Spanish police have uncovered a major clue in the year-long investigation of a missing Cuban man, JLPO, after Google Street View images showed a man loading a body-shaped package into a car and pushing a wheelbarrow with a large white package. These images led to the discovery of the victim's dismembered remains in a cemetery and the arrest of two suspects, including the victim's wife and a bar worker. The Independent reports: Spanish police have said the pictures are a "decisive" clue in case, with detectives reportedly launching a murder investigation and arresting two people in connection with the man's death. According to El Pais, police are still investigating the case -- and it appears neither have yet appeared charged before a court.
slashdot le : 19/12/2024 03:00:14
slashdot le : 14/12/2024 23:00:14
"Single-board computer maker Raspberry Pi is updating its cute little computer-meet-keyboard device with better specifications..." reports TechCrunch.
They call the new $90 Raspberry Pi 500 "not as intimidating" because "when you look at the Raspberry Pi 500, you can't see any chipsets or printed circuit board... The idea with the Raspberry Pi 500 is that you can plug in a mouse and display, and you're ready to hit the ground running." When it comes to specifications, the Raspberry Pi 500 features a 64-bit quad-core Arm processor (the same one as the Raspberry Pi 5 uses); 8GB of RAM; 2 micro-HDMI ports, with support for up to two 4K displays; 3 traditional USB ports (but no USB-C besides the power port unfortunately); a Gigabit Ethernet port; and a 40-pin expansion header. It comes with native Wi-Fi and Bluetooth support.
More importantly, this device brings us back Raspberry Pi's roots. Raspberry Pi computers were originally intended for educational use cases... The Raspberry Pi 500 draws inspiration from the not-for-profit Raspberry Pi Foundation's roots. It's the perfect first computer for school. In many ways, it's much better than a Chromebook or an iPad because it is both cheap and highly customizable — encouraging creative thinking. The Raspberry Pi 500 comes with a 32GB SD card preloaded with Raspberry Pi OS, a Debian-based Linux distribution...
In other news, Raspberry Pi has announced another brand-new product: the Raspberry Pi Monitor. It's a 15.6-inch 1080p monitor with a price-tag of $100.
Tom's Hardware calls the Pi 500 "a superb update" to the original computer-in-a-keyboard Raspberry Pi 400: Having the ports at the back makes total sense. It tidies up the cables, and means that we only need one thick edge, the rest can be as thin as possible... [P]assive cooling performance is remarkable, even when overclocked to 3 GHz...! I did have to adjust the voltage to keep everything stable, but once I found the magic numbers, the system was stable and performed remarkably well... [I]t ran buttery smooth and surprisingly, cool under stress. I'd consider this a successful overclock and one that I would happily keep as a permanent addition...
Just like the Raspberry Pi 400, the Pi 500 is there to be a 21st century equivalent to the home computers of the 1980s. You plug in to a wedge-shaped keyboard, hook up to your display, and start work. But the Raspberry Pi 500 has much more processing power than the Pi 400, and that means it can be a viable desktop computer for those that don't need an RTX 4090 or a power-hungry CPU.
I like the Raspberry Pi 500. It's a powerful machine, in a pleasant package. I'm old enough to remember the 1980s home computer craze, and this, just like the Pi 400, reminds me of that time. But now we have much more power... The Raspberry Pi 500 is the kit that you buy as a gift for someone, or as a child's first computer. I can see this being used in schools and to an extent in offices around the world.
They call the new $90 Raspberry Pi 500 "not as intimidating" because "when you look at the Raspberry Pi 500, you can't see any chipsets or printed circuit board... The idea with the Raspberry Pi 500 is that you can plug in a mouse and display, and you're ready to hit the ground running." When it comes to specifications, the Raspberry Pi 500 features a 64-bit quad-core Arm processor (the same one as the Raspberry Pi 5 uses); 8GB of RAM; 2 micro-HDMI ports, with support for up to two 4K displays; 3 traditional USB ports (but no USB-C besides the power port unfortunately); a Gigabit Ethernet port; and a 40-pin expansion header. It comes with native Wi-Fi and Bluetooth support.
More importantly, this device brings us back Raspberry Pi's roots. Raspberry Pi computers were originally intended for educational use cases... The Raspberry Pi 500 draws inspiration from the not-for-profit Raspberry Pi Foundation's roots. It's the perfect first computer for school. In many ways, it's much better than a Chromebook or an iPad because it is both cheap and highly customizable — encouraging creative thinking. The Raspberry Pi 500 comes with a 32GB SD card preloaded with Raspberry Pi OS, a Debian-based Linux distribution...
In other news, Raspberry Pi has announced another brand-new product: the Raspberry Pi Monitor. It's a 15.6-inch 1080p monitor with a price-tag of $100.
Tom's Hardware calls the Pi 500 "a superb update" to the original computer-in-a-keyboard Raspberry Pi 400: Having the ports at the back makes total sense. It tidies up the cables, and means that we only need one thick edge, the rest can be as thin as possible... [P]assive cooling performance is remarkable, even when overclocked to 3 GHz...! I did have to adjust the voltage to keep everything stable, but once I found the magic numbers, the system was stable and performed remarkably well... [I]t ran buttery smooth and surprisingly, cool under stress. I'd consider this a successful overclock and one that I would happily keep as a permanent addition...
Just like the Raspberry Pi 400, the Pi 500 is there to be a 21st century equivalent to the home computers of the 1980s. You plug in to a wedge-shaped keyboard, hook up to your display, and start work. But the Raspberry Pi 500 has much more processing power than the Pi 400, and that means it can be a viable desktop computer for those that don't need an RTX 4090 or a power-hungry CPU.
I like the Raspberry Pi 500. It's a powerful machine, in a pleasant package. I'm old enough to remember the 1980s home computer craze, and this, just like the Pi 400, reminds me of that time. But now we have much more power... The Raspberry Pi 500 is the kit that you buy as a gift for someone, or as a child's first computer. I can see this being used in schools and to an extent in offices around the world.
slashdot le : 29/11/2024 15:00:09
LWN: The long-awaited release of the GNU Image Manipulation Program (GIMP) 3.0 is on the way, marking the first major update since version 2.10 was released in April 2018. It now features a GTK 3 user interface and GIMP 3.0 introduces significant changes to the core platform and plugins. This release also brings performance and usability improvements, as well as more compatibility with Wayland and complex input sources.
GIMP 3.0 is the first release to use GTK 3, a more modern foundation than the GTK 2 base of prior releases. GTK 4 has been available for a few years now, and is on the project's radar, but the plan was always to finish the GTK 3 work first. Moving to GTK 3 brings initial Wayland compatibility and HiDPI scaling. In addition, this allows for GIMP users to take advantage of multi-touch input, bringing pinch-to-zoom gestures to the program, and offering a better experience when working with complex peripherals, such as advanced drawing tablets. These features were not previously possible due to the limitations of GTK 2.
A secondary result of the transition to GTK 3 is a refreshed user interface (UI), now with support for CSS themes included. In this release, four themes are available by default, including light, dark, and gray themes, along with a high-contrast theme for users with visual impairments. Additionally, this release has transitioned to using GTK's header bar component, typically used to combine an application's toolbar and title bar into one unit. To maintain familiarity with previous releases, however, GIMP 3.0 still supports the traditional menu interface.
GIMP 3.0 is the first release to use GTK 3, a more modern foundation than the GTK 2 base of prior releases. GTK 4 has been available for a few years now, and is on the project's radar, but the plan was always to finish the GTK 3 work first. Moving to GTK 3 brings initial Wayland compatibility and HiDPI scaling. In addition, this allows for GIMP users to take advantage of multi-touch input, bringing pinch-to-zoom gestures to the program, and offering a better experience when working with complex peripherals, such as advanced drawing tablets. These features were not previously possible due to the limitations of GTK 2.
A secondary result of the transition to GTK 3 is a refreshed user interface (UI), now with support for CSS themes included. In this release, four themes are available by default, including light, dark, and gray themes, along with a high-contrast theme for users with visual impairments. Additionally, this release has transitioned to using GTK's header bar component, typically used to combine an application's toolbar and title bar into one unit. To maintain familiarity with previous releases, however, GIMP 3.0 still supports the traditional menu interface.
slashdot le : 21/11/2024 10:00:13
Space.com's Julian Dossett writes: For twelve years, we've watched Curiosity crawl its way over the rocky surface of Mars, decoding mysteries of the Red Planet and broadcasting back home pictures and data from the strange Martian environment. The Mars rover, built by NASA's Jet Propulsion Laboratory (JPL), has slowly scaled Mount Sharp since 2014. This mountain, officially monikered "Aeolis Mons," was discovered in the 1970s; cut into its alien landscape is the boulder-packed Gediz Vallis channel, which some scientists believe to be an ancient river bed.
Curiosity crossed into Gediz Vallis earlier this year -- and, yesterday, JPL released a real treat for Mars lovers: a 360-degree panorama view of the Gediz Vallis channel. You can play the YouTube video and move your phone around for the nifty interactive feature. Or, if you're using a desktop PC, you can shift the video around with a mouse. The panorama showcases features like Kukenan Butte and Gale Crater Rim, with scientists debating whether water, wind, or landslides shaped the boulder-laden terrain. Another interesting observation is the presence of mysterious sulfur stones with yellow crystals. Scientists are unsure about their origin since such formations on Earth are linked to hot springs and volcanoes -- neither of which are known to exist on Mars.
Curiosity is now heading toward a location called "the boxwork," a mineral-rich area potentially formed by ancient water flows.
Curiosity crossed into Gediz Vallis earlier this year -- and, yesterday, JPL released a real treat for Mars lovers: a 360-degree panorama view of the Gediz Vallis channel. You can play the YouTube video and move your phone around for the nifty interactive feature. Or, if you're using a desktop PC, you can shift the video around with a mouse. The panorama showcases features like Kukenan Butte and Gale Crater Rim, with scientists debating whether water, wind, or landslides shaped the boulder-laden terrain. Another interesting observation is the presence of mysterious sulfur stones with yellow crystals. Scientists are unsure about their origin since such formations on Earth are linked to hot springs and volcanoes -- neither of which are known to exist on Mars.
Curiosity is now heading toward a location called "the boxwork," a mineral-rich area potentially formed by ancient water flows.
slashdot le : 21/11/2024 03:00:13
Five local privilege escalation (LPE) vulnerabilities in the Linux utility "needrestart" -- widely used on Ubuntu to manage service updates -- allow attackers with local access to escalate privileges to root. The flaws were discovered by Qualys in needrestart version 0.8, and fixed in version 3.8. BleepingComputer reports: Complete information about the flaws was made available in a separate text file, but a summary can be found below:
- CVE-2024-48990: Needrestart executes the Python interpreter with a PYTHONPATH environment variable extracted from running processes. If a local attacker controls this variable, they can execute arbitrary code as root during Python initialization by planting a malicious shared library.
- CVE-2024-48992: The Ruby interpreter used by needrestart is vulnerable when processing an attacker-controlled RUBYLIB environment variable. This allows local attackers to execute arbitrary Ruby code as root by injecting malicious libraries into the process.
- CVE-2024-48991: A race condition in needrestart allows a local attacker to replace the Python interpreter binary being validated with a malicious executable. By timing the replacement carefully, they can trick needrestart into running their code as root.
- CVE-2024-10224: Perl's ScanDeps module, used by needrestart, improperly handles filenames provided by the attacker. An attacker can craft filenames resembling shell commands (e.g., command|) to execute arbitrary commands as root when the file is opened.
- CVE-2024-11003: Needrestart's reliance on Perl's ScanDeps module exposes it to vulnerabilities in ScanDeps itself, where insecure use of eval() functions can lead to arbitrary code execution when processing attacker-controlled input. The report notes that attackers would need to have local access to the operation system through malware or a compromised account in order to exploit these flaws. "Apart from upgrading to version 3.8 or later, which includes patches for all the identified vulnerabilities, it is recommended to modify the needrestart.conf file to disable the interpreter scanning feature, which prevents the vulnerabilities from being exploited," adds BleepingComputer.
- CVE-2024-48990: Needrestart executes the Python interpreter with a PYTHONPATH environment variable extracted from running processes. If a local attacker controls this variable, they can execute arbitrary code as root during Python initialization by planting a malicious shared library.
- CVE-2024-48992: The Ruby interpreter used by needrestart is vulnerable when processing an attacker-controlled RUBYLIB environment variable. This allows local attackers to execute arbitrary Ruby code as root by injecting malicious libraries into the process.
- CVE-2024-48991: A race condition in needrestart allows a local attacker to replace the Python interpreter binary being validated with a malicious executable. By timing the replacement carefully, they can trick needrestart into running their code as root.
- CVE-2024-10224: Perl's ScanDeps module, used by needrestart, improperly handles filenames provided by the attacker. An attacker can craft filenames resembling shell commands (e.g., command|) to execute arbitrary commands as root when the file is opened.
- CVE-2024-11003: Needrestart's reliance on Perl's ScanDeps module exposes it to vulnerabilities in ScanDeps itself, where insecure use of eval() functions can lead to arbitrary code execution when processing attacker-controlled input. The report notes that attackers would need to have local access to the operation system through malware or a compromised account in order to exploit these flaws. "Apart from upgrading to version 3.8 or later, which includes patches for all the identified vulnerabilities, it is recommended to modify the needrestart.conf file to disable the interpreter scanning feature, which prevents the vulnerabilities from being exploited," adds BleepingComputer.