Does anyone want to tell Linus Torvalds? No? I didn't think so. //

The report on Product Security Bad Practices warns software manufacturers about developing "new product lines for use in service of critical infrastructure or [national critical functions] NCFs in a memory-unsafe language (eg, C or C++) where there are readily available alternative memory-safe languages that could be used is dangerous and significantly elevates risk to national security, national economic security, and national public health and safety."

In short, don't use C or C++. Yeah, that's going to happen.

If this sounds familiar, it's because CISA has been preaching on this point for years.

Rust is one component of it. Adopt it, forbid the "unsafe" keyword, and in theory you end up with code far less prone to memory mis-use errors.

However, when one looks at today's hardware, MELTDOWN / SPECTRE and similar are all about memory misuse / mishandling within CPUs. And it's interesting to consider what can be done about that. There have been articles here on El Reg on the topic of the need to get rid of C in the hardware sense too. C / C++ and today's libraries for them all assume that its running on a Symmetric Multi Processing hardware environment (for multicore hardware). But, the hardware hasn't actually looked like that for decades; SMP is a synthetic hardware environment built on top of things like QPI, or HyperTransport (or newer equivalents), and these cache-coherency networks are what is causing MELTDOWN / SPECTRE faults which the CPU designers are seemingly powerless to fix. Apple's own silicon has recently been found to have such faults - they're unfixable in M1, M2, and they've not disabled the miscreant feature in M3 even though they can.

So, it looks like we should be getting rid of SMP. That would leave us with - NUMA.

We've had such systems before - Transputers are one such example. //

Shared Memory is, Today, no Different to Copied Memory

The classic "don't copy data, send a pointer to data if you want it to be fast" is maxim that should have died decades ago. It was only ever true in actual SMP environments like Intel's NetBurst of the 1990s.

Today, for one core to access data in memory attached to a different core, pretty much the same microelectronic transactions have to take place as would be required to simply copy the data.

Ts'o, Hohndel and the man himself spill beans on how checks in the mail and GPL made it all possible

A team of neuroscientists at Carnegie Mellon and the University of Pittsburgh have discovered that when the prize gets too big — like Olympic gold — the brain becomes overly cautious, slowing down the neuron activity that prepares the body for motor movements the body usually does smoothly and without hesitation. //

But even before these findings, scientists had figured out that overthinking destroys an athlete’s normal fluidity.

Some adults over 40 have shoulder pain, but nearly all have “abnormal” joints. //

The authors argue that the findings suggest clinicians should rethink MRI findings, changing not just how they’re used, but also how they’re explained to patients. The language in particular should change given that “abnormalities” are ubiquitous—thus normal—and shouldn’t be described in terms that indicate a need for repair, like “tear.”

“While we refer to these findings as abnormalities, many likely represent normal age-related changes rather than clinically relevant structural changes,” the authors write. “Adopting more precise and less value-laden terminology—such as lesion, defect, fraying, disruption, structural alteration, or degeneration—may help reduce patient anxiety and the perceived need to do something or fix something by avoiding language that implies trauma or a requirement for repair.”

Contrary to what password managers say, a server compromise can mean game over.

The front cover is a shot of the 2.55 gigawatt Oconee plant in South Carolina. These three reactors were built for 356 million dollars between 1967 and 1974. That is $1141 per kilowatt in 2024 dollars. Oconee can produce reliable, on-demand, zero pollution, very low CO2, electricity at less than 3 cents/kWh in today’s money. These plants and their sisters have operated for over 60 years, harming exactly nobody from radiation. They are licensed to operate intothe 2050’s.

Between 1970 and 2025, technological progress should have reduced the real cost of nuclear power. Instead the current cost of nuclear plants in Europe and North America is more than $15,000/kW, more than 13 times the cost of Oconee. Thanks to its insane energy density, nuclear power should consume far less of the planet’s precious resources than any other source of electricty while producing nearly no pollution and very little CO2. Instead nuclear is a prohibitively expensive flop.

This little book explains why this auto-genocidal tragedy happened, and what we can do about it. Nuclear’s problems are entirely man-made. What is man-made can be man-unmade. If we adopt the regulatory reforms that this book lays out, the providers of nuclear power will be forced to compete with each other and new entrants on a level playing field, in which case the inherent cheapness of fission power combined with technological advances will push the cost of nuclear electricity back down to its should-cost.

The Indians who sold Manhattan were bilked, all right, but they didn’t mind—the land wasn’t theirs anyway //

By now it is probably too late to do anything about it, but the unsettling fact remains that the so-called sale of Manhattan Island to the Dutch in 1626 was a totally illegal deal; a group of Brooklyn Indians perpetrated the swindle, and they had no more right to sell Manhattan Island than the present mayor of White Plains would have to declare war on France. When the Manhattan Indians found out about it they were understandably furious, but by that time the Dutch had too strong a foothold to be dislodged—by the Indians, at any rate—and the eventual arrival of one-way avenues and the Hamburg Heaven Crystal Room was only a matter of time.

Emergency access allows users to designate and manage trusted emergency contacts, who can request access to their vault in cases of emergency.

Security is constantly evolving. Today, a new in-depth security report is available, continuing the Bitwarden commitment to transparency and trusted open source security. The audit, conducted by the prestigious Applied Cryptography Group at ETH Zurich, proactively tested Bitwarden core cryptography operations against the hypothetical event of a maliciously compromised server. All issues identified in the report have been addressed by the Bitwarden team and have been included in the attached cryptography report for full transparency.

Bitwarden was selected for analysis by ETH Zurich primarily due to its open source architecture, where code is available to the public on GitHub for inspection, auditing, and contribution. With this model, the world's leading academic researchers and professional minds, like the ETH Zurich Applied Cryptography Group, can stress-test Bitwarden infrastructure and code with penetration testing and security audits.

In the Age of Discovery, maps held closely guarded secrets for the kings, adventurers, and merchants who first acquired them.

"No matter who you ask, the most important factor is length. Length is more important than complexity and randomness," Comparitech consumer privacy advocate Paul Bischoff told us in an email.

Of course, adding a random character into a long passphrase doesn't hurt either, Bischoff noted... //

Using gibberish passwords and relying on a password manager is still better than qwerty123, of course, and Bischoff says that goes for browser-based password management, too. You're still taking matters into your own hands, of course, as Chrome updates have been known to break Google Password Manager, and password manager apps aren't 100 percent secure either.

Whatever you do, don't let yourself be caught with a password on Comparitech's list, and if it's your responsibility to set password complexity rules, make sure you're setting good ones.

Voidtools' Everything is a great File Explorer replacement //

WinDirStat is a tell-all we all need
A cold hard look into the storage //

ShutUp10++ is an absolute must-have
This is where I take control back from Windows //

Autoruns gives you a very deep look under the hood
Autoruns often feels like my secret weapon

The Lockheed L-1011 competed primarily with the DC-10. Whereas McDonnell Douglas had produced two successful jet airliners and built an extensive customer base, this was Lockheed's first jet-powered airliner. However, while McDonnell Douglas was able to get its aircraft out the door in a swift fashion, Lockheed faced several delays with its program, primarily centered around issues with the Rolls-Royce RB211.

Both aircraft were largely developed out of a request from American Airlines for a twin-engine widebody smaller than the Boeing 747. Both companies developed trijets due to restrictions on twin-engine operations over water, and Lockheed put extra effort into the Tristar's technology. It featured an advanced autopilot, an autoland system, and an automated emergency descent function. This was undoubtedly the most advanced subsonic airliner of its time. //

Charles
I think when the 767 came on the scene, that's what really killed the tristar. //

TJCrewChief
I had a friend that was a 747 and L1011 pilot for TWA. He just loved the Lockheed L1011.

He extolled the fly ability and called it a " Pilots Airplane."

The Federal Highway Administration has given interim approval under the national Manual on Uniform Traffic Control Devices (MUTCD) for the optional use of green colored pavement in marked bike lanes to boost visibility and alert drivers to where bicycles are expected to operate.

If there’s one state that’s leaned into this trend, it’s Florida. Transportation agencies there have adopted MUTCD-aligned design and installation requirements for green-colored pavement markings on bike lanes and multi-use paths.

Under the MUTCD rules, green is not just decorative. It’s a legitimate traffic control device meant to communicate a reserved space (usually for cyclists) and to increase conspicuity.

Ocean currents and tidal flows don’t just push water. They shape where fish go. Around powerful tidal sites like Canada’s Bay of Fundy, researchers have observed patterns in fish movement that almost resemble highways — consistent routes that fish follow as they migrate along the currents.

Thinking about self-hosting an ebook library? Here are the open source software you can consider.

Announced in a press release submitted to Simple Flying, EirTrade Aviation has partnered with RESIDCO to acquire two Airbus A320neo aircraft for teardown, marking the youngest airframes of the type ever dismantled. The aircraft were previously operated by Spirit Airlines and are just four and three and a half years old. Disassembly is taking place in Goodyear, Arizona, with parts destined for EirTrade’s Dallas hub. The transaction is designed to bolster the supply of next-generation used serviceable material (USM) amid growing global demand. //

Early-life teardowns, once uncommon, are now emerging as a strategic response to supply-chain constraints and escalating maintenance costs. //

There are currently more than 4,400 Airbus A320neo aircraft in commercial service worldwide, with a further 7,200 on order. This excludes the approximately 6,500 A320ceo aircraft still operating, many of which share common components. Given the size of the installed base, the A320 platform is expected to remain the largest segment of the global commercial fleet for decades. As a result, demand for USM is projected to increase steadily.

Early-life teardowns provide access to components that align with current regulatory and operational standards, offering operators an alternative to new-part procurement.

There are two important things you must do now: confirm you have Secure Boot enabled and that your system firmware is updated. The Windows System Information tool can show if Secure Boot is enabled. However, any firmware update should come from your PC manufacturer or the platform managing virtual firmware.

If your system is eligible, the update typically happens quietly in the background. You should pay more attention to devices with dual-boot setups or PCs with legacy boot remnants, as they are less likely to get automatic deployment. You may have to navigate to this registry path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot and set the AvailableUpdates registry value to a nonzero value. //

You can view the current certificate on your PC by running this PowerShell command: (Get-AuthenticodeSignature "C:\Windows\Boot\EFI\bootmgfw.efi").SignerCertificate | Format-List Subject,Issuer,NotAfter,Thumbprint

You can run this command on PowerShell, and a non-zero value for AvailableUpdates would confirm your computer is eligible to receive certificate updates: Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecureBoot" | Format-List

Divers have located the wreck of the Lac La Belle, a luxury steamer that vanished in a violent gale in 1872, a discovery that came after nearly six decades of organized searching. //

The Lac La Belle left Milwaukee on October 13, 1872, bound for Grand Haven, Michigan. Captain William Gilcher commanded the ship that, along with passengers, carried barley, pork, flour, and whiskey.

A gale caused massive waves that battered the hull. A quickly spreading leak filled the hold, and when the pumps failed, the vessel sank stern-first into about 300 feet of water. //

Luke Warm
a day ago
I left Marquette Mi. the day the Edmund Fitzgerald was lost. My sister who lived there recommended I check out Presque Isle on my way back. I thought I was about to die. My car looked like it survived a roller over. The waves kept pushing me into the rocks, and the retreating waves trying to suck me into Superior. The Mackinaw bridge closed less than an hr after I crossed it heading south. The bridge looked like to world's biggest swing. I learned very quickly that you do not steer when the road your on is swinging. //

Shadd
20 hours ago
I've been to the Great Lakes Shipwreck Museum, up at Whitefish Point, MI. It's about 45 mins north of the Mackinac Bridge. I highly recommend it. //

Hank Reardon
16 hours ago
Readers interested in Great Lakes shipping and shipwreck history might also be interested in visiting the Great Lakes Maritime Heritage Center at Thunder Bay, Michigan.
https://thunderbay.noaa.gov/visit/great-lakes-maritime-heritage-center.html

Also, unrelated to Great Lakes shipwrecks but equally fascinating is the display of cargo from the 1865 wreck of the Missouri river steamboat Bertrand, discovered in 1968. The large amount of freight bound for the goldfields of Montana captures a snapshot of life in America and is meticulously displayed at the DeSoto National Wildlife Refuge, on the Missouri River north of Omaha.
https://www.fws.gov/refuge/desoto/steamboat-bertrand