86 aircraft were affected by an incident in Denver ,and 256 more in Dallas-Fort Worth, America's Federal Aviation Admistrationtold the Washington Post: The pilots flying into Denver International Airport could tell something was wrong. In urgent calls to air traffic controllers, they reported that the Global Positioning System was going haywire, forcing them to rely on backup navigation systems for more than a day. The Federal Aviation Administration issued a warning to air traffic in the area. Eight months later, in October 2022, it happened again — this time at Dallas-Fort Worth International Airport, which shut down a runway as pilots and air traffic controllers scrambled over two days without GPS to guide them. Federal officials have not said who was responsible for interfering with the systems or why it took so long to get them back online, though they've said the Denver incident was unintentional. But the disruptions stoked fear about the security vulnerabilities of GPS, a satellite network relied on daily by 6 billion people, businesses and governments.

Over the past two years, interference with the U.S. Global Positioning System has grown dramatically, threatening a network that is highly vulnerable to attack in a conflict. The danger could be posed by enemy or rogue nation-states — or even just hobbyists with commercially available equipment. Efforts by the Pentagon to upgrade GPS have been delayed by years and have cost billions, as adversaries are developing increasingly sophisticated ways to jam and trick the system with false signals that make it think it is somewhere it isn't. And it's not just civilian airline traffic at risk. The underpinnings of modern life and entire economies could be disrupted by a broad attack on the fragile satellite system — power grids, financial systems, cellphone networks — raising the prospect of catastrophe in an era of increasing electronic warfare...

A report last year by the OpsGroup, an organization of international airline operators, found that in January 2024, about 300 flights per day were affected by GPS interference. By late last year, that number had grown to 1,500 flights per day as conflicts in Eastern Europe and the Middle East continued. And in a one-month period, between July and August last year, some 41,000 flights were affected. "While GPS interference is not a new phenomenon, the scale and effects of the current wave of spoofing are unprecedented," the report found...

The Pentagon has launched eight of its next-generation GPS III satellites, which broadcast the military-grade signal that is more resistant to jamming and spoofing. Lockheed Martin, the contractor building the satellites, is also developing a next-generation spacecraft, which would have the ability to emit an even stronger "spot beam" directly to areas used by U.S. forces, making it even more difficult to jam.

Nokia, the Finnish company whose iconic ringtone was played an estimated 1.8 billion times daily at the height of its mobile phone dominance and whose 3310 "brick" sold 126 million units, has reinvented itself again -- this time as a key piece of AI infrastructure. In October, Nvidia announced a $1 billion investment in Nokia and a strategic partnership to incorporate AI into telecommunications networks.

The company that was once worth $335 billion and controlled more than a quarter of the global handset market seemed destined for irrelevance after the iPhone's 2007 arrival. A last-ditch bet on Microsoft's Windows phone system in 2011 failed, and Nokia sold its devices division to Microsoft for $6.34 billion in 2014. Revenues had fallen from $44.27 billion in 2007 to $12.56 billion. Nokia rebuilt around its $2 billion acquisition of Siemens' networks stake in 2013, then added French network provider Alcatel-Lucent for $18.32 billion in 2015.

Current CEO Justin Hotard, who took over in April, has pushed the company further into cloud services, data centers and optical networks. Nokia acquired optical specialist Infinera for $2.3 billion in February. The company's optical technology enables information to pass between data centers, and it produces routers for cloud-based services.

Three decades after RFC 1883 promised to future-proof the internet by expanding the available pool of IP addresses from around 4.3 billion to over 340 undecillion, IPv6 has yet to achieve the dominance its creators envisioned. Data from Google, APNIC and Cloudflare analyzed by The Register shows less than half of all internet users rely on IPv6 today.

"IPv6 was an extremely conservative protocol that changed as little as possible," APNIC chief scientist Geoff Huston told The Register. "It was a classic case of mis-design by committee." The protocol's lack of backward compatibility with IPv4 meant users had to choose one or run both in parallel. Network address translation, which allows thousands of devices to share a single public IPv4 address, gave operators an easier path forward. Huston adds: "These days the Domain Name Service (DNS) is the service selector, not the IP address," Huston told The Register. "The entire security framework of today's Internet is name based and the world of authentication and channel encryption is based on service names, not IP addresses."

"So folk use IPv6 these days based on cost: If the cost of obtaining more IPv4 addresses to fuel bigger NATs is too high, then they deploy IPv6. Not because it's better, but if they are confident that they can work around IPv6's weaknesses then in a largely name based world there is no real issue in using one addressing protocol or another as the transport underlay." But calling IPv6 a failure misses the point. "IPv4's continued viability is largely because IPv6 absorbed that growth pressure elsewhere -- particularly in mobile, broadband, and cloud environments," said John Curran, president and CEO of the American Registry for Internet Numbers. "In that sense, IPv6 succeeded where it was needed most." Huawei has sought 2.56 decillion IPv6 addresses and Starlink appears to have acquired 150 sextillion.

An anonymous reader quotes a report from the New York Times: For a while, it seemed the notion that light drinking was good for the heart had gone by the wayside, debunked by new studies and overshadowed by warnings that alcohol causes cancer. Now the American Heart Association has revived the idea in a scientific review that is drawing intense criticism, setting off a new round of debate about alcohol consumption. The paper, which sought to summarize the latest research and was aimed at practicing cardiologists, concluded that light drinking -- one to two drinks a day -- posed no risk for coronary disease, stroke, sudden death and possibly heart failure, and may even reduce the risk of developing these conditions.

Controversy over the influential organization's review has been simmering since it was published in the association's journal Circulation in July. Public health groups and many doctors have warned on the basis of recent studies that alcohol can be harmful even in small amounts. Groups like the European Heart Network and the World Heart Federation have stressed that even modest drinking increases the odds of cardiovascular disease. "It says in all our guidelines right now, 'If you don't drink, don't start.' There's not enough evidence to suggest conclusively that it prevents heart disease," said Dr. Mariell Jessup, the chief science and medical officer at the heart association, adding that the review was not meant to serve as a guideline and that the group's advice to patients has not changed.

Critics argue that suggesting any heart-health benefits from alcohol is dangerous given its well-documented risks, and they accuse the heart association of selectively weighing studies. They also say a past tie to the alcohol industry by one author should have disqualified him from participating.

"The cardiovascular benefits of moderate drinking are questionable at best," said Dr. Elizabeth Farkouh, an internist and alcohol researcher. "But even if there was a benefit, there are so many other ways to reduce cardiovascular risk that don't come with an associated cancer risk."

The new review's conclusion is also at odds with the CDC's guidance on alcohol, which notes that "even moderate drinking may increase your risk of death and other alcohol-related harms, compared to not drinking." It also seems to diverge from the heart association's diet and lifestyle recommendation to consume "limited or preferably no alcohol," along with its 2023 statement that recent research suggests there is "no safe level of alcohol use."

Finnish authorities on Wednesday seized a vessel suspected of severing an undersea telecommunications cable that connects Helsinki to Tallinn by dragging its anchor across the Gulf of Finland, the latest in a string of infrastructure incidents that have put Baltic Sea nations on edge since Russia's 2022 invasion of Ukraine.

Police are investigating the case as aggravated criminal damage and have not disclosed the ship's name, nationality or details about its crew. The cable belongs to Finnish telecoms group Elisa. Estonia's justice ministry reported that a second telecoms cable connecting the two countries -- owned by Sweden's Arelion -- also went down on Wednesday. This follows Finland's December 2024 boarding of the Russian-linked oil tanker Eagle S, which investigators said damaged a power cable and multiple telecoms links using the same anchor-dragging method. A Finnish court in October dismissed criminal charges against the Eagle S crew after prosecutors failed to prove intent.

Israel has operationally deployed Iron Beam, a 100,000-watt laser air-defense system capable of shooting down drones, rockets, and mortars at negligible per-shot cost. According to Tom's Hardware, it marks the first real-world deployment of a high-energy laser as part of a modern, multi-layered missile defense network. From the report: The Iron Beam is a short-range line-of-sight laser interceptor that is extremely cheap to run and, therefore, perfectly suited for intercepting low-cost, high-volume threats. According to the official Israeli announcement, Iron Beam systems have "successfully intercepted rockets, mortars, and UAVs."

A complex mix of government, military, scientific, and commercial interests were responsible for the research and development of the Iron Beam laser system. Central to the Iron Beam are "an advanced laser source and a unique electro-optical targeting system, enabling the interception of a wide range of targets at an enhanced operational range, with maximum precision and superior efficiency," boasted the press release by Israel's MoD. Moreover, it works "at a negligible marginal cost, which constitutes the laser system's primary advantage."

We don't get much more by way of technical details, perhaps understandably. However, Rafael Advanced Defense Systems execs heralded the system's "unique adaptive optics technology," in what it calls "the world's most advanced laser-based system for intercepting aerial threats." Its operational debut "marks the beginning of the era of high-energy laser defense," they claimed.

An anonymous reader quotes a report from the Guardian: Mac Bauer is fast, but the city's trams, weighing more than 100,000lbs and traveling at a maximum speed of nearly 45mph, should be far faster than him. And yet as of late December, in head-to-head races against streetcars, the 32-year-old remains undefeated in his quest to highlight how sluggish the trams, used by 230,000 people daily, truly are.

Some races have pushed him closer to his limits as a runner. On other occasions, the car has been so slow he's had time to nip into a McDonald's before it reaches the last station. "I don't like winning. I really don't. I really, really wish these streetcars were faster than me," he said. "But they're not. And this is the problem." Bauer's rise as a running celebrity and transit critic embodies the mounting frustration of a city beset by chronic delays, congested streets and decades of under-built transit.

"Streetcars just shouldn't be stuck in traffic," he said, adding the system also needed more "signal priority" which gives the streetcars lengthened green lights and shortened red lights. Bauer started racing transit vehicles roughly a year ago after he and his wife realized how long it took them to traverse the city. He posted videos of those races to Instagram and quickly transformed into a minor celebrity. Bauer describes his runs as a form of social activism, and his ability to lay bare the absurdities of Toronto's beleaguered public transit system -- a person can outrun a streetcar! -- has struck a nerve with the tens of thousands of commuters who share his Instagram posts.

An anonymous reader quotes a report from SecurityWeek: Insurance giant Aflac is notifying roughly 22.65 million people that their personal information was stolen from its systems in June 2025. The company disclosed the intrusion on June 20, saying it had identified suspicious activity on its network in the US on June 12 and blaming it on a sophisticated cybercrime group. The company said it immediately contained the attack and engaged with third-party cybersecurity experts to help with incident response. Aflac's operations were not affected, as file-encrypting ransomware was not deployed.

[...] The compromised information, the insurance giant says, includes names, addresses, Social Security numbers, dates of birth, driver's license numbers, government ID numbers, medical and health insurance information, and other data. "The review of the potentially impacted files determined personal information associated with customers, beneficiaries, employees, agents, and other individuals related to Aflac was involved," Aflac said in a notification (PDF) on its website. The company is providing the affected individuals with 24 months of free credit monitoring, identity theft protection, and medical fraud protection services.

An anonymous Slashdot reader shared this story from Interesting Engineering: Cybersecurity specialists from the research group DARKNAVY have demonstrated how modern humanoid robots can be compromised and weaponised through weaknesses in their AI-driven control systems.

In a controlled test, the team demonstrated that a commercially available humanoid robot could be hijacked with nothing more than spoken commands, exposing how voice-based interaction can serve as an attack vector rather than a safeguard, reports Yicaiglobal... Using short-range wireless communication, the hijacked machine transmitted the exploit to another robot that was not connected to the network. Within minutes, this second robot was also taken over, demonstrating how a single breach could cascade through a group of machines. To underline the real-world implications, the researchers issued a hostile command during the demonstration. The robot advanced toward a mannequin on stage and struck it, illustrating the potential for physical harm.

Phoronix reports on "an exciting post-Christmas patch series out on the Linux kernel mailing list" proposing "a new runtime standby ABI that is similar in nature to the 'Modern Standby' functionality found with Microsoft Windows..." Modern Standby is a low-power mode on Windows 11 for letting systems remain connected to the network and appear "sleeping" but will allow for instant wake-up for notifications, music playback, and other functionality. The display is off, the network remains online, and background tasks can wake-up the system if needed with Microsoft Modern Standby...

"This series introduces a new runtime standby ABI to allow firing Modern Standby firmware notifications that modify hardware appearance from userspace without suspending the kernel," [according to the email about the proposed patch series]. "This allows userspace to set the inactivity state of the device so that it looks like it is asleep (e.g., flashing the power button) while still being able to perform basic computations..."

Those interested can see the RFC patch series for the work in its current form, in particular the documentation patch outlines the proposed /sys/power/standby interface.

Taiwan's iPass has released a limited-edition prepaid payment card shaped exactly like a 3.5-inch floppy disk. The company, perhaps rightly so, felt the need to include a warning on the product listing: "This product only has a card function and does not have a 3.5mm [sic] disk function, please note before purchasing."

The NFC-enabled novelty card went on sale starting Christmas Eve and comes in black or yellow finishes at 1:1 scale. It works across Taiwan's public transport network -- buses, trains, subways, taxis, and bike rentals -- as well as convenience stores like 7-Eleven and FamilyMart, supermarkets, pharmacies, and fast-food chains including McDonald's and Burger King.

The floppy disk joins an increasingly absurd lineup of iPass form factors. Previous releases have included, Tom's Hardware reports, a Motorola DynaTAC replica, model trains, a flip-flop, an LED-lit Godzilla snow globe, and a blood bag. Taiwan's PCHome24 online store currently lists 838 different iPass card designs. A standard card costs NT$100 (about $3.20) and comes without stored value.

After more than two decades of promises and false starts in the mesh networking space, the smart home standards that Apple, Amazon and Google have each championed are finally set to escape their respective brand silos and work together in a single unified network.

Starting January 1, 2026, Thread 1.4 becomes the Thread Group's only certified standard, bringing a crucial new capability called credential sharing. Devices from different manufacturers can now securely join the same mesh network -- an Amazon Echo Show and an Apple HomePod mini in the same house will both be able to control the same Nanoleaf lightbulb. This marks a significant departure from Thread 1.3, released in 2022, where each brand's mesh network connected only to devices from that same brand.

The Thread Group launched in 2014 as a coalition led by Arm, Google's Nest Labs, and Samsung, later welcoming Apple and Amazon into the fold. Thread 1.4 handles low-power smart home devices and sensors, but homes also need high-bandwidth connections for laptops and phones. Wi-Fi 7 mesh serves that purpose and the Matter protocol acts as a translation layer between the two different mesh networks. Both Wi-Fi 7 and Matter arrived in products on store shelves in 2025.

Two years after generative AI was supposed to render India's $250 billion IT services industry obsolete, the sector is finding that enterprises still need someone to handle the unglamorous plumbing work that large-scale AI deployment demands. Less than 15% of organizations are meaningfully deploying the new technology, according to investment bank UBS, and Indian IT firms are positioning themselves to capture the preparatory work -- data cleanup, cloud migration, system integration -- that channel checks suggest could take two to three years before enterprise-wide AI becomes feasible.

The financials have held up better than the doomsday predictions suggested. Infosys now calls AI-led volume opportunities a bigger tailwind than the deflation threat, a reversal from 2024, and orderbooks held steady in the third quarter even as pricing pressure filtered through renewals. Infosys expects its orderbook to grow more than 50% this quarter, anchored by an NHS deal worth $1.6 billion over 15 years.

The companies have been restructuring accordingly. TCS cut headcount by 2% and invested in a 1GW data-centre network while acquiring Salesforce advisory firm Coastal Cloud. HCLTech reduced margins by 100 basis points and became one of the first large systems integrators to partner with OpenAI; this week it announced acquisitions of Jaspersoft for $240 million and Belgian firm Wobby to expand agentic AI capabilities.

The bear case for the Indian IT sector assumed that AI would work out of the box. Two years in, it does not.

An anonymous reader quotes a report from the Wall Street Journal: It's harder than ever to mine bitcoin. And less profitable, too. But mining-company stocks are still flying, even with cryptocurrency prices in retreat. That's because these firms have something in common with the hottest investment theme on the planet: the massive, electricity-hungry data centers expected to power the artificial-intelligence boom. Some companies are figuring out how to remake themselves as vital suppliers to Alphabet, Amazon, Meta, Microsoft and other "hyperscalers" bent on AI dominance.

Bitcoin-mining -- using vast computer power to solve equations to unlock the digital currency -- has been a lucrative and cutting-edge pursuit in its own right. Lately, however, increased competition and other challenges have eroded profit margins. But just as the bitcoin-mining business began to cool, the AI build-out turned white hot. The AI arms race has created an insatiable demand for some assets the miners already have: data centers, cooling systems, land and hard-to-obtain contracts for electrical power -- all of which can be repurposed to train and power AI models.

It's not a seamless process. Miners often have to build new, specialized facilities, because running AI requires more-advanced cooling and network systems, as well as replacing bitcoin-mining computers with AI-focused graphics processing units. But signing deals with miners allows AI giants to expand faster and cheaper than starting new facilities from scratch. These companies still mine some bitcoin, but the transition gives miners a new source of deep-pocketed customers willing to commit to longer-term leases for their data centers.

"The opportunity for miners to convert to AI is one of the greatest opportunities I could possibly imagine," said Adam Sullivan, chief executive of Core Scientific, which has pivoted to AI data centers. The shift has boosted miners' stocks. The CoinShares Bitcoin Mining ETF has surged about 90% this year, a rally that has accelerated even as bitcoin erased its gains for 2025. The ETF holds shares of miners including Cipher Mining and IREN, both of which have surged following long-term deals with companies such as Amazon and Microsoft. Shares of Core Scientific quadrupled in 2024 after the company signed its first AI contract that February. The stock has gained 10% this year. The company now expects to exit bitcoin mining entirely by 2028.

An anonymous reader quotes a report from TechCrunch: Across Uzbekistan, a network of about a hundred banks of high-resolution roadside cameras continuously scan vehicles' license plates and their occupants, sometimes thousands a day, looking for potential traffic violations. Cars running red lights, drivers not wearing their seatbelts, and unlicensed vehicles driving at night, to name a few. The driver of one of the most surveilled vehicles in the system was tracked over six months as he traveled between the eastern city of Chirchiq, through the capital Tashkent, and in the nearby settlement of Eshonguzar, often multiple times a week. We know this because the country's sprawling license plate-tracking surveillance system has been left exposed to the internet.

Security researcher Anurag Sen, who discovered the security lapse, found the license plate surveillance system exposed online without a password, allowing anyone access to the data within. It's not clear how long the surveillance system has been public, but artifacts from the system show that its database was set up in September 2024, and traffic monitoring began in mid-2025. The exposure offers a rare glimpse into how such national license plate surveillance systems work, the data they collect, and how they can be used to track the whereabouts of any one of the millions of people across an entire country. The lapse also reveals the security and privacy risks associated with the mass monitoring of vehicles and their owners, at a time when the United States is building up its nationwide array of license plate readers, many of which are provided by surveillance giant Flock.

An anonymous reader quotes a report from the Associated Press: With just three days to go before Christmas, a cyberattack knocked France's national postal service offline Monday, blocking and delaying package deliveries and online payments. The timing was miserable for millions of people at the height of the Christmas season, as frazzled postal workers fended off frustrated customers. No one immediately claimed responsibility, but suspicions abounded.

What the postal service La Poste called a ''major network incident'' remained unresolved by Monday evening, more than eight hours after it was first reported. For a company that delivered 2.6 billion packages last year and employs more than 200,000 people, that's a big hit. La Poste said in a statement that a distributed denial of service incident, or DDoS, "rendered its online services inaccessible." It said the incident had no impact on customer data, but disrupted package delivery. Letters, including holiday greeting cards, could still be mailed and delivered. But transactions requiring tracking or access to the postal service internal computer systems were impossible.

The cyberattack also hurt online banking. Customers of the company's banking arm, La Banque Postale, were blocked from using the application to approve payments or conduct other banking services. The bank redirected approvals to text messages instead. "Our teams are mobilized to resolve the situation quickly," the bank said in messages posted on social networks. The disruption came a week after France's government was targeted by a cyberattack that targeted the Interior Ministry, in charge of national security.

"It's all fixed," says that Apple developer who was locked out of his Apple Account after redeeming a compromised Apple Gift Card. "A lovely man from Singapore, working for Apple Executive Relations, who has been calling me every so often for a couple of days, has let me know it's all fixed. It looks like the gift card I tried to redeem, which did not work for me, and did not credit my account, was already redeemed in some way (sounds like classic gift card tampering), and my account was caught by that.

"Obviously it's unacceptable that this can happen, and I'm still trying to get more information out of him, but at least things are now mostly working.

"Strangely, he did tell me to only ever buy gift cards from Apple themselves; I asked if that means Apple's supply chain of Blackhawk Network, InComm, and other gift card vendors is insecure, and he was unwilling to comment."
Updates to his original blog post now include a frequently-asked questions list:

• Yes, I have the receipt for the card, including the activation receipt.
• Yes, the card was legitimately purchased, it's not from eBay.
• Yes, I have contacted the retailer.
• Yes, I do have backups... No, I don't know why parts of the account still kinda work, and parts don't.
• No, I didn't write this article with AI...
• Yes, Apple really did use emojis in their Live Chat...

An independent review found that at least ten technical and process failures during a routine firewall upgrade at Australia's Optus prevented emergency calls from reaching Triple Zero for 14 hours, during which 455 calls failed and two callers died. The Register reports: On Thursday, Optus published an independent report (PDF) on the matter written by Dr Kerry Schott, an Australian executive who has held senior management roles at many of the country's most significant businesses. The report found that Optus planned 18 firewall upgrades and had executed 15 without incident. But on the 16th upgrade, Optus issued incorrect instructions to its outsourced provider Nokia. [...] Schott summarized the incident as follows: "Three issues are clear during this incident. The first is the very poor management and performance within [Optus] Networks and their contractor, Nokia. Process was not followed, and incorrect procedures were selected. Checks were inadequate, controls avoided and alerts given insufficient attention. There appeared to be reticence in seeking more experienced advice within Networks and a focus on speed and getting the task done, rather than an emphasis on doing things properly."

The review also found that Optus' call center didn't appreciate it could be "the first alert channel for Triple Zero difficulties." The document also notes that Australian telcos try to route 000 calls during outages, but that doing so is not easy and is made harder by the fact that different smartphones behave in different ways. Optus does warn customers if their devices have not been tested for their ability to connect to 000, and maintains a list of known bad devices. But the report notes Optus's process "does not capture so-called 'grey' devices that have been bought online or overseas and may not be compliant." "To have a standard firewall upgrade go so badly is inexcusable," the document states. "Execution was poor and seemed more focussed on getting things done than on being right. Supervision of both network staff and Nokia must be more disciplined to get things right."

An anonymous reader quotes a report from Ars Technica: Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and recently faced blistering criticism from a prominent US senator. When the software maker rolled out Active Directory in 2000, it made RC4 a sole means of securing the Windows component, which administrators use to configure and provision fellow administrator and user accounts inside large organizations. RC4, short for Rivist Cipher 4, is a nod to mathematician and cryptographer Ron Rivest of RSA Security, who developed the stream cipher in 1987. Within days of the trade-secret-protected algorithm being leaked in 1994, a researcher demonstrated a cryptographic attack that significantly weakened the security it had been believed to provide. Despite the known susceptibility, RC4 remained a staple in encryption protocols, including SSL and its successor TLS, until about a decade ago. [...]

Last week, Microsoft said it was finally deprecating RC4 and cited its susceptibility to Kerberoasting, the form of attack, known since 2014, that was the root cause of the initial intrusion into Ascension's network. "By mid-2026, we will be updating domain controller defaults for the Kerberos Key Distribution Center (KDC) on Windows Server 2008 and later to only allow AES-SHA1 encryption," Matthew Palko, a Microsoft principal program manager, wrote. "RC4 will be disabled by default and only used if a domain administrator explicitly configures an account or the KDC to use it." [...] Following next year's change, RC4 authentication will no longer function unless administrators perform the extra work to allow it. In the meantime, Palko said, it's crucial that admins identify any systems inside their networks that rely on the cipher. Despite the known vulnerabilities, RC4 remains the sole means of some third-party legacy systems for authenticating to Windows networks. These systems can often go overlooked in networks even though they are required for crucial functions.

To streamline the identification of such systems, Microsoft is making several tools available. One is an update to KDC logs that will track both requests and responses that systems make using RC4 when performing requests through Kerberos. Kerberos is an industry-wide authentication protocol for verifying the identities of users and services over a non-secure network. It's the sole means for mutual authentication to Active Directory, which hackers attacking Windows networks widely consider a Holy Grail because of the control they gain once it has been compromised. Microsoft is also introducing new PowerShell scripts to sift through security event logs to more easily pinpoint problematic RC4 usage. Microsoft said it has steadily worked over the past decade to deprecate RC4, but that the task wasn't easy. "The problem though is that it's hard to kill off a cryptographic algorithm that is present in every OS that's shipped for the last 25 years and was the default algorithm for so long, Steve Syfuhs, who runs Microsoft's Windows Authentication team, wrote on Bluesky. "See," he continued, "the problem is not that the algorithm exists. The problem is how the algorithm is chosen, and the rules governing that spanned 20 years of code changes."

An anonymous reader quotes a report from Reuters: Several dozen people protested on Sunday in the Siberian city of Tomsk against Russia's ban on U.S. children's gaming platform Roblox, a rare show of public dissent as popular irritation over the ban gains some momentum. In wartime Russia, censorship is extensive: Moscow blocks or restricts social media platforms such as Snapchat, Facebook, Instagram, WhatsApp and YouTube while distributing its own narrative through a network of social media and Russian media. Russia's communications watchdog Roskomnadzor said on December 3 it had blocked Roblox because it was "rife with inappropriate content that can negatively impact the spiritual and moral development of children."

In Tomsk, 2,900 km (1,800 miles) east of Moscow, several dozen people braved the snow to hold up hand-drawn placards reading "Hands off Roblox" and "Roblox is the victim of the digital Iron Curtain" in Vladimir Vysotsky Park, according to photographs provided by an organizer of the protest. "Bans and blocks are all you are able to do," read one placard. The photographs showed about 25 people standing in a circle in the snow, holding up placards. In Russia, the ban on Roblox has triggered a debate over censorship, child safety in relation to technology and even the effectiveness of censorship in a digitalized world where children can bypass many bans in a few clicks.