link1s.site

Google extends Linux kernel support to 4 years

According to AndroidAuthority, the Linux kernel used by Android devices is mostly derived from Google's Android Universal Kernel (ACK) branch, which is created from the Android mainline kernel branch when new LTS versions are released upstream. For example, when kernel version 6.6 is announced as the latest LTS release, an ACK branch for Android15-6.6 appears shortly after, with the "android15" in the name referring to the Android version of the kernel (in this case, Android 15).

Google maintains its own set of LTS kernel branches for three main reasons. First, Google can integrate upstream features that have not yet been released into the ACK branch by backporting or picking, so as to meet the specific needs of Android. Second, Google can include some features that are being developed upstream in the ACK branch ahead of time, making it available for Android devices as early as possible. Finally, Google can add some vendor or original equipment manufacturer (OEM) features for other Android partners to use.

Once created, Google continues to update the ACK branch to include not only bug fixes for Android specific code, but also to integrate the LTS merge content of the upstream kernel branch. For example, the Linux kernel vulnerability disclosed in the July 2024 Android security bulletin will be fixed through these updates.

However, it is not easy to distinguish a bug fix from other bug fixes, as a patch that fixes a bug may also accidentally plug a security vulnerability that the submitter did not know about or chose not to disclose. Google does its best to recognize this, but it inevitably misses the mark, resulting in bug fixes for the upstream Linux kernel being released months before Android devices. As a result, Google has been urging Android vendors to regularly update the LTS kernel to avoid being caught off guard by unexpectedly disclosed security vulnerabilities.

Clearly, the LTS version of the Linux kernel is critical to the security of Android devices, helping Google and vendors deal with known and unknown security vulnerabilities. The longer the support period, the more timely security updates Google and vendors can provide to devices.

"Pictures on the wall were falling," New Yorkers rattled by earthquake
An earthquake jolted New York City on Friday morning, followed by more than 10 aftershocks which shook New Jersey, sending tremors as far as Philadelphia to Boston and jolting buildings in Manhattan and throughout its five boroughs. The preliminary quake, measuring 4.8 magnitude, centered around Lebanon, New Jersey, approximately 60 kilometers from New York City, with a depth of about 5 kilometers. Following the earthquake, New York City mayor Eric Adams stated at a press conference that no injuries had been reported, but they would continue to monitor and inspect critical infrastructure. The densely populated New York City was caught off guard by the unusual event. Broadcaster CBS reported that New York had not experienced an earthquake of this magnitude since 1884. Residents in Brooklyn expressed their shock when experiencing tremors which shook the city. "At first, I thought it was just construction next door, but then I noticed the pictures on the wall had fallen," Jennifer Wu, a resident in New York, told the Global Times on Saturday. Video footage circulating online showed the Statue of Liberty and the New York City skyline trembling as the earthquake struck. An angle from directly above Lady Liberty caught Ellis Island shaking during the incident. "It is fine," New York's famous Empire State Building posted on social platform X after the earthquake. The United Nations headquarters located in New York was hosting a Security Council meeting on the Israeli-Palestinian issue, and diplomats present in the meeting felt the tremors, local media reported. According to the Weather Channel, residents in Baltimore, Philadelphia, New Jersey, Connecticut, Boston and other areas of the Northeast seaboard also reported shaking. Tremors lasting for several seconds were felt over 200 miles away near the Massachusetts-New Hampshire border. The New York mayor told the press that New Yorkers should go about their normal day, while the governor Kathy Hochul emphasized the seriousness of the situation. She initiated assessments for damage across the state and had discussions with New Jersey Governor Phil Murphy. The quake caused flight delays throughout the New York area, with temporary control measures put in place across New York's John F. Kennedy International Airport, Newark Liberty International Airport in Newark, New Jersey, and Baltimore-Washington's Thurgood Marshall International Airport, checking for damage to runways. Operations resumed around Friday noon, ABC reported.
EV maker Lucid to recall over 5,200 Air luxury sedans for software error, US regulator says
July 9 (Reuters) - Lucid Group (LCID.O), opens new tab will recall about 5,251 of its 2022-2023 Air luxury sedans due to a software error that could cause a loss of power, according to a notice from the U.S. National Highway Traffic Safety Administration published on Tuesday. The regulator added the EV maker will also recall about 7,506 of its 2022-2024 Air luxury sedans due to an issue with a coolant heater that could fail to defrost the windshield. Lucid had released an over-the-air software update in June as a fix for the software error and a separate update to identify a high voltage coolant heater failure and provide a warning to the drivers of the affected vehicles. The company had reported second-quarter deliveries above market expectations on Monday, as price cuts helped boost demand for its luxury electric sedans.
Coexisting and cooperating with China is the only choice for the US
US Secretary of State Antony Blinken declared at the Munich Security Conference: "If you're not at the table in the international system, you're going to be on the menu." The arrogant thinking of American political elites is evident: Whoever does not comply with the US will be excluded from the table of the American-led system and put on the menu. How arrogant. The US is actively pushing for "decoupling" from China and trying to persuade the entire West to "decouple" from China, using the term "de-risking." Washington hopes to ultimately contain China's development in order to maintain American hegemony. However, this time, Washington is facing a historically experienced and strategically rich Eastern civilization. Previous opponents targeted by the US have chosen to confront the US strategically. The US not only has the strongest technological and military capabilities but also controls global financial and information networks with a large number of allies. Those countries that had engaged in direct confrontations had suffered losses. Some of them had disintegrated, some had been weakened, and some had fallen into difficulties. However, what Washington sees from China is strategic composure and resilience. China is now staging an unprecedented and grand "Tai Chi." However, some Chinese people feel that this is not enough: Why can't we confront the US head-on? But I want to say that this is precisely the brilliance of China. This grand "Tai Chi" is about dismantling the pressure the US is putting on China. Europe is different from the US. A European diplomat once said in private that the topic of China has become toxic in the US, but in Europe, it is still possible to openly display friendliness toward China. There is genuine competition between the Europe and China despite Europe leans more toward the US between China and the US. Only in terms of ideology does the term "West" truly exist. In terms of fundamental economic interests, Europe has considerable independence. In terms of security, their attitude toward China also differs greatly from that of the US. In the Asia-Pacific region or China's periphery, the US wants to create an "Asian NATO." The specific situations of countries in dispute with China are very different. China has enormous influence in the region, is the largest trading partner of the vast majority of countries in the region and has friendly relations with most countries in the region. The disputes with countries are not fundamental strategic conflicts, and China has the ability to manage disputes with each specific country and push them to move toward neutrality to varying degrees without being tied to the US' policy toward China. China has a lot of trading partners and stakeholders in the US. The trade volume between China and the US, despite the decline, reached $664.4 billion in 2023, which shows China's huge presence in the US, and is the bond of the two countries in the current situation. The US is not a country where the political elites can have absolute say, and the huge interests have forced the US president and senior officials to repeatedly proclaim that they "don't want to decouple from China" and instead they want to "manage the US-China competition" and see "preventing a war with China" as clearly in everyone's best interest. China should engage in a "strategic battle" with the US at the closest possible distance. We need to maintain friendly relations with certain forces within the US, speed up the resumption of flights between the two countries, increase personnel exchanges and completely reverse the downturn of China-US contacts during the pandemic. In addition to the above dismantling, we also have the huge increment in the "Belt and Road." This initiative will increase China's power to compete with the US, greatly extending the front line that the US needs to maintain in containing China, making the US more powerless. In order to dismantle the US strategy toward China, China must become more diversified while maintaining strategic consistency. Our national diplomacy toward the US is very principled, rational and determined, which is clearly different from other countries targeted by the US. Our public diplomacy toward the US needs to be unique, with both "anti-American voices" and efforts to maintain friendly relations between the two societies and further expand economic and practical cooperation with the US. Just as eagles have their own way of flying and doves have their own formation, just as we see the US as complex, China must also be seen as complex in the eyes of the US. China is both a geopolitical concern and a profitable investment destination for them, and is one of the largest trading partners that is difficult to replace. Some American political elites proclaim China as an "enemy," but it is important to make the majority of Americans feel that China is not. No matter how intense the struggles between China and the US may be, we cannot shape the entire US toward an enemy direction. China has to make the US political elites recognize that it is futile to deal with China in the same way as it historically dealt with the Soviet Union and other major powers. Furthermore, willingly or unwillingly, coexistence and cooperation with China will be their only choice.
US politicians' lurch to levying high tariffs to damage global economic sustainability
US politicians are advocating for steep tariffs, echoing the protectionist Fordney-McCumber Tariff of 1922. Despite potential international retaliation, risks to global economic rules and a shift from post-World War II principles, US politicians have promised to increase trade barriers against China, causing concerns for the sustainability of global economic harmony. A century ago, the Republican Congress passed the Fordney-McCumber Tariff of 1922. This post-World War-I effort to protect the US from German competition and rescue America's own businesses from falling prices sparked a global wave of tariff hikes. While long forgotten, echoes of Fordney-McCumber now reverberate across the US political landscape. Once again, politicians are grasping the tariff as a magic talisman against its own economic ills and to contain the rise of China. The Democratic Party of the 1920s opposed tariffs, because duties are harmful to consumers and farmers, but today both President Joe Biden and former President Donald Trump favor national delivery through protectionism. Trump promised that his second term, if elected, would impose 60-percent tariffs on everything arriving from China and 10-percent tariffs on imports from the rest of the world, apparently including the imports covered by 14 free trade agreements with America's 20 partners. He initially promised 100-percent tariffs on electric vehicles (EVs), but when Biden declared that he was hiking tariffs on EVs from China to 100-percent, Trump raised the ante to 200-percent. On May 14, 2024, the White House imposed tariffs ranging from 25 percent (on items such as steel, aluminum and lithium batteries) to 50 percent (semiconductors, solar cells, syringes and needles) and 100 percent (electric vehicles) on Chinese imports. US government officials offer "national security" and "supply chain vulnerability" as the justification for levying high tariffs. To deflect worries about inflation, US Trade Representative Katherine Tai declared, "first of all, I think that that link, in terms of tariffs to prices, has been largely debunked." Contrary findings by the United States International Trade Commission and a number of distinguished economists, as well as Biden's own 2019 statement criticizing Trump's tariffs - "Trump doesn't get the basics. He thinks tariffs are being paid by China… [but] the American people are paying his tariffs" - forced Tai's office to wind back her declaration. The fact that prohibitive barriers to imports of solar cells, batteries and EVs will delay the green economy carries zero political weight with Trump and little with Biden. Nor does either of them worry about the prospects of Chinese retaliation and damage to the fabric of global economic rules. Historical lessons - unanticipated consequences of the foolish Fordney-McCumber Tariff of 1922 and the Smoot-Hawley Tariff of 1930 - are seen as irrelevant by the candidates and their advisers. The US' lurch from its post-World War II free trade principles offers China a golden opportunity. On the world stage, China will espouse open free trade and investment. China will encourage EV and battery firms to establish plants in Europe, Brazil, Mexico and elsewhere, essentially daring the US to damage its own alliances by restricting third country imports containing Chinese components. Whether the fabric of global economic rules that has delivered astounding prosperity to the world will survive through the 21st century remains to be seen. Much will depend on the decisions of other large economic powers, not only China but also the European Union and Japan, as well as middle powers, such as Australia, Brazil, Chile, ASEAN and South Korea. Their actions and reactions will reshape the rules of the 21st century. If others follow America down this costly path, the world will become less prosperous and vastly more unpredictable. If they resist, the US risks being diminished and more isolated. The author is a non-resident Senior Fellow at the Peterson Institute of International Economics. bizopinion@globaltimes.com.cn
The largest password leak in history exposes nearly 10 billion credentials
The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.