According to AndroidAuthority, the Linux kernel used by Android devices is mostly derived from Google's Android Universal Kernel (ACK) branch, which is created from the Android mainline kernel branch when new LTS versions are released upstream. For example, when kernel version 6.6 is announced as the latest LTS release, an ACK branch for Android15-6.6 appears shortly after, with the "android15" in the name referring to the Android version of the kernel (in this case, Android 15). Google maintains its own set of LTS kernel branches for three main reasons. First, Google can integrate upstream features that have not yet been released into the ACK branch by backporting or picking, so as to meet the specific needs of Android. Second, Google can include some features that are being developed upstream in the ACK branch ahead of time, making it available for Android devices as early as possible. Finally, Google can add some vendor or original equipment manufacturer (OEM) features for other Android partners to use. Once created, Google continues to update the ACK branch to include not only bug fixes for Android specific code, but also to integrate the LTS merge content of the upstream kernel branch. For example, the Linux kernel vulnerability disclosed in the July 2024 Android security bulletin will be fixed through these updates. However, it is not easy to distinguish a bug fix from other bug fixes, as a patch that fixes a bug may also accidentally plug a security vulnerability that the submitter did not know about or chose not to disclose. Google does its best to recognize this, but it inevitably misses the mark, resulting in bug fixes for the upstream Linux kernel being released months before Android devices. As a result, Google has been urging Android vendors to regularly update the LTS kernel to avoid being caught off guard by unexpectedly disclosed security vulnerabilities. Clearly, the LTS version of the Linux kernel is critical to the security of Android devices, helping Google and vendors deal with known and unknown security vulnerabilities. The longer the support period, the more timely security updates Google and vendors can provide to devices.

The world's deepest diving pool, Deepspot, opened this weekend near the Polish capital Warsaw. The 45.5-meter pool contains artificial underwater caves, Mayan ruins and a small shipwreck for scuba divers and free divers to explore. Deepspot can hold 8,000 cubic meters of water, more than 20 times the capacity of a normal 25-meter swimming pool. Unlike ordinary swimming pools, Deepspot can still open despite Poland's COVID-19 epidemic prevention restrictions because it is a training center that provides courses. The operator also plans to open a hotel where guests can observe divers at a depth of 5 meters from their rooms. "This is the deepest diving pool in the world," Michael Braszczynski, 47, Deepspot's director and a diving enthusiast, told AFP at the opening yesterday. The current Guinness World Record holder is a 42-meter-deep pool in Montegrotto Terme, Italy. The 50-meter-deep Blue Abyss pool in the UK is scheduled to open in 2021. On the first day of Deepspot's opening, about a dozen people visited, including eight experienced divers who wanted to pass the instructor exam. "There are no spectacular fish or coral reefs here, so it can't replace the ocean, but it is certainly a good place to learn and train safe open water diving," said 39-year-old diving instructor Przemyslaw Kacprzak. "And it's fun! It's like a kindergarten for divers."

July 4 (Reuters) - A hacker gained access to the internal messaging systems at OpenAI last year and stole details about the design of the company's artificial intelligence technologies, the New York Times reported, opens new tab on Thursday. The hacker lifted details from discussions in an online forum where employees talked about OpenAI's latest technologies, the report said, citing two people familiar with the incident. However, they did not get into the systems where OpenAI, the firm behind chatbot sensation ChatGPT, houses and builds its AI, the report added. OpenAI executives informed both employees at an all-hands meeting in April last year and the company's board about the breach, according to the report, but executives decided not to share the news publicly as no information about customers or partners had been stolen. OpenAI executives did not consider the incident a national security threat, believing the hacker was a private individual with no known ties to a foreign government, the report said. The San Francisco-based company did not inform the federal law enforcement agencies about the breach, it added. OpenAI in May said it had disrupted five covert influence operations that sought to use its AI models for "deceptive activity" across the internet, the latest to stir safety concerns about the potential misuse of the technology. The Biden administration was poised to open up a new front in its effort to safeguard the U.S. AI technology from China and Russia with preliminary plans to place guardrails around the most advanced AI Models including ChatGPT, Reuters earlier reported, citing sources.

The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

Apple is planning to revamp its smartwatch as its 10th birthday nears. The improvements include larger displays and thinner builds, Bloomberg reported. The revamped watches may also get a new chip, which could enable some AI enhancements. The Apple Watch is about to turn 10, so Apple is planning a birthday revamp, including larger displays and thinner builds, Bloomberg reported. Both versions of the new Series 10 watches will have screens similar to the large displays found on the Apple Watch Ultra, the report said. The revamped watches are also expected to contain a new chip that may permit some AI enhancements later on. Last month, Apple pulled back the curtain on its generative-AI plans with Apple Intelligence. Advertisement It hopes the artificial-intelligence features will prove alluring enough to persuade consumers to buy new Apple products. The announcement has been generally well received by Wall Street. Dan Ives of Wedbush Securities wrote in a Monday note that the "iPhone 16 AI-driven upgrade could represent a golden upgrade cycle for Cupertino." "We believe AI technology being introduced into the Apple ecosystem will bring monetization opportunities on both the services as well as iPhone/hardware front and adds $30 to $40 per share," he added. Apple's stock closed on Friday at just over $226 a share, up 22% this year and valuing the company at $3.47 trillion. That puts it just behind Microsoft, which was worth $3.48 trillion at Friday's close. The tech giants have been vying for the title of the world's most valuable company in recent months — with the chipmaker Nvidia briefing claiming the crown last month. Apple also announced some software updates for the watch at its Worldwide Developers Conference last month. The latest version of the device's software, watchOS 11, emphasizes fitness and health, introducing tools that allow users to rate workouts and adjust effort ratings. WatchOS 11 will also use machine learning to curate the best photos for users' displays. Apple has previously used product birthdays to release new versions of devices. The iPhone X's release marked the 10th anniversary of the smartphone. However, it's not clear exactly when Apple plans to release the revamped watches, Bloomberg said. The company announced the Apple Watch in September 2014, with CEO Tim Cook calling it "the most personal product we've ever made." Apple did not immediately respond to a request for comment made outside normal working hours.