According to AndroidAuthority, the Linux kernel used by Android devices is mostly derived from Google's Android Universal Kernel (ACK) branch, which is created from the Android mainline kernel branch when new LTS versions are released upstream. For example, when kernel version 6.6 is announced as the latest LTS release, an ACK branch for Android15-6.6 appears shortly after, with the "android15" in the name referring to the Android version of the kernel (in this case, Android 15). Google maintains its own set of LTS kernel branches for three main reasons. First, Google can integrate upstream features that have not yet been released into the ACK branch by backporting or picking, so as to meet the specific needs of Android. Second, Google can include some features that are being developed upstream in the ACK branch ahead of time, making it available for Android devices as early as possible. Finally, Google can add some vendor or original equipment manufacturer (OEM) features for other Android partners to use. Once created, Google continues to update the ACK branch to include not only bug fixes for Android specific code, but also to integrate the LTS merge content of the upstream kernel branch. For example, the Linux kernel vulnerability disclosed in the July 2024 Android security bulletin will be fixed through these updates. However, it is not easy to distinguish a bug fix from other bug fixes, as a patch that fixes a bug may also accidentally plug a security vulnerability that the submitter did not know about or chose not to disclose. Google does its best to recognize this, but it inevitably misses the mark, resulting in bug fixes for the upstream Linux kernel being released months before Android devices. As a result, Google has been urging Android vendors to regularly update the LTS kernel to avoid being caught off guard by unexpectedly disclosed security vulnerabilities. Clearly, the LTS version of the Linux kernel is critical to the security of Android devices, helping Google and vendors deal with known and unknown security vulnerabilities. The longer the support period, the more timely security updates Google and vendors can provide to devices.

A couple of days ago, a Quad summit meeting in Sydney scheduled for May 24 was abruptly canceled. The US president had to pull out of his long-anticipated trip to Australia and Papua New Guinea. Instead, the heads of the four Quad member states got together on the margins of the G7 Summit in Hiroshima on May 20. The main reason for the change of plans was the continuous struggle between the White House and Republicans on the Hill over the national debt ceiling. If no compromise is reached, the US federal government might fail to meet its financial commitments already in June; such a technical default would have multiple negative repercussions for the US, as well as for the global economy and finance at large. Let us hope that a compromise between the two branches of US power will be found and that the ceiling of the national debt will be raised once again. However, this rather awkward last-minute cancellation of the Quad summit reflects a fundamental US problem - a growing imbalance between the US geopolitical ambitions and the fragility of the national financial foundation to serve these ambitions. The Biden administration appears to be fully committed to bringing humankind back to the unipolar world that existed right after the end of the Cold War some 30 years ago, but the White House no longer has enough resources at its disposal to sustain such an undertaking. As they say in America: You cannot not have champagne on a beer budget. The growing gap between the ends that the US seeks in international relations and the means that it has available is particularly striking in the case of the so-called dual containment policy that Washington now pursues toward Russia and China. Even half a century ago, when the US was much stronger in relative terms than it is today, the Nixon administration realized that containing both Moscow and Beijing simultaneously was not a good idea: "Dual containment" would imply prohibitively high economic costs for the US and would result in too many unpredictable political risks. The Nixon administration decided to focus on containing the Soviet Union as the most important US strategic adversary of the time. This is why Henry Kissinger flew to Beijing in July 1971 to arrange the first US-China summit in February 1972 leading to a subsequent rapid rapprochement between the two nations. In the early days of the Biden administration, it seemed that the White House was once again trying to avoid the unattractive "dual containment" option. The White House rushed to extend the New START in January 2021 and held an early US-Russia summit meeting five months later in Geneva. At that point many analysts predicted that Biden would play Henry Kissinger in reverse - that is he would try to peace with the relatively weaker opponent (Moscow) in order to focus on containing the stronger one (Beijing). However, after the beginning of the Russia-Ukraine conflict, it became clear that no accommodation with the Kremlin was on Biden's mind any longer. Still, having decided to take a hard-line stance toward Moscow and to lead a broad Western coalition in providing military and economic assistance to Kiev, Washington has not opted for a more accommodative or at least a more flexible policy toward Beijing. On the contrary, over last year one could observe a continuous hardening of the US' China policy - including granting more political and military support to the Taiwan island, encouraging US allies and partners in Asia to increase their defense spending, engaging in more navel activities in the Pacific and imposing more technology sanctions on China. In the meantime, economic and social problems within the US are mounting. The national debt ceiling is only the tip of an iceberg - the future of the American economy is now clouded by high US Federal Reserve interest rates that slow down growth, feed unemployment and might well lead to a recession. Moreover, the US society remains split along the same lines it was during the presidency of Donald Trump. The Biden administration has clearly failed to reunite America: Many of the social, political, regional, ethnic and even generational divisions have got only deeper since January 2021. It is hard to imagine how a nation divided so deeply and along so many lines could demonstrate continuity and strategic vision in its foreign policy, or to allocate financial resources needed to sustain a visionary and consistent global leadership. Of course, the "dual containment" policy is not the only illustration of the gap between the US ambitions and its resources. The same gap inevitably pops up at every major forum that the US conducts with select groups of countries from the Global South - Africa, Southeast Asia, Latin America or the Middle East. The Biden administration has no shortage of arguments warning these countries about potential perils of cooperating with Moscow or Beijing, but it does not offer too many plausible alternatives that would showcase the US generosity, its strategic vision, and its true commitment to the burning needs of the US interlocutors. To cut it short, Uncle Sam brings lots of sticks to such meetings, but not enough carrots to win the audience. In sum, US foreign policy under President Joe Biden reminds people of a very advanced and highly sophisticated smartphone that has a rather weak battery, which is not really energy efficient. The proud owner of the gadget has to look perennially for a power socket in order not to have the phone running out of power at any inappropriate moment. Maybe the time has come for the smartphone owner to look for another model that would have fewer fancy apps, but a stronger and a more efficient battery, which will make the appliance more convenient and reliable.

The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

WASHINGTON, July 8 (Reuters) - The planet known as HD 189733b, discovered in 2005, already had a reputation as a rather extreme place, a scorching hot gas giant a bit larger than Jupiter that is a striking cobalt blue color and has molten glass rain that blows sideways in its fierce atmospheric winds. So how can you top that? Add hydrogen sulfide, the chemical compound behind the stench of rotten eggs. Researchers said on Monday new data from the James Webb Space Telescope is giving a fuller picture of HD 189733b, already among the most thoroughly studied exoplanets, as planets beyond our solar system are called. A trace amount of hydrogen sulfide was detected in its atmosphere, a first for any exoplanet. "Yes, the stinky smell would certainly add to its already infamous reputation. This is not a planet we humans want to visit, but a valuable target for furthering our understanding of planetary science," said astrophysicist Guangwei Fu of Johns Hopkins University in Baltimore, lead author of the study published in the journal Nature, opens new tab. It is a type called a "hot Jupiter" - gas giants similar to the largest planet in our solar system, only much hotter owing to their close proximity to their host stars. This planet orbits 170 times closer to its host star than Jupiter does to the sun. It completes one orbit every two days as opposed to the 12 years Jupiter takes for one orbit of the sun. In fact, its orbit is 13 times nearer to its host star than our innermost planet Mercury is to the sun, leaving the temperature on the side of the planet facing the star at about 1,700 degrees Fahrenheit (930 degrees Celsius). "They are quite rare," Fu said of hot Jupiters. "About less than one in 100 star systems have them." This planet is located 64 light-years from Earth, considered in our neighborhood within the Milky Way galaxy, in the constellation Vulpecula. A light-year is the distance light travels in a year, 5.9 trillion miles (9.5 trillion km). "The close distance makes it bright and easy for detailed studies. For example, the hydrogen sulfide detection reported here would be much more challenging to make on other faraway planets," Fu said. The star it orbits is smaller and cooler than the sun, and only about a third as luminous. That star is part of a binary system, meaning it is gravitationally bound to another star. Webb, which became operational in 2022, observes a wider wavelength range than earlier space telescopes, allowing for more thorough examinations of exoplanet atmospheres.

July 4 (Reuters) - A hacker gained access to the internal messaging systems at OpenAI last year and stole details about the design of the company's artificial intelligence technologies, the New York Times reported, opens new tab on Thursday. The hacker lifted details from discussions in an online forum where employees talked about OpenAI's latest technologies, the report said, citing two people familiar with the incident. However, they did not get into the systems where OpenAI, the firm behind chatbot sensation ChatGPT, houses and builds its AI, the report added. OpenAI executives informed both employees at an all-hands meeting in April last year and the company's board about the breach, according to the report, but executives decided not to share the news publicly as no information about customers or partners had been stolen. OpenAI executives did not consider the incident a national security threat, believing the hacker was a private individual with no known ties to a foreign government, the report said. The San Francisco-based company did not inform the federal law enforcement agencies about the breach, it added. OpenAI in May said it had disrupted five covert influence operations that sought to use its AI models for "deceptive activity" across the internet, the latest to stir safety concerns about the potential misuse of the technology. The Biden administration was poised to open up a new front in its effort to safeguard the U.S. AI technology from China and Russia with preliminary plans to place guardrails around the most advanced AI Models including ChatGPT, Reuters earlier reported, citing sources.