An anonymous reader shares a report: Linus Torvalds has released version 6.8 of the Linux Kernel. "So it took a bit longer for the commit counts to come down this release than I tend to prefer," Torvalds wrote on the Linx kernel mailing list on Sunday, "but a lot of that seemed to be about various selftest updates (networking in particular) rather than any actual real sign of problems."

"And the last two weeks have been pretty quiet, so I feel there's no real reason to delay 6.8." So he delivered it, ending his own speculation that this cut of the kernel might need an eighth release candidate. Torvalds found time to note what he described as "a bit of random git numerology" as when work ended on this version of the kernel the git repository used to track it contained 9.996 million objects."

"This is the last mainline kernel to have less than ten million git objects," Torvalds wrote. "Of course, there is absolutely nothing special about it apart from a nice round number. Git doesn't care," he added. Fair enough -- especially as noted that other trees, such as linux-next, have well and truly passed ten million objects.

An anonymous reader quotes a report from TechCrunch: A technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users' access to their Facebook, Google and TikTok accounts. The Asian technology and internet company YX International manufactures cellular networking equipment and provides SMS text message routing services. SMS routing helps to get time-critical text messages to their proper destination across various regional cell networks and providers, such as a user receiving an SMS security code or link for logging in to online services. YX International claims to send 5 million SMS text messages daily. But the technology company left one of its internal databases exposed to the internet without a password, allowing anyone to access the sensitive data inside using only a web browser, just with knowledge of the database's public IP address.

Anurag Sen, a good-faith security researcher and expert in discovering sensitive but inadvertently exposed datasets leaking to the internet, found the database. Sen said it was not apparent who the database belonged to, nor who to report the leak to, so Sen shared details of the exposed database with TechCrunch to help identify its owner and report the security lapse. Sen told TechCrunch that the exposed database included the contents of text messages sent to users, including one-time passcodes and password reset links for some of the world's largest tech and online companies, including Facebook and WhatsApp, Google, TikTok, and others. The database had monthly logs dating back to July 2023 and was growing in size by the minute. In the exposed database, TechCrunch found sets of internal email addresses and corresponding passwords associated with YX International, and alerted the company to the spilling database. The database went offline a short time later.

jd (Slashdot reader #1,658) writes: The Register has been running a series of articles about the evolution of Unix, from humble beginnings to the transition to Plan9. There is a short discussion of why Plan9 and its successors never really took off (despite being vastly superior to microkernels), along with the ongoing development of 9Front.
From the article: Plan 9 was in some way a second implementation of the core concepts of Unix and C, but reconsidered for a world of networked graphical workstations. It took many of the trendy ideas of late-1980s computing, both of academic theories and of the computer industry of the time, and it reinterpreted them through the jaded eyes of two great gurus, Kenneth Thompson and Dennis Ritchie (and their students) — arguably, design geniuses who saw their previous good ideas misunderstood and misinterpreted.

In Plan 9, networking is front and center. There are good reasons why this wasn't the case with Unix — it was being designed and built at the same time as local area networking was being invented. UNIX Fourth Edition, the first version written in C, was released in 1973 — the same year as the first version of Ethernet.

Plan 9 puts networking right into the heart of the design. While Unix was later used as the most common OS for standalone workstations, Plan 9 was designed for clusters of computers, some being graphical desktops and some shared servers...

Because everything really is a file, displaying a window on another machine can be as simple as making a directory and populating it with some files. You can start programs on other computers, but display the results on yours — all without any need for X11 or any visible networking at all.

This means all the Unixy stuff about telnet and rsh and ssh and X forwarding and so on just goes away. It makes X11 look very overcomplicated, and it makes Wayland look like it was invented by Microsoft.

Reddit has filed its initial public offering (IPO) with the SEC on Thursday. "The company plans to trade on the New York Stock Exchange under the ticker symbol 'RDDT,'" reports CNBC. From the report: Its market debut, expected in March, will be the first major tech initial public offering of the year. It's the first social media IPO since Pinterest went public in 2019. Reddit said it had $804 million in annual sales for 2023, up 20% from the $666.7 million it brought in the previous year, according to the filing. The social networking company's core business is reliant on online advertising sales stemming from its website and mobile app.

The company, founded in 2005 by technology entrepreneurs Alexis Ohanian and Steve Huffman, said it has incurred net losses since its inception. It reported a net loss of $90.8 million for the year ended Dec. 31, 2023, compared with a net loss of $158.6 million the year prior. [...] Reddit said it plans to use artificial intelligence to improve its ad business and that it expects to open new revenue channels by offering tools and incentives to "drive continued creation, improvements, and commerce." It's also in the early stages of developing and monetizing a data-licensing business in which third parties would be allowed to access and search data on its platform.

For example, Google on Thursday announced an expanded partnership with Reddit that will give the search giant access to the company's data to, among other uses, train its AI models. "In January 2024, we entered into certain data licensing arrangements with an aggregate contract value of $203.0 million and terms ranging from two to three years," Reddit said, regarding its data-licensing business. "We expect a minimum of $66.4 million of revenue to be recognized during the year ending December 31, 2024 and the remaining thereafter." On Wednesday, Reddit said it plans to sell a chunk of its IPO shares to 75,000 of its most loyal users.

Microsoft is developing a new network card that could improve the performance of its Maia AI server chip and potentially reduce the company's reliance on chip designer Nvidia, The Information reported on Tuesday. Reuters: Microsoft CEO Satya Nadella has tapped Pradeep Sindhu, who co-founded networking gear developer Juniper Networks, to spearhead the network card effort, the report said citing a person with knowledge of the matter. Microsoft acquired Sindhu's server chip startup, Fungible, last year. The new network card is similar to Nvidia's ConnectX-7 card, which the chip developer sells alongside its graphic processor units (GPUs), the report added. The equipment could take more than a year to develop and, if successful, could lessen the time it takes for OpenAI to train its models on Microsoft servers as well as make the process less expensive, according to the report.

A core developer of Nginx, currently the world's most popular web server, has quit the project, stating that he no longer sees it as "a free and open source project... for the public good." From a report: His fork, freenginx, is "going to be run by developers, and not corporate entities," writes Maxim Dounin, and will be "free from arbitrary corporate actions." Dounin is one of the earliest and still most active coders on the open source Nginx project and one of the first employees of Nginx, Inc., a company created in 2011 to commercially support the steadily growing web server. Nginx is now used on roughly one-third of the world's web servers, ahead of Apache.

Nginx Inc. was acquired by Seattle-based networking firm F5 in 2019. Later that year, two of Nginx's leaders, Maxim Konovalov and Igor Sysoev, were detained and interrogated in their homes by armed Russian state agents. Sysoev's former employer, Internet firm Rambler, claimed that it owned the rights to Nginx's source code, as it was developed during Sysoev's tenure at Rambler (where Dounin also worked). While the criminal charges and rights do not appear to have materialized, the implications of a Russian company's intrusion into a popular open source piece of the web's infrastructure caused some alarm. Sysoev left F5 and the Nginx project in early 2022. Later that year, due to the Russian invasion of Ukraine, F5 discontinued all operations in Russia. Some Nginx developers still in Russia formed Angie, developed in large part to support Nginx users in Russia. Dounin technically stopped working for F5 at that point, too, but maintained his role in Nginx "as a volunteer," according to Dounin's mailing list post.

Dounin writes in his announcement that "new non-technical management" at F5 "recently decided that they know better how to run open source projects. In particular, they decided to interfere with security policy nginx uses for years, ignoring both the policy and developers' position." While it was "quite understandable," given their ownership, Dounin wrote that it means he was "no longer able to control which changes are made in nginx," hence his departure and fork.

An anonymous reader quotes a report from SFGate: Cisco, the San Jose-based networking and telecommunications giant, is laying off 5% of its workforce. The company announced the cuts in a Wednesday filing with the Securities and Exchange Commission, alongside its quarterly earnings report. Based on the company's reported head count, the layoffs will hit at least 4,000 workers. Cisco wrote in the filing that the cuts are aimed to "realign the organization and enable further investment in key priority areas."

Most of the cuts will go through this quarter, per the filing. Cisco estimated that severance payments and other termination benefits will cost the company $800 million. In a statement to SFGATE on Wednesday, Cisco spokesperson Robyn Blum cited "the cautious macro environment, our customers continuing to absorb high levels of product inventory, and ongoing weakness in the Service Provider market," as reasons for the layoff.

"The care of our people is a top priority, and we will provide impacted employees with career support and market-competitive severance packages," the statement continued.

Mark Tyson reports via Tom's Hardware: A serial burglar in Edina, Minnesota is suspected of using a Wi-Fi jammer to knock out connected security cameras before stealing and making off with the victim's prized possessions. [...] Edina police suspect that nine burglaries in the last six months have been undertaken with Wi-Fi jammer(s) deployed to ensure incriminating video evidence wasnâ(TM)t available to investigators. The modus operandi of the thief or thieves is thought to be something like this:

- Homes in affluent areas are found - Burglars carefully watch the homes - The burglars avoid confrontation, so appear to wait until homes are empty - Seizing the opportunity of an empty home, the burglars will deploy Wi-Fi jammer(s) - "Safes, jewelry, and other high-end designer items," are usually taken

A security expert interviewed by the source publication, KARE11, explained that the jammers simply confused wireless devices rather than blocking signals. They usually work by overloading wireless traffic âoeso that real traffic cannot get through,â the news site was told. [...] Worryingly, Wi-Fi jamming is almost a trivial activity for potential thieves in 2024. KARE11 notes that it could buy jammers online very easily and cheaply, with prices ranging from $40 to $1,000. Jammers are not legal to use in the U.S. but they are very easy to buy online.

On Tuesday, The Independent, Tom's Hardware, and many other tech outlets reported on a story about how three million smart toothbrushes were used in a DDoS attack. The only problem? It "didn't actually happen," writes Jason Koebler via 404 Media. "There are no additional details about this apparent attack, and most of the article cites general research by a publicly traded cybersecurity company called Fortinet which has detected malicious, hijacked internet of things devices over the years. A search on Fortinet's website shows no recent published research about hacked smart toothbrushes." From the report: The original article, called "The toothbrushes are attacking," starts with the following passage: "She's at home in the bathroom, but she's part of a large-scale cyber attack. The electric toothbrush is programmed with Java, and criminals have unnoticed installed malware on it - like on 3 million other toothbrushes. One command is enough and the remote-controlled toothbrushes simultaneously access the website of a Swiss company. The site collapses and is paralyzed for four hours. Millions of dollars in damage is caused. This example, which seems like a Hollywood scenario, actually happened. It shows how versatile digital attacks have become." [...]

The "3 million hacked smart toothbrushes" story has now been viral for more than 24 hours and literally no new information about it has emerged despite widespread skepticism from people in the security industry and its virality. The two Fortinet executives cited in the original report did not respond to an email and LinkedIn message seeking clarification, and neither did Fortinet's PR team. The author of the Aargauer Zeitung story also did not respond to a request for more information. I called Fortinet's headquarters, asked to speak to the PR contact listed on the press release about its earnings, which was published after the toothbrush news began to go viral, and was promptly disconnected. The company has continued to tweet about other, unrelated things. They have not responded to BleepingComputer either, nor the many security researchers who are asking for further proof that this actually happened. While we don't know how this happened, Fortinet has been talking specifically about the dangers of internet-connected toothbrushes for years, and has been using it as an example in researcher talks. In a statement to 404 Media, Fortinet said "To clarify, the topic of toothbrushes being used for DDoS attacks was presented during an interview as an illustration of a given type of attack, and it is not based on research from Fortinet or FortiGuard Labs. It appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred."

An anonymous reader quotes a report from TechCrunch: After almost a year as an invite-only app, Bluesky is now open to the public. Funded by Twitter co-founder Jack Dorsey, Bluesky is one of the more promising micro-blogging platforms that could provide an alternative to Elon Musk's X. Before opening to the public, the platform had about 3 million sign-ups. Now that anyone can join, the young platform faces a challenge: How can it meaningfully stand up to Threads' 130 million monthly active users, or even Mastodon's 1.8 million?

Bluesky looks and functions like Twitter at the outset, but the platform stands out because of what lies under the hood. The company began as a project inside of Twitter that sought to build a decentralized infrastructure called the AT Protocol for social networking. As a decentralized platform, Bluesky's code is completely open source, which gives people outside of the company transparency into what is being built and how. Developers can even write their own code on top of the AT Protocol, so they can create anything from a custom algorithm to an entirely new social platform.

"What decentralization gets you is the ability to try multiple things in parallel, and so you're not bottlenecking change on one organization," Bluesky CEO Jay Graber told TechCrunch. "The way we built Bluesky actually lets anyone insert a change into the product." This setup gives users more agency to control and curate their social media experience. On a centralized platform like Instagram, for example, users have revolted against algorithm changes that they dislike, but there's not much they can do to revert or improve upon an undesired app update.

An anonymous reader quotes a report from Tom's Hardware: According to a recent report published by the Aargauer Zeitung (h/t Golem.de), around three million smart toothbrushes have been infected by hackers and enslaved into botnets. The source report says this sizable army of connected dental cleansing tools was used in a DDoS attack on a Swiss company's website. The firm's site collapsed under the strain of the attack, reportedly resulting in the loss of millions of Euros of business. In this particular case, the toothbrush botnet was thought to have been vulnerable due to its Java-based OS. No particular toothbrush brand was mentioned in the source report. Normally, the toothbrushes would have used their connectivity for tracking and improving user oral hygiene habits, but after a malware infection, these toothbrushes were press-ganged into a botnet.

Stefan Zuger from the Swiss branch of the global cybersecurity firm Fortinet provided the publication with a few tips on what people could do to protect their own toothbrushes -- or other connected gadgetry like routers, set-top boxes, surveillance cameras, doorbells, baby monitors, washing machines, and so on. "Every device that is connected to the Internet is a potential target -- or can be misused for an attack," Zuger told the Swiss newspaper. The security expert also explained that every connected device was being continually probed for vulnerabilities by hackers, so there is a real arms race between device software/firmware makers and cyber criminals. Fortinet recently connected an 'unprotected' PC to the internet and found it took only 20 minutes before it became malware-ridden. UPDATE 1/7/24: This attack "didn't actually happen," writes Jason Koebler via 404 Media. "There are no additional details about this apparent attack, and most of the article cites general research by a publicly traded cybersecurity company called Fortinet which has detected malicious, hijacked internet of things devices over the years. A search on Fortinet's website shows no recent published research about hacked smart toothbrushes."

The cybersecurity firm Fortinet said in a statement: "To clarify, the topic of toothbrushes being used for DDoS attacks was presented during an interview as an illustration of a given type of attack, and it is not based on research from Fortinet or FortiGuard Labs. It appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred. FortiGuard Labs has not observed Mirai or other IoT botnets target toothbrushes or similar embedded devices."

"Companies that once serviced the boom in cryptocurrency mining are pivoting to take advantage of the latest data gold rush," reports the Guardian. Canadian company Hive Blockchain changed its name in July to Hive Digital Technologies and announced it was pivoting to AI. "Hive has been a pioneering force in the cryptocurrency mining sector since 2017. The adoption of a new name signals a significant strategic shift to harness the potential of GPU Cloud compute technology, a vital tool in the world of AI, machine learning and advanced data analysis, allowing us to expand our revenue channels with our Nvidia GPU fleet," the company said in its announcement at the time. The company's executive chairman, Frank Holmes, told Guardian Australia the transition required a lot of work. "Moving from mining Ethereum to hosting GPU cloud services involves buying powerful new servers for our GPUs, upgrading networking equipment and moving to higher tier data centres," he said.

"The only commonality is that GPUs are the workhorses in both cases. GPU cloud requires higher end supporting hardware and a more secure, faster data centre environment. There's a steep learning curve in the GPU cloud business, but our team is adapting well and learning fast."

For others, like Iris Energy, a datacentre company operating out of Canada and Texas, and co-founded by Australian Daniel Roberts, it has been the plan all along. Iris did not require any changes to the way the company operated when the AI boom came along, Roberts told Guardian Australia. "Our strategy really has been about bootstrapping the datacentre platform with bitcoin mining, and then just preserve optionality on the whole digital world. The distinction with us and crypto-miners is we're not really miners, we're datacentre people." The company still trumpets its bitcoin mining capability but in the most recent results Iris said it was well positioned for "power dense computing" with 100% renewable energy. Roberts said it wasn't an either-or situation between bitcoin mining and AI.

"I think when you look at bitcoin versus AI, the market will just reach equilibrium based on the market-based demands for each product," he said... Holmes said Hive also saw the two industries operating in parallel. "We love the bitcoin mining business, but its revenue is rather unpredictable. GPU cloud services should complement it well," he said.
Thanks to long-time Slashdot reader mspohr for sharing the article.

It's "a free and open-source, software-defined storage platform," according to Wikipedia, providing object storage, block storage, and file storage "built on a common distributed cluster foundation". The charter advisory board for Ceph included people from Canonical, CERN, Cisco, Fujitsu, Intel, Red Hat, SanDisk, and SUSE.

And Nite_Hawk (Slashdot reader #1,304) is one of its core engineers — a former Red Hat principal software engineer named Mark Nelson. (He's now leading R&D for a small cloud systems company called Clyso that provides Ceph consulting.) And he's returned to Slashdot to share a blog post describing "a journey to 1 TiB/s". This gnarly tale-from-Production starts while assisting Clyso with "a fairly hip and cutting edge company that wanted to transition their HDD-backed Ceph cluster to a 10 petabyte NVMe deployment" using object-based storage devices [or OSDs]...) I can't believe they figured it out first. That was the thought going through my head back in mid-December after several weeks of 12-hour days debugging why this cluster was slow... Half-forgotten superstitions from the 90s about appeasing SCSI gods flitted through my consciousness...

Ultimately they decided to go with a Dell architecture we designed, which quoted at roughly 13% cheaper than the original configuration despite having several key advantages. The new configuration has less memory per OSD (still comfortably 12GiB each), but faster memory throughput. It also provides more aggregate CPU resources, significantly more aggregate network throughput, a simpler single-socket configuration, and utilizes the newest generation of AMD processors and DDR5 RAM. By employing smaller nodes, we halved the impact of a node failure on cluster recovery....

The initial single-OSD test looked fantastic for large reads and writes and showed nearly the same throughput we saw when running FIO tests directly against the drives. As soon as we ran the 8-OSD test, however, we observed a performance drop. Subsequent single-OSD tests continued to perform poorly until several hours later when they recovered. So long as a multi-OSD test was not introduced, performance remained high. Confusingly, we were unable to invoke the same behavior when running FIO tests directly against the drives. Just as confusing, we saw that during the 8 OSD test, a single OSD would use significantly more CPU than the others. A wallclock profile of the OSD under load showed significant time spent in io_submit, which is what we typically see when the kernel starts blocking because a drive's queue becomes full...

For over a week, we looked at everything from bios settings, NVMe multipath, low-level NVMe debugging, changing kernel/Ubuntu versions, and checking every single kernel, OS, and Ceph setting we could think of. None these things fully resolved the issue. We even performed blktrace and iowatcher analysis during "good" and "bad" single OSD tests, and could directly observe the slow IO completion behavior. At this point, we started getting the hardware vendors involved. Ultimately it turned out to be unnecessary. There was one minor, and two major fixes that got things back on track.
It's a long blog post, but here's where it ends up:

• Fix One: "Ceph is incredibly sensitive to latency introduced by CPU c-state transitions. A quick check of the bios on these nodes showed that they weren't running in maximum performance mode which disables c-states."

• Fix Two: [A very clever engineer working for the customer] "ran a perf profile during a bad run and made a very astute discovery: A huge amount of time is spent in the kernel contending on a spin lock while updating the IOMMU mappings. He disabled IOMMU in the kernel and immediately saw a huge increase in performance during the 8-node tests." In a comment below, Nelson adds that "We've never seen the IOMMU issue before with Ceph... I'm hoping we can work with the vendors to understand better what's going on and get it fixed without having to completely disable IOMMU."

• Fix Three: "We were not, in fact, building RocksDB with the correct compile flags... It turns out that Canonical fixed this for their own builds as did Gentoo after seeing the note I wrote in do_cmake.sh over 6 years ago... With the issue understood, we built custom 17.2.7 packages with a fix in place. Compaction time dropped by around 3X and 4K random write performance doubled."

The story has a happy ending, with performance testing eventually showing data being read at 635 GiB/s — and a colleague daring them to attempt 1 TiB/s. They built a new testing configuration targeting 63 nodes — achieving 950GiB/s — then tried some more performance optimizations...

An LG washing machine owner discovered that his smart home appliance was uploading an average of 3.66GB of data daily. "Concerned about the washer's internet addiction, Johnie forced the device to go cold turkey and blocked it using his router UI," reports Tom's Hardware. From the report: Johnie's initial screenshot showed that on a chosen day, the device uploaded 3.57GB and downloaded about 100MB, and the data traffic was almost constant. Meanwhile, according to the Asus router interface screenshot, the washing machine accounted for just shy of 5% of Johnie's internet traffic daily. The LG washing machine owner saw the fun in his predicament and joked that the device might use Wi-Fi for "DLCs (Downloadable Laundry Cycles)." He wasn't entirely kidding: The machine does download presets for various types of apparel. However, the lion's share of the data transferred was uploaded.

Working through the thread, we note that Johnie also pondered the possibility of someone using his washing machine for crypto mining. "I'd gladly rent our LPU (Laundry Processing Unit) by the hour," he quipped. Again, there was the glimmer of a possibility that there could be truth behind this joke. Another social media user highlighted a history of hackers taking over LG smart-connected appliances. The SmartThinQ home appliances HomeHack vulnerability was patched several weeks after being made public. A similar modern hack might use the washing machine's computer resources as part of a botnet. Taking control of an LG washing machine as part of a large botnet for cryptocurrency mining or nefarious networking purposes wouldn't be as far-fetched as it sounds. Large numbers of relatively low-power devices can be formidable together. One of the more innocent theories regarding the significant data uploads suggested laundry data was being uploaded to LG so it could improve its LLM (Large Laundry Model). It sought to do this to prepare for the launch of its latest "AI washer-dryer combo" at CES, joked Johnie.

For now, it looks like the favored answer to the data mystery is to blame Asus for misreporting it. We may never know what happened with Johnie, who is now running his LG washing machine offline. Another relatively innocent reason for the supposed high volume of uploads could be an error in the Asus router firmware. In a follow-up post a day after his initial Tweet, Johnie noted "inaccuracy in the ASUS router tool," with regard to Apple iMessage data use. Other LG smart washing machine users showed device data use from their router UIs. It turns out that these appliances more typically use less than 1MB per day.

Hewlett Packard Enterprise (HPE) announced plans to buy data center networking hardware maker Juniper Networks for about $14 billion, or $40 per share, in an all-cash deal. The company expects to close the deal by the end of this year or in early 2025. CNBC reports: The acquisition would double HPE's existing networking business after years of competition. If it's completed, Juniper CEO Rami Rahim would lead the combined group and report to HPE's CEO, Antonio Neri, according to the statement. HP got deeper into the category when it bought Aruba Networks in 2015, and months later, the technology conglomerate split in two, resulting in the formation of HPE, which sells servers and other equipment for data centers, and HP Inc., which makes PCs and printers. HPE said adding Juniper to its portfolio would bolster margins and speed up growth.

Founded in 1996, Juniper spent many years chasing Cisco in the market for networking gear. Revenue grew 12% year over year in 2022, the fastest growth since 2010. In the most recent quarter, Juniper eked out a $76 million profit on $1.4 billion in revenue, which declined 1%. HPE's networking segment was the company's top source of earnings before taxes, at $401 million on $1.4 billion in revenue, which was up 41%. Coming together would lead to $450 million in annual cost savings within three years of the deal's completion, HPE said.

The Wi-Fi Alliance is now starting to certify devices that use the latest generation of wireless connectivity, and the goal is to make sure these devices work with each other seamlessly. Android Central: Basically, the certification allows router brands and device manufacturers to guarantee that their products will work with other Wi-Fi 7 devices. Qualcomm, for its part, is announcing that it has several designs that leverage Wi-Fi 7, and that it achieved the Wi-Fi Alliance certification -- dubbed Wi-Fi Certified 7 -- for the FastConnect 7800 module that's baked into the Snapdragon 8 Gen 3 and 8 Gen 2, and the Networking Pro portfolio.

Wi-Fi Certified 7 is designed to enable interoperability, and ensure that devices from various brands work without any issues. In addition to Qualcomm, the likes of MediaTek, Intel, Broadcom, CommScope, and MaxLinear are also picking up certifications for their latest networking products. I chatted with Andy Davidson, Sr. Director of Technology Planning at Qualcomm, ahead of the announcement to understand a little more about how Wi-Fi 7 is different. Wi-Fi 7 uses the 6GHz band -- similar to Wi-Fi 6E -- but introduces 320Mhz channels that have the potential to deliver significantly greater bandwidth. Wi-Fi 7 also uses a clever new feature called Multi-Link Operation (MLO) that lets devices connect to two bands at the same time, leading to better signal strength and bandwidth. Further reading: Wi-Fi 7 Signals the Industry's New Priority: Stability.

Business Insider's Kelli Maria Korducki reports on a growing trend happening on LinkedIn: some people are using the professional network for personal connections, fielding romantic offers amid job postings. But that leaves the question: Is it a good idea to mix work and love? From the report: Dustin Kidd, a professor of sociology at Temple University who researches social media and pop culture, said that dating via LinkedIn belonged to a long tradition of "dating hacks" -- using online tools designed for other purposes to snag a date. "In the aughts, this happened with Friendster and then Myspace," Kidd said, but has since spread to myriad platforms that are ostensibly romance-free. Even fitness-tracking sites such as Strava are fair game. The common thread for love-hijacked social-media sites is a single feature, Kidd said: DMs. "The design of LinkedIn helps to maintain its focus on the professional, but any platform with a direct-messaging option is likely to also be used to pursue sex and dating," he told me. The ease and relative privacy of direct messaging help explain how some people are using LinkedIn for romance, but it doesn't explain why. In an age with so many dedicated dating platforms -- from giants such as Tinder, Bumble, and Hinge to niche apps including Feeld (for the unconventional), Pure (for the noncommittal), and NUiT (for the astrologically inclined) -- why mix Cupid's arrow with corporate updates?

Any type of social media where you can see people's pictures can turn into a dating app. And LinkedIn is even better because it's not just showing people's fake lives. One answer may be the growing number of Americans who have gotten tired of the roulette-like experience that comes with modern dating apps. In a 2023 Pew survey of US adults, nearly one-third of respondents said they had used an online dating site or app at least once. More than half of women who had used the apps reported feeling overwhelmed by the number of messages they had received in the past year, while 64% of men said they felt insecure from the lack of messages they had gotten. Though an overwhelming majority of men and women said they'd felt excited about people they connected with, an even-larger proportion of respondents said they were sometimes or often disappointed by their matches. [...]

LinkedIn's appeal as a dating site, according to people who use it that way, is the platform's ability to give back some of that control and boost the caliber of their prospects. Because the professional-networking site asks users to link to their current and former employers' profile pages, it offers an additional layer of credibility that other social-media platforms lack. Many profiles also include first-person references from former colleagues and managers -- real people with real profile pages. [...] Even for those who shy away from using LinkedIn to angle for dates, the site has become a go-to tool for vetting romantic candidates found through conventional dating apps or in-person encounters. "Social media is just one big dating app," [said Samuela John, a 24-year-old personal organizer in New York City who developed chemistry with an oil-industry man on the platform]. "Any type of social media where you can see people's pictures can turn into a dating app. And LinkedIn is even better because it's not just showing people's fake lives." [...] "I don't think you should go into it like, 'All right, I'm going to find my husband on LinkedIn,'" John said. "I think you should go about it as if you were just networking, like in a casual sense. And then if you end up meeting the person, see the vibes and then go from there."

In a notice on Monday, Xfinity notified customers of a "data security incident" that resulted in the theft of customer information, including usernames, passwords, contact information, and more. The Verge reports: Xfinity traces the breach to a security vulnerability disclosed by cloud computing company Citrix, which began alerting customers of a flaw in software Xfinity and other companies use on October 10th. While Xfinity says it patched the security hole, it later uncovered suspicious activity on its internal systems "that was concluded to be a result of this vulnerability."

The hack resulted in the theft of customer usernames and hashed passwords, according to Xfinity's notice. Meanwhile, "some customers" may have had their names, contact information, last four digits of their social security numbers, dates of birth, and / or secret questions and answers exposed. Xfinity has notified federal law enforcement about the incident and says "data analysis is continuing."

We still don't know how many users were affected by the breach. Xfinity will automatically ask customers to change their passwords the next time they log in to their accounts, and it's also encouraging users to turn on two-factor authentication. You can find the full notice, including contact information for the company's incident response team, on Xfinity's website (PDF). UPDATE 12/19/23: According to TechCrunch, almost 36 million Xfinity customers had their sensitive information accessed by hackers via a vulnerability known as "CitrixBleed." The vulnerability is "found in Citrix networking devices often used by big corporations and has been under mass-exploitation by hackers since late August," the report says. "Citrix made patches available in early October, but many organizations did not patch in time. Hackers have used the CitrixBleed vulnerability to hack into big-name victims, including aerospace giant Boeing, the Industrial and Commercial Bank of China and international law firm Allen & Overy."

"In a filing with Maine's attorney general, Comcast confirmed that almost 35.8 million customers are affected by the breach. Comcast's latest earnings report shows the company has more than 32 million broadband customers, suggesting this breach has impacted most, if not all Xfinity customers."

Slow load times? Choppy videos? The real problem is latency, writes the Verge — but the good news is "there's a plan to almost eliminate latency, and big companies like Apple, Google, Comcast, Charter, Nvidia, Valve, Nokia, Ericsson, T-Mobile parent company Deutsche Telekom, and more have shown an interest." It's a new internet standard called L4S that was finalized and published in January, and it could put a serious dent in the amount of time we spend waiting around for webpages or streams to load and cut down on glitches in video calls. It could also help change the way we think about internet speed and help developers create applications that just aren't possible with the current realities of the internet... L4S stands for Low Latency, Low Loss, Scalable Throughput, and its goal is to make sure your packets spend as little time needlessly waiting in line as possible by reducing the need for queuing. To do this, it works on making the latency feedback loop shorter; when congestion starts happening, L4S means your devices find out about it almost immediately and can start doing something to fix the problem. Usually, that means backing off slightly on how much data they're sending... [L4S] makes it easier to maintain a good amount of data throughput without adding latency that increases the amount of time it takes for data to be transferred...

If you really want to get into it (and you know a lot about networking), you can read the specification paper on the Internet Engineering Task Force's website... The L4S standard adds an indicator to packets, which says whether they experienced congestion on their journey from one device to another. If they sail right on through, there's no problem, and nothing happens. But if they have to wait in a queue for more than a specified amount of time, they get marked as having experienced congestion. That way, the devices can start making adjustments immediately to keep the congestion from getting worse and to potentially eliminate it altogether... In terms of reducing latency on the internet, L4S or something like it is "a pretty necessary thing," according to Greg White, a technologist at research and development firm CableLabs who helped work on the standard. "This buffering delay typically has been hundreds of milliseconds to even thousands of milliseconds in some cases. Some of the earlier fixes to buffer bloat brought that down into the tens of milliseconds, but L4S brings that down to single-digit milliseconds...."

Here's the bad news: for the most part, L4S isn't in use in the wild yet. However, there are some big names involved with developing it... When we spoke to Greg White from CableLabs, he said there were already around 20 cable modems that support it today and that several ISPs like Comcast, Charter, and Virgin Media have participated in events meant to test how prerelease hardware and software work with L4S. Companies like Nokia, Vodafone, and Google have also attended, so there definitely seems to be some interest. Apple put an even bigger spotlight on L4S at WWDC 2023 after including beta support for it in iOS 16 and macOS Ventura... At around the same time as WWDC, Comcast announced the industry's first L4S field trials in collaboration with Apple, Nvidia, and Valve. That way, content providers can mark their traffic (like Nvidia's GeForce Now game streaming), and customers in the trial markets with compatible hardware like the Xfinity 10G Gateway XB7 / XB8, Arris S33, or Netgear CM1000v2 gateway can experience it right now...

The other factor helping L4S is that it's broadly compatible with the congestion control systems in use today...

To celebrate the 30th anniversary of Doom, both John Romero and John Carmack are appearing now on a special 30th anniversary stream on Twitch. (Right now they're talking about people who got into professional networking careers because of what they'd learned from setting up multiplayer deathmatches...)

And earlier this morning, Romero shocked the gaming world by posting six words on X.

"Free WAD for SIGIL II is up"

The official page for the long-awaited new Doom episode promises a 2 megabyte file "packed with some hardcore classic DOOM punishment — beware of Ultra-Violence mode!" There's nine new maps with names like "Wrathful Reckoning" and "Vengeance Unleashed". And the site is also selling an upgrade with a THORR soundtrack — priced at €6.66 — along with t-shirts, boxed editions of the original game Sigil, and a "Megawad Beast Box" that's "individually numbered and signed personally by John Romero and featuring the artwork of Christopher Lovell" (including a signed art print).

Besides sundry extras including a t-shirt, stickers, and a Sigil-themed coin, it also comes with a pewter statue of John Romero's head on a spike...