Even after disabling remote control and officially ending support for early Nest Learning Thermostats, Google is still receiving detailed sensor and activity data from these devices, including temperature changes, motion, and ambient light. The Verge reports: After digging into the backend, security researcher Cody Kociemba found that the first- and second-generation Nest Learning Thermostats are still sending Google information about manual temperature changes, whether a person is present in the room, if sunlight is hitting the device, and more. Kociemba made the discovery while participating in a bounty program created by FULU, a right-to-repair advocacy organization cofounded by electronics repair technician and YouTuber Louis Rossmann.

FULU challenged developers to come up with a solution to restore smart functionality to Nest devices no longer supported by Google, and that's exactly what Kociemba did with his open-source No Longer Evil project. But after cloning Google's API to create this custom software, he started receiving a trove of logs from customer devices, which he turned off. "On these devices, while they [Google] turned off access to remotely control them, they did leave in the ability for the devices to upload logs. And the logs are pretty extensive," Kociemba tells The Verge. [...] "I was under the impression that the Google connection would be severed along with the remote functionality, however that connection is not severed, and instead is a one-way street," Kociemba says.

An anonymous reader quotes a report from Bloomberg: Amazon Web Services, Microsoft's Azure, and Alphabet's Google Cloud risk being dragged into the scope of the European Union's crackdown on Big Tech as antitrust watchdogs prepare to study the platforms' market power. The European Commission wants to decide if any of the trio should face a raft of new restrictions under the bloc's Digital Markets Act (source paywalled; alternative source), according to people familiar with the matter who spoke on condition of anonymity. The plan for a market probe follows several major outages in the cloud industry that wrought havoc across global services, highlighting the risks of relying on a mere handful of players.

To date, the world's largest cloud providers have avoided the DMA because a large part of their business comes via enterprise contracts, making it difficult to count the number of individual users, one of the EU's main benchmarks for earmarking Silicon Valley services for extra oversight. Under the investigation's remit, regulators will asses whether the top cloud operators -- regardless of the challenge of counting user numbers -- should be forced to contend with a raft of fresh obligations including increased interoperability with rival software and better data portability for users, as well as restrictions on tying and bundling.

"Windows is evolving into an agentic OS," Microsoft's president of Windows Pavan Davuluri posted on X.com, "connecting devices, cloud, and AI to unlock intelligent productivity and secure work anywhere."

But former Uber software engineer and engineering manager Gergely Orosz was unimpressed. "Can't see any reason for software engineers to choose Windows with this weird direction they are doubling down on. So odd because Microsoft has building dev tools in their DNA... their OS doesn't look like anything a builder who wants OS control could choose. Mac or Linux it is for devs."

Davuluri "has since disabled replies on his original post..." notes the blog Windows Central, "which some people viewed as an attempt to shut out negative feedback." But he also replied to that comment... Davuluri says "we care deeply about developers. We know we have work to do on the experience, both on the everyday usability, from inconsistent dialogs to power user experiences. When we meet as a team, we discuss these pain points and others in detail, because we want developers to choose Windows..." The good news is Davuluri has confirmed that Microsoft is listening, and is aware of the backlash it's receiving over the company's obsession with AI in Windows 11. That doesn't mean the company is going to stop with adding AI to Windows, but it does mean we can also expect Microsoft to focus on the other things that matter too, such as stability and power user enhancements.
Elsewhere on X.com, Microsoft CEO Satya Nadella shared his own thoughts on "the net benefit of the AI platform wave ." The Times of India reports: Nadella said tech companies should focus on building AI systems that create more value for the people and businesses using them, not just for the companies that make the technology. He cited Bill Gates to emphasize the same: "A platform is when the economic value of everybody that uses it exceeds the value of the company that creates it."Tesla CEO Elon Musk responded to Nadella's post with a facepalm emoji.

Nadella said this idea matters even more during the current AI boom, where many firms risk giving away too much of their own value to big tech platforms. "The real question is how to empower every company out there to build their own AI-native capabilities," he wrote. Nadella says Microsoft's partnership with OpenAI is an example of zero-sum mindset industry... [He also cited Microsoft's "work to bring AMD into the fleet."]
More from Satya Nadella's post: Thanks to AI, the [coding] category itself has expanded and may ultimately become one of the largest software categories. I don't ever recall any analyst ever asking me about how much revenue Visual Studio makes! But now everyone is excited about AI coding tools. This is another aspect of positive sum, when the category itself is redefined and the pie becomes 10x what it was! With GitHub Copilot we compete for our share and with GitHub and Agent HQ we also provide a platform for others.

Of course, the real test of this era won't be when another tech company breaks a valuation record. It will be when the overall economy and society themselves reach new heights. When a pharma company uses AI in silico to bring a new therapy to market in one year instead of twelve. When a manufacturer uses AI to redesign a supply chain overnight. When a teacher personalizes lessons for every student. When a farmer predicts and prevents crop failure.That's when we'll know the system is working.

Let us move beyond zero-sum thinking and the winner-take-all hype and focus instead on building broad capabilities that harness the power of this technology to achieve local success in each firm, which then leads to broad economic growth and societal benefits. And every firm needs to make sure they have control of their own destiny and sovereignty vs just a press release with a Tech/AI company or worse leak all their value through what may seem like a partnership, except it's extractive in terms of value exchange in the long run.

Android's security team published a blog post this week about their experience using Rust. Its title? "Move fast and fix things." Last year, we wrote about why a memory safety strategy that focuses on vulnerability prevention in new code quickly yields durable and compounding gains. This year we look at how this approach isn't just fixing things, but helping us move faster.

The 2025 data continues to validate the approach, with memory safety vulnerabilities falling below 20% of total vulnerabilities for the first time. We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android's C and C++ code. But the biggest surprise was Rust's impact on software delivery. With Rust changes having a 4x lower rollback rate and spending 25% less time in code review, the safer path is now also the faster one... Data shows that Rust code requires fewer revisions. This trend has been consistent since 2023. Rust changes of a similar size need about 20% fewer revisions than their C++ counterparts... In a self-reported survey from 2022, Google software engineers reported that Rust is both easier to review and more likely to be correct. The hard data on rollback rates and review times validates those impressions.

Historically, security improvements often came at a cost. More security meant more process, slower performance, or delayed features, forcing trade-offs between security and other product goals. The shift to Rust is different: we are significantly improving security and key development efficiency and product stability metrics.

With Rust support now mature for building Android system services and libraries, we are focused on bringing its security and productivity advantages elsewhere. Android's 6.12 Linux kernel is our first kernel with Rust support enabled and our first production Rust driver. More exciting projects are underway, such as our ongoing collaboration with Arm and Collabora on a Rust-based kernel-mode GPU driver. [They've also been deploying Rust in firmware for years, and Rust "is ensuring memory safety from the ground up in several security-critical Google applications," including Chromium's parsers for PNG, JSON, and web fonts.]
2025 was the first year more lines of Rust code were added to Android than lines of C++ code...

CNN profiled the non-profit Internet Archive today — and included this tidbit about how they archive parts of the internet that are now "tucked in conversations with AI chatbots." The rise of artificial intelligence and AI chatbots means the Internet Archive is changing how it records the history of the internet. In addition to web pages, the Internet Archive now captures AI-generated content, like ChatGPT answers and those summaries that appear at the top of Google search results. The Internet Archive team, which is made up of librarians and software engineers, are experimenting with ways to preserve how people get their news from chatbots by coming up with hundreds of questions and prompts each day based on the news, and recording both the queries and outputs, [says Wayback Machine Director Mark Graham].
It sounds like a fun place to work... Archivists use bespoke machines to digitize books page by page, livestreaming their work on YouTube for all to see (alongside some lo-fi music). Record players churn out vintage tunes from 1920s and 1940s, and the building houses every type of media console for any type of content imaginable, from microfilm, to CDs and satellite television. (The Internet Archive preserves music, television, books and video games, too)... "There are a lot of people that are just passionate about the cause. There's a cyberpunk atmosphere," Annie Rauwerda, a Wikipedia editor and social media influencer, said at a party thrown at the Internet Archive's headquarters to celebrate reaching a trillion pages "The internet (feels) quite corporate when I use it a lot these days, but you wouldn't know from the people here."

An anonymous reader shared this report from The Register: Yet another supply chain attack has hit the npm registry in what Amazon describes as "one of the largest package flooding incidents in open source registry history" — but with a twist. Instead of injecting credential-stealing code or ransomware into the packages, this one is a token farming campaign.

Amazon Inspector security researchers, using a new detection rule and AI assistance, originally spotted the suspicious npm packages in late October, and, by November 7, the team had flagged thousands. By November 12, they had uncovered more than 150,000 malicious packages across "multiple" developer accounts. These were all linked to a coordinated tea.xyz token farming campaign, we're told. This is a decentralized protocol designed to reward open-source developers for their contributions using the TEA token, a utility asset used within the tea ecosystem for incentives, staking, and governance.

Unlike the spate of package poisoning incidents over recent months, this one didn't inject traditional malware into the open source code. Instead, the miscreants created a self-replicating attack, infecting the packages with code to automatically generate and publish, thus earning cryptocurrency rewards on the backs of legitimate open source developers. The code also included tea.yaml files that linked these packages to attacker-controlled blockchain wallet addresses.
At the moment, Tea tokens have no value, points out CSO Online. "But it is suspected that the threat actors are positioning themselves to receive real cryptocurrency tokens when the Tea Protocol launches its Mainnet, where Tea tokens will have actual monetary value and can be traded..." In an interview on Friday, an executive at software supply chain management provider Sonatype, which wrote about the campaign in April 2024, told CSO that number has now grown to 153,000. "It's unfortunate that the worm isn't under control yet," said Sonatype CTO Brian Fox. And while this payload merely steals tokens, other threat actors are paying attention, he predicted. "I'm sure somebody out there in the world is looking at this massively replicating worm and wondering if they can ride that, not just to get the Tea tokens but to put some actual malware in there, because if it's replicating that fast, why wouldn't you?"

When Sonatype wrote about the campaign just over a year ago, it found a mere 15,000 packages that appeared to come from a single person. With the swollen numbers reported this week, Amazon researchers wrote that it's "one of the largest package flooding incidents in open source registry history, and represents a defining moment in supply chain security...." For now, says Sonatype's Fox, the scheme wastes the time of npm administrators, who are trying to expel over 100,000 packages. But Fox and Amazon point out the scheme could inspire others to take advantage of other reward-based systems for financial gain, or to deliver malware.
After deplooying a new detection rule "paired with AI", Amazon's security researchers' write, "within days, the system began flagging packages linked to the tea.xyz protocol... By November 7, the researchers flagged thousands of packages and began investigating what appeared to be a coordinated campaign. The next day, after validating the evaluation results and analyzing the patterns, they reached out to OpenSSF to share their findings and coordinate a response.
Their blog post thanks the Open Source Security Foundation (OpenSSF) for rapid collaboration, while calling the incident "a defining moment in supply chain security..."

An anonymous reader shared this post from the gaming news site Aftermath: Concord, Sony Interactive Entertainment and Firewalk Studios' Overwatch-like shooter, was live for just two weeks before it was pulled offline. Though Concord certainly had some dedicated players, it didn't have many — which is why it may be surprising to hear that a group of players are reverse-engineering the game and its servers to bring it back to life.

Publisher Sony removed Concord from stores and digital marketplaces, automatically refunded some, and, later, shut down Firewalk Studios. Two hundred or so people were laid off, and any hopes of Concord's return were dashed. Poor sales — estimated to be under 25,000 copies sold — and low player numbers marred the release. Firewalk Studios' game director Ryan Ellis said in a blog post that pieces of the game "resonated with players," but "other aspects of the game and [Concord's] initial launch didn't land the way [Firewalk Studios] intended."

Concord wasn't a bad game, but it just didn't generate enough interest with enough players. Now, a group of three hobbyist reverse-engineers, who go by real, Red, and gwog online, are trying to make it playable again... "Sometimes there's enough of the server left in the game, that we can 'activate' that code and make the game believe it's a server," Red said. "We do pretty much always need to fill in the gaps though..." Concord used an anti-tamper software to keep people from cheating, which also creates a problem for people reverse engineering. It's "nearly impossible" to crack, Red said, so the group didn't — they found an exploit to "forcefully decrypt the game's code" to "restore the game and start working on servers...."

It's not open to the public, but people can sign up for future tests. Even former Firewalk Studios employees have joined the server. They're excited to see Concord come back to life, too, the developers said.
"Friday morning, a video of the playtest was posted to the Concord Reddit page," according to the article. (Though ironically by Friday night YouTube had had removed the video "due to a copyright claim by MarkScan Enforcement."

"Within the past year, stories have been posted on Slashdot about people helping North Koreans get remote IT jobs at U.S. corporations, companies knowingly assisting them, how not to hire a North Korean for a remote IT job, and how a simple question tripped up a North Korean applying for a remote IT job," writes longtime Slashdot reader smooth wombat. "The FBI is even warning companies that North Koreans working remotely can steal source code and extort money from the company -- money that goes to fund the North Korean government. Now, five more people have plead guilty to knowingly helping North Koreans infiltrate U.S. companies as remote IT workers." TechCrunch reports: The five people are accused of working as "facilitators" who helped North Koreans get jobs by providing their own real identities, or false and stolen identities of more than a dozen U.S. nationals. The facilitators also hosted company-provided laptops in their homes across the U.S. to make it look like the North Korean workers lived locally, according to the DOJ press release. These actions affected 136 U.S. companies and netted Kim Jong Un's regime $2.2 million in revenue, said the DOJ. Three of the people -- U.S. nationals Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis -- each pleaded guilty to one count of wire fraud conspiracy.

Prosecutors accused the three of helping North Koreans posing as legitimate IT workers, whom they knew worked outside of the United States, to use their own identities to obtain employment, helped them remotely access their company-issued laptops set up in their homes, and also helped the North Koreans pass vetting procedures, such as drug tests. The fourth U.S. national who pleaded guilty is Erick Ntekereze Prince, who ran a company called Taggcar, which supplied to U.S. companies allegedly "certified" IT workers but whom he knew worked outside of the country and were using stolen or fake identities. Prince also hosted laptops with remote access software at several residences in Florida, and earned more than $89,000 for his work, the DOJ said.

Another participant in the scheme who pleaded guilty to one count of wire fraud conspiracy and another count of aggravated identity theft is Ukrainian national Oleksandr Didenko, who prosecutors accuse of stealing U.S. citizens' identities and selling them to North Koreans so they could get jobs at more than 40 U.S. companies. According to the press release, Didenko earned hundreds of thousands of dollars for this service. Didenko agreed to forfeit $1.4 million as part of his guilty plea. The DOJ also announced that it had frozen and seized more than $15 million in cryptocurrency stolen in 2023 by North Korean hackers from several crypto platforms.

BrianFagioli writes: Logitech has confirmed a cybersecurity breach after an intruder exploited a zero-day in a third-party software platform and copied internal data. The company says the incident did not affect its products, manufacturing or business operations, and it does not believe sensitive personal information like national ID numbers or credit card data were stored in the impacted system. The attacker still managed to pull limited information tied to employees, consumers, customers and suppliers, raising fair questions about how long the zero-day existed before being patched.

Logitech brought in outside cybersecurity firms, notified regulators and says the incident will not materially affect its financial results. The company expects its cybersecurity insurance policy to cover investigation costs and any potential legal or regulatory issues. Still, with zero-day attacks increasing across the tech world, even established hardware brands are being forced to acknowledge uncomfortable weaknesses in their internal systems.

Apple is cutting its App Store fee from 30% to 15% for developers who join a new Mini Apps Partner Program, which requires using more of Apple's built-in technology to power lightweight "mini apps." "This includes using Apple software to register a user's purchase history, verify user ages and to process in-app purchases," reports CNBC. From the report: A "mini app" is a lightweight piece of software inside a third-party app store, like that of Discord's. These apps uses are built using web technology like HTML or Javascript. [...] Apple has argued that both developers and users are better off when using its technology and rules, instead of eschewing them to try to avoid fees. "This program is designed to help developers who host mini apps grow their business and further the availability of mini apps on the App Store -- all while providing a great customer experience," the company said in its announcement. [...] Participants in the new program will still have to provide Apple with information for each specific mini-app experience they offer.

An anonymous reader shares a report: Synopsys will lay off about 10% of its workforce, or roughly 2,000 employees, as the chip-design software maker looks to redirect investment towards growth opportunities, according to a regulatory filing on Wednesday. The move comes after the company completed its $35 billion cash-and-stock acquisition of engineering design firm Ansys earlier this year and missed analysts' estimates for third-quarter revenue in September.

After acquiring software virtualization company Cameyo last year, Google has relaunched a version of the service that makes it easier for Windows-based organizations to migrate over to ChromeOS. From a report: Now called "Cameyo by Google," the Virtual App Delivery (VAD) solution allows users to run legacy Windows apps in the Chrome browser or as web apps, preventing organizations from being tied to Microsoft's operating system. Google says the new Cameyo experience is more efficient than switching between separate virtual desktop environments, allowing users to stream the specific apps they need instead of virtualizing the entire desktop. That allows Windows-based programs like Excel and AutoCAD to run side-by-side with Chrome and other web apps, giving businesses the flexibility to use a mix of Microsoft and Google services.

Dave Knott writes: Microsoft has released Visual Studio 2026, the first major version of their flagship compiler in almost four years. Release notes are available here. The compiler has also been updated, including improved (but not yet 100%) C++23 core language and standard library implementations.

The iPad Pro went on sale ten years ago, launching with a 12.9-inch screen that Apple believed would redefine computing through size alone. The company initially resisted making the device a laptop replacement and maintained strict limitations on multitasking, browser capabilities, and app installation. Over the past decade, Apple reversed course. The iPad Pro gained USB-C ports, external drive support, keyboard and trackpad accessories, and an improved Files app.

The current M5 model includes OLED screens in 13- and 11-inch sizes. iPadOS 26 added free-form multitasking, a menu bar and the Preview app. The webcam now sits in landscape orientation. Despite these advances, the device remains constrained by App Store-only software installation, The Verge writes, limited system access, and the absence of desktop-class browsers. Apple spent years positioning the iPad as a third category between phones and computers. The hardware and accessories now support full computer functionality, but artificial software limitations remain in place.

The PDF Association is adding JPEG XL (JXL) support to the PDF specification, giving the advanced image format a new path to relevance despite Google's decision to declare it obsolete and remove it from Chromium. The Register reports: Peter Wyatt, CTO of the PDF Association, said: "We need to adopt a new image [format] that can support HDR [High Dynamic Range] content ... we have picked JPEG XL as our preferred solution." Wyatt also praised other benefits of JXL including wide gamut images, ultra-high resolution support for images with more than 1 billion pixels, and up to 4099 channels with up to 32 bits per channel.

The association is responsible for developing PDF specifications and standards and manages the ISO committee for PDF. JPEG XL is an advanced image format that was designed to be both more efficient and richer in features than JPEG. It was based on a combination of the Free Lossless Image Format (FLIF) from Cloudinary and a Google project called PIK, first released in late 2020, and fully standardized in October 2021 as ISO/IEC 18181. There is a reference implementation called libjxl. A second edition of the ISO standard was published in 2024.

JXL appeared to have wide industry support, including experimental implementation in Chrome and Chromium, until it was killed by Google in October 2022 and removed from its web browser engine. The company stated that "there is not enough interest from the entire ecosystem to continue experimenting with JPEG XL." Many in the community disagreed with the decision, including FLIF inventor Jon Sneyers, who perceived it as the outcome of an internal battle between proponents of JXL and a rival format, AVIF. "AVIF proponents within Chrome are essentially being prosecutor, judge and executioner at the same time," he said.

An anonymous reader shares a report: Microsoft, eager to boost downloads of its Copilot chatbot, has recruited some of the most popular influencers in America to push a message to young consumers that might be summed up as: Our AI assistant is as cool as ChatGPT. Microsoft could use the help. The company recently said its family of Copilot assistants attracts 150 million active users each month. But OpenAI's ChatGPT claims 800 million weekly active users, and Google's Gemini boasts 650 million a month. Microsoft has an edge with corporate customers, thanks to a long history of selling them software and cloud services. But it has struggled to crack the consumer market -- especially people under 30.

"We're a challenger brand in this area, and we're kind of up and coming," Consumer Chief Marketing Officer Yusuf Mehdi said in an interview. Mehdi hopes to persuade key influencers to make Copilot their chatbot of choice and then use their popularity to market the assistant to their millions of followers. He says Microsoft is already getting more bang for the buck with influencers than with traditional media, but didn't provide any metrics.

[...] Using non-techies as spokespeople is meant to reinforce Microsoft's campaign to sell its chatbot as a life coach for everyone. Or as Consumer AI chief Mustafa Suleyman wrote in a recent essay, an AI companion that "helps you think, plan and dream."

"Quantum computing is still years away, but Nvidia just built the bridge that will bring it closer..." argues investment site The Motley Fool, "by linking today's fastest AI GPUs with early quantum processors..."

NVIDIA's new hybrid system strengthens communication at microsecond speeds — orders of magnitude faster than before — "allowing AI to stabilize and train quantum machines in real time, potentially pulling major breakthroughs years forward." CUDA-Q, Nvidia's open-source software layer, lets researchers choreograph that link — running AI models, quantum algorithms, and error-correction routines together as one system. That jump allows artificial intelligence to monitor [in real time]... For researchers, that means hundreds of new iterations where there used to be one — a genuine acceleration of discovery. It's the quiet kind of progress engineers love — invisible, but indispensable...

Its GPUs (graphics processing units) are already tuned for the dense, parallel calculations these explorations demand, making them the natural partner for any emerging quantum processor... Other companies chase better quantum hardware — superconducting, photonic, trapped-ion — but all of them need reliable coordination with the computing power we already have. By offering that link, Nvidia turns its GPU ecosystem into the operating environment of hybrid computing, the connective tissue between what exists now and what's coming next. And because the system is open, every new lab or start-up that connects strengthens Nvidia's position as the default hub for quantum experimentation...

There's also a defensive wisdom in this move. If quantum computing ever matures, it could threaten the same data center model that built Nvidia's empire. CEO Jensen Huang seems intent on making sure that, if the future shifts, Nvidia already sits at its center. By owning the bridge between today's technology and tomorrow's, the company ensures it earns relevance — and revenue — no matter which computing model dominates.
So Nvidia's move "isn't about building a quantum computer," the article argues, "it's about owning the bridge every quantum effort will need."

After the Python Software Foundation rejected a $1.5 million grant because it restricted DEI activity, "a flood of new donations followed," according to a new report. By Friday they'd raised over $157,000, including 295 new Supporting Members paying an annual $99 membership fee, says PSF executive director Deb Nicholson.

"It doesn't quite bridge the gap of $1.5 million, but it's incredibly impactful for us, both financially and in terms of feeling this strong groundswell of support from the community." Could that same security project still happen if new funding materializes? The PSF hasn't entirely given up. "The PSF is always looking for new opportunities to fund work benefiting the Python community," Nicholson told me in an email last week, adding pointedly that "we have received some helpful suggestions in response to our announcement that we will be pursuing." And even as things stand, the PSF sees itself as "always developing or implementing the latest technologies for protecting PyPI project maintainers and users from current threats," and it plans to continue with that commitment.
The Python Software Foundation was "astounded and deeply appreciative at the outpouring of solidarity in both words and actions," their executive director wrote in a new blog post this week, saying the show of support "reminds us of the community's strength."

But that post also acknowledges the reality that the Python Software Foundation's yearly revenue and assets (including contributions from major donors) "have declined, and costs have increased,..." Historically, PyCon US has been a source of revenue for the PSF, enabling us to fund programs like our currently paused Grants Program... Unfortunately, PyCon US has run at a loss for three years — and not from a lack of effort from our staff and volunteers! Everyone has been working very hard to find areas where we can trim costs, but even with those efforts, inflation continues to surge, and changing U.S. and economic conditions have reduced our attendance... Because we have so few expense categories (the vast majority of our spending goes to running PyCon US, the Grants Program, and our small 13-member staff), we have limited "levers to pull" when it comes to budgeting and long-term sustainability...
While Python usage continues to surge, "corporate investment back into the language and the community has declined overall. The PSF has longstanding sponsors and partners that we are ever grateful for, but signing on new corporate sponsors has slowed." (They're asking employees at Python-using companies to encourage sponsorships.) We have been seeking out alternate revenue channels to diversify our income, with some success and some challenges. PyPI Organizations offers paid features to companies (PyPI features are always free to community groups) and has begun bringing in monthly income. We've also been seeking out grant opportunities where we find good fits with our mission.... We currently have more than six months of runway (as opposed to our preferred 12 months+ of runway), so the PSF is not at immediate risk of having to make more dramatic changes, but we are on track to face difficult decisions if the situation doesn't shift in the next year.

Based on all of this, the PSF has been making changes and working on multiple fronts to combat losses and work to ensure financial sustainability, in order to continue protecting and serving the community in the long term. Some of these changes and efforts include:

— Pursuing new sponsors, specifically in the AI industry and the security sector
— Increasing sponsorship package pricing to match inflation
— Making adjustments to reduce PyCon US expenses
— Pursuing funding opportunities in the US and Europe
— Working with other organizations to raise awareness
— Strategic planning, to ensure we are maximizing our impact for the community while cultivating mission-aligned revenue channels

The PSF's end-of-year fundraiser effort is usually run by staff based on their capacity, but this year we have assembled a fundraising team that includes Board members to put some more "oomph" behind the campaign. We'll be doing our regular fundraising activities; we'll also be creating a unique webpage, piloting temporary and VERY visible pop-ups to python.org and PyPI.org, and telling more stories from our Grants Program recipients...

Keep your eyes on the PSF Blog, the PSF category on Discuss, and our social media accounts for updates and information as we kick off the fundraiser this month. Your boosts of our posts and your personal shares of "why I support the PSF" stories will make all the difference in our end-of-year fundraiser. If this post has you all fired up to personally support the future of Python and the PSF right now, we always welcome new PSF Supporting Members and donations.

"A tape-based piece of unique Unix history may have been lying quietly in storage at the University of Utah for 50+ years," reports The Register. And the software librarian at Silicon Valley's Computer History Museum, Al Kossow of Bitsavers, believes the tape "has a pretty good chance of being recoverable." Long-time Slashdot reader bobdevine says the tape will be analyzed at the Computer History Museum. More from The Register: The news was posted to Mastodon by Professor Robert Ricci of the University of Utah's Kahlert School of Computing [along with a picture. "While cleaning a storage room, our staff found this tape containing #UNIX v4 from Bell Labs, circa 1973..." Ricci posted on Mastodon. "We have arranged to deliver it to the Computer History Museum."] The nine-track tape reel bears a handwritten label reading: UNIX Original From Bell Labs V4 (See Manual for format)...

If it's what it says on the label, this is a notable discovery because little of UNIX V4 remains. That's unfortunate as this specific version is especially interesting: it's the first version of UNIX in which the kernel and some of the core utilities were rewritten in the new C programming language. Until now, the only surviving parts known were the source code to a slightly older version of the kernel and a few man pages — plus the Programmer's Manual [PDF], from November 1973.
The Unix Heritage Society hosts those surviving parts — and apparently some other items of interest, according to a comment posted on Mastodon. "While going through the tapes from Dennis Ritchie earlier this year, I found some UNIX V4 distribution documents," posted Mastodon user "Broken Pipe," linking to tuhs.org/Archive/Applications/Dennis_Tapes/Gao_Analysis/v4_dist/.

There's a file called license ("The program and information transmitted herewith is and shall remain the property of Bell Lab%oratories...") and coldboot ("Mount good tape on drive 0..."), plus a six-page "Setup" document that ends with these words...

We expect to have a UNIX seminar early in 1974.

Good luck.
Ken Thompson
Dennis Ritchie
Bell Telephone Labs
Murray Hill, NJ 07974

The Verge's Ash Parrish writes: Nintendo has released a new store app on Android and iOS giving users the ability to purchase hardware, accessories, and games for the Switch and Switch 2. When I open my phone and scroll down to the N's, I get a neat, full row dedicated entirely to Nintendo. That's four apps: the Switch app, the music app, the Nintendo Today news app, and now the store. (The tally increases to five if you're a parent using the Switch Parental Controls app.) And it is entirely too much.

Nintendo has always been the one company of the big three publishers that does its own thing, and that's worked both for and against it. The company hasn't chased development trends with the same zeal as Microsoft and Sony. That insulates Nintendo when those trends don't pan out, like exorbitant spending on live-service games that fail. But also hurts it when it comes to performance and user experience. Console-native voice chat, for example, has been a standard on other platforms for a long time, but was only offered on a Nintendo console with the Switch 2 this year.

With the deployment of these apps, Nintendo is both trying to innovate and playing catch-up with results that feel confusing and overwhelming. Do we really need four distinct apps? That's not to say these apps shouldn't exist; they serve valuable and necessary purposes. But when I look at all the programs I have to manage in my Nintendo life, it just feels like it's too much... Further reading: Nintendo Won't Shy Away From Continuing To 'Try Anything'