Slashdot

"You can use any Linux distribution inside of the Windows Subsystem for Linux" Microsoft recently reminded Windows users, "even if it is not available in the Microsoft Store, by importing it with a tar file." But being an official distro "makes it easier for Windows Subsystem for Linux users to install and discover it with actions like wsl --list --online and wsl --install," Microsoft pointed out this week. And "We're excited to announce that Red Hat will soon be delivering a Red Hat Enterprise Linux WSL distro image in the coming months..." Thank you to the Red Hat team as their feedback has been invaluable as we built out this new architecture, and we're looking forwards to the release...! Ron Pacheco, senior director, Red Hat Enterprise Linux Ecosystem, Red Hat says: "Developers have their preferred platforms for developing applications for multiple operating systems, and WSL is an important platform for many of them. Red Hat is committed to driving greater choice and flexibility for developers, which is why we're working closely with the Microsoft team to bring Red Hat Enterprise Linux, the largest commercially available open source Linux distribution, to all WSL users." Read Pacheco's own blog post here. But in addition Microsoft is also releasing "a new way to make WSL distros," they announced this week, "with a new architecture that backs how WSL distros are packaged and installed."Up until now, you could make a WSL distro by either creating an appx package and distributing it via the Microsoft Store, or by importing a .tar file with wsl -import. We wanted to improve this by making it possible to create a WSL distro without needing to write Windows code, and for users to more easily install their distros from a file or network share which is common in enterprise scenarios... With the tar based architecture, you can start with the same .tar file (which can be an exported Linux container!) and just edit it to add details to make it a WSL distro... These options will describe key distro attributes, like the name of the distro, its icon in Windows, and its out of box experience (OOBE) which is what happens when you run WSL for the first time. You'll notice that the oobe_command option points to a file which is a Linux executable, meaning you can set up your full experience just in Linux if you wish.Read more of this story at Slashdot.

"The past 15 years were unique in ways that might be a bad predictor of our future," writes the Washington Post, with a surge in the number of internet users since 2010, and everyone spending more time online. But today, "lots of smart people believe that artificial intelligence will upend how you find information. Googling is so yesterday."Sam Altman, the top executive overseeing ChatGPT, has said that AI has a good shot at shoving aside Google search. Bill Gates predicted that emerging AI will do tasks like researching your ideal running shoes and automatically placing an order so you'll "never go to a search site again." In defending itself from a judge's decision that it runs an illegal monopoly, Google says the company might be roadkill as AI and other new technologies change how you find information. (On Wednesday, the U.S. government asked the judge to overhaul Google to undo its monopoly.) But predictions of Google's looming obsolescence have been wrong before, which calls for humility in fortune-telling our collective technology habits. We're devilishly unpredictable.... Maybe it's right to extrapolate from how people are starting to use AI today. Or maybe that's the mistake that Jobs made when he said no one was searching on iPhones. It wasn't wrong in 2010, but it was within a few years. Or what if AI upends how billions of us find information and we still keep on Googling? "The notion that we can predict how these new technologies are going to evolve is silly," said David B. Yoffie, a Harvard Business School professor who has spent decades studying the technology industry. Amit Mehta, the judge overseeing the Google monopoly case, formed his own view on AI moving us away from searching Google. "AI may someday fundamentally alter search, but not anytime soon," he said.Read more of this story at Slashdot.

An anonymous reader shared this report from CNET:Meta says it's taken down more than 2 million accounts this year linked to overseas criminal gangs behind scam operations that human rights activists say forced hundreds of thousands of people to work as scammers and cost victims worldwide billions of dollars. In a Thursday blog post, the parent of Facebook, Instagram and WhatsApp says the pig butchering scam operations - based in Myanmar, Laos, Cambodia, the United Arab Emirates and the Philippines - use platforms like Facebook and Instagram; dating, messaging, crypto and other kinds of apps; and texts and emails, to globally target people... [T]he scammers strike up an online relationship with their victims and gain their trust. Then they move their conversations to crypto apps or scam websites and dupe victims into making bogus investments or otherwise handing over their money, Meta said. They'll ask the victims to deposit money, often in the form of cryptocurrency, into accounts, sometimes even letting the victims make small withdrawals, in order to add a veneer of legitimacy. But once the victim starts asking for their investment back, or it becomes clear they don't have any more money to deposit, the scammer disappears and takes the money with them. And the people doing the scamming are often victims themselves. During the COVID-19 pandemic, criminal gangs began building scam centers in Southeast Asia, luring in often unsuspecting job seekers with what looked like amazing postings on local job boards and other platforms, then forcing them to work as scammers, often under the threat of physical harm. The scope of what's become a global problem is staggering. In a report issued in May, the US Institute of Peace estimates that at least 300,000 people are being forced to work, or are otherwise suffering human rights violations, inside these scam centers. The report also estimates global financial losses stemming from the scams at $64 billion in 2023, with the number of financial victims in the millions. Meta says it has focused on investigating and disrupting the scam operations for more than two years, working with nongovernmental organizations and other tech companies, like OpenAI, Coinbase and dating-app operator Match Group, along with law enforcement in both the US and the countries where the centers are located. Meta titled its blog post "Cracking Down On Organized Crime Behind Scam Centers," writing "We hope that sharing our insights will help inform our industry's defenses so we can collectively help protect people from criminal scammers."Read more of this story at Slashdot.

Longtime Slashdot reader theodp writes: Past corporate-sponsored Hour of Code tutorials for the nation's schoolchildren have blurred the lines between coding lessons and product infomercials. So too is the case again with this year's newly-announced Hour of Code 2024 flagship tutorials, which include Microsoft Minecraft, Amazon Music, and Transformers One movie-themed intros to coding. The press release announcing the tutorials from tech-backed nonprofit Code.org, which organizes the Hour of Code and counts Microsoft and Amazon as $30+ million donors, boasts of its "decade of partnership with [Microsoft] Minecraft this year, reaching more than 300 million sessions of Minecraft Hour of Code since 2015!" Interestingly, The Transformers (Paramount Pictures, which released Transformers One in the U.S., is a $25,000+ Code.org donor) is cited as one of the OG's of children's Saturday morning cartoon advertising (aka 30-minute commercials) that prompted the Children's Television Act (CTA) of 1990, an act of Congress that ordered the FCC to put in place regulations to protect children from advertising. Throughout the 1980s, Action for Children's Television (ACT) criticized children's television programs that "blur(red) the distinction between program content and commercial speech."Read more of this story at Slashdot.

Neuralink, the brain chip startup founded by Elon Musk, says it has received approval to launch its first clinical trial in Canada for a device designed to give paralysed individuals the ability to use digital devices simply by thinking. Reuters reports: [T]he Canadian study aims to assess the safety and initial functionality of its implant which enables people with quadriplegia, or paralysis of all four limbs, to control external devices with their thoughts. Canada's University Health Network hospital said in a separate statement that its Toronto facility had been selected to perform the complex neurosurgical procedure. Neuralink has successfully implanted the device in two patients in the United States. One of the patients has been using it to play video games and learn how to design 3D objects.Read more of this story at Slashdot.

A team of undergraduate students from the University of Southern California's Rocket Propulsion Lab set multiple amateur spaceflight records with their rocket, Aftershock II. "The student-made missile soared 90,000 feet (27,400 meters) beyond the previous record-holder -- a rocket launched more than 20 years ago," reports Live Science. From the report: The students launched Aftershock II on Oct. 20 from a site in Black Rock Desert, Nevada. The rocket stood about 14 feet (4 meters) tall and weighed 330 pounds (150 kilograms). The rocket broke the sound barrier just two seconds after liftoff and reached its maximum speed roughly 19 seconds after launch, the RPL team wrote in a Nov. 14 paper summarizing the launch. The rocket's engine then burned out, but the craft continued to climb as atmospheric resistance decreased, enabling it to leave Earth's atmosphere 85 seconds after launch and then reach its highest elevation, or apogee, 92 seconds later. At this point, the nose cone separated from the rest of the rocket and deployed a parachute so it could safely reenter the atmosphere and touch down in the desert, where it was collected by the RPL team for analysis. The rocket's apogee was around 470,000 feet (143,300 m) above Earth's surface, which is "further into space than any non-governmental and non-commercial group has ever flown before," USC representatives wrote in a statement. The previous record of 380,000 feet (115,800 m) was set in 2004 by the GoFast rocket made by the Civilian Space Exploration Team. During the flight, Aftershock II reached a maximum speed of around 3,600 mph (5,800 km/h), or Mach 5.5 -- five and a half times the speed of sound. This was slightly faster than GoFast, which had also held the amateur speed record for 20 years. But elevation and speed were not the only records Aftershock II broke. "This achievement represents several engineering firsts," Ryan Kraemer, an undergraduate mechanical engineering student at USC and executive engineer of the RPL team who will soon join SpaceX's Starship team, said in the statement. "Aftershock II is distinguished by the most powerful solid-propellant motor ever fired by students and the most powerful composite case motor made by amateurs."Read more of this story at Slashdot.

An anonymous reader quotes a report from VICE: It's early on a Sunday morning in late 1994, and you're shuffling your way through Fitzrovia in Central London, bloodstream still rushing after a long night at Bagley's. The sun comes up as you come down. You navigate side streets that you know like the back of your hand. But your hand's stamped with a party logo. And your brain's kaput. Coffee... yes, coffee. Good idea. Suddenly, you find yourself outside a teal blue cafe. Walking in is like entering an alien world; rows of club kids, tech heads, and game developers sit in front of desktops, lost in the primitive version of some new reality. Tentacular cables hang from the ceiling. Ambient techno reverberates from wall to wall. Cigarette smoke fills the air. Welcome to Cyberia, the world's first internet cafe. Which, if you're too young to remember, are basically cafes with computers in them. It all began when Eva Pascoe, a Polish computing student living in London, crossed paths with Tim Berners Lee and other early internet mavericks at the dawn of the 90s. "I was very interested in cyberfeminism and wanted to figure out how women could reclaim tech," she recalls. The internet was still in its infancy. Diabolically slow dial-up modems only emerged around 1992; the World Wide Web was a pipe dream until 1993 and hardly anyone had the internet at home. But there wasn't just a lack of javascript; Eva remembers there being no good java, either. "There were no coffee shops in London," she says, which today seems ludicrous. "Just greasy spoons and everyone drank tea. I wanted a European-style cafe." Linking up with like-minded pioneers David Rowe and husband and wife Keith and Gene Teare, Eva found a spot on the corner of Whitfield Street and launched Cyberia there in 1994. With Hackers-style aesthetics and futuristic furniture, it was based around a U-shaped layout that meant visitors could see each other's screens. "I wanted women to feel safe, because a lot of the stuff on the net was dodgy," she explains. Many of Eva's mates chipped in to help out -- architects, interior designers, graphic artists, publishers, and ravers among them. And then there was the Amish community in Pennsylvania. Eva had to fly out there to negotiate for the "Cyberia.com" domain name they had bought. "It was a proper barn with horse carts and a wall of modems as they were running a bulletin board and an early ecommerce company. Apparently, there was always one family nominated to be the tech support," she remembers. Back in London, Cyberia quickly became a hotspot. "Virtually the second we opened, we had three lines deep around the block," she says. It's hard to imagine, but nowhere else in the world was doing what they were doing. It was the world's first cybercafe. "If you wanted to collect your emails, we were the only place in town," Eva says. Cyberia opened around 20 cafes worldwide, including branches in Bangkok, Paris, and Rotterdam. "For a fleeting moment it became like a sexier version of Richard Branson's Virgin empire: there was Cyberia Records, Cyberia Channel (a pioneering streaming service), Cyberia Payments, the Cyberia magazine, a Cyberia show on UK TV -- even a Cyberia wedding," writes VICE's Kyle MacNeill. He attended Cyberia's 30th birthday party in September and spoke with some of the cafe's original innovators, "shooting the shit about the good times and the not-so-good coffee."Read more of this story at Slashdot.

Longtime Slashdot reader mspohr shares a report from Gizmodo: Hackers for the Chinese government were able to deeply penetrate U.S. telecommunications infrastructure in ways that President Joe Biden's administration hasn't yet acknowledged, according to new reports from the Washington Post and New York Times. The hackers were able to listen to phone calls and read text messages, reportedly exploiting the system U.S. authorities use to wiretap Americans in criminal cases. The worst part? The networks are still compromised and it may take incredibly drastic measures to boot them from U.S. systems. The hackers behind the infiltration of U.S. telecom infrastructure are known to Western intelligence agencies as Salt Typhoon, and this particular breach of U.S. equipment was first reported in early October by the Wall Street Journal. But Sen. Mark Warner, a Democrat from Virginia, spoke with the Washington Post and New York Times this week to warn the public that this is so much worse than we initially thought, dubbing it "the worst telecom hack in our nation's history." And those articles based on Warner's warnings were published late Thursday. Hackers weren't able to monitor or intercept anything encrypted, according to the Times, which means that conversations over apps like Signal and Apple's iMessage were probably protected. But end-to-end encryption over texts between Apple devices and Android devices, for instance, aren't encrypted in the same way, meaning they were vulnerable to interception by Salt Typhoon, according to the Times. The details about how the hackers were able to push so deeply into U.S. systems are still scarce, but it has something to do with the ways in which U.S. authorities wiretap suspects in this country with a court order.Read more of this story at Slashdot.

Longtime Slashdot reader Geoffrey.landis writes: Economist Phillip Kobernick makes the case that the emphasis on fast-charging stations for electric vehicles in the U.S. is misplaced. According to an article from CleanTechnica, he argues that, from an economic standpoint, what we should be doing is installing more slow chargers. All thing equal, who wouldn't choose a 10-minute charge over a 3-hour charge or a 10-hour charge? But all things are not equal. Superfast chargers are far more expensive than Level 2 chargers, and Level 2 chargers are also significantly more expensive than Level 1 charging infrastructure, which consists of normal electricity outlets. He points out that we get 4-7 times more charging capability installed for the same cost by going with Level 1 charging instead of Level 2. And given that people often just plug in their electric vehicles overnight, Level 1 charging can more than adequately provide what is needed in that time. The case is examined in a podcast on the site.Read more of this story at Slashdot.

"Steven Adair, of cybersecurity firm Veloxity, revealed at the Cyberwarcon security conference how Russian hackers were able to daisy-chain as many as three separate Wi-Fi networks in their efforts to attack victims," writes Longtime Slashdot reader smooth wombat. Wired reports: Adair says that Volexity first began investigating the breach of its DC customer's network in the first months of 2022, when the company saw signs of repeated intrusions into the customer's systems by hackers who had carefully covered their tracks. Volexity's analysts eventually traced the compromise to a hijacked user's account connecting to a Wi-Fi access point in a far end of the building, in a conference room with external-facing windows. Adair says he personally scoured the area looking for the source of that connection. "I went there to physically run down what it could be. We looked at smart TVs, looked for devices in closets. Is someone in the parking lot? Is it a printer?" he says. "We came up dry." Only after the next intrusion, when Volexity managed to get more complete logs of the hackers' traffic, did its analysts solve the mystery: The company found that the hijacked machine which the hackers were using to dig around in its customer's systems was leaking the name of the domain on which it was hosted -- in fact, the name of another organization just across the road. "At that point, it was 100 percent clear where it was coming from," Adair says. "It's not a car in the street. It's the building next door." With the cooperation of that neighbor, Volexity investigated that second organization's network and found that a certain laptop was the source of the street-jumping Wi-Fi intrusion. The hackers had penetrated that device, which was plugged into a dock connected to the local network via Ethernet, and then switched on its Wi-Fi, allowing it to act as a radio-based relay into the target network. Volexity found that, to break into that target's Wi-Fi, the hackers had used credentials they'd somehow obtained online but had apparently been unable to exploit elsewhere, likely due to two-factor authentication. Volexity eventually tracked the hackers on that second network to two possible points of intrusion. The hackers appeared to have compromised a VPN appliance owned by the other organization. But they had also broken into the organization's Wi-Fi from another network's devices in the same building, suggesting that the hackers may have daisy-chained as many as three networks via Wi-Fi to reach their final target. "Who knows how many devices or networks they compromised and were doing this on," says Adair. Volexity had presumed early on in its investigation that the hackers were Russian in origin due to their targeting of individual staffers at the customer organization focused on Ukraine. Then in April, fully two years after the original intrusion, Microsoft warned of a vulnerability in Windows' print spooler that had been used by Russia's APT28 hacker group -- Microsoft refers to the group as Forest Blizzard -- to gain administrative privileges on target machines. Remnants left behind on the very first computer Volexity had analyzed in the Wi-Fi-based breach of its customer exactly matched that technique. "It was an exact one-to-one match," Adair says.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Google has sued one of its former engineers in Texas federal court, accusing him of stealing trade secrets related to its chip designs and sharing them publicly on the internet. The lawsuit, filed on Tuesday (PDF), said that Harshit Roy "touted his dominion" over the secrets in social media posts, tagging competitors and making threatening statements to the company including "I need to take unethical means to get what I am entitled to" and "remember that empires fall and so will you." Google hired Roy in 2020 to develop computer chips used in Google Pixel devices like smartphones. Google said in the lawsuit that Roy resigned in February and moved from Bangalore, India to the United States in August to attend a doctorate program at the University of Texas at Austin. According to the complaint, Roy began posting confidential Google information to his X account later that month along with "subversive text" directed at the company, such as "don't expect me to adhere to any confidentiality agreement." The posts included photographs of internal Google documents with specifications for Pixel processing chips. The lawsuit said that Roy ignored Google's takedown requests and has posted additional trade secrets to X and LinkedIn since October. Google alleged that Roy tagged competitors Apple and Qualcomm in some of the posts, "presumably to maximize the potential harm of his disclosure." Google's complaint also said that several news outlets have published stories with confidential details about Google's devices based on the information that Roy leaked. Google asked the court for an unspecified amount of monetary damages and court orders blocking Roy from using or sharing its secrets.Read more of this story at Slashdot.

The latest Steam client drops support for operating systems older than Windows 10 or macOS 10.15 Catalina. "That means Mac users can't run 32-bit games anymore, as all macOS versions from Catalina onward only run 64-bit binaries," reports The Register. From the report: [I]f you have a well-specified older Mac, here is another reason to check out Open Core Legacy Patcher. For now, macOS 10.15 Catalina will do but we suspect it won't for long. This version of Steam uses the equivalent to Chrome 126: "Updated embedded Chromium build in Steam to 126.0.6478.183." However, versions since Chrome 128 require macOS 11 or newer. For now, Catalina will work -- but the next significant Steam update will update Chromium as well, and there's a high probability that that will drop support for 10.15. So, if you're using OCLP to install a newer macOS, you should probably go directly to Big Sur. In The Reg FOSS desk's testing, we found that Big Sur ran reasonably well on a machine with Intel HD 520 graphics, although the same hardware ran very poorly with macOS 12 Monterey. Unfortunately, the inevitable end is in sight for older Macs. That said, the November 2024 Steam client update brings several "wins," including a built-in Game Recording feature, an upgraded Chromium browser engine, and the new "Scout" Linux runtime environment for improved compatibility and performance, especially on the Steam Deck and Linux distros. Additionally, it delivers bug fixes and enhancements for modern OS users.Read more of this story at Slashdot.

Baidu's new Apollo Go robotaxi brings significant advances in affordability and scalability that should make U.S. competitors like Waymo a bit nervous, according to The Verge's Andrew J. Hawkins. From the report: The RT6 is the sixth generation of Apollo Go's driverless vehicle, which made its official debut in May 2024. It's a purpose-built, Level 4 autonomous vehicle, meaning it's built without the need for a human driver. And here's the thing that should make US competitors nervous: adopting a battery-swapping solution, the price for one individual RT6 is "under $30,000," Baidu CEO Robin Li said in an earnings call. "All the strengths just mentioned above are driving us forward, paving the way to validate our business model," Li added. [...] We still don't know the net effect of Baidu's cost improvements. But bringing down the upfront cost of each individual vehicle to below $30,000 will go a long way toward improving the company's unit economics, in which each vehicle brings in more money than it costs. There are still a lot of outstanding costs to consider, such as hardware depreciation and fleet maintenance, but from what Baidu is signaling, things are on the right track. From the looks of it, the company is passing those savings along to its customers. Base fares start as low as 4 yuan (around 55 cents), compared with 18 yuan (around $2.48) for a taxi driven by a human, according to state media outlet Global Times. Apollo Go said it has provided 988,000 rides across all of China in Q3 2024 -- a year-over-year growth of 20 percent. And cumulative public rides reached 8 million in October.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: DirecTV is pulling out of an agreement to buy its satellite rival Dish after bondholders objected to terms of the deal. DirecTV issued an announcement last night saying "it has notified EchoStar of its election to terminate, effective as of 11:59 p.m., ET on Friday, November 22nd, 2024, the Equity Purchase Agreement (EPA) pursuant to which it had agreed to acquire EchoStar's video distribution business, Dish DBS." In the deal announced on September 30, DirecTV was going to buy the Dish satellite TV and Sling TV streaming business from EchoStar for a nominal fee of $1. DirecTV would have taken on $9.75 billion of Dish debt if the transaction moved ahead. The deal did not include the Dish Network cellular business. Dish bondholders quickly objected to terms requiring them to take a loss on the value of their debt. DirecTV had said Dish notes would be exchanged with "a reduced principal amount of DirecTV debt which will have terms and collateral that mirror DirecTV's existing secured debt." The principal amount would have been reduced by at least $1.568 billion. DirecTV last night said it is now exercising its right to terminate the acquisition because noteholders did not accept the exchange offer. "The termination of the Agreement follows Dish DBS noteholders' failure to agree to the proposed Exchange Debt Offer Terms issued by EchoStar, which was a condition of DirecTV's obligations to acquire Dish under the EPA," the press release said. DirecTV CEO Bill Morrow indicated his company wasn't willing to change the deal to satisfy Dish bondholders. "We have terminated the transaction because the proposed Exchange Terms were necessary to protect DirecTV's balance sheet and our operational flexibility," Morrow said.Read more of this story at Slashdot.

Weeks after federal regulators announced a "click-to-cancel" rule for subscription businesses, a New York judge has ruled that SiriusXM made it too difficult for customers to end their service. Deadline: New York State Supreme Court Justice Lyle Frank's ruling, issued Thursday, upheld elements of a lawsuit filed against the satellite audio firm in 2023 by New York Attorney General Letitia James. In a post on X after Frank's ruling, she wrote that the company "illegally forced people to go through a long and burdensome process to simply cancel their subscriptions. We sued SiriusXM to protect people's wallets, and now, SiriusXM must simplify its cancellation process and stop taking advantage of New Yorkers."Read more of this story at Slashdot.

Netflix is looking toward Discord for help in figuring out who, exactly, is leaking unreleased footage from some of its popular shows. From a report: The Northern District of California court issued a subpoena on Thursday to compel Discord to share information that can help identify a Discord user who's reportedly involved in leaking episodes and images from Netflix shows like Arcane and Squid Game. Documents filed alongside the subpoena specifically call out an unreleased and copyrighted image from the second season of Squid Game, posted by a Discord user @jacejohns4n. In an interview linked on the user's now deleted X account, published on Telegram, the leaker claimed responsibility for the self-described "worst leak in streaming history," where episodes of Arcane, Heartstopper, Dandadan, Terminator Zero, and other shows were published online. Netflix confirmed in August that a post production studio was hacked.Read more of this story at Slashdot.

Microsoft has released a public preview of its redesigned Windows Recall feature, five months after withdrawing the original version due to security concerns. The feature will initially be available only on Qualcomm Snapdragon X Elite and Plus Copilot+ PCs running Windows Insider Dev channel build 26120.2415. Recall, which continuously captures and indexes screenshots and text for later search, now includes mandatory encryption, opt-in activation, and Windows Hello authentication. The feature requires Secure Boot, BitLocker encryption, and attempts to automatically mask sensitive data like passwords and credit card numbers. The feature is exclusive to Copilot+ PCs equipped with neural processing units for local AI processing.Read more of this story at Slashdot.

An anonymous reader shares a report: Plex is beginning to test its "newly reimagined Plex experience," which will be available first on mobile and is coming to TV platforms "very soon." Plex says the new experience has been in development for almost two years and is "designed to bring everything you love into one seamless interface." But don't worry -- while the new version of the app is currently missing some features, Plex says it will be "closing those gaps" and will keep the current app available during the preview, which will hopefully prevent a Sonos-like debacle. A big change for the new app is redesigned navigation that more clearly delineates between media you might have on your Plex server and the company's streaming and on-demand offerings. The bottom bar has dedicated tabs for your media libraries, live TV, and on-demand movies and shows. The Watchlist, which lets you make a list of things you want to watch, has a spot at the top of the app. And artwork is shown more prominently.Read more of this story at Slashdot.

Damage to two undersea fiber-optic cables in the Baltic Sea this month points to growing vulnerability of critical submarine infrastructure, with German officials suspecting sabotage and Swedish police investigating a Chinese cargo vessel's involvement. The incident highlights escalating risks to the global submarine cable network, which carries 99% of international telecommunications traffic through 530 cable systems spanning 850,000 miles. These garden hose-thick cables facilitate trillions in daily financial transactions and vital government communications. Security experts warn that Russia has increased monitoring of undersea cables amid tensions over Ukraine. Taiwan reported 36 cable damages by foreign vessels since 2019, while Houthi rebels denied targeting Red Sea cables this year. Though most of the 100-plus annual cable faults are accidental, deliberate sabotage remains a concern. Repairs are costly, with new transatlantic cables running up to $250 million.Read more of this story at Slashdot.

Amazon said on Friday it will invest an additional $4 billion in AI startup Anthropic, following earlier investments of $4 billion made in September and March. As part of the deal, Amazon Web Services will become Anthropic's primary training partner, with the AI firm committing to use AWS's Trainium and Inferentia chips for future model development. Anthropic operates the Claude large language model.Read more of this story at Slashdot.

An anonymous reader shares a report: OpenAI is preparing to launch a frontal assault on Google. The ChatGPT owner recently considered developing a web browser that it would combine with its chatbot, and it has separately discussed or struck deals to power search features for travel, food, real estate and retail websites, according to people who have seen prototypes or designs of the products. OpenAI has spoken about the search product with website and app developers such as Conde Nast, Redfin, Eventbrite and Priceline, these people said. OpenAI also has discussed powering artificial intelligence features on devices made by Samsung, a key Google business partner, similar to a deal OpenAI recently struck with Apple, according to people who were briefed about the situation at OpenAI.Read more of this story at Slashdot.

Apple's restrictions on mobile browsers are limiting innovation and holding back new features that could benefit iPhone users, according to provisional findings published today by the UK's Competition and Markets Authority (CMA). From a report: In its report, the CMA's independent inquiry group determined that Apple's Safari browser policies prevent competing browsers from implementing certain features, such as faster webpage loading technologies. The investigation also revealed that many UK app developers would prefer to offer progressive web apps as an alternative to App Store distribution, but Apple's current iOS limitations make this impractical. Adding to competitive concerns, the regulator highlighted a revenue-sharing agreement between Apple and Google that "significantly reduces their financial incentives to compete" in the mobile browser space on iOS. The CMA also found that both companies can manipulate how users are presented with browser choices, making their own offerings appear as the clearest or easiest options.Read more of this story at Slashdot.

Mozilla has warned that the Justice Department's proposed breakup of Google could harm independent web browsers, pushing back against a key element of the government's antitrust remedy. The maker of Firefox browser said in a statement the DOJ's blanket ban on search revenue-sharing deals would disproportionately impact smaller players that rely on such agreements, while failing to meaningfully increase competition in search. Firefox and similar browsers account for a small share of US search queries but provide crucial alternatives for privacy-conscious consumers, Mozilla said. The DOJ's wide-ranging proposal, submitted to a federal court in Washington, includes forcing Google to sell its Chrome browser and prohibiting the company from paying other firms to set Google as their default search engine. The plan follows an August ruling that found Google illegally monopolized the search market. In a statement, Mozilla argued that rather than an outright prohibition on search agreements, remedies should focus on "addressing the barriers to competition and facilitating a marketplace that promotes competition and consumer choice."Read more of this story at Slashdot.

An anonymous reader quotes a report from PYMNTS: The Justice Department's proposal to resolve its antitrust case over online search against Google reportedly would force the tech giant to unwind its partnership with artificial intelligence (AI) company Anthropic. A recommendation in the Justice Department's court filing Wednesday (Nov. 20) that Google be barred from partnerships with companies that control where consumers search for information, is intended to apply to the company's investment in Anthropic, Bloomberg reported Thursday (Nov. 21). [...] It was reported in October 2023 that Google had invested $500 million in Anthropic and agreed to contribute another $1.5 billion over time. During that same month, PYMNTS reported that Anthropic's commitment to building and deploying what the company said are generative AI capabilities with stronger built-in guardrails, differentiated it from other foundational AI models on the market. On Tuesday (Nov. 19), the U.K.'s competition watchdog, the Competition and Markets Authority (CMA), cleared Google's partnership with Anthropic, saying that it had determined that the deal between the tech giant and the AI startup did not warrant additional investigation. "The CMA does not believe that Google has acquired material influence over Anthropic as a result of the partnership," the regulator said in its assessment of the arrangement. U.S. regulators also call for a sale of Google's Chrome browser and restrictions to prevent Android from favoring its own search engine. "DOJ had a chance to propose remedies related to the issue in this case: search distribution agreements with Apple, Mozilla, smartphone OEMs and wireless carriers," Google said in a Thursday blog post. "Instead, DOJ chose to push a radical interventionist agenda that would harm Americans and America's global technology leadership."Read more of this story at Slashdot.

The Register's Simon Sharwood reports: Japan's National Consumer Affairs Center on Wednesday suggested citizens start "digital end of life planning" and offered tips on how to do it. The Center's somewhat maudlin advice is motivated by recent incidents in which citizens struggled to cancel subscriptions their loved ones signed up for before their demise, because they didn't know their usernames or passwords. The resulting "digital legacy" can be unpleasant to resolve, the agency warns, so suggested four steps to simplify ensure our digital legacies aren't complicated: - Ensuring family members can unlock your smartphone or computer in case of emergency;- Maintain a list of your subscriptions, user IDs and passwords;- Consider putting those details in a document intended to be made available when your life ends;- Use a service that allows you to designate someone to have access to your smartphone and other accounts once your time on Earth ends. The Center suggests now is the time for it to make this suggestion because it is aware of struggles to discover and resolve ongoing expenses after death. With smartphones ubiquitous, the org fears more people will find themselves unable to resolve their loved ones' digital affairs -- and powerless to stop their credit cards being charged for services the departed cannot consume.Read more of this story at Slashdot.

China has overtaken Germany and Japan in terms of robot density, according to an annual report by the International Federation of Robotics (IFR). Reuters reports: South Korea is the world leader with 1,012 robots per 10,000 employees, up 5% since 2018, said the IFR. Singapore comes next, followed by China with 470 robots per 10,000 workers - more than double the density it had in 2019. That compares with 429 per 10,000 employees in Germany, which has had an annual growth rate of 5% since 2018, said IFR.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: A federal court yesterday ruled against parents who sued a Massachusetts school district for punishing their son who used an artificial intelligence tool to complete an assignment. Dale and Jennifer Harris sued Hingham High School officials and the School Committee and sought a preliminary injunction requiring the school to change their son's grade and expunge the incident from his disciplinary record before he needs to submit college applications. The parents argued that there was no rule against using AI in the student handbook, but school officials said the student violated multiple policies. The Harris' motion for an injunction was rejected in an order (PDF) issued yesterday from US District Court for the District of Massachusetts. US Magistrate Judge Paul Levenson found that school officials "have the better of the argument on both the facts and the law." "On the facts, there is nothing in the preliminary factual record to suggest that HHS officials were hasty in concluding that RNH [the Harris' son, referred to by his initials] had cheated," Levenson wrote. "Nor were the consequences Defendants imposed so heavy-handed as to exceed Defendants' considerable discretion in such matters." "On the evidence currently before the Court, I detect no wrongdoing by Defendants," Levenson also wrote. "The manner in which RNH used Grammarly -- wholesale copying and pasting of language directly into the draft script that he submitted -- powerfully supports Defendants' conclusion that RNH knew that he was using AI in an impermissible fashion," Levenson wrote. While "the emergence of generative AI may present some nuanced challenges for educators, the issue here is not particularly nuanced, as there is no discernible pedagogical purpose in prompting Grammarly (or any other AI tool) to generate a script, regurgitating the output without citation, and claiming it as one's own work," the order said. Levenson concluded with a quote from a 1988 Supreme Court ruling that said the education of youth "is primarily the responsibility of parents, teachers, and state and local school officials, and not of federal judges." According to Levenson, "This case well illustrates the good sense in that division of labor. The public interest here weighs in favor of Defendants."Read more of this story at Slashdot.

Google is introducing "Restore Credentials," a feature that simplifies transferring app credentials when switching Android devices to keep you logged into your apps. The Verge reports: While some apps already did this, Google is making it easier for developers to include this experience by implementing a "restore key" that automatically transfers to the new phone and logs you back into the app. [...] Restore Credentials requires less work than the previous approach on Android, and can automatically check if a restore key is available and log you back in at the first app launch. A restore key is a public key that uses existing passkey infrastructure to move about your credentials. Restore keys can also be backed up to the cloud, although developers can opt out. For that reason, transferring directly from device to device will still likely be more thorough than restoring from the cloud, as is the case with Apple devices today. Notably, Google says restore keys do not transfer if you delete an app and reinstall it.Read more of this story at Slashdot.

According to Business Insider (paywalled), Microsoft's Copilot tool inadvertently let customers access sensitive information, such as CEO emails and HR documents. Now, Microsoft is working to fix the situation, deploying new tools and a guide to address the privacy concerns. The story was highlighted by Salesforce CEO Marc Benioff. From the report: These updates are designed "to identify and mitigate oversharing and ongoing governance concerns," the company said in a blueprint for Microsoft's 365 productivity software suite. [...] Copilot's magic -- its ability to create a 10-slide road-mapping presentation, or to summon a list of your company's most profitable products -- works by browsing and indexing all your company's internal information, like the web crawlers used by search engines. IT departments at some companies have set up lax permissions for who can access internal documents -- selecting "allow all" for the company's HR software, say, rather than going through the trouble of selecting specific users. That didn't create much of a problem because there wasn't a tool that an average employee could use to identify and retrieve sensitive company documents -- until Copilot. As a result, some customers have deployed Copilot only to discover that it can let employees read an executive's inbox or access sensitive HR documents. "Now when Joe Blow logs into an account and kicks off Copilot, they can see everything," a Microsoft employee familiar with customer complaints said. "All of a sudden Joe Blow can see the CEO's emails."Read more of this story at Slashdot.

According to Bloomberg (paywalled), Apple is developing a new version of Siri powered by large language models (LLMs). TechCrunch reports: The new assistant reportedly will fully replace the Siri interface that users rely on today, and Apple is planning to release the feature in the spring of 2026. The feature seems like it will be similar to OpenAI's Advanced Voice Mode but with all the same access to personal information and apps that Siri has today. Until then, Apple is relying on third parties to power the iPhone's advanced AI features.Read more of this story at Slashdot.

An anonymous reader quotes a report from KrebsOnSecurity: The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world's top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. London-based Finastra has offices in 42 countries and reported $1.9 billion in revenues last year. The company employs more than 7,000 people and serves approximately 8,100 financial institutions around the world. A major part of Finastra's day-to-day business involves processing huge volumes of digital files containing instructions for wire and bank transfers on behalf of its clients. On November 8, 2024, Finastra notified financial institution customers that on Nov. 7 its security team detected suspicious activity on Finastra's internally hosted file transfer platform. Finastra also told customers that someone had begun selling large volumes of files allegedly stolen from its systems. "On November 8, a threat actor communicated on the dark web claiming to have data exfiltrated from this platform," reads Finastra's disclosure, a copy of which was shared by a source at one of the customer firms. "There is no direct impact on customer operations, our customers' systems, or Finastra's ability to serve our customers currently," the notice continued. "We have implemented an alternative secure file sharing platform to ensure continuity, and investigations are ongoing." But its notice to customers does indicate the intruder managed to extract or "exfiltrate" an unspecified volume of customer data.Read more of this story at Slashdot.

The Trade Desk, one of the largest publicly traded advertising technology companies in the world, is building a connected television operating system. Axios reports: Existing OS providers, like Roku, Amazon's Fire TV and Google's Android TV, have a conflict of interest because they own content, [CEO and founder Jeff Green] said. Green believes that conflict of interest has muddled the advertising ecosystem for everyone. "We're looking at a concentration around a handful of players that lack objectivity," Green said. "We think we're in a unique position to make the ecosystem better." [...] Ventura, a nod to the company's headquarters in Ventura, California, will be rolled out to the market in the second half of 2025, Green said. The company has been working to build the system quietly for three years. While some OS developers, such as Google, Amazon and Roku, have also developed their own hardware devices to service their operating systems, Green said The Trade Desk has "no intention of getting into the hardware business." Rather, it will partner with other hardware companies, such as smart TV manufacturers, as well as various television distributors, such as airlines, hotel chains, and gaming companies, to bring its OS to their devices. Green believes hardware companies will be excited about the opportunity to partner because, in a competitive streaming environment, more hardware companies will need to build advertising businesses to scale. [...] Because The Trade Desk's goal is ultimately to improve a murky marketplace, Green said he isn't looking to make money from the OS directly. Ventura will be successful if it drives more pricing transparency and stronger measurement for the CTV advertising ecosystem writ large, he said. "Ultimately, the measure of success will be, do we have an ad auction that is so transparent that we can predict outcomes?" The Trade Desk will benefit financially from a more transparent ecosystem because it lacks a conflict of interest, Green said.Read more of this story at Slashdot.

Longtime Slashdot reader Zarhan writes: On Sunday and Monday, two undersea cables in Baltic sea were cut. There is talk of a hybrid operation by Russia against Europe, and a Chinese ship has been detained by Danish Navy. However, the interesting part is did the cuts really have any effect, or does the internet actually route around damage? RIPE Atlas tests seem to indicate so. RIPE Atlas probes did not observe any noticeable increase of packet loss and only a minimal and perfectly expected increase of latency as traffic automatically switched itself to other available paths. While 20-30% of paths experienced latency increases, the effects were modest and no packet loss was detected. That said, questions remain about the consequences of further cable disruptions. "We are blind on what would happen if another link would be severed, or worse, if many are severed," reports RIPE Labs.Read more of this story at Slashdot.

ZDNet's Steven Vaughan-Nichols interviews Jim Zemlin, Executive Director of The Linux Foundation and "head janitor of open source." An anonymous Slashdot reader shares an excerpt from the article: When I first met Zemlin, he was the head of the Free Standards Group (FSG). The FSG's main project was the Linux Standard Base (LSB) project. The LSB's goal was to get everyone in the Linux desktop world to agree on standards to ensure compatibility among distributions and their applications. Oh well, some struggles are never-ending. Another group, the Open Source Development Labs (OSDL), was simultaneously working on standardizing enterprise Linux. The two non-profits had the same goal of making Linux more useful and popular, so they agreed to merge. Zemlin was the natural pick to head this new group, which would be called The Linux Foundation. At the time, he told me: "The combination of the two groups really enables the Linux platform and all the members of the Linux Foundation to work really effectively. I clearly understand what the organization's charter needs to be: We need to provide services that are useful to the community and industry, as well as protect, promote, and continue to standardize the platform." While initially focused on Linux, the Foundation's scope expanded significantly around 2010. Until then, the organization had hosted about a dozen projects related to the Linux operating system. However, as Linux gained dominance in various sectors, including high-performance computing, automotive, embedded systems, mobile devices, and cloud computing, the Linux Foundation started to broaden its horizons. Zemlin says there are three words that sum up the Linux Foundation's effort to keep open source safe and open to a new generation of developers: helpful, hopeful, and humble. "You must be genuinely helpful to developers. We're the janitors of open source. The Linux Foundation takes care of all the boring but important stuff necessary to support software development so developers can focus on code. This work includes events, project marketing, project infrastructure, finances for projects, training and education, legal assistance, standards, facilitation, open source evangelism, and much, much more." He continued: "The hopeful part is really the optimistic part. When in 2007, people were saying that this would never work. When leaders of huge companies tell everyone that you know all that you're doing is a cancer or terrible, you have to have a sense of optimism that there are better days ahead. You have to always be thinking, 'No, we can do it and stick with it.'" However, Zemlin concluded that the number one trait that's "important in working in open source is this idea of humility. I work with hundreds of people every day, and none of them work at the Linux Foundation. We must lead through influence, and that really has been the secret for 20 years of working here without going totally insane. If you can check your ego and take criticism, open source actually turns out to be a really fun community to work with."Read more of this story at Slashdot.

Microsoft has expanded its campaign to migrate Windows 10 users to Windows 11, deploying full-screen ads urging users to purchase new computers ahead of Windows 10's end-of-support date. The ads, appearing on Windows 10 devices, remind the October 14, 2025 cut-off date for OS support.Read more of this story at Slashdot.

Pakistan's IT Industry Association (P@SHA) -- the nation's sole tech biz lobby group -- has warned that government policy could lead to business closures and financial losses among its constituents, and damage the nation's IT exports. From a report: P@SHA's main beef is with a slowing of internet access speeds, and government-imposed service outages. Pakistan went offline in May 2022 around the time of mass political protests and blackouts have since persisted -- prompting services like freelance gig platform Fiverr to warn clients that hiring members from Pakistan could mean potential disruptions. Fiverr matters in Pakistan, because the nation has a policy of encouraging freelancers to sell their services online as part of a plan to grow tech services exports. The nation even floated the idea of providing its freelance workers with a tax holiday, subsidized broadband and health insurance as a way of supporting the online labor force. But freelancers have had a hard time of it since the August 2024 introduction of what appears to be a new national firewall. Pakistan has long tried to limit access to what it feels is inappropriate content, and the firewall was aimed at helping that effort. But it greatly slowed internet access speeds -- making life hard for freelancers and other online businesses.Read more of this story at Slashdot.

AndroidAuthority: Android Authority has learned that Google has canceled the Pixel Tablet 2, the presumed name of Google's second-generation Pixel Tablet. This is disappointing for Pixel fans who were waiting for Google to refresh its first-generation Pixel Tablet with a newer chipset, a better camera, and, more importantly, an official keyboard accessory. It's also surprising to hear because it might suggest that Google is giving up on its tablet ambitions entirely, considering a separate report published yesterday claimed that Google is also killing the Pixel Tablet 3. However, we have reason to believe that the device cited in yesterday's report is actually the Pixel Tablet 2, and not the third-generation tablet after all. Let me break down how we know.Read more of this story at Slashdot.

The Federal Communications Commission voted on Thursday to propose new rules governing undersea internet cables in the face of growing security concerns, as part of a review of regulations on the links that handle nearly all the world's online traffic. From a report: The FCC voted 5-0 on proposed updates to address the national security concerns over the global network of more than 400 subsea cables that handle more than 98% of international internet traffic. [...] Baltic nations said this week they are investigating whether the cutting of two fiber-optic undersea telecommunication cables in the Baltic Sea was sabotage. Rosenworcel noted that in 2023 Taiwan accused two Chinese vessels of cutting the only two cables that support internet access on the Matsu Islands and Houthi attacks in the Red Sea may have been responsible for the cutting of three cables providing internet service to Europe and Asia.Read more of this story at Slashdot.

Gary Gensler will step down as chair of the U.S. Securities & Exchange Commission at noon on Inauguration Day, the agency announced on Thursday. From a report: Gensler has had an aggressive tenure, marked by controversial rulemaking and a combative approach with the cryptocurrency industry.Read more of this story at Slashdot.

An anonymous reader shares a report: People are using Spotify playlist and podcast descriptions to distribute spam, malware, pirated software and cheat codes for video games. Cybersecurity researcher Karol Paciorek posted an example of this: A Spotify playlist titled "*Sony Vegas Pro*13 C-r-a-c-k Free Download 2024 m-y-s-o-f-t-w-a-r-e-f-r-e-e.com" acts as a free advertisement for piracy website m-y-s-o-f-t-w-a-r-e-f-r-e-e[dot]com, which hosts malicious software. "Cybercriminals exploit Spotify for #malware distribution," Paciorek posted on X. "Why? Spotify has a strong reputation and its pages are easily indexed by search engines, making it an effective platform to promote malicious links." "The playlist title in question has been removed," a spokesperson for Spotify told 404 Media in a statement. "Spotify's Platform Rules prohibit posting, sharing, or providing instructions on implementing malware or related malicious practices that seek to harm or gain unauthorized access to computers, networks, systems, or other technologies."Read more of this story at Slashdot.

schwit1 writes: Undergraduates with family income below $200,000 can expect to attend MIT tuition-free starting next fall, thanks to newly expanded financial aid. Eighty percent of American households meet this income threshold. And for the 50 percent of American families with income below $100,000, parents can expect to pay nothing at all toward the full cost of their students' MIT education, which includes tuition as well as housing, dining, fees, and an allowance for books and personal expenses. This $100,000 threshold is up from $75,000 this year, while next year's $200,000 threshold for tuition-free attendance will increase from its current level of $140,000.Read more of this story at Slashdot.

While master's degrees are increasingly popular -- with 40% of U.S. bachelor's degree holders now having postgraduate credentials -- new research reveals many don't deliver improved earnings despite soaring costs. Analysis from the U.S. and UK indicates that about 40% of U.S. master's programs fail to provide positive financial returns, with some even leading to financial losses for graduates, as captured in a new Economist story. Similarly, British master's graduates earn no more than bachelor's holders by age 35 after accounting for background factors. This is particularly significant because U.S. students now average $50,000 in postgraduate debt, triple the real cost since 2000, while UK fees have risen 70% since 2011 to $12,000 annually. Returns vary dramatically by field: computer science and engineering show strong gains, while humanities degrees often lead to reduced earnings compared to bachelor's-only peers. Women are more likely than men to see earnings increases, succeeding in 14 out of 31 subject areas compared to men's six. Choice of institution impacts outcomes, though data shows no strong correlation between program cost and graduate earnings.Read more of this story at Slashdot.

An anonymous reader shares a report: A recent survey from Global System for Mobile Communications Association Intelligence (GSMA), the research wing of a U.K.-based organization that represents mobile operators around the world, found that 4.6 billion people across the globe are now connected to mobile internet -- or roughly 57% of the world's population. Now, the rate of new mobile internet subscriber growth is slowing. From 2015 to 2021, the survey consistently found over 200 million coming online through mobile devices around the world each year. But in the last two years, that number has dropped to 160 million. Rest of World analysis of that data found that a number of developing countries are plateauing in the number of mobile internet subscribers. That suggests that in countries like Pakistan, Bangladesh, Nigeria, and Mexico, the easiest populations to get online have already logged on, and getting the rest of the population on mobile internet will continue to be a challenge. GSMA collects data by surveying a nationally representative sample of people in each country, and then it correlates the results with similar studies. [...] In countries including China, the U.S., and Singapore, a high share of the population is already connected to mobile internet -- 80%, 81%, and 93%, respectively. So ita(TM)s no surprise that the rate of mobile internet subscriptions has slowed. But the rate of new users has also slowed in countries including Bangladesh, Nigeria, and Pakistan -- where only 37%, 34%, and 24% of the population currently use mobile internet.Read more of this story at Slashdot.

Valve's Steam platform is implementing stricter regulations for season pass sales, requiring detailed content descriptions and specific release windows for downloadable content (DLC), according to SteamDB creator Pavel Djundik. The company will restrict season pass offerings to established partners with proven track records and may issue refunds if developers miss deadlines or deliver unsatisfactory content. Developers must outline DLC components and commit to three-month launch windows, with one possible delay allowed. "If you aren't ready to clearly communicate about the content included in each DLC AND when each DLC will be ready for launch, you shouldn't offer a Season Pass on Steam," Valve stated.Read more of this story at Slashdot.

An anonymous reader shares a report: Lawyers for The New York Times and Daily News, which are suing OpenAI for allegedly scraping their works to train its AI models without permission, say OpenAI engineers accidentally deleted data potentially relevant to the case. Earlier this fall, OpenAI agreed to provide two virtual machines so that counsel for The Times and Daily News could perform searches for their copyrighted content in its AI training sets. In a letter, attorneys for the publishers say that they and experts they hired have spent over 150 hours since November 1 searching OpenAI's training data. But on November 14, OpenAI engineers erased all the publishers' search data stored on one of the virtual machines, according to the aforementioned letter, which was filed in the U.S. District Court for the Southern District of New York late Wednesday. OpenAI tried to recover the data -- and was mostly successful. However, because the folder structure and file names were "irretrievably" lost, the recovered data "cannot be used to determine where the news plaintiffs' copied articles were used to build [OpenAI's] models," per the letter. "News plaintiffs have been forced to recreate their work from scratch using significant person-hours and computer processing time," counsel for The Times and Daily News wrote.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Verge: After asking both SpaceX and Blue Origin to develop cargo landers for its Artemis missions, NASA has announced plans to use those landers to deliver heavy equipment to the Moon. The agency wants Elon Musk's SpaceX to use its Starship cargo lander to deliver a pressurized rover to the Moon "no earlier" than 2032, while Jeff Bezos' Blue Origin will be tasked with delivering a lunar surface habitat no sooner than 2033. Both launches will support NASA's Artemis missions, which aim to bring humans back to the Moon for the first time in over 50 years. Both companies are developing human landing systems for Artemis missions -- SpaceX for Artemis III and Blue Origin for Artemis V. NASA later asked both companies to develop cargo-hauling variants of those landers, capable of carrying 26,000 to 33,000 pounds of equipment and other materials to the Moon. NASA says it will issue proposals to SpaceX and Blue Origin at the beginning of next year.Read more of this story at Slashdot.

Space.com's Julian Dossett writes: For twelve years, we've watched Curiosity crawl its way over the rocky surface of Mars, decoding mysteries of the Red Planet and broadcasting back home pictures and data from the strange Martian environment. The Mars rover, built by NASA's Jet Propulsion Laboratory (JPL), has slowly scaled Mount Sharp since 2014. This mountain, officially monikered "Aeolis Mons," was discovered in the 1970s; cut into its alien landscape is the boulder-packed Gediz Vallis channel, which some scientists believe to be an ancient river bed. Curiosity crossed into Gediz Vallis earlier this year -- and, yesterday, JPL released a real treat for Mars lovers: a 360-degree panorama view of the Gediz Vallis channel. You can play the YouTube video and move your phone around for the nifty interactive feature. Or, if you're using a desktop PC, you can shift the video around with a mouse. The panorama showcases features like Kukenan Butte and Gale Crater Rim, with scientists debating whether water, wind, or landslides shaped the boulder-laden terrain. Another interesting observation is the presence of mysterious sulfur stones with yellow crystals. Scientists are unsure about their origin since such formations on Earth are linked to hot springs and volcanoes -- neither of which are known to exist on Mars. Curiosity is now heading toward a location called "the boxwork," a mineral-rich area potentially formed by ancient water flows.Read more of this story at Slashdot.

In a 23-page document (PDF) filed late Wednesday, U.S. regulators asked a federal judge to break up Google after a court found the tech giant of maintaining an abusive monopoly through its dominant search engine. As punishment, the DOJ calls for a sale of Google's Chrome browser and restrictions to prevent Android from favoring its own search engine. The Associated Press reports: Although regulators stopped short of demanding Google sell Android too, they asserted the judge should make it clear the company could still be required to divest its smartphone operating system if its oversight committee continues to see evidence of misconduct. [...] The Washington, D.C. court hearings on Google's punishment are scheduled to begin in April and Mehta is aiming to issue his final decision before Labor Day. If [U.S. District Judge Amit Mehta] embraces the government's recommendations, Google would be forced to sell its 16-year-old Chrome browser within six months of the final ruling. But the company certainly would appeal any punishment, potentially prolonging a legal tussle that has dragged on for more than four years. Besides seeking a Chrome spinoff and a corralling of the Android software, the Justice Department wants the judge to ban Google from forging multibillion-dollar deals to lock in its dominant search engine as the default option on Apple's iPhone and other devices. It would also ban Google from favoring its own services, such as YouTube or its recently-launched artificial intelligence platform, Gemini. Regulators also want Google to license the search index data it collects from people's queries to its rivals, giving them a better chance at competing with the tech giant. On the commercial side of its search engine, Google would be required to provide more transparency into how it sets the prices that advertisers pay to be listed near the top of some targeted search results. The measures, if they are ordered, threaten to upend a business expected to generate more than $300 billion in revenue this year. "The playing field is not level because of Google's conduct, and Google's quality reflects the ill-gotten gains of an advantage illegally acquired," the Justice Department asserted in its recommendations. "The remedy must close this gap and deprive Google of these advantages."Read more of this story at Slashdot.

An anonymous reader quotes a report from 404 Media: Instagram is flooded with hundreds of AI-generated influencers who are stealing videos from real models and adult content creators, giving them AI-generated faces, and monetizing their bodies with links to dating sites, Patreon, OnlyFans competitors, and various AI apps. The practice, first reported by 404 Media in April, has since exploded in popularity, showing that Instagram is unable or unwilling to stop the flood of AI-generated content on its platform and protect the human creators on Instagram who say they are now competing with AI content in a way that is impacting their ability to make a living. According to our review of more than 1,000 AI-generated Instagram accounts, Discord channels where the people who make this content share tips and discuss strategy, and several guides that explain how to make money by "AI pimping," it is now trivially easy to make these accounts and monetize them using an assortment of off-the-shelf AI tools and apps. Some of these apps are hosted on the Apple App and Google Play Stores. Our investigation shows that what was once a niche problem on the platform has industrialized in scale, and it shows what social media may become in the near future: a space where AI-generated content eclipses that of humans. [...] Out of more than 1,000 AI-generated Instagram influencer accounts we reviewed, 100 included at least some deepfake content which took existing videos, usually from models and adult entertainment performers, and replaced their face with an AI-generated face to make those videos seem like new, original content consistent with the other AI-generated images and videos shared by the AI-generated influencer. The other 900 accounts shared images that in some cases were trained on real photographs and in some cases made to look like celebrities, but were entirely AI-generated, not edited photographs or videos. Out of those 100 accounts that shared deepfake or face-swapped videos, 60 self-identify as being AI-generated, writing in their bios that they are a "virtual model & influencer" or stating "all photos crafted with AI and apps." The other 40 do not include any disclaimer stating that they are AI-generated. Adult content creators like Elaina St James say they're now directly competing with these AI rip-off accounts that often use stolen content. Since the explosion of AI-generated influencer accounts on Instagram, St James said her "reach went down tremendously," from a typical 1 million to 5 million views a month to not surpassing a million in the last 10 months, and sometimes coming in under 500,000 views. While she said changes to Instagram's algorithm could also be at play, these AI-generated influencer accounts are "probably one of the reasons my views are going down," St James told 404 Media. "It's because I'm competing with something that's unnatural." Alexios Mantzarlis, the director of the security, trust, and safety initiative at Cornell Tech and formerly principal of trust and safety intelligence at Google, started researching the problem to see where AI-generated content is taking social media and the internet. "It felt like a possible sign of what social media is going to look like in five years," said Mantzarlis. "Because this may be coming to other parts of the internet, not just the attractive-people niche on Instagram. This is probably a sign that it's going to be pretty bad."Read more of this story at Slashdot.

Five local privilege escalation (LPE) vulnerabilities in the Linux utility "needrestart" -- widely used on Ubuntu to manage service updates -- allow attackers with local access to escalate privileges to root. The flaws were discovered by Qualys in needrestart version 0.8, and fixed in version 3.8. BleepingComputer reports: Complete information about the flaws was made available in a separate text file, but a summary can be found below: - CVE-2024-48990: Needrestart executes the Python interpreter with a PYTHONPATH environment variable extracted from running processes. If a local attacker controls this variable, they can execute arbitrary code as root during Python initialization by planting a malicious shared library.- CVE-2024-48992: The Ruby interpreter used by needrestart is vulnerable when processing an attacker-controlled RUBYLIB environment variable. This allows local attackers to execute arbitrary Ruby code as root by injecting malicious libraries into the process.- CVE-2024-48991: A race condition in needrestart allows a local attacker to replace the Python interpreter binary being validated with a malicious executable. By timing the replacement carefully, they can trick needrestart into running their code as root.- CVE-2024-10224: Perl's ScanDeps module, used by needrestart, improperly handles filenames provided by the attacker. An attacker can craft filenames resembling shell commands (e.g., command|) to execute arbitrary commands as root when the file is opened.- CVE-2024-11003: Needrestart's reliance on Perl's ScanDeps module exposes it to vulnerabilities in ScanDeps itself, where insecure use of eval() functions can lead to arbitrary code execution when processing attacker-controlled input. The report notes that attackers would need to have local access to the operation system through malware or a compromised account in order to exploit these flaws. "Apart from upgrading to version 3.8 or later, which includes patches for all the identified vulnerabilities, it is recommended to modify the needrestart.conf file to disable the interpreter scanning feature, which prevents the vulnerabilities from being exploited," adds BleepingComputer.Read more of this story at Slashdot.