Category Archives: News

Source: Hacker News

Source: Hacker News

Source: Engadget

According to researchers, anyone who knows where to look can spray digital graffiti on the Department of Government Efficiency (DOGE) website. Two web development experts said the site doesn’t seem to be hosted on government servers and that the database it pulls from can be modified by those who locate it. At the time of writing, a message reading “these ‘experts’ left their database open - roro” is still visible on the DOGE site.

DOGE chief and President Trump consigliere Elon Musk said on Tuesday that his team would be as transparent as possible, with updates on its actions shared to an X account and website. As 404 Media notes, the DOGE website was pretty much blank at the time. Since then, it's been hurriedly assembled to show a feed of posts from the entity’s X account, along with details about the federal workforce.

The researchers told 404 that the site appeared to be built on Cloudflare Pages instead of government servers. After looking at the site’s architecture and API endpoints, one was able to locate the database containing stats on government employees. They made changes to database entries that were reflected on the DOGE website.

It's not the first time that a federal website operating under the Trump administration has appeared to have been slapped together. Just this week, the waste.gov was locked after it was reported that the site displayed a dummy WordPress page, complete with placeholder text.

DOGE does acknowledge that there are possible issues with its web presence. “This is DOGE's effort to create a comprehensive, government-wide org chart,” a footnote on the DOGE website reads. “This is an enormous effort, and there are likely some errors or omissions. We will continue to strive for maximum accuracy over time.”

However, it doesn’t exactly inspire confidence that a team tasked with making sweeping cuts to government spending and allegedly barging its way into federal systems that contain sensitive data on federal employees and citizens can’t secure its own website. Perhaps gutting the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency wasn't the wisest idea.

Source: Hacker News

Source: OSNews

You might think the world of Linux distributions is a rather boring, settled affair, but there’s actually a ton of interesting experimentation going on in the Linux world. From things like NixOS with its unique packaging framework, to the various immutable distributions out there like the Fedora Atomic editions, there’s enough uniqueness to go around to find a lid for every pot. Oasis Linux surely falls into this category. One of its main unique characteristics is that it’s entirely statically linked.

All software in the base system is linked statically, including the display server (velox) and web browser (netsurf). Compared to dynamic linking, this is a simpler mechanism which eliminates problems with upgrading libraries, and results in completely self-contained binaries that can easily be copied to other systems.

↫ Oasis GitHub page

That’s not all it has to offer, though. It also offers fast and 100% reproducible builds, it’s mostly ISO C conformant, and it has minimal bootstrap dependencies – all you need is a “POSIX system with git, lua, curl, a sha256 utility, standard compression utilities, and an x86_64-linux-musl cross compiler”. The ISO C-comformance is a crucial part of one of Oasis’ goals: to be buildable with cproc, a small, very strict C11 compiler. It has no package manager, but any software outside of Oasis itself can be installed and managed with pkgsrc or Nix.

Another important goal of the project is to be extremely easy to understand, and its /etc directory is honestly a sight to behold, and as the project proudly claims, the most complex file in there is rc.init at a mere 16 lines. The configuration files are indeed incredibly easy to understand, which is a breath of fresh air compared to the archaic stuff in commercial UNIX or the complex stuff in modern Linux distributions that I normally deal with.

I’m not sure is Oasis would make for a good, usable day-to-day operating system, but I definitely like what they’re putting down.

Source: Ars Technica

On Friday, the National Institutes of Health (NIH) announced a sudden change to how it handles the indirect costs of research—the money that pays for things like support services and facilities maintenance. These costs help pay universities and research centers to provide the environment and resources all their researchers need to get research done. Previously, these had been set through negotiations with the university and audits of the spending. These averaged roughly 30 percent of the value of the grant itself and would frequently exceed 50 percent.

The NIH announcement set the rate at 15 percent for every campus. The new rate would start today and apply retroactively to existing grants, meaning most research universities are currently finding themselves facing catastrophic budget shortfalls.

Today, a coalition of 22 states filed a suit that seeks to block the new policy, alleging it violated both a long-standing law and a budget rider that Congress had passed in response to a 2017 attempt by Trump to drastically cut indirect costs. The suit seeks to prevent the new policy or its equivalent from being applied—something that Judge Angel Kelley of the District of Massachusetts granted later in the day. The injunction only applies to research centers located in the states that have joined the suit, however, essentially leaving red states to suffer the consequences of the funding cut.

Read full article

Comments

Source: Hacker News

Source: Ars Technica

Source: Hacker News

Source: Hacker News