from Raspberry Pi founder Eben Upton via YouTuber Jeff Geerling—Upton told Geerling that Pi boards are subject to the same supply constraints since the last time he wrote a post about the situation in April. Around 400,000 Pi boards are still produced per month, and some of these are being earmarked to be sent out to consumer retail sites. But Upton says that most of these are still being reserved for and sold to commercial customers who rely on Pi boards to run their businesses.

In short, the update is that there is no update. Upton said in April (and nearly a year ago, when the company raised the price for a Pi board for the first time) that the Broadcom processors at the heart of older Pi boards have been particularly difficult to source, but that high demand had been just as big an issue. Demand for Pi boards increased during the pandemic, and there was no more manufacturing capacity available to meet this demand. Upton said a year ago that there were "early signs that the supply chain situation is starting to ease," but backed-up demand could still explain the short supply even if the Pi's components have gotten easier to buy.

Enlarge (credit: Getty Images)

A ransomware outfit calling itself Vice Society has dumped nearly 300,000 files belonging to the Los Angeles Unified School District as punishment for rebuffing demands it pay the group a hefty fee to recover data stolen during a recent cyber intrusion.

Ransomware operators breach targets’ networks, encrypt all their data, and then charge victims a ransom for the decryption key. More recently, the groups have moved to a double extortion model, in which they also publish the data on the dark web unless victims pay a ransom to keep it private. Already this year, 27 school districts with 1,735 schools among them have been hacked in ransomware incidents, Brett Callow, a threat analyst with security firm Emsisoft, said.

The Los Angeles Unified School District is the second biggest school district in the US, behind the New York City Department of Education, making it a trophy of sorts for ransomware groups that prey on these organizations.

Enlarge (credit: NurPhoto / Contributor | NurPhoto)

A key protection shielding social media companies from liability for hosting third-party content—Section 230 of the Communications Decency Act—is set to face its first US Supreme Court challenge.

The question before the court hinges on whether Google-owned YouTube is responsible for aiding and abetting ISIS terrorists by actively recommending ISIS videos to users via its algorithms.

According to plaintiffs, ISIS allegedly relied on YouTube during efforts to ramp up recruitment before the terrorist group took credit for killing 130 people and injuring more than 350 others during six coordinated attacks in 2015. The lawsuit now headed to the Supreme Court focuses on the killing of an American woman named Nohemi Gonzalez, who was dining in a Paris bistro when ISIS militants attacked.

Enlarge / And there was much rejoicing, as a new Linux kernel version had arrived before its founder ran out of fingers and toes for counting. (credit: Getty Images)

A stable version of Linux 6.0 is out, with 15,000 non-merge commits and a notable version number for the kernel. And while major Linux releases only happen when the prior number's dot numbers start looking too big—"there is literally no other reason"—there are a lot of notable things rolled into this release besides a marking in time.

Most notable among them could be a patch that prevents a nearly two-decade slowdown for AMD chips, based on workaround code for power management in the early 2000s that hung around for far too long. Intel's Dave Hansen wrote the patch that made it into 6.0, noting in a comment on an Ars post that the issue had become an expensive drain as AMD systems gained higher CPU core counts. The average desktop user won't see huge gains, but larger systems working on intensive input/output applications should benefit.

Intel's new Arc GPUs are supported in their discrete laptop form in 6.0 (though still experimental). Linux blog Phoronix notes that Intel's ARC GPUs all seem to run on open source upstream drivers, so support should show up for future Intel cards and chipsets as they arrive on the market.

Enlarge / Full-disk image of Mars captured by the Mars Orbiter Mission. (credit: ISRO)

Despite its modest overall achievements, India's Mars Orbiter Mission is one of the more notable successes of the modern spaceflight era. Launched in 2013, it was the first Mars mission built by an Asian country to reach orbit around the red planet—only the United States, Soviet Union, and European Space Agency had done so before.

And perhaps most importantly, India proved that a durable, capable Mars spacecraft could be developed on a shoestring budget. Instead of costing hundreds of millions of dollars, the Mars mission was developed for only about $25 million, through a process described by Indian officials as "frugal engineering."

But all good things come to an end, and this weekend the Indian space agency, ISRO, announced that the mission was "non-recoverable." The update came following a one-day meeting to discuss the spacecraft and whether it could be salvaged after communication was lost with the vehicle in April during a long eclipse when Mars moved between the orbiter and the Sun.

Enlarge / Google Japan jokes that you can increase productivity by having two people type on the keyboard simultaneously. (credit: Google Japan)

Google Japan has a history of joke keyboard concepts that challenge common notions of computing input. The latest concept, the Gboard Stick Version, places every key in the same row, so hunting and pecking can take a more linear approach.

As shown in Google Japan's YouTube video below, it appears Google Japan actually prototyped the lengthy keyboard. Google will not be mass-producing or selling it, but there are GitHub files available with open source firmware, circuit diagrams, and design drawings to build the keyboard yourself. The GitHub page is careful to note that "this is not an officially supported Google product." Google Japan's blog post from Saturday said you could make the Gboard Stick Version with a 3D printer.

As designed, the keyboard is an extraordinary 5.25 feet (1,600 mm) long. If you think that's lengthy, the company said the original prototype was 7.87 feet (2,400 mm) long. The keyboard uses 17 boards total, including 16 for mounting the keys and a control board.

Enlarge / Hackers are getting closer to fully unlocking user control of the PS5 hardware. (credit: Sony)

Long-time console hacker and exploit developer SpecterDev has released a PS5 exploit that can give users root privileges and read/write access to large chunks of system memory. While this exploit can't be used to actually execute arbitrary code just yet, it represents an important step toward getting homebrew code running on the console.

The exploit, released this weekend, makes use of a FreeBSD vulnerability in the system OS that was reported to PlayStation's HackerOne bounty program in January (a very similar vulnerability on the PS4 was reported to PlayStation in 2020). Making use of the exploit relies on setting up a fake DNS server on your local network such that accessing the PS5's on-screen manual (which is loaded via the system's hidden web browser) points instead to a page on your local PC.

From there, the exploit uses an error in how the PS5's browser implementation handles memory locking while setting IPv6 socket headers. While the details get pretty technical, the exploit essentially sets up a race condition to access that exposed socket header memory before it's fully locked. That small bit of access is then used as a hook to start reading and writing arbitrary data into large areas of the PS5's memory via an RPC server on the host machine.