LinuxWebLog.com

9to5Linux Weekly Roundup: April 21st, 2024  9to5Linux

Torvalds thinks AI is a huge laugh  Fudzilla

Testing ntttcp as an iperf3 alternative in Windows 11 (and Linux)  CNX Software

Testing ntttcp as an iperf3 alternative in Windows 11 (and Linux)  CNX Software

Testing ntttcp as an iperf3 alternative in Windows 11 (and Linux)  CNX Software

Testing ntttcp as an iperf3 alternative in Windows 11 (and Linux)  CNX Software

Testing ntttcp as an iperf3 alternative in Windows 11 (and Linux)  CNX Software

Testing ntttcp as an iperf3 alternative in Windows 11 (and Linux)  CNX Software

Testing ntttcp as an iperf3 alternative in Windows 11 (and Linux)  CNX Software

Testing ntttcp as an iperf3 alternative in Windows 11 (and Linux)  CNX Software

Testing ntttcp as an iperf3 alternative in Windows 11 (and Linux)  CNX Software

Bloomberg looks at America's biggest operator of private electrical vehicle charging infrastructure: Amazon. "In a little more than two years, Amazon has installed more than 17,000 chargers at about 120 warehouses around the U.S." — and had Rivian build 13,500 custom electric delivery vans. Amazon has a long way to go. The Seattle-based company says its operations emitted about 71 million metric tons of carbon dioxide equivalent in 2022, up by almost 40% since Jeff Bezos's 2019 vow that his company would eventually stop contributing to the emissions warming the planet. Many of Amazon's emissions come from activities — air freight, ocean shipping, construction and electronics manufacturing, to name a few — that lack a clear, carbon-free alternative, today or any time soon. The company has not made much progress on decarbonization of long-haul trucking, whose emissions tend to be concentrated in industrial and outlying areas rather than the big cities that served as the backdrop for Amazon's electric delivery vehicle rollout... Another lesson Amazon learned is one the company isn't keen to talk about: Going green can be expensive, at least initially. Based on the type of chargers Amazon deploys — almost entirely midtier chargers called Level 2 in the industry — the hardware likely cost between $50 million and $90 million, according to Bloomberg estimates based on cost estimates supplied by the National Renewable Energy Laboratory. Factoring in costs beyond the plugs and related hardware — like digging through a parking lot to lay wires or set up electrical panels and cabinets — could double that sum. Amazon declined to comment on how much it spent on its EV charging push. In addition to the expense of the chargers, electric vehicle-fleet operators are typically on the hook for utility upgrades. When companies request the sort of increases to electrical capacity that Amazon has — the Maple Valley warehouse has three megawatts of power for its chargers — they tend to pay for them, making the utility whole for work done on behalf of a single customer. Amazon says it pays upgrade costs as determined by utilities, but that in some locations the upgrades fit within the standard service power companies will handle out of their own pocket. The article also includes this quote from Kellen Schefter, transportation director at the Edison Electric Institute trade group (which worked with Amazon on its electricity needs). "Amazon's scale matters. If Amazon can show that it meets their climate goals while also meeting their package-delivery goals, we can show this all actually works."

Read more of this story at Slashdot.

Best virtual machine software of 2024  TechRadar

Leapp utility supports Oracle Linux 7 to Oracle Linux 8 upgrades for Oracle Database 19c  Oracle

A flexible alternative to a traditional bank account is getting better. The Fidelity Cash Management Account (CMA) is a brokerage account that also includes traditional bank features like ACH routing and account numbers, Billpay, mobile check deposit, physical checks, and ATM/debit cards.

Perhaps a lesser-known fact is that the standard “Fidelity Account” is a brokerage account that also offers ACH routing/account numbers, Billpay, mobile check deposit, checkwriting, and an ATM/debit card. One of the major additions to the CMA (and missing from the standard Fidelity Account) is that you get unlimited ATM fee rebates, worldwide:

Your account will automatically be reimbursed for all ATM fees charged by other institutions while using a Fidelity® Debit Card linked to your Fidelity Cash Management Account at any ATM displaying the Visa®, Plus®, or Star® logos. The reimbursement will be credited to the account the same day the ATM fee is debited from the account. Please note that there may be a foreign transaction fee of 1% that is not waived, which will be included in the amount charged to your account.

One of the major drawbacks to the CMA was that the only option for the core position was their “FDIC-insured Deposit Sweep”, currently paying 2.72% APY (as of 4/21/24). While better than the 0.01% many other brokers offer on cash sweeps, this yield is much lower than that of the money market fund options available in the standard Fidelity account. To get around this, many people used the auto-draft feature that lets you set the standard Fidelity brokerage account as the backup funding source, and then kept a minimal or zero balance inside the CMA.

Perhaps Fidelity noticed this activity as well, or perhaps they noticed certain 5% APY cash offerings from competitors, because in less than two months (June 15, 2024), the CMA is adding the Fidelity Government Money Market Fund (SPAXX) an a core position option. If you have a Fidelity Cash Management Account and look at the “Additional Information and Endnotes” section of your March 2024 statement, you should find the following notice. This has also been confirmed by an official Fidelity representative on the r/Fidelity Subreddit. From my statement:

Please note that on or around June 15, 2024, you’ll have the option to elect Fidelity(R) Government Money Market Fund (SPAXX) as your core sweep investment vehicle. You will not need to take any action if you wish to retain the Bank Sweep as your core position. For additional information on your core position options, including the current yields on the Bank Sweep and money market funds, please visit Fidelity.com/spend-save/fidelity-cash-management-account/overview and FundResearch.Fidelity.com/mutual-funds/summary/31617H102.

The 7-day yield of SPAXX is 4.95% as of 4/19/24, significantly higher than the 2.72% FDIC-insured sweep. Money market mutual funds are unable to offer FDIC insurance, but they are still heavily-regulated by the SEC to hold very conservative and liquid investments. “Government” money markets have even stricter requirements, and that is why they are used as cash sweep funds. I personally lose zero sleep over holding cash in a money market fund run by a reputable firm like Fidelity, Vanguard, or Schwab.

This is a positive development for those that use the Fidelity CMA, especially if your state doesn’t have income taxes on investment interest that create an incentive to hold money market funds with mostly interest from Treasury bonds. If you do live in such a state, you should know that in 2023 neither Fidelity Government Money Market Fund (SPAXX) nor Fidelity® Treasury Money Market Fund (FZFXX) met the minimum investment in U.S. government securities required to exempt the distribution from tax in California, Connecticut, and New York. (Despite having Treasury in the name, FZFXX only had about 20% in eligible Treasury interest.) These are the core positions available in the standard Fidelity Account.

As such, residents of California, Connecticut, and New York may want to hold the Fidelity Treasury Only Money Market Fund (FDLXX), as it did meet those requirements in 2023 with roughly 90% of interest eligible for exemption. This is not a core option so you do have to buy this mutual fund manually, although the CMA account will sell it automatically to meet any cash demands that come up later. But still, if you forget for a few days, the interest difference is much smaller between SPAXX and FDLXX.

I am definitely switching over my core position as soon as I can. June 15th, 2024 is a Saturday, so I’ll check on Friday the 14th and then Monday the 17th. You can switch over manually by logging into Fidelity.com, going to “Accounts & Trade”,” Account Positions”, and then “Cash”. You should then see the button to “Change Core Position”.

“The editorial content here is not provided by any of the companies mentioned, and has not been reviewed, approved or otherwise endorsed by any of these entities. Opinions expressed here are the author's alone. This email may contain links through which we are compensated when you click on or are approved for offers.”

Fidelity Cash Management Account To Add New Core Money Market Fund Option (SPAXX @ ~5% APY) from My Money Blog.

Copyright © 2004-2022 MyMoneyBlog.com. All Rights Reserved. Do not re-syndicate without permission.

This week the Register spoke to former senior White House cyber policy director A.J. Grotto — who complained it was hard to get even slight concessions from Microsoft: "If you go back to the SolarWinds episode from a few years ago ... [Microsoft] was essentially up-selling logging capability to federal agencies" instead of making it the default, Grotto said. "As a result, it was really hard for agencies to identify their exposure to the SolarWinds breach." Grotto told us Microsoft had to be "dragged kicking and screaming" to provide logging capabilities to the government by default. [In the interview he calls it "an epic fight" which lasted 18 months."] [G]iven the fact the mega-corp banked around $20 billion in revenue from security services last year, the concession was minimal at best. That illustrates, Grotto said, that "they [Microsoft] just have a ton of leverage, and they're not afraid to use it." Add to that concerns over an Exchange Online intrusion by Chinese snoops, and another Microsoft security breach by Russian cyber operatives, both of which allowed spies to gain access to US government emails, and Grotto says it's fair to classify Microsoft and its products as a national security concern. He estimates that Microsoft makes 85% of U.S. government productivity software — and has an even greater share of their operating systems. "Microsoft in many ways has the government locked in, he says in the interview, "and so it's able to transfer a lot of these costs associated with the security breaches over to the federal government." And about five minutes in, he says, point-blank, that "It's perfectly fair" to consider Microsoft a national security threat, given its dominance "not just within the federal government, but really in sort of the boarder IT marketplace. I think it's fair to say, yeah, that a systemic compromise that affects Microsoft and its products do rise to the level of a national security risk." He'd like to see the government encourage more competition — to the point where public scrutiny prompts software customers to change their behavior, and creates a true market incentive for better performance...

Read more of this story at Slashdot.

An anonymous reader shared this report from CNN: On a slice of the ocean front in west Singapore, a startup is building a plant to turn carbon dioxide from air and seawater into the same material as seashells, in a process that will also produce "green" hydrogen — a much-hyped clean fuel. The cluster of low-slung buildings starting to take shape in Tuas will become the "world's largest" ocean-based carbon dioxide removal plant when completed later this year, according to Equatic, the startup behind it that was spun out of the University of California at Los Angeles. The idea is that the plant will pull water from the ocean, zap it with an electric current and run air through it to produce a series of chemical reactions to trap and store carbon dioxide as minerals, which can be put back in the sea or used on land... The $20 million facility will be fully operational by the end of the year and able to remove 3,650 metric tons of carbon dioxide annually, said Edward Sanders, chief operating officer of Equatic, which has partnered with Singapore's National Water Agency to construct the plant. That amount is equivalent to taking roughly 870 average passenger cars off the road. The ambition is to scale up to 100,000 metric tons of CO2 removal a year by the end of 2026, and from there to millions of metric tons over the next few decades, Sanders told CNN. The plant can be replicated pretty much anywhere, he said, stacked up in modules "like lego blocks...." The upfront costs are high but the company says it plans to make money by selling carbon credits to polluters to offset their pollution, as well as selling the hydrogen produced during the process. Equatic has already signed a deal with Boeing to sell it 2,100 metric tons of hydrogen, which it plans to use to create green fuel, and to fund the removal of 62,000 metric tons of CO2. There's other projects around the world attempting ocean-based carbon renewal, CNN notes. "Other projects include sprinkling iron particles into the ocean to stimulate CO2-absorbing phytoplankton, sinking seaweed into the depths to lock up carbon and spraying particles into marine clouds to reflect away some of the sun's energy." But carbon-removal projects are controversial, criticized for being expensive, unproven at scale and a distraction from policies to cut fossil fuels. And when they involve the oceans — complex ecosystems already under huge strain from global warming — criticisms can get even louder. There are "big knowledge gaps" when it comes to ocean geoengineering generally, said Jean-Pierre Gatusso, an ocean scientist at the Sorbonne University in France. "I am very concerned with the fact that science lags behind the industry," he told CNN.

Read more of this story at Slashdot.

AnberDeck: Popular Anbernic retro gaming handheld transformed into Linux terminal with DIY project  Notebookcheck.net

Two months ago the team behind NASA's Ingenuity Helicopter released a video reflecting on its historic explorations of Mars, flying 10.5 miles (17.0 kilometers) in 72 different flights over three years. It was the team's way of saying goodbye, according to NASA's video. And this week, LiveScience reports, Ingenuity answered back: On April 16, Ingenuity beamed back its final signal to Earth, which included the remaining data it had stored in its memory bank and information about its final flight. Ingenuity mission scientists gathered in a control room at NASA's Jet Propulsion Laboratory (JPL) in California to celebrate and analyze the helicopter's final message, which was received via NASA's Deep Space Network, made up of ground stations located across the globe. In addition to the remaining data files, Ingenuity sent the team a goodbye message including the names of all the people who worked on the mission. This special message had been sent to Perseverance the day before and relayed to Ingenuity to send home. The helicopter, which still has power, will now spend the rest of its days collecting data from its final landing spot in Valinor Hills, named after a location in J.R.R. Tolkien's "The Lord of the Rings" books. The chopper will wake up daily to test its equipment, collect a temperature reading and take a single photo of its surroundings. It will continue to do this until it loses power or fills up its remaining memory space, which could take 20 years. Such a long-term dataset could not only benefit future designs for Martian vehicles but also "provide a long-term perspective on Martian weather patterns and dust movement," researchers wrote in the statement. However, the data will be kept on board the helicopter and not beamed back to Earth, so it must be retrieved by future Martian vehicles or astronauts. "Whenever humanity revisits Valinor Hills — either with a rover, a new aircraft, or future astronauts — Ingenuity will be waiting with her last gift of data," Teddy Tzanetos, an Ingenuity scientist at JPL, said in the statement. Thursday NASA's Jet Propulsion Laboratory released another new video tracing the entire route of Ingenuity's expedition over the surface of Mars. "Ingenuity's success could pave the way for more extensive aerial exploration of Mars down the road," adds Spacae.com: Mission team members are already working on designs for larger, more capable rotorcraft that could collect a variety of science data on the Red Planet, for example. And Mars isn't the only drone target: In 2028, NASA plans to launch Dragonfly, a $3.3 billion mission to Saturn's huge moon Titan, which hosts lakes, seas and rivers of liquid hydrocarbons on its frigid surface. The 1,000-pound (450 kg) Dragonfly will hop from spot to spot on Titan, characterizing the moon's various environments and assessing its habitability.

Read more of this story at Slashdot.

Long-time Slashdot reader tippen shared this report from the Register: AI agents, which combine large language models with automation software, can successfully exploit real world security vulnerabilities by reading security advisories, academics have claimed. In a newly released paper, four University of Illinois Urbana-Champaign (UIUC) computer scientists — Richard Fang, Rohan Bindu, Akul Gupta, and Daniel Kang — report that OpenAI's GPT-4 large language model (LLM) can autonomously exploit vulnerabilities in real-world systems if given a CVE advisory describing the flaw. "To show this, we collected a dataset of 15 one-day vulnerabilities that include ones categorized as critical severity in the CVE description," the US-based authors explain in their paper. "When given the CVE description, GPT-4 is capable of exploiting 87 percent of these vulnerabilities compared to 0 percent for every other model we test (GPT-3.5, open-source LLMs) and open-source vulnerability scanners (ZAP and Metasploit)...." The researchers' work builds upon prior findings that LLMs can be used to automate attacks on websites in a sandboxed environment. GPT-4, said Daniel Kang, assistant professor at UIUC, in an email to The Register, "can actually autonomously carry out the steps to perform certain exploits that open-source vulnerability scanners cannot find (at the time of writing)." The researchers wrote that "Our vulnerabilities span website vulnerabilities, container vulnerabilities, and vulnerable Python packages. Over half are categorized as 'high' or 'critical' severity by the CVE description...." "Kang and his colleagues computed the cost to conduct a successful LLM agent attack and came up with a figure of $8.80 per exploit"

Read more of this story at Slashdot.